admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-30T21:00:25.463510+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-30 21:00:29 +00:00
parent 47eaa41341
commit 970892155d
37 changed files with 933 additions and 167 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
CVE-2020/CVE-2020-278xx/CVE-2020-27820.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-27820",
"sourceIdentifier": "secalert@redhat.com",
"published": "2021-11-03T00:15:07.550",
"lastModified": "2023-02-12T23:40:52.283",
"vulnStatus": "Modified",
"lastModified": "2024-01-30T20:48:01.983",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -94,8 +94,54 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartExcluding": "2.6.12",
"versionEndExcluding": "5.4.162",
"matchCriteriaId": "74514138-449C-4AE6-BA1E-3F704FCBE895"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartExcluding": "5.5",
"versionEndExcluding": "5.10.82",
"matchCriteriaId": "C9D1E0FE-8CE2-4486-9796-863263EEB78B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartExcluding": "5.11",
"versionEndExcluding": "5.15.5",
"matchCriteriaId": "29F682A8-8AFD-4F2D-BDD0-29857FEC2DB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*",
"matchCriteriaId": "6F62EECE-8FB1-4D57-85D8-CB9E23CF313C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4F76C298-81DC-43E4-8FC9-DC005A2116EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0AB349B2-3F78-4197-882B-90ADB3BF645A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "6AC88830-A9BC-4607-B572-A4B502FC9FD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*",
"matchCriteriaId": "476CB3A5-D022-4F13-AAEF-CB6A5785516A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*",
"matchCriteriaId": "8CFD5CDD-1709-44C7-82BD-BAFDC46990D6"
}
]
}
@ -115,6 +161,31 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA"
}
]
}
]
}
],
"references": [
@ -129,19 +200,34 @@
},
{
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Vendor Advisory"
]
},
{
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Vendor Advisory"
]
},
{
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Vendor Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}
]
}

40
CVE-2021/CVE-2021-327xx/CVE-2021-32785.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-32785",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-07-22T22:15:08.140",
"lastModified": "2023-05-25T20:18:46.990",
"vulnStatus": "Modified",
"lastModified": "2024-01-30T20:47:54.257",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -135,6 +135,36 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
@ -164,7 +194,11 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00034.html",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20210902-0001/",

32
CVE-2021/CVE-2021-438xx/CVE-2021-43803.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-43803",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-12-10T00:15:11.827",
"lastModified": "2024-01-29T19:58:25.310",
"lastModified": "2024-01-30T20:36:34.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -86,36 +86,6 @@
}
],
"configurations": [
{
"nodes": [
{
"operator": "AND",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"versionStartIncluding": "15.0.0",
"matchCriteriaId": "996A6068-7CAE-416C-AF03-DB2A94F813D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*",
"versionStartIncluding": "11.1.0",
"versionEndExcluding": "11.1.3",
"matchCriteriaId": "D413EFEB-941C-4FDD-BA04-32B7902BCFE7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.0.5",
"matchCriteriaId": "C1457A80-9287-4C15-9AF3-8CE57500C4AA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [

17
CVE-2023/CVE-2023-31xx/CVE-2023-3164.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3164",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-02T12:15:09.543",
"lastModified": "2023-12-20T19:13:34.823",
"lastModified": "2024-01-30T20:26:45.633",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -89,9 +89,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fossies:gawk:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.1.1",
"matchCriteriaId": "11B1DE0E-6CC3-4961-9FA2-74E21015023F"
"criteria": "cpe:2.3:a:libtiff:libtiff:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FFD25C1-A304-486F-A36B-7167EEF33388"
}
]
}
@ -107,6 +106,16 @@
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}

4
CVE-2023/CVE-2023-375xx/CVE-2023-37518.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37518",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-01-30T16:15:46.330",
"lastModified": "2024-01-30T16:15:46.330",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:49:05.470",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

61
CVE-2023/CVE-2023-442xx/CVE-2023-44281.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-44281",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-01-24T16:15:08.110",
"lastModified": "2024-01-24T18:45:34.830",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-30T20:17:50.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nDell Pair Installer version prior to 1.2.1 contains an elevation of privilege vulnerability. A low privilege user with local access to the system could potentially exploit this vulnerability to delete arbitrary files and result in Denial of Service.\n\n"
},
{
"lang": "es",
"value": "La versi\u00f3n de Dell Pair Installer anterior a la 1.2.1 contiene una vulnerabilidad de elevaci\u00f3n de privilegios. Un usuario con privilegios bajos y acceso local al sistema podr\u00eda explotar esta vulnerabilidad para eliminar archivos arbitrarios y provocar una denegaci\u00f3n de servicio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "security_alert@emc.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security_alert@emc.com",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:pair:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.1",
"matchCriteriaId": "AD8235CA-F55B-43C3-9EDF-9E6550915BDF"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000219185/dsa-2023-141",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-462xx/CVE-2023-46230.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46230",
"sourceIdentifier": "prodsec@splunk.com",
"published": "2024-01-30T17:15:09.893",
"lastModified": "2024-01-30T17:15:09.893",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-462xx/CVE-2023-46231.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46231",
"sourceIdentifier": "prodsec@splunk.com",
"published": "2024-01-30T17:15:10.117",
"lastModified": "2024-01-30T17:15:10.117",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

6
CVE-2023/CVE-2023-464xx/CVE-2023-46407.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-46407",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-27T20:15:09.087",
"lastModified": "2023-11-07T19:51:29.673",
"lastModified": "2024-01-30T20:17:05.310",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -60,8 +60,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023-10-17",
"matchCriteriaId": "DC1BC71D-263C-4F1A-883F-39ACE3BBA18F"
"versionEndExcluding": "6.1",
"matchCriteriaId": "54E3D89D-E427-413B-A8E1-C9ED6D2409F3"
}
]
}

80
CVE-2023/CVE-2023-520xx/CVE-2023-52039.json
View File

@ -2,19 +2,91 @@
"id": "CVE-2023-52039",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T18:15:08.500",
"lastModified": "2024-01-24T18:45:30.823",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-30T20:59:31.530",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary commands via the sub_415AA4 function."
},
{
"lang": "es",
"value": "Un problema descubierto en TOTOLINK X6000R v9.4.0cu.852_B20230719 permite a atacantes ejecutar comandos arbitrarios a trav\u00e9s de la funci\u00f3n sub_415AA4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:x6000r_firmware:9.4.0cu.852_b20230719:*:*:*:*:*:*:*",
"matchCriteriaId": "846390E3-B033-4B17-A141-49E30AF76264"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:x6000r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "178FD1FA-9A62-48B7-B219-938F48ADD8BB"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Beckaf/vunl/blob/main/TOTOLINK/X6000R/2/2.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

80
CVE-2023/CVE-2023-520xx/CVE-2023-52040.json
View File

@ -2,19 +2,91 @@
"id": "CVE-2023-52040",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T18:15:08.557",
"lastModified": "2024-01-24T18:45:30.823",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-30T20:55:36.447",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary commands via the sub_41284C function."
},
{
"lang": "es",
"value": "Un problema descubierto en TOTOLINK X6000R v9.4.0cu.852_B20230719 permite a atacantes ejecutar comandos arbitrarios a trav\u00e9s de la funci\u00f3n sub_41284C."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:x6000r_firmware:9.4.0cu.852_b20230719:*:*:*:*:*:*:*",
"matchCriteriaId": "846390E3-B033-4B17-A141-49E30AF76264"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:x6000r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "178FD1FA-9A62-48B7-B219-938F48ADD8BB"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Beckaf/vunl/blob/main/TOTOLINK/X6000R/3/3.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-523xx/CVE-2023-52331.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52331",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:09.633",
"lastModified": "2024-01-24T13:49:03.187",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-30T20:10:23.003",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,74 @@
"value": "Una vulnerabilidad de server-side request forgery (SSRF) posterior a la autenticaci\u00f3n en Trend Micro Apex Central podr\u00eda permitir a un atacante interactuar directamente con servicios internos o locales. Tenga en cuenta: un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:windows:*:*",
"matchCriteriaId": "7F2620DA-8727-43FF-8A4D-72145CDDE4CD"
}
]
}
]
}
],
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-052/",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

59
CVE-2023/CVE-2023-53xx/CVE-2023-5389.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5389",
"sourceIdentifier": "psirt@honeywell.com",
"published": "2024-01-30T20:15:45.420",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nAn attacker could potentially exploit this vulnerability, leading to the ability to modify files on Honeywell Experion VirtualUOC and UOC . This exploit could be used to write a file that may result in unexpected behavior based on configuration changes or updating of files that could result in subsequent execution of a malicious application if triggered. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning.\u00a0"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@honeywell.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "psirt@honeywell.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-749"
}
]
}
],
"references": [
{
"url": "https://process.honeywell.com",
"source": "psirt@honeywell.com"
},
{
"url": "https://www.honeywell.com/us/en/product-security",
"source": "psirt@honeywell.com"
}
]
}

4
CVE-2023/CVE-2023-62xx/CVE-2023-6258.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6258",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-30T17:15:10.657",
"lastModified": "2024-01-30T17:15:10.657",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

68
CVE-2023/CVE-2023-66xx/CVE-2023-6697.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6697",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-24T14:15:08.320",
"lastModified": "2024-01-24T18:45:34.830",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-30T20:25:21.367",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the map id parameter in all versions up to, and including, 9.0.28 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El complemento WP Go Maps (anteriormente WP Google Maps) para WordPress es vulnerable a Cross-Site Scripting Reflejado a trav\u00e9s del par\u00e1metro de identificaci\u00f3n del mapa en todas las versiones hasta la 9.0.28 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes no autenticados inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpgmaps:wp_go_maps:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "9.0.28",
"matchCriteriaId": "5E1FA5AE-BDC4-4445-A6EA-06CA9A7DDA19"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3022232/wp-google-maps/trunk/html/atlas-novus/map-edit-page/map-edit-page.html.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b3c3115b-8921-429d-b517-b946edab1cd5?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-10xx/CVE-2024-1019.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1019",
"sourceIdentifier": "vulnerability@ncsc.ch",
"published": "2024-01-30T16:15:47.123",
"lastModified": "2024-01-30T16:15:47.123",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:49:05.470",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-10xx/CVE-2024-1035.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1035",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-30T16:15:47.350",
"lastModified": "2024-01-30T16:15:47.350",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-10xx/CVE-2024-1036.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1036",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-30T18:15:47.300",
"lastModified": "2024-01-30T18:15:47.300",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-213xx/CVE-2024-21388.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21388",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-30T18:15:48.140",
"lastModified": "2024-01-30T18:15:48.140",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-216xx/CVE-2024-21649.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21649",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-30T16:15:47.653",
"lastModified": "2024-01-30T16:15:47.653",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-216xx/CVE-2024-21653.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21653",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-30T16:15:47.863",
"lastModified": "2024-01-30T16:15:47.863",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-216xx/CVE-2024-21671.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21671",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-30T16:15:48.090",
"lastModified": "2024-01-30T16:15:48.090",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

51
CVE-2024/CVE-2024-221xx/CVE-2024-22141.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-22141",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-24T15:15:08.730",
"lastModified": "2024-01-24T18:45:34.830",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-30T20:18:38.460",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Cozmoslabs Profile Builder Pro.This issue affects Profile Builder Pro: from n/a through 3.10.0.\n\n"
},
{
"lang": "es",
"value": "Exposici\u00f3n de informaci\u00f3n confidencial a una vulnerabilidad de actor no autorizado en Cozmoslabs Profile Builder Pro. Este problema afecta a Profile Builder Pro: desde n/a hasta 3.10.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cozmoslabs:profile_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.10.0",
"matchCriteriaId": "AFFF2152-4BE0-4896-978B-DDF6AD396A5F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/profile-builder-pro/wordpress-profile-builder-pro-plugin-3-10-0-totp-secret-key-exposure-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-221xx/CVE-2024-22193.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22193",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-30T16:15:48.310",
"lastModified": "2024-01-30T16:15:48.310",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-222xx/CVE-2024-22200.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22200",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-30T16:15:48.553",
"lastModified": "2024-01-30T16:15:48.553",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

81
CVE-2024/CVE-2024-226xx/CVE-2024-22651.json
View File

@ -2,19 +2,92 @@
"id": "CVE-2024-22651",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T16:15:08.630",
"lastModified": "2024-01-24T18:45:34.830",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-30T20:16:01.783",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "There is a command injection vulnerability in the ssdpcgi_main function of cgibin binary in D-Link DIR-815 router firmware v1.04."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en la funci\u00f3n ssdpcgi_main del binario cgibin en el firmware del router D-Link DIR-815 v1.04."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-815_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.04",
"matchCriteriaId": "BA004615-CEB4-4034-B877-CC4D95F10E54"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50618B63-304B-4A61-AA50-5154E8690E88"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/goldds96/Report/blob/main/DLink/DIR-815/CI.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-227xx/CVE-2024-22720.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2024-22720",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T18:15:08.820",
"lastModified": "2024-01-24T18:45:30.823",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-30T20:51:16.247",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Kanboard 1.2.34 is vulnerable to Html Injection in the group management feature."
},
{
"lang": "es",
"value": "Kanboard 1.2.34 es vulnerable a la inyecci\u00f3n HTML en la funci\u00f3n de administraci\u00f3n de grupos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kanboard:kanboard:1.2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "18A3F10C-E5F4-4506-801E-5D0C3CD322B2"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cupc4k3.medium.com/html-injection-vulnerability-in-kanboard-group-management-d9fe5154bb1b",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

73
CVE-2024/CVE-2024-227xx/CVE-2024-22725.json
View File

@ -2,23 +2,86 @@
"id": "CVE-2024-22725",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T16:15:08.687",
"lastModified": "2024-01-24T18:45:34.830",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-30T20:42:46.143",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting (XSS) vulnerability. The vulnerability was present in the server's error reporting."
},
{
"lang": "es",
"value": "Las versiones de Orthanc anteriores a la 1.12.2 se ven afectadas por una vulnerabilidad de Cross-Site Scripting (XSS) Reflejada. La vulnerabilidad estaba presente en el informe de errores del servidor."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:orthanc-server:orthanc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.12.2",
"matchCriteriaId": "827A2105-9CD7-4E8C-8BBE-582BD99B8C6E"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://orthanc.uclouvain.be/hg/orthanc/file/Orthanc-1.12.2/NEWS",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://orthanc.uclouvain.be/hg/orthanc/rev/505416b269a0",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

4
CVE-2024/CVE-2024-236xx/CVE-2024-23647.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23647",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-30T17:15:10.913",
"lastModified": "2024-01-30T17:15:10.913",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-238xx/CVE-2024-23825.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23825",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-30T17:15:11.180",
"lastModified": "2024-01-30T17:15:11.180",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-238xx/CVE-2024-23838.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23838",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-30T17:15:11.437",
"lastModified": "2024-01-30T17:15:11.437",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-238xx/CVE-2024-23840.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23840",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-30T17:15:11.810",
"lastModified": "2024-01-30T17:15:11.810",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-238xx/CVE-2024-23841.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23841",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-30T18:15:48.313",
"lastModified": "2024-01-30T18:15:48.313",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-245xx/CVE-2024-24556.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24556",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-30T18:15:48.507",
"lastModified": "2024-01-30T18:15:48.507",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2024/CVE-2024-245xx/CVE-2024-24558.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-24558",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-30T20:15:45.690",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "TanStack Query supplies asynchronous state management, server-state utilities and data fetching for the web. The `@tanstack/react-query-next-experimental` NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this, an attacker would need to either inject malicious input or arrange to have malicious input be returned from an endpoint. To fix this issue, please update to version 5.18.0 or later.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/TanStack/query/commit/f2ddaf2536e8b71d2da88a9310ac9a48c13512a1",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/TanStack/query/security/advisories/GHSA-997g-27x8-43rf",
"source": "security-advisories@github.com"
}
]
}

4
CVE-2024/CVE-2024-245xx/CVE-2024-24565.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24565",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-30T17:15:12.110",
"lastModified": "2024-01-30T17:15:12.110",
"vulnStatus": "Received",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

74
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-30T19:00:25.709460+00:00
2024-01-30T21:00:25.463510+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-30T18:45:29.687000+00:00
2024-01-30T20:59:31.530000+00:00
```
### Last Data Feed Release
@ -29,56 +29,46 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
237152
237154
```
### CVEs added in the last Commit
Recently added CVEs: `12`
Recently added CVEs: `2`
* [CVE-2023-46230](CVE-2023/CVE-2023-462xx/CVE-2023-46230.json) (`2024-01-30T17:15:09.893`)
* [CVE-2023-46231](CVE-2023/CVE-2023-462xx/CVE-2023-46231.json) (`2024-01-30T17:15:10.117`)
* [CVE-2023-6258](CVE-2023/CVE-2023-62xx/CVE-2023-6258.json) (`2024-01-30T17:15:10.657`)
* [CVE-2024-23647](CVE-2024/CVE-2024-236xx/CVE-2024-23647.json) (`2024-01-30T17:15:10.913`)
* [CVE-2024-23825](CVE-2024/CVE-2024-238xx/CVE-2024-23825.json) (`2024-01-30T17:15:11.180`)
* [CVE-2024-23838](CVE-2024/CVE-2024-238xx/CVE-2024-23838.json) (`2024-01-30T17:15:11.437`)
* [CVE-2024-23840](CVE-2024/CVE-2024-238xx/CVE-2024-23840.json) (`2024-01-30T17:15:11.810`)
* [CVE-2024-24565](CVE-2024/CVE-2024-245xx/CVE-2024-24565.json) (`2024-01-30T17:15:12.110`)
* [CVE-2024-1036](CVE-2024/CVE-2024-10xx/CVE-2024-1036.json) (`2024-01-30T18:15:47.300`)
* [CVE-2024-21388](CVE-2024/CVE-2024-213xx/CVE-2024-21388.json) (`2024-01-30T18:15:48.140`)
* [CVE-2024-23841](CVE-2024/CVE-2024-238xx/CVE-2024-23841.json) (`2024-01-30T18:15:48.313`)
* [CVE-2024-24556](CVE-2024/CVE-2024-245xx/CVE-2024-24556.json) (`2024-01-30T18:15:48.507`)
* [CVE-2023-5389](CVE-2023/CVE-2023-53xx/CVE-2023-5389.json) (`2024-01-30T20:15:45.420`)
* [CVE-2024-24558](CVE-2024/CVE-2024-245xx/CVE-2024-24558.json) (`2024-01-30T20:15:45.690`)
### CVEs modified in the last Commit
Recently modified CVEs: `33`
Recently modified CVEs: `34`
* [CVE-2023-47200](CVE-2023/CVE-2023-472xx/CVE-2023-47200.json) (`2024-01-30T17:24:40.857`)
* [CVE-2023-47198](CVE-2023/CVE-2023-471xx/CVE-2023-47198.json) (`2024-01-30T17:32:16.743`)
* [CVE-2023-52094](CVE-2023/CVE-2023-520xx/CVE-2023-52094.json) (`2024-01-30T17:37:53.377`)
* [CVE-2023-47192](CVE-2023/CVE-2023-471xx/CVE-2023-47192.json) (`2024-01-30T17:41:04.340`)
* [CVE-2023-47193](CVE-2023/CVE-2023-471xx/CVE-2023-47193.json) (`2024-01-30T17:57:51.480`)
* [CVE-2023-47194](CVE-2023/CVE-2023-471xx/CVE-2023-47194.json) (`2024-01-30T18:02:29.137`)
* [CVE-2023-47195](CVE-2023/CVE-2023-471xx/CVE-2023-47195.json) (`2024-01-30T18:15:40.130`)
* [CVE-2023-45779](CVE-2023/CVE-2023-457xx/CVE-2023-45779.json) (`2024-01-30T18:15:47.110`)
* [CVE-2023-47196](CVE-2023/CVE-2023-471xx/CVE-2023-47196.json) (`2024-01-30T18:19:27.810`)
* [CVE-2023-47197](CVE-2023/CVE-2023-471xx/CVE-2023-47197.json) (`2024-01-30T18:29:22.343`)
* [CVE-2023-47199](CVE-2023/CVE-2023-471xx/CVE-2023-47199.json) (`2024-01-30T18:33:49.407`)
* [CVE-2023-52324](CVE-2023/CVE-2023-523xx/CVE-2023-52324.json) (`2024-01-30T18:40:32.970`)
* [CVE-2023-52325](CVE-2023/CVE-2023-523xx/CVE-2023-52325.json) (`2024-01-30T18:45:29.687`)
* [CVE-2024-0854](CVE-2024/CVE-2024-08xx/CVE-2024-0854.json) (`2024-01-30T17:01:37.127`)
* [CVE-2024-23211](CVE-2024/CVE-2024-232xx/CVE-2024-23211.json) (`2024-01-30T17:07:02.920`)
* [CVE-2024-22134](CVE-2024/CVE-2024-221xx/CVE-2024-22134.json) (`2024-01-30T17:07:24.310`)
* [CVE-2024-23210](CVE-2024/CVE-2024-232xx/CVE-2024-23210.json) (`2024-01-30T17:21:38.127`)
* [CVE-2024-23208](CVE-2024/CVE-2024-232xx/CVE-2024-23208.json) (`2024-01-30T17:32:04.487`)
* [CVE-2024-22135](CVE-2024/CVE-2024-221xx/CVE-2024-22135.json) (`2024-01-30T17:34:58.917`)
* [CVE-2024-22152](CVE-2024/CVE-2024-221xx/CVE-2024-22152.json) (`2024-01-30T17:36:20.533`)
* [CVE-2024-22284](CVE-2024/CVE-2024-222xx/CVE-2024-22284.json) (`2024-01-30T17:43:02.180`)
* [CVE-2024-22294](CVE-2024/CVE-2024-222xx/CVE-2024-22294.json) (`2024-01-30T17:44:30.747`)
* [CVE-2024-22301](CVE-2024/CVE-2024-223xx/CVE-2024-22301.json) (`2024-01-30T17:44:59.847`)
* [CVE-2024-22308](CVE-2024/CVE-2024-223xx/CVE-2024-22308.json) (`2024-01-30T17:45:59.927`)
* [CVE-2024-23218](CVE-2024/CVE-2024-232xx/CVE-2024-23218.json) (`2024-01-30T17:56:02.483`)
* [CVE-2023-46231](CVE-2023/CVE-2023-462xx/CVE-2023-46231.json) (`2024-01-30T20:48:58.267`)
* [CVE-2023-6258](CVE-2023/CVE-2023-62xx/CVE-2023-6258.json) (`2024-01-30T20:48:58.267`)
* [CVE-2023-37518](CVE-2023/CVE-2023-375xx/CVE-2023-37518.json) (`2024-01-30T20:49:05.470`)
* [CVE-2023-52040](CVE-2023/CVE-2023-520xx/CVE-2023-52040.json) (`2024-01-30T20:55:36.447`)
* [CVE-2023-52039](CVE-2023/CVE-2023-520xx/CVE-2023-52039.json) (`2024-01-30T20:59:31.530`)
* [CVE-2024-22651](CVE-2024/CVE-2024-226xx/CVE-2024-22651.json) (`2024-01-30T20:16:01.783`)
* [CVE-2024-22141](CVE-2024/CVE-2024-221xx/CVE-2024-22141.json) (`2024-01-30T20:18:38.460`)
* [CVE-2024-22725](CVE-2024/CVE-2024-227xx/CVE-2024-22725.json) (`2024-01-30T20:42:46.143`)
* [CVE-2024-1035](CVE-2024/CVE-2024-10xx/CVE-2024-1035.json) (`2024-01-30T20:48:58.267`)
* [CVE-2024-21649](CVE-2024/CVE-2024-216xx/CVE-2024-21649.json) (`2024-01-30T20:48:58.267`)
* [CVE-2024-21653](CVE-2024/CVE-2024-216xx/CVE-2024-21653.json) (`2024-01-30T20:48:58.267`)
* [CVE-2024-21671](CVE-2024/CVE-2024-216xx/CVE-2024-21671.json) (`2024-01-30T20:48:58.267`)
* [CVE-2024-22193](CVE-2024/CVE-2024-221xx/CVE-2024-22193.json) (`2024-01-30T20:48:58.267`)
* [CVE-2024-22200](CVE-2024/CVE-2024-222xx/CVE-2024-22200.json) (`2024-01-30T20:48:58.267`)
* [CVE-2024-23647](CVE-2024/CVE-2024-236xx/CVE-2024-23647.json) (`2024-01-30T20:48:58.267`)
* [CVE-2024-23825](CVE-2024/CVE-2024-238xx/CVE-2024-23825.json) (`2024-01-30T20:48:58.267`)
* [CVE-2024-23838](CVE-2024/CVE-2024-238xx/CVE-2024-23838.json) (`2024-01-30T20:48:58.267`)
* [CVE-2024-23840](CVE-2024/CVE-2024-238xx/CVE-2024-23840.json) (`2024-01-30T20:48:58.267`)
* [CVE-2024-24565](CVE-2024/CVE-2024-245xx/CVE-2024-24565.json) (`2024-01-30T20:48:58.267`)
* [CVE-2024-1036](CVE-2024/CVE-2024-10xx/CVE-2024-1036.json) (`2024-01-30T20:48:58.267`)
* [CVE-2024-21388](CVE-2024/CVE-2024-213xx/CVE-2024-21388.json) (`2024-01-30T20:48:58.267`)
* [CVE-2024-23841](CVE-2024/CVE-2024-238xx/CVE-2024-23841.json) (`2024-01-30T20:48:58.267`)
* [CVE-2024-24556](CVE-2024/CVE-2024-245xx/CVE-2024-24556.json) (`2024-01-30T20:48:58.267`)
* [CVE-2024-1019](CVE-2024/CVE-2024-10xx/CVE-2024-1019.json) (`2024-01-30T20:49:05.470`)
* [CVE-2024-22720](CVE-2024/CVE-2024-227xx/CVE-2024-22720.json) (`2024-01-30T20:51:16.247`)
## Download and Usage