admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-10-10T16:00:19.035045+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-10-10 16:03:19 +00:00
parent 23ff0a7008
commit 773980676f
51 changed files with 3607 additions and 783 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
CVE-2012/CVE-2012-16xx/CVE-2012-1661.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-1661",
"sourceIdentifier": "cve@mitre.org",
"published": "2012-07-12T21:55:04.750",
"lastModified": "2012-07-16T04:00:00.000",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-10T14:30:09.217",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -63,19 +63,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:esri:arcgis:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:esri:arcmap:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.0.2.3200",
"matchCriteriaId": "115754BF-1DA3-478B-A570-70D1DE885EAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:esri:arcgis:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17F291A5-FAAD-4B01-85B2-1267D63EE64D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:esri:arcmap:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9106104-FDC4-41A4-9EC0-00EECA478166"
"matchCriteriaId": "E3A6EBE1-B65C-4908-ACAB-7BD8AAD76296"
}
]
}
@ -101,18 +91,25 @@
"url": "http://www.exploit-db.com/exploits/19138",
"source": "cve@mitre.org",
"tags": [
"Exploit"
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.osvdb.org/82986",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securitytracker.com/id?1027170",
"source": "cve@mitre.org",
"tags": [
"Exploit"
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]

24
CVE-2021/CVE-2021-413xx/CVE-2021-41309.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-41309",
"sourceIdentifier": "security@atlassian.com",
"published": "2021-12-08T04:15:06.637",
"lastModified": "2021-12-09T16:47:00.867",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-10T14:35:00.837",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [

24
CVE-2021/CVE-2021-413xx/CVE-2021-41311.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-41311",
"sourceIdentifier": "security@atlassian.com",
"published": "2021-12-08T04:15:06.680",
"lastModified": "2021-12-09T16:45:15.757",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-10T14:35:01.190",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [

24
CVE-2021/CVE-2021-413xx/CVE-2021-41312.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-41312",
"sourceIdentifier": "security@atlassian.com",
"published": "2021-11-03T04:15:09.127",
"lastModified": "2021-11-04T21:08:43.730",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-10T14:35:01.433",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [

128
CVE-2022/CVE-2022-343xx/CVE-2022-34310.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34310",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-02-12T18:15:07.830",
"lastModified": "2024-02-12T20:39:15.693",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-10T15:12:13.673",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -51,18 +71,108 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/229441",
"source": "psirt@us.ibm.com"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cics_tx:*:*:*:*:standard:*:*:*",
"versionEndExcluding": "11.1.0.0",
"matchCriteriaId": "CD9B46EE-E9B5-4F1A-A4FC-1C3136A82700"
},
{
"url": "https://www.ibm.com/support/pages/node/6832922",
"source": "psirt@us.ibm.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cics_tx:11.1.0.0:-:*:*:advanced:*:*:*",
"matchCriteriaId": "E9A6DBF4-1669-4157-BC29-47BDBECC02C5"
},
{
"url": "https://www.ibm.com/support/pages/node/6832924",
"source": "psirt@us.ibm.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cics_tx:11.1.0.0:-:*:*:standard:*:*:*",
"matchCriteriaId": "2E54DF77-511D-4C8A-88B0-3ABB4E232273"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_1:*:*:advanced:*:*:*",
"matchCriteriaId": "5E4B7AA4-0215-4B55-B0A5-B6988113539F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_1:*:*:standard:*:*:*",
"matchCriteriaId": "02FE1FD1-BEB7-485B-8C4F-69BB0B364800"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_2:*:*:advanced:*:*:*",
"matchCriteriaId": "6958A7A8-E530-49AD-B303-75EE267D2835"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_2:*:*:standard:*:*:*",
"matchCriteriaId": "630F214B-71DD-426B-94A7-656F300B51D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_3:*:*:advanced:*:*:*",
"matchCriteriaId": "8C50DC0C-B29C-4E51-A0BF-E2F105607999"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_3:*:*:standard:*:*:*",
"matchCriteriaId": "6164818E-D76D-4B89-B97A-837D204B765A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_4:*:*:advanced:*:*:*",
"matchCriteriaId": "B84371E5-1F26-4259-BC53-35E1831F68E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cics_tx:11.1.0.0:interim_fix_4:*:*:standard:*:*:*",
"matchCriteriaId": "B15AA178-3D88-42AD-8714-67B53900766C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/229441",
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6832922",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6832924",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

86
CVE-2022/CVE-2022-387xx/CVE-2022-38714.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-38714",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-02-12T18:15:08.057",
"lastModified": "2024-02-12T20:39:15.693",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-10T15:32:29.487",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -39,14 +59,64 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/235060",
"source": "psirt@us.ibm.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.ibm.com/support/pages/node/6618039",
"source": "psirt@us.ibm.com"
"lang": "en",
"value": "CWE-522"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:datastage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50F3430A-08E3-4007-977F-7D3834D0AC61"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:ibm:cloud_pak_for_data:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.6",
"versionEndIncluding": "4.5.2",
"matchCriteriaId": "5B2EC553-418D-4589-B933-F7E1EFAEC6D1"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/235060",
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6618039",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

34
CVE-2023/CVE-2023-15xx/CVE-2023-1531.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1531",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-03-21T21:15:12.527",
"lastModified": "2023-10-20T20:47:03.977",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-10T15:35:04.080",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-15xx/CVE-2023-1532.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1532",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-03-21T21:15:12.613",
"lastModified": "2023-10-20T20:47:08.577",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-10T15:35:04.993",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-15xx/CVE-2023-1533.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1533",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-03-21T21:15:12.690",
"lastModified": "2023-10-20T20:47:12.877",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-10T15:35:05.857",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

24
CVE-2023/CVE-2023-332xx/CVE-2023-33234.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33234",
"sourceIdentifier": "security@apache.org",
"published": "2023-05-30T11:15:09.553",
"lastModified": "2023-06-05T16:45:22.593",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-10T15:35:07.983",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},

14
CVE-2023/CVE-2023-393xx/CVE-2023-39380.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39380",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-08-13T12:15:43.647",
"lastModified": "2023-08-17T02:18:37.127",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-10T15:35:08.920",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -55,6 +55,16 @@
"value": "CWE-264"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-393xx/CVE-2023-39381.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39381",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-08-13T12:15:44.950",
"lastModified": "2023-08-17T02:12:38.623",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-10T15:35:09.677",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -55,6 +55,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-116"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-393xx/CVE-2023-39382.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39382",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-08-13T12:15:45.167",
"lastModified": "2023-08-17T02:13:28.870",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-10T15:35:10.383",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -55,6 +55,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-116"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-393xx/CVE-2023-39386.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39386",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-08-13T13:15:10.597",
"lastModified": "2023-08-17T19:40:00.127",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-10T14:35:03.147",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -55,6 +55,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-116"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-393xx/CVE-2023-39388.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39388",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-08-13T12:15:45.667",
"lastModified": "2023-08-17T14:17:35.187",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-10T15:35:11.660",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -55,6 +55,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1285"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-393xx/CVE-2023-39389.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39389",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-08-13T12:15:45.877",
"lastModified": "2023-08-17T14:16:10.203",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-10T15:35:12.470",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -55,6 +55,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1285"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-393xx/CVE-2023-39390.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39390",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-08-13T13:15:11.090",
"lastModified": "2023-08-17T18:06:24.980",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-10T14:35:04.077",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -55,6 +55,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-116"
}
]
}
],
"configurations": [

4
CVE-2023/CVE-2023-490xx/CVE-2023-49069.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2023-49069",
"sourceIdentifier": "productcert@siemens.com",
"published": "2024-09-10T10:15:08.947",
"lastModified": "2024-09-12T11:15:15.173",
"lastModified": "2024-10-10T15:15:14.937",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Mendix Runtime V10 (All versions < V10.14.0 only if the basic authentication mechanism is used by the application), Mendix Runtime V10.12 (All versions < V10.12.2 only if the basic authentication mechanism is used by the application), Mendix Runtime V10.6 (All versions < V10.6.12 only if the basic authentication mechanism is used by the application), Mendix Runtime V8 (All versions < V8.18.31 only if the basic authentication mechanism is used by the application), Mendix Runtime V9 (All versions < V9.24.26 only if the basic authentication mechanism is used by the application). The authentication mechanism of affected applications contains an observable response discrepancy vulnerability when validating usernames. This could allow unauthenticated remote attackers to distinguish between valid and invalid usernames."
"value": "A vulnerability has been identified in Mendix Runtime V10 (All versions only if the basic authentication mechanism is used by the application), Mendix Runtime V10.12 (All versions only if the basic authentication mechanism is used by the application), Mendix Runtime V10.6 (All versions only if the basic authentication mechanism is used by the application), Mendix Runtime V8 (All versions < V8.18.32 only if the basic authentication mechanism is used by the application), Mendix Runtime V9 (All versions only if the basic authentication mechanism is used by the application). The authentication mechanism of affected applications contains an observable response discrepancy vulnerability when validating usernames. This could allow unauthenticated remote attackers to distinguish between valid and invalid usernames."
},
{
"lang": "es",

76
CVE-2023/CVE-2023-493xx/CVE-2023-49339.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49339",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-13T01:15:08.287",
"lastModified": "2024-02-13T14:01:40.577",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-10T15:47:52.090",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,75 @@
"value": "Ellucian Banner 9.17 permite la referencia directa a objetos inseguros (IDOR) a trav\u00e9s de un bannerId modificado al endpoint /StudentSelfService/ssb/studentCard/retrieveData."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/3zizme/CVE-2023-49339/",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://www.ellucian.com/solutions/ellucian-banner",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ellucian:banner:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.17",
"matchCriteriaId": "BCE7616F-99A2-4553-8B0B-27A7D2ABC6E9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/3zizme/CVE-2023-49339/",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.ellucian.com/solutions/ellucian-banner",
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

115
CVE-2023/CVE-2023-66xx/CVE-2023-6681.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6681",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-02-12T14:15:08.003",
"lastModified": "2024-05-22T17:16:09.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-10T14:32:07.260",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -51,18 +71,91 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:3267",
"source": "secalert@redhat.com"
},
"nodes": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6681",
"source": "secalert@redhat.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260843",
"source": "secalert@redhat.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:latchset:jwcrypto:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.5.1",
"matchCriteriaId": "017B326C-B6EA-4E6C-8CDD-4651FBAC0146"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F797F2E-00E6-4D03-A94E-524227529A0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "87C21FE1-EA5C-498F-9C6C-D05F91A88217"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "47811209-5CE5-4375-8391-B0A7F6A0E420"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:3267",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6681",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260843",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

315
CVE-2024/CVE-2024-10xx/CVE-2024-1062.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1062",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-02-12T13:15:09.210",
"lastModified": "2024-10-01T19:15:07.107",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-10T14:22:28.617",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,46 +51,283 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:1074",
"source": "secalert@redhat.com"
},
"nodes": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:1372",
"source": "secalert@redhat.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:3047",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4209",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4633",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:5690",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:7458",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-1062",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256711",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2261879",
"source": "secalert@redhat.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:389_directory_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2.0",
"matchCriteriaId": "555F8661-DCE6-441E-9251-CD8D8E8734F6"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:directory_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE19AC-8DA8-4574-B122-CF1FFB20875D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:directory_server:11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9684A709-4D17-4AEB-BB13-9DC3B75EF902"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:directory_server:11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9BF83982-31CF-4692-9055-BB65B59AFA08"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:41:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D4E93B-C80E-4F15-9177-8B31016381C0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:directory_server:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DAF61A-58A9-41A6-A4DC-64148055B0C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3741B8-851F-475D-B428-523F4F722350"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3EFBEEE7-8BC5-4F4E-8EFA-42A6743152BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "83981111-E13A-4A88-80FD-F63D7CCAA47F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "78825319-8A45-4880-B7C4-2B223029DDD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C415CABF-E1C4-4E95-9424-AEEEAFF1CAE7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "83364F5C-57F4-4D57-B54F-540CAC1D7753"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A49ABD84-6755-4894-AD4E-49AAD39933C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "71DDE212-1018-4554-9C06-4908442DE134"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "76C24D94-834A-4E9D-8F73-624AFA99AAA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "871A5C26-DB7B-4870-A5B2-5DD24C90B4A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "12A809B2-2771-4780-9E0D-6A7B4A534CFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4AEBCB-B1E6-4A6A-9E8C-DDC5A003BCB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1272DF03-7674-4BD4-8E64-94004B195448"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CA946D-1665-4874-9D41-C7D963DD1F56"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB096D5D-E8F6-4164-8B76-0217B7151D30"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "01ED4F33-EBE7-4C04-8312-3DA580EFFB68"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:1074",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1372",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3047",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4209",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4633",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:5690",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:7458",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-1062",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256711",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2261879",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-213xx/CVE-2024-21338.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21338",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-02-13T18:15:49.083",
"lastModified": "2024-10-09T02:15:15.920",
"vulnStatus": "Modified",
"lastModified": "2024-10-10T15:14:00.550",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2024-03-04",
"cisaActionDue": "2024-03-25",

61
CVE-2024/CVE-2024-220xx/CVE-2024-22043.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22043",
"sourceIdentifier": "productcert@siemens.com",
"published": "2024-02-13T09:15:47.360",
"lastModified": "2024-02-13T14:01:07.747",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-10T15:44:13.010",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
@ -51,10 +71,39 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-797296.html",
"source": "productcert@siemens.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:parasolid:*:*:*:*:*:*:*:*",
"versionStartIncluding": "35.0",
"versionEndExcluding": "35.0.251",
"matchCriteriaId": "4EF5BF46-A735-47C2-8E1B-CB9DC1FEF9FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:parasolid:*:*:*:*:*:*:*:*",
"versionStartIncluding": "35.1",
"versionEndExcluding": "35.1.170",
"matchCriteriaId": "FBCA45E2-0E76-48DB-890E-A94B65543B13"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-797296.html",
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2024/CVE-2024-221xx/CVE-2024-22126.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22126",
"sourceIdentifier": "cna@sap.com",
"published": "2024-02-13T02:15:08.107",
"lastModified": "2024-02-13T14:01:40.577",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-10T15:56:49.207",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.3
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -51,14 +71,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://me.sap.com/notes/3417627",
"source": "cna@sap.com"
},
"nodes": [
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "9C506445-3787-4BFF-A98B-7502A0F7CF80"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3417627",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2024/CVE-2024-248xx/CVE-2024-24884.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24884",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T09:15:12.320",
"lastModified": "2024-10-10T13:37:34.213",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-10T14:04:13.600",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,9 +80,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ari-soft:contact_form_7_connector:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:ari-soft:contact_form_7_connector:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.2",
"matchCriteriaId": "D6F2F04F-EB55-459A-82DB-48A8721CADDB"
"matchCriteriaId": "8890A9FE-AACE-4DD8-91A3-2A56E3A87F48"
}
]
}

79
CVE-2024/CVE-2024-253xx/CVE-2024-25360.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25360",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-12T16:15:08.730",
"lastModified": "2024-02-12T17:31:21.670",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-10T14:43:01.797",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,78 @@
"value": "Una interfaz oculta en Motorola CX2L Router firmware v1.0.1, filtra informaci\u00f3n sobre el componente SystemWizardStatus mediante el env\u00edo de una solicitud manipulada a device_web_ip."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/leetsun/Hints/tree/main/moto-CX2L/4",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:motorola:cx2l_firmware:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9B4E80-5736-4ADB-A361-61913626B12C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:motorola:cx2l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD9BFD1D-DBCB-4E7E-9224-5246C0BF9210"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/leetsun/Hints/tree/main/moto-CX2L/4",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

51
CVE-2024/CVE-2024-259xx/CVE-2024-25914.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25914",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-13T05:15:09.320",
"lastModified": "2024-02-13T14:01:07.747",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-10T15:57:37.980",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/smtp-mail/wordpress-smtp-mail-plugin-1-3-20-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:photoboxone:smtp_mail:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3.20",
"matchCriteriaId": "82D2A74E-1179-471C-BDD5-7D7D689B02A8"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/smtp-mail/wordpress-smtp-mail-plugin-1-3-20-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2024/CVE-2024-382xx/CVE-2024-38259.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-38259",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-09-10T17:15:31.990",
"lastModified": "2024-09-13T14:56:28.637",
"lastModified": "2024-10-10T14:02:28.917",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -107,8 +107,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"versionEndIncluding": "10.0.26100.1742",
"matchCriteriaId": "0E7D2B19-7F37-48FE-8727-A7CB75EDE6CE"
"versionEndExcluding": "10.0.26100.1742",
"matchCriteriaId": "6231A772-376C-4ED3-919B-EAD9D1439021"
},
{
"vulnerable": true,

398
CVE-2024/CVE-2024-435xx/CVE-2024-43572.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43572",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-10-08T18:15:24.593",
"lastModified": "2024-10-09T16:16:45.687",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-10T15:25:33.310",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2024-10-08",
"cisaActionDue": "2024-10-29",
@ -45,8 +45,18 @@
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,10 +65,386 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43572",
"source": "secure@microsoft.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.6414",
"matchCriteriaId": "EE205A52-173D-44F2-AAD0-A45F5FF4D603"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.6414",
"matchCriteriaId": "8ED2CAD8-D2E2-4AF5-874A-2938D3C3EA0F"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6414",
"matchCriteriaId": "F003109E-32C0-4044-89D6-2747366E051D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.2762",
"matchCriteriaId": "F438CECD-698A-4BDF-8B02-B4FE9E5B86E9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.3260",
"matchCriteriaId": "FE4A4090-29D6-4B44-9B01-858886DAD93D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.3260",
"matchCriteriaId": "41629AD7-FF9A-4C54-9FFE-800F4C1E719B"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19044.5011",
"matchCriteriaId": "D13B5EE1-0F5A-4DD8-9462-18FC0D2A59EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19044.5011",
"matchCriteriaId": "857DFFF9-C926-41C5-96E6-7CD3DD86FDD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.5011",
"matchCriteriaId": "73AD21BF-973F-47E2-8831-A8B9DD066D75"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.4317",
"matchCriteriaId": "89687486-E330-4475-9119-0E0AD18F8129"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.4317",
"matchCriteriaId": "0B0F11A8-E14B-4A82-BB09-C4259FC6B0E6"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19045.5011",
"matchCriteriaId": "6DDD519F-4617-4958-A2AA-5E5EC9D6E0E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.5011",
"matchCriteriaId": "FD728A6F-4F70-4407-B19C-92DF529793EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19045.5011",
"matchCriteriaId": "11B05B8E-F956-45E2-A735-B3169384178F"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h3:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22631.4317",
"matchCriteriaId": "F9395C1C-1B56-4A5A-BC79-9222906FE789"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22631.4317",
"matchCriteriaId": "6D7CF880-E057-4694-8DD2-FF62D41A5BB7"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.25398.1189",
"matchCriteriaId": "432C6418-0A8F-42DB-ACD2-22661619A8F4"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.26100.2033",
"matchCriteriaId": "1262CACE-C787-4F46-9E12-C9F254225FC5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.26100.2033",
"matchCriteriaId": "ED2BB762-C417-4B64-80A2-ED152893FAD7"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20796",
"matchCriteriaId": "8D5CDF9D-43B5-411C-9627-14DECDA937BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20796",
"matchCriteriaId": "84562B34-6BC0-4DBD-B153-C8F1A065A08D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.7428",
"matchCriteriaId": "58DB776E-E3B6-4990-8AA2-6A63FDAA84C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.7428",
"matchCriteriaId": "4AC4CAAB-C035-4D00-8DBC-9C3CE39FBBD4"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7428",
"matchCriteriaId": "AF65E43A-AD45-43C6-A371-7C29C5CA0BA7"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.22918",
"matchCriteriaId": "2687CF2E-B586-40A0-BAEC-3BE25F8AFB54"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.22918",
"matchCriteriaId": "2687CF2E-B586-40A0-BAEC-3BE25F8AFB54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.0.6003.22918",
"matchCriteriaId": "1D49F0DD-282D-4967-8559-F66C5B161728"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.0.6003.22918",
"matchCriteriaId": "1D49F0DD-282D-4967-8559-F66C5B161728"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.25118",
"matchCriteriaId": "363CAA3C-BCE9-43B7-AF45-4539EB87BA0C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_r2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.3.9600.22221",
"matchCriteriaId": "6AA9D814-0076-4851-B95B-5073AC382D8D"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43572",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

398
CVE-2024/CVE-2024-435xx/CVE-2024-43573.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43573",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-10-08T18:15:24.817",
"lastModified": "2024-10-09T16:16:42.877",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-10T15:54:19.353",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2024-10-08",
"cisaActionDue": "2024-10-29",
@ -22,8 +22,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
@ -45,8 +65,18 @@
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,10 +85,364 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43573",
"source": "secure@microsoft.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19045.5011",
"matchCriteriaId": "6DDD519F-4617-4958-A2AA-5E5EC9D6E0E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.5011",
"matchCriteriaId": "FD728A6F-4F70-4407-B19C-92DF529793EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19045.5011",
"matchCriteriaId": "11B05B8E-F956-45E2-A735-B3169384178F"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.3260",
"matchCriteriaId": "011A7B27-0084-4C73-8E59-A17C0862B098"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.22000.3260",
"matchCriteriaId": "6FD17BE4-CA3A-4392-BB5E-2A43DB2E3D57"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.4317",
"matchCriteriaId": "89687486-E330-4475-9119-0E0AD18F8129"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.4317",
"matchCriteriaId": "0B0F11A8-E14B-4A82-BB09-C4259FC6B0E6"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h3:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22631.4317",
"matchCriteriaId": "FAF3DC83-B324-48EC-9B4D-D72375992D35"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348..2762",
"matchCriteriaId": "AC8DD27D-4538-4CB9-894A-3BF3DFF9D25A"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.1189",
"matchCriteriaId": "95D955C0-5BD1-41A9-959E-4F2F4282CCD4"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19044.5011",
"matchCriteriaId": "D13B5EE1-0F5A-4DD8-9462-18FC0D2A59EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19044.5011",
"matchCriteriaId": "857DFFF9-C926-41C5-96E6-7CD3DD86FDD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.5011",
"matchCriteriaId": "73AD21BF-973F-47E2-8831-A8B9DD066D75"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22631.4317",
"matchCriteriaId": "6D7CF880-E057-4694-8DD2-FF62D41A5BB7"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6414",
"matchCriteriaId": "F003109E-32C0-4044-89D6-2747366E051D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.6414",
"matchCriteriaId": "EE205A52-173D-44F2-AAD0-A45F5FF4D603"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.6414",
"matchCriteriaId": "8ED2CAD8-D2E2-4AF5-874A-2938D3C3EA0F"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.6414",
"matchCriteriaId": "F003109E-32C0-4044-89D6-2747366E051D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.26100.2033",
"matchCriteriaId": "1262CACE-C787-4F46-9E12-C9F254225FC5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.26100.2033",
"matchCriteriaId": "ED2BB762-C417-4B64-80A2-ED152893FAD7"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20796",
"matchCriteriaId": "8D5CDF9D-43B5-411C-9627-14DECDA937BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20796",
"matchCriteriaId": "84562B34-6BC0-4DBD-B153-C8F1A065A08D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7428",
"matchCriteriaId": "AF65E43A-AD45-43C6-A371-7C29C5CA0BA7"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.7428",
"matchCriteriaId": "58DB776E-E3B6-4990-8AA2-6A63FDAA84C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.7428",
"matchCriteriaId": "4AC4CAAB-C035-4D00-8DBC-9C3CE39FBBD4"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_r2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.22221",
"matchCriteriaId": "585A59A3-0F7E-4FC1-BA5E-B33261DC3F49"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.7428",
"matchCriteriaId": "AF65E43A-AD45-43C6-A371-7C29C5CA0BA7"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_r2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.3.9600.22221",
"matchCriteriaId": "6AA9D814-0076-4851-B95B-5073AC382D8D"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43573",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

16
CVE-2024/CVE-2024-447xx/CVE-2024-44711.json Normal file
View File

@ -0,0 +1,16 @@
{
"id": "CVE-2024-44711",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-10T14:15:04.777",
"lastModified": "2024-10-10T14:15:04.777",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
],
"metrics": {},
"references": []
}

91
CVE-2024/CVE-2024-449xx/CVE-2024-44994.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44994",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-04T20:15:08.307",
"lastModified": "2024-09-05T12:53:21.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-10T15:59:06.093",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,90 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iommu: Restaurar retorno perdido en iommu_report_device_fault() Cuando se llama a iommu_report_device_fault con un error parcial, se supone que debe recopilar el error en el grupo y luego regresar. En cambio, el retorno se elimin\u00f3 accidentalmente, lo que da como resultado el intento de procesar el error y un bloqueo final. Eliminar el retorno fue un error tipogr\u00e1fico, vuelva a colocarlo."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/cc6bc2ab1663ec9353636416af22452b078510e9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/fca5b78511e98bdff2cdd55c172b23200a7b3404",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "E94ACAFB-7FD4-4D6C-B1EF-5ACFEF7D85D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/cc6bc2ab1663ec9353636416af22452b078510e9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fca5b78511e98bdff2cdd55c172b23200a7b3404",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

9
CVE-2024/CVE-2024-455xx/CVE-2024-45519.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45519",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-02T22:15:02.770",
"lastModified": "2024-10-09T21:35:11.373",
"vulnStatus": "Modified",
"lastModified": "2024-10-10T15:04:49.143",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2024-10-03",
"cisaActionDue": "2024-10-24",
@ -499,11 +499,6 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "E09D95A4-764D-4E0B-8605-1D94FD548AB2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6198F75A-353D-4079-91DE-A7CC22DFE8B0"
}
]
}

4
CVE-2024/CVE-2024-463xx/CVE-2024-46304.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-46304",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-09T16:15:04.437",
"lastModified": "2024-10-10T12:51:56.987",
"lastModified": "2024-10-10T14:15:05.100",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Buffer Overflow vulnerability in libcoap v4.3.5-rc2 and below allows a remote attacker to cause a denial of service via the coap_handle_request_put_block function in src/coap_block.c."
"value": "A NULL pointer dereference in libcoap v4.3.5-rc2 and below allows a remote attacker to cause a denial of service via the coap_handle_request_put_block function in src/coap_block.c."
},
{
"lang": "es",

58
CVE-2024/CVE-2024-465xx/CVE-2024-46503.json
View File

@ -2,63 +2,15 @@
"id": "CVE-2024-46503",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-30T21:15:03.590",
"lastModified": "2024-10-07T19:37:30.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-10T14:15:05.183",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in the _readFileSync function of Simple-Spellchecker v1.0.2 allows attackers to read arbitrary files via a directory traversal."
},
{
"lang": "es",
"value": "Un problema en la funci\u00f3n _readFileSync de Simple-Spellchecker v1.0.2 permite a los atacantes leer archivos arbitrarios a trav\u00e9s de un directory traversal."
"value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/guilherme-goncalves793/30d62c12fffd18d4058f4aebe188f462",
"source": "cve@mitre.org"
},
{
"url": "https://gist.github.com/guilherme-goncalves793/9c3125c6c8e33e0d9216847118137c63",
"source": "cve@mitre.org"
}
]
"metrics": {},
"references": []
}

78
CVE-2024/CVE-2024-46xx/CVE-2024-4658.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-4658",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-10-10T14:15:05.587",
"lastModified": "2024-10-10T14:15:05.587",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection: Hibernate vulnerability in TE Informatics Nova CMS allows SQL Injection.This issue affects Nova CMS: before 5.0."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "iletisim@usom.gov.tr",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 6.9,
"baseSeverity": "MEDIUM"
}
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-564"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-1661",
"source": "iletisim@usom.gov.tr"
}
]
}

4
CVE-2024/CVE-2024-78xx/CVE-2024-7840.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-7840",
"sourceIdentifier": "security@progress.com",
"published": "2024-10-09T15:15:16.687",
"lastModified": "2024-10-10T12:51:56.987",
"lastModified": "2024-10-10T15:15:15.237",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Progress Telerik Reporting versions prior to 2024 Q3 (2024.3.924), a command injection attack is possible through improper neutralization of hyperlink elements."
"value": "In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a command injection attack is possible through improper neutralization of hyperlink elements."
},
{
"lang": "es",

27
CVE-2024/CVE-2024-91xx/CVE-2024-9156.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-9156",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-10-10T06:15:11.290",
"lastModified": "2024-10-10T12:51:56.987",
"lastModified": "2024-10-10T15:35:15.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento TI WooCommerce Wishlist de WordPress hasta la versi\u00f3n 2.8.2 es vulnerable a la inyecci\u00f3n SQL debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto hace posible que atacantes no autenticados agreguen consultas SQL adicionales a consultas ya existentes que se pueden usar para extraer informaci\u00f3n confidencial de la base de datos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.4
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/e95974f9-1f68-4181-89b0-3559d61cfa93/",

60
CVE-2024/CVE-2024-93xx/CVE-2024-9312.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9312",
"sourceIdentifier": "security@ubuntu.com",
"published": "2024-10-10T14:15:05.863",
"lastModified": "2024-10-10T14:15:05.863",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authd, through version 0.3.6, did not sufficiently randomize user IDs to prevent collisions. A local attacker who can register user names could spoof another user's ID and gain their privileges."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-286"
}
]
}
],
"references": [
{
"url": "https://github.com/ubuntu/authd/security/advisories/GHSA-4gfw-wf7c-w6g2",
"source": "security@ubuntu.com"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9312",
"source": "security@ubuntu.com"
}
]
}

61
CVE-2024/CVE-2024-93xx/CVE-2024-9379.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9379",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-10-08T17:15:56.727",
"lastModified": "2024-10-10T12:56:30.817",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-10T15:53:20.427",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2024-10-09",
"cisaActionDue": "2024-10-30",
@ -21,6 +21,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
@ -44,6 +64,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
@ -55,10 +85,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.0.2",
"matchCriteriaId": "B633ABF6-4CAD-462D-B6C9-F209D90EAFD9"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-93xx/CVE-2024-9380.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9380",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-10-08T17:15:56.970",
"lastModified": "2024-10-10T12:56:30.817",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-10T15:50:03.240",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2024-10-09",
"cisaActionDue": "2024-10-30",
@ -21,6 +21,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
@ -44,6 +64,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
@ -55,10 +85,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.0.2",
"matchCriteriaId": "B633ABF6-4CAD-462D-B6C9-F209D90EAFD9"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

137
CVE-2024/CVE-2024-97xx/CVE-2024-9787.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-9787",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-10T14:15:06.243",
"lastModified": "2024-10-10T14:15:06.243",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in Contemporary Control System BASrouter BACnet BASRT-B 2.7.2. This affects an unknown part of the component UDP Packet Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 6.9,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-404"
}
]
}
],
"references": [
{
"url": "https://github.com/isZzzz/BASRT-B_BriefDoS_Document/blob/main/report.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.279939",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.279939",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.414499",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2024/CVE-2024-97xx/CVE-2024-9788.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-9788",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-10T14:15:06.537",
"lastModified": "2024-10-10T14:15:06.537",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in LyLme_spage 1.9.5 and classified as critical. This vulnerability affects unknown code of the file /admin/tag.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.279940",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.279940",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.414574",
"source": "cna@vuldb.com"
},
{
"url": "https://wiki.shikangsi.com/post/share/9c237d56-972e-40b4-9656-a1083ed84702",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2024/CVE-2024-97xx/CVE-2024-9789.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-9789",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-10T14:15:06.803",
"lastModified": "2024-10-10T14:15:06.803",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in LyLme_spage 1.9.5 and classified as critical. This issue affects some unknown processing of the file /admin/apply.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.279941",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.279941",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.414575",
"source": "cna@vuldb.com"
},
{
"url": "https://wiki.shikangsi.com/post/share/9c237d56-972e-40b4-9656-a1083ed84702",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2024/CVE-2024-97xx/CVE-2024-9790.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-9790",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-10T15:15:15.457",
"lastModified": "2024-10-10T15:15:15.457",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in LyLme_spage 1.9.5. It has been classified as critical. Affected is an unknown function of the file /admin/sou.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.279942",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.279942",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.414578",
"source": "cna@vuldb.com"
},
{
"url": "https://wiki.shikangsi.com/post/share/9c237d56-972e-40b4-9656-a1083ed84702",
"source": "cna@vuldb.com"
}
]
}

144
CVE-2024/CVE-2024-97xx/CVE-2024-9792.json Normal file
View File

@ -0,0 +1,144 @@
{
"id": "CVE-2024-9792",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-10T15:15:15.710",
"lastModified": "2024-10-10T15:15:15.710",
"vulnStatus": "Received",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in D-Link DSL-2750U R5B017. This affects an unknown part of the component Port Forwarding Page. The manipulation of the argument PortMappingDescription leads to cross site scripting. It is possible to initiate the attack remotely."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.279945",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.279945",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.415532",
"source": "cna@vuldb.com"
},
{
"url": "https://www.dlink.com/",
"source": "cna@vuldb.com"
}
]
}

27
CVE-2024/CVE-2024-97xx/CVE-2024-9796.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-9796",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-10-10T08:15:04.140",
"lastModified": "2024-10-10T12:51:56.987",
"lastModified": "2024-10-10T15:35:16.310",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento WP-Advanced-Search para WordPress anterior a la versi\u00f3n 3.3.9.2 no desinfecta ni escapa el par\u00e1metro t antes de usarlo en una declaraci\u00f3n SQL, lo que permite que usuarios no autenticados realicen ataques de inyecci\u00f3n SQL."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.4
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/2ddd6839-6bcb-4bb8-97e0-1516b8c2b99b/",

14
CVE-2024/CVE-2024-97xx/CVE-2024-9798.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-9798",
"sourceIdentifier": "zowe-security@lists.openmainframeproject.org",
"published": "2024-10-10T08:15:04.207",
"lastModified": "2024-10-10T12:51:56.987",
"lastModified": "2024-10-10T15:35:16.493",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
}
],
"references": [
{
"url": "https://github.com/zowe/api-layer",

14
CVE-2024/CVE-2024-98xx/CVE-2024-9802.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-9802",
"sourceIdentifier": "zowe-security@lists.openmainframeproject.org",
"published": "2024-10-10T08:15:04.387",
"lastModified": "2024-10-10T12:51:56.987",
"lastModified": "2024-10-10T15:35:17.230",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
}
],
"references": [
{
"url": "https://github.com/zowe/api-layer",

77
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-10-10T14:00:21.253206+00:00
2024-10-10T16:00:19.035045+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-10-10T13:55:20.437000+00:00
2024-10-10T15:59:06.093000+00:00
```
### Last Data Feed Release
@ -33,53 +33,52 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
265236
265244
```
### CVEs added in the last Commit
Recently added CVEs: `9`
Recently added CVEs: `8`
- [CVE-2024-35202](CVE-2024/CVE-2024-352xx/CVE-2024-35202.json) (`2024-10-10T13:15:14.077`)
- [CVE-2024-36051](CVE-2024/CVE-2024-360xx/CVE-2024-36051.json) (`2024-10-10T13:15:14.187`)
- [CVE-2024-6157](CVE-2024/CVE-2024-61xx/CVE-2024-6157.json) (`2024-10-10T13:15:14.370`)
- [CVE-2024-6530](CVE-2024/CVE-2024-65xx/CVE-2024-6530.json) (`2024-10-10T12:15:04.500`)
- [CVE-2024-9782](CVE-2024/CVE-2024-97xx/CVE-2024-9782.json) (`2024-10-10T12:15:04.810`)
- [CVE-2024-9783](CVE-2024/CVE-2024-97xx/CVE-2024-9783.json) (`2024-10-10T12:15:05.353`)
- [CVE-2024-9784](CVE-2024/CVE-2024-97xx/CVE-2024-9784.json) (`2024-10-10T12:15:05.623`)
- [CVE-2024-9785](CVE-2024/CVE-2024-97xx/CVE-2024-9785.json) (`2024-10-10T13:15:14.583`)
- [CVE-2024-9786](CVE-2024/CVE-2024-97xx/CVE-2024-9786.json) (`2024-10-10T13:15:14.860`)
- [CVE-2024-44711](CVE-2024/CVE-2024-447xx/CVE-2024-44711.json) (`2024-10-10T14:15:04.777`)
- [CVE-2024-4658](CVE-2024/CVE-2024-46xx/CVE-2024-4658.json) (`2024-10-10T14:15:05.587`)
- [CVE-2024-9312](CVE-2024/CVE-2024-93xx/CVE-2024-9312.json) (`2024-10-10T14:15:05.863`)
- [CVE-2024-9787](CVE-2024/CVE-2024-97xx/CVE-2024-9787.json) (`2024-10-10T14:15:06.243`)
- [CVE-2024-9788](CVE-2024/CVE-2024-97xx/CVE-2024-9788.json) (`2024-10-10T14:15:06.537`)
- [CVE-2024-9789](CVE-2024/CVE-2024-97xx/CVE-2024-9789.json) (`2024-10-10T14:15:06.803`)
- [CVE-2024-9790](CVE-2024/CVE-2024-97xx/CVE-2024-9790.json) (`2024-10-10T15:15:15.457`)
- [CVE-2024-9792](CVE-2024/CVE-2024-97xx/CVE-2024-9792.json) (`2024-10-10T15:15:15.710`)
### CVEs modified in the last Commit
Recently modified CVEs: `511`
Recently modified CVEs: `41`
- [CVE-2024-9471](CVE-2024/CVE-2024-94xx/CVE-2024-9471.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9473](CVE-2024/CVE-2024-94xx/CVE-2024-9473.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9518](CVE-2024/CVE-2024-95xx/CVE-2024-9518.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9519](CVE-2024/CVE-2024-95xx/CVE-2024-9519.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9520](CVE-2024/CVE-2024-95xx/CVE-2024-9520.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9522](CVE-2024/CVE-2024-95xx/CVE-2024-9522.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9549](CVE-2024/CVE-2024-95xx/CVE-2024-9549.json) (`2024-10-10T13:14:51.793`)
- [CVE-2024-9575](CVE-2024/CVE-2024-95xx/CVE-2024-9575.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9581](CVE-2024/CVE-2024-95xx/CVE-2024-9581.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9596](CVE-2024/CVE-2024-95xx/CVE-2024-9596.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9602](CVE-2024/CVE-2024-96xx/CVE-2024-9602.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9603](CVE-2024/CVE-2024-96xx/CVE-2024-9603.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9620](CVE-2024/CVE-2024-96xx/CVE-2024-9620.json) (`2024-10-10T12:56:30.817`)
- [CVE-2024-9621](CVE-2024/CVE-2024-96xx/CVE-2024-9621.json) (`2024-10-10T12:56:30.817`)
- [CVE-2024-9622](CVE-2024/CVE-2024-96xx/CVE-2024-9622.json) (`2024-10-10T12:56:30.817`)
- [CVE-2024-9623](CVE-2024/CVE-2024-96xx/CVE-2024-9623.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9671](CVE-2024/CVE-2024-96xx/CVE-2024-9671.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9675](CVE-2024/CVE-2024-96xx/CVE-2024-9675.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9680](CVE-2024/CVE-2024-96xx/CVE-2024-9680.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9685](CVE-2024/CVE-2024-96xx/CVE-2024-9685.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9780](CVE-2024/CVE-2024-97xx/CVE-2024-9780.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9781](CVE-2024/CVE-2024-97xx/CVE-2024-9781.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9796](CVE-2024/CVE-2024-97xx/CVE-2024-9796.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9798](CVE-2024/CVE-2024-97xx/CVE-2024-9798.json) (`2024-10-10T12:51:56.987`)
- [CVE-2024-9802](CVE-2024/CVE-2024-98xx/CVE-2024-9802.json) (`2024-10-10T12:51:56.987`)
- [CVE-2023-39390](CVE-2023/CVE-2023-393xx/CVE-2023-39390.json) (`2024-10-10T14:35:04.077`)
- [CVE-2023-49069](CVE-2023/CVE-2023-490xx/CVE-2023-49069.json) (`2024-10-10T15:15:14.937`)
- [CVE-2023-49339](CVE-2023/CVE-2023-493xx/CVE-2023-49339.json) (`2024-10-10T15:47:52.090`)
- [CVE-2023-6681](CVE-2023/CVE-2023-66xx/CVE-2023-6681.json) (`2024-10-10T14:32:07.260`)
- [CVE-2024-1062](CVE-2024/CVE-2024-10xx/CVE-2024-1062.json) (`2024-10-10T14:22:28.617`)
- [CVE-2024-21338](CVE-2024/CVE-2024-213xx/CVE-2024-21338.json) (`2024-10-10T15:14:00.550`)
- [CVE-2024-22043](CVE-2024/CVE-2024-220xx/CVE-2024-22043.json) (`2024-10-10T15:44:13.010`)
- [CVE-2024-22126](CVE-2024/CVE-2024-221xx/CVE-2024-22126.json) (`2024-10-10T15:56:49.207`)
- [CVE-2024-24884](CVE-2024/CVE-2024-248xx/CVE-2024-24884.json) (`2024-10-10T14:04:13.600`)
- [CVE-2024-25360](CVE-2024/CVE-2024-253xx/CVE-2024-25360.json) (`2024-10-10T14:43:01.797`)
- [CVE-2024-25914](CVE-2024/CVE-2024-259xx/CVE-2024-25914.json) (`2024-10-10T15:57:37.980`)
- [CVE-2024-38259](CVE-2024/CVE-2024-382xx/CVE-2024-38259.json) (`2024-10-10T14:02:28.917`)
- [CVE-2024-43572](CVE-2024/CVE-2024-435xx/CVE-2024-43572.json) (`2024-10-10T15:25:33.310`)
- [CVE-2024-43573](CVE-2024/CVE-2024-435xx/CVE-2024-43573.json) (`2024-10-10T15:54:19.353`)
- [CVE-2024-44994](CVE-2024/CVE-2024-449xx/CVE-2024-44994.json) (`2024-10-10T15:59:06.093`)
- [CVE-2024-45519](CVE-2024/CVE-2024-455xx/CVE-2024-45519.json) (`2024-10-10T15:04:49.143`)
- [CVE-2024-46304](CVE-2024/CVE-2024-463xx/CVE-2024-46304.json) (`2024-10-10T14:15:05.100`)
- [CVE-2024-46503](CVE-2024/CVE-2024-465xx/CVE-2024-46503.json) (`2024-10-10T14:15:05.183`)
- [CVE-2024-7840](CVE-2024/CVE-2024-78xx/CVE-2024-7840.json) (`2024-10-10T15:15:15.237`)
- [CVE-2024-9156](CVE-2024/CVE-2024-91xx/CVE-2024-9156.json) (`2024-10-10T15:35:15.513`)
- [CVE-2024-9379](CVE-2024/CVE-2024-93xx/CVE-2024-9379.json) (`2024-10-10T15:53:20.427`)
- [CVE-2024-9380](CVE-2024/CVE-2024-93xx/CVE-2024-9380.json) (`2024-10-10T15:50:03.240`)
- [CVE-2024-9796](CVE-2024/CVE-2024-97xx/CVE-2024-9796.json) (`2024-10-10T15:35:16.310`)
- [CVE-2024-9798](CVE-2024/CVE-2024-97xx/CVE-2024-9798.json) (`2024-10-10T15:35:16.493`)
- [CVE-2024-9802](CVE-2024/CVE-2024-98xx/CVE-2024-9802.json) (`2024-10-10T15:35:17.230`)
## Download and Usage

1112
_state.csv
View File

File diff suppressed because it is too large Load Diff