From 7c617f441ef28e74536594cdbc5f794187bc13af Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 25 Nov 2024 17:07:27 +0000 Subject: [PATCH] Auto-Update: 2024-11-25T17:04:15.383492+00:00 --- CVE-2023/CVE-2023-18xx/CVE-2023-1895.json | 67 ++++---- CVE-2023/CVE-2023-19xx/CVE-2023-1910.json | 65 +++++--- CVE-2023/CVE-2023-262xx/CVE-2023-26280.json | 55 +++++++ CVE-2023/CVE-2023-284xx/CVE-2023-28461.json | 47 +++++- CVE-2023/CVE-2023-428xx/CVE-2023-42889.json | 52 +++++- CVE-2023/CVE-2023-451xx/CVE-2023-45181.json | 55 +++++++ CVE-2023/CVE-2023-508xx/CVE-2023-50805.json | 29 +++- CVE-2023/CVE-2023-516xx/CVE-2023-51613.json | 97 ++++++++++- CVE-2023/CVE-2023-516xx/CVE-2023-51624.json | 105 ++++++++++-- CVE-2023/CVE-2023-516xx/CVE-2023-51625.json | 105 ++++++++++-- CVE-2023/CVE-2023-516xx/CVE-2023-51626.json | 105 ++++++++++-- CVE-2023/CVE-2023-516xx/CVE-2023-51627.json | 105 ++++++++++-- CVE-2023/CVE-2023-60xx/CVE-2023-6042.json | 23 ++- CVE-2023/CVE-2023-69xx/CVE-2023-6959.json | 67 ++++---- CVE-2023/CVE-2023-69xx/CVE-2023-6963.json | 67 ++++---- CVE-2024/CVE-2024-114xx/CVE-2024-11400.json | 43 ++++- CVE-2024/CVE-2024-116xx/CVE-2024-11631.json | 79 ++++++++- CVE-2024/CVE-2024-116xx/CVE-2024-11632.json | 79 ++++++++- CVE-2024/CVE-2024-116xx/CVE-2024-11646.json | 79 ++++++++- CVE-2024/CVE-2024-116xx/CVE-2024-11647.json | 79 ++++++++- CVE-2024/CVE-2024-116xx/CVE-2024-11648.json | 79 ++++++++- CVE-2024/CVE-2024-116xx/CVE-2024-11649.json | 79 ++++++++- CVE-2024/CVE-2024-116xx/CVE-2024-11670.json | 55 +++++++ CVE-2024/CVE-2024-116xx/CVE-2024-11671.json | 32 ++++ CVE-2024/CVE-2024-116xx/CVE-2024-11672.json | 32 ++++ CVE-2024/CVE-2024-272xx/CVE-2024-27231.json | 44 ++++- CVE-2024/CVE-2024-273xx/CVE-2024-27312.json | 74 ++++++++- CVE-2024/CVE-2024-279xx/CVE-2024-27906.json | 46 +++++- CVE-2024/CVE-2024-304xx/CVE-2024-30424.json | 58 ++++++- CVE-2024/CVE-2024-308xx/CVE-2024-30851.json | 48 +++++- CVE-2024/CVE-2024-354xx/CVE-2024-35401.json | 48 +++++- CVE-2024/CVE-2024-500xx/CVE-2024-50066.json | 32 +++- CVE-2024/CVE-2024-71xx/CVE-2024-7130.json | 59 +++++++ CVE-2024/CVE-2024-97xx/CVE-2024-9732.json | 55 ++++++- CVE-2024/CVE-2024-97xx/CVE-2024-9733.json | 55 ++++++- CVE-2024/CVE-2024-97xx/CVE-2024-9734.json | 65 +++++++- CVE-2024/CVE-2024-97xx/CVE-2024-9735.json | 55 ++++++- CVE-2024/CVE-2024-97xx/CVE-2024-9736.json | 55 ++++++- CVE-2024/CVE-2024-97xx/CVE-2024-9737.json | 55 ++++++- CVE-2024/CVE-2024-97xx/CVE-2024-9738.json | 65 +++++++- CVE-2024/CVE-2024-97xx/CVE-2024-9739.json | 65 +++++++- CVE-2024/CVE-2024-97xx/CVE-2024-9740.json | 55 ++++++- CVE-2024/CVE-2024-97xx/CVE-2024-9741.json | 65 +++++++- CVE-2024/CVE-2024-97xx/CVE-2024-9742.json | 65 +++++++- CVE-2024/CVE-2024-97xx/CVE-2024-9743.json | 65 +++++++- CVE-2024/CVE-2024-97xx/CVE-2024-9744.json | 55 ++++++- CVE-2024/CVE-2024-97xx/CVE-2024-9745.json | 65 +++++++- CVE-2024/CVE-2024-97xx/CVE-2024-9746.json | 55 ++++++- CVE-2024/CVE-2024-97xx/CVE-2024-9747.json | 55 ++++++- CVE-2024/CVE-2024-97xx/CVE-2024-9748.json | 55 ++++++- README.md | 69 ++++---- _state.csv | 168 ++++++++++---------- 52 files changed, 2882 insertions(+), 449 deletions(-) create mode 100644 CVE-2023/CVE-2023-262xx/CVE-2023-26280.json create mode 100644 CVE-2023/CVE-2023-451xx/CVE-2023-45181.json create mode 100644 CVE-2024/CVE-2024-116xx/CVE-2024-11670.json create mode 100644 CVE-2024/CVE-2024-116xx/CVE-2024-11671.json create mode 100644 CVE-2024/CVE-2024-116xx/CVE-2024-11672.json create mode 100644 CVE-2024/CVE-2024-71xx/CVE-2024-7130.json diff --git a/CVE-2023/CVE-2023-18xx/CVE-2023-1895.json b/CVE-2023/CVE-2023-18xx/CVE-2023-1895.json index 7ec3fedb51a..636f1c47ca6 100644 --- a/CVE-2023/CVE-2023-18xx/CVE-2023-1895.json +++ b/CVE-2023/CVE-2023-18xx/CVE-2023-1895.json @@ -2,9 +2,8 @@ "id": "CVE-2023-1895", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-09T06:15:58.997", - "lastModified": "2023-11-07T04:05:18.237", + "lastModified": "2024-11-25T16:47:33.943", "vulnStatus": "Modified", - "cveTags": [], "descriptions": [ { "lang": "en", @@ -13,32 +12,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 9.6, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.1, - "impactScore": 5.8 - }, { "source": "security@wordfence.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N", + "baseScore": 8.5, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -46,12 +27,30 @@ "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 8.5, - "baseSeverity": "HIGH" + "availabilityImpact": "NONE" }, "exploitabilityScore": 3.1, "impactScore": 4.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N", + "baseScore": 9.6, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 5.8 } ] }, @@ -64,9 +63,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:motopress:getwid_-_gutenberg_blocks:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:motopress:getwid:*:*:*:*:*:wordpress:*:*", "versionEndIncluding": "1.8.3", - "matchCriteriaId": "9B36C972-5CBB-4405-B193-C592A3BDCDA1" + "matchCriteriaId": "F49655FF-F97A-44F9-BF00-D0EF8661E0D1" } ] } @@ -87,6 +86,20 @@ "tags": [ "Third Party Advisory" ] + }, + { + "url": "https://plugins.trac.wordpress.org/browser/getwid/tags/1.8.3/includes/rest-api.php", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking" + ] + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e9c2a942-c14c-4b59-92a7-6946b2e4731b?source=cve", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-19xx/CVE-2023-1910.json b/CVE-2023/CVE-2023-19xx/CVE-2023-1910.json index 3feeb9ebab5..49f3082322e 100644 --- a/CVE-2023/CVE-2023-19xx/CVE-2023-1910.json +++ b/CVE-2023/CVE-2023-19xx/CVE-2023-1910.json @@ -2,9 +2,8 @@ "id": "CVE-2023-1910", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-09T06:15:59.433", - "lastModified": "2023-11-07T04:05:20.877", + "lastModified": "2024-11-25T16:47:33.943", "vulnStatus": "Modified", - "cveTags": [], "descriptions": [ { "lang": "en", @@ -13,32 +12,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - }, { "source": "security@wordfence.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -46,9 +27,27 @@ "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", - "availabilityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, - "baseSeverity": "MEDIUM" + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 1.4 @@ -64,9 +63,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:motopress:getwid_-_gutenberg_blocks:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:motopress:getwid:*:*:*:*:*:wordpress:*:*", "versionEndIncluding": "1.8.3", - "matchCriteriaId": "9B36C972-5CBB-4405-B193-C592A3BDCDA1" + "matchCriteriaId": "F49655FF-F97A-44F9-BF00-D0EF8661E0D1" } ] } @@ -87,6 +86,20 @@ "tags": [ "Third Party Advisory" ] + }, + { + "url": "https://plugins.trac.wordpress.org/browser/getwid/tags/1.8.3/includes/rest-api.php", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking" + ] + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6cd64ab0-007b-4778-9d92-06e530638fad?source=cve", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-262xx/CVE-2023-26280.json b/CVE-2023/CVE-2023-262xx/CVE-2023-26280.json new file mode 100644 index 00000000000..bfc557f339d --- /dev/null +++ b/CVE-2023/CVE-2023-262xx/CVE-2023-26280.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-26280", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-11-25T16:15:06.243", + "lastModified": "2024-11-25T16:15:06.243", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM Jazz Foundation 7.0.2 and 7.0.3\n\n\u00a0could allow a user to change their dashboard using a specially crafted HTTP request due to improper access control." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + } + ] + } + ], + "references": [ + { + "url": "https://www.ibm.com/support/pages/node/7176207", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-284xx/CVE-2023-28461.json b/CVE-2023/CVE-2023-284xx/CVE-2023-28461.json index fbcdcd03387..bc914946ea0 100644 --- a/CVE-2023/CVE-2023-284xx/CVE-2023-28461.json +++ b/CVE-2023/CVE-2023-284xx/CVE-2023-28461.json @@ -2,9 +2,8 @@ "id": "CVE-2023-28461", "sourceIdentifier": "cve@mitre.org", "published": "2023-03-15T23:15:10.070", - "lastModified": "2023-03-24T14:57:23.997", - "vulnStatus": "Analyzed", - "cveTags": [], + "lastModified": "2024-11-25T16:15:07.803", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -19,6 +18,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -26,9 +27,27 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 5.9 @@ -45,6 +64,16 @@ "value": "CWE-287" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] } ], "configurations": [ @@ -145,6 +174,14 @@ "Mitigation", "Vendor Advisory" ] + }, + { + "url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-428xx/CVE-2023-42889.json b/CVE-2023/CVE-2023-428xx/CVE-2023-42889.json index 3a845bffb42..eb280ac481b 100644 --- a/CVE-2023/CVE-2023-428xx/CVE-2023-42889.json +++ b/CVE-2023/CVE-2023-428xx/CVE-2023-42889.json @@ -2,9 +2,8 @@ "id": "CVE-2023-42889", "sourceIdentifier": "product-security@apple.com", "published": "2024-02-21T07:15:50.453", - "lastModified": "2024-02-22T19:07:27.197", + "lastModified": "2024-11-25T16:15:09.197", "vulnStatus": "Awaiting Analysis", - "cveTags": [], "descriptions": [ { "lang": "en", @@ -15,7 +14,42 @@ "value": "El problema se solucion\u00f3 con controles mejorados. Este problema se solucion\u00f3 en macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. Es posible que una aplicaci\u00f3n pueda omitir ciertas preferencias de privacidad." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-290" + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213983", @@ -28,6 +62,18 @@ { "url": "https://support.apple.com/en-us/HT213985", "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213983", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://support.apple.com/en-us/HT213985", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45181.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45181.json new file mode 100644 index 00000000000..73775def706 --- /dev/null +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45181.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-45181", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-11-25T16:15:11.273", + "lastModified": "2024-11-25T16:15:11.273", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM Jazz Foundation 7.0.2 and below are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.ibm.com/support/pages/node/7176207", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50805.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50805.json index f3a12dc9c4f..a9e0432bb9e 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50805.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50805.json @@ -2,9 +2,8 @@ "id": "CVE-2023-50805", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-09T19:15:10.590", - "lastModified": "2024-07-11T13:06:13.187", + "lastModified": "2024-11-25T16:15:11.600", "vulnStatus": "Awaiting Analysis", - "cveTags": [], "descriptions": [ { "lang": "en", @@ -23,6 +22,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", @@ -30,15 +31,25 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.1, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.2, "impactScore": 5.9 } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], "references": [ { "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/", @@ -47,6 +58,14 @@ { "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50805/", "source": "cve@mitre.org" + }, + { + "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2023-50805/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51613.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51613.json index 962a4973aef..2e117dbe735 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51613.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51613.json @@ -2,9 +2,8 @@ "id": "CVE-2023-51613", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:23.480", - "lastModified": "2024-05-03T12:48:41.067", - "vulnStatus": "Awaiting Analysis", - "cveTags": [], + "lastModified": "2024-11-25T16:58:48.337", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.0, + "baseSeverity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -23,6 +44,8 @@ "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.8, + "baseSeverity": "MEDIUM", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", @@ -30,9 +53,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.8, - "baseSeverity": "MEDIUM" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 0.9, "impactScore": 5.9 @@ -49,16 +70,76 @@ "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dir-x3260_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.04b01", + "matchCriteriaId": "A248082B-DE99-46B4-A262-1F15FADB311F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dir-x3260:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9F0A3774-EAF9-4A3B-B259-F4297FBC82F5" + } + ] + } + ] } ], "references": [ { "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10365", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-033/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10365", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-033/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51624.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51624.json index 4a9bc9c2013..5d771081341 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51624.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51624.json @@ -2,9 +2,8 @@ "id": "CVE-2023-51624", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:25.373", - "lastModified": "2024-05-03T12:48:41.067", - "vulnStatus": "Awaiting Analysis", - "cveTags": [], + "lastModified": "2024-11-25T16:43:13.800", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,13 +15,15 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { - "source": "zdi-disclosures@trendmicro.com", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +31,29 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, - "baseSeverity": "HIGH" + "baseSeverity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 5.9 @@ -49,16 +70,76 @@ "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dcs-8300lhv2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.07.02", + "matchCriteriaId": "B5E6108B-5223-48D0-ACD3-56A21F091F6C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dcs-8300lhv2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "370C3425-5B83-4E93-9C84-FA625EFB93EC" + } + ] + } + ] } ], "references": [ { "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10370", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-044/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10370", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-044/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51625.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51625.json index d9852d64b03..e944daf602a 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51625.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51625.json @@ -2,9 +2,8 @@ "id": "CVE-2023-51625", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:25.543", - "lastModified": "2024-05-03T12:48:41.067", - "vulnStatus": "Awaiting Analysis", - "cveTags": [], + "lastModified": "2024-11-25T15:26:34.007", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,13 +15,15 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { - "source": "zdi-disclosures@trendmicro.com", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.0, + "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +31,29 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 5.9 + } + ], + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.0, - "baseSeverity": "HIGH" + "baseSeverity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.1, "impactScore": 5.9 @@ -49,16 +70,76 @@ "value": "CWE-78" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dcs-8300lhv2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.07.02", + "matchCriteriaId": "B5E6108B-5223-48D0-ACD3-56A21F091F6C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dcs-8300lhv2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "370C3425-5B83-4E93-9C84-FA625EFB93EC" + } + ] + } + ] } ], "references": [ { "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10370", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-045/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10370", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-045/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51626.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51626.json index 120a7551f07..051693714cf 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51626.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51626.json @@ -2,9 +2,8 @@ "id": "CVE-2023-51626", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:25.713", - "lastModified": "2024-05-03T12:48:41.067", - "vulnStatus": "Awaiting Analysis", - "cveTags": [], + "lastModified": "2024-11-25T15:20:40.707", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,13 +15,15 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { - "source": "zdi-disclosures@trendmicro.com", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +31,29 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, - "baseSeverity": "HIGH" + "baseSeverity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 5.9 @@ -49,16 +70,76 @@ "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dcs-8300lhv2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.07.02", + "matchCriteriaId": "B5E6108B-5223-48D0-ACD3-56A21F091F6C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dcs-8300lhv2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "370C3425-5B83-4E93-9C84-FA625EFB93EC" + } + ] + } + ] } ], "references": [ { "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10370", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-046/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10370", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-046/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51627.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51627.json index 8b9e95e01b6..c423ec2bee6 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51627.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51627.json @@ -2,9 +2,8 @@ "id": "CVE-2023-51627", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:25.893", - "lastModified": "2024-05-03T12:48:41.067", - "vulnStatus": "Awaiting Analysis", - "cveTags": [], + "lastModified": "2024-11-25T15:05:46.023", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,13 +15,15 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { - "source": "zdi-disclosures@trendmicro.com", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.0, + "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +31,29 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 5.9 + } + ], + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.0, - "baseSeverity": "HIGH" + "baseSeverity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.1, "impactScore": 5.9 @@ -49,16 +70,76 @@ "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dcs-8300lhv2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.07.02", + "matchCriteriaId": "B5E6108B-5223-48D0-ACD3-56A21F091F6C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dcs-8300lhv2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "370C3425-5B83-4E93-9C84-FA625EFB93EC" + } + ] + } + ] } ], "references": [ { "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10370", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-047/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10370", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-047/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6042.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6042.json index fc81e467a74..795e3217333 100644 --- a/CVE-2023/CVE-2023-60xx/CVE-2023-6042.json +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6042.json @@ -2,9 +2,8 @@ "id": "CVE-2023-6042", "sourceIdentifier": "contact@wpscan.com", "published": "2024-01-08T19:15:09.937", - "lastModified": "2024-01-11T19:57:29.590", - "vulnStatus": "Analyzed", - "cveTags": [], + "lastModified": "2024-11-25T16:47:33.943", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -23,6 +22,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +31,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" + "availabilityImpact": "NONE" }, "exploitabilityScore": 3.9, "impactScore": 3.6 @@ -60,9 +59,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:motopress:getwid_-_gutenberg_blocks:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:motopress:getwid:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.0.3", - "matchCriteriaId": "90564B59-F63A-49BF-86B9-9634081EDEDF" + "matchCriteriaId": "30A9B871-6BC1-4600-9C4D-4660AC15BCF4" } ] } @@ -77,6 +76,14 @@ "Exploit", "Third Party Advisory" ] + }, + { + "url": "https://wpscan.com/vulnerability/56a1c050-67b5-43bc-b5b6-28d9a5a59eba", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6959.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6959.json index 55b346bfc14..9729eb98208 100644 --- a/CVE-2023/CVE-2023-69xx/CVE-2023-6959.json +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6959.json @@ -2,9 +2,8 @@ "id": "CVE-2023-6959", "sourceIdentifier": "security@wordfence.com", "published": "2024-02-05T22:15:57.767", - "lastModified": "2024-02-14T17:01:57.227", - "vulnStatus": "Analyzed", - "cveTags": [], + "lastModified": "2024-11-25T16:47:33.943", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,32 +16,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - }, { "source": "security@wordfence.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -50,9 +31,27 @@ "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", - "availabilityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, - "baseSeverity": "MEDIUM" + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 1.4 @@ -80,9 +79,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:motopress:getwid_-_gutenberg_blocks:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:motopress:getwid:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.0.5", - "matchCriteriaId": "AE13E896-349F-447C-BD4A-FD64DC6EA59A" + "matchCriteriaId": "0833C63F-9D16-4F31-8298-DFDCAEE50F59" } ] } @@ -103,6 +102,20 @@ "tags": [ "Third Party Advisory" ] + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3022982", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/774c00fb-82cd-44ca-bf96-3f6dfd1977d0?source=cve", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6963.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6963.json index 47d39553961..315ba8271a1 100644 --- a/CVE-2023/CVE-2023-69xx/CVE-2023-6963.json +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6963.json @@ -2,9 +2,8 @@ "id": "CVE-2023-6963", "sourceIdentifier": "security@wordfence.com", "published": "2024-02-05T22:15:57.930", - "lastModified": "2024-02-14T17:05:16.533", - "vulnStatus": "Analyzed", - "cveTags": [], + "lastModified": "2024-11-25T16:47:33.943", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,32 +16,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - }, { "source": "security@wordfence.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -50,9 +31,27 @@ "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", - "availabilityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "baseScore": 5.3, - "baseSeverity": "MEDIUM" + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" }, "exploitabilityScore": 3.9, "impactScore": 1.4 @@ -80,9 +79,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:motopress:getwid_-_gutenberg_blocks:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:motopress:getwid:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.0.5", - "matchCriteriaId": "AE13E896-349F-447C-BD4A-FD64DC6EA59A" + "matchCriteriaId": "0833C63F-9D16-4F31-8298-DFDCAEE50F59" } ] } @@ -103,6 +102,20 @@ "tags": [ "Third Party Advisory" ] + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3022982", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d317f2c7-06f3-4875-9f9b-eb7f450aa2f4?source=cve", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-114xx/CVE-2024-11400.json b/CVE-2024/CVE-2024-114xx/CVE-2024-11400.json index b637f0c38d6..df58fd1daee 100644 --- a/CVE-2024/CVE-2024-114xx/CVE-2024-11400.json +++ b/CVE-2024/CVE-2024-114xx/CVE-2024-11400.json @@ -2,13 +2,16 @@ "id": "CVE-2024-11400", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-19T22:15:19.740", - "lastModified": "2024-11-19T22:15:19.740", - "vulnStatus": "Received", - "cveTags": [], + "lastModified": "2024-11-25T15:02:53.013", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The HUSKY \u2013 Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the really_curr_tax parameter in all versions up to, and including, 1.3.6.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento HUSKY \u2013 Products Filter Professional para WooCommerce para WordPress es vulnerable a ataques de Cross-Site Scripting Reflejado a trav\u00e9s del par\u00e1metro really_curr_tax en todas las versiones hasta la 1.3.6.3 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace." } ], "metrics": { @@ -19,6 +22,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -26,9 +31,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 2.7 @@ -47,14 +50,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pluginus:woocommerce_products_filter:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.3.6.3", + "matchCriteriaId": "BEF942A3-6BDB-4BC3-91BC-BB6CFBE1CE45" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3186438/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f3158e77-39b3-4151-8f10-5824000a585a?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11631.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11631.json index b47eef61049..df7a7d152a5 100644 --- a/CVE-2024/CVE-2024-116xx/CVE-2024-11631.json +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11631.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11631", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-23T12:15:19.760", - "lastModified": "2024-11-23T12:15:19.760", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:54:46.333", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -75,6 +75,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -106,7 +126,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -117,28 +137,71 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:angeljudesuarez:tailoring_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D6D27827-5554-4FAB-8460-52599930F4FF" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/sil3n/cve/issues/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://itsourcecode.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://vuldb.com/?ctiid.285917", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.285917", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.446290", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11632.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11632.json index 6f0c79ebcc7..e523f7f87c1 100644 --- a/CVE-2024/CVE-2024-116xx/CVE-2024-11632.json +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11632.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11632", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-23T14:15:17.880", - "lastModified": "2024-11-23T14:15:17.880", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:50:43.257", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -75,6 +75,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -106,7 +126,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -117,28 +137,71 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fabianros:simple_car_rental_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D80D0581-09FD-4CE1-9327-CF580DF49354" + } + ] + } + ] } ], "references": [ { "url": "https://code-projects.org/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/sil3n/cve/issues/2", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.285918", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.285918", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.446308", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11646.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11646.json index 3d725f67fd9..226203f263b 100644 --- a/CVE-2024/CVE-2024-116xx/CVE-2024-11646.json +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11646.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11646", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-25T00:15:03.743", - "lastModified": "2024-11-25T00:15:03.743", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:49:56.377", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -75,6 +75,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -106,7 +126,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -117,28 +137,71 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:1000projects:beauty_parlour_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "4CC5BB9B-86BF-4DDC-9A70-B48A4707A48E" + } + ] + } + ] } ], "references": [ { "url": "https://1000projects.org/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/ppp-src/CVE/issues/33", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.285967", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.285967", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?submit.446575", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11647.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11647.json index 1ab04526917..826cf73104b 100644 --- a/CVE-2024/CVE-2024-116xx/CVE-2024-11647.json +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11647.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11647", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-25T01:15:04.033", - "lastModified": "2024-11-25T01:15:04.033", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:49:24.083", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -75,6 +75,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -106,7 +126,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -117,28 +137,71 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:1000projects:beauty_parlour_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "4CC5BB9B-86BF-4DDC-9A70-B48A4707A48E" + } + ] + } + ] } ], "references": [ { "url": "https://1000projects.org/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/ppp-src/CVE/issues/34", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.285968", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.285968", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.446576", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11648.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11648.json index a54e358e645..06eb749c069 100644 --- a/CVE-2024/CVE-2024-116xx/CVE-2024-11648.json +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11648.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11648", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-25T01:15:04.687", - "lastModified": "2024-11-25T01:15:04.687", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:49:02.417", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -75,6 +75,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -106,7 +126,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -117,28 +137,71 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:1000projects:beauty_parlour_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "4CC5BB9B-86BF-4DDC-9A70-B48A4707A48E" + } + ] + } + ] } ], "references": [ { "url": "https://1000projects.org/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/Calmgh/CVE/issues/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.285969", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.285969", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.447291", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11649.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11649.json index 2b02a5d68f8..3b4757f33b9 100644 --- a/CVE-2024/CVE-2024-116xx/CVE-2024-11649.json +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11649.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11649", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-25T02:15:15.883", - "lastModified": "2024-11-25T02:15:15.883", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:48:37.237", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -75,6 +75,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -106,7 +126,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -117,28 +137,71 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:1000projects:beauty_parlour_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "4CC5BB9B-86BF-4DDC-9A70-B48A4707A48E" + } + ] + } + ] } ], "references": [ { "url": "https://1000projects.org/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/zgaz/CVE/issues/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.285970", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.285970", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.451245", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11670.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11670.json new file mode 100644 index 00000000000..d580a898064 --- /dev/null +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11670.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-11670", + "sourceIdentifier": "security@devolutions.net", + "published": "2024-11-25T15:15:05.557", + "lastModified": "2024-11-25T16:15:12.173", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Incorrect authorization in the permission validation component of Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows a malicious authenticated user to bypass the \"View Password\" permission via specific actions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security@devolutions.net", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://devolutions.net/security/advisories/DEVO-2024-0015", + "source": "security@devolutions.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11671.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11671.json new file mode 100644 index 00000000000..7a63e79eaa7 --- /dev/null +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11671.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-11671", + "sourceIdentifier": "security@devolutions.net", + "published": "2024-11-25T15:15:07.040", + "lastModified": "2024-11-25T15:15:07.040", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager 2024.3.17 and earlier on Windows allows an authenticated user to bypass the MFA validation via data source switching." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@devolutions.net", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "references": [ + { + "url": "https://devolutions.net/security/advisories/DEVO-2024-0016", + "source": "security@devolutions.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11672.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11672.json new file mode 100644 index 00000000000..2e769095b74 --- /dev/null +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11672.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-11672", + "sourceIdentifier": "security@devolutions.net", + "published": "2024-11-25T15:15:07.180", + "lastModified": "2024-11-25T15:15:07.180", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Incorrect authorization in the add permission component in Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows an authenticated malicious user to bypass the \"Add\" permission via the import in vault feature." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@devolutions.net", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://devolutions.net/security/advisories/DEVO-2024-0016", + "source": "security@devolutions.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27231.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27231.json index 7ebbd726b98..8defe23d192 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27231.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27231.json @@ -2,9 +2,8 @@ "id": "CVE-2024-27231", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-04-05T20:15:07.787", - "lastModified": "2024-04-08T18:49:25.863", + "lastModified": "2024-11-25T16:15:12.423", "vulnStatus": "Awaiting Analysis", - "cveTags": [], "descriptions": [ { "lang": "en", @@ -15,11 +14,50 @@ "value": "En tmu_get_tr_stats de tmu.c, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda dar lugar a la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.5, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2024-04-01", "source": "dsap-vuln-management@google.com" + }, + { + "url": "https://source.android.com/security/bulletin/pixel/2024-04-01", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-273xx/CVE-2024-27312.json b/CVE-2024/CVE-2024-273xx/CVE-2024-27312.json index a4e12e6bf1c..960d8e609cc 100644 --- a/CVE-2024/CVE-2024-273xx/CVE-2024-27312.json +++ b/CVE-2024/CVE-2024-273xx/CVE-2024-27312.json @@ -2,9 +2,8 @@ "id": "CVE-2024-27312", "sourceIdentifier": "0fc0942c-577d-436f-ae8e-945763c79b02", "published": "2024-05-20T13:15:23.773", - "lastModified": "2024-10-07T12:15:12.563", - "vulnStatus": "Awaiting Analysis", - "cveTags": [], + "lastModified": "2024-11-25T15:14:53.217", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -23,6 +22,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 8.1, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +31,27 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "baseScore": 8.1, - "baseSeverity": "HIGH" + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 5.2 @@ -49,12 +68,55 @@ "value": "CWE-863" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_pam360:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.6", + "matchCriteriaId": "A74091A8-ECA2-45B3-90DF-9C6EA9629DF8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_pam360:6.6:build6600:*:*:*:*:*:*", + "matchCriteriaId": "5BB6E490-C39A-4E90-A01B-DB3239106E9F" + } + ] + } + ] } ], "references": [ { "url": "https://www.manageengine.com/privileged-access-management/advisory/cve-2024-27312.html", - "source": "0fc0942c-577d-436f-ae8e-945763c79b02" + "source": "0fc0942c-577d-436f-ae8e-945763c79b02", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://www.manageengine.com/privileged-access-management/advisory/cve-2024-27312.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27906.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27906.json index d91460bb886..1a45f3b6559 100644 --- a/CVE-2024/CVE-2024-279xx/CVE-2024-27906.json +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27906.json @@ -2,9 +2,8 @@ "id": "CVE-2024-27906", "sourceIdentifier": "security@apache.org", "published": "2024-02-29T11:15:08.920", - "lastModified": "2024-02-29T13:49:29.390", + "lastModified": "2024-11-25T16:15:12.653", "vulnStatus": "Awaiting Analysis", - "cveTags": [], "descriptions": [ { "lang": "en", @@ -15,11 +14,34 @@ "value": "Apache Airflow, versiones anteriores a la 2.8.2, tiene una vulnerabilidad que permite a los usuarios autenticados ver el c\u00f3digo DAG e importar errores de DAG que no tienen permiso para ver a trav\u00e9s de la API y la UI. Se recomienda a los usuarios de Apache Airflow actualizar a la versi\u00f3n 2.8.2 o posterior para mitigar el riesgo asociado con esta vulnerabilidad." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.5, + "impactScore": 3.4 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -44,6 +66,22 @@ { "url": "https://lists.apache.org/thread/on4f7t5sqr3vfgp1pvkck79wv7mq9st5", "source": "security@apache.org" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/02/29/1", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://github.com/apache/airflow/pull/37290", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://github.com/apache/airflow/pull/37468", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://lists.apache.org/thread/on4f7t5sqr3vfgp1pvkck79wv7mq9st5", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-304xx/CVE-2024-30424.json b/CVE-2024/CVE-2024-304xx/CVE-2024-30424.json index dcafe530530..da45cb257ac 100644 --- a/CVE-2024/CVE-2024-304xx/CVE-2024-30424.json +++ b/CVE-2024/CVE-2024-304xx/CVE-2024-30424.json @@ -2,13 +2,16 @@ "id": "CVE-2024-30424", "sourceIdentifier": "audit@patchstack.com", "published": "2024-11-19T22:15:20.103", - "lastModified": "2024-11-19T22:15:20.103", - "vulnStatus": "Received", - "cveTags": [], + "lastModified": "2024-11-25T15:07:22.740", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPZOOM Beaver Builder Addons by WPZOOM allows Stored XSS.This issue affects Beaver Builder Addons by WPZOOM: from n/a through 1.3.4." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en Beaver Builder Addons de WPZOOM permite XSS almacenado. Este problema afecta a Beaver Builder Addons de WPZOOM: desde n/a hasta 1.3.4." } ], "metrics": { @@ -19,6 +22,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -26,12 +31,30 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" + "availabilityImpact": "LOW" }, "exploitabilityScore": 2.3, "impactScore": 3.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, @@ -47,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpzoom:beaver_builder_addons:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.3.5", + "matchCriteriaId": "3AD967ED-D8DA-4DA1-99A3-D4385C2264E6" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wpzoom-addons-for-beaver-builder/wordpress-beaver-builder-addons-by-wpzoom-plugin-1-3-4-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-308xx/CVE-2024-30851.json b/CVE-2024/CVE-2024-308xx/CVE-2024-30851.json index 0bf7e6991bd..b5e5c1ab293 100644 --- a/CVE-2024/CVE-2024-308xx/CVE-2024-30851.json +++ b/CVE-2024/CVE-2024-308xx/CVE-2024-30851.json @@ -2,9 +2,8 @@ "id": "CVE-2024-30851", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-03T17:15:07.630", - "lastModified": "2024-05-06T12:44:56.377", + "lastModified": "2024-11-25T16:15:12.930", "vulnStatus": "Awaiting Analysis", - "cveTags": [], "descriptions": [ { "lang": "en", @@ -15,7 +14,42 @@ "value": "Vulnerabilidad de Directory Traversal en codesiddhant Jasmin Ransomware v.1.0.1 permite a un atacante obtener informaci\u00f3n confidencial a trav\u00e9s del componente download_file.php." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], "references": [ { "url": "https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc", @@ -24,6 +58,14 @@ { "url": "https://github.com/codesiddhant/Jasmin-Ransomware", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://github.com/codesiddhant/Jasmin-Ransomware", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-354xx/CVE-2024-35401.json b/CVE-2024/CVE-2024-354xx/CVE-2024-35401.json index fabf8a91db9..75ff57ab186 100644 --- a/CVE-2024/CVE-2024-354xx/CVE-2024-35401.json +++ b/CVE-2024/CVE-2024-354xx/CVE-2024-35401.json @@ -2,9 +2,8 @@ "id": "CVE-2024-35401", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-28T17:15:10.997", - "lastModified": "2024-05-29T13:02:09.280", + "lastModified": "2024-11-25T16:15:13.167", "vulnStatus": "Awaiting Analysis", - "cveTags": [], "descriptions": [ { "lang": "en", @@ -15,7 +14,42 @@ "value": "Se descubri\u00f3 que TOTOLINK CP900L v4.1.5cu.798_B20221228 contiene una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s del par\u00e1metro FileName en la funci\u00f3n UploadFirmwareFile." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.5, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], "references": [ { "url": "http://totolink.com", @@ -24,6 +58,14 @@ { "url": "https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/UploadFirmwareFile/README.md", "source": "cve@mitre.org" + }, + { + "url": "http://totolink.com", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/UploadFirmwareFile/README.md", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50066.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50066.json index 348153e78f8..1ede7e1af8e 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50066.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50066.json @@ -2,7 +2,7 @@ "id": "CVE-2024-50066", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-23T06:15:10.467", - "lastModified": "2024-11-22T15:15:13.947", + "lastModified": "2024-11-25T15:15:07.570", "vulnStatus": "Modified", "descriptions": [ { @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.0, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.0, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.9 } ] }, @@ -48,6 +68,16 @@ "value": "CWE-362" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-362" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-71xx/CVE-2024-7130.json b/CVE-2024/CVE-2024-71xx/CVE-2024-7130.json new file mode 100644 index 00000000000..d14b359f16f --- /dev/null +++ b/CVE-2024/CVE-2024-71xx/CVE-2024-7130.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-7130", + "sourceIdentifier": "iletisim@usom.gov.tr", + "published": "2024-11-21T14:15:19.023", + "lastModified": "2024-11-25T15:15:08.260", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kion Computer KION Exchange Programs Software allows Reflected XSS.This issue affects KION Exchange Programs Software: before 1.21.9092.29966." + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o \"Cross-site Scripting\") en Kion Computer KION Exchange Programs Software permite XSS reflejado. Este problema afecta a KION Exchange Programs Software: hasta el 21.11.2024. NOTA: Se contact\u00f3 al proveedor con anticipaci\u00f3n sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "iletisim@usom.gov.tr", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "iletisim@usom.gov.tr", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.usom.gov.tr/bildirim/tr-24-1867", + "source": "iletisim@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9732.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9732.json index 7e8da74b287..db2c42b8d6d 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9732.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9732.json @@ -2,15 +2,41 @@ "id": "CVE-2024-9732", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:26.620", - "lastModified": "2024-11-22T21:15:26.620", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:12:03.470", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tungsten Automation Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XPS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24385." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo despu\u00e9s de la liberaci\u00f3n en el an\u00e1lisis de archivos XPS de Tungsten Automation Power PDF. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Tungsten Automation Power PDF. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos XPS. El problema es el resultado de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones en el objeto. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24385." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -37,7 +63,7 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +72,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.1", + "matchCriteriaId": "07AF31C9-62C2-4FCA-975B-EEFCF34B8C78" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1337/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9733.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9733.json index eee20a56f31..057b91cb0e2 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9733.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9733.json @@ -2,15 +2,41 @@ "id": "CVE-2024-9733", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:26.747", - "lastModified": "2024-11-22T21:15:26.747", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:46:02.380", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24389." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto en el an\u00e1lisis de archivos PDF de Tungsten Automation Power PDF que permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Tungsten Automation Power PDF. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos PDF. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24389." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -37,7 +63,7 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +72,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.1", + "matchCriteriaId": "07AF31C9-62C2-4FCA-975B-EEFCF34B8C78" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1352/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9734.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9734.json index a0bb532c618..00242f95de6 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9734.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9734.json @@ -2,15 +2,41 @@ "id": "CVE-2024-9734", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:26.870", - "lastModified": "2024-11-22T21:15:26.870", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:45:50.453", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tungsten Automation Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24400." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en mont\u00f3n de an\u00e1lisis de archivos PDF de Tungsten Automation Power PDF. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Tungsten Automation Power PDF. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos PDF. El problema es el resultado de la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en mont\u00f3n de longitud fija. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24400." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -37,19 +63,50 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-122" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.1", + "matchCriteriaId": "07AF31C9-62C2-4FCA-975B-EEFCF34B8C78" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1353/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9735.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9735.json index 5561100d5a7..437929591f5 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9735.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9735.json @@ -2,15 +2,41 @@ "id": "CVE-2024-9735", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:27.010", - "lastModified": "2024-11-22T21:15:27.010", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:45:37.677", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tungsten Automation Power PDF JPF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of JPF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24451." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto fuera de los l\u00edmites en el an\u00e1lisis de archivos JPF de Tungsten Automation Power PDF. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Tungsten Automation Power PDF. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos JPF. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24451." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -37,7 +63,7 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +72,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.1.0.1", + "matchCriteriaId": "A8BC369E-2EB0-4E2F-A071-702F62805271" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1365/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9736.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9736.json index cbfce47988a..d67c2d728b0 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9736.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9736.json @@ -2,15 +2,41 @@ "id": "CVE-2024-9736", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:27.117", - "lastModified": "2024-11-22T21:15:27.117", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:45:21.567", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24452." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto en el an\u00e1lisis de archivos PDF de Tungsten Automation Power PDF que permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Tungsten Automation Power PDF. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos PDF. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24452." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -37,7 +63,7 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +72,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.1", + "matchCriteriaId": "07AF31C9-62C2-4FCA-975B-EEFCF34B8C78" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1351/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9737.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9737.json index 751966ed6cc..33c7ff197ba 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9737.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9737.json @@ -2,15 +2,41 @@ "id": "CVE-2024-9737", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:27.233", - "lastModified": "2024-11-22T21:15:27.233", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:45:11.627", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24453." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto en el an\u00e1lisis de archivos PDF de Tungsten Automation Power PDF que permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Tungsten Automation Power PDF. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos PDF. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24453." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -37,7 +63,7 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +72,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.1", + "matchCriteriaId": "07AF31C9-62C2-4FCA-975B-EEFCF34B8C78" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1350/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9738.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9738.json index ef425507a0c..69a70d95b12 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9738.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9738.json @@ -2,15 +2,41 @@ "id": "CVE-2024-9738", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:27.360", - "lastModified": "2024-11-22T21:15:27.360", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:44:57.730", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tungsten Automation Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24454." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por corrupci\u00f3n de memoria en el an\u00e1lisis de archivos PDF de Tungsten Automation Power PDF. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Tungsten Automation Power PDF. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos PDF. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una condici\u00f3n de corrupci\u00f3n de memoria. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24454." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -37,19 +63,50 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-119" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.1", + "matchCriteriaId": "07AF31C9-62C2-4FCA-975B-EEFCF34B8C78" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1341/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9739.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9739.json index 7909a95e860..6b916c59f9e 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9739.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9739.json @@ -2,15 +2,41 @@ "id": "CVE-2024-9739", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:27.490", - "lastModified": "2024-11-22T21:15:27.490", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:44:41.507", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tungsten Automation Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24455." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por corrupci\u00f3n de memoria en el an\u00e1lisis de archivos PDF de Tungsten Automation Power PDF. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Tungsten Automation Power PDF. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos PDF. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una condici\u00f3n de corrupci\u00f3n de memoria. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24455." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -37,19 +63,50 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-119" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.1", + "matchCriteriaId": "07AF31C9-62C2-4FCA-975B-EEFCF34B8C78" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1349/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9740.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9740.json index 65bafaa6819..e761b90914a 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9740.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9740.json @@ -2,15 +2,41 @@ "id": "CVE-2024-9740", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:27.617", - "lastModified": "2024-11-22T21:15:27.617", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:44:27.720", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tungsten Automation Power PDF BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of BMP files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24456." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto fuera de los l\u00edmites en el an\u00e1lisis de archivos BMP de Tungsten Automation Power PDF. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Tungsten Automation Power PDF. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos BMP. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24456." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -37,7 +63,7 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +72,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.1", + "matchCriteriaId": "07AF31C9-62C2-4FCA-975B-EEFCF34B8C78" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1343/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9741.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9741.json index 939870c498b..ed47e88b649 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9741.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9741.json @@ -2,15 +2,41 @@ "id": "CVE-2024-9741", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:27.747", - "lastModified": "2024-11-22T21:15:27.747", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:44:15.387", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tungsten Automation Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24457." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en mont\u00f3n de an\u00e1lisis de archivos PDF de Tungsten Automation Power PDF. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Tungsten Automation Power PDF. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos PDF. El problema es el resultado de la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en mont\u00f3n de longitud fija. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24457." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -37,19 +63,50 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-122" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.1", + "matchCriteriaId": "07AF31C9-62C2-4FCA-975B-EEFCF34B8C78" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1346/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9742.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9742.json index 6ed690e2cc0..8932b6a64a1 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9742.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9742.json @@ -2,15 +2,41 @@ "id": "CVE-2024-9742", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:27.870", - "lastModified": "2024-11-22T21:15:27.870", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:43:58.023", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tungsten Automation Power PDF PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24458." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en mont\u00f3n en el an\u00e1lisis de archivos PSD de Tungsten Automation Power PDF. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Tungsten Automation Power PDF. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos PSD. El problema es el resultado de la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en mont\u00f3n de longitud fija. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24458." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -37,19 +63,50 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-122" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.1", + "matchCriteriaId": "07AF31C9-62C2-4FCA-975B-EEFCF34B8C78" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1342/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9743.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9743.json index bfc0f23bfb0..3a42757f281 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9743.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9743.json @@ -2,15 +2,41 @@ "id": "CVE-2024-9743", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:28.017", - "lastModified": "2024-11-22T21:15:28.017", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:43:27.847", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tungsten Automation Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24459." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en mont\u00f3n de an\u00e1lisis de archivos PDF de Tungsten Automation Power PDF. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Tungsten Automation Power PDF. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos PDF. El problema es el resultado de la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en mont\u00f3n de longitud fija. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24459." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -37,19 +63,50 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-122" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.1", + "matchCriteriaId": "07AF31C9-62C2-4FCA-975B-EEFCF34B8C78" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1338/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9744.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9744.json index 5cfbad0df23..4ea4726ac79 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9744.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9744.json @@ -2,15 +2,41 @@ "id": "CVE-2024-9744", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:28.153", - "lastModified": "2024-11-22T21:15:28.153", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:43:10.790", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24460." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto fuera de los l\u00edmites en el an\u00e1lisis de archivos JP2 de Tungsten Automation Power PDF. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Tungsten Automation Power PDF. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos JP2. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24460." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -37,7 +63,7 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +72,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.1.0.1", + "matchCriteriaId": "A8BC369E-2EB0-4E2F-A071-702F62805271" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1364/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9745.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9745.json index 88a83154a85..d80a3a3455a 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9745.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9745.json @@ -2,15 +2,41 @@ "id": "CVE-2024-9745", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:28.297", - "lastModified": "2024-11-22T21:15:28.297", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:18:31.170", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tungsten Automation Power PDF TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of TIF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24461." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en pila de an\u00e1lisis de archivos TIF de Tungsten Automation Power PDF. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Tungsten Automation Power PDF. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos TIF. El problema es el resultado de la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en pila de longitud fija. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24461." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -37,19 +63,50 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.1", + "matchCriteriaId": "07AF31C9-62C2-4FCA-975B-EEFCF34B8C78" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1347/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9746.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9746.json index 1ea792f4d08..d38764077a8 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9746.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9746.json @@ -2,15 +2,41 @@ "id": "CVE-2024-9746", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:28.433", - "lastModified": "2024-11-22T21:15:28.433", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:18:17.007", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tungsten Automation Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of TGA files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24462." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto fuera de los l\u00edmites en el an\u00e1lisis de archivos TGA de Tungsten Automation Power PDF. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Tungsten Automation Power PDF. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos TGA. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24462." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -37,7 +63,7 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +72,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.1", + "matchCriteriaId": "07AF31C9-62C2-4FCA-975B-EEFCF34B8C78" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1345/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9747.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9747.json index 395a0159554..4f2ef0a8b0b 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9747.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9747.json @@ -2,15 +2,41 @@ "id": "CVE-2024-9747", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:28.573", - "lastModified": "2024-11-22T21:15:28.573", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:17:27.573", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tungsten Automation Power PDF PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24463." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto fuera de los l\u00edmites en el an\u00e1lisis de archivos PSD de Tungsten Automation Power PDF. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Tungsten Automation Power PDF. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos PSD. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24463." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -37,7 +63,7 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +72,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.1", + "matchCriteriaId": "07AF31C9-62C2-4FCA-975B-EEFCF34B8C78" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1344/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-97xx/CVE-2024-9748.json b/CVE-2024/CVE-2024-97xx/CVE-2024-9748.json index 53da4514c1e..5ba7ebe63e2 100644 --- a/CVE-2024/CVE-2024-97xx/CVE-2024-9748.json +++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9748.json @@ -2,15 +2,41 @@ "id": "CVE-2024-9748", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:28.720", - "lastModified": "2024-11-22T21:15:28.720", - "vulnStatus": "Received", + "lastModified": "2024-11-25T16:16:04.847", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tungsten Automation Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XPS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24464." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo despu\u00e9s de la liberaci\u00f3n en el an\u00e1lisis de archivos XPS de Tungsten Automation Power PDF. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Tungsten Automation Power PDF. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos XPS. El problema es el resultado de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones en el objeto. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24464." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -37,7 +63,7 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +72,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.1", + "matchCriteriaId": "07AF31C9-62C2-4FCA-975B-EEFCF34B8C78" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1339/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index c1b34d574d3..a544bc9e9b3 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-11-25T15:01:11.658599+00:00 +2024-11-25T17:04:15.383492+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-11-25T14:59:00.317000+00:00 +2024-11-25T16:58:48.337000+00:00 ``` ### Last Data Feed Release @@ -33,47 +33,50 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -271248 +271254 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `6` -- [CVE-2024-11403](CVE-2024/CVE-2024-114xx/CVE-2024-11403.json) (`2024-11-25T14:15:06.310`) -- [CVE-2024-11498](CVE-2024/CVE-2024-114xx/CVE-2024-11498.json) (`2024-11-25T14:15:06.607`) -- [CVE-2024-27134](CVE-2024/CVE-2024-271xx/CVE-2024-27134.json) (`2024-11-25T14:15:06.867`) +- [CVE-2023-26280](CVE-2023/CVE-2023-262xx/CVE-2023-26280.json) (`2024-11-25T16:15:06.243`) +- [CVE-2023-45181](CVE-2023/CVE-2023-451xx/CVE-2023-45181.json) (`2024-11-25T16:15:11.273`) +- [CVE-2024-11670](CVE-2024/CVE-2024-116xx/CVE-2024-11670.json) (`2024-11-25T15:15:05.557`) +- [CVE-2024-11671](CVE-2024/CVE-2024-116xx/CVE-2024-11671.json) (`2024-11-25T15:15:07.040`) +- [CVE-2024-11672](CVE-2024/CVE-2024-116xx/CVE-2024-11672.json) (`2024-11-25T15:15:07.180`) +- [CVE-2024-7130](CVE-2024/CVE-2024-71xx/CVE-2024-7130.json) (`2024-11-21T14:15:19.023`) ### CVEs modified in the last Commit -Recently modified CVEs: `34` +Recently modified CVEs: `44` -- [CVE-2024-34392](CVE-2024/CVE-2024-343xx/CVE-2024-34392.json) (`2024-11-25T13:15:06.017`) -- [CVE-2024-34393](CVE-2024/CVE-2024-343xx/CVE-2024-34393.json) (`2024-11-25T13:15:06.223`) -- [CVE-2024-34394](CVE-2024/CVE-2024-343xx/CVE-2024-34394.json) (`2024-11-25T13:15:06.407`) -- [CVE-2024-45187](CVE-2024/CVE-2024-451xx/CVE-2024-45187.json) (`2024-11-25T13:15:06.577`) -- [CVE-2024-45188](CVE-2024/CVE-2024-451xx/CVE-2024-45188.json) (`2024-11-25T13:15:06.770`) -- [CVE-2024-45189](CVE-2024/CVE-2024-451xx/CVE-2024-45189.json) (`2024-11-25T13:15:06.940`) -- [CVE-2024-45190](CVE-2024/CVE-2024-451xx/CVE-2024-45190.json) (`2024-11-25T13:15:07.130`) -- [CVE-2024-51669](CVE-2024/CVE-2024-516xx/CVE-2024-51669.json) (`2024-11-25T14:46:27.873`) -- [CVE-2024-52392](CVE-2024/CVE-2024-523xx/CVE-2024-52392.json) (`2024-11-25T14:37:05.867`) -- [CVE-2024-52581](CVE-2024/CVE-2024-525xx/CVE-2024-52581.json) (`2024-11-25T14:15:07.077`) -- [CVE-2024-52595](CVE-2024/CVE-2024-525xx/CVE-2024-52595.json) (`2024-11-25T14:27:38.087`) -- [CVE-2024-53068](CVE-2024/CVE-2024-530xx/CVE-2024-53068.json) (`2024-11-25T13:43:00.467`) -- [CVE-2024-53074](CVE-2024/CVE-2024-530xx/CVE-2024-53074.json) (`2024-11-25T13:51:28.137`) -- [CVE-2024-53075](CVE-2024/CVE-2024-530xx/CVE-2024-53075.json) (`2024-11-25T13:58:31.503`) -- [CVE-2024-53078](CVE-2024/CVE-2024-530xx/CVE-2024-53078.json) (`2024-11-25T13:31:57.063`) -- [CVE-2024-53082](CVE-2024/CVE-2024-530xx/CVE-2024-53082.json) (`2024-11-25T13:35:34.083`) -- [CVE-2024-53088](CVE-2024/CVE-2024-530xx/CVE-2024-53088.json) (`2024-11-25T13:38:07.723`) -- [CVE-2024-5565](CVE-2024/CVE-2024-55xx/CVE-2024-5565.json) (`2024-11-25T13:15:07.310`) -- [CVE-2024-6393](CVE-2024/CVE-2024-63xx/CVE-2024-6393.json) (`2024-11-25T14:15:07.280`) -- [CVE-2024-6507](CVE-2024/CVE-2024-65xx/CVE-2024-6507.json) (`2024-11-25T13:15:07.517`) -- [CVE-2024-6960](CVE-2024/CVE-2024-69xx/CVE-2024-6960.json) (`2024-11-25T13:15:07.713`) -- [CVE-2024-6961](CVE-2024/CVE-2024-69xx/CVE-2024-6961.json) (`2024-11-25T13:15:07.930`) -- [CVE-2024-7056](CVE-2024/CVE-2024-70xx/CVE-2024-7056.json) (`2024-11-25T14:15:07.457`) -- [CVE-2024-7340](CVE-2024/CVE-2024-73xx/CVE-2024-7340.json) (`2024-11-25T13:15:08.107`) -- [CVE-2024-8072](CVE-2024/CVE-2024-80xx/CVE-2024-8072.json) (`2024-11-25T13:15:08.297`) +- [CVE-2024-11649](CVE-2024/CVE-2024-116xx/CVE-2024-11649.json) (`2024-11-25T16:48:37.237`) +- [CVE-2024-27231](CVE-2024/CVE-2024-272xx/CVE-2024-27231.json) (`2024-11-25T16:15:12.423`) +- [CVE-2024-27312](CVE-2024/CVE-2024-273xx/CVE-2024-27312.json) (`2024-11-25T15:14:53.217`) +- [CVE-2024-27906](CVE-2024/CVE-2024-279xx/CVE-2024-27906.json) (`2024-11-25T16:15:12.653`) +- [CVE-2024-30424](CVE-2024/CVE-2024-304xx/CVE-2024-30424.json) (`2024-11-25T15:07:22.740`) +- [CVE-2024-30851](CVE-2024/CVE-2024-308xx/CVE-2024-30851.json) (`2024-11-25T16:15:12.930`) +- [CVE-2024-35401](CVE-2024/CVE-2024-354xx/CVE-2024-35401.json) (`2024-11-25T16:15:13.167`) +- [CVE-2024-50066](CVE-2024/CVE-2024-500xx/CVE-2024-50066.json) (`2024-11-25T15:15:07.570`) +- [CVE-2024-9732](CVE-2024/CVE-2024-97xx/CVE-2024-9732.json) (`2024-11-25T16:12:03.470`) +- [CVE-2024-9733](CVE-2024/CVE-2024-97xx/CVE-2024-9733.json) (`2024-11-25T16:46:02.380`) +- [CVE-2024-9734](CVE-2024/CVE-2024-97xx/CVE-2024-9734.json) (`2024-11-25T16:45:50.453`) +- [CVE-2024-9735](CVE-2024/CVE-2024-97xx/CVE-2024-9735.json) (`2024-11-25T16:45:37.677`) +- [CVE-2024-9736](CVE-2024/CVE-2024-97xx/CVE-2024-9736.json) (`2024-11-25T16:45:21.567`) +- [CVE-2024-9737](CVE-2024/CVE-2024-97xx/CVE-2024-9737.json) (`2024-11-25T16:45:11.627`) +- [CVE-2024-9738](CVE-2024/CVE-2024-97xx/CVE-2024-9738.json) (`2024-11-25T16:44:57.730`) +- [CVE-2024-9739](CVE-2024/CVE-2024-97xx/CVE-2024-9739.json) (`2024-11-25T16:44:41.507`) +- [CVE-2024-9740](CVE-2024/CVE-2024-97xx/CVE-2024-9740.json) (`2024-11-25T16:44:27.720`) +- [CVE-2024-9741](CVE-2024/CVE-2024-97xx/CVE-2024-9741.json) (`2024-11-25T16:44:15.387`) +- [CVE-2024-9742](CVE-2024/CVE-2024-97xx/CVE-2024-9742.json) (`2024-11-25T16:43:58.023`) +- [CVE-2024-9743](CVE-2024/CVE-2024-97xx/CVE-2024-9743.json) (`2024-11-25T16:43:27.847`) +- [CVE-2024-9744](CVE-2024/CVE-2024-97xx/CVE-2024-9744.json) (`2024-11-25T16:43:10.790`) +- [CVE-2024-9745](CVE-2024/CVE-2024-97xx/CVE-2024-9745.json) (`2024-11-25T16:18:31.170`) +- [CVE-2024-9746](CVE-2024/CVE-2024-97xx/CVE-2024-9746.json) (`2024-11-25T16:18:17.007`) +- [CVE-2024-9747](CVE-2024/CVE-2024-97xx/CVE-2024-9747.json) (`2024-11-25T16:17:27.573`) +- [CVE-2024-9748](CVE-2024/CVE-2024-97xx/CVE-2024-9748.json) (`2024-11-25T16:16:04.847`) ## Download and Usage diff --git a/_state.csv b/_state.csv index a9cc98db41f..e5aefab4808 100644 --- a/_state.csv +++ b/_state.csv @@ -214743,7 +214743,7 @@ CVE-2023-1891,0,0,8e7da7c1154f02152549e3810fbad519cba58e65acff895cec88f3cd56d17d CVE-2023-1892,0,0,b9655c41e67b454848b5d3384e972dfcfa096b6ccc3a47a56d96446ca95330d1,2023-06-09T18:07:41.737000 CVE-2023-1893,0,0,f011b671643c04c9ac9f1286dfb03fb4f35c1fae2e4d678bcdc5bdf40e1212f1,2023-11-07T04:05:17.737000 CVE-2023-1894,0,0,8b9224659fd62b54c94603c0e6692dab8b1fd389e2f68d8b4ca71eba3bed7861,2023-11-07T04:05:17.950000 -CVE-2023-1895,0,0,b97a32f74960e55c5749d0a7752fd01d0db84b2e7f0f816501a22594465da6e0,2023-11-07T04:05:18.237000 +CVE-2023-1895,0,1,7ae055c6e9dc2a1e93e805cc7783c11e49bde3249c3a295fdd4245b61174021a,2024-11-25T16:47:33.943000 CVE-2023-1897,0,0,652a211d4eea651573656f2ed7231dc7401ef5aa8c7e9688005e398ac2513414,2023-11-07T04:05:18.483000 CVE-2023-1898,0,0,b285cb4104be23af5faaf14b40f41770a2edf56ca500c542472d1e858c5284b5,2023-11-07T04:05:18.720000 CVE-2023-1899,0,0,29bbda37ef28f951f02bffe709083a2aa1accb0aa0fc3ad1452c8012ed5ce948,2023-11-07T04:05:18.940000 @@ -214756,7 +214756,7 @@ CVE-2023-1905,0,0,a7cda20dfe6217359b5ea5692f7971f066752b84da39a1520ace365b70249a CVE-2023-1906,0,0,4fe6a845d023429d576d5c9ee37419c94c5ec3e17250bbc753d7cc66058645c0,2023-11-07T04:05:19.457000 CVE-2023-1908,0,0,701db6a99cc57a3a029c78d7ec8458962a34ea7d03647039f803af06632639cc,2024-05-17T02:18:32.610000 CVE-2023-1909,0,0,ff665604221b113a1a9a16dba9aa47c093d5d4e7fe8694c1fb4e6a158b1a06d8,2024-05-17T02:18:32.727000 -CVE-2023-1910,0,0,5a43361931f681055eaea4d4de9e9aa705851dc1185e3b6fbedaa60aa070de7a,2023-11-07T04:05:20.877000 +CVE-2023-1910,0,1,54a7b8eed688025513c34f40615bd93024dd6eff9755e33761c39d87b4af5c5d,2024-11-25T16:47:33.943000 CVE-2023-1911,0,0,48ba49f8eb7751c9133e2e90c7d957069cf9547898cb5bf89d33a4a1b27cf2e7,2023-11-07T04:05:21.117000 CVE-2023-1912,0,0,2d10dd59c89e72ce8bbf4827d67e3a87c4c3f8fcd7240b75dafacb371e4307c8,2023-11-07T04:05:21.317000 CVE-2023-1913,0,0,15dbc19ad1f8463ca52916646a2403ac8f8c54a4630bbb160ab0586b6e1a2951,2023-11-07T04:05:21.563000 @@ -220088,6 +220088,7 @@ CVE-2023-26277,0,0,95498aef87c5021a1b7e30367bd3bb97878a14ee98abe842b2410786d5f45 CVE-2023-26278,0,0,bbd6fcfc7d7e5c2779044a810f0df62dc3eaa063b4cc469d2ec9a09171bb7bed,2023-06-07T18:12:56.727000 CVE-2023-26279,0,0,57fc86b7d4a1528638516613687d33ccd8293cca63436652accb62c13c411e7d,2023-11-30T04:57:02.920000 CVE-2023-2628,0,0,685fa3b4ad9d590242699f5bfa24f3ff35199bdf1e36b8e87a158d172105c813,2023-11-07T04:12:59.463000 +CVE-2023-26280,1,1,a33dd5dc837a8df8882320d68b362df98c73b35ca8898a7ba1090e089dc6dd34,2024-11-25T16:15:06.243000 CVE-2023-26281,0,0,49c4a0509c6b8aa5933927528e8998034faff7b114a65ecfeac6c0da5d0c2f4d,2023-11-07T04:09:33.057000 CVE-2023-26282,0,0,872397b1a416ff1fce13ab136c1efd273022907b2617d95653478f6389617bd4,2024-03-06T15:18:08.093000 CVE-2023-26283,0,0,e2064453ef2858146e69fe81df96344f4104450fa7f97beea6cf1e61b0996cc2,2023-11-07T04:09:33.137000 @@ -221090,7 +221091,7 @@ CVE-2023-27605,0,0,3c9bd67e7bbc5a970176fa36f2ef3e0bf73a6762632ef035cc42d3a510e37 CVE-2023-27606,0,0,df5a64e8dccf8b9593928c54f55b0be768a1ad798eb4d0e828b503915ddf62a6,2023-07-26T01:18:52.087000 CVE-2023-27607,0,0,e059482f5e66445b3b6dfa901c43f1665d8e6eb57a74d73e31d4f554c8f501e3,2024-04-11T12:47:44.137000 CVE-2023-27608,0,0,ca0e0396dbbf904c3f06805870be742345bb608af7591e6ce023124cb9b4b1dc,2024-03-25T13:47:14.087000 -CVE-2023-27609,0,1,1a4c070b77a97ab0ffdbe219d01820e23eadde320ae96b2ee9a07e433fa3d1fa,2024-11-25T14:59:00.317000 +CVE-2023-27609,0,0,1a4c070b77a97ab0ffdbe219d01820e23eadde320ae96b2ee9a07e433fa3d1fa,2024-11-25T14:59:00.317000 CVE-2023-2761,0,0,4dee62c0e7c940cf74deb24a4b57d9c2ba0f2e277a6910f32a7fc4908cfde16b,2023-11-07T04:13:16.437000 CVE-2023-27610,0,0,d62fcf0a65a97d1a6ac572d24b407ac5644e52669587257409c91d52f65b7404,2023-04-25T19:50:17.680000 CVE-2023-27611,0,0,216d6e149a446d5a846bdf9ca1e4391b75fac51fa22d36a78ccaf2671d9d6790,2023-11-17T19:50:57.180000 @@ -221848,7 +221849,7 @@ CVE-2023-28458,0,0,ef73a1fa781dc427433a4344f064cf2c5d295719475229911a534302acd48 CVE-2023-28459,0,0,ff6d9b0d2a61636a2216f5ca3eebb22b60bf4cdf2177e93c8efd3097129af8b8,2023-05-04T12:38:31.430000 CVE-2023-2846,0,0,9aab683976373505e029cb617089a2ec5cce34a049b1b52d471de12eae663bf2,2023-07-10T18:51:01.550000 CVE-2023-28460,0,0,946c7b43c3c7b583cdd2cc158d5075c41f481cca09d32fe7ede01d078026a4ac,2023-03-24T14:57:49.207000 -CVE-2023-28461,0,0,8b0adc1d5b81e6cc1c246f63a1c61a07015d02a5b4e245a85738a03c3ddf0557,2023-03-24T14:57:23.997000 +CVE-2023-28461,0,1,cdb7df662931ddcfc218678780d0ee5b5dbff11c1dcf1d160d42f4ab9672482f,2024-11-25T16:15:07.803000 CVE-2023-28462,0,0,2e19120130c69bbcf347fab95b0e8c139f8b88e9e8bf09f2cd8f0d3aa1bc78bf,2023-04-07T17:19:22.730000 CVE-2023-28464,0,0,cb3ff9a13e0f593237f005a371ce64a52ab72b86a221c83df504e264520ebe96,2023-12-22T21:04:49.027000 CVE-2023-28465,0,0,06c8e63c2eb4a5851617744052850dfe59bf346dbe17e85c1e39e4479aeba7f3,2023-12-15T16:35:16.623000 @@ -232860,7 +232861,7 @@ CVE-2023-42884,0,0,bed7198535b5cba9276d20f66ff616d2faf4f0a5887d3d5dd42b85360bafc CVE-2023-42886,0,0,faa2fe35ca8d8aee7429d5275a743bca80950675c9b4a574a1f22f2be135e149,2023-12-13T18:14:03.663000 CVE-2023-42887,0,0,6a183a6bbbb784cf3ff7a27ca6dc2d91b7b7c3f3cb1bda7867c2939a5f6180bd,2024-01-26T20:51:20.893000 CVE-2023-42888,0,0,b067218531e45be7cc34fa1275d3c2b57f0925c26eb93740839a000d9953633b,2024-01-26T20:53:27.637000 -CVE-2023-42889,0,0,1649dc73df9490d9ce669184ee1d4b8722c3b17f66d00680b3c3c34df498b755,2024-02-22T19:07:27.197000 +CVE-2023-42889,0,1,49fa37f2dfa32d26e6ee6ce67b641ea912ea5a03dcc0438db897091bb965b5fb,2024-11-25T16:15:09.197000 CVE-2023-4289,0,0,97e9dbfb002f991c9b0c7bb56513ad2ad7a34e2cc2f1908f40b15808fc4c7b13,2023-11-07T04:22:25.410000 CVE-2023-42890,0,0,53f9bd40d8d0f96f9f6543dcc5925d3ff1f33138300a4d36e7353088fc83c101,2024-08-28T15:35:01.817000 CVE-2023-42891,0,0,9e832a9c79650ad0321f807def388413064ff2ab68c6ecbf9bb18e2496c75004,2023-12-13T17:46:10.560000 @@ -234285,6 +234286,7 @@ CVE-2023-45176,0,0,a61dfa2d9b85c4035ee4f53a67472362d3029b10806406b738df8f3c6e710 CVE-2023-45177,0,0,1522899346cd3c131fcde5459531cd4721deaffbfa71f019f9aa738a0039cadd,2024-03-21T12:58:51.093000 CVE-2023-45178,0,0,ca1b903491707040a9504676f79a0721406442bf8af2b195c6625a81aa8f9d09,2024-01-12T14:15:48.183000 CVE-2023-4518,0,0,43f4e0122a02971ba0d3d5eb018e77f4bc79eab555e88cc8f0b831d351817e75,2024-09-23T13:15:04.467000 +CVE-2023-45181,1,1,55ef708296f82ff856862879993427f746561e37ac2495035df298356a45ab93,2024-11-25T16:15:11.273000 CVE-2023-45182,0,0,459ff8fb1f8eace3111477735ae0f4d7a053a5d052e1583355cb1b367dc6d92c,2023-12-18T19:40:38.003000 CVE-2023-45184,0,0,b3e47d92bcab0547069a2333689b3af7ab83805d314b57779db786e493b5ee7e,2023-12-19T01:52:29.017000 CVE-2023-45185,0,0,8c1f4adb8456f325126fdde0688910b38cd7029ac25cfdbabafd5ab2c845b263,2024-04-30T15:15:50.887000 @@ -235406,7 +235408,7 @@ CVE-2023-46701,0,0,c993cdb7f2d00fd0716469e8470716bc552f328a6be789e0faed0fa989840 CVE-2023-46705,0,0,c7ea8d379391e309f56d1ff001dff1dfa7b20f92bdb526a859f02a5eb5f033ed,2024-09-09T12:21:53.383000 CVE-2023-46706,0,0,20f7d32673063429867b9c4f04c9667fe14aef468627e1a04d8c5a202f108bf4,2024-08-02T21:16:07.820000 CVE-2023-46708,0,0,183bc5d8c4de1e293fe29932a6f78142b13af9f77d3b97e558fab6fdb5b66356,2024-03-04T13:58:23.447000 -CVE-2023-4671,0,1,0b86e40d05aea310ca18723025768f56024f0c444df95a9b1ee2629a0cbe6a70,2024-11-25T14:15:05.850000 +CVE-2023-4671,0,0,0b86e40d05aea310ca18723025768f56024f0c444df95a9b1ee2629a0cbe6a70,2024-11-25T14:15:05.850000 CVE-2023-46711,0,0,b25bd52de55a3b0eb1d5fb1644425bcc37122b6f1c14841a1f487f9e05ae8639,2024-01-04T02:45:03.603000 CVE-2023-46712,0,0,070b2cc30185e3cef57c2bc99674ca3ce6da3ecfc0459ae21abdc4357c7197c7,2024-01-17T18:25:21.613000 CVE-2023-46713,0,0,4d1982060b9af1f91354c1a5dd3a3e3755258b8cb12afb63716b7a7248b3ee6b,2023-12-19T18:59:02.837000 @@ -238221,7 +238223,7 @@ CVE-2023-5079,0,0,bfc2ec8a0b13f58240a31ff53e9efdd5860ac1c14419b874e37b25eb37d0f7 CVE-2023-5080,0,0,e74b710ac5ce55c8b64e5a605db4534fb958b292680076cb58f4eecbcfdcbd8a,2024-09-16T15:15:15.590000 CVE-2023-50803,0,0,39b8457e6689f19cf0cfb42bf6f8f9bc85c44a7256b507e6e2e5e4502e82fde8,2024-06-25T21:15:51.453000 CVE-2023-50804,0,0,39f75e54eac34ee2309659a8b63ea3ce44f3663e0d436459f4acb23eb679f665,2024-06-27T16:42:15.310000 -CVE-2023-50805,0,0,6a1b68eb1c84b0e9c0411e8c2b1c211a94333de961886c775bd464a3e1dc9ade,2024-07-11T13:06:13.187000 +CVE-2023-50805,0,1,e4a7b77c782a7eb27b6729443616103c49071e1ec2325233f5e283c2dac6bca9,2024-11-25T16:15:11.600000 CVE-2023-50806,0,0,ecfb4db274c5901b7304546aec7b66276cb9bab5714351e0c4fb60a29c3cf84b,2024-10-25T18:35:02.050000 CVE-2023-50807,0,0,49d7ddd672f2ace5a4bacad8e9a69ecb67c1f752bb20673689176d58cf559602,2024-07-11T15:05:15.990000 CVE-2023-50808,0,0,eb111853188ca06e9540385134be25115b61d3ae24652382189ac577efef0822,2024-10-17T14:35:01.797000 @@ -238788,7 +238790,7 @@ CVE-2023-5161,0,0,54d57d98bc24ce673ce185f8db8385951ab5c099ea08d75b47219a1ada967f CVE-2023-51610,0,0,f6fbb4fa4f462d37842170b4ae9d42bef08e33bf28abf73e11d435d73b1367c8,2024-09-18T19:15:40.517000 CVE-2023-51611,0,0,86b9ce3eaf5bb17ab2ddd11cefc4563208b6c30e764a746a5dc695a36b8a4e58,2024-05-03T12:48:41.067000 CVE-2023-51612,0,0,ea5662e82a12149baea659e83b27fef3f60e97d21160cc1b1b1a0b032c4da17c,2024-05-03T12:48:41.067000 -CVE-2023-51613,0,0,b188414efc908391ba591a52dcd05ad4726c6c2e7fc678c7e92f955dbaf56dea,2024-05-03T12:48:41.067000 +CVE-2023-51613,0,1,204964b6b01aa2fae016f1d2778bf8bfc6567feacf26693205f81edbf8067eaa,2024-11-25T16:58:48.337000 CVE-2023-51614,0,0,b0fd1aad102a9f618f5c0f51ce8c8cbb8e4bdf3779b3bccd2c05fe2ea006702c,2024-11-22T21:33:25.047000 CVE-2023-51615,0,0,5e231501476cddd4b20f203f23cc88ecf7cd08634ee659c6cc1e0689ad468df2,2024-11-22T21:33:38.363000 CVE-2023-51616,0,0,eb0f682cd2e626370ad2dc72983b82c0c4d6c10224e010e7ac08e8bffecacc29,2024-11-22T21:33:56.320000 @@ -238800,16 +238802,16 @@ CVE-2023-51620,0,0,ba4721ea00f5e054eef2ede05701e5529f144bd917b754a955d02da4268c9 CVE-2023-51621,0,0,9abb3a5f398d9948c94df626e38e6b0272fd6bd21ef0e5a3d796c19be62a8e4f,2024-11-22T21:35:14.677000 CVE-2023-51622,0,0,8c0a23155c10d22d2b68cc9c5515a72196b8109df68c01d81250a6ea1eabc4ac,2024-11-22T21:35:25.933000 CVE-2023-51623,0,0,10786ab31b32248bfcd1001db811c190df89693e43860ff71dd71f2d8e1b50a0,2024-11-22T21:35:38.853000 -CVE-2023-51624,0,0,ddef01f94211ef1db5013904f89aaadf6ad6dcb414adc24ccd5c0b0cb749d10f,2024-05-03T12:48:41.067000 -CVE-2023-51625,0,0,ef24db15c030d06611b2955b0877964c7a17efe7fad5407b26a081d48a704fd5,2024-05-03T12:48:41.067000 -CVE-2023-51626,0,0,b1c03dbbec4b974d37d71dcc178068b7abec4076c19ca5d25cbd7860c07ed7f4,2024-05-03T12:48:41.067000 -CVE-2023-51627,0,0,6348fec9fce4446add0b1af0f6a80a2980b8fb6b2a9c33611f7ca1614926089b,2024-05-03T12:48:41.067000 -CVE-2023-51628,0,1,0247cbc18bc596bc611dc7e5285e36e06a9420995fff780bc74ad1299db0fe35,2024-11-25T14:56:30.943000 -CVE-2023-51629,0,1,8502b59116121aea1595a3360ddf2c62ec993bdef5c84cf8574877b52fcab99f,2024-11-25T14:39:27.587000 +CVE-2023-51624,0,1,4e39f6de29513e4c1632ada86d248ac7a85442e07e0407bea248caba652f02da,2024-11-25T16:43:13.800000 +CVE-2023-51625,0,1,c9cd0ba9ae994713ff364355e6769cae0af511ae9d4a1a3389f2a6838ab1e3a7,2024-11-25T15:26:34.007000 +CVE-2023-51626,0,1,2f7334db1c59339493983e7dcc6872fd93065109ec3c8216937479e529cee2f1,2024-11-25T15:20:40.707000 +CVE-2023-51627,0,1,545bf186ea33742285a7c220db9d75812525c0421797ce402a32bf6a16529977,2024-11-25T15:05:46.023000 +CVE-2023-51628,0,0,0247cbc18bc596bc611dc7e5285e36e06a9420995fff780bc74ad1299db0fe35,2024-11-25T14:56:30.943000 +CVE-2023-51629,0,0,8502b59116121aea1595a3360ddf2c62ec993bdef5c84cf8574877b52fcab99f,2024-11-25T14:39:27.587000 CVE-2023-5163,0,0,32f802f2d81cce00d8030983d09b355a4727156443c4195e1059ca6c8c9f301e,2023-11-27T22:10:37.123000 CVE-2023-51630,0,0,568c422ef237c630154cdbc6adbbecb7517e5faf3354491cf3dd8b9408c9fe6e,2024-02-15T17:15:20.487000 CVE-2023-51631,0,0,8000cb3ad7441ca551b8a4d132230d7760bfe920adf723ac6ea97697cfdc3c6a,2024-05-02T13:27:25.103000 -CVE-2023-51633,0,1,c65e9f457e7fa99c41539c48110e16a37541cccf46bf2b08367938e982631573,2024-11-25T14:09:45.733000 +CVE-2023-51633,0,0,c65e9f457e7fa99c41539c48110e16a37541cccf46bf2b08367938e982631573,2024-11-25T14:09:45.733000 CVE-2023-51634,0,0,87571f92e08ba4123c44b16684256e6dec1ef6057cd05d26680ba94de7d19958,2024-11-22T20:15:06.050000 CVE-2023-51635,0,0,660964526af298972b1cf9b066e557b2201f0121c04485dfd5c2925b5aa2c6b3,2024-11-22T20:15:06.167000 CVE-2023-51636,0,0,1d3aff896d9973e6be32d061f0f24bf58f77afe985f6425470a66bc0478e3b63,2024-05-24T01:15:30.977000 @@ -240576,7 +240578,7 @@ CVE-2023-5985,0,0,60af0cd2cd77f1dd699f02a5d8cab511a678637669261049ae9a39a602b204 CVE-2023-5986,0,0,3209820a9eb3bd80910bd32d0ed92fe84ae001addd9e1dda6af8bbe04f6a28cc,2023-11-30T15:24:25.580000 CVE-2023-5987,0,0,8a386562cb5f2bf32bb0f3048cbaa68eae57fa94d57aadd86d3a46be07c3ce4b,2023-11-30T15:05:45.607000 CVE-2023-5988,0,0,e8870fe285335fc9ce27fd61b5356b88284d0d9de295811057ae9832cb67e1bd,2024-01-04T14:43:29.267000 -CVE-2023-5989,0,1,fcd113561e6c70bc7f8d728687a2777561f95467e6d87448cdb6e2a0b4201672,2024-11-25T14:15:06.137000 +CVE-2023-5989,0,0,fcd113561e6c70bc7f8d728687a2777561f95467e6d87448cdb6e2a0b4201672,2024-11-25T14:15:06.137000 CVE-2023-5990,0,0,15ce5aec00c7b53e458575c1bf06462b3643079b31aca67ca329b5e17aebb001,2023-12-08T14:32:27.447000 CVE-2023-5991,0,0,53ad6ba66617388676db7532ed8835e282a5dd8dfff15947bac31665750497dd,2024-01-02T20:49:50.667000 CVE-2023-5992,0,0,89014b5a90cddffc4e92782c319b1123b3b73fe015e6577eb84795ec814d5287,2024-10-09T15:07:19.680000 @@ -240622,7 +240624,7 @@ CVE-2023-6037,0,0,64f4ad52fb4acc00baed6bbfdf7dce01bf4ebf4db6912c1d3649458f97d661 CVE-2023-6038,0,0,8768be36e71173b4770cb92877d06dafed621d93624a0b2767e2ef05fc8e0bd9,2024-04-16T12:15:08.780000 CVE-2023-6039,0,0,cb40afc45334b480f355050d0c59c160d8a64ca923211ef3163e81949e123561,2023-11-16T17:59:48.420000 CVE-2023-6040,0,0,bf1fb6f83f2a47a3ec4f6dba46af90a4c091065cdd225020a20fe7495d7adb0a,2024-08-27T15:15:30.177000 -CVE-2023-6042,0,0,a5af299b7e4938d6b1454de2838a7d40e4f554e2989c8c6c38fe49068eafcfdb,2024-01-11T19:57:29.590000 +CVE-2023-6042,0,1,39f35d33fdb8d6e553345209af0ca7af4cc9a006092c5015698c7c8f033b5ee1,2024-11-25T16:47:33.943000 CVE-2023-6043,0,0,8d8887811eaceb1320ad09920d820a72afab16f49f3194f4a1f0a45a8b1f039f,2024-01-26T16:03:21.607000 CVE-2023-6044,0,0,f48871ebaaf45238c34428d45492bdeca4439fb21a1fde867542c6d14f4bcb20,2024-01-26T15:56:47.883000 CVE-2023-6045,0,0,82200279cc60c9e26d51c5aef1ea92064cc2cd961452454410cd1d7c55d0e09c,2024-09-09T12:21:53.383000 @@ -241426,11 +241428,11 @@ CVE-2023-6955,0,0,420440748656e126e770528f4f21acf39271d7ccbc4fe920c15d66b4294a7e CVE-2023-6956,0,0,ebab8c4d5b24405f0d58e5a99fa9a736eda2c65adad9bc90f9186d3a4f452f2e,2024-07-18T15:59:12.007000 CVE-2023-6957,0,0,07959fb3f32e925a62f4301abfce36bb0dff388d72f0d4f67e8b6a8fe0020487,2024-03-13T18:16:18.563000 CVE-2023-6958,0,0,dfa9f23d52119de772dd91366d6bc1b2e70ca715d55949e74432bb3d34dda7cd,2024-01-24T20:47:14.900000 -CVE-2023-6959,0,0,96b18c24aedfbe73c0e4fe4e1964e1cd30e76197a68db626ad57d5c0bae8b12d,2024-02-14T17:01:57.227000 +CVE-2023-6959,0,1,20ccafff48302194f7fd5f772fce706a89fb15489c7f7265b4f1dd1f6f4ea96c,2024-11-25T16:47:33.943000 CVE-2023-6960,0,0,888cf22446dd7655a6247c88ca2ff27fead22d6d6ecc0c6c10ab9a0c1723c39d,2024-08-01T13:45:49.250000 CVE-2023-6961,0,0,43d4b56c87de087240bd914171c41ee9cfc77338524ac0adf913d00076762fe6,2024-05-02T18:00:37.360000 CVE-2023-6962,0,0,986479cdf0104030985cc73b8c5cd922aed26e09aac7f4f0ca21a4d53b3d6646,2024-05-02T18:00:37.360000 -CVE-2023-6963,0,0,5d78e338c4f8af8931aea1f2dde5afb8bbdfc8f31ec8fab4d6db3d80bfcdecf2,2024-02-14T17:05:16.533000 +CVE-2023-6963,0,1,0c819b75531b4e70bc2e9de5294f139d5654ff9e8c914723eed35e2343fb8db7,2024-11-25T16:47:33.943000 CVE-2023-6964,0,0,6b353abfee4e0f60ba07ed53b519d8cdcc5c6e3e583c876cd6af699df966c5a5,2024-04-10T13:24:00.070000 CVE-2023-6965,0,0,f49ac78940fe244c72647e51516e80a6e573f5fa400fc7065d825c4c692cabcd,2024-04-10T13:24:00.070000 CVE-2023-6966,0,0,9a012b06da86b8f395f403fc3c8f5013317bd371eadeddb21759c85700f73992,2024-07-15T18:55:57.513000 @@ -241738,7 +241740,7 @@ CVE-2024-0018,0,0,eb1e6beb7617de808c00f24002cfa4ad37cdeb05dc3559f2748a83507aca8f CVE-2024-0019,0,0,99addb01bdd59dfa56c3bb78510b54e791e3b9af747d8108035ab5d4ed5b10b6,2024-02-16T21:39:50.223000 CVE-2024-0020,0,0,e73ca517c90039568523c56c44f0cf8b451388b3358b22e01f666a71e39cd157,2024-08-01T13:45:54.660000 CVE-2024-0021,0,0,35bc8c578cc0cec7a2154a7bc3054d93602e915964abd6edd058f93c9e8b6d66,2024-08-28T15:35:10.670000 -CVE-2024-0022,0,1,331d6115ffcfe949b7cecde01a1dc1640758dec20b3f35584ab54d0b06061cd4,2024-11-25T13:52:21.147000 +CVE-2024-0022,0,0,331d6115ffcfe949b7cecde01a1dc1640758dec20b3f35584ab54d0b06061cd4,2024-11-25T13:52:21.147000 CVE-2024-0023,0,0,0ae19107c0f009088c14cc9607c2fcb734bab1e5ea02d37a78e27ee1213b97f1,2024-08-21T20:35:01.700000 CVE-2024-0024,0,0,5fb9489ab6bda1953438739836edf4a6b94bd74733037853a8a3c897eda90f7b,2024-07-03T01:44:32.010000 CVE-2024-0025,0,0,d28de8c9f19ab5ba79d0474f043c936cf414f4247e50396a672a60bd3b9be766,2024-08-01T20:35:09.143000 @@ -243511,8 +243513,8 @@ CVE-2024-11393,0,0,bb5cf4b536c1929831f7187a9de9dcd6cddda5d9feab9b5dc675b1046c1bf CVE-2024-11394,0,0,a51438d64c72e0e16d73fd06d60be4810cb98d4da7680e7c092afb2b22e578c4,2024-11-22T22:15:07.223000 CVE-2024-11395,0,0,e97b88024677a483ae4a42afe9a8440978faa48e4e721bb1c822953f8252b946,2024-11-19T21:56:45.533000 CVE-2024-1140,0,0,346c2ed0aaabc419b4aefe2cf8513b81b972566618f29982168bc7166c832ab2,2024-02-27T19:17:32.253000 -CVE-2024-11400,0,0,68517feb9a17e8334cb49d2e9635846cb9ffcbcacaf62470ee1bd79105ecd1d9,2024-11-19T22:15:19.740000 -CVE-2024-11403,1,1,aa2618a7b6d3af70c8c76936e7400798cb8fc2bbb8402d3422568e8b944ad335,2024-11-25T14:15:06.310000 +CVE-2024-11400,0,1,2b6a39a96cf5696646b5b9e32fab47bfc23a160a64905ed162280ce11db7d350,2024-11-25T15:02:53.013000 +CVE-2024-11403,0,0,aa2618a7b6d3af70c8c76936e7400798cb8fc2bbb8402d3422568e8b944ad335,2024-11-25T14:15:06.310000 CVE-2024-11404,0,0,525efe85caba48797a4f541c0d9d8e5e1135b7d4afff8a5c0abba9ca32591f5c,2024-11-20T14:15:17.750000 CVE-2024-11406,0,0,d4abbee85b1f77460ba170fa7cbcf81435244eeb65babfc1772879a68307a74f,2024-11-20T12:15:18.890000 CVE-2024-11408,0,0,54146805a36bac284d40e39c15c15c6876d5afc53f160d33d40768ebebc9eab4,2024-11-23T05:15:06.990000 @@ -243543,7 +243545,7 @@ CVE-2024-11492,0,0,5e600b547b478d48564c1c47f07d82105e0d39b9512c1f854b307052cab97 CVE-2024-11493,0,0,bf4f0f877d2f5cb02e47eed13d91bb60cbb26843625614fc7fab8174917d484c,2024-11-22T18:07:31.973000 CVE-2024-11494,0,0,5890d4fb88df3d8f55b6792aa5c18e107344b1b8b9d64b1485bac263c175d055,2024-11-20T10:15:05.920000 CVE-2024-11495,0,0,79062961a6b5f76603192d58576bb23157ae662ae3c66c7b46038e4fdb4d0e00,2024-11-20T13:15:04.197000 -CVE-2024-11498,1,1,a8ac2c30c03f42b9942a8db1241cf2182e07c4915a2b1066626b489721900469,2024-11-25T14:15:06.607000 +CVE-2024-11498,0,0,a8ac2c30c03f42b9942a8db1241cf2182e07c4915a2b1066626b489721900469,2024-11-25T14:15:06.607000 CVE-2024-1150,0,0,b47a3c09b3a331a50594ab70df2061c7818f30992462806b6f5b7a310a00b60b,2024-02-15T17:42:08.113000 CVE-2024-11506,0,0,4c7ec94842471c431cd212c6943e02a7dfc411145d8209ad357ca05b0b5e8d8f,2024-11-22T21:15:08.743000 CVE-2024-11507,0,0,9d175120b6e707cc8e6e9224cab720d52e5dabd0dca50b8fa35967b0537f6f4b,2024-11-22T21:15:08.867000 @@ -243641,13 +243643,13 @@ CVE-2024-11619,0,0,a4838d434b8c8bb61e21ea750aab44437d9c4068a035e504d5209865637cd CVE-2024-1162,0,0,6517ec14e6db831ee5a33abab5e0e4729a77c306548683589462e3183aa8cdb4,2024-02-08T14:22:37.180000 CVE-2024-1163,0,0,23d47391c7884329270abc739e0d42e17852ac69017fc11ff4fa38853ad7cf71,2024-11-03T19:15:04.143000 CVE-2024-11630,0,0,124823e79cad8f52614d45dfbfa425539f468c43cf02153ebcf347d478214259,2024-11-22T22:15:13.637000 -CVE-2024-11631,0,0,9ebe73531e51a1771718cb549457c48a65acbd625e83ab9343b7ecd4358369ed,2024-11-23T12:15:19.760000 -CVE-2024-11632,0,0,f74a4d2cf78dc36a74361dd247f960dc4582b1ede59db63229ef494a01a0b990,2024-11-23T14:15:17.880000 +CVE-2024-11631,0,1,570ceb0c85d63bd361de89b3e02d09184658915631c383aecab754524c3a2fca,2024-11-25T16:54:46.333000 +CVE-2024-11632,0,1,8edb73f8418ace86236ba956d8491424810c23a2e18945d058b1e1e3e75bf17a,2024-11-25T16:50:43.257000 CVE-2024-1164,0,0,ccdaeeda02ae302b7582e035c96145e342a579b2b0fb5245fe0e2c3517f4c5b6,2024-06-11T17:14:02.340000 -CVE-2024-11646,0,0,f4b4da012892d94557570f554f7057dcbae784e404750d9d3c2e5f388db9f2ae,2024-11-25T00:15:03.743000 -CVE-2024-11647,0,0,fe080422adc3d9d603a1b179a0f457c6cc306a87d96d19562cc8f48edaa2efa0,2024-11-25T01:15:04.033000 -CVE-2024-11648,0,0,cba39d867b84fdb234a7d89e4a84b8a9aa7f03b417ce1c4fc7943cb0c1f8ea5d,2024-11-25T01:15:04.687000 -CVE-2024-11649,0,0,11e656117bec6e11fae1eb3593d3bf557b3593d1a7a450730052db5d2dda48b2,2024-11-25T02:15:15.883000 +CVE-2024-11646,0,1,b2891164a39c25d2fa53a65f4b329cb1c73caac3a31639e7b4bbc1c59b376703,2024-11-25T16:49:56.377000 +CVE-2024-11647,0,1,5fef3a2788feb739ecc5043b64bfcdcd72f581cff57eecbc508436bf5d08eb70,2024-11-25T16:49:24.083000 +CVE-2024-11648,0,1,ec8d331f7da601df15f7ee6f28e6911e13e4712baf3a7f8d3e7582c3b9dd2b55,2024-11-25T16:49:02.417000 +CVE-2024-11649,0,1,3b1fddc050c08a5b08022eb64a44287283ef6ca99ffd88a2d2e2d5a03e9e1e12,2024-11-25T16:48:37.237000 CVE-2024-1165,0,0,4c65f8011ae90263b8016fe4b3c081ae16e06c35df8b6a0c8887bb2b34e5f4fb,2024-02-26T16:32:25.577000 CVE-2024-11650,0,0,a19ff6244bafe8da49623d3f6c9494917d32382199f9c9df21bc1a8b68eb25f1,2024-11-25T03:15:06.707000 CVE-2024-11651,0,0,a7063f71fb443dbc88a86942922fb99e879b1c44522ad7f0d5b12db0f9744596,2024-11-25T03:15:07.973000 @@ -243668,6 +243670,9 @@ CVE-2024-11664,0,0,f7e3e3893aefbf47475119b5cc15d35a6bf3fef30ce727b8b58d082d35066 CVE-2024-11665,0,0,432484acd0139af98341fd7fe90b0662197ea5956295af2989047d68fc0277cd,2024-11-25T00:15:03.957000 CVE-2024-11666,0,0,2250b20e698d0c0188636489287d2b59448a3bc6ff2a33a1b94eca03d876ba25,2024-11-25T00:15:04.040000 CVE-2024-1167,0,0,ed50fa0852f2fbdcdff47243517d528056863b720fcd10bdada66efed3504e8a,2024-02-09T20:20:51.900000 +CVE-2024-11670,1,1,da97a331b546adbf73f2b38147c185b1f7045c13e5878ca1de4e9a941cf83c83,2024-11-25T16:15:12.173000 +CVE-2024-11671,1,1,2a848a6848b80400aa90b2c3b0c7ecb0e441d08b7c46c02bce24a9db5fb40c2c,2024-11-25T15:15:07.040000 +CVE-2024-11672,1,1,fec61fa755cf3a8eb093f92ea0e0800a792cba8a001d7c9836b12057beb752ba,2024-11-25T15:15:07.180000 CVE-2024-1168,0,0,b74b0b0c267c02c66f0f474186eac7335d29517290a9638a292d9de8edcd7c5d,2024-07-11T02:52:36.687000 CVE-2024-1169,0,0,a43d6b50f47e310e039f1575550f9d1fe159a31a77f5a57027ebd3dc489ff540,2024-03-07T13:52:27.110000 CVE-2024-1170,0,0,ef14266ea2026fd1e77d96d081d12f376a313e532bfd85bbf7562d8a6e990ca2,2024-03-07T13:52:27.110000 @@ -247086,7 +247091,7 @@ CVE-2024-23353,0,0,42262e339e6d366aad6563a1c652fb13cd05cc4bec16ee2f618cb8406bd6e CVE-2024-23354,0,0,d3fd9daa791ee33342cb497a5681a0dd81bdad9861bd30e5715b0971cd859b7b,2024-05-06T16:00:59.253000 CVE-2024-23355,0,0,806003886385d4b2d2deb76639f7ac6521417b8f1f254f8866cb7d5e1943e0c5,2024-08-06T16:30:24.547000 CVE-2024-23356,0,0,ff70554acf59c1511306d60d5d4f6094d2f59484c1ed44203c726f1a849f127f,2024-08-06T16:30:24.547000 -CVE-2024-23357,0,1,b1e28e668f4eb8557de39f6ab71fd2f2ec033d7309b2596bde84dc120958522e,2024-11-25T13:28:29.360000 +CVE-2024-23357,0,0,b1e28e668f4eb8557de39f6ab71fd2f2ec033d7309b2596bde84dc120958522e,2024-11-25T13:28:29.360000 CVE-2024-23358,0,0,ec566399a5133d43cd800d26f189ec15b38485096e7cee1475fd84ffd959fd21,2024-09-03T12:59:02.453000 CVE-2024-23359,0,0,f653a63fc54e0e61e79052d04881e3a671ec7cee02c524d2227c31693a3548df,2024-09-03T12:59:02.453000 CVE-2024-2336,0,0,ee2ed99bdbb77ed98426fec739627a0e0294ad75ca24e044dbbf3ddb7c699139,2024-04-10T13:23:38.787000 @@ -249899,7 +249904,7 @@ CVE-2024-2713,0,0,e2342976127d7e6781324eee189df9e87a74bb9c1408b340d411faa4a12560 CVE-2024-27130,0,0,536ba84e44f1b39ccd708bbac556c22b4a414189a9907fbad36fac1cb7a016a5,2024-09-11T13:39:08.997000 CVE-2024-27132,0,0,c5cfdc93a4a30eb4ada1b68dc89dd72224529d7dc99c692ce9a1a016e1ab521d,2024-02-26T13:42:22.567000 CVE-2024-27133,0,0,6574fdde089b4683da8bd06069d4a01e27d182b9361898f9a2a8686337a251e3,2024-02-26T13:42:22.567000 -CVE-2024-27134,1,1,1cf911d8427ee9cabc069506830bd685882f18ed1d53d7a2ed36a37663d6c2ba,2024-11-25T14:15:06.867000 +CVE-2024-27134,0,0,1cf911d8427ee9cabc069506830bd685882f18ed1d53d7a2ed36a37663d6c2ba,2024-11-25T14:15:06.867000 CVE-2024-27135,0,0,8f681cbd0423d5edcf1af419653a19c055e013668588c5e21fc1acd9f7af97d0,2024-05-01T17:15:30.087000 CVE-2024-27136,0,0,27208b55e838e26e8744f0daba44f78d1e5c27e433ec8142f38052cb8e098b97,2024-10-17T13:47:39.417000 CVE-2024-27138,0,0,1f057fc4a86e32fdd3cbe80da63722cbc73089ddadbb43b1562d5d847b0f5599,2024-08-21T21:35:04.820000 @@ -250002,7 +250007,7 @@ CVE-2024-27228,0,0,5262c725eb223b05821eaec558c5d806b0071760b0a14d4556c2fbb1a42bc CVE-2024-27229,0,0,b8b459ee0fc242831e7e68eb1fe9ed70ba0320038a180145828d0bdce79101e7,2024-03-12T12:40:13.500000 CVE-2024-2723,0,0,a5d6e6fcb13799b6bac3165664e5b326db07e4b162d1f25e3d1dd5f10681ec04,2024-03-22T15:34:43.663000 CVE-2024-27230,0,0,88b39cd1454faf6416d3a6ba7200a6d0a1063eefbd9e9f88e3222f1d6afdc5db,2024-11-14T21:35:04.697000 -CVE-2024-27231,0,0,cb6c833d389f9377c9592e3868a50b649339743a051bcf66fdda4f2a40b61535,2024-04-08T18:49:25.863000 +CVE-2024-27231,0,1,d8b2d97e5660ff4673b72a0d9d6ef48029433941ff7be081ddb1db8348a72ddf,2024-11-25T16:15:12.423000 CVE-2024-27232,0,0,64ecd9a830c9b30b766707b244dd77aa970adc2152fb16fddd12d23820aced02,2024-04-08T18:49:25.863000 CVE-2024-27233,0,0,4f805b66de1371a2d4417bd116c04ac1324a59b0f4fedad25c9d0195537442f4,2024-08-05T18:35:11.120000 CVE-2024-27234,0,0,1b0ad16da90d4d5fdb81d47fff8f9573f537fbee16c19c1920ac4110156ba7b1,2024-11-04T17:35:12.957000 @@ -250072,7 +250077,7 @@ CVE-2024-27309,0,0,18416b733d6ac4edeb2af296593281a1b6deae1e8a8956ba324c7cabf7f2e CVE-2024-2731,0,0,e2947075d94f67fb0f516acc3c39fdd257b6a53a447028317b4bd1e85304e9ee,2024-04-10T19:49:51.183000 CVE-2024-27310,0,0,571965cb3265e429f2057ff75976d47193fff880bf258b625e085a3f07ad7b3c,2024-10-07T20:15:04.920000 CVE-2024-27311,0,0,3441ff0e665052a7fb86a3589fae526973b499df9f488dcbbb9db7b9aaef9973,2024-07-18T14:09:40.923000 -CVE-2024-27312,0,0,6dcf45e70b4a491cb37b0fe8148947a4c13962093d3f0a4f91a958171446925f,2024-10-07T12:15:12.563000 +CVE-2024-27312,0,1,44ad9df6373c37d335fa110f1ccf73e3064c9d69081ddac9cedf52edbde67366,2024-11-25T15:14:53.217000 CVE-2024-27313,0,0,f9f7791913eb1885e62d83245c35ccba6d007456c7c99efcf6385be05af20927,2024-06-07T09:15:11.917000 CVE-2024-27314,0,0,507bfabf98c061d8de81cbc1d95b3b58842135d25b3a81edb36b7651b27ac69f,2024-07-03T01:50:30.720000 CVE-2024-27315,0,0,db9af09723fb011b8182b6b5bab4f2fc859959fe0ca51aeffec2764eb351e8f1,2024-10-03T13:15:14.710000 @@ -250494,7 +250499,7 @@ CVE-2024-27901,0,0,7b06fae9467006c18ceee57d1cb054462f92404e00919c92c5179777cfbbb CVE-2024-27902,0,0,cf303beda4f8d4d9a07f999c75e97958c265bcde9b8d48f8f915bd30d541f272,2024-03-12T12:40:13.500000 CVE-2024-27903,0,0,7a16b56caf0aadbdfc143727319a91c26c6417220b554521d1e591b4babb7dec,2024-07-11T14:46:26.300000 CVE-2024-27905,0,0,b007cbbd0683fb72ec6a5db786c9c4d47fcb6048ae5dcb8851d46b1a89439247,2024-08-02T01:15:42.030000 -CVE-2024-27906,0,0,97db0744843f13fb0cf1d6631e7648c6ea2ed51ac2b3c967607a8165c8586d2c,2024-02-29T13:49:29.390000 +CVE-2024-27906,0,1,4cb1bf03d4362bb82f27c3fc5616e325b1f5b0c074bb55a94886eb6f57770429,2024-11-25T16:15:12.653000 CVE-2024-27907,0,0,665becf063e38021c77d8567eafb4cfde9012aa9e5f2ff52b45354cada16677a,2024-03-12T12:40:13.500000 CVE-2024-27908,0,0,3241ca39ccff4fff26d10715dd0c806c47f3e26d7e3304c90e96bb32bb0598ea,2024-04-08T18:49:25.863000 CVE-2024-27909,0,0,b075bf844a7dd1fa40f47f9a0d3299d09d1738685b413b6873dcfe65df7f7f03,2024-04-08T18:49:25.863000 @@ -252319,7 +252324,7 @@ CVE-2024-30420,0,0,c7aa765232ba482242d297cfff54623d69e480ef9ec026f910cf7643167f5 CVE-2024-30421,0,0,38d079b732a725b98c99fa6075b2f70c78aac1ea39a1e592d0f5fa7cadf0ec52,2024-03-28T12:42:56.150000 CVE-2024-30422,0,0,60be97e329a95b7adfcb5b64dd5d4834eb184c7233f1129ee8af63f3e0f95146,2024-03-28T12:42:56.150000 CVE-2024-30423,0,0,5c329ade542241c2bfb9bb711657fe27dfedc75940bf241818dd0c4f5202f245,2024-04-01T01:12:59.077000 -CVE-2024-30424,0,0,c3da8c494a0f72044134eeff522f1013d327ff2eef52b731fad992866fa03562,2024-11-19T22:15:20.103000 +CVE-2024-30424,0,1,f07332c15d30bcad6579234e680b6c6593791bcaa134e3b11f35d474de23157c,2024-11-25T15:07:22.740000 CVE-2024-30425,0,0,0537847ee1841fbbd816251fa4aa21db1a543942bd18d73e2e4033f3b5a951c9,2024-04-01T01:12:59.077000 CVE-2024-30426,0,0,99f7bfcbe721282099eef96c34e9ad1f438d16bedf0a7b71582b3d2abe26d362,2024-04-01T01:12:59.077000 CVE-2024-30427,0,0,b7cece5c261a0e1a32a230e535252a83f52728fdb6359760af120ee9a1b0f4ae,2024-04-01T01:12:59.077000 @@ -252625,7 +252630,7 @@ CVE-2024-30848,0,0,e520fc03d7d120883158934b80667a2b4d6398e475b39bea0f39a4affc9e9 CVE-2024-30849,0,0,4b2a4ccd593d26ef45288147032dbc711b9bbef7de8ea7827855efca75655daa,2024-08-01T13:50:28.983000 CVE-2024-3085,0,0,509209dfddf53f9b46075ed419de44cbb1f67edbb1a1b964fb67c8391adf6753,2024-05-17T02:39:42.607000 CVE-2024-30850,0,0,c1ef257dd5e33e880b36cd35ccee098b89832c161bbe3dd2489cb767eeacade1,2024-08-21T20:35:03.010000 -CVE-2024-30851,0,0,50f4be60cfd340e55ad1701da02739f1151719e7af37a9957f274744dd91c34b,2024-05-06T12:44:56.377000 +CVE-2024-30851,0,1,a111cfdd82ec7fab436b2f15be443767a1daff9511cf9277daf0bc5ef623dcfb,2024-11-25T16:15:12.930000 CVE-2024-30858,0,0,93e0a53927efd0637571ec0f8079f664a09ad42dbc1f395dcf941f97a4b21575,2024-08-01T13:50:29.850000 CVE-2024-30859,0,0,cb3a05b13bb3d557f99196539489ef40266ca1d1884c327caec647dd84413ea6,2024-08-16T19:35:10.010000 CVE-2024-3086,0,0,bf4cb4e0e77596531b4d2ac34fc073ac688bdd0873b18b3978dd0f7954009022,2024-05-17T02:39:42.693000 @@ -255215,10 +255220,10 @@ CVE-2024-34388,0,0,a46e041f8ac8e5546be9b9eae595fada7823779c1eb7f0e971ee9aa18b93e CVE-2024-34389,0,0,ea067096e4443a8a7348aa8a6eb36101658eac805d9c1f3009370b3c7433b145,2024-05-06T19:53:38.797000 CVE-2024-3439,0,0,5b40d6c21ac80c27430bcddd2a6b9ce0cab93a68b2c6525020183da820d58678,2024-05-17T02:39:56.277000 CVE-2024-34390,0,0,d226b418ae0ac66205b75d2061f00f86434d2d8398035e5837e56e870303b11e,2024-05-06T19:53:38.797000 -CVE-2024-34391,0,1,705f19075146f7f6b346a1ff41f10c9bf2fc0d08d692b2fc736ec7725283a7cf,2024-11-25T13:15:04.370000 -CVE-2024-34392,0,1,c4333ebc33adfa99d46dcfcca1d44cc72ee4fce260ccc458c35327a2af91777c,2024-11-25T13:15:06.017000 -CVE-2024-34393,0,1,18625fc639b8d6b3e4496484fd5980a2e2eada59ffa85127325ba43635ea27dd,2024-11-25T13:15:06.223000 -CVE-2024-34394,0,1,647ac6329affaece23b1fe2180bdba8eddba78096d087554becdb52ae33a46b1,2024-11-25T13:15:06.407000 +CVE-2024-34391,0,0,705f19075146f7f6b346a1ff41f10c9bf2fc0d08d692b2fc736ec7725283a7cf,2024-11-25T13:15:04.370000 +CVE-2024-34392,0,0,c4333ebc33adfa99d46dcfcca1d44cc72ee4fce260ccc458c35327a2af91777c,2024-11-25T13:15:06.017000 +CVE-2024-34393,0,0,18625fc639b8d6b3e4496484fd5980a2e2eada59ffa85127325ba43635ea27dd,2024-11-25T13:15:06.223000 +CVE-2024-34394,0,0,647ac6329affaece23b1fe2180bdba8eddba78096d087554becdb52ae33a46b1,2024-11-25T13:15:06.407000 CVE-2024-34397,0,0,fbe115fc17ef3ae402335dbe24a2a48fe58cd8036552f43e922fe8ad96767329,2024-11-15T18:35:32.760000 CVE-2024-34399,0,0,b575bfaa23d53510470a68bea01ab071e8876f6597cd9250405e7f9141fb6390,2024-09-20T12:30:17.483000 CVE-2024-3440,0,0,534ad01cc4d99b7aec93fa9eb5959ed4cc5d68a1c33a8c467ae485dbc87a6451,2024-05-17T02:39:56.370000 @@ -255951,7 +255956,7 @@ CVE-2024-35398,0,0,a491584c9df6e11fdb2efbaa9a24ed323ffdfc3c73ef67e6f6aad4d4001ef CVE-2024-35399,0,0,2798c646f651db550053d76944a2539fc365c03ae0c3f02c62b58f01dbc5e617,2024-08-01T13:52:39.410000 CVE-2024-3540,0,0,186925567bcf9baf46d3085185099882e7fa1b9d0d70f71c95c65e0aa39f03d3,2024-05-17T02:40:00.280000 CVE-2024-35400,0,0,97d7d19e3adccff63ccd0444ae15a57d17e947877cac30747756fdc9f28e68e8,2024-11-07T21:35:08.720000 -CVE-2024-35401,0,0,e20c7deeda0300f83b1078cc4b3716ac7ed24c4deff40921468ca6f87181fae3,2024-05-29T13:02:09.280000 +CVE-2024-35401,0,1,d29d759087db1fab80b9b2bcd20c7eda418ffa2910aebd184ed756295a523506,2024-11-25T16:15:13.167000 CVE-2024-35403,0,0,4d9a98843a184aa3f7fed28ea2e26cfcf04b1cff379a69b2f7e72017e9a927ab,2024-07-03T02:01:44.377000 CVE-2024-35409,0,0,c1e09f17fc040d1a54c6ca919b4e6df91e3a03195ff96673036c48a4d8f8f539,2024-08-20T15:35:15.637000 CVE-2024-3541,0,0,14abae851d976e531eb89e36d00e68f1b4222a58cf78e09467f8f13cc823ff73,2024-05-17T02:40:00.373000 @@ -262857,11 +262862,11 @@ CVE-2024-45182,0,0,e32901d25899173bbdbcd4da8de2dfd78b6a7db5248414eaa56acb1cb3e78 CVE-2024-45184,0,0,4b6497f365552ae587c6f2bb1b9a699bbd0812ac854bb52824296d2cb32eb74f,2024-11-06T17:35:34.223000 CVE-2024-45185,0,0,72bf9a166165415f673b127935e481d1ba969f414b40f9d8d7aa157b9fd36cb3,2024-11-06T19:35:16.420000 CVE-2024-45186,0,0,77c3f8977c3993383fb80894e402f55d5d22584cb41b5e73c31c8d88ae8792cc,2024-10-04T13:50:43.727000 -CVE-2024-45187,0,1,84c31e9028ffb8b6715341f3c882a6c58514685dd078f9763de3e66fcbeb73e6,2024-11-25T13:15:06.577000 -CVE-2024-45188,0,1,2cdc1ddd3c947e0ee8d98d6801559aeca159e1c9707481b8a048746b0b2c5918,2024-11-25T13:15:06.770000 -CVE-2024-45189,0,1,37cbfbc1af46dc8182e86472f37a08d678374650208836cb2671644fc22b1a19,2024-11-25T13:15:06.940000 +CVE-2024-45187,0,0,84c31e9028ffb8b6715341f3c882a6c58514685dd078f9763de3e66fcbeb73e6,2024-11-25T13:15:06.577000 +CVE-2024-45188,0,0,2cdc1ddd3c947e0ee8d98d6801559aeca159e1c9707481b8a048746b0b2c5918,2024-11-25T13:15:06.770000 +CVE-2024-45189,0,0,37cbfbc1af46dc8182e86472f37a08d678374650208836cb2671644fc22b1a19,2024-11-25T13:15:06.940000 CVE-2024-4519,0,0,5f7c1c0aa362af4fc3ba7e1d12e176f4028e88f0167af6f63c30c7ec7da86837,2024-06-04T19:20:41.127000 -CVE-2024-45190,0,1,4911f4c587d4e025428690f1b1d4d89ed0c4131ac8533649cf619b1aa4a0794c,2024-11-25T13:15:07.130000 +CVE-2024-45190,0,0,4911f4c587d4e025428690f1b1d4d89ed0c4131ac8533649cf619b1aa4a0794c,2024-11-25T13:15:07.130000 CVE-2024-45191,0,0,8443e43b9d82a04b48d8323217dfce6e3ba39e3927d895a09997e10b54894a70,2024-09-10T19:35:09.727000 CVE-2024-45192,0,0,7ebf90a7dd47be6e13a820a7a55bd25a33fd9e3b9dd577584cb0c6cebe7114d8,2024-09-10T19:35:09.943000 CVE-2024-45193,0,0,aad683d38855495998b9aca0a814babde19e695a0d6614e90cdeda08f7f96a08,2024-09-10T19:35:10.143000 @@ -265697,7 +265702,7 @@ CVE-2024-50062,0,0,fb76c5d17773e9b99ba2a7f2c28322bbec6aca19454d77f6ffd53fa694af6 CVE-2024-50063,0,0,a5c7c4f7c284c069c3c3ba5dc2512cf03b36da5352fce4a1513dd1ca1cffea42,2024-11-22T17:26:31.070000 CVE-2024-50064,0,0,0fbb48f98a0eb4f4ff5ac7ecc0e869de5fbcd36b7eb760b827cf0f646f0d7eab,2024-10-23T21:49:29.423000 CVE-2024-50065,0,0,acca9cf28f900ef40d178c4343451c865da897e4de8fb20ebb290b68db23ec11,2024-11-20T20:07:01.320000 -CVE-2024-50066,0,0,d0e501f58bd6f38f5b1d58dc50f5e2b22a164a5bf2573828f71dbe425d21b038,2024-11-22T15:15:13.947000 +CVE-2024-50066,0,1,a867e4a9abf96e6fb775bada218d6ea4ffc7e992f59041dc291c8b76ad09def9,2024-11-25T15:15:07.570000 CVE-2024-50067,0,0,cd7f92b058928f9381866d19ee3707f46c9ff67524491021fd1106cc3aa345e8,2024-11-17T15:15:19.113000 CVE-2024-50068,0,0,b357b7d6a2971d612ca74bbd17c1e805d468b220432de66ab123477d4c8a0299,2024-10-30T16:57:35.427000 CVE-2024-50069,0,0,f0efb37fce406b5577ae6affb711463f72093df862fef1ce6ec787e41a622262,2024-10-30T16:58:19.983000 @@ -266669,7 +266674,7 @@ CVE-2024-51663,0,0,520a8635ff522fdc65658b7a70adf68b74653e7c0896676e8030c7152d369 CVE-2024-51664,0,0,731666371e8e1d3dea3af653d547a841307a12b3ed3c176b0312ba2fc0f9e478,2024-11-18T16:55:08.183000 CVE-2024-51665,0,0,836ecda2a38ee75dca042d09339ec8247ed79262a6a8d01bd25035a2e84a5ce0,2024-11-06T22:07:10.707000 CVE-2024-51668,0,0,4ac7d5e93cb809510601d69159928326b54ee48272274d0a2c08f9b129fc4bba,2024-11-18T16:51:31.227000 -CVE-2024-51669,0,1,146fd2b1440fb06706ab2c39b22b343b1368d86257bd9ab27c58a899cf22817d,2024-11-25T14:46:27.873000 +CVE-2024-51669,0,0,146fd2b1440fb06706ab2c39b22b343b1368d86257bd9ab27c58a899cf22817d,2024-11-25T14:46:27.873000 CVE-2024-5167,0,0,a26d674346a63d8730649864e3fcc22e33fb8b5877ed990bcd49874aef8d8c48,2024-08-01T13:59:41.660000 CVE-2024-51670,0,0,6b1c3ded81e899ea83f78c72687b003b0add9ee5b9d5d075c91040d8d36272c7,2024-11-12T13:56:24.513000 CVE-2024-51671,0,0,c2b47e208a89f2d52b8003b112cfee6156d0beda5573c395d93f4b59159329e4,2024-11-19T21:57:32.967000 @@ -267082,7 +267087,7 @@ CVE-2024-52388,0,0,ce55e9ed17a8a219c7a6d58feeab474f1ffe6318e7d3b7af4a0fad8a1b577 CVE-2024-52389,0,0,45c3dbe55b03e4244fb557ced10b2ff6045b3c06dace6b2480576e225e242515,2024-11-19T21:57:32.967000 CVE-2024-5239,0,0,22096f8834a8c03dcb48be161c14c319f43af7764381bdfba5862a8d7ec5b0e4,2024-06-04T19:21:03.520000 CVE-2024-52390,0,0,329d0b054464eea04d3562054e61eef5352bd4724e52422640112f3a8757b4ba,2024-11-19T21:57:32.967000 -CVE-2024-52392,0,1,2937e05a19d20ef3a0322f939c3ee2fda5ccf73589e6f92a257dcce73fe6f038,2024-11-25T14:37:05.867000 +CVE-2024-52392,0,0,2937e05a19d20ef3a0322f939c3ee2fda5ccf73589e6f92a257dcce73fe6f038,2024-11-25T14:37:05.867000 CVE-2024-52393,0,0,544c9a3bd507c14f5bd824b3ace32c372ff7d621dec666c2268e7d1fbb090c75,2024-11-15T13:58:08.913000 CVE-2024-52394,0,0,5df60d6781cdc08049f606f6ff49915647c229d8ab43b74ded6e2c363c2448e5,2024-11-19T21:57:32.967000 CVE-2024-52395,0,0,1862360cad439c79aa69bcc60ecb5b8ef5710a2fd2adf64660ae0ecfab59894e,2024-11-19T21:56:45.533000 @@ -267209,14 +267214,14 @@ CVE-2024-52572,0,0,c0e0fc96131cfde3245d161e47af7d9dec01580e56aa338c8a414865df238 CVE-2024-52573,0,0,7ffccf8870901c006a7f33dc1d8f91b9d66ed7ff0d296ac84a25af9c21b99120,2024-11-20T14:32:11.853000 CVE-2024-52574,0,0,08a31b1207ac9954890db3514da1b5bfbbffb60d94a65f2e19cf3704e3894c71,2024-11-20T14:31:47.103000 CVE-2024-5258,0,0,51134eb56f05332c584317818ff995de56b2de598a9752cb1990f31f73c535e3,2024-05-24T01:15:30.977000 -CVE-2024-52581,0,1,81637fedbcbc81a7273478a0b47010cade6002e188c29a9498f893901c400065,2024-11-25T14:15:07.077000 +CVE-2024-52581,0,0,81637fedbcbc81a7273478a0b47010cade6002e188c29a9498f893901c400065,2024-11-25T14:15:07.077000 CVE-2024-52582,0,0,062f12e1e823d51d2f1a33f66443e047c3af587e7890e11c0a77ee9784e71f0b,2024-11-19T21:57:32.967000 CVE-2024-52583,0,0,331a75eedc8c50395b086e90133cf1403c288043391a827605fb5f0e36a935a2,2024-11-19T21:57:32.967000 CVE-2024-52584,0,0,f9af502174e9cbaf3af41cffa948a31db901e8cef9cc90ef382afc2b118a4c62,2024-11-19T21:57:32.967000 CVE-2024-52585,0,0,ae573765d0059b6c237eb866187766f9c4c0b67ec566925f547df71f0cc9aee7,2024-11-19T21:57:32.967000 CVE-2024-52587,0,0,4ff6d32c0cce5d4db211ff88731438a9a256421cd5f2b2cabeafbdadc8a29ef5,2024-11-19T21:57:32.967000 CVE-2024-5259,0,0,b3c664cd11ddb9db1b34b50011b18499fc5ac06e8b6b6a588e8cf7d8bc26fc37,2024-06-11T17:44:42.783000 -CVE-2024-52595,0,1,8a7985528b5682db55ae119b7b5e36765ed6db59aa7644e450a4161b96108d1c,2024-11-25T14:27:38.087000 +CVE-2024-52595,0,0,8a7985528b5682db55ae119b7b5e36765ed6db59aa7644e450a4161b96108d1c,2024-11-25T14:27:38.087000 CVE-2024-52597,0,0,0dc15f04b10696c300efbe4aac63baeff7d573b005de682671a7397a19d8fe4d,2024-11-20T14:15:17.967000 CVE-2024-52598,0,0,477258740433139def022fa49fc642fb7eea1c94a8945d9797525cab03b121cb,2024-11-20T15:15:11.667000 CVE-2024-5260,0,0,1ea9956e2812efb1ad02a50e6e15b3c5419e86ea96923b6afc83449c65511582,2024-07-02T12:09:16.907000 @@ -267346,28 +267351,28 @@ CVE-2024-53064,0,0,3bb033dc6aae86fa2e5ece446a8e8c6ad0cd30bf017ce16ad3ca01b8f35e3 CVE-2024-53065,0,0,50051ab04eb529a5f3837615462e27887f9fcc2921e459dafebab73a597de8c7,2024-11-19T21:56:45.533000 CVE-2024-53066,0,0,4f44670a2729bf575ab701426b4458a092dcdd97055977e93f4e9822063e34e0,2024-11-19T21:56:45.533000 CVE-2024-53067,0,0,2743b7cc2805b9791996ac1684922bb1283e7ee50839aa254a267908d281096c,2024-11-19T21:56:45.533000 -CVE-2024-53068,0,1,95394cfc5f32c3da29765a2447a20db757db3b341b809b278465ed9fe936dfb5,2024-11-25T13:43:00.467000 +CVE-2024-53068,0,0,95394cfc5f32c3da29765a2447a20db757db3b341b809b278465ed9fe936dfb5,2024-11-25T13:43:00.467000 CVE-2024-53069,0,0,f5c3dc08dd85594810e2e234abca83c46f325a99c8b12681eaf3a88411c504ff,2024-11-22T22:26:20.310000 CVE-2024-5307,0,0,9f60aac251e2e03d9552a0394a9c798214f03b8e43e7cbb0dd9de3359653dec5,2024-08-23T15:00:25.687000 CVE-2024-53070,0,0,1dbda718e453760e461d319055dcae3099cba98c4000aef775158e342ac0b1d5,2024-11-19T21:56:45.533000 CVE-2024-53071,0,0,33ad5da8002c3a0c9d64e8ddebfeae85f88c55b0cbce70c328e8d7bd3f2534af,2024-11-19T21:56:45.533000 CVE-2024-53072,0,0,7574f682813daa5c3ceccbe90cee77d4dd2e034f0e74c2f9b2968f1a96236995,2024-11-19T21:56:45.533000 CVE-2024-53073,0,0,e3aa308560cd3dd6cc47506b206af45b2d1fbdac14a2b750af9e9fe9cfd6eb02,2024-11-19T21:56:45.533000 -CVE-2024-53074,0,1,a5befe099246b6e79e3ccd6574afa6c7cdf657f4d54fbf716c577f3e4ea9a0be,2024-11-25T13:51:28.137000 -CVE-2024-53075,0,1,b8a47df9f6008c83b93e2abefdeadbc449d2b3e2a3dcb44f41e184a3b9508346,2024-11-25T13:58:31.503000 +CVE-2024-53074,0,0,a5befe099246b6e79e3ccd6574afa6c7cdf657f4d54fbf716c577f3e4ea9a0be,2024-11-25T13:51:28.137000 +CVE-2024-53075,0,0,b8a47df9f6008c83b93e2abefdeadbc449d2b3e2a3dcb44f41e184a3b9508346,2024-11-25T13:58:31.503000 CVE-2024-53076,0,0,0be57ac15a64c608a1e52bd99fe58bd7fdd85d1305039bc11b5396e02cea259c,2024-11-22T22:24:24.607000 CVE-2024-53077,0,0,f28436e3547a098b80bc29c6ba6263f592026da63ae3b3be2bac52a9cd398691,2024-11-19T21:56:45.533000 -CVE-2024-53078,0,1,fb4576ab424097abb54c012dfd85f820fb3d67465f92657a79299e53e0dd3ac8,2024-11-25T13:31:57.063000 +CVE-2024-53078,0,0,fb4576ab424097abb54c012dfd85f820fb3d67465f92657a79299e53e0dd3ac8,2024-11-25T13:31:57.063000 CVE-2024-53079,0,0,feb4dd4b279da03f1175e573ff936491912f98a2521bb1b4a43e7053521e47ac,2024-11-19T21:56:45.533000 CVE-2024-53080,0,0,4f55f4219302c380e18d9d77a4d8b74dea1e1e7f2dd32de0e9052894f115605c,2024-11-19T21:56:45.533000 CVE-2024-53081,0,0,10191539bd50a09755c5ed23a69306ce5b4a7762ddfda305449650c7165c950d,2024-11-19T21:56:45.533000 -CVE-2024-53082,0,1,4300d5804f1739d010f3842a1f063115d30827a689b8acceb8e0ef0a875aec0d,2024-11-25T13:35:34.083000 +CVE-2024-53082,0,0,4300d5804f1739d010f3842a1f063115d30827a689b8acceb8e0ef0a875aec0d,2024-11-25T13:35:34.083000 CVE-2024-53083,0,0,14bc093b2d0dbf0b458e87cc263fff838a1c2b0f5030c72f49f5cbb2b92721d1,2024-11-19T21:56:45.533000 CVE-2024-53084,0,0,2cf825e9737c7232363a4d626913473a9390d79ca2cd868f24741a845042e35c,2024-11-19T21:56:45.533000 CVE-2024-53085,0,0,f5ae9e527b8added968192f657d0086aea0cdf66b8a2f3b5bd110693b68524ad,2024-11-19T21:56:45.533000 CVE-2024-53086,0,0,8225327c6a29b2be37353ff40cf0c511301db44cf4b7f474bd5ea225dd664d0a,2024-11-19T21:56:45.533000 CVE-2024-53087,0,0,25d166e1e025b5c54c21d08e3702ec93800f086873c5592df1f0003384d2c224,2024-11-19T21:56:45.533000 -CVE-2024-53088,0,1,4acb4616433d03d93155294bc2ab962b7dfb65d296dcbedc7f5afde9bb86fb35,2024-11-25T13:38:07.723000 +CVE-2024-53088,0,0,4acb4616433d03d93155294bc2ab962b7dfb65d296dcbedc7f5afde9bb86fb35,2024-11-25T13:38:07.723000 CVE-2024-5309,0,0,c9aea77aef389557d90d6203c5980313f972101a7c87b26eeedeec9679d42fb3,2024-09-11T16:33:17.950000 CVE-2024-5310,0,0,be68f6d898e4e59f65162318c0ea0836be8ef675c080dff90d77e5a0c98b0b1e,2024-06-04T19:21:04.583000 CVE-2024-5311,0,0,4e4e9b4edb642fa4d04760ded51b93254fd12f5bde190a96e2c1818c58cf4797,2024-06-03T14:46:24.250000 @@ -267617,7 +267622,7 @@ CVE-2024-5559,0,0,ff51559fb7e7362b104a8f1f28895eef2d8f7eb659f926ae6c1cbfda694d48 CVE-2024-5560,0,0,002123ffc16696131d663e9c06724d8fb4501ef3ca4bc4191b4229c106e3346c,2024-07-25T19:59:58.017000 CVE-2024-5561,0,0,2402f729a9a78ea1b47f81300264ab035c7edbdae352c0f0ab2db6bebdbfe723,2024-10-07T17:45:29.950000 CVE-2024-5564,0,0,f4d47902a90dbb93559c7fd22e2dd25c0de5924fe13b2f49f31df78ea2a71a6f,2024-09-16T21:15:46.417000 -CVE-2024-5565,0,1,16883f1a148c5fd957f21fa3dcbaeff04674fee74132d712ba663094e81bce57,2024-11-25T13:15:07.310000 +CVE-2024-5565,0,0,16883f1a148c5fd957f21fa3dcbaeff04674fee74132d712ba663094e81bce57,2024-11-25T13:15:07.310000 CVE-2024-5566,0,0,c0477f9a669450d35fa5ea491716b2362e467b6bc96edf26617c593b80eafd26,2024-09-17T16:42:01.030000 CVE-2024-5567,0,0,9ddf51d47c18911d8595764dd1c47ae2dfcb1e356c8316a1d8b3323d4510dd43,2024-09-26T18:27:51.817000 CVE-2024-5569,0,0,b9fd3bed59b5f668c54b0264622201b8600e789b08e0f56eae05ce6b6e8c76ce,2024-07-09T18:19:14.047000 @@ -268365,7 +268370,7 @@ CVE-2024-6389,0,0,97619f937594e57440ea9f8cb3d55fe9ec171c40b4959fd4a8bcfb76e0e631 CVE-2024-6390,0,0,a350381d3f247972bbe468db9ec2332b3c135e89cdf36bdf1358f9f5965e67ff,2024-08-05T14:35:08.267000 CVE-2024-6391,0,0,f39301e9680e09028795caddd1f0219ac421e8fbe3773aa2e024531728c8f9e1,2024-07-09T18:19:14.047000 CVE-2024-6392,0,0,edc3ee0e5658afb33c71de43cf2ca6ea07650ea12323a6b995125316053d44cb,2024-08-15T14:56:16.490000 -CVE-2024-6393,0,1,72ad7025f7a779bb5c5c5945eb7b07a2c74bcca887cef4740d03a5325e23de6f,2024-11-25T14:15:07.280000 +CVE-2024-6393,0,0,72ad7025f7a779bb5c5c5945eb7b07a2c74bcca887cef4740d03a5325e23de6f,2024-11-25T14:15:07.280000 CVE-2024-6394,0,0,ac3b1d2e0af624503920e5a866ea41a1e7a192d616e1128676db976e0c511281,2024-09-30T12:45:57.823000 CVE-2024-6395,0,0,8949d2f54703284d3b545906a65282811d0c7a0bd7bd2d1ca2dc3e2d333d4c69,2024-09-17T16:30:03.617000 CVE-2024-6396,0,0,9e4b547b4d90c33704c90a7cfe67a136b4a49a6d0168d4ba570b6960a74fd1cc,2024-07-12T12:49:07.030000 @@ -268462,7 +268467,7 @@ CVE-2024-6502,0,0,7304740865a2d9646b306af4eab2981d10cf59323822892a921ddddc4962ea CVE-2024-6504,0,0,6666bb3ba2314d1147da34b1413146555668de024ce515e1e34c91b1fe32472b,2024-09-10T13:53:28.387000 CVE-2024-6505,0,0,2472b280b959c45a84076dc8298b1f0ea15132bfdd2f045bf3ab100aab446db1,2024-09-19T06:15:03.463000 CVE-2024-6506,0,0,58310ca3e68e3dacb16dafd9b32db187bdf111a88d3da008267c8c84bbec48d6,2024-07-05T12:55:51.367000 -CVE-2024-6507,0,1,b239455b8f5f1d3ac31fcc373caedee9bd82f1115157873594152d5689339b7d,2024-11-25T13:15:07.517000 +CVE-2024-6507,0,0,b239455b8f5f1d3ac31fcc373caedee9bd82f1115157873594152d5689339b7d,2024-11-25T13:15:07.517000 CVE-2024-6508,0,0,83afbbb0c300c926d75e43d120f11132485b3123bc7f3e14a9e5aa056ca1afd1,2024-10-30T11:15:15.220000 CVE-2024-6509,0,0,92d3e93ab6705f0d35db0981a843bd7a9f1569ff46afd64f08cc36099e50a2a5,2024-11-08T09:15:07.887000 CVE-2024-6510,0,0,5e8ec1aef4696d364d1cf0507192e6236a7f19c30decdfeea7966d96cda0feda,2024-10-02T17:17:46.450000 @@ -268850,8 +268855,8 @@ CVE-2024-6956,0,0,402b3b90bc0ef6eea6fea2da2c73e896560064f50f2a4d52cad793cf96bb32 CVE-2024-6957,0,0,b4f44e4de7831c46c7995591b032592b6aa63f3442f007561464731699c5213c,2024-08-21T17:33:42.753000 CVE-2024-6958,0,0,815ebcc0d5fc84aab6c67001f06fe76ce9152d116a343e60ea5524ee95f4434e,2024-08-21T17:42:29.697000 CVE-2024-6959,0,0,2d67cec9f4ab2f0a781639ad16c22336786de40cbbd62ec439be656e7c13fb4c,2024-11-03T17:15:15.193000 -CVE-2024-6960,0,1,8576a1f7d525eaf9b1bff8510981a8778bd372756af9c51f341acbbe80ebe03b,2024-11-25T13:15:07.713000 -CVE-2024-6961,0,1,e5f192c18b5d99367b661053e1f4c2f9500ccab5805b273912f2fcd2e6a72e95,2024-11-25T13:15:07.930000 +CVE-2024-6960,0,0,8576a1f7d525eaf9b1bff8510981a8778bd372756af9c51f341acbbe80ebe03b,2024-11-25T13:15:07.713000 +CVE-2024-6961,0,0,e5f192c18b5d99367b661053e1f4c2f9500ccab5805b273912f2fcd2e6a72e95,2024-11-25T13:15:07.930000 CVE-2024-6962,0,0,b8054e2d59ceccdcd4628c1dbc900d3f0c22ab58e2eaf33700d9d63f648dd237,2024-07-25T15:47:18.363000 CVE-2024-6963,0,0,9f0caaa27192dd5828a73618f480b0d55e017cc1128d5360802182c76c93fb85,2024-07-25T15:47:02.633000 CVE-2024-6964,0,0,815859cc57fe1a509677a232142e7af830e9bd80af5bd8fd21b38ac7c8d853ca,2024-07-25T15:46:37.340000 @@ -268922,7 +268927,7 @@ CVE-2024-7050,0,0,f402c0a89ba2917236fe6639793bd54ee4751807250eba7a4dde84d4a362ff CVE-2024-7051,0,0,d0158d1d3b2cdd12dcaf8ff0c61b0f7cdef559e08a0a05011bfe1940648c764c,2024-08-30T16:15:10.960000 CVE-2024-7054,0,0,c2f192d88d8b2a817d17540b8fda16fcd38e463cdb3b6d5e52e3cf243830add6,2024-08-20T15:44:20.567000 CVE-2024-7055,0,0,b0e8b0793ccc61abbc70699af6d91421241877ab1f640f57d490cff121ecbcd0,2024-08-06T16:30:24.547000 -CVE-2024-7056,0,1,37111c4650db136e01a7df187ccb4cc176759687434e3e54b1087b89a2bc4436,2024-11-25T14:15:07.457000 +CVE-2024-7056,0,0,37111c4650db136e01a7df187ccb4cc176759687434e3e54b1087b89a2bc4436,2024-11-25T14:15:07.457000 CVE-2024-7057,0,0,a6551db1efaa6d27001f0a9bd261718973ddbbed12b7a664704cb76182efd9f6,2024-09-05T17:33:21.630000 CVE-2024-7059,0,0,3a27a148befadf16acee7ebedbac795471021949159ba2ee559288c712f4b824,2024-11-09T23:15:13.563000 CVE-2024-7060,0,0,99f05c9e70d96dfd810da0f220a22b8ca1f2d257118941ef3fe99789faa8dacc,2024-09-05T17:30:34.897000 @@ -268976,6 +268981,7 @@ CVE-2024-7125,0,0,eeabb5486a5ad2f2094206d4f0142bb635fc7a57bcd2279354b026b1e44628 CVE-2024-7127,0,0,2842be40cd41bba2687b1d2d238a3a521369bfe05553f868496bd1f3f7f4951f,2024-08-23T14:00:59.740000 CVE-2024-7128,0,0,22b40e3236f05da8de2b73f629340b5796a3b45429dedc50864bf862ccb583f9,2024-07-29T14:12:08.783000 CVE-2024-7129,0,0,7be2af5cd46444dfa860a3986fbc878686c2d44c992fb72236870ca711446d78,2024-09-27T18:26:27.560000 +CVE-2024-7130,1,1,df719a75ea5241df27658111f029bd80ed4b26d7cb91d2956e994301c61dc32e,2024-11-25T15:15:08.260000 CVE-2024-7132,0,0,34e538992e1db50af40840562cffdd29291c9132a1cfa0259a3c665033fdd179,2024-10-07T15:44:37.107000 CVE-2024-7133,0,0,717bce18b1e84ac850eb1ced68f8178470529ff4827bef90b482d0644c3109d8,2024-09-27T21:27:50.053000 CVE-2024-7134,0,0,c5170ada8be1ea583d3dc92d1c0c20ff0ddcfa0f860d82c947cda0aff2380786,2024-08-21T12:30:33.697000 @@ -269170,7 +269176,7 @@ CVE-2024-7336,0,0,7039a792519f9f6bfd944e76e753e4868d6e66e426315a5e2732b19e5d26ad CVE-2024-7337,0,0,bb4e29754f24508ee03646d09f02a9e9792b2bdc0b40ad3f742f7daf359e305a,2024-08-09T14:15:19.283000 CVE-2024-7338,0,0,40f9236687cb1fba08bae47e5bce5fdf8596baa7faf10b9e6c7a335576e73829,2024-08-09T14:51:45.677000 CVE-2024-7339,0,0,57ec1e872e2326d7636a6cda3d278abfe9440d76240320c6c9e4335e8a941603,2024-08-23T16:53:31.643000 -CVE-2024-7340,0,1,f9e8415acfd277522f4538cfc21652e836935a0882b8f07a1dcf8ca17aa54e9d,2024-11-25T13:15:08.107000 +CVE-2024-7340,0,0,f9e8415acfd277522f4538cfc21652e836935a0882b8f07a1dcf8ca17aa54e9d,2024-11-25T13:15:08.107000 CVE-2024-7341,0,0,25486e0c62a073cedc2875fa674c65d8d7b971980408cb946009bfaf8f227166,2024-10-04T12:48:43.523000 CVE-2024-7342,0,0,92ad1e6857e9b0cace198602fda8e3b1ec6edbf7f40f7b078718810def4495b5,2024-08-15T18:40:22.537000 CVE-2024-7343,0,0,b6b73fa45089899a04dcf5d8ab6e4cd843be4b35e1b528d7d577722e09cd2c25,2024-08-15T18:40:52.707000 @@ -269781,7 +269787,7 @@ CVE-2024-8068,0,0,ff67245b19b7d21d2afc67837ac2c93ac177fb5d356e87334bd3a1d9d5ea42 CVE-2024-8069,0,0,9cc484ce45e2ef692951fa94c7892a728fd1a2b63d61cf30849697510352a1fb,2024-11-13T17:01:16.850000 CVE-2024-8070,0,0,fe9b454067f74b13c9d22e1bfea14cc77320169fffe5e56dce182517c870c1a6,2024-10-15T12:57:46.880000 CVE-2024-8071,0,0,ac7c2c7e7df896f6bfe7f17a6e74f8de236e5ec843865384cdf53fde1e533098,2024-08-23T15:34:53.913000 -CVE-2024-8072,0,1,24a41f18d01d5bb992074abb9a4807253d2869d95a9d077033e28738bc1bb9b1,2024-11-25T13:15:08.297000 +CVE-2024-8072,0,0,24a41f18d01d5bb992074abb9a4807253d2869d95a9d077033e28738bc1bb9b1,2024-11-25T13:15:08.297000 CVE-2024-8073,0,0,10b7625a2313189ee3b842662d1479fc9c76da034a2ab4b4a904df4cf34a67e5,2024-09-12T20:58:56.413000 CVE-2024-8074,0,0,24923037ac86eff3d0bb1829b0589ebe42d2dbb980e059a8ce242860a1a13fd9,2024-11-12T19:35:17.893000 CVE-2024-8075,0,0,ade4c273165c7aec4765c6326040b76c5f63a113e2ed288ff931d9df9094655a,2024-08-29T21:57:51.377000 @@ -271029,23 +271035,23 @@ CVE-2024-9728,0,0,41b00b90dc2575127c06fa90c02650769cd3afe1d58c058f5eafd9850fd2cd CVE-2024-9729,0,0,b7144399658b6122158b240c8009b380dbb643804ea7bde645367f9422c9a6cd,2024-11-22T21:15:26.270000 CVE-2024-9730,0,0,160997d3b401eb40b15b1ebe8fc1bbf584ed14255b2bc8ab797da0de7bf21b31,2024-11-22T21:15:26.383000 CVE-2024-9731,0,0,8fb76e12057f752ef20ab8ff8eb6cd614ca381636a4a9f13a41a9dcf4afc21f1,2024-11-22T21:15:26.497000 -CVE-2024-9732,0,0,89d89914b8065848e6f229f0479b78b928ce2993ad7cdfd9898f3b77e94d1da3,2024-11-22T21:15:26.620000 -CVE-2024-9733,0,0,5bf99dc06f834269985e34683da6c4c23b8c965811d3895721bdb98aca3f14f5,2024-11-22T21:15:26.747000 -CVE-2024-9734,0,0,5aafd1cabf4be5a7c656862b0128f93dc1e2578edbc4c2a0982a0055ccb6c672,2024-11-22T21:15:26.870000 -CVE-2024-9735,0,0,7aa4688afdd67626397aa77ca0980fdf9d1377b25cc13b1ed56409317cda40a7,2024-11-22T21:15:27.010000 -CVE-2024-9736,0,0,dbba1cb4b5aa823ffb8e0cb356879a3741f538a9da374fad4c29f306c3a180ba,2024-11-22T21:15:27.117000 -CVE-2024-9737,0,0,46969c74546f66972f90fb236138df7b53bf65a2be15713bfd9bc49d42fb5d33,2024-11-22T21:15:27.233000 -CVE-2024-9738,0,0,2e06a7aea7a9c854576fc4de04a5146886018d76e231fe37c11d28d3b3c0cf5a,2024-11-22T21:15:27.360000 -CVE-2024-9739,0,0,45efdbdb1c43ebf8837c45b091c7a8f81d9e459f09e710a312c077753181479b,2024-11-22T21:15:27.490000 -CVE-2024-9740,0,0,8f579f6bcd90b0dcde46685eb92e9a7fee35d595dd03437cf1beb963830c485b,2024-11-22T21:15:27.617000 -CVE-2024-9741,0,0,3bb3e8a01e5c04548c33bbb84f15b332df6bf4f5128976008b2c477a4edfaef3,2024-11-22T21:15:27.747000 -CVE-2024-9742,0,0,52fd3619faacd00923807679fc9ce80e5892459463391947d1bbbfb891d3f21b,2024-11-22T21:15:27.870000 -CVE-2024-9743,0,0,9575916756c0ce293c3cc5d6b549ae8f02689b4a125111df64e92cffdf7c4d50,2024-11-22T21:15:28.017000 -CVE-2024-9744,0,0,6f24bc7fdc7f618df26d8efc86ca439fe595a501656987c98b585bc0fbf8c6b8,2024-11-22T21:15:28.153000 -CVE-2024-9745,0,0,f08cc14d3f569fbd731872fcaec5cab6b8f80011b20bc3a4c335af49c62418f9,2024-11-22T21:15:28.297000 -CVE-2024-9746,0,0,896c28e00cf1e428aa7c08ba900076de3a7bfb07b4e696259f536aeb6b9c026d,2024-11-22T21:15:28.433000 -CVE-2024-9747,0,0,d25bdc6b5add1162f39073db78b616b9717089afd67fd1e1c1aebb588a3c8ad2,2024-11-22T21:15:28.573000 -CVE-2024-9748,0,0,453b017cd378805db84b0c2ad9c53a0b99af9467b0b8a0d03ce5ea59f1a0b337,2024-11-22T21:15:28.720000 +CVE-2024-9732,0,1,75bd8ccbafa1164fb2bc2e904c266ea5b3d4e844ff5a6bf81fa0506add0b3880,2024-11-25T16:12:03.470000 +CVE-2024-9733,0,1,943caa7e6e77cbb776d48ac36e054fad79c8ed0be0147a99afdf96d7c4d02ee4,2024-11-25T16:46:02.380000 +CVE-2024-9734,0,1,838ea6ade4b24efdaa7a8fc28d0795104002a85970ad65a5b9716373ea3c41b0,2024-11-25T16:45:50.453000 +CVE-2024-9735,0,1,af58c415355ad19e6aae8498658ab23a4759debe42aa7adbc41d7b30e595d136,2024-11-25T16:45:37.677000 +CVE-2024-9736,0,1,edc39976efad59bb5e1b9588b7d3f8c7a4b85148eb839065d777ea6d5289d4b4,2024-11-25T16:45:21.567000 +CVE-2024-9737,0,1,940a9692b147e65f2261ffe1afe85ee488e9093dede5a52c4d5946c9b58720b1,2024-11-25T16:45:11.627000 +CVE-2024-9738,0,1,ea947192a696d93537d648632d59407f5af9b435b9dc064342704e75f9c1a269,2024-11-25T16:44:57.730000 +CVE-2024-9739,0,1,f9167538a21275934008a4c3f2d85731818cff4c21bfa8e3ed9b1a0b9fec081d,2024-11-25T16:44:41.507000 +CVE-2024-9740,0,1,8aa43a964b653342da3af1338441ae7bd8382aa2cf7e90776386f103f3f86674,2024-11-25T16:44:27.720000 +CVE-2024-9741,0,1,ea9ab301e47f4a452e059ff9e57094e7a06922939415035c234a626ace6265f8,2024-11-25T16:44:15.387000 +CVE-2024-9742,0,1,d5827b0ec2f496ca5a869c616c0480279936689a28fb789f22b6725ce98b06d2,2024-11-25T16:43:58.023000 +CVE-2024-9743,0,1,4949af9572c68e4a058560077953903a5020b31220d4e950ebf3d3c08d3fea4a,2024-11-25T16:43:27.847000 +CVE-2024-9744,0,1,bc8a145310b9f256b7fac1134fd3963f1240d9b1689520844b4a630f65d22d2c,2024-11-25T16:43:10.790000 +CVE-2024-9745,0,1,6ccaa91421ef09d860a27c137d386ff5d553e01eee158f2e0ba9504deca527e3,2024-11-25T16:18:31.170000 +CVE-2024-9746,0,1,b4f1fa0cc11bdcb820b366461cebc840d4a807a8dfce7fb5abe5ea8a4b560b2e,2024-11-25T16:18:17.007000 +CVE-2024-9747,0,1,fc3d51dc8394edfbc7d16d5783941a46020e3f284171391bbe3e210537b65d27,2024-11-25T16:17:27.573000 +CVE-2024-9748,0,1,f1e93b3eb60a7a8af523dfc1a78d2562ae57bb30b46f9d7831074773fc675812,2024-11-25T16:16:04.847000 CVE-2024-9749,0,0,0858de91a5ca5972b8efc35c5807ce30db935b14174b2fee417e82fd4465519e,2024-11-22T21:15:28.850000 CVE-2024-9750,0,0,50c566919a51f8be3bc6653478c682f4aff91e0115b1409db9dcdbae4be42fe5,2024-11-22T21:15:28.973000 CVE-2024-9751,0,0,502422101dd37211c529eb60e9460f0029c22d0c958018c6e16b247d2c36a300,2024-11-22T21:15:29.093000