admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-08-20T16:00:18.583404+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-08-20 16:03:15 +00:00
parent 7c5fee732e
commit 9623dbd837
231 changed files with 6294 additions and 1132 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2021/CVE-2021-275xx/CVE-2021-27506.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-27506",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-03-19T15:15:12.650",
"lastModified": "2022-07-01T12:02:37.977",
"lastModified": "2024-08-20T14:58:54.607",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -92,10 +92,10 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0",
"versionEndIncluding": "4.2.0",
"matchCriteriaId": "C497E1B0-4FE7-4D06-8617-332391247B4E"
"matchCriteriaId": "20C1A2CD-7802-4497-B87D-8D49506B7BCB"
}
]
}

10
CVE-2021/CVE-2021-286xx/CVE-2021-28665.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-28665",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-05-06T20:15:09.820",
"lastModified": "2022-07-12T17:42:04.277",
"lastModified": "2024-08-20T14:58:54.607",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -92,17 +92,17 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.8.0",
"versionEndExcluding": "3.11.5",
"matchCriteriaId": "2C3FF973-E0A0-4727-8B12-116FBEEBA4B3"
"matchCriteriaId": "EB1687AD-8D46-4CBC-8EE5-AEA384B7A1DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.1.5",
"matchCriteriaId": "52C25A6F-35A5-4CE1-9EFF-1F1D93680A78"
"matchCriteriaId": "268FCC1D-500C-4F39-B688-96130AA60D16"
}
]
}

18
CVE-2021/CVE-2021-289xx/CVE-2021-28962.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-28962",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-01-31T14:15:07.610",
"lastModified": "2022-07-12T17:42:04.277",
"lastModified": "2024-08-20T14:58:54.607",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -85,31 +85,31 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.5.0",
"versionEndExcluding": "2.7.9",
"matchCriteriaId": "77D326B0-B6FE-4E7A-9328-9899EA7F9B1D"
"matchCriteriaId": "16197356-0088-4B6B-94D5-1B64802AC302"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.8.0",
"versionEndExcluding": "3.7.21",
"matchCriteriaId": "22139CFC-BAD0-4245-B425-B26E3126CE26"
"matchCriteriaId": "A44D782B-3A9B-45C7-A8C3-0E6159D83B71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.8.0",
"versionEndExcluding": "3.11.9",
"matchCriteriaId": "979C633B-6DD9-42A4-A3CE-215F626D27C9"
"matchCriteriaId": "580720E6-CD62-432E-8B4D-A68DA7459BDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.2.2",
"matchCriteriaId": "7982EF71-685F-44FE-B6E3-B2262D2F4CE0"
"matchCriteriaId": "293C9DE4-4CA5-4F14-886E-99A987E2C396"
}
]
}

18
CVE-2021/CVE-2021-316xx/CVE-2021-31617.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-31617",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-01-31T16:15:09.793",
"lastModified": "2022-02-07T19:34:52.797",
"lastModified": "2024-08-20T14:58:54.607",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -85,31 +85,31 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "2.7.9",
"matchCriteriaId": "AC28942E-8BEB-411A-9E6F-B06215EF32E3"
"matchCriteriaId": "3D98E742-1D45-4E68-B59C-15DE3B8CDF75"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.8.0",
"versionEndExcluding": "3.7.21",
"matchCriteriaId": "22139CFC-BAD0-4245-B425-B26E3126CE26"
"matchCriteriaId": "A44D782B-3A9B-45C7-A8C3-0E6159D83B71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.8.0",
"versionEndExcluding": "3.11.9",
"matchCriteriaId": "979C633B-6DD9-42A4-A3CE-215F626D27C9"
"matchCriteriaId": "580720E6-CD62-432E-8B4D-A68DA7459BDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.1",
"versionEndExcluding": "4.2.3",
"matchCriteriaId": "4373C347-6FA2-4114-91CA-64B7D0D9F726"
"matchCriteriaId": "804BF818-9B25-41F7-809E-E39DCCE246E7"
}
]
}

22
CVE-2021/CVE-2021-33xx/CVE-2021-3384.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3384",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-03-02T18:15:15.977",
"lastModified": "2021-03-09T18:30:22.780",
"lastModified": "2024-08-20T14:58:54.607",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -85,38 +85,38 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.7.8",
"matchCriteriaId": "724ECE02-8234-424F-B196-B2B382CF032C"
"matchCriteriaId": "1963DE20-CE8C-4776-B355-541A682B32A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.8.0",
"versionEndIncluding": "2.16.0",
"matchCriteriaId": "FA2F0DF2-5D80-452D-A83A-3066B159A301"
"matchCriteriaId": "EBAB743F-89C0-4152-A4E7-1633E4492B51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0.0",
"versionEndIncluding": "3.7.17",
"matchCriteriaId": "3877C161-A065-44FD-B341-15A32E0303B2"
"matchCriteriaId": "A7C6C367-2B85-4F65-8E36-E9F791DE3256"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.8.0",
"versionEndIncluding": "3.11.5",
"matchCriteriaId": "485E8DA2-F482-4F29-AE8A-0F60AD2B0C03"
"matchCriteriaId": "6B359EE3-CFBF-4F12-9E07-FCBCEB41CAB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.1.5",
"matchCriteriaId": "52C25A6F-35A5-4CE1-9EFF-1F1D93680A78"
"matchCriteriaId": "268FCC1D-500C-4F39-B688-96130AA60D16"
}
]
}

8
CVE-2022/CVE-2022-12xx/CVE-2022-1206.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-1206",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-20T04:15:06.787",
"lastModified": "2024-08-20T04:15:06.787",
"vulnStatus": "Received",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AdRotate Banner Manager \u2013 The only ad manager you'll need plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension sanitization in the adrotate_insert_media() function in all versions up to, and including, 5.13.2. This makes it possible for authenticated attackers, with administrator-level access and above, to upload arbitrary files with double extensions on the affected site's server which may make remote code execution possible. This is only exploitable on select instances where the configuration will execute the first extension present."
},
{
"lang": "es",
"value": "El complemento AdRotate Banner Manager \u2013 The only ad manager you'll need para WordPress es vulnerable a cargas arbitrarias de archivos debido a la falta de desinfecci\u00f3n de extensiones de archivos en la funci\u00f3n adrotate_insert_media() en todas las versiones hasta la 5.13.2 incluida. Esto hace posible que atacantes autenticados, con acceso de nivel de administrador y superior, carguen archivos arbitrarios con extensiones dobles en el servidor del sitio afectado, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo. Esto solo se puede explotar en casos seleccionados donde la configuraci\u00f3n ejecutar\u00e1 la primera extensi\u00f3n presente."
}
],
"metrics": {

18
CVE-2022/CVE-2022-239xx/CVE-2022-23989.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23989",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-03-15T21:15:09.603",
"lastModified": "2022-03-24T20:24:41.953",
"lastModified": "2024-08-20T14:58:54.607",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -85,31 +85,31 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0.0",
"versionEndExcluding": "3.7.25",
"matchCriteriaId": "3B796566-AC85-486F-B961-E541E1159BD6"
"matchCriteriaId": "6BA930F8-6221-4492-86A4-5B3F8DEF8E3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.8.0",
"versionEndExcluding": "3.11.13",
"matchCriteriaId": "8DAF9A3F-2B07-4148-80A8-96ADBBD1937E"
"matchCriteriaId": "FE02CCA4-5C58-4165-BB15-178CC80FA567"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.2.10",
"matchCriteriaId": "008F3752-0F64-4B4E-9A81-7351490403C0"
"matchCriteriaId": "A26B3C9D-67B6-420D-975C-561A9B2F22AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.0",
"versionEndExcluding": "4.3.5",
"matchCriteriaId": "5FF8B9D6-09C1-4A0E-8A45-AA3CD3A40355"
"matchCriteriaId": "E7A3CBF2-016A-4EBB-B98F-EDFA075DCA81"
}
]
}

18
CVE-2022/CVE-2022-278xx/CVE-2022-27812.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27812",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-08-24T12:15:08.433",
"lastModified": "2023-08-08T14:22:24.967",
"lastModified": "2024-08-20T14:58:54.607",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -60,31 +60,31 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.7.0",
"versionEndExcluding": "3.7.30",
"matchCriteriaId": "8C50DD87-764D-456F-A788-B89B8B1CB058"
"matchCriteriaId": "0ED3E958-C6DD-4534-84D8-8C9F9220F091"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.11.0",
"versionEndExcluding": "3.11.18",
"matchCriteriaId": "3CC26C37-109C-4260-8F7C-DD63D4CEDD1C"
"matchCriteriaId": "E3046184-CE10-4A23-9E05-F5173E9BCE5F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2.0",
"versionEndExcluding": "4.2.11",
"matchCriteriaId": "AA603F8D-C46E-423C-8A86-88F55CE40D35"
"matchCriteriaId": "F0AF8CBA-E40F-4E62-8024-52D8855A3563"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.0",
"versionEndExcluding": "4.3.7",
"matchCriteriaId": "D7AC7E7E-B95A-4CF7-A879-B9E08F7A20AB"
"matchCriteriaId": "6BE777F7-6AFE-4060-AD7D-6A4E87073094"
}
]
}

6
CVE-2022/CVE-2022-302xx/CVE-2022-30279.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30279",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-05-12T15:15:08.847",
"lastModified": "2022-05-20T18:33:56.557",
"lastModified": "2024-08-20T14:58:54.607",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -85,10 +85,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.3",
"versionEndExcluding": "4.3.8",
"matchCriteriaId": "74E521BB-184A-400F-A673-8871168C4C00"
"matchCriteriaId": "B2B91285-D421-42DA-BA7B-2DEF9A3958C6"
}
]
}

39
CVE-2022/CVE-2022-325xx/CVE-2022-32506.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32506",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T10:43:41.587",
"lastModified": "2024-05-14T16:13:02.773",
"lastModified": "2024-08-20T14:35:01.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se ha descubierto un problema en determinados dispositivos de Nuki Home Solutions. Un atacante con acceso f\u00edsico a la placa de circuito podr\u00eda utilizar las funciones de depuraci\u00f3n del SWD para controlar la ejecuci\u00f3n de c\u00f3digo en el procesador y depurar el firmware, as\u00ed como leer o alterar el contenido de la memoria flash interna y externa. Esto afecta a Nuki Smart Lock 3.0 anterior a 3.3.5, Nuki Smart Lock 2.0 anterior a 2.12.4, as\u00ed como a Nuki Bridge v1 anterior a 1.22.0 y v2 anterior a 2.13.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1263"
}
]
}
],
"references": [
{
"url": "https://latesthackingnews.com/2022/07/28/multiple-security-flaws-found-in-nuki-smart-locks/",

10
CVE-2023/CVE-2023-260xx/CVE-2023-26095.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26095",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-28T12:15:08.940",
"lastModified": "2023-08-31T18:58:14.647",
"lastModified": "2024-08-20T14:58:54.607",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -56,15 +56,15 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.6.0",
"versionEndExcluding": "4.6.3",
"matchCriteriaId": "36CA672B-C31F-4111-8412-792D8B0DCD7E"
"matchCriteriaId": "DF87CF3B-17D9-4B12-86FD-DD1633177BA9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:4.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "89BD846F-87FC-40AA-83BF-0451374BC958"
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:4.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "D2E690AD-A6BB-49A0-B21E-25138E49548D"
}
]
}

14
CVE-2023/CVE-2023-286xx/CVE-2023-28616.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-28616",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-26T04:15:07.790",
"lastModified": "2024-01-04T15:28:24.317",
"lastModified": "2024-08-20T14:58:54.607",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -60,22 +60,22 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "4.3.17",
"matchCriteriaId": "C2ED1896-6DA3-413F-B5A1-AC1EE41470A6"
"matchCriteriaId": "77BB677B-09F8-4CB6-A65B-D596EF7598EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.0",
"versionEndExcluding": "4.6.4",
"matchCriteriaId": "601A3438-4E6E-46B6-B596-082C6EA8B1D1"
"matchCriteriaId": "77BAC9BA-B215-490F-9202-617B1B4E7C8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:4.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5CEA8D81-9EC9-4285-9A9F-B60CE3A12ABA"
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:4.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41064506-1A8B-462B-B0CC-935467EB80CA"
}
]
}

64
CVE-2023/CVE-2023-350xx/CVE-2023-35022.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35022",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-06-30T16:15:02.600",
"lastModified": "2024-07-01T12:37:24.220",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T14:13:16.427",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -41,8 +61,18 @@
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,14 +81,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4CED2F00-89E3-4BA9-A8FB-D43B308A59A8"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/258254",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7158447",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

39
CVE-2023/CVE-2023-438xx/CVE-2023-43848.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-43848",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-28T19:15:09.587",
"lastModified": "2024-05-29T13:02:09.280",
"lastModified": "2024-08-20T15:35:01.247",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "El control de acceso incorrecto en la funci\u00f3n de administraci\u00f3n del firewall de la interfaz web en Aten PE6208 2.3.228 y 2.4.232 permite a los usuarios autenticados remotamente modificar la configuraci\u00f3n del firewall local del dispositivo como si fueran el administrador mediante una solicitud HTTP POST."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/setersora/pe6208",

39
CVE-2023/CVE-2023-468xx/CVE-2023-46870.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-46870",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T13:54:34.163",
"lastModified": "2024-05-14T16:13:02.773",
"lastModified": "2024-08-20T14:35:03.573",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "extcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, extcap/SnifferAPI/*.py en Nordic Semiconductor nRF Sniffer para Bluetooth LE 3.0.0, 3.1.0, 4.0.0, 4.1.0 y 4.1.1 tienen una configuraci\u00f3n incorrecta permiso de archivo, que permite a los atacantes ejecutar c\u00f3digo a trav\u00e9s de scripts bash y python modificados."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [
{
"url": "https://github.com/Chapoly1305/CVE-2023-46870",

14
CVE-2023/CVE-2023-470xx/CVE-2023-47091.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-47091",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-25T07:15:09.537",
"lastModified": "2024-01-04T01:15:58.840",
"lastModified": "2024-08-20T14:58:54.607",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -60,24 +60,24 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.13",
"versionEndExcluding": "4.3.23",
"matchCriteriaId": "56C988A8-017F-4B5F-945D-50A8F54FC618"
"matchCriteriaId": "4D293505-FDC0-4B2B-B7D4-8371A9142A0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.6.0",
"versionEndExcluding": "4.6.10",
"matchCriteriaId": "BB9EC8BF-9FFC-4F3E-B8D2-578582478D14"
"matchCriteriaId": "7BA3CFA3-AA12-4347-AE99-91D28021E6F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:network_security:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.7.0",
"versionEndExcluding": "4.7.2",
"matchCriteriaId": "F45A8EFF-2702-4D2E-98F1-B87434FA0AE2"
"matchCriteriaId": "459D63A0-291E-4B60-94A7-4FDB3A381C61"
}
]
}

46
CVE-2024/CVE-2024-214xx/CVE-2024-21449.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-21449",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:14.177",
"lastModified": "2024-08-08T18:50:39.357",
"lastModified": "2024-08-20T15:48:51.190",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

8
CVE-2024/CVE-2024-216xx/CVE-2024-21689.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-21689",
"sourceIdentifier": "security@atlassian.com",
"published": "2024-08-20T10:15:04.103",
"lastModified": "2024-08-20T10:15:04.103",
"vulnStatus": "Received",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This High severity RCE (Remote Code Execution) vulnerability CVE-2024-21689\u00a0 was introduced in versions 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, and 9.6.0 of Bamboo Data Center and Server.\r\n\r\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.6, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction.\r\n\r\nAtlassian recommends that Bamboo Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:\r\n Bamboo Data Center and Server 9.2: Upgrade to a release greater than or equal to 9.2.17\r\n\r\n Bamboo Data Center and Server 9.6: Upgrade to a release greater than or equal to 9.6.5\r\n\r\nSee the release notes ([https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html]). You can download the latest version of Bamboo Data Center and Server from the download center ([https://www.atlassian.com/software/bamboo/download-archives]).\r\n\r\nThis vulnerability was reported via our Bug Bounty program."
},
{
"lang": "es",
"value": "Esta vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE) de alta gravedad, CVE-2024-21689, se introdujo en las versiones 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0 y 9.6.0 de Bamboo Data Center and Server. Esta vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE), con una puntuaci\u00f3n CVSS de 7,6, permite a un atacante autenticado ejecutar c\u00f3digo arbitrario que tiene un alto impacto en la confidencialidad, la integridad y la disponibilidad, y requiere la interacci\u00f3n del usuario. Atlassian recomienda que los clientes de Bamboo Data Center and Server actualicen a la \u00faltima versi\u00f3n. Si no puede hacerlo, actualice su instancia a una de las versiones corregidas compatibles especificadas: Bamboo Data Center and Server 9.2: actualice a una versi\u00f3n mayor o igual a 9.2.17 Bamboo Data Center and Server 9.6: actualice a una versi\u00f3n mayor o igual a 9.6.5 Consulte las notas de la versi\u00f3n ([https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html]). Puede descargar la \u00faltima versi\u00f3n de Bamboo Data Center and Server desde el centro de descargas ([https://www.atlassian.com/software/bamboo/download-archives]). Esta vulnerabilidad se inform\u00f3 a trav\u00e9s de nuestro programa Bug Bounty."
}
],
"metrics": {

12
CVE-2024/CVE-2024-220xx/CVE-2024-22095.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-22095",
"sourceIdentifier": "secure@intel.com",
"published": "2024-05-16T21:16:06.320",
"lastModified": "2024-07-03T01:47:03.793",
"lastModified": "2024-08-20T15:35:02.417",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -49,16 +49,6 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [

39
CVE-2024/CVE-2024-230xx/CVE-2024-23084.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23084",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-08T23:15:07.803",
"lastModified": "2024-08-01T23:15:40.503",
"lastModified": "2024-08-20T15:35:02.813",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
@ -22,7 +22,42 @@
"value": "Se descubri\u00f3 que Apfloat v1.10.1 conten\u00eda una excepci\u00f3n ArrayIndexOutOfBoundsException a trav\u00e9s del componente org.apfloat.internal.DoubleCRTMath::add(double[], double[])."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-129"
}
]
}
],
"references": [
{
"url": "http://apfloat.com",

34
CVE-2024/CVE-2024-232xx/CVE-2024-23299.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23299",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-06-10T20:15:13.107",
"lastModified": "2024-06-12T18:03:36.960",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-20T15:35:03.893",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-250"
}
]
}
],
"configurations": [

39
CVE-2024/CVE-2024-242xx/CVE-2024-24293.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24293",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-20T18:15:10.193",
"lastModified": "2024-05-20T19:34:58.277",
"lastModified": "2024-08-20T14:35:04.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " Un problema de contaminaci\u00f3n de prototipo en MiguelCastillo @bit/loader v.10.0.3 permite a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s de la funci\u00f3n M y el argumento en index.js."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/tariqhawis/986fb1c9da6be526fb2656ba8d194b7f",

4
CVE-2024/CVE-2024-250xx/CVE-2024-25009.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25009",
"sourceIdentifier": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"published": "2024-08-20T12:15:04.667",
"lastModified": "2024-08-20T12:15:04.667",
"vulnStatus": "Received",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

39
CVE-2024/CVE-2024-272xx/CVE-2024-27281.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27281",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T15:11:57.250",
"lastModified": "2024-05-14T16:13:02.773",
"lastModified": "2024-08-20T14:35:05.757",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 un problema en RDoc 6.3.3 a 6.6.2, tal como se distribuye en Ruby 3.x a 3.3.0. Al analizar .rdoc_options (utilizado para la configuraci\u00f3n en RDoc) como un archivo YAML, la inyecci\u00f3n de objetos y la ejecuci\u00f3n remota de c\u00f3digo resultante son posibles porque no hay restricciones en las clases que se pueden restaurar. (Al cargar el cach\u00e9 de documentaci\u00f3n, la inyecci\u00f3n de objetos y la ejecuci\u00f3n remota de c\u00f3digo resultante tambi\u00e9n son posibles si hubiera un cach\u00e9 manipulado). La versi\u00f3n principal fija es 6.6.3.1. Para los usuarios de Ruby 3.0, una versi\u00f3n fija es rdoc 6.3.4.1. Para los usuarios de Ruby 3.1, una versi\u00f3n fija es rdoc 6.4.1.1. Para los usuarios de Ruby 3.2, una versi\u00f3n fija es rdoc 6.5.1.1."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://hackerone.com/reports/1187477",

39
CVE-2024/CVE-2024-277xx/CVE-2024-27728.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27728",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-15T19:15:18.477",
"lastModified": "2024-08-19T13:00:23.117",
"lastModified": "2024-08-20T14:35:06.747",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " La vulnerabilidad de Cross Site Scripting en Friendica v.2023.12 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del par\u00e1metro text de la funci\u00f3n de depuraci\u00f3n de Babel."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/friendica/friendica/pull/13927",

109
CVE-2024/CVE-2024-278xx/CVE-2024-27882.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27882",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:10.877",
"lastModified": "2024-07-30T13:32:45.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T15:05:39.703",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,122 @@
"value": " Se solucion\u00f3 un problema de permisos con restricciones adicionales. Este problema se solucion\u00f3 en macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. Es posible que una aplicaci\u00f3n pueda modificar partes protegidas del sistema de archivos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.7.6",
"matchCriteriaId": "3556C7C3-14B6-4846-B3E8-FE07A503155F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6.8",
"matchCriteriaId": "7008225C-B5B9-4F87-9392-DD2080717E9A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.6",
"matchCriteriaId": "51E2E93B-C5A3-4C83-B806-2EC555AD45FE"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/18",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/19",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/20",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214118",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214119",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214120",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

109
CVE-2024/CVE-2024-278xx/CVE-2024-27883.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27883",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:10.940",
"lastModified": "2024-07-30T13:32:45.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T15:06:34.580",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,122 @@
"value": " Se solucion\u00f3 un problema de permisos con restricciones adicionales. Este problema se solucion\u00f3 en macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. Es posible que una aplicaci\u00f3n pueda modificar partes protegidas del sistema de archivos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.7.6",
"matchCriteriaId": "3556C7C3-14B6-4846-B3E8-FE07A503155F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6.8",
"matchCriteriaId": "7008225C-B5B9-4F87-9392-DD2080717E9A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.6",
"matchCriteriaId": "51E2E93B-C5A3-4C83-B806-2EC555AD45FE"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/18",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/19",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/20",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214118",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214119",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214120",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

199
CVE-2024/CVE-2024-278xx/CVE-2024-27884.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27884",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:11.010",
"lastModified": "2024-07-30T13:32:45.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T15:07:50.547",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,220 @@
"value": " Esta cuesti\u00f3n se abord\u00f3 con un nuevo derecho. Este problema se solucion\u00f3 en macOS Sonoma 14.5, watchOS 10.5, visionOS 1.2, tvOS 17.5, iOS 17.5 y iPadOS 17.5. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "E9C4B45E-AF58-4D7C-B73A-618B06AED56E"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "E7F2E11C-4A7D-4E71-BFAA-396B0549F649"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.5",
"matchCriteriaId": "018F7001-D2CD-4A28-853F-749408A7D1AF"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.5",
"matchCriteriaId": "CC4B1E01-BE73-48F8-9BD5-32F7C57EB45A"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2",
"matchCriteriaId": "20FA533E-AA15-4561-AAF1-F8C3F5283C88"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "003383BF-F06C-4300-908D-D1C8498C6BCD"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT214101",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214102",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214104",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214106",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214108",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214101",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214102",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214104",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214106",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214108",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-278xx/CVE-2024-27887.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27887",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:11.127",
"lastModified": "2024-07-30T13:32:45.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T15:08:53.127",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,76 @@
"value": "Se solucion\u00f3 un problema de manejo de rutas con una validaci\u00f3n mejorada. Este problema se solucion\u00f3 en macOS Sonoma 14.4. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.4",
"matchCriteriaId": "58227FD1-0619-45F6-AD19-25831899376A"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT214084",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214084",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-280xx/CVE-2024-28087.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-28087",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-15T17:15:10.643",
"lastModified": "2024-05-15T18:35:11.453",
"lastModified": "2024-08-20T14:35:07.653",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En la edici\u00f3n Community de Bonitasoft runtime, la falta de permisos din\u00e1micos provoca una vulnerabilidad IDOR. Los permisos din\u00e1micos solo exist\u00edan en la edici\u00f3n Suscripci\u00f3n y ahora se han restaurado en la edici\u00f3n Comunidad, donde no son personalizables."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://documentation.bonitasoft.com/bonita/latest/release-notes#_fixes_in_bonita_2024_1_2024_04_11",

52
CVE-2024/CVE-2024-287xx/CVE-2024-28795.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28795",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-06-30T16:15:02.987",
"lastModified": "2024-07-01T12:37:24.220",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T14:13:46.593",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4CED2F00-89E3-4BA9-A8FB-D43B308A59A8"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/286832",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7158408",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2024/CVE-2024-288xx/CVE-2024-28829.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-28829",
"sourceIdentifier": "security@checkmk.com",
"published": "2024-08-20T10:15:05.693",
"lastModified": "2024-08-20T10:15:05.693",
"vulnStatus": "Received",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 and 2.0.0 (EOL) allows local users to escalate privileges."
},
{
"lang": "es",
"value": "La violaci\u00f3n de privilegios m\u00ednimos y la dependencia de entradas no confiables en el complemento del agente Checkmk mk_informix anterior a Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 y 2.0.0 (EOL) permite que los usuarios locales escalen privilegios."
}
],
"metrics": {

39
CVE-2024/CVE-2024-291xx/CVE-2024-29159.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-29159",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T15:15:32.000",
"lastModified": "2024-05-14T16:13:02.773",
"lastModified": "2024-08-20T14:35:13.163",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "HDF5 hasta 1.14.3 contiene un desbordamiento de b\u00fafer en H5Z__filter_scaleoffset, lo que provoca la corrupci\u00f3n del puntero de instrucci\u00f3n y provoca denegaci\u00f3n de servicio o posible ejecuci\u00f3n de c\u00f3digo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/",

39
CVE-2024/CVE-2024-292xx/CVE-2024-29276.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-29276",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-02T07:15:45.577",
"lastModified": "2024-04-02T12:50:42.233",
"lastModified": "2024-08-20T15:35:05.580",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 un problema en seeyonOA versi\u00f3n 8, que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s del m\u00e9todo importProcess en el componente WorkFlowDesignerController.class."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://www.cnblogs.com/Rainy-Day/p/18061399",

39
CVE-2024/CVE-2024-296xx/CVE-2024-29651.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-29651",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-20T18:15:10.270",
"lastModified": "2024-05-20T19:34:58.277",
"lastModified": "2024-08-20T14:35:13.967",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " Un problema de contaminaci\u00f3n de prototipos en API Dev Tools json-schema-ref-parser v.11.0.0 y v.11.1.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de bundle()`, `parse()`, `resolve( )`, `funciones de desreferencia()."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/tariqhawis/5db76b38112bba756615b688c32409ad",

29
CVE-2024/CVE-2024-309xx/CVE-2024-30949.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-30949",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T15:15:20.400",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the _gettimeofday function."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/visitorckw/6b26e599241ea80210ea136b28441661",
"source": "cve@mitre.org"
},
{
"url": "https://inbox.sourceware.org/newlib/20231129035714.469943-1-visitorckw%40gmail.com/",
"source": "cve@mitre.org"
},
{
"url": "https://sourceware.org/git/?p=newlib-cygwin.git%3Ba=commit%3Bh=5f15d7c5817b07a6b18cbab17342c95cb7b42be4",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-310xx/CVE-2024-31011.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31011",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-03T05:15:48.010",
"lastModified": "2024-04-03T12:38:04.840",
"lastModified": "2024-08-20T15:35:06.517",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Vulnerabilidad de escritura arbitraria en archivos en beescms v.4.0, permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de una ruta de archivo que no estaba aislada y el sufijo no estaba verificado en admin_template.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/ss122-0ss/beescms/blob/main/readme.md",

39
CVE-2024/CVE-2024-322xx/CVE-2024-32269.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32269",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-29T17:15:19.130",
"lastModified": "2024-04-30T13:11:16.690",
"lastModified": "2024-08-20T14:35:14.740",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Un problema en Yonganda YAD-LOJ V3.0.561 permite que un atacante remoto provoque una denegaci\u00f3n de servicio a trav\u00e9s de un paquete manipulado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://github.com/kzLiu2017/Tuya_Cam_CVE_Doc/blob/main/YAD-LOJ-Camera.pdf",

39
CVE-2024/CVE-2024-323xx/CVE-2024-32351.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32351",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T16:17:02.800",
"lastModified": "2024-05-14T19:17:55.627",
"lastModified": "2024-08-20T15:35:07.350",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que TOTOLINK X5000R V9.1.0cu.2350_B20230313 contiene una vulnerabilidad de ejecuci\u00f3n remota de comandos (RCE) autenticada a trav\u00e9s del par\u00e1metro \"mru\" en el binario \"cstecgi.cgi\"."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://github.com/1s1and123/Vulnerabilities/blob/main/device/ToToLink/X5000R/TOTOLink_X5000R_RCE.md",

39
CVE-2024/CVE-2024-326xx/CVE-2024-32617.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32617",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T15:36:46.893",
"lastModified": "2024-05-14T16:12:23.490",
"lastModified": "2024-08-20T14:35:15.603",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La librer\u00eda HDF5 hasta 1.14.3 contiene una sobrelectura del b\u00fafer basado en mont\u00f3n causada por el uso inseguro de strdup en H5MM_xstrdup en H5MM.c (llamado desde H5G__ent_to_link en H5Glink.c)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/",

39
CVE-2024/CVE-2024-326xx/CVE-2024-32621.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32621",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T15:36:47.690",
"lastModified": "2024-05-14T16:12:23.490",
"lastModified": "2024-08-20T14:35:16.373",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La librer\u00eda HDF5 hasta 1.14.3 contiene un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico en H5HG_read en H5HG.c (llamado desde H5VL__native_blob_get en H5VLnative_blob.c), lo que resulta en la corrupci\u00f3n del puntero de instrucci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/",

39
CVE-2024/CVE-2024-326xx/CVE-2024-32622.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32622",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T15:36:47.797",
"lastModified": "2024-05-14T16:12:23.490",
"lastModified": "2024-08-20T14:35:17.140",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La librer\u00eda HDF5 hasta 1.14.3 contiene una operaci\u00f3n de lectura fuera de los l\u00edmites en H5FL_arr_malloc en H5FL.c (llamada desde H5S_set_extent_simple en H5S.c)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/",

39
CVE-2024/CVE-2024-332xx/CVE-2024-33219.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-33219",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T15:15:28.680",
"lastModified": "2024-05-22T18:59:20.240",
"lastModified": "2024-08-20T15:35:08.557",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Un problema en el componente AsIO64.sys de ASUSTeK Computer Inc ASUS SABERTOOTH X99 Driver v1.0.1.0 permite a los atacantes escalar privilegios y ejecutar c\u00f3digo arbitrario mediante el env\u00edo de solicitudes IOCTL manipuladas."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-782"
}
]
}
],
"references": [
{
"url": "https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33219",

39
CVE-2024/CVE-2024-338xx/CVE-2024-33806.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-33806",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-28T16:15:16.620",
"lastModified": "2024-05-28T17:11:47.007",
"lastModified": "2024-08-20T15:35:09.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de inyecci\u00f3n SQL en /model/get_grade.php en campcodes Complete Web-Based School Management System 1.0 permite a un atacante ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro id."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%2012.pdf",

21
CVE-2024/CVE-2024-338xx/CVE-2024-33872.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-33872",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T14:15:08.750",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in code execution and escalation of privileges."
}
],
"metrics": {},
"references": [
{
"url": "https://trust.keyfactor.com/?itemUid=d73921fd-bc9e-4e35-a974-cfb628e6a226&source=click",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-341xx/CVE-2024-34193.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-34193",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-20T18:15:10.400",
"lastModified": "2024-05-20T19:34:58.277",
"lastModified": "2024-08-20T15:35:11.077",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " smanga 3.2.7 no filtra el par\u00e1metro file en la interfaz PHP/get file flow.php, lo que resulta en una vulnerabilidad de path traversal que puede provocar la lectura arbitraria de archivos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/vulreport3r/cve-reports/blob/main/Smanga_has_an_arbitrary_file_read_vulnerability/report.md",

39
CVE-2024/CVE-2024-342xx/CVE-2024-34240.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-34240",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-21T18:15:09.650",
"lastModified": "2024-05-22T12:46:53.887",
"lastModified": "2024-08-20T15:35:12.167",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "QDOCS Smart School 7.0.0 es vulnerable a Cross Site Scripting (XSS), lo que resulta en la ejecuci\u00f3n de c\u00f3digo arbitrario en funciones administrativas relacionadas con la adici\u00f3n o actualizaci\u00f3n de registros."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://grumpz.net/cve-2024-34240-latest-stored-xss-0day-vulnerability-unveiled",

21
CVE-2024/CVE-2024-344xx/CVE-2024-34458.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-34458",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T14:15:08.873",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in information disclosure."
}
],
"metrics": {},
"references": [
{
"url": "https://trust.keyfactor.com/?itemUid=d73921fd-bc9e-4e35-a974-cfb628e6a226&source=click",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-349xx/CVE-2024-34934.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-34934",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:30.197",
"lastModified": "2024-05-24T01:15:30.977",
"lastModified": "2024-08-20T15:35:13.137",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de inyecci\u00f3n SQL en /view/emarks_range_grade_update_form.php en Campcodes Complete Web-Based School Management System 1.0 permite a un atacante ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro conversation_id."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%2028.pdf",

39
CVE-2024/CVE-2024-350xx/CVE-2024-35010.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35010",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T16:17:30.877",
"lastModified": "2024-05-14T19:17:55.627",
"lastModified": "2024-08-20T14:35:18.007",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que idccms v1.35 conten\u00eda Cross-Site Request Forgery (CSRF) a trav\u00e9s del componente /admin/banner_deal.php?mudi=del&dataType=&dataTypeCN=%E5%9B%BE%E7%89%87%E5%B9% BF%E5%91%8A&theme=cs&dataID=6."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://github.com/Thirtypenny77/cms/blob/main/6.md",

39
CVE-2024/CVE-2024-350xx/CVE-2024-35079.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35079",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T19:16:01.357",
"lastModified": "2024-05-24T01:15:30.977",
"lastModified": "2024-08-20T15:35:13.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de carga de archivos arbitrarios en el m\u00e9todo uploadAudio de inxedu v2024.4 permite a los atacantes ejecutar c\u00f3digo arbitrario cargando un archivo .jsp manipulado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/35079.txt",

39
CVE-2024/CVE-2024-352xx/CVE-2024-35205.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35205",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T15:39:43.030",
"lastModified": "2024-05-14T16:11:39.510",
"lastModified": "2024-08-20T14:35:21.557",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La aplicaci\u00f3n WPS Office (tambi\u00e9n conocida como cn.wps.moffice_eng) anterior a 17.0.0 para Android no sanitiza adecuadamente los nombres de los archivos antes de procesarlos a trav\u00e9s de interacciones de aplicaciones externas, lo que genera una forma de Path Traversal. Potencialmente, esto permite que cualquier aplicaci\u00f3n env\u00ede un archivo de librer\u00eda manipulado, con el objetivo de sobrescribir una librer\u00eda nativa existente utilizada por WPS Office. La explotaci\u00f3n exitosa podr\u00eda resultar en la ejecuci\u00f3n de comandos arbitrarios bajo la apariencia del ID de la aplicaci\u00f3n de WPS Office."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://www.microsoft.com/en-us/security/blog/2024/05/01/dirty-stream-attack-discovering-and-mitigating-a-common-vulnerability-pattern-in-android-apps/",

46
CVE-2024/CVE-2024-352xx/CVE-2024-35256.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35256",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:17.623",
"lastModified": "2024-08-08T18:50:56.197",
"lastModified": "2024-08-20T15:48:42.910",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-352xx/CVE-2024-35271.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35271",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:19.023",
"lastModified": "2024-08-08T18:51:09.090",
"lastModified": "2024-08-20T15:47:07.247",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-352xx/CVE-2024-35272.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35272",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:19.217",
"lastModified": "2024-08-08T18:33:14.440",
"lastModified": "2024-08-20T15:47:09.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

39
CVE-2024/CVE-2024-353xx/CVE-2024-35374.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35374",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-24T21:15:59.793",
"lastModified": "2024-05-28T17:15:10.937",
"lastModified": "2024-08-20T15:35:14.870",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Mocodo Mocodo Online 4.2.6 y versiones anteriores no desinfecta adecuadamente el campo de entrada sql_case en /web/generate.php, lo que permite a atacantes remotos ejecutar comandos SQL arbitrarios y potencialmente inyecci\u00f3n de comandos, lo que lleva a la ejecuci\u00f3n remota de c\u00f3digo (RCE) bajo ciertas condiciones."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://chocapikk.com/posts/2024/mocodo-vulnerabilities/",

39
CVE-2024/CVE-2024-354xx/CVE-2024-35409.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35409",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T14:15:08.760",
"lastModified": "2024-05-22T14:30:41.953",
"lastModified": "2024-08-20T15:35:15.637",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "WeBid 1.1.2 es vulnerable a la inyecci\u00f3n SQL a trav\u00e9s de admin/tax.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/ixpqxi/CVE_LIST/blob/master/WeBid_sqli/WeBid_v1.1.2_sql_injection_vulnerability.md",

49
CVE-2024/CVE-2024-355xx/CVE-2024-35538.json
View File

@ -2,16 +2,59 @@
"id": "CVE-2024-35538",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-19T21:15:09.850",
"lastModified": "2024-08-19T21:15:09.850",
"vulnStatus": "Received",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Typecho v1.3.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as value of X-Forwarded-For or Client-Ip headers while performing HTTP requests."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que Typecho v1.3.0 contiene una vulnerabilidad de suplantaci\u00f3n de IP del cliente, que permite a los atacantes falsificar sus direcciones IP especificando una IP arbitraria como valor de los encabezados X-Forwarded-For o Client-Ip mientras realizan solicitudes HTTP."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-290"
},
{
"lang": "en",
"value": "CWE-444"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cyberaz0r.info/2024/08/typecho-multiple-vulnerabilities/",

8
CVE-2024/CVE-2024-355xx/CVE-2024-35539.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-35539",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-19T21:15:09.913",
"lastModified": "2024-08-19T21:15:09.913",
"vulnStatus": "Received",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Typecho v1.3.0 was discovered to contain a race condition vulnerability in the post commenting function. This vulnerability allows attackers to post several comments before the spam protection checks if the comments are posted too frequently."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que Typecho v1.3.0 conten\u00eda una vulnerabilidad de condici\u00f3n de ejecuci\u00f3n en la funci\u00f3n de comentarios de publicaciones. Esta vulnerabilidad permite a los atacantes publicar varios comentarios antes de que la protecci\u00f3n contra spam compruebe si los comentarios se publican con demasiada frecuencia."
}
],
"metrics": {},

21
CVE-2024/CVE-2024-355xx/CVE-2024-35540.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-35540",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T15:15:21.103",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in Typecho v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload."
}
],
"metrics": {},
"references": [
{
"url": "https://cyberaz0r.info/2024/08/typecho-multiple-vulnerabilities/",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-355xx/CVE-2024-35556.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35556",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T14:15:09.467",
"lastModified": "2024-05-22T14:30:41.953",
"lastModified": "2024-08-20T15:35:16.417",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que idccms v1.35 conten\u00eda Cross-Site Request Forgery (CSRF) a trav\u00e9s del componente /admin/vpsSys_deal.php?mudi=infoSet."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://github.com/bearman113/1.md/blob/main/26/csrf.md",

39
CVE-2024/CVE-2024-355xx/CVE-2024-35580.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35580",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-20T18:15:10.777",
"lastModified": "2024-05-20T19:34:58.277",
"lastModified": "2024-08-20T14:35:23.113",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " Tenda AX1806 v1.0.0.1 contiene un desbordamiento de pila a trav\u00e9s del par\u00e1metro adv.iptv.stbpvid en la funci\u00f3n formSetIptv."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://detailed-stetson-767.notion.site/Tenda-AX1806-Buffer-Overflow-in-formSetIptv-cebf9202122a4582ae86c5253b3f6da3?pvs=4",

39
CVE-2024/CVE-2024-355xx/CVE-2024-35582.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35582",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-28T20:16:36.037",
"lastModified": "2024-05-29T13:02:09.280",
"lastModified": "2024-08-20T15:35:17.183",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de Cross-site scripting (XSS) en Sourcecodester Laboratory Management System v1.0 permite a los atacantes ejecutar scripts web o HTML arbitrario a trav\u00e9s de un payload manipulado que se inyecta en el campo de entrada del Departamento."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/r04i7/CVE/blob/main/CVE-2024-35582.md",

39
CVE-2024/CVE-2024-355xx/CVE-2024-35592.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35592",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-24T14:15:17.287",
"lastModified": "2024-05-24T18:09:20.027",
"lastModified": "2024-08-20T15:35:17.980",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de carga de archivos arbitraria en la funci\u00f3n de carga de Box-IM v2.0 permite a los atacantes ejecutar c\u00f3digo arbitrario cargando un archivo PDF manipulado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/Joying-C/Cross-site-scripting-vulnerability/blob/main/BOX-IM_Cross_site%20_scripting%20_vulnerability/BOX-IM_Cross_site%20_scripting%20_vulnerability.pdf",

39
CVE-2024/CVE-2024-360xx/CVE-2024-36052.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36052",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-21T17:15:09.250",
"lastModified": "2024-05-22T12:46:53.887",
"lastModified": "2024-08-20T15:35:18.753",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " RARLAB WinRAR anterior a 7.00, en Windows, permite a los atacantes falsificar la salida de la pantalla mediante secuencias de escape ANSI, un problema diferente al CVE-2024-33899."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-150"
}
]
}
],
"references": [
{
"url": "https://sdushantha.medium.com/ansi-escape-injection-vulnerability-in-winrar-a2cbfac4b983",

39
CVE-2024/CVE-2024-360xx/CVE-2024-36079.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36079",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-24T22:15:08.413",
"lastModified": "2024-05-28T12:39:42.673",
"lastModified": "2024-08-20T14:35:24.033",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 un problema en Vaultize 21.07.27. Al cargar archivos, no se verifica que el par\u00e1metro de nombre de archivo sea correcto. Como resultado, se crear\u00e1 un archivo temporal fuera del directorio especificado cuando se descargue el archivo. Para aprovechar esto, un usuario autenticado cargar\u00eda un archivo con un nombre incorrecto y luego lo descargar\u00eda."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/DxRvs/vaultize_CVE-2024-36079",

39
CVE-2024/CVE-2024-367xx/CVE-2024-36734.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36734",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-06T19:15:58.030",
"lastModified": "2024-06-07T14:56:05.647",
"lastModified": "2024-08-20T14:35:24.830",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Validaci\u00f3n de entrada incorrecta en OneFlow-Inc. Oneflow v0.9.1 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) ingresando un valor negativo en el par\u00e1metro tenue."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/Redmept1on/7420cd59f30defda07cf7bb4bf4a92cd",

46
CVE-2024/CVE-2024-373xx/CVE-2024-37318.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37318",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:19.520",
"lastModified": "2024-08-08T18:36:54.347",
"lastModified": "2024-08-20T15:47:12.723",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-373xx/CVE-2024-37319.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37319",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:19.757",
"lastModified": "2024-08-08T18:39:41.537",
"lastModified": "2024-08-20T15:47:14.840",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-373xx/CVE-2024-37320.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37320",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:19.973",
"lastModified": "2024-08-08T18:40:08.887",
"lastModified": "2024-08-20T15:47:17.147",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-373xx/CVE-2024-37321.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37321",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:20.180",
"lastModified": "2024-08-08T18:40:27.350",
"lastModified": "2024-08-20T15:47:20.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-373xx/CVE-2024-37322.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37322",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:20.390",
"lastModified": "2024-08-08T18:41:20.253",
"lastModified": "2024-08-20T15:47:23.830",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-373xx/CVE-2024-37323.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37323",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:20.603",
"lastModified": "2024-08-08T18:41:44.730",
"lastModified": "2024-08-20T15:47:26.383",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-373xx/CVE-2024-37324.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37324",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:20.797",
"lastModified": "2024-08-08T18:42:10.850",
"lastModified": "2024-08-20T15:47:29.147",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-373xx/CVE-2024-37326.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37326",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:20.997",
"lastModified": "2024-08-08T18:42:31.443",
"lastModified": "2024-08-20T15:47:31.987",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-373xx/CVE-2024-37327.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37327",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:21.190",
"lastModified": "2024-08-08T18:42:50.373",
"lastModified": "2024-08-20T15:47:34.730",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-373xx/CVE-2024-37328.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37328",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:21.387",
"lastModified": "2024-08-08T18:43:07.557",
"lastModified": "2024-08-20T15:47:37.937",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-373xx/CVE-2024-37329.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37329",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:21.660",
"lastModified": "2024-08-08T18:43:34.633",
"lastModified": "2024-08-20T15:48:13.367",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-373xx/CVE-2024-37330.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37330",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:21.910",
"lastModified": "2024-08-08T18:43:52.897",
"lastModified": "2024-08-20T15:48:22.567",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-373xx/CVE-2024-37331.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37331",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:22.113",
"lastModified": "2024-08-08T18:44:18.053",
"lastModified": "2024-08-20T15:48:27.130",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-373xx/CVE-2024-37332.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37332",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:22.313",
"lastModified": "2024-08-08T18:44:37.320",
"lastModified": "2024-08-20T15:48:28.910",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-373xx/CVE-2024-37333.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37333",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:22.523",
"lastModified": "2024-08-08T18:44:55.343",
"lastModified": "2024-08-20T15:48:30.967",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-373xx/CVE-2024-37336.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37336",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:22.927",
"lastModified": "2024-08-08T18:45:37.537",
"lastModified": "2024-08-20T15:48:32.967",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

75
CVE-2024/CVE-2024-378xx/CVE-2024-37856.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37856",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-29T19:15:12.177",
"lastModified": "2024-07-30T13:33:30.653",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-20T14:46:55.027",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,82 @@
"value": " La vulnerabilidad de Cross Site Scripting en Lost and Found Information System 1.0 permite a un atacante remoto escalar privilegios a trav\u00e9s de los campos de first, last y middle name en la p\u00e1gina de perfil de usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:lost_and_found_information_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14CF403B-DF0C-4796-8B10-689075DC8A35"
}
]
}
]
}
],
"references": [
{
"url": "http://lost.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Product"
]
},
{
"url": "https://packetstormsecurity.com/files/179078/Lost-And-Found-Information-System-1.0-Cross-Site-Scripting.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.sourcecodester.com/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
}
]
}

46
CVE-2024/CVE-2024-380xx/CVE-2024-38087.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-38087",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:44.673",
"lastModified": "2024-08-08T18:45:56.203",
"lastModified": "2024-08-20T15:48:35.217",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

46
CVE-2024/CVE-2024-380xx/CVE-2024-38088.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-38088",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-07-09T17:15:44.933",
"lastModified": "2024-08-08T18:31:54.827",
"lastModified": "2024-08-20T15:48:38.620",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -70,43 +70,55 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFCC7A2-8975-49C9-BD67-A325D9551AA9"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0.6441.1",
"matchCriteriaId": "B958A8F2-7B51-4A68-8E58-CF91ADF5D067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E63B842-F49A-4F5F-A547-AF8DF7324541"
"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.7000.253",
"versionEndExcluding": "13.0.7037.1",
"matchCriteriaId": "13AD7527-DD44-45C5-AC2F-F0FC657C12E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.2056.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0CC093-7A7E-4994-BB1B-72C1B050C297"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0.2056.2",
"matchCriteriaId": "F706C3CC-0C04-40E7-AA52-9B98DF7CFB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:14.0.3471.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEAE594-FE38-49B2-9C52-6CD88CF9A4D5"
"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0.3456.2",
"versionEndExcluding": "14.0.3471.2",
"matchCriteriaId": "0FBD2AAD-6635-4840-A4A0-8C04AB50BA8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7608D770-BD38-416D-9BDA-6A3BE804379F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.2116.2",
"matchCriteriaId": "8AE7C7AB-2B2B-4822-98BE-D1E7E53FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB32724-0AA2-40E4-9C2E-9332295B544F"
"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.4375.4",
"versionEndExcluding": "15.0.4382.1",
"matchCriteriaId": "AA37D611-EA4F-4D4F-A79B-FE65726DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D278A8-2E03-4C9F-880E-236AC63B8947"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.1121.4",
"matchCriteriaId": "A14154AC-1DC3-42B7-B45A-916C9ACFD237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9ECDA-39C4-45AA-870D-92DD18F1E7EF"
"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.4125.3",
"versionEndExcluding": "16.0.4131.2",
"matchCriteriaId": "7391BD2B-431E-4F65-878A-1BE8D389B3FE"
}
]
}

8
CVE-2024/CVE-2024-388xx/CVE-2024-38808.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-38808",
"sourceIdentifier": "security@vmware.com",
"published": "2024-08-20T08:15:05.023",
"lastModified": "2024-08-20T08:15:05.023",
"vulnStatus": "Received",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition.\n\nSpecifically, an application is vulnerable when the following is true:\n\n * The application evaluates user-supplied SpEL expressions."
},
{
"lang": "es",
"value": "En las versiones de Spring Framework 5.3.0 - 5.3.38 y versiones anteriores no compatibles, es posible que un usuario proporcione una expresi\u00f3n Spring Expression Language (SpEL) especialmente manipulada que puede causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Espec\u00edficamente, una aplicaci\u00f3n es vulnerable cuando se cumple lo siguiente: * La aplicaci\u00f3n eval\u00faa expresiones SpEL proporcionadas por el usuario."
}
],
"metrics": {

8
CVE-2024/CVE-2024-388xx/CVE-2024-38810.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-38810",
"sourceIdentifier": "security@vmware.com",
"published": "2024-08-20T04:15:07.993",
"lastModified": "2024-08-20T04:15:07.993",
"vulnStatus": "Received",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization When Using @AuthorizeReturnObject in Spring Security 6.3.0 and 6.3.1 allows attacker to render security annotations inaffective."
},
{
"lang": "es",
"value": "La falta de autorizaci\u00f3n al usar @AuthorizeReturnObject en Spring Security 6.3.0 y 6.3.1 permite al atacante hacer que las anotaciones de seguridad sean inefectivas."
}
],
"metrics": {

29
CVE-2024/CVE-2024-390xx/CVE-2024-39094.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-39094",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T14:15:09.330",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Friendica 2024.03 is vulnerable to Cross Site Scripting (XSS) in settings/profile via the homepage, xmpp, and matrix parameters."
}
],
"metrics": {},
"references": [
{
"url": "https://friendi.ca/2024/08/17/friendica-2024-08-released/",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/friendica/friendica/issues/14220",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/friendica/friendica/releases/tag/2024.08",
"source": "cve@mitre.org"
}
]
}

34
CVE-2024/CVE-2024-392xx/CVE-2024-39277.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39277",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-21T12:15:11.330",
"lastModified": "2024-06-24T19:17:48.380",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-20T14:35:25.887",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-394xx/CVE-2024-39495.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39495",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-12T13:15:12.183",
"lastModified": "2024-07-24T19:04:38.953",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-20T15:35:19.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

60
CVE-2024/CVE-2024-396xx/CVE-2024-39690.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-39690",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-20T15:15:21.340",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Capsule is a multi-tenancy and policy-based framework for Kubernetes. In Capsule v0.7.0 and earlier, the tenant-owner can patch any arbitrary namespace that has not been taken over by a tenant (i.e., namespaces without the ownerReference field), thereby gaining control of that namespace."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.7,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://github.com/projectcapsule/capsule/commit/d620b0457ddec01616b8eab8512a10611611f584",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/projectcapsule/capsule/security/advisories/GHSA-mq69-4j5w-3qwp",
"source": "security-advisories@github.com"
}
]
}

209
CVE-2024/CVE-2024-407xx/CVE-2024-40774.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40774",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:11.250",
"lastModified": "2024-07-30T13:32:45.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T15:16:40.210",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,55 +15,234 @@
"value": "Se solucion\u00f3 un problema de degradaci\u00f3n con restricciones adicionales de firma de c\u00f3digo. Este problema se solucion\u00f3 en macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 y iPadOS 17.6, watchOS 10.6, tvOS 17.6, macOS Sonoma 14.6. Es posible que una aplicaci\u00f3n pueda omitir las preferencias de privacidad."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.7.6",
"matchCriteriaId": "3556C7C3-14B6-4846-B3E8-FE07A503155F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6.8",
"matchCriteriaId": "7008225C-B5B9-4F87-9392-DD2080717E9A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.6",
"matchCriteriaId": "51E2E93B-C5A3-4C83-B806-2EC555AD45FE"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "1E393815-B3B5-4FF9-9D1D-AA3EA9C5D352"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "A8A1B228-89B1-470E-9B6E-8553E561E062"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.6",
"matchCriteriaId": "035D8460-BD6F-4696-9D7B-BA571A994FD0"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "9FB1D28B-EF0E-4CA0-90F7-073A85D001E5"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/16",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/18",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/19",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/20",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/21",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/22",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214117",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214118",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214119",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214120",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214122",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214124",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

109
CVE-2024/CVE-2024-407xx/CVE-2024-40775.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40775",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:11.317",
"lastModified": "2024-07-30T13:32:45.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T15:17:36.110",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,122 @@
"value": " Se solucion\u00f3 un problema de degradaci\u00f3n con restricciones adicionales de firma de c\u00f3digo. Este problema se solucion\u00f3 en macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. Es posible que una aplicaci\u00f3n pueda filtrar informaci\u00f3n confidencial del usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.7.6",
"matchCriteriaId": "3556C7C3-14B6-4846-B3E8-FE07A503155F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6.8",
"matchCriteriaId": "7008225C-B5B9-4F87-9392-DD2080717E9A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.6",
"matchCriteriaId": "51E2E93B-C5A3-4C83-B806-2EC555AD45FE"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/18",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/19",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/20",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214118",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214119",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214120",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

258
CVE-2024/CVE-2024-407xx/CVE-2024-40776.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40776",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:11.387",
"lastModified": "2024-08-13T18:15:32.063",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T15:19:59.547",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,67 +15,289 @@
"value": "Se solucion\u00f3 un problema de use after free con una gesti\u00f3n de memoria mejorada. Este problema se solucion\u00f3 en iOS 16.7.9 y iPadOS 16.7.9, Safari 17.6, iOS 17.6 y iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. El procesamiento de contenido web creado con fines malintencionados puede provocar un fallo inesperado del proceso."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.9",
"matchCriteriaId": "1ACEA981-1D96-49F1-8048-74D21D71FD39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.6",
"matchCriteriaId": "34E8C966-19C7-4376-A0C3-A242720F62DF"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.9",
"matchCriteriaId": "29A9994D-AE71-45E0-8CC5-E6219420F7E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.6",
"matchCriteriaId": "B191C80F-3801-4AD0-9A63-EB294A029D7C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.6",
"matchCriteriaId": "687902EF-637F-4537-B419-15A1695370B9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "A7AF9041-5C4F-42CB-99E5-5276DB6AC07C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.6",
"matchCriteriaId": "EAD3816E-78FB-420B-9D78-5EE610FFC1ED"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "9FB1D28B-EF0E-4CA0-90F7-073A85D001E5"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3",
"matchCriteriaId": "CDBCE187-329C-4B1C-89B7-7D45A7946AF4"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/15",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/16",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/17",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/18",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/21",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/22",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/23",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214116",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214117",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214119",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214121",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214122",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214123",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214124",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://www.secpod.com/blog/apple-fixes-multiple-security-vulnerabilities-in-july-2024-updates/",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
}
]
}

34
CVE-2024/CVE-2024-409xx/CVE-2024-40902.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40902",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-12T13:15:13.583",
"lastModified": "2024-07-24T18:52:23.540",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-20T14:35:26.807",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"configurations": [

4
CVE-2024/CVE-2024-416xx/CVE-2024-41697.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41697",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2024-08-20T12:15:05.313",
"lastModified": "2024-08-20T12:15:05.313",
"vulnStatus": "Received",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-416xx/CVE-2024-41698.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41698",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2024-08-20T12:15:06.007",
"lastModified": "2024-08-20T12:15:06.007",
"vulnStatus": "Received",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-416xx/CVE-2024-41699.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41699",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2024-08-20T12:15:06.650",
"lastModified": "2024-08-20T12:15:06.650",
"vulnStatus": "Received",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-417xx/CVE-2024-41700.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41700",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2024-08-20T12:15:07.143",
"lastModified": "2024-08-20T12:15:07.143",
"vulnStatus": "Received",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

Some files were not shown because too many files have changed in this diff Show More