From 8bcfd6c8f8c490c98c6ee4e39df09f31314a3cdd Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 25 Nov 2024 05:04:29 +0000 Subject: [PATCH] Auto-Update: 2024-11-25T05:01:17.708216+00:00 --- CVE-2024/CVE-2024-10xx/CVE-2024-1023.json | 61 ++++++++- CVE-2024/CVE-2024-114xx/CVE-2024-11483.json | 63 +++++++++ CVE-2024/CVE-2024-116xx/CVE-2024-11647.json | 144 ++++++++++++++++++++ CVE-2024/CVE-2024-116xx/CVE-2024-11648.json | 144 ++++++++++++++++++++ CVE-2024/CVE-2024-116xx/CVE-2024-11649.json | 144 ++++++++++++++++++++ CVE-2024/CVE-2024-116xx/CVE-2024-11650.json | 144 ++++++++++++++++++++ CVE-2024/CVE-2024-116xx/CVE-2024-11651.json | 140 +++++++++++++++++++ CVE-2024/CVE-2024-116xx/CVE-2024-11652.json | 140 +++++++++++++++++++ CVE-2024/CVE-2024-116xx/CVE-2024-11653.json | 140 +++++++++++++++++++ CVE-2024/CVE-2024-116xx/CVE-2024-11654.json | 140 +++++++++++++++++++ CVE-2024/CVE-2024-13xx/CVE-2024-1300.json | 55 +++++++- CVE-2024/CVE-2024-539xx/CVE-2024-53930.json | 40 ++++++ CVE-2024/CVE-2024-55xx/CVE-2024-5514.json | 29 +++- README.md | 31 +++-- _state.csv | 28 ++-- 15 files changed, 1402 insertions(+), 41 deletions(-) create mode 100644 CVE-2024/CVE-2024-114xx/CVE-2024-11483.json create mode 100644 CVE-2024/CVE-2024-116xx/CVE-2024-11647.json create mode 100644 CVE-2024/CVE-2024-116xx/CVE-2024-11648.json create mode 100644 CVE-2024/CVE-2024-116xx/CVE-2024-11649.json create mode 100644 CVE-2024/CVE-2024-116xx/CVE-2024-11650.json create mode 100644 CVE-2024/CVE-2024-116xx/CVE-2024-11651.json create mode 100644 CVE-2024/CVE-2024-116xx/CVE-2024-11652.json create mode 100644 CVE-2024/CVE-2024-116xx/CVE-2024-11653.json create mode 100644 CVE-2024/CVE-2024-116xx/CVE-2024-11654.json create mode 100644 CVE-2024/CVE-2024-539xx/CVE-2024-53930.json diff --git a/CVE-2024/CVE-2024-10xx/CVE-2024-1023.json b/CVE-2024/CVE-2024-10xx/CVE-2024-1023.json index dc8be988092..d49b9e0dba3 100644 --- a/CVE-2024/CVE-2024-10xx/CVE-2024-1023.json +++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1023.json @@ -2,9 +2,8 @@ "id": "CVE-2024-1023", "sourceIdentifier": "secalert@redhat.com", "published": "2024-03-27T08:15:38.140", - "lastModified": "2024-07-25T21:15:10.280", + "lastModified": "2024-11-25T03:15:09.013", "vulnStatus": "Awaiting Analysis", - "cveTags": [], "descriptions": [ { "lang": "en", @@ -23,6 +22,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +31,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 3.6 @@ -42,11 +41,11 @@ "weaknesses": [ { "source": "secalert@redhat.com", - "type": "Secondary", + "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-119" + "value": "CWE-401" } ] } @@ -99,6 +98,54 @@ { "url": "https://github.com/eclipse-vertx/vert.x/pull/5082", "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1662", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1706", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:2088", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:2833", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:3527", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:3989", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:4884", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/security/cve/CVE-2024-1023", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260840", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://github.com/eclipse-vertx/vert.x/issues/5078", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://github.com/eclipse-vertx/vert.x/pull/5080", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://github.com/eclipse-vertx/vert.x/pull/5082", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-114xx/CVE-2024-11483.json b/CVE-2024/CVE-2024-114xx/CVE-2024-11483.json new file mode 100644 index 00000000000..b78d5de571c --- /dev/null +++ b/CVE-2024/CVE-2024-114xx/CVE-2024-11483.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2024-11483", + "sourceIdentifier": "secalert@redhat.com", + "published": "2024-11-25T04:15:03.683", + "lastModified": "2024-11-25T04:15:03.683", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in the Ansible Automation Platform (AAP). This flaw allows attackers to escalate privileges by improperly leveraging read-scoped OAuth2 tokens to gain write access. This issue affects API endpoints that rely on ansible_base.oauth2_provider for OAuth2 authentication. While the impact is limited to actions within the user\u2019s assigned permissions, it undermines scoped access controls, potentially allowing unintended modifications in the application and consuming services." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", + "baseScore": 5.0, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-11483", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327579", + "source": "secalert@redhat.com" + }, + { + "url": "https://github.com/ansible/django-ansible-base/commit/845b3e1838cc0762a7f9f3e0379c5274519d9a44", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11647.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11647.json new file mode 100644 index 00000000000..1ab04526917 --- /dev/null +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11647.json @@ -0,0 +1,144 @@ +{ + "id": "CVE-2024-11647", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-25T01:15:04.033", + "lastModified": "2024-11-25T01:15:04.033", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, has been found in 1000 Projects Beauty Parlour Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/view-appointment.php. The manipulation of the argument viewid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://1000projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/ppp-src/CVE/issues/34", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.285968", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.285968", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.446576", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11648.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11648.json new file mode 100644 index 00000000000..a54e358e645 --- /dev/null +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11648.json @@ -0,0 +1,144 @@ +{ + "id": "CVE-2024-11648", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-25T01:15:04.687", + "lastModified": "2024-11-25T01:15:04.687", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in 1000 Projects Beauty Parlour Management System 1.0. This affects an unknown part of the file /admin/add-customer.php. The manipulation of the argument name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://1000projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/Calmgh/CVE/issues/1", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.285969", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.285969", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.447291", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11649.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11649.json new file mode 100644 index 00000000000..2b02a5d68f8 --- /dev/null +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11649.json @@ -0,0 +1,144 @@ +{ + "id": "CVE-2024-11649", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-25T02:15:15.883", + "lastModified": "2024-11-25T02:15:15.883", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in 1000 Projects Beauty Parlour Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/search-appointment.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://1000projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/zgaz/CVE/issues/1", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.285970", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.285970", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.451245", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11650.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11650.json new file mode 100644 index 00000000000..10f96706e02 --- /dev/null +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11650.json @@ -0,0 +1,144 @@ +{ + "id": "CVE-2024-11650", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-25T03:15:06.707", + "lastModified": "2024-11-25T03:15:06.707", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Tenda i9 1.0.0.8(3828) and classified as critical. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation leads to null pointer dereference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", + "baseScore": 6.8, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "COMPLETE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-404" + }, + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/xiaobor123/tenda-vul-i9", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.285971", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.285971", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.446592", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.tenda.com.cn/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11651.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11651.json new file mode 100644 index 00000000000..986af5f691f --- /dev/null +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11651.json @@ -0,0 +1,140 @@ +{ + "id": "CVE-2024-11651", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-25T03:15:07.973", + "lastModified": "2024-11-25T03:15:07.973", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has been classified as critical. Affected is an unknown function of the file /admin/network/wifi_schedule. The manipulation of the argument wifi_schedule_day_em_5 leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 4.7, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", + "baseScore": 5.8, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.4, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "references": [ + { + "url": "https://k9u7kv33ub.feishu.cn/wiki/XIepwv7goiCcYxk5QAgc8Q2LnMc?from=from_copylink", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.285972", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.285972", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.446623", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11652.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11652.json new file mode 100644 index 00000000000..e5b883b1bb8 --- /dev/null +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11652.json @@ -0,0 +1,140 @@ +{ + "id": "CVE-2024-11652", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-25T03:15:08.533", + "lastModified": "2024-11-25T03:15:08.533", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/sn_package/sn_https. The manipulation of the argument https_enable leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 4.7, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", + "baseScore": 5.8, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.4, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "references": [ + { + "url": "https://k9u7kv33ub.feishu.cn/wiki/Rf7wwXMpQiJkp8kp4pmcZb2tnPe", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.285973", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.285973", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.446629", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11653.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11653.json new file mode 100644 index 00000000000..70b66671d5f --- /dev/null +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11653.json @@ -0,0 +1,140 @@ +{ + "id": "CVE-2024-11653", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-25T04:15:05.337", + "lastModified": "2024-11-25T04:15:05.337", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/network/diag_traceroute. The manipulation of the argument diag_traceroute leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 4.7, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", + "baseScore": 5.8, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.4, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "references": [ + { + "url": "https://k9u7kv33ub.feishu.cn/wiki/AHPnwdCaoiaQ3fkrdeUcqPfLnEd", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.285974", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.285974", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.446633", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11654.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11654.json new file mode 100644 index 00000000000..f207f3c6f30 --- /dev/null +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11654.json @@ -0,0 +1,140 @@ +{ + "id": "CVE-2024-11654", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-25T04:15:05.577", + "lastModified": "2024-11-25T04:15:05.577", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical has been found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. This affects an unknown part of the file /admin/network/diag_traceroute6. The manipulation of the argument diag_traceroute6 leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 4.7, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", + "baseScore": 5.8, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.4, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "references": [ + { + "url": "https://k9u7kv33ub.feishu.cn/wiki/YrKfwHqLjijPeYkMTQfcdhrBnyg?from=from_copylink", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.285975", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.285975", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.446637", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-13xx/CVE-2024-1300.json b/CVE-2024/CVE-2024-13xx/CVE-2024-1300.json index 433c0410046..9d7ba639689 100644 --- a/CVE-2024/CVE-2024-13xx/CVE-2024-1300.json +++ b/CVE-2024/CVE-2024-13xx/CVE-2024-1300.json @@ -2,9 +2,8 @@ "id": "CVE-2024-1300", "sourceIdentifier": "secalert@redhat.com", "published": "2024-04-02T08:15:53.993", - "lastModified": "2024-07-25T21:15:10.487", + "lastModified": "2024-11-25T03:15:10.053", "vulnStatus": "Awaiting Analysis", - "cveTags": [], "descriptions": [ { "lang": "en", @@ -23,6 +22,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +31,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "LOW" }, "exploitabilityScore": 2.8, "impactScore": 2.5 @@ -46,7 +45,7 @@ "description": [ { "lang": "en", - "value": "CWE-400" + "value": "CWE-401" } ] } @@ -95,6 +94,50 @@ { "url": "https://vertx.io/docs/vertx-core/java/#_server_name_indication_sni.", "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1662", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1706", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1923", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:2088", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:2833", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:3527", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:3989", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:4884", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/security/cve/CVE-2024-1300", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263139", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://vertx.io/docs/vertx-core/java/#_server_name_indication_sni.", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-539xx/CVE-2024-53930.json b/CVE-2024/CVE-2024-539xx/CVE-2024-53930.json new file mode 100644 index 00000000000..6f99d88b165 --- /dev/null +++ b/CVE-2024/CVE-2024-539xx/CVE-2024-53930.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2024-53930", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-25T03:15:12.327", + "lastModified": "2024-11-25T03:15:12.327", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "WikiDocs before 1.0.65 allows stored XSS by authenticated users via data that comes after $$\\\\, which is mishandled by a KaTeX parser." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Zavy86/WikiDocs/commit/aa264bd046a254522da67600be73791bd4e5dafc", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/Zavy86/WikiDocs/compare/1.0.64...1.0.65", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/Zavy86/WikiDocs/issues/211", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/Zavy86/WikiDocs/pull/213", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/Zavy86/WikiDocs/releases/tag/1.0.65", + "source": "cve@mitre.org" + }, + { + "url": "https://www.xbow.com", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-55xx/CVE-2024-5514.json b/CVE-2024/CVE-2024-55xx/CVE-2024-5514.json index 8e2b96206ad..a5191564d24 100644 --- a/CVE-2024/CVE-2024-55xx/CVE-2024-5514.json +++ b/CVE-2024/CVE-2024-55xx/CVE-2024-5514.json @@ -2,9 +2,8 @@ "id": "CVE-2024-5514", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-05-30T03:15:08.467", - "lastModified": "2024-05-30T13:15:41.297", + "lastModified": "2024-11-25T03:15:12.733", "vulnStatus": "Awaiting Analysis", - "cveTags": [], "descriptions": [ { "lang": "en", @@ -19,10 +18,12 @@ "cvssMetricV31": [ { "source": "twcert@cert.org.tw", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +31,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 5.9 @@ -42,7 +41,7 @@ "weaknesses": [ { "source": "twcert@cert.org.tw", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -56,9 +55,25 @@ } ], "references": [ + { + "url": "https://www.chtsecurity.com/news/2dde8d39-59fc-4c09-b4ad-0acf692321c5", + "source": "twcert@cert.org.tw" + }, + { + "url": "https://www.chtsecurity.com/news/6b2393f5-3041-4011-b2ea-528e312c6b3c", + "source": "twcert@cert.org.tw" + }, + { + "url": "https://www.twcert.org.tw/en/cp-139-7831-b9a46-2.html", + "source": "twcert@cert.org.tw" + }, { "url": "https://www.twcert.org.tw/tw/cp-132-7828-c08b8-1.html", "source": "twcert@cert.org.tw" + }, + { + "url": "https://www.twcert.org.tw/tw/cp-132-7828-c08b8-1.html", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/README.md b/README.md index 0dbaf6929ee..42676e865f7 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-11-25T00:57:03.031155+00:00 +2024-11-25T05:01:17.708216+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-11-25T00:15:04.423000+00:00 +2024-11-25T04:15:05.577000+00:00 ``` ### Last Data Feed Release @@ -27,31 +27,38 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2024-11-24T01:00:10.101150+00:00 +2024-11-25T01:00:10.079205+00:00 ``` ### Total Number of included CVEs ```plain -271210 +271220 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `10` -- [CVE-2024-11646](CVE-2024/CVE-2024-116xx/CVE-2024-11646.json) (`2024-11-25T00:15:03.743`) -- [CVE-2024-11665](CVE-2024/CVE-2024-116xx/CVE-2024-11665.json) (`2024-11-24T23:15:03.903`) -- [CVE-2024-11666](CVE-2024/CVE-2024-116xx/CVE-2024-11666.json) (`2024-11-24T23:15:04.030`) -- [CVE-2024-53916](CVE-2024/CVE-2024-539xx/CVE-2024-53916.json) (`2024-11-25T00:15:04.423`) +- [CVE-2024-11483](CVE-2024/CVE-2024-114xx/CVE-2024-11483.json) (`2024-11-25T04:15:03.683`) +- [CVE-2024-11647](CVE-2024/CVE-2024-116xx/CVE-2024-11647.json) (`2024-11-25T01:15:04.033`) +- [CVE-2024-11648](CVE-2024/CVE-2024-116xx/CVE-2024-11648.json) (`2024-11-25T01:15:04.687`) +- [CVE-2024-11649](CVE-2024/CVE-2024-116xx/CVE-2024-11649.json) (`2024-11-25T02:15:15.883`) +- [CVE-2024-11650](CVE-2024/CVE-2024-116xx/CVE-2024-11650.json) (`2024-11-25T03:15:06.707`) +- [CVE-2024-11651](CVE-2024/CVE-2024-116xx/CVE-2024-11651.json) (`2024-11-25T03:15:07.973`) +- [CVE-2024-11652](CVE-2024/CVE-2024-116xx/CVE-2024-11652.json) (`2024-11-25T03:15:08.533`) +- [CVE-2024-11653](CVE-2024/CVE-2024-116xx/CVE-2024-11653.json) (`2024-11-25T04:15:05.337`) +- [CVE-2024-11654](CVE-2024/CVE-2024-116xx/CVE-2024-11654.json) (`2024-11-25T04:15:05.577`) +- [CVE-2024-53930](CVE-2024/CVE-2024-539xx/CVE-2024-53930.json) (`2024-11-25T03:15:12.327`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `3` -- [CVE-2024-10041](CVE-2024/CVE-2024-100xx/CVE-2024-10041.json) (`2024-11-25T00:15:03.593`) -- [CVE-2024-9902](CVE-2024/CVE-2024-99xx/CVE-2024-9902.json) (`2024-11-24T23:15:04.537`) +- [CVE-2024-1023](CVE-2024/CVE-2024-10xx/CVE-2024-1023.json) (`2024-11-25T03:15:09.013`) +- [CVE-2024-1300](CVE-2024/CVE-2024-13xx/CVE-2024-1300.json) (`2024-11-25T03:15:10.053`) +- [CVE-2024-5514](CVE-2024/CVE-2024-55xx/CVE-2024-5514.json) (`2024-11-25T03:15:12.733`) ## Download and Usage diff --git a/_state.csv b/_state.csv index fba8b4b8614..4c3f6080bfa 100644 --- a/_state.csv +++ b/_state.csv @@ -242654,7 +242654,7 @@ CVE-2024-10035,0,0,149fd437256c7326392dd9f0a4c81622d030f2559876097c7b7b88c5cf49c CVE-2024-10038,0,0,f26b158cf0316e474052ec8b55413ea730b483beee121721fe226a2ba3efe291,2024-11-13T17:01:16.850000 CVE-2024-1004,0,0,be9a3a60f238fd673f4d3f1f166af1f9400f4582d193359c16f232ef2b1c02fa,2024-05-17T02:35:09.263000 CVE-2024-10040,0,0,7b56aeaf06debaabcdf1e140476d580d2600dab38558a586b77601e247b0f5d1,2024-11-01T18:26:23.450000 -CVE-2024-10041,0,1,916fa9e14708de71cbd68c9a824732bf79de8441185956b86bf4e14184977974,2024-11-25T00:15:03.593000 +CVE-2024-10041,0,0,916fa9e14708de71cbd68c9a824732bf79de8441185956b86bf4e14184977974,2024-11-25T00:15:03.593000 CVE-2024-10045,0,0,a817f3402cf6055b1a750108ad8efeb9be1dc186e8fac94b1b8b513bcc47b228,2024-10-25T18:52:30.337000 CVE-2024-10048,0,0,753b7b10384148568802076e97b22f964c12e42cf7a3108618b3a771a6303c01,2024-10-29T14:34:04.427000 CVE-2024-10049,0,0,885c4f58797b80385cdce80d924e46fe2b372795dfe14e40121472290c664142,2024-10-29T14:49:04.463000 @@ -242791,7 +242791,7 @@ CVE-2024-10226,0,0,6d4cd561e79cc1ca7a5d9390efd20e7ca0cce098a56a2c4eb01cd0ded7623 CVE-2024-10227,0,0,3dd5e64d31c98828e85e7c30a2d118d04e1c9c4e3f27cb753e16556963759a42,2024-10-29T14:34:04.427000 CVE-2024-10228,0,0,d569133a271818bbabb06a409fc5b29be55f5994c84d2df5dcb22d53edb0464d,2024-11-07T17:12:45.750000 CVE-2024-10229,0,0,d8b7c88d62022a9dc51348547e30f2a14480969b9761e4820e45f77df3ca533b,2024-10-25T17:04:54.080000 -CVE-2024-1023,0,0,8d9bd157d13575cb2f7284ebb3a2797f2b531ebc1f530e248b6a4889677c4116,2024-07-25T21:15:10.280000 +CVE-2024-1023,0,1,ed06545998c3f5ffabb1be6822418f5fe1099f638bcb0c11d17f31e05dc6f5fb,2024-11-25T03:15:09.013000 CVE-2024-10230,0,0,5b2eed7a3522d994daba36d504e121d06d38d6b2f8f6bed6dcdcf2e92eeba1bb,2024-10-31T08:35:03.010000 CVE-2024-10231,0,0,eb0443e51721212742591278ce3f179ecbfdd0bb144d3d1886157523275588e9,2024-10-25T17:01:55.633000 CVE-2024-10232,0,0,98e97f86e77c9008185f9ff2c9f54dab5146c7a71a0b7823df9bcfdfb1c8892d,2024-11-01T12:57:03.417000 @@ -243517,6 +243517,7 @@ CVE-2024-11463,0,0,ec04c7e81fa0a01468a3fa77b8e3ee0a2d478d739fbf8b7cd12d4c8bed3fd CVE-2024-1147,0,0,5da69e40e8a720c3c3c366cde1a8363ffbcff6346e82168cfd4c7602d33328bd,2024-03-21T12:58:51.093000 CVE-2024-11477,0,0,47ede4582a757f3d8a2482f5720bb8d1160cb660e47ba0cb5bbe4f95d03eaff1,2024-11-22T21:15:08.613000 CVE-2024-1148,0,0,55b3cfe72144d3f21629750ac052bc7072169844e3b194a6a00d557d611fa424,2024-03-21T12:58:51.093000 +CVE-2024-11483,1,1,f4547f683283dae10d7846f4e887757be4d3a7f093c3f058fb06eae091fc655a,2024-11-25T04:15:03.683000 CVE-2024-11484,0,0,5b816d22c086c06c9bbe429f95ff6355b1d34f34b7b5fc86c73ea0c726ad8b86,2024-11-23T01:07:09.537000 CVE-2024-11485,0,0,fb400091e253a8741fdd96bd0a04b903a65bc548063fa42a9c9d2832d0afcd12,2024-11-23T01:12:38.790000 CVE-2024-11486,0,0,db58c58ef7b459c756dca222dd1cd48fef16051c6598d4e84b789f420a9af766,2024-11-22T21:43:34.230000 @@ -243630,11 +243631,19 @@ CVE-2024-11630,0,0,124823e79cad8f52614d45dfbfa425539f468c43cf02153ebcf347d478214 CVE-2024-11631,0,0,9ebe73531e51a1771718cb549457c48a65acbd625e83ab9343b7ecd4358369ed,2024-11-23T12:15:19.760000 CVE-2024-11632,0,0,f74a4d2cf78dc36a74361dd247f960dc4582b1ede59db63229ef494a01a0b990,2024-11-23T14:15:17.880000 CVE-2024-1164,0,0,ccdaeeda02ae302b7582e035c96145e342a579b2b0fb5245fe0e2c3517f4c5b6,2024-06-11T17:14:02.340000 -CVE-2024-11646,1,1,f4b4da012892d94557570f554f7057dcbae784e404750d9d3c2e5f388db9f2ae,2024-11-25T00:15:03.743000 +CVE-2024-11646,0,0,f4b4da012892d94557570f554f7057dcbae784e404750d9d3c2e5f388db9f2ae,2024-11-25T00:15:03.743000 +CVE-2024-11647,1,1,fe080422adc3d9d603a1b179a0f457c6cc306a87d96d19562cc8f48edaa2efa0,2024-11-25T01:15:04.033000 +CVE-2024-11648,1,1,cba39d867b84fdb234a7d89e4a84b8a9aa7f03b417ce1c4fc7943cb0c1f8ea5d,2024-11-25T01:15:04.687000 +CVE-2024-11649,1,1,11e656117bec6e11fae1eb3593d3bf557b3593d1a7a450730052db5d2dda48b2,2024-11-25T02:15:15.883000 CVE-2024-1165,0,0,4c65f8011ae90263b8016fe4b3c081ae16e06c35df8b6a0c8887bb2b34e5f4fb,2024-02-26T16:32:25.577000 +CVE-2024-11650,1,1,a19ff6244bafe8da49623d3f6c9494917d32382199f9c9df21bc1a8b68eb25f1,2024-11-25T03:15:06.707000 +CVE-2024-11651,1,1,a7063f71fb443dbc88a86942922fb99e879b1c44522ad7f0d5b12db0f9744596,2024-11-25T03:15:07.973000 +CVE-2024-11652,1,1,5245500baea1c9db1373a7f6e02f815ec7024da8cd7b5b97fbfec1535d5124b9,2024-11-25T03:15:08.533000 +CVE-2024-11653,1,1,b95f8719394213758575c3e65a67762164dff53c5b1e31149ab4de859e12bff3,2024-11-25T04:15:05.337000 +CVE-2024-11654,1,1,c483755aa43cb83f6058edef700c07958403ae87f8cff92cfa68852b0ac825be,2024-11-25T04:15:05.577000 CVE-2024-1166,0,0,e6f9663f509e717e386eabd295ead584e97c6f7c2909c3dbf464a147e80eca1c,2024-05-14T16:13:02.773000 -CVE-2024-11665,1,1,432484acd0139af98341fd7fe90b0662197ea5956295af2989047d68fc0277cd,2024-11-25T00:15:03.957000 -CVE-2024-11666,1,1,2250b20e698d0c0188636489287d2b59448a3bc6ff2a33a1b94eca03d876ba25,2024-11-25T00:15:04.040000 +CVE-2024-11665,0,0,432484acd0139af98341fd7fe90b0662197ea5956295af2989047d68fc0277cd,2024-11-25T00:15:03.957000 +CVE-2024-11666,0,0,2250b20e698d0c0188636489287d2b59448a3bc6ff2a33a1b94eca03d876ba25,2024-11-25T00:15:04.040000 CVE-2024-1167,0,0,ed50fa0852f2fbdcdff47243517d528056863b720fcd10bdada66efed3504e8a,2024-02-09T20:20:51.900000 CVE-2024-1168,0,0,b74b0b0c267c02c66f0f474186eac7335d29517290a9638a292d9de8edcd7c5d,2024-07-11T02:52:36.687000 CVE-2024-1169,0,0,a43d6b50f47e310e039f1575550f9d1fe159a31a77f5a57027ebd3dc489ff540,2024-03-07T13:52:27.110000 @@ -243761,7 +243770,7 @@ CVE-2024-1296,0,0,cf8635aadac748620898188ca490946b2b5c75731feefb613195ade4e01744 CVE-2024-1297,0,0,99ab590c2d129ba188fde6f8a07a02c34afd396d53204b7be1878740241d5dfb,2024-02-20T19:50:53.960000 CVE-2024-1298,0,0,411af97e2820bfadb11b2eaf3380004504a4d88488591f09c66407ba8874f33d,2024-06-11T04:15:12.513000 CVE-2024-1299,0,0,9a0208670b2595106cb37b75e7426d09a4994dde0d20db8006b929fe084930d3,2024-10-03T07:15:29.077000 -CVE-2024-1300,0,0,d4f7e8e6b5ac6bd63760d8d777a219ba0fe706357403260381b501f5799316c3,2024-07-25T21:15:10.487000 +CVE-2024-1300,0,1,c7e69601a553774cd975d2a7098a7caa8eba52d65c898ed8f381758121995585,2024-11-25T03:15:10.053000 CVE-2024-1301,0,0,aa9dff2d1f94038a5640d7365d0f71bbab0e502e1b3edb9e0b65d34a36d4daa7,2024-03-12T17:46:17.273000 CVE-2024-1302,0,0,e9f787047b014f4b6f30daaa3fa30820f8e27de1e4755915987ac5c6f51ec22f,2024-03-12T17:46:17.273000 CVE-2024-1303,0,0,7938284658534aa4f8cce7112905f213924253ddbfc659d61385595a0a46a57b,2024-03-12T17:46:17.273000 @@ -267423,9 +267432,10 @@ CVE-2024-53912,0,0,7ef48ae334126168c1eeaffa3133917043bbafcdfb94c93b4ab3f651615fe CVE-2024-53913,0,0,a29c7c218a136f1fecf9c3f589cadee2966e4a90737bbc0405debe59301410fb,2024-11-24T21:15:04.333000 CVE-2024-53914,0,0,c529e50e941dc99542189aa80a68611f9afe5b4cc5f417630606d1e061862668,2024-11-24T21:15:04.453000 CVE-2024-53915,0,0,14bde47e14d46a3d8b22b8cc9e1dd800eb41ecd56c218acd1906711104b20d9e,2024-11-24T21:15:04.580000 -CVE-2024-53916,1,1,2d22f43c748e4fc1802bb59a3d73251bff1a353e6d572eedd66031b5d61e27bd,2024-11-25T00:15:04.423000 +CVE-2024-53916,0,0,2d22f43c748e4fc1802bb59a3d73251bff1a353e6d572eedd66031b5d61e27bd,2024-11-25T00:15:04.423000 CVE-2024-5392,0,0,b24872fec717fdd1d01c0a9d16cd8dae85d0db85954b236e74ba95a5e5c8352c,2024-06-04T19:21:08.117000 CVE-2024-5393,0,0,295d4f9eb57788d71849a73c0b5d6c4f89e92a1e7613c6c16abcfeb4329f6a42,2024-06-04T19:21:08.420000 +CVE-2024-53930,1,1,fed961217c1023fbd1f3b6814df1d9ac6c8728b3ffd25d36029d0edadc03f9bc,2024-11-25T03:15:12.327000 CVE-2024-5394,0,0,aaadf9a58796777f85dc2107a816ebb5c0ae4c9d890d2d8c3ab15382290e4f66,2024-06-04T19:21:08.527000 CVE-2024-5395,0,0,e532c0fafbcef9b666c7ef0302f25a35b4dc4d0c2a33d2079af161ebd3ce2b3c,2024-05-28T12:39:28.377000 CVE-2024-5396,0,0,d0f735b85e524715ed1861b804d3fb37a4720102a88b42bc6f1eec50bfcc099d,2024-06-04T19:21:08.627000 @@ -267538,7 +267548,7 @@ CVE-2024-5510,0,0,ce2728f25e14636a67dcc5d29689d722789b635c9eb5a0aa5e865fe8f4f390 CVE-2024-5511,0,0,e3f3839307946dc694c2ffdb51a6dddb584741f7a55867313d5865b5edee22e4,2024-11-22T20:15:09.453000 CVE-2024-5512,0,0,72389cf284d5e81ed3399a7d259f9781e1f33a686127bf91781557ecd636077b,2024-11-22T20:15:09.563000 CVE-2024-5513,0,0,c978ccc1504d6a7ef55f5d9a57e984590a50725ed4b341014b3f94751a428a20,2024-11-22T20:15:09.673000 -CVE-2024-5514,0,0,833e991f0e6be90b2237e59745237181caa44e2bd9d3a544d7919a263fb2690a,2024-05-30T13:15:41.297000 +CVE-2024-5514,0,1,9f8d0a5470106a9aeaed50672c60db02c1394131591acc00425cc9f287b15105,2024-11-25T03:15:12.733000 CVE-2024-5515,0,0,4678a2be8c70b7477a92ff0be2440ca33d4803d8173344aa517704fd754394de,2024-06-04T19:21:09.717000 CVE-2024-5516,0,0,d9e4106066ccff650b208a23a361cef7969f556246b95e24218cffd8f065e4ba,2024-06-04T19:21:09.817000 CVE-2024-5517,0,0,bc15537601ae0030739f2f3bdfb4eb2f09ef39a17857ac7bb9ae07f84990570d,2024-05-30T18:19:11.743000 @@ -271124,7 +271134,7 @@ CVE-2024-9896,0,0,1349378c85078664635cddd4e92f21938b789e5f2486c02fbf3dda2655343b CVE-2024-9897,0,0,c000f038202bbdf161648c8f1d74fa0a88aad69aa13c730474d96a3fd2473014,2024-11-01T15:27:56.797000 CVE-2024-9898,0,0,34647a8f54872789fb9d153b7e32e611f940664cb6907ab09e4df7e32cdaa8ba,2024-10-18T12:52:33.507000 CVE-2024-9899,0,0,6c76ba1fcc7597d7958a7e74c7de009221352c8fe34414d847a1d4d85ee09e27,2024-10-23T21:15:15.050000 -CVE-2024-9902,0,1,716e3717dcf9b01937caa12d1dbc8ab4ac14ab0e5c6cf818e315231bd96bdc15,2024-11-24T23:15:04.537000 +CVE-2024-9902,0,0,716e3717dcf9b01937caa12d1dbc8ab4ac14ab0e5c6cf818e315231bd96bdc15,2024-11-24T23:15:04.537000 CVE-2024-9903,0,0,244e0ad624c75743e190bc7da6a1b45fe195aaf738d59f8decfde97c8722448f,2024-10-15T12:57:46.880000 CVE-2024-9904,0,0,b8f5bdf1fde920247f061f9c3939c42469f53e3148abd589ac11ba36d4728079,2024-10-15T12:57:46.880000 CVE-2024-9905,0,0,09e20420cf063b331c2f2444287faaf461bdb42e483d150bc77bc6c327c543d3,2024-10-16T22:12:18.153000