From 7e1f66661ee3013cdcbcc58079acad907279c7a5 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 5 Mar 2024 23:00:30 +0000 Subject: [PATCH] Auto-Update: 2024-03-05T23:00:26.286741+00:00 --- CVE-2019/CVE-2019-102xx/CVE-2019-10271.json | 12 +-- CVE-2021/CVE-2021-458xx/CVE-2021-45810.json | 10 +- CVE-2023/CVE-2023-288xx/CVE-2023-28892.json | 8 +- CVE-2023/CVE-2023-506xx/CVE-2023-50693.json | 6 +- CVE-2024/CVE-2024-13xx/CVE-2024-1356.json | 43 ++++++++ CVE-2024/CVE-2024-17xx/CVE-2024-1764.json | 32 ++++++ CVE-2024/CVE-2024-18xx/CVE-2024-1898.json | 20 ++++ CVE-2024/CVE-2024-19xx/CVE-2024-1900.json | 20 ++++ CVE-2024/CVE-2024-19xx/CVE-2024-1901.json | 20 ++++ CVE-2024/CVE-2024-207xx/CVE-2024-20747.json | 103 +++++++++++++++++++- CVE-2024/CVE-2024-207xx/CVE-2024-20748.json | 103 +++++++++++++++++++- CVE-2024/CVE-2024-207xx/CVE-2024-20749.json | 103 +++++++++++++++++++- CVE-2024/CVE-2024-21xx/CVE-2024-2179.json | 55 +++++++++++ CVE-2024/CVE-2024-228xx/CVE-2024-22894.json | 6 +- CVE-2024/CVE-2024-256xx/CVE-2024-25611.json | 43 ++++++++ CVE-2024/CVE-2024-256xx/CVE-2024-25612.json | 43 ++++++++ CVE-2024/CVE-2024-256xx/CVE-2024-25613.json | 43 ++++++++ CVE-2024/CVE-2024-256xx/CVE-2024-25614.json | 43 ++++++++ CVE-2024/CVE-2024-256xx/CVE-2024-25615.json | 43 ++++++++ CVE-2024/CVE-2024-256xx/CVE-2024-25616.json | 43 ++++++++ CVE-2024/CVE-2024-258xx/CVE-2024-25858.json | 20 ++++ README.md | 59 +++++------ 22 files changed, 816 insertions(+), 62 deletions(-) create mode 100644 CVE-2024/CVE-2024-13xx/CVE-2024-1356.json create mode 100644 CVE-2024/CVE-2024-17xx/CVE-2024-1764.json create mode 100644 CVE-2024/CVE-2024-18xx/CVE-2024-1898.json create mode 100644 CVE-2024/CVE-2024-19xx/CVE-2024-1900.json create mode 100644 CVE-2024/CVE-2024-19xx/CVE-2024-1901.json create mode 100644 CVE-2024/CVE-2024-21xx/CVE-2024-2179.json create mode 100644 CVE-2024/CVE-2024-256xx/CVE-2024-25611.json create mode 100644 CVE-2024/CVE-2024-256xx/CVE-2024-25612.json create mode 100644 CVE-2024/CVE-2024-256xx/CVE-2024-25613.json create mode 100644 CVE-2024/CVE-2024-256xx/CVE-2024-25614.json create mode 100644 CVE-2024/CVE-2024-256xx/CVE-2024-25615.json create mode 100644 CVE-2024/CVE-2024-256xx/CVE-2024-25616.json create mode 100644 CVE-2024/CVE-2024-258xx/CVE-2024-25858.json diff --git a/CVE-2019/CVE-2019-102xx/CVE-2019-10271.json b/CVE-2019/CVE-2019-102xx/CVE-2019-10271.json index e504cc015f3..f5f0a1f1af3 100644 --- a/CVE-2019/CVE-2019-102xx/CVE-2019-10271.json +++ b/CVE-2019/CVE-2019-102xx/CVE-2019-10271.json @@ -2,7 +2,7 @@ "id": "CVE-2019-10271", "sourceIdentifier": "cve@mitre.org", "published": "2019-06-24T19:15:10.553", - "lastModified": "2020-08-24T17:37:01.140", + "lastModified": "2024-03-05T21:11:12.187", "vulnStatus": "Analyzed", "descriptions": [ { @@ -15,13 +15,13 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -85,8 +85,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:ultimatemember:ultimate_member:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "2.39", - "matchCriteriaId": "725AC319-2863-4B03-ACF6-CAD5BC228E2A" + "versionEndExcluding": "2.0.40", + "matchCriteriaId": "A0451A41-7BA3-42DA-A431-52551BC7C4EE" } ] } diff --git a/CVE-2021/CVE-2021-458xx/CVE-2021-45810.json b/CVE-2021/CVE-2021-458xx/CVE-2021-45810.json index c22c0f4ad27..272c35ede0a 100644 --- a/CVE-2021/CVE-2021-458xx/CVE-2021-45810.json +++ b/CVE-2021/CVE-2021-458xx/CVE-2021-45810.json @@ -2,12 +2,12 @@ "id": "CVE-2021-45810", "sourceIdentifier": "cve@mitre.org", "published": "2022-03-22T11:15:07.807", - "lastModified": "2022-04-01T14:09:34.847", - "vulnStatus": "Analyzed", + "lastModified": "2024-03-05T22:15:46.827", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Multiple versions of GlobalProtect-openconnect are affected by incorrect access control in GPService through DBUS, GUI. The way GlobalProtect-Openconnect is set up enables arbitrary users to start a VPN connection to arbitrary servers. By hosting an openconnect compatible server, the attack can redirect the entire host's traffic via their own server." + "value": "GlobalProtect-openconnect versions prior to 2.0.0 (exclusive) are affected by incorrect access control in GPService through DBUS, GUI. The way GlobalProtect-Openconnect is set up enables arbitrary users to start a VPN connection to arbitrary servers. By hosting an openconnect compatible server, the attack can redirect the entire host's traffic via their own server." }, { "lang": "es", @@ -102,6 +102,10 @@ "Mitigation", "Third Party Advisory" ] + }, + { + "url": "https://github.com/yuezk/GlobalProtect-openconnect/issues/114#issuecomment-1914008203", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-288xx/CVE-2023-28892.json b/CVE-2023/CVE-2023-288xx/CVE-2023-28892.json index b89ac5bc8b9..c73adb27b2d 100644 --- a/CVE-2023/CVE-2023-288xx/CVE-2023-28892.json +++ b/CVE-2023/CVE-2023-288xx/CVE-2023-28892.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28892", "sourceIdentifier": "cve@mitre.org", "published": "2023-03-29T15:15:07.730", - "lastModified": "2023-04-01T01:39:10.697", - "vulnStatus": "Analyzed", + "lastModified": "2024-03-05T21:15:07.250", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -65,6 +65,10 @@ } ], "references": [ + { + "url": "https://forums.malwarebytes.com/topic/307429-release-adwcleaner-841/", + "source": "cve@mitre.org" + }, { "url": "https://malwarebytes.com", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-506xx/CVE-2023-50693.json b/CVE-2023/CVE-2023-506xx/CVE-2023-50693.json index 575aecb8743..3d648c59bce 100644 --- a/CVE-2023/CVE-2023-506xx/CVE-2023-50693.json +++ b/CVE-2023/CVE-2023-506xx/CVE-2023-50693.json @@ -2,12 +2,12 @@ "id": "CVE-2023-50693", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-19T20:15:11.917", - "lastModified": "2024-01-26T13:50:52.407", - "vulnStatus": "Analyzed", + "lastModified": "2024-03-05T21:15:07.367", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An issue in dom96 Jester v.0.6.0 and before allows a remote attacker to execute arbitrary code via a crafted request." + "value": "An issue in Jester v.0.6.0 and before allows a remote attacker to send a malicious crafted request." }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-13xx/CVE-2024-1356.json b/CVE-2024/CVE-2024-13xx/CVE-2024-1356.json new file mode 100644 index 00000000000..dc835bfaf1f --- /dev/null +++ b/CVE-2024/CVE-2024-13xx/CVE-2024-1356.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-1356", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2024-03-05T21:15:07.593", + "lastModified": "2024-03-05T21:15:07.593", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-17xx/CVE-2024-1764.json b/CVE-2024/CVE-2024-17xx/CVE-2024-1764.json new file mode 100644 index 00000000000..414b8abf3a1 --- /dev/null +++ b/CVE-2024/CVE-2024-17xx/CVE-2024-1764.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-1764", + "sourceIdentifier": "security@devolutions.net", + "published": "2024-03-05T22:15:46.947", + "lastModified": "2024-03-05T22:15:46.947", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper privilege management in Just-in-time (JIT) elevation module in Devolutions Server 2023.3.14.0 and earlier allows a user to continue using the elevated privilege even after the expiration under specific circumstances\n\n\n" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@devolutions.net", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "references": [ + { + "url": "https://devolutions.net/security/advisories/DEVO-2024-0002", + "source": "security@devolutions.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1898.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1898.json new file mode 100644 index 00000000000..f1469629513 --- /dev/null +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1898.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-1898", + "sourceIdentifier": "security@devolutions.net", + "published": "2024-03-05T22:15:47.020", + "lastModified": "2024-03-05T22:15:47.020", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper access control in the notification feature in Devolutions Server 2023.3.14.0 and earlier allows a low privileged user to change notifications settings configured by an administrator.\n\n\n" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://devolutions.net/security/advisories/DEVO-2024-0002", + "source": "security@devolutions.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-19xx/CVE-2024-1900.json b/CVE-2024/CVE-2024-19xx/CVE-2024-1900.json new file mode 100644 index 00000000000..7fe45e6cf0e --- /dev/null +++ b/CVE-2024/CVE-2024-19xx/CVE-2024-1900.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-1900", + "sourceIdentifier": "security@devolutions.net", + "published": "2024-03-05T22:15:47.060", + "lastModified": "2024-03-05T22:15:47.060", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper session management in the identity provider authentication flow in Devolutions Server 2023.3.14.0 and earlier allows an authenticated user via an identity provider to stay authenticated after his user is disabled or deleted in the identity provider such as Okta or Microsoft O365. \n\nThe user will stay authenticated until the Devolutions Server token expiration." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://devolutions.net/security/advisories/DEVO-2024-0002", + "source": "security@devolutions.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-19xx/CVE-2024-1901.json b/CVE-2024/CVE-2024-19xx/CVE-2024-1901.json new file mode 100644 index 00000000000..c51239f16fd --- /dev/null +++ b/CVE-2024/CVE-2024-19xx/CVE-2024-1901.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-1901", + "sourceIdentifier": "security@devolutions.net", + "published": "2024-03-05T22:15:47.103", + "lastModified": "2024-03-05T22:15:47.103", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Denial of service in PAM password rotation during the check-in process in Devolutions Server 2023.3.14.0 allows an authenticated user with specific PAM permissions to make PAM credentials unavailable.\n\n\n" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://devolutions.net/security/advisories/DEVO-2024-0002", + "source": "security@devolutions.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20747.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20747.json index a4e4607d00f..e80cdde88b5 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20747.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20747.json @@ -2,12 +2,16 @@ "id": "CVE-2024-20747", "sourceIdentifier": "psirt@adobe.com", "published": "2024-02-15T13:15:48.860", - "lastModified": "2024-02-15T17:15:09.063", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-05T22:17:24.763", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + }, + { + "lang": "es", + "value": "Las versiones 20.005.30539, 23.008.20470 y anteriores de Acrobat Reader se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso." } ], "metrics": { @@ -46,14 +50,105 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", + "versionStartIncluding": "15.008.20082", + "versionEndExcluding": "23.008.20533", + "matchCriteriaId": "003DFCB5-0AB3-4758-AB2C-C94EABA7CCF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", + "versionStartIncluding": "15.008.20082", + "versionEndExcluding": "23.008.20533", + "matchCriteriaId": "E194EB06-36A7-486A-A556-A4A51256C8F7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", + "versionStartIncluding": "20.001.30005", + "versionEndExcluding": "20.005.30574", + "matchCriteriaId": "D4DBB9C3-11E4-4F50-B7B8-B75DD384F8A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", + "versionStartIncluding": "20.001.30005", + "versionEndExcluding": "20.005.30574", + "matchCriteriaId": "F2BDF07B-649F-4C09-B8DD-458FF75ADB35" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] }, { "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1908", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20748.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20748.json index bea758261f3..8353b0be25a 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20748.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20748.json @@ -2,12 +2,16 @@ "id": "CVE-2024-20748", "sourceIdentifier": "psirt@adobe.com", "published": "2024-02-15T13:15:49.050", - "lastModified": "2024-02-15T17:15:09.160", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-05T22:17:26.913", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + }, + { + "lang": "es", + "value": "Las versiones 20.005.30539, 23.008.20470 y anteriores de Acrobat Reader se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso." } ], "metrics": { @@ -46,14 +50,105 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", + "versionStartIncluding": "15.008.20082", + "versionEndExcluding": "23.008.20533", + "matchCriteriaId": "003DFCB5-0AB3-4758-AB2C-C94EABA7CCF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", + "versionStartIncluding": "15.008.20082", + "versionEndExcluding": "23.008.20533", + "matchCriteriaId": "E194EB06-36A7-486A-A556-A4A51256C8F7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", + "versionStartIncluding": "20.001.30005", + "versionEndExcluding": "20.005.30574", + "matchCriteriaId": "D4DBB9C3-11E4-4F50-B7B8-B75DD384F8A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", + "versionStartIncluding": "20.001.30005", + "versionEndExcluding": "20.005.30574", + "matchCriteriaId": "F2BDF07B-649F-4C09-B8DD-458FF75ADB35" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] }, { "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1909", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20749.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20749.json index 5f44c3deb47..49761df5482 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20749.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20749.json @@ -2,12 +2,16 @@ "id": "CVE-2024-20749", "sourceIdentifier": "psirt@adobe.com", "published": "2024-02-15T13:15:49.237", - "lastModified": "2024-02-15T17:15:09.253", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-05T22:17:17.527", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + }, + { + "lang": "es", + "value": "Las versiones 20.005.30539, 23.008.20470 y anteriores de Acrobat Reader se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso." } ], "metrics": { @@ -46,14 +50,105 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", + "versionStartIncluding": "15.008.20082", + "versionEndExcluding": "23.008.20533", + "matchCriteriaId": "003DFCB5-0AB3-4758-AB2C-C94EABA7CCF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", + "versionStartIncluding": "15.008.20082", + "versionEndExcluding": "23.008.20533", + "matchCriteriaId": "E194EB06-36A7-486A-A556-A4A51256C8F7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", + "versionStartIncluding": "20.001.30005", + "versionEndExcluding": "20.005.30574", + "matchCriteriaId": "D4DBB9C3-11E4-4F50-B7B8-B75DD384F8A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", + "versionStartIncluding": "20.001.30005", + "versionEndExcluding": "20.005.30574", + "matchCriteriaId": "F2BDF07B-649F-4C09-B8DD-458FF75ADB35" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] }, { "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1910", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-21xx/CVE-2024-2179.json b/CVE-2024/CVE-2024-21xx/CVE-2024-2179.json new file mode 100644 index 00000000000..5115f0edd0e --- /dev/null +++ b/CVE-2024/CVE-2024-21xx/CVE-2024-2179.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-2179", + "sourceIdentifier": "ff5b8ace-8b95-4078-9743-eac1ca5451de", + "published": "2024-03-05T21:15:09.100", + "lastModified": "2024-03-05T21:15:09.100", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Concrete CMS version 9 before 9.2.7 is vulnerable to Stored XSS via the Name field of a Group type since there is insufficient validation of administrator provided data for that field. A rogue administrator could inject malicious code into the Name field which might be executed when users visit the affected page. The Concrete CMS security team gave this vulnerability a CVSS v3.1 score of 2.2 with a vector of AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N Concrete versions below 9 do not include group types so they are not affected by this vulnerability. Thanks Luca Fuda for reporting.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.2, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 0.7, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/927-release-notes", + "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-228xx/CVE-2024-22894.json b/CVE-2024/CVE-2024-228xx/CVE-2024-22894.json index 1030ab6e7c4..fdb760d4cda 100644 --- a/CVE-2024/CVE-2024-228xx/CVE-2024-22894.json +++ b/CVE-2024/CVE-2024-228xx/CVE-2024-22894.json @@ -2,12 +2,12 @@ "id": "CVE-2024-22894", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-30T10:15:09.833", - "lastModified": "2024-02-08T16:40:42.490", - "vulnStatus": "Analyzed", + "lastModified": "2024-03-05T21:15:07.790", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An issue in AIT-Deutschland Alpha Innotec Heatpumps wp2reg-V.3.88.0-9015 and Novelan Heatpumps wp2reg-V.3.88.0-9015, allows remote attackers to execute arbitrary code via the password component in the shadow file." + "value": "An issue fixed in AIT-Deutschland Alpha Innotec Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later and Novelan Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later, allows remote attackers to execute arbitrary code via the password component in the shadow file." }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25611.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25611.json new file mode 100644 index 00000000000..2351dfcc08e --- /dev/null +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25611.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-25611", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2024-03-05T21:15:07.887", + "lastModified": "2024-03-05T21:15:07.887", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25612.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25612.json new file mode 100644 index 00000000000..fc54b9a2914 --- /dev/null +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25612.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-25612", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2024-03-05T21:15:08.133", + "lastModified": "2024-03-05T21:15:08.133", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25613.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25613.json new file mode 100644 index 00000000000..ff22c64159d --- /dev/null +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25613.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-25613", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2024-03-05T21:15:08.307", + "lastModified": "2024-03-05T21:15:08.307", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25614.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25614.json new file mode 100644 index 00000000000..6824daff8ee --- /dev/null +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25614.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-25614", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2024-03-05T21:15:08.473", + "lastModified": "2024-03-05T21:15:08.473", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "There is an arbitrary file deletion vulnerability in the CLI used by ArubaOS. Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to denial-of-service conditions and impact the integrity of the controller. \n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 4.2 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25615.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25615.json new file mode 100644 index 00000000000..ffe3330e3c1 --- /dev/null +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25615.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-25615", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2024-03-05T21:15:08.637", + "lastModified": "2024-03-05T21:15:08.637", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": " An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Spectrum service accessed via the PAPI protocol in ArubaOS 8.x. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25616.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25616.json new file mode 100644 index 00000000000..acf6433889b --- /dev/null +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25616.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-25616", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2024-03-05T21:15:08.807", + "lastModified": "2024-03-05T21:15:08.807", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Aruba has identified certain configurations of ArubaOS that can lead to partial disclosure of sensitive information in the IKE_AUTH negotiation process. The scenarios in which disclosure of potentially sensitive information can occur are complex, and depend on factors beyond the control of attackers.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.2, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-258xx/CVE-2024-25858.json b/CVE-2024/CVE-2024-258xx/CVE-2024-25858.json new file mode 100644 index 00000000000..2367301d290 --- /dev/null +++ b/CVE-2024/CVE-2024-258xx/CVE-2024-25858.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-25858", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-05T21:15:09.030", + "lastModified": "2024-03-05T21:15:09.030", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In Foxit PDF Reader before 2024.1 and PDF Editor before 2024.1, code execution via JavaScript could occur because of an unoptimized prompt message for users to review parameters of commands." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index d35f4bdefbd..ba883d3036e 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-03-05T21:00:25.249896+00:00 +2024-03-05T23:00:26.286741+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-03-05T20:43:45.700000+00:00 +2024-03-05T22:17:26.913000+00:00 ``` ### Last Data Feed Release @@ -29,47 +29,40 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -240585 +240598 ``` ### CVEs added in the last Commit -Recently added CVEs: `9` +Recently added CVEs: `13` -* [CVE-2022-22399](CVE-2022/CVE-2022-223xx/CVE-2022-22399.json) (`2024-03-05T20:16:00.620`) -* [CVE-2023-25681](CVE-2023/CVE-2023-256xx/CVE-2023-25681.json) (`2024-03-05T20:16:00.857`) -* [CVE-2023-26282](CVE-2023/CVE-2023-262xx/CVE-2023-26282.json) (`2024-03-05T20:16:01.077`) -* [CVE-2024-23225](CVE-2024/CVE-2024-232xx/CVE-2024-23225.json) (`2024-03-05T20:16:01.370`) -* [CVE-2024-23243](CVE-2024/CVE-2024-232xx/CVE-2024-23243.json) (`2024-03-05T20:16:01.450`) -* [CVE-2024-23256](CVE-2024/CVE-2024-232xx/CVE-2024-23256.json) (`2024-03-05T20:16:01.503`) -* [CVE-2024-23296](CVE-2024/CVE-2024-232xx/CVE-2024-23296.json) (`2024-03-05T20:16:01.553`) -* [CVE-2024-2055](CVE-2024/CVE-2024-20xx/CVE-2024-2055.json) (`2024-03-05T20:16:01.617`) -* [CVE-2024-2056](CVE-2024/CVE-2024-20xx/CVE-2024-2056.json) (`2024-03-05T20:16:01.703`) +* [CVE-2024-1356](CVE-2024/CVE-2024-13xx/CVE-2024-1356.json) (`2024-03-05T21:15:07.593`) +* [CVE-2024-25611](CVE-2024/CVE-2024-256xx/CVE-2024-25611.json) (`2024-03-05T21:15:07.887`) +* [CVE-2024-25612](CVE-2024/CVE-2024-256xx/CVE-2024-25612.json) (`2024-03-05T21:15:08.133`) +* [CVE-2024-25613](CVE-2024/CVE-2024-256xx/CVE-2024-25613.json) (`2024-03-05T21:15:08.307`) +* [CVE-2024-25614](CVE-2024/CVE-2024-256xx/CVE-2024-25614.json) (`2024-03-05T21:15:08.473`) +* [CVE-2024-25615](CVE-2024/CVE-2024-256xx/CVE-2024-25615.json) (`2024-03-05T21:15:08.637`) +* [CVE-2024-25616](CVE-2024/CVE-2024-256xx/CVE-2024-25616.json) (`2024-03-05T21:15:08.807`) +* [CVE-2024-25858](CVE-2024/CVE-2024-258xx/CVE-2024-25858.json) (`2024-03-05T21:15:09.030`) +* [CVE-2024-2179](CVE-2024/CVE-2024-21xx/CVE-2024-2179.json) (`2024-03-05T21:15:09.100`) +* [CVE-2024-1764](CVE-2024/CVE-2024-17xx/CVE-2024-1764.json) (`2024-03-05T22:15:46.947`) +* [CVE-2024-1898](CVE-2024/CVE-2024-18xx/CVE-2024-1898.json) (`2024-03-05T22:15:47.020`) +* [CVE-2024-1900](CVE-2024/CVE-2024-19xx/CVE-2024-1900.json) (`2024-03-05T22:15:47.060`) +* [CVE-2024-1901](CVE-2024/CVE-2024-19xx/CVE-2024-1901.json) (`2024-03-05T22:15:47.103`) ### CVEs modified in the last Commit -Recently modified CVEs: `19` +Recently modified CVEs: `8` -* [CVE-2023-44324](CVE-2023/CVE-2023-443xx/CVE-2023-44324.json) (`2024-03-05T19:56:42.527`) -* [CVE-2023-5665](CVE-2023/CVE-2023-56xx/CVE-2023-5665.json) (`2024-03-05T20:23:44.463`) -* [CVE-2023-38995](CVE-2023/CVE-2023-389xx/CVE-2023-38995.json) (`2024-03-05T20:24:27.990`) -* [CVE-2023-40548](CVE-2023/CVE-2023-405xx/CVE-2023-40548.json) (`2024-03-05T20:43:45.700`) -* [CVE-2024-27198](CVE-2024/CVE-2024-271xx/CVE-2024-27198.json) (`2024-03-05T19:01:18.917`) -* [CVE-2024-21350](CVE-2024/CVE-2024-213xx/CVE-2024-21350.json) (`2024-03-05T20:02:13.803`) -* [CVE-2024-21368](CVE-2024/CVE-2024-213xx/CVE-2024-21368.json) (`2024-03-05T20:02:40.983`) -* [CVE-2024-21369](CVE-2024/CVE-2024-213xx/CVE-2024-21369.json) (`2024-03-05T20:02:44.637`) -* [CVE-2024-21370](CVE-2024/CVE-2024-213xx/CVE-2024-21370.json) (`2024-03-05T20:02:50.433`) -* [CVE-2024-21375](CVE-2024/CVE-2024-213xx/CVE-2024-21375.json) (`2024-03-05T20:02:54.560`) -* [CVE-2024-21365](CVE-2024/CVE-2024-213xx/CVE-2024-21365.json) (`2024-03-05T20:03:23.807`) -* [CVE-2024-21366](CVE-2024/CVE-2024-213xx/CVE-2024-21366.json) (`2024-03-05T20:03:30.197`) -* [CVE-2024-21367](CVE-2024/CVE-2024-213xx/CVE-2024-21367.json) (`2024-03-05T20:03:33.437`) -* [CVE-2024-21359](CVE-2024/CVE-2024-213xx/CVE-2024-21359.json) (`2024-03-05T20:03:56.137`) -* [CVE-2024-21360](CVE-2024/CVE-2024-213xx/CVE-2024-21360.json) (`2024-03-05T20:03:58.480`) -* [CVE-2024-21361](CVE-2024/CVE-2024-213xx/CVE-2024-21361.json) (`2024-03-05T20:04:01.077`) -* [CVE-2024-1354](CVE-2024/CVE-2024-13xx/CVE-2024-1354.json) (`2024-03-05T20:22:24.573`) -* [CVE-2024-1355](CVE-2024/CVE-2024-13xx/CVE-2024-1355.json) (`2024-03-05T20:22:38.100`) -* [CVE-2024-1359](CVE-2024/CVE-2024-13xx/CVE-2024-1359.json) (`2024-03-05T20:22:49.650`) +* [CVE-2019-10271](CVE-2019/CVE-2019-102xx/CVE-2019-10271.json) (`2024-03-05T21:11:12.187`) +* [CVE-2021-45810](CVE-2021/CVE-2021-458xx/CVE-2021-45810.json) (`2024-03-05T22:15:46.827`) +* [CVE-2023-28892](CVE-2023/CVE-2023-288xx/CVE-2023-28892.json) (`2024-03-05T21:15:07.250`) +* [CVE-2023-50693](CVE-2023/CVE-2023-506xx/CVE-2023-50693.json) (`2024-03-05T21:15:07.367`) +* [CVE-2024-22894](CVE-2024/CVE-2024-228xx/CVE-2024-22894.json) (`2024-03-05T21:15:07.790`) +* [CVE-2024-20749](CVE-2024/CVE-2024-207xx/CVE-2024-20749.json) (`2024-03-05T22:17:17.527`) +* [CVE-2024-20747](CVE-2024/CVE-2024-207xx/CVE-2024-20747.json) (`2024-03-05T22:17:24.763`) +* [CVE-2024-20748](CVE-2024/CVE-2024-207xx/CVE-2024-20748.json) (`2024-03-05T22:17:26.913`) ## Download and Usage