diff --git a/CVE-2007/CVE-2007-19xx/CVE-2007-1923.json b/CVE-2007/CVE-2007-19xx/CVE-2007-1923.json index d7cb9b8d12c..0733acbf2f7 100644 --- a/CVE-2007/CVE-2007-19xx/CVE-2007-1923.json +++ b/CVE-2007/CVE-2007-19xx/CVE-2007-1923.json @@ -2,8 +2,8 @@ "id": "CVE-2007-1923", "sourceIdentifier": "cve@mitre.org", "published": "2007-04-10T23:19:00.000", - "lastModified": "2023-09-25T05:15:10.093", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T18:26:00.153", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -62,13 +62,14 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:dws_systems_inc.:sql-ledger:*:*:*:*:*:*:*:*", - "matchCriteriaId": "F530F8B6-1D8E-43B6-87C0-957D7CB6E9D9" + "criteria": "cpe:2.3:a:ledgersmb:ledgersmb:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.3.0", + "matchCriteriaId": "0AEC949D-05C5-46A4-8524-708110C55CD1" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:ledgersmb:ledgersmb:*:*:*:*:*:*:*:*", - "matchCriteriaId": "D2DF897C-87CA-4090-8306-24F3CD1B3BA5" + "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BA6F3CE1-B130-49E4-BABB-A2C44F955625" } ] } @@ -78,31 +79,56 @@ "references": [ { "url": "http://osvdb.org/38217", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://osvdb.org/38218", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://securityreason.com/securityalert/2552", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.securityfocus.com/archive/1/464880/100/0/threaded", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://www.securityfocus.com/bid/23352", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33494", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://github.com/ledgersmb/LedgerSMB/blob/master/Changelog", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2008/CVE-2008-03xx/CVE-2008-0379.json b/CVE-2008/CVE-2008-03xx/CVE-2008-0379.json index 62683bdfaf1..ff2ae1dd693 100644 --- a/CVE-2008/CVE-2008-03xx/CVE-2008-0379.json +++ b/CVE-2008/CVE-2008-03xx/CVE-2008-0379.json @@ -2,8 +2,8 @@ "id": "CVE-2008-0379", "sourceIdentifier": "cve@mitre.org", "published": "2008-01-22T20:00:00.000", - "lastModified": "2017-09-29T01:30:14.270", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:06:56.310", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -48,7 +48,11 @@ "description": [ { "lang": "en", - "value": "CWE-119" + "value": "CWE-120" + }, + { + "lang": "en", + "value": "CWE-362" } ] } @@ -64,11 +68,6 @@ "vulnerable": true, "criteria": "cpe:2.3:a:businessobjects:crystal_reports_xi:r2:*:*:*:*:*:*:*", "matchCriteriaId": "11DC74BF-CF03-49F5-89AA-609AA8758A39" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:microsoft:activex:enterprise_tree_control:*:*:*:*:*:*:*", - "matchCriteriaId": "37786834-EED5-47AB-90ED-E8B7AA740725" } ] } @@ -80,20 +79,37 @@ "url": "http://www.securityfocus.com/bid/27333", "source": "cve@mitre.org", "tags": [ - "Exploit" + "Broken Link", + "Exploit", + "Third Party Advisory", + "VDB Entry" ] }, { "url": "http://www.securitytracker.com/id?1019239", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39743", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://www.exploit-db.com/exploits/4931", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2008/CVE-2008-50xx/CVE-2008-5021.json b/CVE-2008/CVE-2008-50xx/CVE-2008-5021.json index 44bc4e126a2..64592e6f7c3 100644 --- a/CVE-2008/CVE-2008-50xx/CVE-2008-5021.json +++ b/CVE-2008/CVE-2008-50xx/CVE-2008-5021.json @@ -2,7 +2,7 @@ "id": "CVE-2008-5021", "sourceIdentifier": "secalert@redhat.com", "published": "2008-11-13T11:30:01.377", - "lastModified": "2018-11-02T13:48:55.227", + "lastModified": "2024-02-02T17:07:05.890", "vulnStatus": "Analyzed", "descriptions": [ { @@ -37,7 +37,7 @@ "obtainAllPrivilege": true, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, - "userInteractionRequired": false + "userInteractionRequired": true } ] }, @@ -48,7 +48,7 @@ "description": [ { "lang": "en", - "value": "CWE-399" + "value": "CWE-362" } ] } @@ -136,6 +136,91 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*", + "matchCriteriaId": "72E4DB7F-07C3-46BB-AAA2-05CD0312C57F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*", + "matchCriteriaId": "743CBBB1-C140-4FEF-B40E-FAE4511B1140" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:10:sp2:*:*:*:*:*:*", + "matchCriteriaId": "3E135846-8959-4D7E-A8E6-07F0EC15F010" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", + "matchCriteriaId": "5595E484-647C-4F85-94AB-5A4D55CD766B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:novell:open_enterprise_server:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C5C0C136-E406-4628-994A-682E8E729B50" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*", + "matchCriteriaId": "24818450-FDA1-429A-AC17-68F44F584217" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*", + "matchCriteriaId": "C35B68DF-1440-4587-8458-9C5F4D1E43F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "1B42AB65-443B-4655-BAEA-4EB4A43D9509" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:10:-:*:*:*:*:*:*", + "matchCriteriaId": "4C1B3637-1CDC-47FE-B19C-95FCEB833450" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*", + "matchCriteriaId": "4CD2D897-E321-4CED-92E0-11A98B52053C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp1:*:*:*:*:*:*", + "matchCriteriaId": "29184B59-5756-48DB-930C-69D5CD628548" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp1:*:*:*:*:*:*", + "matchCriteriaId": "33EB57D5-DE8D-417C-8C00-AD331D61181C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp2:*:*:*:*:*:*", + "matchCriteriaId": "D3BEE9CB-F0AF-44B1-B454-1AE2F04D7299" + } + ] + } + ] } ], "references": [ @@ -143,6 +228,127 @@ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html", "source": "secalert@redhat.com", "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/32684", + "source": "secalert@redhat.com", + "tags": [ + "Broken Link", + "Third Party Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/32693", + "source": "secalert@redhat.com", + "tags": [ + "Broken Link", + "Third Party Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/32694", + "source": "secalert@redhat.com", + "tags": [ + "Broken Link", + "Third Party Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/32695", + "source": "secalert@redhat.com", + "tags": [ + "Broken Link", + "Third Party Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/32713", + "source": "secalert@redhat.com", + "tags": [ + "Broken Link", + "Third Party Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/32714", + "source": "secalert@redhat.com", + "tags": [ + "Broken Link", + "Third Party Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/32715", + "source": "secalert@redhat.com", + "tags": [ + "Broken Link", + "Third Party Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/32721", + "source": "secalert@redhat.com", + "tags": [ + "Broken Link", + "Third Party Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/32778", + "source": "secalert@redhat.com", + "tags": [ + "Broken Link", + "Third Party Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/32798", + "source": "secalert@redhat.com", + "tags": [ + "Broken Link", + "Third Party Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/32845", + "source": "secalert@redhat.com", + "tags": [ + "Broken Link", + "Third Party Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/32853", + "source": "secalert@redhat.com", + "tags": [ + "Broken Link", + "Third Party Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/33433", + "source": "secalert@redhat.com", + "tags": [ + "Broken Link", + "Third Party Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/33434", + "source": "secalert@redhat.com", + "tags": [ + "Broken Link", + "Third Party Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/34501", + "source": "secalert@redhat.com", + "tags": [ + "Broken Link", "Third Party Advisory" ] }, @@ -164,6 +370,7 @@ "url": "http://www.debian.org/security/2008/dsa-1669", "source": "secalert@redhat.com", "tags": [ + "Mailing List", "Third Party Advisory" ] }, @@ -171,6 +378,7 @@ "url": "http://www.debian.org/security/2008/dsa-1671", "source": "secalert@redhat.com", "tags": [ + "Mailing List", "Third Party Advisory" ] }, @@ -178,6 +386,7 @@ "url": "http://www.debian.org/security/2009/dsa-1696", "source": "secalert@redhat.com", "tags": [ + "Mailing List", "Third Party Advisory" ] }, @@ -185,6 +394,7 @@ "url": "http://www.debian.org/security/2009/dsa-1697", "source": "secalert@redhat.com", "tags": [ + "Mailing List", "Third Party Advisory" ] }, @@ -192,6 +402,7 @@ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:228", "source": "secalert@redhat.com", "tags": [ + "Broken Link", "Third Party Advisory" ] }, @@ -199,6 +410,7 @@ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:230", "source": "secalert@redhat.com", "tags": [ + "Broken Link", "Third Party Advisory" ] }, @@ -206,6 +418,7 @@ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:235", "source": "secalert@redhat.com", "tags": [ + "Broken Link", "Third Party Advisory" ] }, @@ -220,6 +433,7 @@ "url": "http://www.redhat.com/support/errata/RHSA-2008-0976.html", "source": "secalert@redhat.com", "tags": [ + "Broken Link", "Third Party Advisory" ] }, @@ -227,6 +441,7 @@ "url": "http://www.redhat.com/support/errata/RHSA-2008-0977.html", "source": "secalert@redhat.com", "tags": [ + "Broken Link", "Third Party Advisory" ] }, @@ -234,6 +449,7 @@ "url": "http://www.redhat.com/support/errata/RHSA-2008-0978.html", "source": "secalert@redhat.com", "tags": [ + "Broken Link", "Third Party Advisory" ] }, @@ -241,6 +457,7 @@ "url": "http://www.securityfocus.com/bid/32281", "source": "secalert@redhat.com", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] @@ -249,6 +466,7 @@ "url": "http://www.securitytracker.com/id?1021186", "source": "secalert@redhat.com", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] @@ -265,6 +483,7 @@ "url": "http://www.vupen.com/english/advisories/2008/3146", "source": "secalert@redhat.com", "tags": [ + "Broken Link", "Third Party Advisory" ] }, @@ -272,6 +491,7 @@ "url": "http://www.vupen.com/english/advisories/2009/0977", "source": "secalert@redhat.com", "tags": [ + "Broken Link", "Third Party Advisory" ] }, @@ -287,6 +507,7 @@ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642", "source": "secalert@redhat.com", "tags": [ + "Broken Link", "Third Party Advisory" ] }, @@ -294,6 +515,7 @@ "url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html", "source": "secalert@redhat.com", "tags": [ + "Mailing List", "Third Party Advisory" ] }, @@ -301,6 +523,7 @@ "url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html", "source": "secalert@redhat.com", "tags": [ + "Mailing List", "Third Party Advisory" ] } diff --git a/CVE-2021/CVE-2021-336xx/CVE-2021-33630.json b/CVE-2021/CVE-2021-336xx/CVE-2021-33630.json index 501aae1639a..f3c54686d14 100644 --- a/CVE-2021/CVE-2021-336xx/CVE-2021-33630.json +++ b/CVE-2021/CVE-2021-336xx/CVE-2021-33630.json @@ -2,7 +2,7 @@ "id": "CVE-2021-33630", "sourceIdentifier": "securities@openeuler.org", "published": "2024-01-18T15:15:08.653", - "lastModified": "2024-01-31T15:15:09.170", + "lastModified": "2024-02-02T18:15:31.877", "vulnStatus": "Modified", "descriptions": [ { @@ -128,6 +128,10 @@ "url": "http://www.openwall.com/lists/oss-security/2024/01/31/3", "source": "securities@openeuler.org" }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/02/02/6", + "source": "securities@openeuler.org" + }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e8b9bfa110896f95d602d8c98d5f9d67e41d78c", "source": "securities@openeuler.org" diff --git a/CVE-2021/CVE-2021-336xx/CVE-2021-33631.json b/CVE-2021/CVE-2021-336xx/CVE-2021-33631.json index ae62f7998f0..3647f4cf039 100644 --- a/CVE-2021/CVE-2021-336xx/CVE-2021-33631.json +++ b/CVE-2021/CVE-2021-336xx/CVE-2021-33631.json @@ -2,7 +2,7 @@ "id": "CVE-2021-33631", "sourceIdentifier": "securities@openeuler.org", "published": "2024-01-18T15:15:08.860", - "lastModified": "2024-01-31T15:15:09.293", + "lastModified": "2024-02-02T18:15:31.977", "vulnStatus": "Modified", "descriptions": [ { @@ -142,6 +142,10 @@ "url": "http://www.openwall.com/lists/oss-security/2024/01/31/3", "source": "securities@openeuler.org" }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/02/02/6", + "source": "securities@openeuler.org" + }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5c099c4fdc438014d5893629e70a8ba934433ee8", "source": "securities@openeuler.org", diff --git a/CVE-2021/CVE-2021-345xx/CVE-2021-34527.json b/CVE-2021/CVE-2021-345xx/CVE-2021-34527.json index 2f1d09b44e9..0b0b0ff8d10 100644 --- a/CVE-2021/CVE-2021-345xx/CVE-2021-34527.json +++ b/CVE-2021/CVE-2021-345xx/CVE-2021-34527.json @@ -2,8 +2,8 @@ "id": "CVE-2021-34527", "sourceIdentifier": "secure@microsoft.com", "published": "2021-07-02T22:15:08.757", - "lastModified": "2023-12-28T23:15:41.593", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:24:01.260", + "vulnStatus": "Analyzed", "cisaExploitAdd": "2021-11-03", "cisaActionDue": "2021-07-20", "cisaRequiredAction": "Apply updates per vendor instructions.", @@ -108,38 +108,51 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", - "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0" + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.18969", + "matchCriteriaId": "8C882409-BB85-490B-9D50-571B16C0DE86" }, { "vulnerable": true, - "criteria": "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", - "matchCriteriaId": "9E2C378B-1507-4C81-82F6-9F599616845A" + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.4470", + "matchCriteriaId": "217CDA93-36DA-49AE-9B8F-61D2E155B4F3" }, { "vulnerable": true, - "criteria": "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", - "matchCriteriaId": "FAE4278F-71A7-43E9-8F79-1CBFAE71D730" + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.2029", + "matchCriteriaId": "B9D38F0E-B058-44EE-9C75-A96EBEA360A6" }, { "vulnerable": true, - "criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", - "matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64" + "criteria": "cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19042.1083", + "matchCriteriaId": "413EBEFB-B185-4D3E-840B-9F37AA041229" }, { "vulnerable": true, - "criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", - "matchCriteriaId": "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1" + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.1415", + "matchCriteriaId": "4B773592-2AC2-48CD-A6B3-98D2632A2F88" }, { "vulnerable": true, - "criteria": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", - "matchCriteriaId": "E9273B95-20ED-4547-B0A8-95AD15B30372" + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.2251", + "matchCriteriaId": "71F26E89-0870-4C4A-81FE-F9F793A9E706" }, { "vulnerable": true, - "criteria": "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", - "matchCriteriaId": "AAE74AF3-C559-4645-A6C0-25C3D647AAC8" + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.318", + "matchCriteriaId": "193B0B19-6DD7-4DF3-B133-D66B27C34E9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.674", + "matchCriteriaId": "9DEC0AE5-324C-4117-ADFD-D8425D01C575" }, { "vulnerable": true, @@ -178,23 +191,27 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", - "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.4470", + "matchCriteriaId": "E90B2736-F3AC-4CA9-9817-1CCC320B854D" }, { "vulnerable": true, - "criteria": "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", - "matchCriteriaId": "4A190388-AA82-4504-9D5A-624F23268C9F" + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.2029", + "matchCriteriaId": "81CDECCC-4AB5-406B-B265-3C1760D01339" }, { "vulnerable": true, - "criteria": "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", - "matchCriteriaId": "0B60D940-80C7-49F0-8F4E-3F99AC15FA82" + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.230", + "matchCriteriaId": "0663409D-4AE8-4BD9-85FE-9EAED15AE9DB" }, { "vulnerable": true, - "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + "criteria": "cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19042.1083", + "matchCriteriaId": "5B0C7DE0-3E5C-4112-A7AD-FC195C3E2E62" } ] } diff --git a/CVE-2021/CVE-2021-454xx/CVE-2021-45429.json b/CVE-2021/CVE-2021-454xx/CVE-2021-45429.json index 40b061467c4..eb8c93acc8b 100644 --- a/CVE-2021/CVE-2021-454xx/CVE-2021-45429.json +++ b/CVE-2021/CVE-2021-454xx/CVE-2021-45429.json @@ -2,7 +2,7 @@ "id": "CVE-2021-45429", "sourceIdentifier": "cve@mitre.org", "published": "2022-02-04T19:15:08.060", - "lastModified": "2022-02-09T02:10:23.197", + "lastModified": "2024-02-02T17:24:31.537", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,8 +85,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:virustotal:yara:*:*:*:*:*:*:*:*", - "versionEndIncluding": "4.1.3", - "matchCriteriaId": "CF9F25A3-0546-4BC8-B4A2-91CFD8456A1F" + "versionStartIncluding": "4.2.0", + "matchCriteriaId": "98D52101-1922-43B6-877D-A0AE6213E8F3" } ] } diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27990.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27990.json index cd7d98f1f1d..82266d95a55 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27990.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27990.json @@ -2,8 +2,8 @@ "id": "CVE-2023-27990", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-04-24T18:15:09.440", - "lastModified": "2023-12-29T07:15:10.510", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:08:15.513", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36845.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36845.json index 1d379e9a05f..0c9dd91e34c 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36845.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36845.json @@ -2,19 +2,27 @@ "id": "CVE-2023-36845", "sourceIdentifier": "sirt@juniper.net", "published": "2023-08-17T20:15:10.360", - "lastModified": "2023-10-02T19:15:10.070", + "lastModified": "2024-02-02T17:15:10.493", "vulnStatus": "Modified", + "cisaExploitAdd": "2023-11-13", + "cisaActionDue": "2023-11-17", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Juniper Junos OS EX Series and SRX Series PHP External Variable Modification Vulnerability", "descriptions": [ { "lang": "en", "value": "A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series \n\nand SRX Series \n\nallows an unauthenticated, network-based attacker to remotely execute code.\n\nUsing a crafted request which sets the variable PHPRC an attacker is able to modify the PHP execution environment allowing the injection und execution of code.\n\n\nThis issue affects Juniper Networks Junos OS on EX Series\n\n\nand \n\n\nSRX Series:\n\n\n\n * All versions prior to \n\n20.4R3-S9;\n * 21.1 versions 21.1R1 and later;\n * 21.2 versions prior to\u00a021.2R3-S7;\n * 21.3 versions prior to\u00a021.3R3-S5;\n * 21.4 versions prior to 21.4R3-S5;\n * 22.1 versions \n\nprior to \n\n22.1R3-S4;\n * 22.2 versions \n\nprior to \n\n22.2R3-S2;\n * 22.3 versions \n\nprior to \n\n22.3R2-S2, 22.3R3-S1;\n * 22.4 versions \n\nprior to \n\n22.4R2-S1, 22.4R3;\n * 23.2 versions prior to 23.2R1-S1, 23.2R2.\n\n\n\n\n" + }, + { + "lang": "es", + "value": "Una vulnerabilidad de modificaci\u00f3n de variable externa PHP en J-Web de Juniper Networks Junos OS en las series EX y SRX permite a un atacante no autenticado basado en red ejecutar c\u00f3digo de forma remota. Mediante una solicitud manipulada que establece la variable PHPRC, un atacante puede modificar el entorno de ejecuci\u00f3n de PHP, lo que permite la inyecci\u00f3n y ejecuci\u00f3n de c\u00f3digo. Este problema afecta al sistema operativo Junos de Juniper Networks en las series EX y SRX: \n* Todas las versiones anteriores a 20.4R3-S9; \n* 21.1: versiones 21.1R1 y posteriores; \n* 21.2: versiones anteriores a 21.2R3-S7; \n* 21.3: versiones anteriores a 21.3R3-S5; \n* 21.4: versiones anteriores a 21.4R3-S5; \n* 22.1: versiones anteriores a 22.1R3-S4; \n* 22.2: versiones anteriores a 22.2R3-S2; \n* 22.3: versiones anteriores a 22.3R2-S2, 22.3R3-S1; \n* 22.4: versiones anteriores a 22.4R2-S1, 22.4R3; \n* 23.2: versiones anteriores a 23.2R1-S1, 23.2R2." } ], "metrics": { "cvssMetricV31": [ { "source": "sirt@juniper.net", - "type": "Secondary", + "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", @@ -37,7 +45,7 @@ "weaknesses": [ { "source": "sirt@juniper.net", - "type": "Secondary", + "type": "Primary", "description": [ { "lang": "en", @@ -50,458 +58,6 @@ { "operator": "AND", "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "20.4", - "matchCriteriaId": "E3A96966-5060-4139-A124-D4E2C879FD6C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*", - "matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", - "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", - "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", - "matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", - "matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", - "matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*", - "matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*", - "matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*", - "matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*", - "matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*", - "matchCriteriaId": "65948ABC-22BB-46D5-8545-0806EDB4B86E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*", - "matchCriteriaId": "283E41CB-9A90-4521-96DC-F31AA592CFD8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*", - "matchCriteriaId": "14EEA504-CBC5-4F6F-889A-D505EC4BB5B1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s7:*:*:*:*:*:*", - "matchCriteriaId": "977DEF80-0DB5-4828-97AC-09BB3111D585" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*", - "matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*", - "matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*", - "matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*", - "matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*", - "matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*", - "matchCriteriaId": "A0040FE2-7ECD-4755-96CE-E899BA298E0C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*", - "matchCriteriaId": "076AB086-BB79-4583-AAF7-A5233DFB2F95" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*", - "matchCriteriaId": "72E2DDF6-01DF-4880-AB60-B3DA3281E88D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s3:*:*:*:*:*:*", - "matchCriteriaId": "54010163-0810-4CF5-95FE-7E62BC6CA4F9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s4:*:*:*:*:*:*", - "matchCriteriaId": "5C1C3B09-3800-493E-A319-57648305FE6E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s5:*:*:*:*:*:*", - "matchCriteriaId": "4BFDCC2B-FAB5-4164-8D70-28E4DFF052AD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", - "matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", - "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", - "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", - "matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*", - "matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*", - "matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*", - "matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*", - "matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*", - "matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*", - "matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*", - "matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*", - "matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*", - "matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*", - "matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*", - "matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*", - "matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*", - "matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*", - "matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*", - "matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*", - "matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*", - "matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*", - "matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*", - "matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s3:*:*:*:*:*:*", - "matchCriteriaId": "93F324AE-65D3-4CFC-AEAB-898CE1BD05CD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s4:*:*:*:*:*:*", - "matchCriteriaId": "3CCBB2F4-F05B-4CC5-9B1B-ECCB798D0483" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*", - "matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", - "matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", - "matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*", - "matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*", - "matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*", - "matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*", - "matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*", - "matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*", - "matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*", - "matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*", - "matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*", - "matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*", - "matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*", - "matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*", - "matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*", - "matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*", - "matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*", - "matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*", - "matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*", - "matchCriteriaId": "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*", - "matchCriteriaId": "D49FFB60-BA71-4902-9404-E67162919ADC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*", - "matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*", - "matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*", - "matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*", - "matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*", - "matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*", - "matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*", - "matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*", - "matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*", - "matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*", - "matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*", - "matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*", - "matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*", - "matchCriteriaId": "574730B0-56C8-4A03-867B-1737148ED9B1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*", - "matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*", - "matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*", - "matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*", - "matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486" - } - ] - }, { "operator": "OR", "negate": false, @@ -647,12 +203,7 @@ "matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E" } ] - } - ] - }, - { - "operator": "AND", - "nodes": [ + }, { "operator": "OR", "negate": false, @@ -1104,7 +655,12 @@ "matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486" } ] - }, + } + ] + }, + { + "operator": "AND", + "nodes": [ { "operator": "OR", "negate": false, @@ -1425,6 +981,458 @@ "matchCriteriaId": "2EA71434-CCBF-4A55-8B30-D213A43E8641" } ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "20.4", + "matchCriteriaId": "E3A96966-5060-4139-A124-D4E2C879FD6C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*", + "matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", + "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", + "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", + "matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", + "matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", + "matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*", + "matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*", + "matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*", + "matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*", + "matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*", + "matchCriteriaId": "65948ABC-22BB-46D5-8545-0806EDB4B86E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*", + "matchCriteriaId": "283E41CB-9A90-4521-96DC-F31AA592CFD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*", + "matchCriteriaId": "14EEA504-CBC5-4F6F-889A-D505EC4BB5B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s7:*:*:*:*:*:*", + "matchCriteriaId": "977DEF80-0DB5-4828-97AC-09BB3111D585" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*", + "matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*", + "matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*", + "matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*", + "matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*", + "matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*", + "matchCriteriaId": "A0040FE2-7ECD-4755-96CE-E899BA298E0C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*", + "matchCriteriaId": "076AB086-BB79-4583-AAF7-A5233DFB2F95" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*", + "matchCriteriaId": "72E2DDF6-01DF-4880-AB60-B3DA3281E88D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s3:*:*:*:*:*:*", + "matchCriteriaId": "54010163-0810-4CF5-95FE-7E62BC6CA4F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s4:*:*:*:*:*:*", + "matchCriteriaId": "5C1C3B09-3800-493E-A319-57648305FE6E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s5:*:*:*:*:*:*", + "matchCriteriaId": "4BFDCC2B-FAB5-4164-8D70-28E4DFF052AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", + "matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", + "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", + "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", + "matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*", + "matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*", + "matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*", + "matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*", + "matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*", + "matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*", + "matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*", + "matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*", + "matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*", + "matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*", + "matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*", + "matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*", + "matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*", + "matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*", + "matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*", + "matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*", + "matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*", + "matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*", + "matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*", + "matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s3:*:*:*:*:*:*", + "matchCriteriaId": "93F324AE-65D3-4CFC-AEAB-898CE1BD05CD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s4:*:*:*:*:*:*", + "matchCriteriaId": "3CCBB2F4-F05B-4CC5-9B1B-ECCB798D0483" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*", + "matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", + "matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", + "matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*", + "matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*", + "matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*", + "matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*", + "matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*", + "matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*", + "matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*", + "matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*", + "matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*", + "matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*", + "matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*", + "matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*", + "matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*", + "matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*", + "matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*", + "matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*", + "matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*", + "matchCriteriaId": "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*", + "matchCriteriaId": "D49FFB60-BA71-4902-9404-E67162919ADC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*", + "matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*", + "matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*", + "matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*", + "matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*", + "matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*", + "matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*", + "matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*", + "matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*", + "matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*", + "matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*", + "matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*", + "matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*", + "matchCriteriaId": "574730B0-56C8-4A03-867B-1737148ED9B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*", + "matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*", + "matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*", + "matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*", + "matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486" + } + ] } ] } @@ -1434,6 +1442,10 @@ "url": "http://packetstormsecurity.com/files/174865/Juniper-SRX-Firewall-EX-Switch-Remote-Code-Execution.html", "source": "sirt@juniper.net" }, + { + "url": "http://packetstormsecurity.com/files/176969/Juniper-SRX-Firewall-EX-Switch-Remote-Code-Execution.html", + "source": "sirt@juniper.net" + }, { "url": "https://supportportal.juniper.net/JSA72300", "source": "sirt@juniper.net", diff --git a/CVE-2023/CVE-2023-422xx/CVE-2023-42222.json b/CVE-2023/CVE-2023-422xx/CVE-2023-42222.json index f1765f337d9..540aa1482c3 100644 --- a/CVE-2023/CVE-2023-422xx/CVE-2023-42222.json +++ b/CVE-2023/CVE-2023-422xx/CVE-2023-42222.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42222", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-28T03:15:11.643", - "lastModified": "2023-09-29T17:31:44.100", - "vulnStatus": "Analyzed", + "lastModified": "2024-02-02T17:15:10.690", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -69,6 +69,10 @@ } ], "references": [ + { + "url": "http://packetstormsecurity.com/files/176957/WebCatalog-48.4-Arbitrary-Protocol-Execution-Code-Execution.html", + "source": "cve@mitre.org" + }, { "url": "https://github.com/itssixtyn3in/CVE-2023-42222", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-422xx/CVE-2023-42270.json b/CVE-2023/CVE-2023-422xx/CVE-2023-42270.json index 4a55e0c357e..9af30cfc4e8 100644 --- a/CVE-2023/CVE-2023-422xx/CVE-2023-42270.json +++ b/CVE-2023/CVE-2023-422xx/CVE-2023-42270.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42270", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-15T14:15:11.137", - "lastModified": "2023-09-20T15:50:37.700", - "vulnStatus": "Analyzed", + "lastModified": "2024-02-02T17:15:10.793", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -69,6 +69,10 @@ } ], "references": [ + { + "url": "http://packetstormsecurity.com/files/176958/Grocy-4.0.2-Cross-Site-Request-Forgery.html", + "source": "cve@mitre.org" + }, { "url": "http://xploit.sh/posts/cve-2023-xxxxx/", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-433xx/CVE-2023-43320.json b/CVE-2023/CVE-2023-433xx/CVE-2023-43320.json index 4f1f662cd44..d29c6c679cb 100644 --- a/CVE-2023/CVE-2023-433xx/CVE-2023-43320.json +++ b/CVE-2023/CVE-2023-433xx/CVE-2023-43320.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43320", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-27T23:15:12.113", - "lastModified": "2023-10-05T15:08:56.817", - "vulnStatus": "Analyzed", + "lastModified": "2024-02-02T17:15:10.963", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -84,6 +84,10 @@ } ], "references": [ + { + "url": "http://packetstormsecurity.com/files/176967/Proxmox-VE-7.4-1-TOTP-Brute-Force.html", + "source": "cve@mitre.org" + }, { "url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4579", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52076.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52076.json index e94ca7a507b..48fe9932147 100644 --- a/CVE-2023/CVE-2023-520xx/CVE-2023-52076.json +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52076.json @@ -2,16 +2,40 @@ "id": "CVE-2023-52076", "sourceIdentifier": "security-advisories@github.com", "published": "2024-01-25T16:15:07.930", - "lastModified": "2024-01-25T19:28:53.800", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-02T17:14:24.893", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the user opening a crafted document has access. The only limitation is that this vulnerability cannot be exploited to overwrite existing files, but that doesn't stop an attacker from achieving Remote Command Execution on the target system. Version 1.26.2 of Atril contains a patch for this vulnerability." + }, + { + "lang": "es", + "value": "Atril Document Viewer es el lector de documentos predeterminado del entorno de escritorio MATE para Linux. Existe una vulnerabilidad de path traversal y escritura de archivos arbitrarios en versiones de Atril anteriores a la 1.26.2. Esta vulnerabilidad es capaz de escribir archivos arbitrarios en cualquier parte del sistema de archivos al que tiene acceso el usuario que abre un documento manipulado. La \u00fanica limitaci\u00f3n es que esta vulnerabilidad no se puede aprovechar para sobrescribir archivos existentes, pero eso no impide que un atacante logre la ejecuci\u00f3n remota de comandos en el sistema de destino. La versi\u00f3n 1.26.2 de Atril contiene un parche para esta vulnerabilidad." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -36,8 +60,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -58,18 +92,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mate-desktop:atril:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.26.2", + "matchCriteriaId": "5535D08A-28B9-4B48-8621-69F5DD6B1F01" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/mate-desktop/atril/commit/e70b21c815418a1e6ebedf6d8d31b8477c03ba50", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/mate-desktop/atril/releases/tag/v1.26.2", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/mate-desktop/atril/security/advisories/GHSA-6mf6-mxpc-jc37", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-52xx/CVE-2023-5217.json b/CVE-2023/CVE-2023-52xx/CVE-2023-5217.json index b2d896a9667..b065010b3b8 100644 --- a/CVE-2023/CVE-2023-52xx/CVE-2023-5217.json +++ b/CVE-2023/CVE-2023-52xx/CVE-2023-5217.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5217", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-09-28T16:15:10.980", - "lastModified": "2024-01-31T17:15:18.173", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T18:22:32.903", + "vulnStatus": "Analyzed", "cisaExploitAdd": "2023-10-02", "cisaActionDue": "2023-10-23", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", @@ -64,8 +64,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:webmproject:libvpx:1.13.1:*:*:*:*:*:*:*", - "matchCriteriaId": "72B4E494-3620-40A9-A47A-EEC189BC2A7E" + "criteria": "cpe:2.3:a:webmproject:libvpx:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.13.1", + "matchCriteriaId": "385F58CC-4AA0-4C41-9394-C9481586689E" } ] }, @@ -586,7 +587,10 @@ }, { "url": "https://security.gentoo.org/glsa/202401-34", - "source": "chrome-cve-admin@google.com" + "source": "chrome-cve-admin@google.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/", diff --git a/CVE-2024/CVE-2024-02xx/CVE-2024-0204.json b/CVE-2024/CVE-2024-02xx/CVE-2024-0204.json index 682312e74c2..80da325de1e 100644 --- a/CVE-2024/CVE-2024-02xx/CVE-2024-0204.json +++ b/CVE-2024/CVE-2024-02xx/CVE-2024-0204.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0204", "sourceIdentifier": "df4dee71-de3a-4139-9588-11b62fe6c0ff", "published": "2024-01-22T18:15:20.137", - "lastModified": "2024-01-29T19:36:52.633", - "vulnStatus": "Analyzed", + "lastModified": "2024-02-02T17:15:11.167", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -113,6 +113,10 @@ "VDB Entry" ] }, + { + "url": "http://packetstormsecurity.com/files/176974/Fortra-GoAnywhere-MFT-Unauthenticated-Remote-Code-Execution.html", + "source": "df4dee71-de3a-4139-9588-11b62fe6c0ff" + }, { "url": "https://my.goanywhere.com/webclient/ViewSecurityAdvisories.xhtml", "source": "df4dee71-de3a-4139-9588-11b62fe6c0ff", diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0741.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0741.json index 1c210610680..a2e24d609ff 100644 --- a/CVE-2024/CVE-2024-07xx/CVE-2024-0741.json +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0741.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0741", "sourceIdentifier": "security@mozilla.org", "published": "2024-01-23T14:15:38.173", - "lastModified": "2024-01-31T16:15:45.613", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:19:30.117", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -114,27 +114,31 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html", - "source": "security@mozilla.org" + "source": "security@mozilla.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-01/", "source": "security@mozilla.org", "tags": [ - "Third Party Advisory" + "Vendor Advisory" ] }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-02/", "source": "security@mozilla.org", "tags": [ - "Third Party Advisory" + "Vendor Advisory" ] }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-04/", "source": "security@mozilla.org", "tags": [ - "Third Party Advisory" + "Vendor Advisory" ] } ] diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0742.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0742.json index 9cbc53b26b9..b2c0d484628 100644 --- a/CVE-2024/CVE-2024-07xx/CVE-2024-0742.json +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0742.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0742", "sourceIdentifier": "security@mozilla.org", "published": "2024-01-23T14:15:38.230", - "lastModified": "2024-01-31T16:15:45.700", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:19:23.497", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -114,7 +114,11 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html", - "source": "security@mozilla.org" + "source": "security@mozilla.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-01/", diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0746.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0746.json index 654884623d4..84b293ce2eb 100644 --- a/CVE-2024/CVE-2024-07xx/CVE-2024-0746.json +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0746.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0746", "sourceIdentifier": "security@mozilla.org", "published": "2024-01-23T14:15:38.417", - "lastModified": "2024-01-31T16:15:45.770", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:19:10.737", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -114,7 +114,11 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html", - "source": "security@mozilla.org" + "source": "security@mozilla.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-01/", diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0747.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0747.json index 4253edd56a8..7158b6ec47b 100644 --- a/CVE-2024/CVE-2024-07xx/CVE-2024-0747.json +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0747.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0747", "sourceIdentifier": "security@mozilla.org", "published": "2024-01-23T14:15:38.463", - "lastModified": "2024-01-31T16:15:45.850", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:19:06.347", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -114,7 +114,11 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html", - "source": "security@mozilla.org" + "source": "security@mozilla.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-01/", diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0749.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0749.json index 3efa4af8c8b..2bec633a721 100644 --- a/CVE-2024/CVE-2024-07xx/CVE-2024-0749.json +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0749.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0749", "sourceIdentifier": "security@mozilla.org", "published": "2024-01-23T14:15:38.550", - "lastModified": "2024-01-31T16:15:45.923", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:18:54.040", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -114,7 +114,11 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html", - "source": "security@mozilla.org" + "source": "security@mozilla.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-01/", diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0750.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0750.json index 1f740e33bc6..173042e0310 100644 --- a/CVE-2024/CVE-2024-07xx/CVE-2024-0750.json +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0750.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0750", "sourceIdentifier": "security@mozilla.org", "published": "2024-01-23T14:15:38.597", - "lastModified": "2024-01-31T16:15:46.000", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:14:22.527", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -114,7 +114,11 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html", - "source": "security@mozilla.org" + "source": "security@mozilla.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-01/", diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0751.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0751.json index f8ef7e2bdf3..ec3c3d12795 100644 --- a/CVE-2024/CVE-2024-07xx/CVE-2024-0751.json +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0751.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0751", "sourceIdentifier": "security@mozilla.org", "published": "2024-01-23T14:15:38.643", - "lastModified": "2024-01-31T16:15:46.070", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:14:17.357", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -114,7 +114,11 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html", - "source": "security@mozilla.org" + "source": "security@mozilla.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-01/", diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0753.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0753.json index 9e1e5fb9e85..f24cba7eb7e 100644 --- a/CVE-2024/CVE-2024-07xx/CVE-2024-0753.json +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0753.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0753", "sourceIdentifier": "security@mozilla.org", "published": "2024-01-23T14:15:38.730", - "lastModified": "2024-01-31T16:15:46.140", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:14:13.963", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -114,7 +114,11 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html", - "source": "security@mozilla.org" + "source": "security@mozilla.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-01/", diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0755.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0755.json index b74d9245bc7..75104d90b89 100644 --- a/CVE-2024/CVE-2024-07xx/CVE-2024-0755.json +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0755.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0755", "sourceIdentifier": "security@mozilla.org", "published": "2024-01-23T14:15:38.820", - "lastModified": "2024-01-31T16:15:46.210", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:14:09.140", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -114,7 +114,11 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html", - "source": "security@mozilla.org" + "source": "security@mozilla.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-01/", diff --git a/CVE-2024/CVE-2024-09xx/CVE-2024-0924.json b/CVE-2024/CVE-2024-09xx/CVE-2024-0924.json index 3faa36ef153..789a7d68856 100644 --- a/CVE-2024/CVE-2024-09xx/CVE-2024-0924.json +++ b/CVE-2024/CVE-2024-09xx/CVE-2024-0924.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0924", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-26T15:15:08.537", - "lastModified": "2024-01-26T16:33:07.620", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-02T18:00:06.520", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.49_multi_TDE01. This affects the function formSetPPTPServer. The manipulation of the argument startIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252129 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en Tenda AC10U 15.03.06.49_multi_TDE01 y clasificada como cr\u00edtica. Esto afecta a la funci\u00f3n formSetPPTPServer. La manipulaci\u00f3n del argumento startIp provoca un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria. Es posible iniciar el ataque de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-252129. NOTA: Se contact\u00f3 primeramente con proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,58 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:ac10u_firmware:15.03.06.49_multi_tde01:*:*:*:*:*:*:*", + "matchCriteriaId": "0AE40471-0FF4-4DF8-88AA-B14303D8B0E4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:ac10u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDBE5E26-7967-4FDD-A29F-7740B29C4B8E" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/formSetPPTPServer.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.252129", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.252129", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-09xx/CVE-2024-0925.json b/CVE-2024/CVE-2024-09xx/CVE-2024-0925.json index 0f82c819c0d..c634f64327e 100644 --- a/CVE-2024/CVE-2024-09xx/CVE-2024-0925.json +++ b/CVE-2024/CVE-2024-09xx/CVE-2024-0925.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0925", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-26T15:15:08.770", - "lastModified": "2024-01-26T16:33:07.620", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-02T17:49:58.700", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. This vulnerability affects the function formSetVirtualSer. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-252130 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad ha sido encontrada en Tenda AC10U 15.03.06.49_multi_TDE01 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n formSetVirtualSer. La manipulaci\u00f3n del argumento list provoca un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria. El ataque se puede iniciar de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. VDB-252130 es el identificador asignado a esta vulnerabilidad. NOTA: Se contact\u00f3 primeramente con proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,58 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tendacn:ac10u_firmware:15.03.06.49_multi_tde01:*:*:*:*:*:*:*", + "matchCriteriaId": "D1C36BB3-509E-4120-B2EC-F4D061A71F2A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tendacn:ac10u:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BFF286BB-A1D3-4E51-AB31-B5A531A8B440" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/formSetVirtualSer.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.252130", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.252130", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-09xx/CVE-2024-0926.json b/CVE-2024/CVE-2024-09xx/CVE-2024-0926.json index 2f2317edfc8..3b7a17f5e57 100644 --- a/CVE-2024/CVE-2024-09xx/CVE-2024-0926.json +++ b/CVE-2024/CVE-2024-09xx/CVE-2024-0926.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0926", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-26T15:15:08.983", - "lastModified": "2024-01-26T16:33:07.620", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-02T17:47:20.887", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. This issue affects the function formWifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252131. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en Tenda AC10U 15.03.06.49_multi_TDE01 y clasificada como cr\u00edtica. Este problema afecta a la funci\u00f3n formWifiWpsOOB. La manipulaci\u00f3n del argumento index conduce a un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria. El ataque puede iniciarse de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-252131. NOTA: Se contact\u00f3 primeramente con proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,59 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tendacn:ac10u_firmware:15.03.06.49_multi_tde01:*:*:*:*:*:*:*", + "matchCriteriaId": "D1C36BB3-509E-4120-B2EC-F4D061A71F2A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tendacn:ac10u:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BFF286BB-A1D3-4E51-AB31-B5A531A8B440" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/formWifiWpsOOB.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.252131", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.252131", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-09xx/CVE-2024-0927.json b/CVE-2024/CVE-2024-09xx/CVE-2024-0927.json index b81b41b6b1d..2ff67dde63c 100644 --- a/CVE-2024/CVE-2024-09xx/CVE-2024-0927.json +++ b/CVE-2024/CVE-2024-09xx/CVE-2024-0927.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0927", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-26T15:15:09.217", - "lastModified": "2024-01-26T16:33:07.620", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-02T17:01:31.353", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been classified as critical. Affected is the function fromAddressNat. The manipulation of the argument entrys/mitInterface/page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252132. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en Tenda AC10U 15.03.06.49_multi_TDE01. Ha sido clasificada como cr\u00edtica. La funci\u00f3n fromAddressNat es afectada por la vulnerabilidad. La manipulaci\u00f3n del argumento entrys/mitInterface/page conduce a un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria. Es posible lanzar el ataque de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-252132. NOTA: Se contact\u00f3 primeramente con proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,58 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tendacn:ac10u_firmware:15.03.06.49_multi_tde01:*:*:*:*:*:*:*", + "matchCriteriaId": "D1C36BB3-509E-4120-B2EC-F4D061A71F2A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tendacn:ac10u:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BFF286BB-A1D3-4E51-AB31-B5A531A8B440" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/fromAddressNat_1.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.252132", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.252132", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-11xx/CVE-2024-1186.json b/CVE-2024/CVE-2024-11xx/CVE-2024-1186.json new file mode 100644 index 00000000000..bcf938a3555 --- /dev/null +++ b/CVE-2024/CVE-2024-11xx/CVE-2024-1186.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-1186", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-02-02T17:15:11.277", + "lastModified": "2024-02-02T17:15:11.277", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as problematic was found in Munsoft Easy Archive Recovery 2.0. This vulnerability affects unknown code of the component Registration Key Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252676. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P", + "accessVector": "LOCAL", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "PARTIAL", + "baseScore": 1.7 + }, + "baseSeverity": "LOW", + "exploitabilityScore": 3.1, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-404" + } + ] + } + ], + "references": [ + { + "url": "https://fitoxs.com/vuldb/12-exploit-perl.txt", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.252676", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.252676", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.exploit-db.com/exploits/45884", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-11xx/CVE-2024-1187.json b/CVE-2024/CVE-2024-11xx/CVE-2024-1187.json new file mode 100644 index 00000000000..0602b2837f0 --- /dev/null +++ b/CVE-2024/CVE-2024-11xx/CVE-2024-1187.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-1187", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-02-02T18:15:32.107", + "lastModified": "2024-02-02T18:15:32.107", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as problematic, has been found in Munsoft Easy Outlook Express Recovery 2.0. This issue affects some unknown processing of the component Registration Key Handler. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-252677 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P", + "accessVector": "LOCAL", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "PARTIAL", + "baseScore": 1.7 + }, + "baseSeverity": "LOW", + "exploitabilityScore": 3.1, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-404" + } + ] + } + ], + "references": [ + { + "url": "https://fitoxs.com/vuldb/13-exploit-perl.txt", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.252677", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.252677", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-11xx/CVE-2024-1188.json b/CVE-2024/CVE-2024-11xx/CVE-2024-1188.json new file mode 100644 index 00000000000..848c1e94cd3 --- /dev/null +++ b/CVE-2024/CVE-2024-11xx/CVE-2024-1188.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-1188", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-02-02T18:15:32.327", + "lastModified": "2024-02-02T18:15:32.327", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as problematic, was found in Rizone Soft Notepad3 1.0.2.350. Affected is an unknown function of the component Encryption Passphrase Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-252678 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P", + "accessVector": "LOCAL", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "PARTIAL", + "baseScore": 1.7 + }, + "baseSeverity": "LOW", + "exploitabilityScore": 3.1, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-404" + } + ] + } + ], + "references": [ + { + "url": "https://fitoxs.com/vuldb/14-exploit-perl.txt", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.252678", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.252678", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-209xx/CVE-2024-20922.json b/CVE-2024/CVE-2024-209xx/CVE-2024-20922.json index ab06345c31b..b2044253021 100644 --- a/CVE-2024/CVE-2024-209xx/CVE-2024-20922.json +++ b/CVE-2024/CVE-2024-209xx/CVE-2024-20922.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20922", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-01-16T22:15:39.860", - "lastModified": "2024-02-01T17:15:08.973", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:36:17.387", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -90,12 +90,40 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CCAA4004-9319-478C-9D55-0E8307F872F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:cloud_insights_storage_workload_security_agent:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3B199052-5732-4726-B06B-A12C70DFB891" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + } + ] + } + ] } ], "references": [ { "url": "https://security.netapp.com/advisory/ntap-20240201-0002/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.oracle.com/security-alerts/cpujan2024.html", diff --git a/CVE-2024/CVE-2024-209xx/CVE-2024-20926.json b/CVE-2024/CVE-2024-209xx/CVE-2024-20926.json index a0cdd9670d8..c25a132aaf5 100644 --- a/CVE-2024/CVE-2024-209xx/CVE-2024-20926.json +++ b/CVE-2024/CVE-2024-209xx/CVE-2024-20926.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20926", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-01-16T22:15:40.207", - "lastModified": "2024-02-01T17:15:09.080", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:35:48.843", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -135,16 +135,63 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CCAA4004-9319-478C-9D55-0E8307F872F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:cloud_insights_storage_workload_security_agent:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3B199052-5732-4726-B06B-A12C70DFB891" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + } + ] + } + ] } ], "references": [ { "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20240201-0002/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.oracle.com/security-alerts/cpujan2024.html", diff --git a/CVE-2024/CVE-2024-209xx/CVE-2024-20961.json b/CVE-2024/CVE-2024-209xx/CVE-2024-20961.json index 7d46b457529..89455cf60bf 100644 --- a/CVE-2024/CVE-2024-209xx/CVE-2024-20961.json +++ b/CVE-2024/CVE-2024-209xx/CVE-2024-20961.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20961", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-01-16T22:15:43.290", - "lastModified": "2024-02-01T17:15:09.397", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:36:27.917", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -74,12 +74,30 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + } + ] + } + ] } ], "references": [ { "url": "https://security.netapp.com/advisory/ntap-20240201-0003/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.oracle.com/security-alerts/cpujan2024.html", diff --git a/CVE-2024/CVE-2024-209xx/CVE-2024-20963.json b/CVE-2024/CVE-2024-209xx/CVE-2024-20963.json index 49ce98d17a2..e26a8cc63f0 100644 --- a/CVE-2024/CVE-2024-209xx/CVE-2024-20963.json +++ b/CVE-2024/CVE-2024-209xx/CVE-2024-20963.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20963", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-01-16T22:15:43.487", - "lastModified": "2024-02-01T17:15:09.500", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:36:33.743", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -74,12 +74,30 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + } + ] + } + ] } ], "references": [ { "url": "https://security.netapp.com/advisory/ntap-20240201-0003/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.oracle.com/security-alerts/cpujan2024.html", diff --git a/CVE-2024/CVE-2024-209xx/CVE-2024-20965.json b/CVE-2024/CVE-2024-209xx/CVE-2024-20965.json index 6d3bb2aac59..7e3b489356a 100644 --- a/CVE-2024/CVE-2024-209xx/CVE-2024-20965.json +++ b/CVE-2024/CVE-2024-209xx/CVE-2024-20965.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20965", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-01-16T22:15:43.660", - "lastModified": "2024-02-01T17:15:09.593", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:42:20.270", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -74,16 +74,37 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + } + ] + } + ] } ], "references": [ { "url": "https://security.netapp.com/advisory/ntap-20240201-0003/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20240201-0006/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.oracle.com/security-alerts/cpujan2024.html", diff --git a/CVE-2024/CVE-2024-209xx/CVE-2024-20967.json b/CVE-2024/CVE-2024-209xx/CVE-2024-20967.json index 189dddd6210..65973ebdc97 100644 --- a/CVE-2024/CVE-2024-209xx/CVE-2024-20967.json +++ b/CVE-2024/CVE-2024-209xx/CVE-2024-20967.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20967", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-01-16T22:15:43.837", - "lastModified": "2024-02-01T17:15:09.697", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:42:32.037", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -74,12 +74,30 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + } + ] + } + ] } ], "references": [ { "url": "https://security.netapp.com/advisory/ntap-20240201-0003/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.oracle.com/security-alerts/cpujan2024.html", diff --git a/CVE-2024/CVE-2024-209xx/CVE-2024-20969.json b/CVE-2024/CVE-2024-209xx/CVE-2024-20969.json index b3f1d2a29cd..2d8350838db 100644 --- a/CVE-2024/CVE-2024-209xx/CVE-2024-20969.json +++ b/CVE-2024/CVE-2024-209xx/CVE-2024-20969.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20969", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-01-16T22:15:44.007", - "lastModified": "2024-02-01T17:15:09.793", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:24:44.617", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -74,12 +74,30 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + } + ] + } + ] } ], "references": [ { "url": "https://security.netapp.com/advisory/ntap-20240201-0003/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.oracle.com/security-alerts/cpujan2024.html", diff --git a/CVE-2024/CVE-2024-209xx/CVE-2024-20971.json b/CVE-2024/CVE-2024-209xx/CVE-2024-20971.json index 40b71b50aa1..1fc5d3c6e47 100644 --- a/CVE-2024/CVE-2024-209xx/CVE-2024-20971.json +++ b/CVE-2024/CVE-2024-209xx/CVE-2024-20971.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20971", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-01-16T22:15:44.177", - "lastModified": "2024-02-01T17:15:09.893", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:24:10.267", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -74,12 +74,30 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + } + ] + } + ] } ], "references": [ { "url": "https://security.netapp.com/advisory/ntap-20240201-0003/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.oracle.com/security-alerts/cpujan2024.html", diff --git a/CVE-2024/CVE-2024-209xx/CVE-2024-20973.json b/CVE-2024/CVE-2024-209xx/CVE-2024-20973.json index b806ac346f4..00520e769a7 100644 --- a/CVE-2024/CVE-2024-209xx/CVE-2024-20973.json +++ b/CVE-2024/CVE-2024-209xx/CVE-2024-20973.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20973", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-01-16T22:15:44.350", - "lastModified": "2024-02-01T17:15:09.987", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:22:04.880", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -74,12 +74,30 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + } + ] + } + ] } ], "references": [ { "url": "https://security.netapp.com/advisory/ntap-20240201-0003/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.oracle.com/security-alerts/cpujan2024.html", diff --git a/CVE-2024/CVE-2024-209xx/CVE-2024-20975.json b/CVE-2024/CVE-2024-209xx/CVE-2024-20975.json index a96e622afe0..af106931825 100644 --- a/CVE-2024/CVE-2024-209xx/CVE-2024-20975.json +++ b/CVE-2024/CVE-2024-209xx/CVE-2024-20975.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20975", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-01-16T22:15:44.520", - "lastModified": "2024-02-01T17:15:10.080", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:42:39.467", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -67,12 +67,30 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + } + ] + } + ] } ], "references": [ { "url": "https://security.netapp.com/advisory/ntap-20240201-0007/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.oracle.com/security-alerts/cpujan2024.html", diff --git a/CVE-2024/CVE-2024-209xx/CVE-2024-20977.json b/CVE-2024/CVE-2024-209xx/CVE-2024-20977.json index 7f035dccbb1..0b621f24dda 100644 --- a/CVE-2024/CVE-2024-209xx/CVE-2024-20977.json +++ b/CVE-2024/CVE-2024-209xx/CVE-2024-20977.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20977", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-01-16T22:15:44.687", - "lastModified": "2024-02-01T17:15:10.183", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:24:20.210", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -74,12 +74,30 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + } + ] + } + ] } ], "references": [ { "url": "https://security.netapp.com/advisory/ntap-20240201-0003/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.oracle.com/security-alerts/cpujan2024.html", diff --git a/CVE-2024/CVE-2024-209xx/CVE-2024-20981.json b/CVE-2024/CVE-2024-209xx/CVE-2024-20981.json index 007c836baa3..0d324bbbd3b 100644 --- a/CVE-2024/CVE-2024-209xx/CVE-2024-20981.json +++ b/CVE-2024/CVE-2024-209xx/CVE-2024-20981.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20981", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-01-16T22:15:45.030", - "lastModified": "2024-02-01T17:15:10.280", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:24:34.507", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -74,12 +74,30 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + } + ] + } + ] } ], "references": [ { "url": "https://security.netapp.com/advisory/ntap-20240201-0003/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.oracle.com/security-alerts/cpujan2024.html", diff --git a/CVE-2024/CVE-2024-209xx/CVE-2024-20983.json b/CVE-2024/CVE-2024-209xx/CVE-2024-20983.json index f98479a2019..c74b146e0bd 100644 --- a/CVE-2024/CVE-2024-209xx/CVE-2024-20983.json +++ b/CVE-2024/CVE-2024-209xx/CVE-2024-20983.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20983", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-01-16T22:15:45.200", - "lastModified": "2024-02-01T17:15:10.380", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:27:04.743", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -67,12 +67,30 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + } + ] + } + ] } ], "references": [ { "url": "https://security.netapp.com/advisory/ntap-20240201-0009/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.oracle.com/security-alerts/cpujan2024.html", diff --git a/CVE-2024/CVE-2024-209xx/CVE-2024-20985.json b/CVE-2024/CVE-2024-209xx/CVE-2024-20985.json index 06817a6caff..97a9c779ecf 100644 --- a/CVE-2024/CVE-2024-209xx/CVE-2024-20985.json +++ b/CVE-2024/CVE-2024-209xx/CVE-2024-20985.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20985", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-01-16T22:15:45.377", - "lastModified": "2024-02-01T17:15:10.467", - "vulnStatus": "Modified", + "lastModified": "2024-02-02T17:27:12.127", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -74,12 +74,30 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + } + ] + } + ] } ], "references": [ { "url": "https://security.netapp.com/advisory/ntap-20240201-0003/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.oracle.com/security-alerts/cpujan2024.html", diff --git a/CVE-2024/CVE-2024-225xx/CVE-2024-22550.json b/CVE-2024/CVE-2024-225xx/CVE-2024-22550.json index b85ec56df5c..653a92d844a 100644 --- a/CVE-2024/CVE-2024-225xx/CVE-2024-22550.json +++ b/CVE-2024/CVE-2024-225xx/CVE-2024-22550.json @@ -2,19 +2,80 @@ "id": "CVE-2024-22550", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-26T15:15:09.437", - "lastModified": "2024-01-26T16:33:07.620", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-02T17:14:39.690", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An arbitrary file upload vulnerability in the component /alsdemo/ss/mediam.cgi of ShopSite v14.0 allows attackers to execute arbitrary code via uploading a crafted SVG file." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de carga de archivos arbitrarios en el componente /alsdemo/ss/mediam.cgi de ShopSite v14.0 permite a los atacantes ejecutar c\u00f3digo arbitrario cargando un archivo SVG manipulado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:shopsite:shopsite:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "655DB3CE-B5EF-4BF1-A753-06748EB55B61" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://packetstormsecurity.com/files/176312/ShopSite-14.0-Cross-Site-Scripting.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-230xx/CVE-2024-23055.json b/CVE-2024/CVE-2024-230xx/CVE-2024-23055.json index d260e2c06bc..6e2464e5f85 100644 --- a/CVE-2024/CVE-2024-230xx/CVE-2024-23055.json +++ b/CVE-2024/CVE-2024-230xx/CVE-2024-23055.json @@ -2,27 +2,93 @@ "id": "CVE-2024-23055", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-25T22:15:08.623", - "lastModified": "2024-01-25T22:18:09.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-02T17:05:51.857", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in Plone Docker Official Image 5.2.13 (5221) open-source software allows for remote code execution via improper validation of input by the HOST headers." + }, + { + "lang": "es", + "value": "Un problema en el software de c\u00f3digo abierto Plone Docker Official Image 5.2.13 (5221) permite la ejecuci\u00f3n remota de c\u00f3digo mediante una validaci\u00f3n incorrecta de la entrada por parte de los encabezados HOST." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:plone:plone_docker_official_image:5.2.13:*:*:*:*:*:*:*", + "matchCriteriaId": "277934F5-1C92-4B1C-85DE-93C7464108DA" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://plone.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://ploneorg.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/c0d3x27/CVEs/tree/main/CVE-2024-23055", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-236xx/CVE-2024-23635.json b/CVE-2024/CVE-2024-236xx/CVE-2024-23635.json new file mode 100644 index 00000000000..422c1063ccc --- /dev/null +++ b/CVE-2024/CVE-2024-236xx/CVE-2024-23635.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-23635", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-02-02T17:15:11.527", + "lastModified": "2024-02-02T17:15:11.527", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to 1.7.5, there is a potential for a mutation XSS (mXSS) vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerability the `preserveComments` directive must be enabled in your policy file. As a result, certain crafty inputs can result in elements in comment tags being interpreted as executable when using AntiSamy's sanitized output. Patched in AntiSamy 1.7.5 and later. " + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/nahsra/antisamy/security/advisories/GHSA-2mrq-w8pv-5pvq", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-245xx/CVE-2024-24560.json b/CVE-2024/CVE-2024-245xx/CVE-2024-24560.json new file mode 100644 index 00000000000..6eb9bbc42db --- /dev/null +++ b/CVE-2024/CVE-2024-245xx/CVE-2024-24560.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-24560", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-02-02T17:15:11.720", + "lastModified": "2024-02-02T17:15:11.720", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. When calls to external contracts are made, we write the input buffer starting at byte 28, and allocate the return buffer to start at byte 0 (overlapping with the input buffer). When checking RETURNDATASIZE for dynamic types, the size is compared only to the minimum allowed size for that type, and not to the returned value's length. As a result, malformed return data can cause the contract to mistake data from the input buffer for returndata. When the called contract returns invalid ABIv2 encoded data, the calling contract can read different invalid data (from the dirty buffer) than the called contract returned." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.2, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-gp3w-2v2m-p686", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index a6674393067..a829a87a529 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-02-02T17:00:25.658624+00:00 +2024-02-02T19:00:25.586620+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-02-02T16:56:44.633000+00:00 +2024-02-02T18:26:00.153000+00:00 ``` ### Last Data Feed Release @@ -29,69 +29,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -237473 +237478 ``` ### CVEs added in the last Commit -Recently added CVEs: `47` +Recently added CVEs: `5` -* [CVE-2023-45027](CVE-2023/CVE-2023-450xx/CVE-2023-45027.json) (`2024-02-02T16:15:50.303`) -* [CVE-2023-45028](CVE-2023/CVE-2023-450xx/CVE-2023-45028.json) (`2024-02-02T16:15:50.500`) -* [CVE-2023-45035](CVE-2023/CVE-2023-450xx/CVE-2023-45035.json) (`2024-02-02T16:15:50.760`) -* [CVE-2023-45036](CVE-2023/CVE-2023-450xx/CVE-2023-45036.json) (`2024-02-02T16:15:51.103`) -* [CVE-2023-45037](CVE-2023/CVE-2023-450xx/CVE-2023-45037.json) (`2024-02-02T16:15:51.493`) -* [CVE-2023-47561](CVE-2023/CVE-2023-475xx/CVE-2023-47561.json) (`2024-02-02T16:15:51.763`) -* [CVE-2023-47562](CVE-2023/CVE-2023-475xx/CVE-2023-47562.json) (`2024-02-02T16:15:52.020`) -* [CVE-2023-47564](CVE-2023/CVE-2023-475xx/CVE-2023-47564.json) (`2024-02-02T16:15:52.280`) -* [CVE-2023-47566](CVE-2023/CVE-2023-475xx/CVE-2023-47566.json) (`2024-02-02T16:15:52.473`) -* [CVE-2023-47567](CVE-2023/CVE-2023-475xx/CVE-2023-47567.json) (`2024-02-02T16:15:52.667`) -* [CVE-2023-47568](CVE-2023/CVE-2023-475xx/CVE-2023-47568.json) (`2024-02-02T16:15:52.853`) -* [CVE-2023-50359](CVE-2023/CVE-2023-503xx/CVE-2023-50359.json) (`2024-02-02T16:15:53.073`) -* [CVE-2023-51838](CVE-2023/CVE-2023-518xx/CVE-2023-51838.json) (`2024-02-02T16:15:53.273`) -* [CVE-2023-6387](CVE-2023/CVE-2023-63xx/CVE-2023-6387.json) (`2024-02-02T16:15:53.337`) -* [CVE-2024-1185](CVE-2024/CVE-2024-11xx/CVE-2024-1185.json) (`2024-02-02T16:15:53.530`) -* [CVE-2024-22107](CVE-2024/CVE-2024-221xx/CVE-2024-22107.json) (`2024-02-02T16:15:55.090`) -* [CVE-2024-22108](CVE-2024/CVE-2024-221xx/CVE-2024-22108.json) (`2024-02-02T16:15:55.167`) -* [CVE-2024-23824](CVE-2024/CVE-2024-238xx/CVE-2024-23824.json) (`2024-02-02T16:15:55.283`) -* [CVE-2024-23831](CVE-2024/CVE-2024-238xx/CVE-2024-23831.json) (`2024-02-02T16:15:55.593`) -* [CVE-2024-24029](CVE-2024/CVE-2024-240xx/CVE-2024-24029.json) (`2024-02-02T16:15:55.783`) -* [CVE-2024-24160](CVE-2024/CVE-2024-241xx/CVE-2024-24160.json) (`2024-02-02T16:15:55.833`) -* [CVE-2024-24161](CVE-2024/CVE-2024-241xx/CVE-2024-24161.json) (`2024-02-02T16:15:55.880`) -* [CVE-2024-24470](CVE-2024/CVE-2024-244xx/CVE-2024-24470.json) (`2024-02-02T16:15:55.923`) -* [CVE-2024-24757](CVE-2024/CVE-2024-247xx/CVE-2024-24757.json) (`2024-02-02T16:15:55.970`) -* [CVE-2024-24760](CVE-2024/CVE-2024-247xx/CVE-2024-24760.json) (`2024-02-02T16:15:56.163`) +* [CVE-2024-1186](CVE-2024/CVE-2024-11xx/CVE-2024-1186.json) (`2024-02-02T17:15:11.277`) +* [CVE-2024-23635](CVE-2024/CVE-2024-236xx/CVE-2024-23635.json) (`2024-02-02T17:15:11.527`) +* [CVE-2024-24560](CVE-2024/CVE-2024-245xx/CVE-2024-24560.json) (`2024-02-02T17:15:11.720`) +* [CVE-2024-1187](CVE-2024/CVE-2024-11xx/CVE-2024-1187.json) (`2024-02-02T18:15:32.107`) +* [CVE-2024-1188](CVE-2024/CVE-2024-11xx/CVE-2024-1188.json) (`2024-02-02T18:15:32.327`) ### CVEs modified in the last Commit -Recently modified CVEs: `119` +Recently modified CVEs: `44` -* [CVE-2024-0993](CVE-2024/CVE-2024-09xx/CVE-2024-0993.json) (`2024-02-02T15:35:05.213`) -* [CVE-2024-0994](CVE-2024/CVE-2024-09xx/CVE-2024-0994.json) (`2024-02-02T15:35:20.473`) -* [CVE-2024-0995](CVE-2024/CVE-2024-09xx/CVE-2024-0995.json) (`2024-02-02T15:37:30.920`) -* [CVE-2024-0996](CVE-2024/CVE-2024-09xx/CVE-2024-0996.json) (`2024-02-02T15:37:54.717`) -* [CVE-2024-0841](CVE-2024/CVE-2024-08xx/CVE-2024-0841.json) (`2024-02-02T15:38:25.947`) -* [CVE-2024-23782](CVE-2024/CVE-2024-237xx/CVE-2024-23782.json) (`2024-02-02T15:38:55.017`) -* [CVE-2024-0986](CVE-2024/CVE-2024-09xx/CVE-2024-0986.json) (`2024-02-02T15:39:08.187`) -* [CVE-2024-23648](CVE-2024/CVE-2024-236xx/CVE-2024-23648.json) (`2024-02-02T15:45:25.457`) -* [CVE-2024-23649](CVE-2024/CVE-2024-236xx/CVE-2024-23649.json) (`2024-02-02T15:46:30.623`) -* [CVE-2024-23644](CVE-2024/CVE-2024-236xx/CVE-2024-23644.json) (`2024-02-02T15:47:26.253`) -* [CVE-2024-0727](CVE-2024/CVE-2024-07xx/CVE-2024-0727.json) (`2024-02-02T15:53:24.320`) -* [CVE-2024-22927](CVE-2024/CVE-2024-229xx/CVE-2024-22927.json) (`2024-02-02T16:15:40.137`) -* [CVE-2024-23031](CVE-2024/CVE-2024-230xx/CVE-2024-23031.json) (`2024-02-02T16:15:45.433`) -* [CVE-2024-23032](CVE-2024/CVE-2024-230xx/CVE-2024-23032.json) (`2024-02-02T16:15:50.530`) -* [CVE-2024-20251](CVE-2024/CVE-2024-202xx/CVE-2024-20251.json) (`2024-02-02T16:15:53.757`) -* [CVE-2024-20253](CVE-2024/CVE-2024-202xx/CVE-2024-20253.json) (`2024-02-02T16:15:53.893`) -* [CVE-2024-20263](CVE-2024/CVE-2024-202xx/CVE-2024-20263.json) (`2024-02-02T16:15:54.033`) -* [CVE-2024-20270](CVE-2024/CVE-2024-202xx/CVE-2024-20270.json) (`2024-02-02T16:15:54.227`) -* [CVE-2024-20272](CVE-2024/CVE-2024-202xx/CVE-2024-20272.json) (`2024-02-02T16:15:54.683`) -* [CVE-2024-20277](CVE-2024/CVE-2024-202xx/CVE-2024-20277.json) (`2024-02-02T16:15:54.787`) -* [CVE-2024-20287](CVE-2024/CVE-2024-202xx/CVE-2024-20287.json) (`2024-02-02T16:15:54.887`) -* [CVE-2024-20305](CVE-2024/CVE-2024-203xx/CVE-2024-20305.json) (`2024-02-02T16:15:54.990`) -* [CVE-2024-23033](CVE-2024/CVE-2024-230xx/CVE-2024-23033.json) (`2024-02-02T16:15:56.287`) -* [CVE-2024-23034](CVE-2024/CVE-2024-230xx/CVE-2024-23034.json) (`2024-02-02T16:16:04.670`) -* [CVE-2024-0888](CVE-2024/CVE-2024-08xx/CVE-2024-0888.json) (`2024-02-02T16:54:28.463`) +* [CVE-2024-0750](CVE-2024/CVE-2024-07xx/CVE-2024-0750.json) (`2024-02-02T17:14:22.527`) +* [CVE-2024-22550](CVE-2024/CVE-2024-225xx/CVE-2024-22550.json) (`2024-02-02T17:14:39.690`) +* [CVE-2024-0204](CVE-2024/CVE-2024-02xx/CVE-2024-0204.json) (`2024-02-02T17:15:11.167`) +* [CVE-2024-0749](CVE-2024/CVE-2024-07xx/CVE-2024-0749.json) (`2024-02-02T17:18:54.040`) +* [CVE-2024-0747](CVE-2024/CVE-2024-07xx/CVE-2024-0747.json) (`2024-02-02T17:19:06.347`) +* [CVE-2024-0746](CVE-2024/CVE-2024-07xx/CVE-2024-0746.json) (`2024-02-02T17:19:10.737`) +* [CVE-2024-0742](CVE-2024/CVE-2024-07xx/CVE-2024-0742.json) (`2024-02-02T17:19:23.497`) +* [CVE-2024-0741](CVE-2024/CVE-2024-07xx/CVE-2024-0741.json) (`2024-02-02T17:19:30.117`) +* [CVE-2024-20973](CVE-2024/CVE-2024-209xx/CVE-2024-20973.json) (`2024-02-02T17:22:04.880`) +* [CVE-2024-20971](CVE-2024/CVE-2024-209xx/CVE-2024-20971.json) (`2024-02-02T17:24:10.267`) +* [CVE-2024-20977](CVE-2024/CVE-2024-209xx/CVE-2024-20977.json) (`2024-02-02T17:24:20.210`) +* [CVE-2024-20981](CVE-2024/CVE-2024-209xx/CVE-2024-20981.json) (`2024-02-02T17:24:34.507`) +* [CVE-2024-20969](CVE-2024/CVE-2024-209xx/CVE-2024-20969.json) (`2024-02-02T17:24:44.617`) +* [CVE-2024-20983](CVE-2024/CVE-2024-209xx/CVE-2024-20983.json) (`2024-02-02T17:27:04.743`) +* [CVE-2024-20985](CVE-2024/CVE-2024-209xx/CVE-2024-20985.json) (`2024-02-02T17:27:12.127`) +* [CVE-2024-20926](CVE-2024/CVE-2024-209xx/CVE-2024-20926.json) (`2024-02-02T17:35:48.843`) +* [CVE-2024-20922](CVE-2024/CVE-2024-209xx/CVE-2024-20922.json) (`2024-02-02T17:36:17.387`) +* [CVE-2024-20961](CVE-2024/CVE-2024-209xx/CVE-2024-20961.json) (`2024-02-02T17:36:27.917`) +* [CVE-2024-20963](CVE-2024/CVE-2024-209xx/CVE-2024-20963.json) (`2024-02-02T17:36:33.743`) +* [CVE-2024-20965](CVE-2024/CVE-2024-209xx/CVE-2024-20965.json) (`2024-02-02T17:42:20.270`) +* [CVE-2024-20967](CVE-2024/CVE-2024-209xx/CVE-2024-20967.json) (`2024-02-02T17:42:32.037`) +* [CVE-2024-20975](CVE-2024/CVE-2024-209xx/CVE-2024-20975.json) (`2024-02-02T17:42:39.467`) +* [CVE-2024-0926](CVE-2024/CVE-2024-09xx/CVE-2024-0926.json) (`2024-02-02T17:47:20.887`) +* [CVE-2024-0925](CVE-2024/CVE-2024-09xx/CVE-2024-0925.json) (`2024-02-02T17:49:58.700`) +* [CVE-2024-0924](CVE-2024/CVE-2024-09xx/CVE-2024-0924.json) (`2024-02-02T18:00:06.520`) ## Download and Usage