From 8d3b290079f0f749484759018f211aa188799e62 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 27 May 2024 20:03:30 +0000 Subject: [PATCH] Auto-Update: 2024-05-27T20:00:37.825181+00:00 --- CVE-2024/CVE-2024-273xx/CVE-2024-27310.json | 43 ++++++++++ CVE-2024/CVE-2024-351xx/CVE-2024-35181.json | 75 ++++++++++++++++ CVE-2024/CVE-2024-351xx/CVE-2024-35182.json | 71 +++++++++++++++ CVE-2024/CVE-2024-352xx/CVE-2024-35238.json | 63 ++++++++++++++ CVE-2024/CVE-2024-360xx/CVE-2024-36036.json | 43 ++++++++++ CVE-2024/CVE-2024-360xx/CVE-2024-36037.json | 43 ++++++++++ CVE-2024/CVE-2024-361xx/CVE-2024-36105.json | 95 +++++++++++++++++++++ README.md | 20 ++--- _state.csv | 21 +++-- 9 files changed, 457 insertions(+), 17 deletions(-) create mode 100644 CVE-2024/CVE-2024-273xx/CVE-2024-27310.json create mode 100644 CVE-2024/CVE-2024-351xx/CVE-2024-35181.json create mode 100644 CVE-2024/CVE-2024-351xx/CVE-2024-35182.json create mode 100644 CVE-2024/CVE-2024-352xx/CVE-2024-35238.json create mode 100644 CVE-2024/CVE-2024-360xx/CVE-2024-36036.json create mode 100644 CVE-2024/CVE-2024-360xx/CVE-2024-36037.json create mode 100644 CVE-2024/CVE-2024-361xx/CVE-2024-36105.json diff --git a/CVE-2024/CVE-2024-273xx/CVE-2024-27310.json b/CVE-2024/CVE-2024-273xx/CVE-2024-27310.json new file mode 100644 index 00000000000..2d619f2f65d --- /dev/null +++ b/CVE-2024/CVE-2024-273xx/CVE-2024-27310.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-27310", + "sourceIdentifier": "0fc0942c-577d-436f-ae8e-945763c79b02", + "published": "2024-05-27T18:15:09.693", + "lastModified": "2024-05-27T18:15:09.693", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Zoho ManageEngine\u00a0ADSelfService Plus versions below\u00a06401 are vulnerable to the DOS attack due to the malicious LDAP query." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "0fc0942c-577d-436f-ae8e-945763c79b02", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://www.manageengine.com/products/self-service-password/advisory/CVE-2024-27310.html", + "source": "0fc0942c-577d-436f-ae8e-945763c79b02" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-351xx/CVE-2024-35181.json b/CVE-2024/CVE-2024-351xx/CVE-2024-35181.json new file mode 100644 index 00000000000..3bab7dba97e --- /dev/null +++ b/CVE-2024/CVE-2024-351xx/CVE-2024-35181.json @@ -0,0 +1,75 @@ +{ + "id": "CVE-2024-35181", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-05-27T19:15:08.620", + "lastModified": "2024-05-27T19:15:08.620", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the ATTACH DATABASE command. Additionally, attackers may be able to access and modify any data stored in the database, like performance profiles (which may contain session cookies), Meshery application data, or any Kubernetes configuration added to the system. The Meshery project exposes the function `GetMeshSyncResourcesKinds` at the API URL `/api/system/meshsync/resources/kinds`. The order query parameter is directly used to build a SQL query in `meshync_handler.go`. Version 0.7.22 fixes this issue." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/meshery/meshery/blob/b331f45c9083d7abf6b90105072b04cd22473de7/server/handlers/meshsync_handler.go#L187", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/meshery/meshery/commit/8e995ce21af02d32ef61689c1e1748a745917f13", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/meshery/meshery/commit/b55f6064d0c6a965aee38f30281f99da7dc4420c", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/meshery/meshery/pull/10207", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/meshery/meshery/pull/10280", + "source": "security-advisories@github.com" + }, + { + "url": "https://securitylab.github.com/advisories/GHSL-2024-013_GHSL-2024-014_Meshery/", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-351xx/CVE-2024-35182.json b/CVE-2024/CVE-2024-351xx/CVE-2024-35182.json new file mode 100644 index 00000000000..082d8f2575c --- /dev/null +++ b/CVE-2024/CVE-2024-351xx/CVE-2024-35182.json @@ -0,0 +1,71 @@ +{ + "id": "CVE-2024-35182", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-05-27T19:15:08.890", + "lastModified": "2024-05-27T19:15:08.890", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the ATTACH DATABASE command. Additionally, attackers may be able to access and modify any data stored in the database, like performance profiles (which may contain session cookies), Meshery application data, or any Kubernetes configuration added to the system. The Meshery project exposes the function `GetAllEvents` at the API URL `/api/v2/events`. The sort query parameter read in `events_streamer.go` is directly used to build a SQL query in `events_persister.go`. Version 0.7.22 fixes this issue by using the `SanitizeOrderInput` function." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/meshery/meshery/blob/b331f45c9083d7abf6b90105072b04cd22473de7/server/handlers/events_streamer.go#L52", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/meshery/meshery/blob/b331f45c9083d7abf6b90105072b04cd22473de7/server/models/events_persister.go#L47", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/meshery/meshery/commit/b55f6064d0c6a965aee38f30281f99da7dc4420c", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/meshery/meshery/pull/10280", + "source": "security-advisories@github.com" + }, + { + "url": "https://securitylab.github.com/advisories/GHSL-2024-013_GHSL-2024-014_Meshery/", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-352xx/CVE-2024-35238.json b/CVE-2024/CVE-2024-352xx/CVE-2024-35238.json new file mode 100644 index 00000000000..7d3b308870c --- /dev/null +++ b/CVE-2024/CVE-2024-352xx/CVE-2024-35238.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2024-35238", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-05-27T18:15:09.920", + "lastModified": "2024-05-27T18:15:09.920", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Minder by Stacklok is an open source software supply chain security platform. Minder prior to version 0.0.51 is vulnerable to a denial-of-service (DoS) attack which could allow an attacker to crash the Minder server and deny other users access to it. The root cause of the vulnerability is that Minders sigstore verifier reads an untrusted response entirely into memory without enforcing a limit on the response body. An attacker can exploit this by making Minder make a request to an attacker-controlled endpoint which returns a response with a large body which will crash the Minder server. Specifically, the point of failure is where Minder parses the response from the GitHub attestations endpoint in `getAttestationReply`. Here, Minder makes a request to the `orgs/$owner/attestations/$checksumref` GitHub endpoint (line 285) and then parses the response into the `AttestationReply` (line 295). The way Minder parses the response on line 295 makes it prone to DoS if the response is large enough. Essentially, the response needs to be larger than the machine has available memory. Version 0.0.51 contains a patch for this issue.\n\nThe content that is hosted at the `orgs/$owner/attestations/$checksumref` GitHub attestation endpoint is controlled by users including unauthenticated users to Minders threat model. However, a user will need to configure their own Minder settings to cause Minder to make Minder send a request to fetch the attestations. The user would need to know of a package whose attestations were configured in such a way that they would return a large response when fetching them. As such, the steps needed to carry out this attack would look as such:\n\n1. The attacker adds a package to ghcr.io with attestations that can be fetched via the `orgs/$owner/attestations/$checksumref` GitHub endpoint.\n2. The attacker registers on Minder and makes Minder fetch the attestations.\n3. Minder fetches attestations and crashes thereby being denied of service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/stacklok/minder/blob/daccbc12e364e2d407d56b87a13f7bb24cbdb074/internal/verifier/sigstore/container/container.go#L271-L300", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/stacklok/minder/commit/fe321d345b4f738de6a06b13207addc72b59f892", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/stacklok/minder/security/advisories/GHSA-8fmj-33gw-g7pw", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-360xx/CVE-2024-36036.json b/CVE-2024/CVE-2024-360xx/CVE-2024-36036.json new file mode 100644 index 00000000000..12e0a6e473f --- /dev/null +++ b/CVE-2024/CVE-2024-360xx/CVE-2024-36036.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-36036", + "sourceIdentifier": "0fc0942c-577d-436f-ae8e-945763c79b02", + "published": "2024-05-27T18:15:10.200", + "lastModified": "2024-05-27T18:15:10.200", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent configuration." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "0fc0942c-577d-436f-ae8e-945763c79b02", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.2, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://www.manageengine.com/products/active-directory-audit/cve-2024-36036.html", + "source": "0fc0942c-577d-436f-ae8e-945763c79b02" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-360xx/CVE-2024-36037.json b/CVE-2024/CVE-2024-360xx/CVE-2024-36037.json new file mode 100644 index 00000000000..ae5eb7e7fdd --- /dev/null +++ b/CVE-2024/CVE-2024-360xx/CVE-2024-36037.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-36037", + "sourceIdentifier": "0fc0942c-577d-436f-ae8e-945763c79b02", + "published": "2024-05-27T18:15:10.407", + "lastModified": "2024-05-27T18:15:10.407", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "0fc0942c-577d-436f-ae8e-945763c79b02", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://www.manageengine.com/products/active-directory-audit/cve-2024-36037.html", + "source": "0fc0942c-577d-436f-ae8e-945763c79b02" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-361xx/CVE-2024-36105.json b/CVE-2024/CVE-2024-361xx/CVE-2024-36105.json new file mode 100644 index 00000000000..0541908a1fa --- /dev/null +++ b/CVE-2024/CVE-2024-361xx/CVE-2024-36105.json @@ -0,0 +1,95 @@ +{ + "id": "CVE-2024-36105", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-05-27T18:15:10.613", + "lastModified": "2024-05-27T18:15:10.613", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. Prior to versions 1.6.15, 1.7.15, and 1.8.1, Binding to `INADDR_ANY (0.0.0.0)` or `IN6ADDR_ANY (::)` exposes an application on all network interfaces, increasing the risk of unauthorized access. As stated in the Python docs, a special form for address is accepted instead of a host address: `''` represents `INADDR_ANY`, equivalent to `\"0.0.0.0\"`. On systems with IPv6, '' represents `IN6ADDR_ANY`, which is equivalent to `\"::\"`. A user who serves docs on an unsecured public network, may unknowingly be hosting an unsecured (http) web site for any remote user/system to access on the same network. The issue has has been mitigated in dbt-core v1.6.15, dbt-core v1.7.15, and dbt-core v1.8.1 by binding to localhost explicitly by default in `dbt docs serve`.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-1327" + } + ] + } + ], + "references": [ + { + "url": "https://cwe.mitre.org/data/definitions/1327.html", + "source": "security-advisories@github.com" + }, + { + "url": "https://docs.python.org/3/library/socket.html#socket-families", + "source": "security-advisories@github.com" + }, + { + "url": "https://docs.securesauce.dev/rules/PY030", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/dbt-labs/dbt-core/blob/main/core/dbt/task/docs/serve.py#L23C38-L23C39", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/dbt-labs/dbt-core/commit/0c08d7a19ad1740be3cb0b2e6d9d64f6537176f7", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/dbt-labs/dbt-core/issues/10209", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/dbt-labs/dbt-core/pull/10208", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/dbt-labs/dbt-core/releases/tag/v1.6.15", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/dbt-labs/dbt-core/releases/tag/v1.7.15", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/dbt-labs/dbt-core/releases/tag/v1.8.1", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/dbt-labs/dbt-core/security/advisories/GHSA-pmrx-695r-4349", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 502bb5131b8..b2505b41fa2 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-05-27T18:00:38.244874+00:00 +2024-05-27T20:00:37.825181+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-05-27T17:15:10.230000+00:00 +2024-05-27T19:15:08.890000+00:00 ``` ### Last Data Feed Release @@ -33,20 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -251874 +251881 ``` ### CVEs added in the last Commit Recently added CVEs: `7` -- [CVE-2022-4969](CVE-2022/CVE-2022-49xx/CVE-2022-4969.json) (`2024-05-27T17:15:09.157`) -- [CVE-2024-32978](CVE-2024/CVE-2024-329xx/CVE-2024-32978.json) (`2024-05-27T16:15:08.757`) -- [CVE-2024-35219](CVE-2024/CVE-2024-352xx/CVE-2024-35219.json) (`2024-05-27T16:15:09.027`) -- [CVE-2024-35229](CVE-2024/CVE-2024-352xx/CVE-2024-35229.json) (`2024-05-27T17:15:09.510`) -- [CVE-2024-35231](CVE-2024/CVE-2024-352xx/CVE-2024-35231.json) (`2024-05-27T17:15:09.760`) -- [CVE-2024-35236](CVE-2024/CVE-2024-352xx/CVE-2024-35236.json) (`2024-05-27T17:15:09.990`) -- [CVE-2024-35237](CVE-2024/CVE-2024-352xx/CVE-2024-35237.json) (`2024-05-27T17:15:10.230`) +- [CVE-2024-27310](CVE-2024/CVE-2024-273xx/CVE-2024-27310.json) (`2024-05-27T18:15:09.693`) +- [CVE-2024-35181](CVE-2024/CVE-2024-351xx/CVE-2024-35181.json) (`2024-05-27T19:15:08.620`) +- [CVE-2024-35182](CVE-2024/CVE-2024-351xx/CVE-2024-35182.json) (`2024-05-27T19:15:08.890`) +- [CVE-2024-35238](CVE-2024/CVE-2024-352xx/CVE-2024-35238.json) (`2024-05-27T18:15:09.920`) +- [CVE-2024-36036](CVE-2024/CVE-2024-360xx/CVE-2024-36036.json) (`2024-05-27T18:15:10.200`) +- [CVE-2024-36037](CVE-2024/CVE-2024-360xx/CVE-2024-36037.json) (`2024-05-27T18:15:10.407`) +- [CVE-2024-36105](CVE-2024/CVE-2024-361xx/CVE-2024-36105.json) (`2024-05-27T18:15:10.613`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index 67ca2a6378f..831f05da5dc 100644 --- a/_state.csv +++ b/_state.csv @@ -212105,7 +212105,7 @@ CVE-2022-4964,0,0,1e33f52f21e6461cc018675c2148aa96cac948ebdf6307b4d3746f8773a9bf CVE-2022-4965,0,0,db99caae0cb2de43133818216d728b6e383517fb71f67f622369387ae341b961,2024-04-10T13:24:00.070000 CVE-2022-4966,0,0,4b6a071e73471757fc55bd168cdc3f57ac339cd73c0d56a405fd8ea19bcfc79e,2024-05-17T02:17:05.713000 CVE-2022-4967,0,0,f64d6e9936967085c3ea26693ea59316b1fba31fa88426c80de2b587efa09fa8,2024-05-14T16:13:02.773000 -CVE-2022-4969,1,1,9cbf80dc8bbd13f4c1989f54bae245359eed96fb9b6835caac3f11525885e360,2024-05-27T17:15:09.157000 +CVE-2022-4969,0,0,9cbf80dc8bbd13f4c1989f54bae245359eed96fb9b6835caac3f11525885e360,2024-05-27T17:15:09.157000 CVE-2023-0001,0,0,6ba5d6c17cbd7ec9fa4676d0367d715dae6604f51d9cfe28b728a892d018af19,2024-01-12T22:10:50.817000 CVE-2023-0002,0,0,1b2ceaca2ad4aa0f50a972375612dbbc2aec389d54ffce2da41cd327ee68ab86,2023-11-07T03:59:26.433000 CVE-2023-0003,0,0,70cc453f8a089b15f137423f4f4bc4ee2ad90c963566d3855dab50f2319ced75,2024-02-16T17:04:22.737000 @@ -246238,6 +246238,7 @@ CVE-2024-27307,0,0,0637b05d2a36e47d121bc1fe1beac809e09e2be90d0aa4c4cb901114110f3 CVE-2024-27308,0,0,2c1853ceb0d45fb092e9c133d6553571b7b9f8a855fc6b4950edbdaad595214f,2024-03-06T21:42:48.053000 CVE-2024-27309,0,0,4ff276f1fa3a42e9cba86006da159d603e23baa66b2db98c085aa5a6c3adaee2,2024-05-01T18:15:15.967000 CVE-2024-2731,0,0,7242593ba3e5c5b48a25383d38b7647a4613c0186c7dc999e27ef7b770a540e3,2024-04-10T19:49:51.183000 +CVE-2024-27310,1,1,9e2b220f1501707e97f1bf7750722ad998f6aa48691a9058a91571ff682a1b10,2024-05-27T18:15:09.693000 CVE-2024-27312,0,0,03b9c1d615c7eea419258607ab4327a45a73e24a5e571b82ecc5b8d0b7dc264a,2024-05-20T15:17:54.513000 CVE-2024-27314,0,0,ac1493e462403a46c12e85e6796125c8ed735dacb926ca788dd0b7320e8a9447,2024-05-27T07:15:09.297000 CVE-2024-27315,0,0,1b06bd54abb4ee7969c3aca53e6bed402762ed42c4492d0ee8674e3fa0b42312,2024-02-28T15:15:09.670000 @@ -249481,7 +249482,7 @@ CVE-2024-32971,0,0,30a1ded880baa000b404a0581d7700fcba0993ad067bcadc9b70a0460e272 CVE-2024-32972,0,0,849652650e04d2a2cf928beb303038daae9f4b88c338eff0619c140035b2effa,2024-05-06T16:00:59.253000 CVE-2024-32973,0,0,c022c9f4134f1adead82c1b269e30d0c14622c1fcaf8b6997a4d5a316715d39c,2024-05-01T13:01:51.263000 CVE-2024-32977,0,0,0fe4b56f20a37baa6e6e483a47c7afc89bc0a54a6fef05fea67ddd1983a8007b,2024-05-14T19:17:55.627000 -CVE-2024-32978,1,1,584c8410dd675eac190b17189a924d07972abc91c4ce8d6e57795e3830c619a1,2024-05-27T16:15:08.757000 +CVE-2024-32978,0,0,584c8410dd675eac190b17189a924d07972abc91c4ce8d6e57795e3830c619a1,2024-05-27T16:15:08.757000 CVE-2024-32979,0,0,415a3504af4253fb9330760c79feca97e4169fdf22dd7f9c2c9ff0e4f9c129df,2024-05-01T13:01:51.263000 CVE-2024-3298,0,0,35145d829af4d19541380a93e6723503e514b69e11aa4b007b05099610c37f21,2024-04-04T16:33:06.610000 CVE-2024-32980,0,0,8f9f29c57b88ca026c54a1fdb798adaf96dc5d8618c6ab23ef96dc2c8aaf4450,2024-05-08T17:05:24.083000 @@ -250422,6 +250423,8 @@ CVE-2024-35176,0,0,4b60ac698f0409c3d5afd3135a012e527abd899b09b05eec72c22bf6c64bb CVE-2024-35179,0,0,4433fc22ade8274a4e17f50ac56484b62a8701a589dbfa040c3c094fd870b93d,2024-05-15T16:40:19.330000 CVE-2024-3518,0,0,eaf2303b214171cc846a9c1e1f5b5c9bbf3d3c0b489c261d40c49ffc3b73ea7d,2024-05-22T12:46:53.887000 CVE-2024-35180,0,0,80c407dbbb9cc728599339da6dd4aafc61d867bae9c46c13901781bc50f4a229,2024-05-21T16:54:35.880000 +CVE-2024-35181,1,1,6a91d9274a1e4f79ba10d36df37ae660dbd8de9e18a9f79ac6949ca3ba0d5235,2024-05-27T19:15:08.620000 +CVE-2024-35182,1,1,3c9de910cc863d129e5c466e44ae8c9e0e8f7e0c3fdc16b09ab46070bbfd350b,2024-05-27T19:15:08.890000 CVE-2024-35183,0,0,a13a6c65b498bd81e5f60be29399a7cfffb17ddb2446f175a9bf7af049e805cc,2024-05-16T13:03:05.353000 CVE-2024-35184,0,0,b9e43a79a8d3cf5f3dc97bfbc13e9d1e865d4c1cbd767526b45c719d87dddf99,2024-05-16T13:03:05.353000 CVE-2024-35185,0,0,b2ed66ac50dba87a52bf32986463842596dbe3b40fd2d6342c41a23e64c5c71e,2024-05-17T18:36:31.297000 @@ -250439,18 +250442,19 @@ CVE-2024-35204,0,0,426b422871683d1b16b6e67a7918f8f9959a907fcff966c6f5833a5066df0 CVE-2024-35205,0,0,e759b9359595ebaf333ccada053519f187d3d1cfddc6ef72f21bfd74e59fe204,2024-05-14T16:11:39.510000 CVE-2024-3521,0,0,6a912375551b2b833dbf10976aa7a2942ee5411f45e7dcbcfe8caeaca7c22d09,2024-05-17T02:39:58.603000 CVE-2024-35218,0,0,f6bc0a27ef38a89d7a6dbb3c7d059a1e697280c0109c31621c0c9a5a9e9d78c4,2024-05-21T16:54:26.047000 -CVE-2024-35219,1,1,b7787118d0aee190e5eeaa74a4a5479e0512f99d8a0008b881043caf780dead5,2024-05-27T16:15:09.027000 +CVE-2024-35219,0,0,b7787118d0aee190e5eeaa74a4a5479e0512f99d8a0008b881043caf780dead5,2024-05-27T16:15:09.027000 CVE-2024-3522,0,0,4628133627fe639b4ec4fb103d141e6b7d472b6c7cdd271e81dd189ca5af7dbd,2024-05-17T02:39:58.700000 CVE-2024-35220,0,0,cdb61885da03a5a0cda53707f91bbe46f74d20c481713b8188a11b1318cfabca,2024-05-22T12:46:53.887000 CVE-2024-35222,0,0,36ca1f5942bc600830d0964eca33e6ff4693f5db1dbd469f3a881c8582b83106,2024-05-24T01:15:30.977000 CVE-2024-35223,0,0,cd2c4ce1a9fe8bfa6f0dfcc5ad8f4ae4bc0ae888e5916f53189fc333ee33e0be,2024-05-24T01:15:30.977000 CVE-2024-35224,0,0,e1c7dcbe61be23c2f9747cf7531e309bc23c53e66c973486d5da13d1acf7f619,2024-05-24T01:15:30.977000 -CVE-2024-35229,1,1,b7e939c71d89f8cd9c074d1b35bb8b5b3633a40010cff7fc0fd3bd382d8a255f,2024-05-27T17:15:09.510000 +CVE-2024-35229,0,0,b7e939c71d89f8cd9c074d1b35bb8b5b3633a40010cff7fc0fd3bd382d8a255f,2024-05-27T17:15:09.510000 CVE-2024-3523,0,0,154d27d1d83a25b71ff1e934ce7ae9d9233e3d50ef1f8829c89abcc116ac6a21,2024-05-17T02:39:58.793000 -CVE-2024-35231,1,1,da2ef7e58f25ee1bf04baacce8349e411632ed88e3891019ef555de941d2a7c4,2024-05-27T17:15:09.760000 +CVE-2024-35231,0,0,da2ef7e58f25ee1bf04baacce8349e411632ed88e3891019ef555de941d2a7c4,2024-05-27T17:15:09.760000 CVE-2024-35232,0,0,2a7292a21c1a419fedf12bf0175e7e0ea1dccba31a71b42910e0b52fba295aa1,2024-05-24T21:15:59.450000 -CVE-2024-35236,1,1,cbdd89d56156556aa0071f7f2f6895bbf87e64c39f414cb813a1e2a42756704b,2024-05-27T17:15:09.990000 -CVE-2024-35237,1,1,3a748bfc76bdf17a0c35eb506ad1651c3690e358eb794cf3da3a47fcb859c4a4,2024-05-27T17:15:10.230000 +CVE-2024-35236,0,0,cbdd89d56156556aa0071f7f2f6895bbf87e64c39f414cb813a1e2a42756704b,2024-05-27T17:15:09.990000 +CVE-2024-35237,0,0,3a748bfc76bdf17a0c35eb506ad1651c3690e358eb794cf3da3a47fcb859c4a4,2024-05-27T17:15:10.230000 +CVE-2024-35238,1,1,1842e3dcd785d3b25673eac52ca75d4360f0891f95acb9dc2bb39d213690d34b,2024-05-27T18:15:09.920000 CVE-2024-3524,0,0,3956193ca7114f5710505c19e3a759f29fdc99e35e3e85d2dfaab62815660be2,2024-05-17T02:39:58.883000 CVE-2024-3525,0,0,d160b9aacf64da3afa7deea3824b335adab6f10a287b9b570340cfda8c91ffed,2024-05-17T02:39:58.983000 CVE-2024-3526,0,0,7aa053534daa29503e740ad77b77cb47be1c8cd5e2a6b1d98f33dcb689c14e4e,2024-05-17T02:39:59.067000 @@ -250785,6 +250789,8 @@ CVE-2024-36010,0,0,d8117fd3c675ab33a2099194dfeda1d9019fdfb4c451a7a6a08ff2fe63771 CVE-2024-36011,0,0,abd5638cc1cfdef36e14f7c96bf2fc845d42601d602cfe73690b22754ed47103,2024-05-24T01:15:30.977000 CVE-2024-36012,0,0,99a87dfc7b0fc5371c51d11442e2aebe0c642c881f6f8e57147716a4b47febdf,2024-05-24T01:15:30.977000 CVE-2024-36013,0,0,1251c8e9d1d9ec0619ca01193822062d3235b343811763ddc34f761263e594d9,2024-05-25T15:15:09.070000 +CVE-2024-36036,1,1,9a3ea5bd5082a797a5f6289accf0f43cd3624818128de6eb9b5262a13d945bd2,2024-05-27T18:15:10.200000 +CVE-2024-36037,1,1,d5948972c3197b2380bbf561e4cf03ebf11e1c1117a05d16d71ebc5430a4e001,2024-05-27T18:15:10.407000 CVE-2024-36039,0,0,a8363180f0299206d54e6558901cb5cddfc68c9874309661faf6b2f8a76377e4,2024-05-21T16:53:56.550000 CVE-2024-36043,0,0,a692d077d358c1feb0a509deb9a8e16caf647bf207b7ab7a4cd103038bbab39e,2024-05-20T13:00:04.957000 CVE-2024-36048,0,0,e007b0325d407bc8859f041fde0fd19208cc3895dbb6e40867a5a83e255b52f5,2024-05-20T13:00:04.957000 @@ -250805,6 +250811,7 @@ CVE-2024-36079,0,0,7a15fc04be6e44e440cbb10b339f2acba72a106eca57d98773e3b9c4a4f0f CVE-2024-36080,0,0,de5551202af1794b77e1032fd6ee35ba7df3ef2929b44077b5dc18aee0b886df,2024-05-20T13:00:04.957000 CVE-2024-36081,0,0,d4f0cf242ca757b4f303ae5368ae2b4579e3452ad04759648a40396f5d2c3712,2024-05-20T13:00:04.957000 CVE-2024-3609,0,0,ed7edf68142e8387ad834c19a7338682e57310d52666dd6c703556dcd2e4f649,2024-05-17T18:36:05.263000 +CVE-2024-36105,1,1,220cd8a6ac5f75894a5548cde0875ec365425e092693cb132cbdc60b61f0d0b7,2024-05-27T18:15:10.613000 CVE-2024-3611,0,0,b6a9e7e031fc264aaf6cc25eb2de4637a54a3c74ff1ad6ab29710fbea0fb99c4,2024-05-22T12:46:53.887000 CVE-2024-3612,0,0,d6528427cbb589467c111cbd40a18dd09640d3302d8baf887860f351407e958e,2024-05-17T02:40:01.520000 CVE-2024-3613,0,0,d7eb1ddde521e54e1fe9acae408bd9221d7036e0a03927b308a853106c490093,2024-05-17T02:40:01.607000