Auto-Update: 2024-11-15T13:00:20.359775+00:00

CVE-2021/CVE-2021-37xx/CVE-2021-3740.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2021-3740",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:04.987",
+  "lastModified": "2024-11-15T11:15:04.987",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A Session Fixation vulnerability exists in chatwoot/chatwoot versions prior to 2.4.0. The application does not invalidate existing sessions on other devices when a user changes their password, allowing old sessions to persist. This can lead to unauthorized access if an attacker has obtained a session token."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
+          "attackVector": "ADJACENT_NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 6.8,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 0.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-384"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/chatwoot/chatwoot/commit/6fdd4a29969be8423f31890b807d27d13627c50c",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/1625470476437-chatwoot/chatwoot",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2021/CVE-2021-37xx/CVE-2021-3741.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2021-3741",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:05.327",
+  "lastModified": "2024-11-15T11:15:05.327",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A stored cross-site scripting (XSS) vulnerability was discovered in chatwoot/chatwoot, affecting all versions prior to 2.6. The vulnerability occurs when a user uploads an SVG file containing a malicious XSS payload in the profile settings. When the avatar is opened in a new page, the custom JavaScript code is executed, leading to potential security risks."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:H",
+          "attackVector": "ADJACENT_NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 6.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/chatwoot/chatwoot/commit/6fdd4a29969be8423f31890b807d27d13627c50c",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/1625474692857-chatwoot/chatwoot",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2021/CVE-2021-37xx/CVE-2021-3742.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2021-3742",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:05.547",
+  "lastModified": "2024-11-15T11:15:05.547",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A Server-Side Request Forgery (SSRF) vulnerability was discovered in chatwoot/chatwoot, affecting all versions prior to 2.5.0. The vulnerability allows an attacker to upload an SVG file containing a malicious SSRF payload. When the SVG file is used as an avatar and opened in a new tab, it can trigger the SSRF, potentially leading to host redirection."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
+          "attackVector": "ADJACENT_NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.9,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 6.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-918"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/chatwoot/chatwoot/commit/6fdd4a29969be8423f31890b807d27d13627c50c",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/1625472546121-chatwoot/chatwoot",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2021/CVE-2021-38xx/CVE-2021-3838.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2021-3838",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:05.763",
+  "lastModified": "2024-11-15T11:15:05.763",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the file_get_contents() function. An attacker who can upload files of any type to the server can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitrary PHP objects. This can lead to remote code execution, especially when DOMPdf is used with frameworks with documented POP chains like Laravel or vulnerable developer code."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-502"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/dompdf/dompdf/commit/99aeec1efec9213e87098d42eb09439e7ee0bb6a",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/0bdddc12-ff67-4815-ab9f-6011a974f48e",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2021/CVE-2021-38xx/CVE-2021-3841.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2021-3841",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:05.980",
+  "lastModified": "2024-11-15T11:15:05.980",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "sylius/sylius versions prior to 1.9.10, 1.10.11, and 1.11.2 are vulnerable to stored cross-site scripting (XSS) through SVG files. This vulnerability allows attackers to inject malicious scripts that can be executed in the context of the user's browser."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 4.1,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 0.7,
+        "impactScore": 3.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/sylius/sylius/commit/3da169e0c23e752974d74223cc536c29a2a82edc",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/1625506791178-Sylius/Sylius",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2021/CVE-2021-39xx/CVE-2021-3902.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2021-3902",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:06.190",
+  "lastModified": "2024-11-15T11:15:06.190",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An improper restriction of external entities (XXE) vulnerability in dompdf/dompdf's SVG parser allows for Server-Side Request Forgery (SSRF) and deserialization attacks. This issue affects all versions prior to 2.0.0. The vulnerability can be exploited even if the isRemoteEnabled option is set to false. It allows attackers to perform SSRF, disclose internal image files, and cause PHAR deserialization attacks."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-611"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/dompdf/dompdf/commit/f56bc8e40be6c0ae0825e6c7396f4db80620b799",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/a6071c07-806f-429a-8656-a4742e4191b1",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2021/CVE-2021-39xx/CVE-2021-3986.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2021-3986",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:06.400",
+  "lastModified": "2024-11-15T11:15:06.400",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability in janeczku/calibre-web allows unauthorized users to view the names of private shelves belonging to other users. This issue occurs in the file shelf.py at line 221, where the name of the shelf is exposed in an error message when a user attempts to remove a book from a shelf they do not own. This vulnerability discloses private information and affects all versions prior to the fix."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-209"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/janeczku/calibre-web/commit/6f5390ead5df9779ac81fadefffb476e03f93548",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/394af194-61a7-4e33-b373-877d4c766fca",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2021/CVE-2021-39xx/CVE-2021-3987.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2021-3987",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:06.610",
+  "lastModified": "2024-11-15T11:15:06.610",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An improper access control vulnerability exists in janeczku/calibre-web. The affected version allows users without public shelf permissions to create public shelves. The vulnerability is due to the `create_shelf` method in `shelf.py` not verifying if the user has the necessary permissions to create a public shelf. This issue can lead to unauthorized actions being performed by users."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-284"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/janeczku/calibre-web/commit/bcdc97641447965af486964537f3821f47b28874",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/29fcc091-87b6-43bc-ab4b-3c0bec3f71df",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2021/CVE-2021-39xx/CVE-2021-3988.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2021-3988",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:06.877",
+  "lastModified": "2024-11-15T11:15:06.877",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A Cross-site Scripting (XSS) vulnerability exists in janeczku/calibre-web, specifically in the file `edit_books.js`. The vulnerability occurs when editing book properties, such as uploading a cover or a format. The affected code directly inserts user input into the DOM without proper sanitization, allowing attackers to execute arbitrary JavaScript code. This can lead to various attacks, including stealing cookies. The issue is present in the code handling the `#btn-upload-cover` change event."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.7,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/janeczku/calibre-web/commit/7ad419dc8c12180e842a82118f4866ac3d074bc5",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/fa4c8fd1-7846-4dad-9112-2c07461f0609",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2021/CVE-2021-39xx/CVE-2021-3991.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2021-3991",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:07.173",
+  "lastModified": "2024-11-15T11:15:07.173",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An Improper Authorization vulnerability exists in Dolibarr versions prior to the 'develop' branch. A user with restricted permissions in the 'Reception' section is able to access specific reception details via direct URL access, bypassing the intended permission restrictions."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-285"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/dolibarr/dolibarr/commit/63cd06394f39d60784d6e6a0ccf4867a71a6568f",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/58ddbd8a-0faf-4b3f-aec9-5850bb19ab67",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2022/CVE-2022-12xx/CVE-2022-1226.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2022-1226",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:07.527",
+  "lastModified": "2024-11-15T11:15:07.527",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A Cross-Site Scripting (XSS) vulnerability in phpipam/phpipam versions prior to 1.4.7 allows attackers to execute arbitrary JavaScript code in the browser of a victim. This vulnerability affects the import Data set feature via a spreadsheet file upload. The affected endpoints include import-vlan-preview.php, import-subnets-preview.php, import-vrf-preview.php, import-ipaddr-preview.php, import-devtype-preview.php, import-devices-preview.php, and import-l2dom-preview.php. The vulnerability can be exploited by uploading a specially crafted spreadsheet file containing malicious JavaScript payloads, which are then executed in the context of the victim's browser. This can lead to defacement of websites, execution of malicious JavaScript code, stealing of user cookies, and unauthorized access to user accounts."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 3.5,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 0.9,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/phpipam/phpipam/commit/50e36b9e4fff5eaa51dc6e42bc684748da378002",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/3fdcf653-fe26-4592-94a1-98ce664618ec",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2022/CVE-2022-18xx/CVE-2022-1884.json

@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2022-1884",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:07.803",
+  "lastModified": "2024-11-15T11:15:07.803",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A remote command execution vulnerability exists in gogs/gogs versions <=0.12.7 when deployed on a Windows server. The vulnerability arises due to improper validation of the `tree_path` parameter during file uploads. An attacker can set `tree_path=.git.` to upload a file into the .git directory, allowing them to write or rewrite the `.git/config` file. If the `core.sshCommand` is set, this can lead to remote command execution."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 10.0,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 6.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-78"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://huntr.com/bounties/9cd4e7b7-0979-4e5e-9a1c-388b58dea76b",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2023/CVE-2023-01xx/CVE-2023-0109.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2023-0109",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:08.097",
+  "lastModified": "2024-11-15T11:15:08.097",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A stored cross-site scripting (XSS) vulnerability was discovered in usememos/memos version 0.9.1. This vulnerability allows an attacker to upload a JavaScript file containing a malicious script and reference it in an HTML file. When the HTML file is accessed, the malicious script is executed. This can lead to the theft of sensitive information, such as login credentials, from users visiting the affected website. The issue has been fixed in version 0.10.0."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/usememos/memos/commit/46c13a4b7f675b92d297df6dabb4441f13c7cd9c",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/1899ffb2-ce1e-4dc0-af96-972612190f6e",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2023/CVE-2023-07xx/CVE-2023-0737.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2023-0737",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:08.363",
+  "lastModified": "2024-11-15T11:15:08.363",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "wallabag version 2.5.2 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows attackers to arbitrarily delete user accounts via the /account/delete endpoint. This issue is fixed in version 2.5.4."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-352"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/wallabag/wallabag/commit/268372dbbdd7ef87b84617fdebf95d0a86caf7dc",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/4ba20fe7-4061-4dfb-ab2f-ecaf110641a5",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2023/CVE-2023-23xx/CVE-2023-2332.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2023-2332",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:08.643",
+  "lastModified": "2024-11-15T11:15:08.643",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A stored Cross-site Scripting (XSS) vulnerability exists in the Conditions tab of Pricing Rules in pimcore/pimcore versions 10.5.19. The vulnerability is present in the From and To fields of the Date Range section, allowing an attacker to inject malicious scripts. This can lead to the execution of arbitrary JavaScript code in the context of the user's browser, potentially stealing cookies or redirecting users to malicious sites. The issue is fixed in version 10.5.21."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 4.0,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 0.6,
+        "impactScore": 3.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/pimcore/pimcore/commit/a4491551967d879141a3fdf0986a9dd3d891abfe",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/e436ed71-6741-4b30-89db-f7f3de4aca2c",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2023/CVE-2023-43xx/CVE-2023-4348.json

@@ -0,0 +1,16 @@
+{
+  "id": "CVE-2023-4348",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T12:15:14.397",
+  "lastModified": "2024-11-15T12:15:14.397",
+  "vulnStatus": "Rejected",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
+    }
+  ],
+  "metrics": {},
+  "references": []
+}

CVE-2023/CVE-2023-46xx/CVE-2023-4679.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2023-4679",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:08.917",
+  "lastModified": "2024-11-15T11:15:08.917",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-free condition, which may cause the application to crash."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.9,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.5,
+        "impactScore": 3.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-416"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/gpac/gpac/commit/b68b3f0bf5c366e003221d78fd663a1d5514a876",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/6f721ee7-8785-4c26-801e-f40fed3faaac",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2024/CVE-2024-07xx/CVE-2024-0787.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-0787",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:09.213",
+  "lastModified": "2024-11-15T11:15:09.213",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header. The issue lies in the 'get_user_ip()' function in 'class.Common.php' at lines 1044 and 1045, where the presence of the 'X-Forwarded-For' header is checked and used instead of 'REMOTE_ADDR'. This vulnerability allows attackers to perform brute force attacks on user accounts, including the admin account. The issue is fixed in version 1.7.0."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-307"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/phpipam/phpipam/commit/55c2056068be9f1359e967fcff64db6b7f4d00b5",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/840cb582-1feb-43ab-9cc4-e4b5a63c5bab",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2024/CVE-2024-08xx/CVE-2024-0875.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-0875",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:09.490",
+  "lastModified": "2024-11-15T11:15:09.490",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A stored cross-site scripting (XSS) vulnerability exists in openemr/openemr version 7.0.1. An attacker can inject malicious payloads into the 'inputBody' field in the Secure Messaging feature, which can then be sent to other users. When the recipient views the malicious message, the payload is executed, potentially compromising their account. This issue is fixed in version 7.0.2.1."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.1,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/openemr/openemr/commit/d141d2ca06fb2171a202c7302dd5d5af8539f255",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/16cba0fc-748d-4ea8-9573-1f6fbe9a27c9",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2024/CVE-2024-104xx/CVE-2024-10443.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-10443",
+  "sourceIdentifier": "security@synology.com",
+  "published": "2024-11-15T11:15:09.750",
+  "lastModified": "2024-11-15T11:15:09.750",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper neutralization of special elements used in a command ('Command Injection') vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via unspecified vectors."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@synology.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@synology.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-77"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_24_18",
+      "source": "security@synology.com"
+    },
+    {
+      "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_24_19",
+      "source": "security@synology.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-105xx/CVE-2024-10534.json

@@ -0,0 +1,78 @@
+{
+  "id": "CVE-2024-10534",
+  "sourceIdentifier": "iletisim@usom.gov.tr",
+  "published": "2024-11-15T11:15:10.100",
+  "lastModified": "2024-11-15T11:15:10.100",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Origin Validation Error vulnerability in Dataprom Informatics Personnel Attendance Control Systems (PACS) / Access Control Security Systems (ACSS) allows Traffic Injection.This issue affects Personnel Attendance Control Systems (PACS) / Access Control Security Systems (ACSS): before 2024."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "iletisim@usom.gov.tr",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "attackVector": "ADJACENT",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "PASSIVE",
+          "vulnerableSystemConfidentiality": "HIGH",
+          "vulnerableSystemIntegrity": "HIGH",
+          "vulnerableSystemAvailability": "HIGH",
+          "subsequentSystemConfidentiality": "HIGH",
+          "subsequentSystemIntegrity": "HIGH",
+          "subsequentSystemAvailability": "HIGH",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED",
+          "baseScore": 8.6,
+          "baseSeverity": "HIGH"
+        }
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "iletisim@usom.gov.tr",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-346"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.usom.gov.tr/bildirim/tr-24-1856",
+      "source": "iletisim@usom.gov.tr"
+    }
+  ]
+}

CVE-2024/CVE-2024-10xx/CVE-2024-1097.json

@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-1097",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:10.550",
+  "lastModified": "2024-11-15T11:15:10.550",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A stored cross-site scripting (XSS) vulnerability exists in craigk5n/webcalendar version 1.3.0. The vulnerability occurs in the 'Report Name' input field while creating a new report. An attacker can inject malicious scripts, which are then executed in the context of other users who view the report, potentially leading to the theft of user accounts and cookies."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.6,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 4.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://huntr.com/bounties/6dd501f6-6047-4ddb-8b14-f0fc53cdc28e",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2024/CVE-2024-111xx/CVE-2024-11182.json

@@ -0,0 +1,78 @@
+{
+  "id": "CVE-2024-11182",
+  "sourceIdentifier": "security@eset.com",
+  "published": "2024-11-15T11:15:10.410",
+  "lastModified": "2024-11-15T11:15:10.410",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An XSS issue was discovered in \n\nMDaemon Email Server before version\u00a024.5.1c. An attacker can send an HTML e-mail message \nwith \nJavaScript in an img tag. This could\n allow a remote attacker\n\nto load arbitrary JavaScript code in the context of a webmail user's browser window."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "security@eset.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "PASSIVE",
+          "vulnerableSystemConfidentiality": "LOW",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "NONE",
+          "subsequentSystemConfidentiality": "LOW",
+          "subsequentSystemIntegrity": "LOW",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
+        }
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@eset.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://files.mdaemon.com/mdaemon/beta/RelNotes_en.html",
+      "source": "security@eset.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-112xx/CVE-2024-11237.json

@@ -0,0 +1,149 @@
+{
+  "id": "CVE-2024-11237",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-11-15T12:15:14.670",
+  "lastModified": "2024-11-15T12:15:14.670",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability, which was classified as critical, has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected by this issue is some unknown functionality of the component DHCP DISCOVER Packet Parser. The manipulation of the argument hostname leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "NONE",
+          "vulnerableSystemIntegrity": "NONE",
+          "vulnerableSystemAvailability": "HIGH",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED",
+          "baseScore": 8.7,
+          "baseSeverity": "HIGH"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.6
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "NONE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "COMPLETE",
+          "baseScore": 7.8
+        },
+        "baseSeverity": "HIGH",
+        "exploitabilityScore": 10.0,
+        "impactScore": 6.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-119"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-121"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/Zephkek/TP-Thumper",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://github.com/Zephkek/TP-Thumper/blob/main/poc.c",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.284672",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.284672",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.438408",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://www.tp-link.com/",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-12xx/CVE-2024-1240.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-1240",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-11-15T11:15:10.773",
+  "lastModified": "2024-11-15T11:15:10.773",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An open redirection vulnerability exists in pyload/pyload version 0.5.0. The vulnerability is due to improper handling of the 'next' parameter in the login functionality. An attacker can exploit this vulnerability to redirect users to malicious sites, which can be used for phishing or other malicious activities. The issue is fixed in pyload-ng 0.5.0b3.dev79."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 4.6,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-601"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/pyload/pyload/commit/fe94451dcc2be90b3889e2fd9d07b483c8a6dccd",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/eef9513d-ccc3-4030-b574-374c5e7b887e",
+      "source": "security@huntr.dev"
+    }
+  ]
+}

CVE-2024/CVE-2024-89xx/CVE-2024-8979.json

@@ -9,6 +9,10 @@
     {
       "lang": "en",
       "value": "The Essential Addons for Elementor \u2013 Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.0.9 via the 'init_content_lostpassword_user_email_controls' function. This makes it possible for authenticated attackers, with Author-level access and above, to extract sensitive data including usernames and passwords of any user, including Administrators, as long as that user opens the email notification for a password change request and images are not blocked by the email client."
+    },
+    {
+      "lang": "es",
+      "value": "Los complementos Essential Addons for Elementor \u2013 Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders para Elementor son vulnerables a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 6.0.9 incluida a trav\u00e9s de la funci\u00f3n 'init_content_lostpassword_user_email_controls'. Esto permite que los atacantes autenticados, con acceso de nivel de autor y superior, extraigan datos confidenciales, incluidos los nombres de usuario y las contrase\u00f1as de cualquier usuario, incluidos los administradores, siempre que ese usuario abra la notificaci\u00f3n por correo electr\u00f3nico para solicitar un cambio de contrase\u00f1a y las im\u00e1genes no est\u00e9n bloqueadas por el cliente de correo electr\u00f3nico."
     }
   ],
   "metrics": {

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-11-15T11:00:20.193184+00:00
+2024-11-15T13:00:20.359775+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-11-15T10:15:05.310000+00:00
+2024-11-15T12:15:14.670000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,24 +33,45 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-269807
+269832
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `4`
+Recently added CVEs: `25`
 
-- [CVE-2024-10311](CVE-2024/CVE-2024-103xx/CVE-2024-10311.json) (`2024-11-15T10:15:03.980`)
+- [CVE-2021-3740](CVE-2021/CVE-2021-37xx/CVE-2021-3740.json) (`2024-11-15T11:15:04.987`)
-- [CVE-2024-45784](CVE-2024/CVE-2024-457xx/CVE-2024-45784.json) (`2024-11-15T09:15:14.897`)
+- [CVE-2021-3741](CVE-2021/CVE-2021-37xx/CVE-2021-3741.json) (`2024-11-15T11:15:05.327`)
-- [CVE-2024-8978](CVE-2024/CVE-2024-89xx/CVE-2024-8978.json) (`2024-11-15T10:15:04.873`)
+- [CVE-2021-3742](CVE-2021/CVE-2021-37xx/CVE-2021-3742.json) (`2024-11-15T11:15:05.547`)
-- [CVE-2024-8979](CVE-2024/CVE-2024-89xx/CVE-2024-8979.json) (`2024-11-15T10:15:05.310`)
+- [CVE-2021-3838](CVE-2021/CVE-2021-38xx/CVE-2021-3838.json) (`2024-11-15T11:15:05.763`)
+- [CVE-2021-3841](CVE-2021/CVE-2021-38xx/CVE-2021-3841.json) (`2024-11-15T11:15:05.980`)
+- [CVE-2021-3902](CVE-2021/CVE-2021-39xx/CVE-2021-3902.json) (`2024-11-15T11:15:06.190`)
+- [CVE-2021-3986](CVE-2021/CVE-2021-39xx/CVE-2021-3986.json) (`2024-11-15T11:15:06.400`)
+- [CVE-2021-3987](CVE-2021/CVE-2021-39xx/CVE-2021-3987.json) (`2024-11-15T11:15:06.610`)
+- [CVE-2021-3988](CVE-2021/CVE-2021-39xx/CVE-2021-3988.json) (`2024-11-15T11:15:06.877`)
+- [CVE-2021-3991](CVE-2021/CVE-2021-39xx/CVE-2021-3991.json) (`2024-11-15T11:15:07.173`)
+- [CVE-2022-1226](CVE-2022/CVE-2022-12xx/CVE-2022-1226.json) (`2024-11-15T11:15:07.527`)
+- [CVE-2022-1884](CVE-2022/CVE-2022-18xx/CVE-2022-1884.json) (`2024-11-15T11:15:07.803`)
+- [CVE-2023-0109](CVE-2023/CVE-2023-01xx/CVE-2023-0109.json) (`2024-11-15T11:15:08.097`)
+- [CVE-2023-0737](CVE-2023/CVE-2023-07xx/CVE-2023-0737.json) (`2024-11-15T11:15:08.363`)
+- [CVE-2023-2332](CVE-2023/CVE-2023-23xx/CVE-2023-2332.json) (`2024-11-15T11:15:08.643`)
+- [CVE-2023-4348](CVE-2023/CVE-2023-43xx/CVE-2023-4348.json) (`2024-11-15T12:15:14.397`)
+- [CVE-2023-4679](CVE-2023/CVE-2023-46xx/CVE-2023-4679.json) (`2024-11-15T11:15:08.917`)
+- [CVE-2024-0787](CVE-2024/CVE-2024-07xx/CVE-2024-0787.json) (`2024-11-15T11:15:09.213`)
+- [CVE-2024-0875](CVE-2024/CVE-2024-08xx/CVE-2024-0875.json) (`2024-11-15T11:15:09.490`)
+- [CVE-2024-10443](CVE-2024/CVE-2024-104xx/CVE-2024-10443.json) (`2024-11-15T11:15:09.750`)
+- [CVE-2024-10534](CVE-2024/CVE-2024-105xx/CVE-2024-10534.json) (`2024-11-15T11:15:10.100`)
+- [CVE-2024-1097](CVE-2024/CVE-2024-10xx/CVE-2024-1097.json) (`2024-11-15T11:15:10.550`)
+- [CVE-2024-11182](CVE-2024/CVE-2024-111xx/CVE-2024-11182.json) (`2024-11-15T11:15:10.410`)
+- [CVE-2024-11237](CVE-2024/CVE-2024-112xx/CVE-2024-11237.json) (`2024-11-15T12:15:14.670`)
+- [CVE-2024-1240](CVE-2024/CVE-2024-12xx/CVE-2024-1240.json) (`2024-11-15T11:15:10.773`)
 
 
 ### CVEs modified in the last Commit
 
 Recently modified CVEs: `1`
 
-- [CVE-2024-11211](CVE-2024/CVE-2024-112xx/CVE-2024-11211.json) (`2024-11-15T09:15:14.600`)
+- [CVE-2024-8979](CVE-2024/CVE-2024-89xx/CVE-2024-8979.json) (`2024-11-15T10:15:05.310`)
 
 
 ## Download and Usage

_state.csv

@@ -179867,6 +179867,7 @@ CVE-2021-37391,0,0,612092213cbf3c7c8612c0c47f8c525d5a52fd73e735ce6c2b430c9b86b41
 CVE-2021-37392,0,0,60b8dbff0c2d792a54d0cec2f57109e745df15412f48a80e1ebca647d9b97654,2021-08-06T16:21:28.697000
 CVE-2021-37393,0,0,8aef86848c22832237243030c09554d5c294fe67bf36c767afe9af07ac38cfd0,2021-08-06T16:16:15.627000
 CVE-2021-37394,0,0,3bedea4cd8c10cff8545c5ec47bc3c52f53035db41f301c1be09bcbd332575a2,2022-07-12T17:42:04.277000
+CVE-2021-3740,1,1,9a092637180243b4c6c48e61843067daad955a1bd8f7bd30ce4915aff4202dd2,2024-11-15T11:15:04.987000
 CVE-2021-37400,0,0,b0d27ef29eb9b33b48de9bc66b3e1c03ad9217ada68e0e9fad53740c5cf9e509,2022-01-07T20:40:19.347000
 CVE-2021-37401,0,0,59627adb2bdfa439df8627bb1689eacf7a0bb3291449d63f2dceab9e283ff994,2022-01-07T20:29:50.673000
 CVE-2021-37402,0,0,cf2062259da087492fc8edbe731f8aff92da042f2b45087a0d323466afa22b5a,2022-02-10T17:57:02.027000
@@ -179874,6 +179875,7 @@ CVE-2021-37403,0,0,82552ed0c573f39bdd26ed69942611c847d9a9b43f6257e0cb1eb6c1b0bd8
 CVE-2021-37404,0,0,5a0e9f6dc54189d8c836c0ab9c368f4d87fc3dcd07409437f67bddfe1436495c,2023-06-27T15:15:09.823000
 CVE-2021-37405,0,0,99b66947fe60bfe7691d9d16217aae051bd21ca1d36b5350aafb451f141845f0,2024-05-17T01:59:13.510000
 CVE-2021-37409,0,0,68d64f3f262bc3fe4112cc846cd3785f4b7627dd3a214f6863ba2f7b1e1497c6,2023-04-01T22:15:09.710000
+CVE-2021-3741,1,1,73fe354778441e7a1da2587ec2ae45c82217d9b82f9027d9960d61907dff8a66,2024-11-15T11:15:05.327000
 CVE-2021-37412,0,0,c4ae4ff35985b522589284c8cdff1e75d55dc933d0298323169869b52cad8ce3,2023-01-24T15:40:30.060000
 CVE-2021-37413,0,0,4cc7cba0bca0572fafb12dd6e2f19b3e6c044ad90d1c0308f827136dd04ea713,2022-06-01T19:36:47.227000
 CVE-2021-37414,0,0,e94477ddecab7d5bc2d7e77a4e197ecb02bc86dc29db03c682fc50a0f087770e,2021-12-20T22:30:30.567000
@@ -179882,6 +179884,7 @@ CVE-2021-37416,0,0,2e6268d3c4aec7d053473a27b3499f3c904bb8afa46207b20648c1d9d3251
 CVE-2021-37417,0,0,0af7afec4419ac71323dbe19fcafecf8b5620734ea16d7bba48e8df850d31058,2022-07-12T17:42:04.277000
 CVE-2021-37418,0,0,146b4ef0e7964748fbc25b1e94686917c4647a3307c5708e67798876e0feddf4,2023-11-07T03:36:57.323000
 CVE-2021-37419,0,0,9464053d73f212e534a6909af63b44d1c351a4729e973af190457c0a1d02f2c9,2022-03-18T20:43:55.713000
+CVE-2021-3742,1,1,6ddbfbfbe0ab51844a6edfd87dee0576462351074e136e00ef90db1dfb9e228f,2024-11-15T11:15:05.547000
 CVE-2021-37420,0,0,b52aa49c12ed23f5fc454663899c9e989f90752f3b6225dd6ef1f0904854480f,2022-07-12T17:42:04.277000
 CVE-2021-37421,0,0,72a802fc9066861ac62eb2ef177ad824c7c5b2ea14bb5783b3fe6f6887532709,2022-07-12T17:42:04.277000
 CVE-2021-37422,0,0,04c08c63b243212678162abf332587426643acf6f890ec905ee35d9fbe2fb7d5,2021-09-17T18:11:03.127000
@@ -180601,6 +180604,7 @@ CVE-2021-38376,0,0,d4485ca92681558168e0fd9a80da3a4ca7d974684f50f50f1dbd03a5e1f21
 CVE-2021-38377,0,0,48443da60f90ac4652bc515c5c3f88029b2bd62277bc482a3739e4f453b49065,2022-07-12T17:42:04.277000
 CVE-2021-38378,0,0,432e746fcb98480b06b83fac0fe9649e434fa56a8d7663d16931ad26e7f975bd,2022-07-12T17:42:04.277000
 CVE-2021-38379,0,0,b8dbd9bba6856ef42bc651ecfafd71af15e01cfb8b87f0442cabe4efd9091d1e,2021-11-04T13:37:43.773000
+CVE-2021-3838,1,1,a284de91f8b92b47fd992847a637bdf1fc39468a44b093c22dd03be4922d2dbd,2024-11-15T11:15:05.763000
 CVE-2021-38380,0,0,966a303a4461fc8fabdefd21a52860a9a0545818ea34433392a6e6db9ea93c3d,2023-11-07T03:37:24.547000
 CVE-2021-38381,0,0,f90987e628b6ca7ec620183d6ef4cd28fb101753b7f8f85a6534a6827c2cc9bb,2023-11-07T03:37:24.610000
 CVE-2021-38382,0,0,56aeb4bbf5aec265fc686978fb16984a29124462e10ec9d950e4eb086e18c989,2023-11-07T03:37:24.670000
@@ -180633,6 +180637,7 @@ CVE-2021-38406,0,0,1a412ed4845c3e7db5ba8209c3a4d108b981fb433611867e224ac85224be4
 CVE-2021-38407,0,0,890c190c0283a8e0a8f342b5c890f629a334ad53f0da1aaff56114e2a83bc435,2021-11-05T13:43:35.517000
 CVE-2021-38408,0,0,cefdd68e1c399b8924048ad1c5dce3eac2e9d956e5a6317469b54e6ccef2b652,2021-09-20T12:44:57.193000
 CVE-2021-38409,0,0,ac5681ac9ecb25d83290b8fe770f1a64c20ce909cd6e46bc422ea778311ca22f,2021-12-27T20:18:03
+CVE-2021-3841,1,1,0fe29dd87c104b93c4e6a58a163cfcc73459853fdc42a84d916846d9461c4fff,2024-11-15T11:15:05.980000
 CVE-2021-38410,0,0,052e53829d51f2a2454940a2e213a88f9fe5d97f4595c4c33710b5a6c717b5b6,2022-08-04T02:48:06.450000
 CVE-2021-38411,0,0,3f3ee8a81c8a60a013d7fdb503ae6a6cd21c95c21682c5d270adc23f92af62c0,2021-11-05T13:40:54.753000
 CVE-2021-38412,0,0,cf3e8d210ed955e3f0b30bca33000f0de0090c42ecba6e720388ddafdb5fa783,2022-10-27T12:59:17.667000
@@ -181120,6 +181125,7 @@ CVE-2021-39016,0,0,88d7422235623a2db52d08ccbb930b8332e62a309f55b1a0bb58ad6b4c307
 CVE-2021-39017,0,0,43da2de1e5021798d5e2da169cbabdb2f1ea3bc804f6e06fdd5bba1a80d8bbae,2023-08-08T14:22:24.967000
 CVE-2021-39018,0,0,ccad4b84b3066dd393e4dd8123dc7a6269ea1c28676cd9811de926207c38696c,2022-07-18T19:27:57.433000
 CVE-2021-39019,0,0,469fabcf38af6844701fed49a6e80d48722d455ad28af8536243f61e3be90191,2022-07-18T19:18:23.533000
+CVE-2021-3902,1,1,be5ebc48fde4495743d06492bf058db2d27811e49e7e5cb1cee92f3cc629e6e1,2024-11-15T11:15:06.190000
 CVE-2021-39020,0,0,f8a046ed21eb98ee1f2ce9e6feab22d062faea367e7e86b10085c29b6de05cd6,2022-05-13T17:16:25.233000
 CVE-2021-39021,0,0,c20de8bb5efb66e3ec217f01f9525cf7c58f1792615ff1990e77c2bd1881bc03,2022-03-24T16:02:52.140000
 CVE-2021-39022,0,0,12f9551c868b6c453d5c84008020f3db65f37eb2f4891591958baa35af27c010,2022-03-22T13:43:39.510000
@@ -181843,6 +181849,7 @@ CVE-2021-39856,0,0,b28d7eb0b7a5d39eaf23ac52dc09cb278f0e7689028bf36ed2fc3971582d7
 CVE-2021-39857,0,0,1edb1b1ccf62746fa0da62a0bb737fb805f4b33f81197adfd22bca19c0f7d2f1,2023-11-07T03:37:48.580000
 CVE-2021-39858,0,0,b28c2928ea13457807429906858d94adce9264a45ed2cc6a4355db39a8af6d60,2023-11-07T03:37:48.843000
 CVE-2021-39859,0,0,983d64eb6a749b9e785340e4b1f0236aaa9d4cbffc4158e9a122ebb19e5056ae,2023-09-12T14:38:54.530000
+CVE-2021-3986,1,1,faa35981acac17c4c8be0a5ffa26c01782f49eb8c06ed42cea9dd8de64b10c4f,2024-11-15T11:15:06.400000
 CVE-2021-39860,0,0,ae8998c31697bbdcf345e9d4ddfa2fed95711346b038579c6fe27d9a56e021bb,2022-02-05T02:17:52.057000
 CVE-2021-39861,0,0,66551e624494d96e7c3d65854c95f53647ef34c93a78c99750c131046b1aace0,2022-02-05T02:17:54.577000
 CVE-2021-39862,0,0,bf04081e341e83b6669a4fabac8cd0b2d30699c53f96872ce03a60d22ca567b3,2023-11-07T03:37:49.170000
@@ -181853,6 +181860,7 @@ CVE-2021-39866,0,0,6fabb561196e392a171b14d09332d010f59de8a7ed9880963cc586df8f988
 CVE-2021-39867,0,0,cf1dad99c282faabc5cb3cf833ed6f5b91097d777779477ac24fd680f378127d,2021-10-12T19:08:05.167000
 CVE-2021-39868,0,0,01bf76261c9d86e2825302310d8b1d110b2d4f6a0f91c6aea468c32be845a7f5,2021-10-12T19:47:47.650000
 CVE-2021-39869,0,0,50c4bfd31656adba59cb9dc37b7b350e99a58491e593864693fd3f1525a21185,2022-06-28T14:11:45.273000
+CVE-2021-3987,1,1,653cc223038a4f581377fba1beee2c90d50dd03cce088792ac0dffc626f16824,2024-11-15T11:15:06.610000
 CVE-2021-39870,0,0,f4d27e6e382702365ecb6b123ea92ce819b6bff3f3b19cf8c54ff152bc410640,2021-10-09T03:31:41.567000
 CVE-2021-39871,0,0,9da9bbcde2429b6f2a3b8c36de5587428d893fba2ba1c35d4bc22836c49d3722,2021-10-12T19:52:42.127000
 CVE-2021-39872,0,0,389f57b77d45e9d1425003b8b643833784e02c6171170491cb4db28b7e8fd74c,2021-10-12T18:24:40.737000
@@ -181863,6 +181871,7 @@ CVE-2021-39876,0,0,163386dcc440f8e6b66258fe9f8087aeebbd81b74bcfe526af8eddfb343a7
 CVE-2021-39877,0,0,f9748be5890f45dbfe5a909268c2e810aed0fd7cef3df47f2f844678254c3d6c,2021-10-12T15:55:42.793000
 CVE-2021-39878,0,0,9d9437315fc043e2589cca1b010554d7ecb9e451d3d2157288a1e88191aca38b,2021-10-12T17:15:02.807000
 CVE-2021-39879,0,0,429da5caba14265b91489ac72fa37fdea760044ee3fb62e1cd11f34e878ac20f,2021-10-12T15:57:48.810000
+CVE-2021-3988,1,1,171261ff6144e33763486fda151d2cdb154ce9121966a7e83f6f662db25c3427,2024-11-15T11:15:06.877000
 CVE-2021-39880,0,0,f43fbf46512fe0da98b08e588e5c97c52ff7199b5c05f615aa05257e460043bf,2022-10-19T18:25:02.617000
 CVE-2021-39881,0,0,5445efe9c4c4cf5d576eca639b40a53c718d8c7b4fa50521ccc2d6c6aff6a28d,2021-10-09T03:31:08.827000
 CVE-2021-39882,0,0,989fca2f5d44fb7d0c221b794ff55417ebd0a1be5be524bdad69ce4323e8c8b4,2021-10-12T18:39:13.573000
@@ -181895,6 +181904,7 @@ CVE-2021-39906,0,0,e04ad55a1100d2964d2fe24a0d9044d99aa4ff75b0959894c4e77599d608f
 CVE-2021-39907,0,0,fb47addbd6bbabad003567f698b756cafc4248e663cf3186ea0c076027d378af,2021-11-08T18:11:09.323000
 CVE-2021-39908,0,0,f72dfff8f0de9ab8ced78ab85d925d77e9a0ab0762baa52bbd5bcb5844b20d7a,2022-09-30T12:58:54.010000
 CVE-2021-39909,0,0,0eb46c843aee997f319542a3de59e07a425b198542987db6d18b92f2cd302bc6,2022-10-06T19:55:19.013000
+CVE-2021-3991,1,1,2c0c1d690747b8cd1411b4e82140fb9c82030486e981110c8444d185a683fb2f,2024-11-15T11:15:07.173000
 CVE-2021-39910,0,0,282b0ca251be46e18bfa01121795127e6cadb5a2fbd4e673f7596e1fdc2179ea,2022-07-12T17:42:04.277000
 CVE-2021-39911,0,0,b91f499ed64b9404e4620abe987fe34a286f26afde4bd21996a2f7b358c0c585,2022-10-06T20:14:22.410000
 CVE-2021-39912,0,0,6b1571a12bafe3ca8eacf93314ab0c9c2bfaa878e8fb257fb7f993e04329f737,2021-11-08T18:38:05.060000
@@ -188703,6 +188713,7 @@ CVE-2022-1222,0,0,b3920337094656db702d78f1c526ab2ae12658b8e98c28c5c4ab7be3ad3344
 CVE-2022-1223,0,0,637b2827dcaf7417e78dbd542a64935d1a8b67bacce03b5481a1f13bfe63287f,2023-08-02T09:15:12.567000
 CVE-2022-1224,0,0,1f7e411e11108d7458b51eab22eb66a24149a5879c00141ef2f28fe0fafb05dc,2022-04-11T16:42:06.027000
 CVE-2022-1225,0,0,5748f4f5345a9f6c3175311aa2738ab2bf9651a24ed3aa3e4677372333de4ca4,2022-04-11T16:44:30.957000
+CVE-2022-1226,1,1,dbb11adeff2274881a245eabb8643264f8b6cd64ad50fdf4980857da4a9ed05e,2024-11-15T11:15:07.527000
 CVE-2022-1227,0,0,83b90259bbaaaa877c52c1a6a345ecac76277c5a49b8d7b2e55d5609ee2638a9,2024-06-28T16:15:03.017000
 CVE-2022-1228,0,0,7d23d45a83435d1e3bd4ca47a231881fd502cebe5b74cef074758e121829a08b,2022-05-03T17:07:53.397000
 CVE-2022-1229,0,0,224e2e97e97497a42291fdfe93e44428659fa5e137ea549dec7de44ffe085b98,2023-04-04T16:24:30.943000
@@ -189340,6 +189351,7 @@ CVE-2022-1876,0,0,983e56cac9f7021f952f9f938d45e035dc9acbf02c1272a86efe4cc4b468e0
 CVE-2022-1881,0,0,7439c809094624c8b5fdbf022a11f3d774e6fefc61f4a028f8263bd6fe529332,2022-07-27T18:21:16.887000
 CVE-2022-1882,0,0,3baaf779da64335ffad3abdda3c3850b06114d069bb0bf1a437e02c2ffe782b9,2023-11-07T03:42:15.460000
 CVE-2022-1883,0,0,10b029e5ce85ce2290987adcb3c5745aea973d33d0d3803bfa3a6beb774a6afd,2022-06-03T14:05:34.297000
+CVE-2022-1884,1,1,3f3a7c3aa1b09e7cf1db4005b1bf462fa64f7bc6201197278787cfbc0e7192ff,2024-11-15T11:15:07.803000
 CVE-2022-1885,0,0,990571f5f58372d06c86739f0d8507a9bf4c77382683b628e53a4fb6b11f2c45,2022-07-06T18:07:38.497000
 CVE-2022-1886,0,0,7934fa97f2a8af4a046d7bb9f14babcddc4a4e2348bcdab16ebde94dde55d5a5,2023-11-07T03:42:15.700000
 CVE-2022-1887,0,0,c9859a4b8fe51696b2ace2c5b6406cbbf00272360b5c9ea988467e7b99e94416,2022-12-24T04:23:54.613000
@@ -212886,6 +212898,7 @@ CVE-2023-0105,0,0,2b12a003cd73110318e79298dd730b028944de31b3b2fd49ae09c6e6c34faf
 CVE-2023-0106,0,0,05e0d567b91f98b80dba4d8ef37e3d6d93df29ade7db9eb7d74b845f158d4370,2023-01-12T15:04:29.543000
 CVE-2023-0107,0,0,cd205e669e16f38bc95e2290070f356c4fee19f825da4c33fef61ad635b5f6dd,2023-01-12T15:04:41.817000
 CVE-2023-0108,0,0,70c8cf4e996128d54da9f7301a41fc8c246a66fdfe898b159018bdcb506d722d,2023-01-12T15:05:03.130000
+CVE-2023-0109,1,1,971d8b8b1cf549cc7bac24f9497f6a3568eae851d5d592ef878abf4b6136bc1d,2024-11-15T11:15:08.097000
 CVE-2023-0110,0,0,b9a61a54a079a5cddcae7f57892e97a4bbf51450edf598dd8a9a1b1c401ebd1f,2023-01-12T15:05:16.323000
 CVE-2023-0111,0,0,f766f05747dd6dfbc35868e0369bbe0def763377d79a8a4ea4e4bea44d32809b,2023-01-12T15:05:27.080000
 CVE-2023-0112,0,0,66c21565a3c1e4d16d1c053665b40b7925a9b3641bc7aeaa413fbdfe779c924d,2023-01-12T15:05:37.157000
@@ -213488,6 +213501,7 @@ CVE-2023-0733,0,0,e09491ec0935323a2fec770c3ecd0ead271e6d263c55ec182afeeb068268d5
 CVE-2023-0734,0,0,8d2fcc12463e0b1abec4a2a51b7df5516739ca6f45b2b04f9bbd78cb0aff604f,2023-03-09T20:55:01.123000
 CVE-2023-0735,0,0,9fdced2b47db01a6a01919f52b5ed809a8d21724989b5bfa7955c49171c3b6f7,2023-02-15T19:24:41.473000
 CVE-2023-0736,0,0,b3396876d05ebd2f1f90f4354a1dda6ed12cd8c3d0ffb089c43fbadd8845f1a2,2023-02-15T19:25:29.570000
+CVE-2023-0737,1,1,065075efc2b3f0b30dcd3e4d98b45ee5c76237f17b1ce7fddbf427e28a04f3ac,2024-11-15T11:15:08.363000
 CVE-2023-0738,0,0,8b8dc61e92f27262b3aa279351d6ab8033f6bacb206b350b6e8e6ebc9af5389e,2023-04-17T16:57:07.133000
 CVE-2023-0739,0,0,b1b26d0ce5c494e5d7ada0f8a588c86492d1c9f0144b5f459b8cc611b553c2cd,2023-03-02T02:15:41.857000
 CVE-2023-0740,0,0,a07e1065e4de29dd41d3a7cadad7fafff7c778c739891464a73f725e2a440f3d,2023-02-15T20:20:37.850000
@@ -217440,6 +217454,7 @@ CVE-2023-2331,0,0,e433c8f28124f99de996fe1b6c3691e25c108649c8ab730059c257d74b0a50
 CVE-2023-23313,0,0,5ab564b75d72781324830922b5feefff3026f2101be70bbaad014ca9b998958c,2023-11-07T04:07:40.137000
 CVE-2023-23314,0,0,b80392fd9584b433a38a78e2530c4db30446fa40b35f645f6acfbdcc1e22626e,2023-01-30T19:31:41.750000
 CVE-2023-23315,0,0,32244c72a2b7eabff29fdd785e8853617587d6b657a16b1b687badeb31ddeb6a,2023-03-10T02:31:23.757000
+CVE-2023-2332,1,1,c32d523c81d064bd3f563c779b55ffaabb13b1e4aa25d8a36d8112f982a1997c,2024-11-15T11:15:08.643000
 CVE-2023-23324,0,0,95dd911b066baa0858b7b409d73bcd14ff22686691096373e30e8c5721aa2257,2023-12-05T12:39:44.770000
 CVE-2023-23325,0,0,94e1a8e3ac75f1a3bc2a74e7374f6d9f0e838c3c3932b61fa7dac52d90f8e0d8,2023-12-05T12:48:15.773000
 CVE-2023-23326,0,0,af8ef32c5b2a0d921fed756052ef1d0183c04f71130cb143f8686b6d4c026c5b,2023-03-16T15:56:41.620000
@@ -232992,6 +233007,7 @@ CVE-2023-43470,0,0,17d35487c84783e73551dd1e340a28fdad09c072567b02a75a72d522739fd
 CVE-2023-43472,0,0,a3008b309ff857d10385bb0be4ee0eb4e9b0900adc392c74326123abc8303cf0,2023-12-11T15:32:59.420000
 CVE-2023-43477,0,0,0c74ac00cc1ee8f6c145de162b98bc7d8776c1dc19ab5c8a19701bfb74cb49ca,2023-09-22T18:37:02.227000
 CVE-2023-43478,0,0,c43004e7643e046e5e2c9d48aa06e90357a6d95e192814361f05a486c7b542a0,2023-09-22T18:36:45.253000
+CVE-2023-4348,1,1,692cebc2724d39ef48703dff7796d1af38e61707ca753f487575c32468089efd,2024-11-15T12:15:14.397000
 CVE-2023-43481,0,0,faa16b4f46dcdc0114be0dc9597ba626c5e87f23f98df512a29c2b5826b54935,2024-08-27T19:35:07.137000
 CVE-2023-43482,0,0,8fdc0252f8a99d357c7a9ff8cfbddf8addb596669b2c0bcea99d45decc176060,2024-02-09T02:11:03.607000
 CVE-2023-43484,0,0,b8e1fcf13fb67bd37267e8c1ecc07c5eb977d2a46ec3271926523495750a7a82,2023-09-27T20:25:34.200000
@@ -235308,6 +235324,7 @@ CVE-2023-46786,0,0,bf4916e892e13d9bd5f18249e97f7ed4aeb5247f2854f8c308efd96466799
 CVE-2023-46787,0,0,eee6ea113b686659f2a66a8e2e38db99b180a9cdd992ed45b258359c2fbbafb0,2023-11-13T18:00:08.857000
 CVE-2023-46788,0,0,fa89ddc1e582ea32e59694cd588090422058d73f3e55d49cdf4218b1d27bcb24,2023-11-13T18:00:01.510000
 CVE-2023-46789,0,0,9fbdb411cccdb011e81628500fbc3b74a0a6d06d2a8237255e6accafa55442cd,2023-11-13T17:59:42.877000
+CVE-2023-4679,1,1,ebeb28b6071331717aa72697b138213a7ff55d425dea68ac1d3f48a6bf8a600f,2024-11-15T11:15:08.917000
 CVE-2023-46790,0,0,7414a678623b3a8d31eda7749ee35a2bdf61169d6ade6fd91b06a5a0e4bffda9,2024-01-02T22:15:08.290000
 CVE-2023-46791,0,0,4f7a7ce04b20ee1c59664fc3196bc82b7bf68c16659759baf914252cd593ed28,2024-01-02T22:15:08.367000
 CVE-2023-46792,0,0,7e34df21be011e0e859102a1381c46b673dbda14e06d4aaaab00023b1fb66f87,2024-01-02T22:15:08.440000
@@ -242224,6 +242241,7 @@ CVE-2024-0782,0,0,dd227a8b469ce6630eb22142a87d0da772ecdb0285534b1bcdde3ca20e489d
 CVE-2024-0783,0,0,889b3aec94f8730e9264c4087d63efb1328316b4df2b41f572aa9ab243eedd51,2024-05-17T02:34:58.020000
 CVE-2024-0784,0,0,05fccc58af077ffcd0eb7b186f39f412c8126936ae9b879608bee8086b2c9a33,2024-05-17T02:34:58.123000
 CVE-2024-0786,0,0,09a89f715683ba83fe81b0a3f3fbdcf9cf5cb4fbf3001ded7457bfdf3b510a57,2024-02-28T14:06:45.783000
+CVE-2024-0787,1,1,26407bee5ab2fbf8a9ba0619061ab93718841bd094af01c5b9c7138a4aecc492,2024-11-15T11:15:09.213000
 CVE-2024-0788,0,0,77f61568ad57c437194aa13eed7b7f4a244f0c473b6deae4d7ecf1e9a4375c8f,2024-09-05T23:15:11.527000
 CVE-2024-0789,0,0,dd4dfae2cf9c1e14c885c435e4946684b1e28fce4e56958a0b475f730b1ce5ce,2024-06-20T12:44:01.637000
 CVE-2024-0790,0,0,faf5037c158d063c7d3783eeaaf8baa8e520d90b8a2f56f0b34167c00c86529b,2024-02-13T19:42:38.757000
@@ -242305,6 +242323,7 @@ CVE-2024-0871,0,0,2a81c9221f676df23b70ee25b96f92b79bd7fe2d47d83d3cf9575aeab8537e
 CVE-2024-0872,0,0,59570f703919134c83976c0a589bd002a09343b74061ad8cfeb778f494366fb8,2024-04-10T13:24:00.070000
 CVE-2024-0873,0,0,0d017532f0822fb01a43bd5a5b6fb8ed2d6c3075b76ac0b6436fcb6d890c9423,2024-04-10T13:24:00.070000
 CVE-2024-0874,0,0,e6fb28781735bc896300880a10982c06b4a0d863ac3f7c9c0e53997a057bc6f4,2024-09-11T22:15:01.933000
+CVE-2024-0875,1,1,adcea9cd3522b697e8642f0a8bcf59306b7f88e100065d52e51cfdd8f2125c56,2024-11-15T11:15:09.490000
 CVE-2024-0879,0,0,40ca4d922e04a74721c93cda9d6ef307a09b39f845db5f9dd6db6b694e034cf2,2024-01-31T19:16:07.630000
 CVE-2024-0880,0,0,44431bf4f01e73978bc2a282db63f61857269e71b91d3e3d902140e76c6dd1ce,2024-05-17T02:35:00.317000
 CVE-2024-0881,0,0,1252bf71170a54b7a474d354bacf2afe464c57991281e1919b7ffd68baf1e1ed,2024-10-31T15:35:20.223000
@@ -242626,7 +242645,7 @@ CVE-2024-10300,0,0,ca0242a4c58ba5eb41987558653c1fad0eefdb856c34de56d3278680f413c
 CVE-2024-10301,0,0,43e47cf56bc671ed7b90e0f04f420138e8362a6d949261d9acbcdf888c921aa2,2024-10-25T18:47:54.033000
 CVE-2024-1031,0,0,6576162a78ac686f55e5931a6b8f02ff6c7312ac04792581e6d78da8a91700d4,2024-05-17T02:35:11.843000
 CVE-2024-10310,0,0,3b0decb54117e1f6369f0c8a49822eb1c6d4be5cb40b8b5a9079fd842cd0c653,2024-11-04T13:06:20.190000
-CVE-2024-10311,1,1,ff823e385531d022dff247aff5d10a6d888caf3f614cd8f33de094ad8e6d1020,2024-11-15T10:15:03.980000
+CVE-2024-10311,0,0,ff823e385531d022dff247aff5d10a6d888caf3f614cd8f33de094ad8e6d1020,2024-11-15T10:15:03.980000
 CVE-2024-10312,0,0,d10f0012149342545ee317e492eeaf284c6b634b254526457f270c7ce4937a16,2024-10-29T14:34:04.427000
 CVE-2024-10313,0,0,0a692e743da8a6f5929e9a5e61a16c962249b9fbffffedea4a154098bf7390c0,2024-10-25T12:56:07.750000
 CVE-2024-10314,0,0,4ff424a08f54d46f95f43c7d51534e0e6342cc7a5b817ec1e4e580680bb1c702,2024-11-12T13:55:21.227000
@@ -242729,6 +242748,7 @@ CVE-2024-10438,0,0,927b1217e569151a95177fd0867aa44fd49cf458bed4e6241532df7fa8516
 CVE-2024-10439,0,0,3741efcec87ce897773441ba8b13058a649924c1100d6b93c1ffe7465b37c5dc,2024-10-31T00:35:36.173000
 CVE-2024-1044,0,0,aabb10708db1db153d691de2620429bf76b48269bc86aae28cbf6b6a3c047729,2024-02-29T13:49:29.390000
 CVE-2024-10440,0,0,9134bb1aaa59624e138e5f8b3325f09bddc2e56431561ccb4c3e021d68fff1ce,2024-10-31T00:34:23.870000
+CVE-2024-10443,1,1,3db059ce2ddf1ab354d8151c79beb5096218bb11f128a02f7693510ac3551dc1,2024-11-15T11:15:09.750000
 CVE-2024-10446,0,0,deea975d5a7cce536c2612b9366552ab52fe1c83fa7bd626ef5b6cf23fd62b64,2024-11-01T16:39:25.890000
 CVE-2024-10447,0,0,20a77c16977cd86421b31dc7f8e87f37efdc79e51d4f78a901539c52dec6ae6c,2024-10-31T01:23:46.300000
 CVE-2024-10448,0,0,321c290fa10bd947d8b384a53dafbe5d4ff4b7a0a6522b833253529007c67a27,2024-11-01T18:26:55.980000
@@ -242781,6 +242801,7 @@ CVE-2024-10529,0,0,0345fe1a98579e0c46e6718b2719e0f35e2b675397c4baba2f79359ae71dc
 CVE-2024-1053,0,0,3d9e5b8218feb39348551f4e96f20fbacd04f2b39830165bb00a553a3d3c5ccf,2024-02-22T19:07:27.197000
 CVE-2024-10530,0,0,44b1f61a9c6f6aa30b3b0d0f98cecd2a1b5d01908b2709a3a311951be1b1552b,2024-11-13T17:01:16.850000
 CVE-2024-10531,0,0,5f58651087e63c6b2a12c6f7bdf9268a38a5c1f35ee89b5b7476b1d8409f73e4,2024-11-13T17:01:16.850000
+CVE-2024-10534,1,1,fc58dfc669da9dbee073b4d32e6c9b5fa8546baa71f180d39f6cbb6e76ee5a3f,2024-11-15T11:15:10.100000
 CVE-2024-10535,0,0,14a566633b856f0bcfd07185d246772590c919ba8cb5a244786d38adaffa8830,2024-11-08T21:19:27.540000
 CVE-2024-10538,0,0,4258e87072a64a27fee35a0841a3c5095b5fad35eea820564ce6eaffa01f0137,2024-11-14T13:27:00.400000
 CVE-2024-1054,0,0,f8e7e53b5707aaecdfe1ea6fba53413ba04bed5cdf673762252b510775f984b1,2024-02-29T13:49:29.390000
@@ -243018,6 +243039,7 @@ CVE-2024-10966,0,0,3df47cfeba07424dbca1650d45cf844f6cc1bcda5f1462544d39e404a912c
 CVE-2024-10967,0,0,045953be48e7bafc650cdaba1889b3cce653fc03383c0343e3292851109279a3,2024-11-08T19:01:03.880000
 CVE-2024-10968,0,0,f600c79ff6183eb1b51f4003b01ba4a417fb853b88c9cd1f3e9f06879ffd32fe,2024-11-08T19:01:03.880000
 CVE-2024-10969,0,0,34fb384baf8f9b6070297fa30997eac3a4fc91278070bd97f872695ea721a856,2024-11-08T19:01:03.880000
+CVE-2024-1097,1,1,316dcfa7f0cf7c7a0bf995ac2dfc528b8acfcdbcea4a052de4f42883255d518e,2024-11-15T11:15:10.550000
 CVE-2024-10971,0,0,48718e7d6163afe0c28e377c2f658daad2fd70d420b988ed3e01fe2fd9d4a70c,2024-11-13T17:01:58.603000
 CVE-2024-10975,0,0,f38693c9a402e208f0de21f91edcefa5c1f789073d3e380787ea5dd138f197fa,2024-11-08T19:01:03.880000
 CVE-2024-10976,0,0,3b148dc4518f7a8e1d6912ce588f9c1895060c7a721621b8fea7a6516e1bc558,2024-11-14T13:15:03.793000
@@ -243127,6 +243149,7 @@ CVE-2024-11168,0,0,5e610ba56b770f0c45b8e5f1da8a18409af80ecc6fd32d397017d56ba5ace
 CVE-2024-1117,0,0,0eff4d8f06fdd3645727772834638be79e19128758cbe94b2a8e7a297167b8d0,2024-05-17T02:35:15.090000
 CVE-2024-11175,0,0,2129c1cdddb364757f82b16fba301982b34bdf0dfeb6c2bb6f48aa85e142eee1,2024-11-13T17:01:16.850000
 CVE-2024-1118,0,0,6c399aaded9e96cfac900ecbd30e202d5a6a42d5625667c3de9725b65dc62fc3,2024-02-10T04:13:01.030000
+CVE-2024-11182,1,1,4bb7044c32e7d203f4621472bcf4c9354b62a723acec245f304b3cf0eb5267e6,2024-11-15T11:15:10.410000
 CVE-2024-1119,0,0,5426bc48e63724893c52e881a8535fb7954cf4e6383fc287bdb9896410f7d3a0,2024-03-20T13:00:16.367000
 CVE-2024-11193,0,0,444d5e431a5f364ce974b83b336c1383f189c8a9ea01d483f54d9727862b851c,2024-11-14T15:35:06.770000
 CVE-2024-1120,0,0,4ae965ad3da5f8a3235e6e58dd82dd504b21e474d229ae465351f9f2ed6318d2,2024-03-01T14:04:04.827000
@@ -243136,13 +243159,14 @@ CVE-2024-11208,0,0,7acfc0d5ed23c52da09f59a7646b9c68ba6eb5051d4ac6d41bbd6289d3dca
 CVE-2024-11209,0,0,c160f1217e298cfc2b4ea4c66bd7fff6bc5de06dc33ddcb58badda8b6cd0450a,2024-11-14T14:15:18.090000
 CVE-2024-1121,0,0,19a454e1b0b19f003a8998da71d81afc60a591ff2c6ec5f42743662bb8a72434,2024-02-13T19:42:57.107000
 CVE-2024-11210,0,0,12da7228515f229535c7fc4b9759273057c94d0101b79ad3990f20080e45a07d,2024-11-14T15:15:07.800000
-CVE-2024-11211,0,1,3886c776e3040976f2d9d483fe55782570fe2f7d343ab982e6a1ff369b159942,2024-11-15T09:15:14.600000
+CVE-2024-11211,0,0,3886c776e3040976f2d9d483fe55782570fe2f7d343ab982e6a1ff369b159942,2024-11-15T09:15:14.600000
 CVE-2024-11212,0,0,7736079fe4badb5fe2ea2d1c57eef7d38e804fef27e3d434bde972654548323a,2024-11-14T15:15:08.360000
 CVE-2024-11213,0,0,6310690398aef42147c21046e139b47a34bc0077fad5bc3ed389a644e6432516,2024-11-14T16:15:18.450000
 CVE-2024-11214,0,0,ccb4f12fd6859941f79db491e8820bb2f8c1cbacb38f9854647bd5e4e95dace1,2024-11-14T16:15:18.707000
 CVE-2024-11215,0,0,bbd6ed73a8be7440fbca0415213d736ba6de2cfe8e7fb84b25483d78ebfdebb6,2024-11-14T14:15:18.367000
 CVE-2024-1122,0,0,0daea6a9b881beb2ea9e563443c7905c114cf68ea1093ef9f6fd6cdf2c48aad7,2024-02-15T19:17:26.630000
 CVE-2024-1123,0,0,b973e4c54de6f241a32cf221a70e04068421d86df4d000867b2228a54e55ef35,2024-03-11T01:32:39.697000
+CVE-2024-11237,1,1,cb7bbda335a27301a3e6ba3926f5b080dc5afd6e88d1ca9ed1a7516f5f52402e,2024-11-15T12:15:14.670000
 CVE-2024-1124,0,0,913ac2351f43d83be68411d873bf568715eb455fa7fe6219a9189bc1238726a9,2024-03-11T01:32:39.697000
 CVE-2024-1125,0,0,f1d015036f4cdda32f03ba210c93a8838e991a1e1d168cce1bd81d56428097c5,2024-03-11T01:32:39.697000
 CVE-2024-1126,0,0,719cb9688eaad755b04db0e390abb1a9b0b6a5e25f632a929e6736322faf9c06,2024-03-13T18:16:18.563000
@@ -243255,6 +243279,7 @@ CVE-2024-1236,0,0,9d7e383554119a6eb8995bc3e3c594237fc2517d15212a162d538fac1156aa
 CVE-2024-1237,0,0,971489c96af173cd98795b7c46411895a847e87f027eb141f5511aec59ad2e5a,2024-03-13T18:16:18.563000
 CVE-2024-1238,0,0,9f0a38233429658f32f8a976db71d716904de01ac4f7f996eed98f40cb8ba7b5,2024-04-01T01:12:59.077000
 CVE-2024-1239,0,0,db432ab525693f47cc78135d0c2cedd8ee6bd0f1495c321fd41dc0e5a9f890b0,2024-03-17T22:38:29.433000
+CVE-2024-1240,1,1,bdb43b0978ed3d6e4d002880a2bdeadb8ceff6a87c91179aaa463d24ef127aab,2024-11-15T11:15:10.773000
 CVE-2024-1241,0,0,96fd44c6e5fabc6d4bff3dcf2753825594889b1a8245005a991dd6eafde3d621,2024-04-23T12:52:09.397000
 CVE-2024-1242,0,0,77f2f4c11df61eb6748d46bb4a1f43701b90877f99a1028521d6b0a2e093dca9,2024-02-29T13:49:29.390000
 CVE-2024-1245,0,0,9f0a6683f1d5096645febd5b42c6e25cc14953b1062510f4b421bd46b5a5a4fe,2024-02-15T04:44:27.987000
@@ -262609,7 +262634,7 @@ CVE-2024-45771,0,0,754a0f27219aa2eb6179ec627ac31099e8e2882043a643cfa7921ddb03dbb
 CVE-2024-45772,0,0,d4fcff511ac9c702d11d2981d4f53f578a5b533222a07c5c21d8a62a8451fded,2024-10-04T13:20:58.327000
 CVE-2024-45773,0,0,fa80a32ca25578799d772108a6e7f2b87164fbdfd3820c41dab7e96e6c83084e,2024-09-30T12:45:57.823000
 CVE-2024-4578,0,0,de2bf1ab8b65cf8119579f63d8e64a9383c9519828d1fae8ddac21d6dcb5605a,2024-06-27T19:25:12.067000
-CVE-2024-45784,1,1,7df02e48fd20d4891516a0ad23c130e8093c5cabebef12010ed53de3713bf60d,2024-11-15T09:15:14.897000
+CVE-2024-45784,0,0,7df02e48fd20d4891516a0ad23c130e8093c5cabebef12010ed53de3713bf60d,2024-11-15T09:15:14.897000
 CVE-2024-45785,0,0,edaf655206685301bfa1d23b3961ca90e190821a2f1da23140bfad50572d7731,2024-11-06T17:08:40.507000
 CVE-2024-45786,0,0,1027a4a71b54e4ed926e7c4d82608ed7bf7290e7e8486a1ac94d8f7e4edfad02,2024-09-18T20:12:47.337000
 CVE-2024-45787,0,0,46f8564066b3f70e712610c0aca9059d9bda6862d53c941af56b2ef72737a51d,2024-09-18T18:15:07.650000
@@ -269159,8 +269184,8 @@ CVE-2024-8970,0,0,ac6a340d484c123a9130b7a8da1b91e0090b1836f7865857c5a2324dbb60a4
 CVE-2024-8974,0,0,47fcb9de64a47ab7d6fd39981189c5f91c3407e2aae34c6aae2197da9ba195e7,2024-10-04T17:30:18.803000
 CVE-2024-8975,0,0,e9dab26a838a0dd237537c2cbdba69bbaa5b6602743bc0ca17e054f95d0f2b70,2024-10-01T19:20:21.103000
 CVE-2024-8977,0,0,5252c9de61b84aeddd3ec48f8829f82be03db26645b8f09321099ae149149381,2024-10-16T17:10:13.220000
-CVE-2024-8978,1,1,6fe35329c6e39a1c98f2e36c7371e3dfbe04fa7b1debe5f3e7fafd8f309095f4,2024-11-15T10:15:04.873000
+CVE-2024-8978,0,0,6fe35329c6e39a1c98f2e36c7371e3dfbe04fa7b1debe5f3e7fafd8f309095f4,2024-11-15T10:15:04.873000
-CVE-2024-8979,1,1,3ea26375d0d3f8c3384c0db604d953a89857ef51881446650efc105ce8490e3b,2024-11-15T10:15:05.310000
+CVE-2024-8979,0,1,3b0847b3edd3752c396227a7e40f56b4d47ef0d1725031a1ca52cecc92440e0f,2024-11-15T10:15:05.310000
 CVE-2024-8980,0,0,34622dfc36a70206b20752d1026a226663789c42eaaff2958041a445f566dbba,2024-10-30T14:46:14.127000
 CVE-2024-8981,0,0,72a5e946545b01f6f5b55bd9be0a66c4964926bf866e85b9f0e826b5c8f5cfe7,2024-10-04T13:51:25.567000
 CVE-2024-8983,0,0,a5894726a3c72e301955e62952254bf05f92543b19c3d4bf59f7d30236266e8c,2024-10-10T12:57:21.987000