admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 11:07:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-12T17:00:23.901745+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-12 17:00:27 +00:00
parent 83ab13eabe
commit 80ac7de3ff
26 changed files with 1015 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
CVE-2023/CVE-2023-375xx/CVE-2023-37528.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-37528",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-02-03T06:15:46.850",
"lastModified": "2024-02-05T02:09:43.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-12T16:55:42.290",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attack to exploit an application parameter during execution of the Save Report. \n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) en el componente Web Reports de HCL BigFix Platform posiblemente pueda permitir que un ataque explote un par\u00e1metro de la aplicaci\u00f3n durante la ejecuci\u00f3n de Save Report."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "psirt@hcl.com",
"type": "Secondary",
@ -34,10 +58,56 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.5",
"versionEndExcluding": "9.5.24",
"matchCriteriaId": "C8477E2A-0466-4415-9420-9D1183AF9FA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0.0",
"versionEndExcluding": "10.0.11",
"matchCriteriaId": "35E5DFF7-4361-4A0C-A028-38FBF2A779F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:bigfix_platform:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C54B20CA-80AF-4E7E-A511-C208E81FB37E"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110209",
"source": "psirt@hcl.com"
"source": "psirt@hcl.com",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-405xx/CVE-2023-40544.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-40544",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-02-06T22:16:13.337",
"lastModified": "2024-02-07T01:11:27.753",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-12T16:43:42.320",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\n\n\n\n\nAn attacker with access to the network where the affected devices are located could maliciously actions to obtain, via a sniffer, sensitive information exchanged via TCP communications.\n\n\n\n"
},
{
"lang": "es",
"value": "Un atacante con acceso a la red donde se encuentran los dispositivos afectados podr\u00eda realizar acciones maliciosas para obtener, a trav\u00e9s de un sniffer, informaci\u00f3n sensible intercambiada mediante comunicaciones TCP."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,10 +80,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:westermo:l206-f2g_firmware:4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "21546B8A-EC2B-40D6-9D18-B3001791C808"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:westermo:l206-f2g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D79679D-89C8-4B80-A82B-84CA9C5CCAB1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

73
CVE-2023/CVE-2023-427xx/CVE-2023-42765.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-42765",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-02-06T22:16:13.523",
"lastModified": "2024-02-07T01:11:27.753",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-12T16:44:16.617",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\n\n\nAn attacker with access to the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the \"username\" parameter in the SNMP configuration.\n\n"
},
{
"lang": "es",
"value": "Un atacante con acceso al software vulnerable podr\u00eda introducir JavaScript arbitrario inyectando un payload de cross-site scripting en el par\u00e1metro \"username\" en la configuraci\u00f3n SNMP."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,10 +80,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:westermo:l206-f2g_firmware:4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "21546B8A-EC2B-40D6-9D18-B3001791C808"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:westermo:l206-f2g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D79679D-89C8-4B80-A82B-84CA9C5CCAB1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

73
CVE-2023/CVE-2023-452xx/CVE-2023-45213.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-45213",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-02-06T22:16:13.697",
"lastModified": "2024-02-07T01:11:27.753",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-12T16:44:57.010",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\nA potential attacker with access to the Westermo Lynx device would be able to execute malicious code that could affect the correct functioning of the device."
},
{
"lang": "es",
"value": "Un potencial atacante con acceso al dispositivo Westermo Lynx podr\u00eda ejecutar c\u00f3digo malicioso que podr\u00eda afectar el correcto funcionamiento del dispositivo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-697"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,10 +80,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:westermo:l206-f2g_firmware:4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "21546B8A-EC2B-40D6-9D18-B3001791C808"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:westermo:l206-f2g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D79679D-89C8-4B80-A82B-84CA9C5CCAB1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

73
CVE-2023/CVE-2023-452xx/CVE-2023-45222.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-45222",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-02-06T22:16:13.873",
"lastModified": "2024-02-07T01:11:27.753",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-12T16:45:27.167",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\n\n\nAn attacker with access to the web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the \"autorefresh\" parameter.\n\n\n\n"
},
{
"lang": "es",
"value": "Un atacante con acceso a la aplicaci\u00f3n web que tiene el software vulnerable podr\u00eda introducir JavaScript arbitrario inyectando un payload de cross-site scripting en el par\u00e1metro \"autorefresh\"."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,10 +80,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:westermo:l206-f2g_firmware:4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "21546B8A-EC2B-40D6-9D18-B3001791C808"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:westermo:l206-f2g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D79679D-89C8-4B80-A82B-84CA9C5CCAB1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

73
CVE-2023/CVE-2023-452xx/CVE-2023-45227.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-45227",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-02-06T22:16:14.050",
"lastModified": "2024-02-07T01:11:27.753",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-12T16:45:47.247",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\n\n\n\n\n\n\n\n\nAn attacker with access to the web application with vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the \"dns.0.server\" parameter.\n\n\n\n\n\n\n\n"
},
{
"lang": "es",
"value": "Un atacante con acceso a la aplicaci\u00f3n web con software vulnerable podr\u00eda introducir JavaScript arbitrario inyectando un payload de cross-site scripting en el par\u00e1metro \"dns.0.server\"."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,10 +80,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:westermo:l206-f2g_firmware:4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "21546B8A-EC2B-40D6-9D18-B3001791C808"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:westermo:l206-f2g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D79679D-89C8-4B80-A82B-84CA9C5CCAB1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

73
CVE-2023/CVE-2023-457xx/CVE-2023-45735.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-45735",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-02-06T22:16:14.240",
"lastModified": "2024-02-07T01:11:27.753",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-12T16:46:48.997",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\nA potential attacker with access to the Westermo Lynx device may be able to execute malicious code that could affect the correct functioning of the device.\n\n\n\n\n\n"
},
{
"lang": "es",
"value": "Un potencial atacante con acceso al dispositivo Westermo Lynx podr\u00eda ejecutar c\u00f3digo malicioso que podr\u00eda afectar el correcto funcionamiento del dispositivo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,10 +80,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:westermo:l206-f2g_firmware:4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "21546B8A-EC2B-40D6-9D18-B3001791C808"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:westermo:l206-f2g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D79679D-89C8-4B80-A82B-84CA9C5CCAB1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

78
CVE-2023/CVE-2023-46xx/CVE-2023-4637.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-4637",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:15:55.410",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-12T15:55:22.053",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The WPvivid plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the restore() and get_restore_progress() function in versions up to, and including, 0.9.94. This makes it possible for unauthenticated attackers to invoke these functions and obtain full file paths if they have access to a back-up ID."
},
{
"lang": "es",
"value": "El complemento WPvivid para WordPress es vulnerable al acceso no autorizado a los datos debido a una falta de verificaci\u00f3n de capacidad en las funciones restore() y get_restore_progress() en versiones hasta la 0.9.94 incluida. Esto hace posible que atacantes no autenticados invoquen estas funciones y obtengan rutas de archivo completas si tienen acceso a una identificaci\u00f3n de respaldo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,22 +58,64 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpvivid:migration\\,_backup\\,_staging:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.9.94",
"matchCriteriaId": "0304220E-53F1-42A4-91AC-CB07F2045AAB"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wpvivid-backuprestore/trunk/includes/class-wpvivid.php#L3736",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/wpvivid-backuprestore/trunk/includes/class-wpvivid.php#L3943",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3023214/wpvivid-backuprestore/trunk/includes/class-wpvivid.php?contextall=1&old=3007861&old_path=%2Fwpvivid-backuprestore%2Ftrunk%2Fincludes%2Fclass-wpvivid.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bad0bd6b-9c88-4d31-90b5-92d3ceb8c0af?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-60xx/CVE-2023-6036.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-6036",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:07.983",
"lastModified": "2024-02-12T16:15:07.983",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Web3 WordPress plugin before 3.0.0 is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handle_auth_request' and 'hadle_login_request'. This makes it possible for non authenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/7f30ab20-805b-422c-a9a5-21d39c570ee4/",
"source": "contact@wpscan.com"
}
]
}

24
CVE-2023/CVE-2023-60xx/CVE-2023-6081.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-6081",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:08.063",
"lastModified": "2024-02-12T16:15:08.063",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The chartjs WordPress plugin through 2023.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
}
],
"metrics": {},
"references": [
{
"url": "https://lynk.nl/",
"source": "contact@wpscan.com"
},
{
"url": "https://wpscan.com/vulnerability/5f011911-5fd1-46d9-b468-3062b4ec6f1e/",
"source": "contact@wpscan.com"
}
]
}

24
CVE-2023/CVE-2023-60xx/CVE-2023-6082.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-6082",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:08.120",
"lastModified": "2024-02-12T16:15:08.120",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The chartjs WordPress plugin through 2023.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
}
],
"metrics": {},
"references": [
{
"url": "https://lynk.nl/",
"source": "contact@wpscan.com"
},
{
"url": "https://wpscan.com/vulnerability/c3d43aac-66c8-4218-b3f0-5256f895eda3/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2023/CVE-2023-62xx/CVE-2023-6294.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-6294",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:08.167",
"lastModified": "2024-02-12T16:15:08.167",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite WordPress configurations."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/eaeb5706-b19c-4266-b7df-889558ee2614/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2023/CVE-2023-64xx/CVE-2023-6499.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-6499",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:08.230",
"lastModified": "2024-02-12T16:15:08.230",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The lasTunes WordPress plugin through 3.6.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/69592e52-92db-4e30-92ca-b7b3d5b9185d/",
"source": "contact@wpscan.com"
}
]
}

24
CVE-2023/CVE-2023-65xx/CVE-2023-6501.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-6501",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:08.283",
"lastModified": "2024-02-12T16:15:08.283",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Splashscreen WordPress plugin through 0.20 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack"
}
],
"metrics": {},
"references": [
{
"url": "https://magos-securitas.com/txt/CVE-2023-6501.txt",
"source": "contact@wpscan.com"
},
{
"url": "https://wpscan.com/vulnerability/dd19189b-de04-44b6-8ac9-0c32399a8976/",
"source": "contact@wpscan.com"
}
]
}

68
CVE-2023/CVE-2023-65xx/CVE-2023-6526.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6526",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:15:55.593",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-12T16:00:51.520",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Meta Box \u2013 WordPress Custom Fields Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta values displayed through the plugin's shortcode in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Meta Box \u2013 WordPress Custom Fields Framework para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de metavalores de publicaci\u00f3n personalizados que se muestran a trav\u00e9s del c\u00f3digo abreviado del complemento en todas las versiones hasta la 5.9.2 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:metabox:meta_box:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.9.2",
"matchCriteriaId": "E68FCDDF-9135-4481-83B4-B5352ACC32BD"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3030376%40meta-box&new=3030376%40meta-box&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2a6bfc87-6135-4d49-baa2-e8e6291148dc?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-65xx/CVE-2023-6591.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-6591",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:08.337",
"lastModified": "2024-02-12T16:15:08.337",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/f296de1c-b70b-4829-aba7-4afa24f64c51/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2023/CVE-2023-72xx/CVE-2023-7233.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-7233",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:08.390",
"lastModified": "2024-02-12T16:15:08.390",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The GigPress WordPress plugin through 2.3.29 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/585cb2f2-7adc-431f-89d4-4e947f16af18/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-02xx/CVE-2024-0248.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-0248",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:08.443",
"lastModified": "2024-02-12T16:15:08.443",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The EazyDocs WordPress plugin before 2.4.0 re-introduced CVE-2023-6029 (https://wpscan.com/vulnerability/7a0aaf85-8130-4fd7-8f09-f8edc929597e/) in 2.3.8, allowing any authenticated users, such as subscriber to delete arbitrary posts, as well as add and delete documents/sections. The issue was partially fixed in 2.3.9."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/faf50bc0-64c5-4ccc-a8ac-e73ed44a74df/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-02xx/CVE-2024-0250.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-0250",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:08.500",
"lastModified": "2024-02-12T16:15:08.500",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Analytics Insights for Google Analytics 4 (AIWP) WordPress plugin before 6.3 is vulnerable to Open Redirect due to insufficient validation on the redirect oauth2callback.php file. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/321b07d1-692f-48e9-a8e5-a15b38efa979/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-04xx/CVE-2024-0420.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-0420",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:08.557",
"lastModified": "2024-02-12T16:15:08.557",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The MapPress Maps for WordPress plugin before 2.88.15 does not sanitize and escape the map title when outputting it back in the admin dashboard, allowing Contributors and above roles to perform Stored Cross-Site Scripting attacks"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/b6187ef8-70f4-4911-abd7-42bf6b7e54b7/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-04xx/CVE-2024-0421.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-0421",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:08.620",
"lastModified": "2024-02-12T16:15:08.620",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The MapPress Maps for WordPress plugin before 2.88.16 does not ensure that posts to be retrieve via an AJAX action is a public map, allowing unauthenticated users to read arbitrary private and draft posts."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/587acc47-1966-4baf-a380-6aa479a97c82/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-05xx/CVE-2024-0566.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-0566",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:08.673",
"lastModified": "2024-02-12T16:15:08.673",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Smart Manager WordPress plugin before 8.28.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/ca83db95-4a08-4615-aa8d-016022404c32/",
"source": "contact@wpscan.com"
}
]
}

15
CVE-2024/CVE-2024-14xx/CVE-2024-1420.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2024-1420",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-12T15:15:07.733",
"lastModified": "2024-02-12T15:15:07.733",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: **REJECT** This is a duplicate of CVE-2024-1049. Please use CVE-2024-1049 instead."
}
],
"metrics": {},
"references": []
}

52
CVE-2024/CVE-2024-245xx/CVE-2024-24560.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-24560",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-02T17:15:11.720",
"lastModified": "2024-02-02T21:13:53.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-12T15:23:42.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. When calls to external contracts are made, we write the input buffer starting at byte 28, and allocate the return buffer to start at byte 0 (overlapping with the input buffer). When checking RETURNDATASIZE for dynamic types, the size is compared only to the minimum allowed size for that type, and not to the returned value's length. As a result, malformed return data can cause the contract to mistake data from the input buffer for returndata. When the called contract returns invalid ABIv2 encoded data, the calling contract can read different invalid data (from the dirty buffer) than the called contract returned."
},
{
"lang": "es",
"value": "Vyper es un lenguaje de contrato inteligente pit\u00f3nico para la m\u00e1quina virtual Ethereum. Cuando se realizan llamadas a contratos externos, escribimos el b\u00fafer de entrada comenzando en el byte 28 y asignamos el b\u00fafer de retorno para que comience en el byte 0 (superponi\u00e9ndose con el b\u00fafer de entrada). Al verificar RETURNDATASIZE para tipos din\u00e1micos, el tama\u00f1o se compara solo con el tama\u00f1o m\u00ednimo permitido para ese tipo y no con la longitud del valor devuelto. Como resultado, los datos de devoluci\u00f3n con formato incorrecto pueden hacer que el contrato confunda los datos del b\u00fafer de entrada con los datos de devoluci\u00f3n. Cuando el contrato llamado devuelve datos codificados ABIv2 no v\u00e1lidos, el contrato que llama puede leer datos no v\u00e1lidos diferentes (del b\u00fafer sucio) que los devueltos por el contrato llamado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,10 +70,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vyperlang:vyper:*:*:*:*:*:python:*:*",
"versionEndIncluding": "0.3.10",
"matchCriteriaId": "832C489D-4288-46B4-A29E-0E7168748042"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-gp3w-2v2m-p686",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

20
CVE-2024/CVE-2024-253xx/CVE-2024-25360.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-25360",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-12T16:15:08.730",
"lastModified": "2024-02-12T16:15:08.730",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A hidden interface in Motorola CX2L Router firmware v1.0.1 leaks information regarding the SystemWizardStatus component via sending a crafted request to device_web_ip."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/leetsun/Hints/tree/main/moto-CX2L/4",
"source": "cve@mitre.org"
}
]
}

62
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-02-12T15:00:25.148725+00:00
2024-02-12T17:00:23.901745+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-02-12T14:34:47.053000+00:00
2024-02-12T16:55:42.290000+00:00
```
### Last Data Feed Release
@ -29,46 +29,44 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
238162
238177
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `15`
* [CVE-2023-6681](CVE-2023/CVE-2023-66xx/CVE-2023-6681.json) (`2024-02-12T14:15:08.003`)
* [CVE-2024-1062](CVE-2024/CVE-2024-10xx/CVE-2024-1062.json) (`2024-02-12T13:15:09.210`)
* [CVE-2023-6036](CVE-2023/CVE-2023-60xx/CVE-2023-6036.json) (`2024-02-12T16:15:07.983`)
* [CVE-2023-6081](CVE-2023/CVE-2023-60xx/CVE-2023-6081.json) (`2024-02-12T16:15:08.063`)
* [CVE-2023-6082](CVE-2023/CVE-2023-60xx/CVE-2023-6082.json) (`2024-02-12T16:15:08.120`)
* [CVE-2023-6294](CVE-2023/CVE-2023-62xx/CVE-2023-6294.json) (`2024-02-12T16:15:08.167`)
* [CVE-2023-6499](CVE-2023/CVE-2023-64xx/CVE-2023-6499.json) (`2024-02-12T16:15:08.230`)
* [CVE-2023-6501](CVE-2023/CVE-2023-65xx/CVE-2023-6501.json) (`2024-02-12T16:15:08.283`)
* [CVE-2023-6591](CVE-2023/CVE-2023-65xx/CVE-2023-6591.json) (`2024-02-12T16:15:08.337`)
* [CVE-2023-7233](CVE-2023/CVE-2023-72xx/CVE-2023-7233.json) (`2024-02-12T16:15:08.390`)
* [CVE-2024-1420](CVE-2024/CVE-2024-14xx/CVE-2024-1420.json) (`2024-02-12T15:15:07.733`)
* [CVE-2024-0248](CVE-2024/CVE-2024-02xx/CVE-2024-0248.json) (`2024-02-12T16:15:08.443`)
* [CVE-2024-0250](CVE-2024/CVE-2024-02xx/CVE-2024-0250.json) (`2024-02-12T16:15:08.500`)
* [CVE-2024-0420](CVE-2024/CVE-2024-04xx/CVE-2024-0420.json) (`2024-02-12T16:15:08.557`)
* [CVE-2024-0421](CVE-2024/CVE-2024-04xx/CVE-2024-0421.json) (`2024-02-12T16:15:08.620`)
* [CVE-2024-0566](CVE-2024/CVE-2024-05xx/CVE-2024-0566.json) (`2024-02-12T16:15:08.673`)
* [CVE-2024-25360](CVE-2024/CVE-2024-253xx/CVE-2024-25360.json) (`2024-02-12T16:15:08.730`)
### CVEs modified in the last Commit
Recently modified CVEs: `60`
Recently modified CVEs: `10`
* [CVE-2024-24933](CVE-2024/CVE-2024-249xx/CVE-2024-24933.json) (`2024-02-12T14:20:03.287`)
* [CVE-2024-24889](CVE-2024/CVE-2024-248xx/CVE-2024-24889.json) (`2024-02-12T14:20:03.287`)
* [CVE-2024-25100](CVE-2024/CVE-2024-251xx/CVE-2024-25100.json) (`2024-02-12T14:20:03.287`)
* [CVE-2024-25316](CVE-2024/CVE-2024-253xx/CVE-2024-25316.json) (`2024-02-12T14:23:16.537`)
* [CVE-2024-25315](CVE-2024/CVE-2024-253xx/CVE-2024-25315.json) (`2024-02-12T14:23:41.613`)
* [CVE-2024-25314](CVE-2024/CVE-2024-253xx/CVE-2024-25314.json) (`2024-02-12T14:24:04.510`)
* [CVE-2024-25310](CVE-2024/CVE-2024-253xx/CVE-2024-25310.json) (`2024-02-12T14:24:40.230`)
* [CVE-2024-25307](CVE-2024/CVE-2024-253xx/CVE-2024-25307.json) (`2024-02-12T14:25:11.867`)
* [CVE-2024-25302](CVE-2024/CVE-2024-253xx/CVE-2024-25302.json) (`2024-02-12T14:26:44.670`)
* [CVE-2024-25313](CVE-2024/CVE-2024-253xx/CVE-2024-25313.json) (`2024-02-12T14:27:16.007`)
* [CVE-2024-25312](CVE-2024/CVE-2024-253xx/CVE-2024-25312.json) (`2024-02-12T14:27:37.243`)
* [CVE-2024-25309](CVE-2024/CVE-2024-253xx/CVE-2024-25309.json) (`2024-02-12T14:28:15.157`)
* [CVE-2024-25308](CVE-2024/CVE-2024-253xx/CVE-2024-25308.json) (`2024-02-12T14:28:27.823`)
* [CVE-2024-25306](CVE-2024/CVE-2024-253xx/CVE-2024-25306.json) (`2024-02-12T14:28:41.017`)
* [CVE-2024-25305](CVE-2024/CVE-2024-253xx/CVE-2024-25305.json) (`2024-02-12T14:28:56.647`)
* [CVE-2024-25304](CVE-2024/CVE-2024-253xx/CVE-2024-25304.json) (`2024-02-12T14:29:11.507`)
* [CVE-2024-25675](CVE-2024/CVE-2024-256xx/CVE-2024-25675.json) (`2024-02-12T14:30:28.640`)
* [CVE-2024-25674](CVE-2024/CVE-2024-256xx/CVE-2024-25674.json) (`2024-02-12T14:30:40.343`)
* [CVE-2024-24499](CVE-2024/CVE-2024-244xx/CVE-2024-24499.json) (`2024-02-12T14:31:04.057`)
* [CVE-2024-24498](CVE-2024/CVE-2024-244xx/CVE-2024-24498.json) (`2024-02-12T14:31:21.610`)
* [CVE-2024-24497](CVE-2024/CVE-2024-244xx/CVE-2024-24497.json) (`2024-02-12T14:31:34.073`)
* [CVE-2024-24496](CVE-2024/CVE-2024-244xx/CVE-2024-24496.json) (`2024-02-12T14:31:45.320`)
* [CVE-2024-24495](CVE-2024/CVE-2024-244xx/CVE-2024-24495.json) (`2024-02-12T14:31:55.860`)
* [CVE-2024-24131](CVE-2024/CVE-2024-241xx/CVE-2024-24131.json) (`2024-02-12T14:32:43.777`)
* [CVE-2024-1269](CVE-2024/CVE-2024-12xx/CVE-2024-1269.json) (`2024-02-12T14:34:47.053`)
* [CVE-2023-4637](CVE-2023/CVE-2023-46xx/CVE-2023-4637.json) (`2024-02-12T15:55:22.053`)
* [CVE-2023-6526](CVE-2023/CVE-2023-65xx/CVE-2023-6526.json) (`2024-02-12T16:00:51.520`)
* [CVE-2023-40544](CVE-2023/CVE-2023-405xx/CVE-2023-40544.json) (`2024-02-12T16:43:42.320`)
* [CVE-2023-42765](CVE-2023/CVE-2023-427xx/CVE-2023-42765.json) (`2024-02-12T16:44:16.617`)
* [CVE-2023-45213](CVE-2023/CVE-2023-452xx/CVE-2023-45213.json) (`2024-02-12T16:44:57.010`)
* [CVE-2023-45222](CVE-2023/CVE-2023-452xx/CVE-2023-45222.json) (`2024-02-12T16:45:27.167`)
* [CVE-2023-45227](CVE-2023/CVE-2023-452xx/CVE-2023-45227.json) (`2024-02-12T16:45:47.247`)
* [CVE-2023-45735](CVE-2023/CVE-2023-457xx/CVE-2023-45735.json) (`2024-02-12T16:46:48.997`)
* [CVE-2023-37528](CVE-2023/CVE-2023-375xx/CVE-2023-37528.json) (`2024-02-12T16:55:42.290`)
* [CVE-2024-24560](CVE-2024/CVE-2024-245xx/CVE-2024-24560.json) (`2024-02-12T15:23:42.867`)
## Download and Usage