From 9839b24941c3b809a87885c788c6d1bb7f11e23d Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 1 Feb 2024 15:00:28 +0000 Subject: [PATCH] Auto-Update: 2024-02-01T15:00:24.902229+00:00 --- CVE-2023/CVE-2023-258xx/CVE-2023-25832.json | 16 ++++- CVE-2023/CVE-2023-275xx/CVE-2023-27559.json | 14 ++-- CVE-2023/CVE-2023-306xx/CVE-2023-30631.json | 73 ++++++++++++++++++-- CVE-2023/CVE-2023-323xx/CVE-2023-32305.json | 9 ++- CVE-2023/CVE-2023-344xx/CVE-2023-34455.json | 22 ++++-- CVE-2023/CVE-2023-359xx/CVE-2023-35936.json | 26 ++++++- CVE-2023/CVE-2023-372xx/CVE-2023-37283.json | 6 +- CVE-2023/CVE-2023-374xx/CVE-2023-37466.json | 17 +++-- CVE-2023/CVE-2023-376xx/CVE-2023-37621.json | 4 +- CVE-2023/CVE-2023-379xx/CVE-2023-37903.json | 21 ++++-- CVE-2023/CVE-2023-392xx/CVE-2023-39219.json | 6 +- CVE-2023/CVE-2023-515xx/CVE-2023-51506.json | 4 +- CVE-2023/CVE-2023-515xx/CVE-2023-51509.json | 4 +- CVE-2023/CVE-2023-515xx/CVE-2023-51514.json | 4 +- CVE-2023/CVE-2023-515xx/CVE-2023-51520.json | 4 +- CVE-2023/CVE-2023-515xx/CVE-2023-51532.json | 4 +- CVE-2023/CVE-2023-515xx/CVE-2023-51534.json | 4 +- CVE-2023/CVE-2023-515xx/CVE-2023-51536.json | 4 +- CVE-2023/CVE-2023-515xx/CVE-2023-51540.json | 4 +- CVE-2023/CVE-2023-515xx/CVE-2023-51548.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51666.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51669.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51674.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51677.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51684.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51685.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51689.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51690.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51691.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51693.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51694.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51695.json | 4 +- CVE-2023/CVE-2023-519xx/CVE-2023-51939.json | 4 +- CVE-2023/CVE-2023-521xx/CVE-2023-52118.json | 4 +- CVE-2023/CVE-2023-521xx/CVE-2023-52175.json | 4 +- CVE-2023/CVE-2023-521xx/CVE-2023-52188.json | 4 +- CVE-2023/CVE-2023-521xx/CVE-2023-52189.json | 4 +- CVE-2023/CVE-2023-521xx/CVE-2023-52191.json | 4 +- CVE-2023/CVE-2023-521xx/CVE-2023-52192.json | 4 +- CVE-2023/CVE-2023-521xx/CVE-2023-52193.json | 4 +- CVE-2023/CVE-2023-521xx/CVE-2023-52194.json | 4 +- CVE-2023/CVE-2023-521xx/CVE-2023-52195.json | 4 +- CVE-2023/CVE-2023-60xx/CVE-2023-6078.json | 55 +++++++++++++++ CVE-2023/CVE-2023-70xx/CVE-2023-7069.json | 4 +- CVE-2024/CVE-2024-09xx/CVE-2024-0928.json | 75 +++++++++++++++++++-- CVE-2024/CVE-2024-09xx/CVE-2024-0929.json | 75 +++++++++++++++++++-- CVE-2024/CVE-2024-09xx/CVE-2024-0930.json | 75 +++++++++++++++++++-- CVE-2024/CVE-2024-09xx/CVE-2024-0931.json | 75 +++++++++++++++++++-- CVE-2024/CVE-2024-09xx/CVE-2024-0932.json | 74 ++++++++++++++++++-- CVE-2024/CVE-2024-09xx/CVE-2024-0933.json | 70 +++++++++++++++++-- CVE-2024/CVE-2024-09xx/CVE-2024-0935.json | 55 +++++++++++++++ CVE-2024/CVE-2024-217xx/CVE-2024-21750.json | 4 +- CVE-2024/CVE-2024-221xx/CVE-2024-22148.json | 4 +- CVE-2024/CVE-2024-224xx/CVE-2024-22430.json | 4 +- CVE-2024/CVE-2024-224xx/CVE-2024-22449.json | 4 +- CVE-2024/CVE-2024-228xx/CVE-2024-22859.json | 4 +- CVE-2024/CVE-2024-239xx/CVE-2024-23941.json | 4 +- CVE-2024/CVE-2024-240xx/CVE-2024-24059.json | 20 ++++++ CVE-2024/CVE-2024-240xx/CVE-2024-24060.json | 20 ++++++ CVE-2024/CVE-2024-240xx/CVE-2024-24061.json | 20 ++++++ CVE-2024/CVE-2024-240xx/CVE-2024-24062.json | 20 ++++++ CVE-2024/CVE-2024-245xx/CVE-2024-24548.json | 4 +- README.md | 63 +++++++++-------- 63 files changed, 890 insertions(+), 177 deletions(-) create mode 100644 CVE-2023/CVE-2023-60xx/CVE-2023-6078.json create mode 100644 CVE-2024/CVE-2024-09xx/CVE-2024-0935.json create mode 100644 CVE-2024/CVE-2024-240xx/CVE-2024-24059.json create mode 100644 CVE-2024/CVE-2024-240xx/CVE-2024-24060.json create mode 100644 CVE-2024/CVE-2024-240xx/CVE-2024-24061.json create mode 100644 CVE-2024/CVE-2024-240xx/CVE-2024-24062.json diff --git a/CVE-2023/CVE-2023-258xx/CVE-2023-25832.json b/CVE-2023/CVE-2023-258xx/CVE-2023-25832.json index 2441880b846..4b6c71f5b19 100644 --- a/CVE-2023/CVE-2023-258xx/CVE-2023-25832.json +++ b/CVE-2023/CVE-2023-258xx/CVE-2023-25832.json @@ -2,8 +2,8 @@ "id": "CVE-2023-25832", "sourceIdentifier": "psirt@esri.com", "published": "2023-05-09T21:15:11.590", - "lastModified": "2023-05-22T22:15:09.997", - "vulnStatus": "Modified", + "lastModified": "2024-02-01T14:55:46.047", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -56,7 +56,7 @@ }, "weaknesses": [ { - "source": "psirt@esri.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -64,6 +64,16 @@ "value": "CWE-352" } ] + }, + { + "source": "psirt@esri.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-275xx/CVE-2023-27559.json b/CVE-2023/CVE-2023-275xx/CVE-2023-27559.json index 562cb0c26a8..ccb49e7834f 100644 --- a/CVE-2023/CVE-2023-275xx/CVE-2023-27559.json +++ b/CVE-2023/CVE-2023-275xx/CVE-2023-27559.json @@ -2,8 +2,8 @@ "id": "CVE-2023-27559", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-04-26T20:15:09.900", - "lastModified": "2023-05-12T05:15:17.673", - "vulnStatus": "Modified", + "lastModified": "2024-02-01T14:09:30.907", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -225,11 +225,17 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20230511-0010/", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/6985667", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-306xx/CVE-2023-30631.json b/CVE-2023/CVE-2023-306xx/CVE-2023-30631.json index 3be1a322059..a791d3bebc7 100644 --- a/CVE-2023/CVE-2023-306xx/CVE-2023-30631.json +++ b/CVE-2023/CVE-2023-306xx/CVE-2023-30631.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30631", "sourceIdentifier": "security@apache.org", "published": "2023-06-14T08:15:09.257", - "lastModified": "2023-06-30T02:15:08.917", - "vulnStatus": "Modified", + "lastModified": "2024-02-01T14:50:25.267", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -80,6 +80,51 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + } + ] + } + ] } ], "references": [ @@ -87,24 +132,38 @@ "url": "https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs", "source": "security@apache.org", "tags": [ - "Mailing List" + "Mailing List", + "Vendor Advisory" ] }, { "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://www.debian.org/security/2023/dsa-5435", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32305.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32305.json index 68839b85601..47a298c5f5c 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32305.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32305.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32305", "sourceIdentifier": "security-advisories@github.com", "published": "2023-05-12T19:15:08.953", - "lastModified": "2023-06-16T15:15:09.520", - "vulnStatus": "Modified", + "lastModified": "2024-02-01T14:06:55.693", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -157,7 +157,10 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20230616-0006/", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34455.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34455.json index e9cc9132281..7f9108d205a 100644 --- a/CVE-2023/CVE-2023-344xx/CVE-2023-34455.json +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34455.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34455", "sourceIdentifier": "security-advisories@github.com", "published": "2023-06-15T18:15:09.347", - "lastModified": "2023-08-18T14:15:23.960", - "vulnStatus": "Modified", + "lastModified": "2024-02-01T14:17:17.223", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -56,7 +56,7 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -64,6 +64,16 @@ "value": "CWE-770" } ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] } ], "configurations": [ @@ -110,12 +120,16 @@ "url": "https://github.com/xerial/snappy-java/security/advisories/GHSA-qcwq-55hx-v3vh", "source": "security-advisories@github.com", "tags": [ + "Exploit", "Vendor Advisory" ] }, { "url": "https://security.netapp.com/advisory/ntap-20230818-0009/", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-359xx/CVE-2023-35936.json b/CVE-2023/CVE-2023-359xx/CVE-2023-35936.json index 720be9a9174..0dc074b31fd 100644 --- a/CVE-2023/CVE-2023-359xx/CVE-2023-35936.json +++ b/CVE-2023/CVE-2023-359xx/CVE-2023-35936.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35936", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-05T21:15:09.627", - "lastModified": "2023-07-25T21:15:10.427", - "vulnStatus": "Modified", + "lastModified": "2024-02-01T14:08:22.863", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -93,6 +93,21 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + } + ] + } + ] } ], "references": [ @@ -100,12 +115,17 @@ "url": "https://github.com/jgm/pandoc/security/advisories/GHSA-xj5q-fv23-575g", "source": "security-advisories@github.com", "tags": [ + "Exploit", "Vendor Advisory" ] }, { "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00029.html", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-372xx/CVE-2023-37283.json b/CVE-2023/CVE-2023-372xx/CVE-2023-37283.json index 92d4ae08bfc..cb3ee4956a4 100644 --- a/CVE-2023/CVE-2023-372xx/CVE-2023-37283.json +++ b/CVE-2023/CVE-2023-372xx/CVE-2023-37283.json @@ -2,7 +2,7 @@ "id": "CVE-2023-37283", "sourceIdentifier": "responsible-disclosure@pingidentity.com", "published": "2023-10-25T18:17:28.270", - "lastModified": "2023-10-31T15:22:46.383", + "lastModified": "2024-02-01T13:48:57.980", "vulnStatus": "Analyzed", "descriptions": [ { @@ -110,8 +110,8 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:pingidentity:pingfederate:11.3:*:*:*:*:*:*:*", - "matchCriteriaId": "2597FA08-FAC8-4F50-9289-B02B33CAD460" + "criteria": "cpe:2.3:a:pingidentity:pingfederate:11.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D4DEF0BF-4C46-4386-8C46-3687A644A47B" } ] } diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37466.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37466.json index 9d916e66240..fb26c32f722 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37466.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37466.json @@ -2,12 +2,16 @@ "id": "CVE-2023-37466", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-14T00:15:09.263", - "lastModified": "2023-09-15T19:15:08.773", - "vulnStatus": "Modified", + "lastModified": "2024-02-01T14:05:45.750", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "vm2 is an advanced vm/sandbox for Node.js. The library contains critical security issues and should not be used for production. The maintenance of the project has been discontinued. In vm2 for versions up to 3.9.19, `Promise` handler sanitization can be bypassed with the `@@species` accessor property allowing attackers to escape the sandbox and run arbitrary code, potentially allowing remote code execution inside the context of vm2 sandbox." + }, + { + "lang": "es", + "value": "vm2 es una m\u00e1quina virtual/sandbox avanzada para Node.js. La librer\u00eda contiene problemas de seguridad cr\u00edticos y no debe usarse para producci\u00f3n. El mantenimiento del proyecto ha sido descontinuado. En vm2 para versiones hasta 3.9.19, la sanitizaci\u00f3n del controlador `Promise` se puede omitir con la propiedad de acceso `@@species`, lo que permite a los atacantes escapar del entorno limitado y ejecutar c\u00f3digo arbitrario, lo que potencialmente permite la ejecuci\u00f3n remota de c\u00f3digo dentro del contexto del entorno limitado de vm2." } ], "metrics": { @@ -17,20 +21,20 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", - "scope": "UNCHANGED", + "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", - "baseScore": 9.8, + "baseScore": 10.0, "baseSeverity": "CRITICAL" }, "exploitabilityScore": 3.9, - "impactScore": 5.9 + "impactScore": 6.0 }, { "source": "security-advisories@github.com", @@ -99,6 +103,7 @@ "url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-cchq-frgv-rjh5", "source": "security-advisories@github.com", "tags": [ + "Exploit", "Vendor Advisory" ] } diff --git a/CVE-2023/CVE-2023-376xx/CVE-2023-37621.json b/CVE-2023/CVE-2023-376xx/CVE-2023-37621.json index d4bcd413cbe..1a8d16ce5f3 100644 --- a/CVE-2023/CVE-2023-376xx/CVE-2023-37621.json +++ b/CVE-2023/CVE-2023-376xx/CVE-2023-37621.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37621", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-01T09:15:56.177", - "lastModified": "2024-02-01T09:15:56.177", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-379xx/CVE-2023-37903.json b/CVE-2023/CVE-2023-379xx/CVE-2023-37903.json index dc705195b2e..ec7c3e30ec7 100644 --- a/CVE-2023/CVE-2023-379xx/CVE-2023-37903.json +++ b/CVE-2023/CVE-2023-379xx/CVE-2023-37903.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37903", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-21T20:15:16.057", - "lastModified": "2023-08-31T19:15:10.287", - "vulnStatus": "Modified", + "lastModified": "2024-02-01T13:46:33.280", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -56,7 +56,7 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -64,6 +64,16 @@ "value": "CWE-78" } ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] } ], "configurations": [ @@ -94,7 +104,10 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20230831-0007/", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-392xx/CVE-2023-39219.json b/CVE-2023/CVE-2023-392xx/CVE-2023-39219.json index 87d8ae9cd0d..4ff00abee77 100644 --- a/CVE-2023/CVE-2023-392xx/CVE-2023-39219.json +++ b/CVE-2023/CVE-2023-392xx/CVE-2023-39219.json @@ -2,7 +2,7 @@ "id": "CVE-2023-39219", "sourceIdentifier": "responsible-disclosure@pingidentity.com", "published": "2023-10-25T18:17:28.973", - "lastModified": "2023-10-31T14:55:13.590", + "lastModified": "2024-02-01T13:57:07.213", "vulnStatus": "Analyzed", "descriptions": [ { @@ -110,8 +110,8 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:pingidentity:pingfederate:11.3:*:*:*:*:*:*:*", - "matchCriteriaId": "2597FA08-FAC8-4F50-9289-B02B33CAD460" + "criteria": "cpe:2.3:a:pingidentity:pingfederate:11.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D4DEF0BF-4C46-4386-8C46-3687A644A47B" } ] } diff --git a/CVE-2023/CVE-2023-515xx/CVE-2023-51506.json b/CVE-2023/CVE-2023-515xx/CVE-2023-51506.json index 22aed01be71..a2b1fe33e71 100644 --- a/CVE-2023/CVE-2023-515xx/CVE-2023-51506.json +++ b/CVE-2023/CVE-2023-515xx/CVE-2023-51506.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51506", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T12:15:53.533", - "lastModified": "2024-02-01T12:15:53.533", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-515xx/CVE-2023-51509.json b/CVE-2023/CVE-2023-515xx/CVE-2023-51509.json index 5aca0ca4baa..26d2dbc36ce 100644 --- a/CVE-2023/CVE-2023-515xx/CVE-2023-51509.json +++ b/CVE-2023/CVE-2023-515xx/CVE-2023-51509.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51509", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T12:15:53.733", - "lastModified": "2024-02-01T12:15:53.733", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-515xx/CVE-2023-51514.json b/CVE-2023/CVE-2023-515xx/CVE-2023-51514.json index 3f1ea9c4637..4f4adaadc61 100644 --- a/CVE-2023/CVE-2023-515xx/CVE-2023-51514.json +++ b/CVE-2023/CVE-2023-515xx/CVE-2023-51514.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51514", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T12:15:53.917", - "lastModified": "2024-02-01T12:15:53.917", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-515xx/CVE-2023-51520.json b/CVE-2023/CVE-2023-515xx/CVE-2023-51520.json index 696921113be..a8bf64a5fd8 100644 --- a/CVE-2023/CVE-2023-515xx/CVE-2023-51520.json +++ b/CVE-2023/CVE-2023-515xx/CVE-2023-51520.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51520", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T12:15:54.100", - "lastModified": "2024-02-01T12:15:54.100", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-515xx/CVE-2023-51532.json b/CVE-2023/CVE-2023-515xx/CVE-2023-51532.json index 50ae99eb483..368a7481dda 100644 --- a/CVE-2023/CVE-2023-515xx/CVE-2023-51532.json +++ b/CVE-2023/CVE-2023-515xx/CVE-2023-51532.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51532", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:08.710", - "lastModified": "2024-02-01T11:15:08.710", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-515xx/CVE-2023-51534.json b/CVE-2023/CVE-2023-515xx/CVE-2023-51534.json index fb1274b4482..12b4f114d54 100644 --- a/CVE-2023/CVE-2023-515xx/CVE-2023-51534.json +++ b/CVE-2023/CVE-2023-515xx/CVE-2023-51534.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51534", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:09.527", - "lastModified": "2024-02-01T11:15:09.527", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-515xx/CVE-2023-51536.json b/CVE-2023/CVE-2023-515xx/CVE-2023-51536.json index c474444e54a..191f42d04b8 100644 --- a/CVE-2023/CVE-2023-515xx/CVE-2023-51536.json +++ b/CVE-2023/CVE-2023-515xx/CVE-2023-51536.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51536", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:09.810", - "lastModified": "2024-02-01T11:15:09.810", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-515xx/CVE-2023-51540.json b/CVE-2023/CVE-2023-515xx/CVE-2023-51540.json index 6a9c3664c62..91be920505d 100644 --- a/CVE-2023/CVE-2023-515xx/CVE-2023-51540.json +++ b/CVE-2023/CVE-2023-515xx/CVE-2023-51540.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51540", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:10.020", - "lastModified": "2024-02-01T11:15:10.020", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-515xx/CVE-2023-51548.json b/CVE-2023/CVE-2023-515xx/CVE-2023-51548.json index 674f5090100..8cb761aeb63 100644 --- a/CVE-2023/CVE-2023-515xx/CVE-2023-51548.json +++ b/CVE-2023/CVE-2023-515xx/CVE-2023-51548.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51548", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:10.243", - "lastModified": "2024-02-01T11:15:10.243", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51666.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51666.json index 9c577a30ffb..a3ad516b8a7 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51666.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51666.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51666", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:10.440", - "lastModified": "2024-02-01T11:15:10.440", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51669.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51669.json index e72f354913a..1195045893a 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51669.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51669.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51669", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:10.647", - "lastModified": "2024-02-01T11:15:10.647", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51674.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51674.json index 58de05ae716..d6136df3b6d 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51674.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51674.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51674", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:10.847", - "lastModified": "2024-02-01T11:15:10.847", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51677.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51677.json index e90dc445b4e..faa67b0149c 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51677.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51677.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51677", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:11.050", - "lastModified": "2024-02-01T11:15:11.050", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51684.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51684.json index 5f2cf06285f..3814aec5848 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51684.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51684.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51684", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:11.260", - "lastModified": "2024-02-01T11:15:11.260", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51685.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51685.json index 0f84fd4c1db..dade337780d 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51685.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51685.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51685", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:11.463", - "lastModified": "2024-02-01T11:15:11.463", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51689.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51689.json index 55d5f8c3a95..0e2c5d9e78a 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51689.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51689.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51689", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:11.760", - "lastModified": "2024-02-01T11:15:11.760", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51690.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51690.json index 29c3bb459b2..c8a0c4bb4a3 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51690.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51690.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51690", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:11.973", - "lastModified": "2024-02-01T11:15:11.973", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51691.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51691.json index 5592178f7c6..7236a50e017 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51691.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51691.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51691", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:12.200", - "lastModified": "2024-02-01T11:15:12.200", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51693.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51693.json index e8ca2ed5dc6..be9d28ce495 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51693.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51693.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51693", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:12.390", - "lastModified": "2024-02-01T11:15:12.390", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51694.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51694.json index 75c679a7dab..10e18d7d3fe 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51694.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51694.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51694", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:12.610", - "lastModified": "2024-02-01T11:15:12.610", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51695.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51695.json index 11c6ed357b2..d7b94718452 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51695.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51695.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51695", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:12.790", - "lastModified": "2024-02-01T11:15:12.790", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-519xx/CVE-2023-51939.json b/CVE-2023/CVE-2023-519xx/CVE-2023-51939.json index 74e88a0f30f..64a239651d5 100644 --- a/CVE-2023/CVE-2023-519xx/CVE-2023-51939.json +++ b/CVE-2023/CVE-2023-519xx/CVE-2023-51939.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51939", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-01T07:15:08.450", - "lastModified": "2024-02-01T07:15:08.450", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-521xx/CVE-2023-52118.json b/CVE-2023/CVE-2023-521xx/CVE-2023-52118.json index b79ec7ab556..7aa889a92d0 100644 --- a/CVE-2023/CVE-2023-521xx/CVE-2023-52118.json +++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52118.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52118", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T11:15:12.970", - "lastModified": "2024-02-01T11:15:12.970", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-521xx/CVE-2023-52175.json b/CVE-2023/CVE-2023-521xx/CVE-2023-52175.json index dfbf4d70b8e..65216db6b97 100644 --- a/CVE-2023/CVE-2023-521xx/CVE-2023-52175.json +++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52175.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52175", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T10:15:08.580", - "lastModified": "2024-02-01T10:15:08.580", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-521xx/CVE-2023-52188.json b/CVE-2023/CVE-2023-521xx/CVE-2023-52188.json index 5db6cdc7def..8a1e0d8ac89 100644 --- a/CVE-2023/CVE-2023-521xx/CVE-2023-52188.json +++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52188.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52188", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T10:15:09.040", - "lastModified": "2024-02-01T10:15:09.040", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-521xx/CVE-2023-52189.json b/CVE-2023/CVE-2023-521xx/CVE-2023-52189.json index bc25de3fc71..706aaa2cd0d 100644 --- a/CVE-2023/CVE-2023-521xx/CVE-2023-52189.json +++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52189.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52189", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T10:15:09.343", - "lastModified": "2024-02-01T10:15:09.343", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-521xx/CVE-2023-52191.json b/CVE-2023/CVE-2023-521xx/CVE-2023-52191.json index 813b5232dbd..33129dd75dd 100644 --- a/CVE-2023/CVE-2023-521xx/CVE-2023-52191.json +++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52191.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52191", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T10:15:09.700", - "lastModified": "2024-02-01T10:15:09.700", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-521xx/CVE-2023-52192.json b/CVE-2023/CVE-2023-521xx/CVE-2023-52192.json index 14ff75889d7..a88809e658e 100644 --- a/CVE-2023/CVE-2023-521xx/CVE-2023-52192.json +++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52192.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52192", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T10:15:10.027", - "lastModified": "2024-02-01T10:15:10.027", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-521xx/CVE-2023-52193.json b/CVE-2023/CVE-2023-521xx/CVE-2023-52193.json index fbd31cfeead..abaa053fcb3 100644 --- a/CVE-2023/CVE-2023-521xx/CVE-2023-52193.json +++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52193.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52193", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T10:15:10.423", - "lastModified": "2024-02-01T10:15:10.423", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-521xx/CVE-2023-52194.json b/CVE-2023/CVE-2023-521xx/CVE-2023-52194.json index ee9b9a73b2b..c3dd5352207 100644 --- a/CVE-2023/CVE-2023-521xx/CVE-2023-52194.json +++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52194.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52194", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T10:15:10.880", - "lastModified": "2024-02-01T10:15:10.880", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-521xx/CVE-2023-52195.json b/CVE-2023/CVE-2023-521xx/CVE-2023-52195.json index 5aa6ee8e78a..a22edd16718 100644 --- a/CVE-2023/CVE-2023-521xx/CVE-2023-52195.json +++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52195.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52195", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T10:15:11.207", - "lastModified": "2024-02-01T10:15:11.207", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6078.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6078.json new file mode 100644 index 00000000000..e4ce5f5d9f5 --- /dev/null +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6078.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6078", + "sourceIdentifier": "3DS.Information-Security@3ds.com", + "published": "2024-02-01T14:15:55.810", + "lastModified": "2024-02-01T14:15:55.810", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An OS Command Injection vulnerability exists in BIOVIA Materials Studio products from Release BIOVIA 2021 through Release BIOVIA 2023. Upload of a specially crafted perl script can lead to arbitrary command execution." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "3DS.Information-Security@3ds.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "3DS.Information-Security@3ds.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.3ds.com/vulnerability/advisories", + "source": "3DS.Information-Security@3ds.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7069.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7069.json index 3e6727442c4..98966692ab7 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7069.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7069.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7069", "sourceIdentifier": "security@wordfence.com", "published": "2024-02-01T04:15:49.780", - "lastModified": "2024-02-01T04:15:49.780", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-09xx/CVE-2024-0928.json b/CVE-2024/CVE-2024-09xx/CVE-2024-0928.json index 23ff1ae1921..b0d2c19360c 100644 --- a/CVE-2024/CVE-2024-09xx/CVE-2024-0928.json +++ b/CVE-2024/CVE-2024-09xx/CVE-2024-0928.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0928", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-26T16:15:21.707", - "lastModified": "2024-01-26T16:33:07.620", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-01T14:33:39.600", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been declared as critical. Affected by this vulnerability is the function fromDhcpListClient. The manipulation of the argument page/listN leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252133 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en Tenda AC10U 15.03.06.49_multi_TDE01. Ha sido declarada cr\u00edtica. La funci\u00f3n fromDhcpListClient es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento page/listN conduce a un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria. El ataque se puede lanzar de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-252133. NOTA: Se contact\u00f3 primeramente con proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,59 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tendacn:ac10u_firmware:15.03.06.49_multi_tde01:*:*:*:*:*:*:*", + "matchCriteriaId": "D1C36BB3-509E-4120-B2EC-F4D061A71F2A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tendacn:ac10u:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BFF286BB-A1D3-4E51-AB31-B5A531A8B440" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/fromDhcpListClient_1.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.252133", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.252133", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-09xx/CVE-2024-0929.json b/CVE-2024/CVE-2024-09xx/CVE-2024-0929.json index f2651d194a6..a463a5c2b72 100644 --- a/CVE-2024/CVE-2024-09xx/CVE-2024-0929.json +++ b/CVE-2024/CVE-2024-09xx/CVE-2024-0929.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0929", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-26T16:15:22.020", - "lastModified": "2024-01-26T16:33:07.620", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-01T14:25:45.113", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been rated as critical. Affected by this issue is the function fromNatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252134 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en Tenda AC10U 15.03.06.49_multi_TDE01. Ha sido calificada como cr\u00edtica. La funci\u00f3n fromNatStaticSetting es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento page provoca un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria. El ataque puede lanzarse de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. VDB-252134 es el identificador asignado a esta vulnerabilidad. NOTA: Se contact\u00f3 primeramente con proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,59 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tendacn:ac10u_firmware:15.03.06.49_multi_tde01:*:*:*:*:*:*:*", + "matchCriteriaId": "D1C36BB3-509E-4120-B2EC-F4D061A71F2A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tendacn:ac10u:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BFF286BB-A1D3-4E51-AB31-B5A531A8B440" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/fromNatStaticSetting.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.252134", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.252134", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-09xx/CVE-2024-0930.json b/CVE-2024/CVE-2024-09xx/CVE-2024-0930.json index 8e393f0b0a0..8025b38e380 100644 --- a/CVE-2024/CVE-2024-09xx/CVE-2024-0930.json +++ b/CVE-2024/CVE-2024-09xx/CVE-2024-0930.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0930", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-26T16:15:22.287", - "lastModified": "2024-01-26T16:33:07.620", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-01T14:24:36.343", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This affects the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252135. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad ha sido encontrada en Tenda AC10U 15.03.06.49_multi_TDE01 y clasificada como cr\u00edtica. Esto afecta la funci\u00f3n fromSetWirelessRepeat. La manipulaci\u00f3n del argumento wpapsk_crypto provoca un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria. Es posible iniciar el ataque de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-252135. NOTA: Se contact\u00f3 primeramente con proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,59 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tendacn:ac10u_firmware:15.03.06.49_multi_tde01:*:*:*:*:*:*:*", + "matchCriteriaId": "D1C36BB3-509E-4120-B2EC-F4D061A71F2A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tendacn:ac10u:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BFF286BB-A1D3-4E51-AB31-B5A531A8B440" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/fromSetWirelessRepeat.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.252135", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.252135", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-09xx/CVE-2024-0931.json b/CVE-2024/CVE-2024-09xx/CVE-2024-0931.json index 9bb419fd934..1b4e389615d 100644 --- a/CVE-2024/CVE-2024-09xx/CVE-2024-0931.json +++ b/CVE-2024/CVE-2024-09xx/CVE-2024-0931.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0931", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-26T17:15:10.617", - "lastModified": "2024-01-26T18:29:26.990", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-01T14:19:37.457", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. This vulnerability affects the function saveParentControlInfo. The manipulation of the argument deviceId/time/urls leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252136. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en Tenda AC10U 15.03.06.49_multi_TDE01 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n saveParentControlInfo. La manipulaci\u00f3n del argumento deviceId/time/urls conduce a un esbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria. El ataque se puede iniciar de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-252136. NOTA: Se contact\u00f3 primeramente con proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,59 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tendacn:ac10u_firmware:15.03.06.49_multi_tde01:*:*:*:*:*:*:*", + "matchCriteriaId": "D1C36BB3-509E-4120-B2EC-F4D061A71F2A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tendacn:ac10u:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BFF286BB-A1D3-4E51-AB31-B5A531A8B440" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/saveParentControlInfo_1.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.252136", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.252136", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-09xx/CVE-2024-0932.json b/CVE-2024/CVE-2024-09xx/CVE-2024-0932.json index d64e3dfe19e..a5a8227d678 100644 --- a/CVE-2024/CVE-2024-09xx/CVE-2024-0932.json +++ b/CVE-2024/CVE-2024-09xx/CVE-2024-0932.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0932", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-26T17:15:11.050", - "lastModified": "2024-01-26T18:29:26.990", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-01T14:08:37.997", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This issue affects the function setSmartPowerManagement. The manipulation of the argument time leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252137 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en Tenda AC10U 15.03.06.49_multi_TDE01 y clasificada como cr\u00edtica. Este problema afecta a la funci\u00f3n setSmartPowerManagement. La manipulaci\u00f3n del argumento time conduce a un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria. El ataque puede iniciarse de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-252137. NOTA: Se contact\u00f3 primeramente con proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,58 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tendacn:ac10u_firmware:15.03.06.49_multi_tde01:*:*:*:*:*:*:*", + "matchCriteriaId": "D1C36BB3-509E-4120-B2EC-F4D061A71F2A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tendacn:ac10u:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BFF286BB-A1D3-4E51-AB31-B5A531A8B440" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/yaoyue123/iot/blob/main/Tenda/AC10U/setSmartPowerManagement.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.252137", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.252137", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-09xx/CVE-2024-0933.json b/CVE-2024/CVE-2024-09xx/CVE-2024-0933.json index 41eeacfcfa3..e0dc628359c 100644 --- a/CVE-2024/CVE-2024-09xx/CVE-2024-0933.json +++ b/CVE-2024/CVE-2024-09xx/CVE-2024-0933.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0933", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-26T17:15:11.340", - "lastModified": "2024-01-26T18:29:26.990", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-01T14:21:18.320", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Niushop B2B2C V5 and classified as critical. Affected by this issue is some unknown functionality of the file \\app\\model\\Upload.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252140. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en Niushop B2B2C V5 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo \\app\\model\\Upload.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a una carga sin restricciones. El ataque puede lanzarse de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-252140. NOTA: Se contact\u00f3 primeramente con proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -60,6 +84,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +105,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:niushop:b2b2c_multi-business:5.0:*:*:*:*:*:*:*", + "matchCriteriaId": "842EDEF7-88D4-426D-B280-A915B0AC48FA" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.qq.com/doc/DYnNWeHdTVXZqZURH", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?ctiid.252140", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.252140", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-09xx/CVE-2024-0935.json b/CVE-2024/CVE-2024-09xx/CVE-2024-0935.json new file mode 100644 index 00000000000..26db8f8e982 --- /dev/null +++ b/CVE-2024/CVE-2024-09xx/CVE-2024-0935.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-0935", + "sourceIdentifier": "3DS.Information-Security@3ds.com", + "published": "2024-02-01T14:15:56.040", + "lastModified": "2024-02-01T14:15:56.040", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An insertion of Sensitive Information into Log File vulnerability is affecting DELMIA Apriso Release 2019 through Release 2024" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "3DS.Information-Security@3ds.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "3DS.Information-Security@3ds.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "references": [ + { + "url": "https://www.3ds.com/vulnerability/advisories", + "source": "3DS.Information-Security@3ds.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-217xx/CVE-2024-21750.json b/CVE-2024/CVE-2024-217xx/CVE-2024-21750.json index 2bf404ac235..eb8896f4ee4 100644 --- a/CVE-2024/CVE-2024-217xx/CVE-2024-21750.json +++ b/CVE-2024/CVE-2024-217xx/CVE-2024-21750.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21750", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T10:15:11.880", - "lastModified": "2024-02-01T10:15:11.880", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22148.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22148.json index a4693c19922..6917c6e0b0e 100644 --- a/CVE-2024/CVE-2024-221xx/CVE-2024-22148.json +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22148.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22148", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T10:15:12.223", - "lastModified": "2024-02-01T10:15:12.223", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22430.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22430.json index e997f393326..2bd23eef8b8 100644 --- a/CVE-2024/CVE-2024-224xx/CVE-2024-22430.json +++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22430.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22430", "sourceIdentifier": "security_alert@emc.com", "published": "2024-02-01T10:15:12.533", - "lastModified": "2024-02-01T10:15:12.533", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22449.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22449.json index a95281da144..e860a1abdd9 100644 --- a/CVE-2024/CVE-2024-224xx/CVE-2024-22449.json +++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22449.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22449", "sourceIdentifier": "security_alert@emc.com", "published": "2024-02-01T10:15:12.890", - "lastModified": "2024-02-01T10:15:12.890", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-228xx/CVE-2024-22859.json b/CVE-2024/CVE-2024-228xx/CVE-2024-22859.json index c738e2ac2bc..9412f43b287 100644 --- a/CVE-2024/CVE-2024-228xx/CVE-2024-22859.json +++ b/CVE-2024/CVE-2024-228xx/CVE-2024-22859.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22859", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-01T07:15:08.793", - "lastModified": "2024-02-01T07:15:08.793", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-239xx/CVE-2024-23941.json b/CVE-2024/CVE-2024-239xx/CVE-2024-23941.json index e2e4f59f5c0..f1e1d359d3c 100644 --- a/CVE-2024/CVE-2024-239xx/CVE-2024-23941.json +++ b/CVE-2024/CVE-2024-239xx/CVE-2024-23941.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23941", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-02-01T04:15:49.967", - "lastModified": "2024-02-01T04:15:49.967", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-240xx/CVE-2024-24059.json b/CVE-2024/CVE-2024-240xx/CVE-2024-24059.json new file mode 100644 index 00000000000..737ad22f746 --- /dev/null +++ b/CVE-2024/CVE-2024-240xx/CVE-2024-24059.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-24059", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-02-01T14:15:56.230", + "lastModified": "2024-02-01T14:15:56.230", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "springboot-manager v1.6 is vulnerable to Arbitrary File Upload. The system does not filter the suffixes of uploaded files." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#2-file-upload-vulnerability", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-240xx/CVE-2024-24060.json b/CVE-2024/CVE-2024-240xx/CVE-2024-24060.json new file mode 100644 index 00000000000..1fde560f759 --- /dev/null +++ b/CVE-2024/CVE-2024-240xx/CVE-2024-24060.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-24060", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-02-01T14:15:56.283", + "lastModified": "2024-02-01T14:15:56.283", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sys/user." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#11-stored-cross-site-scripting-sysuser", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-240xx/CVE-2024-24061.json b/CVE-2024/CVE-2024-240xx/CVE-2024-24061.json new file mode 100644 index 00000000000..39c087e0788 --- /dev/null +++ b/CVE-2024/CVE-2024-240xx/CVE-2024-24061.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-24061", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-02-01T14:15:56.333", + "lastModified": "2024-02-01T14:15:56.333", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sysContent/add." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#13-stored-cross-site-scripting-syscontentadd", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-240xx/CVE-2024-24062.json b/CVE-2024/CVE-2024-240xx/CVE-2024-24062.json new file mode 100644 index 00000000000..721ab121ad6 --- /dev/null +++ b/CVE-2024/CVE-2024-240xx/CVE-2024-24062.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-24062", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-02-01T14:15:56.380", + "lastModified": "2024-02-01T14:15:56.380", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sys/role." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#12-stored-cross-site-scripting-sysrole", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-245xx/CVE-2024-24548.json b/CVE-2024/CVE-2024-245xx/CVE-2024-24548.json index 41da70d3cb3..f1c43abb754 100644 --- a/CVE-2024/CVE-2024-245xx/CVE-2024-24548.json +++ b/CVE-2024/CVE-2024-245xx/CVE-2024-24548.json @@ -2,8 +2,8 @@ "id": "CVE-2024-24548", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-02-01T07:15:09.040", - "lastModified": "2024-02-01T07:15:09.040", - "vulnStatus": "Received", + "lastModified": "2024-02-01T13:41:44.257", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/README.md b/README.md index 4af2cf67dbf..93ba781497f 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-02-01T13:00:24.536505+00:00 +2024-02-01T15:00:24.902229+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-02-01T12:15:54.100000+00:00 +2024-02-01T14:55:46.047000+00:00 ``` ### Last Data Feed Release @@ -29,41 +29,50 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -237297 +237303 ``` ### CVEs added in the last Commit -Recently added CVEs: `22` +Recently added CVEs: `6` -* [CVE-2023-51532](CVE-2023/CVE-2023-515xx/CVE-2023-51532.json) (`2024-02-01T11:15:08.710`) -* [CVE-2023-51534](CVE-2023/CVE-2023-515xx/CVE-2023-51534.json) (`2024-02-01T11:15:09.527`) -* [CVE-2023-51536](CVE-2023/CVE-2023-515xx/CVE-2023-51536.json) (`2024-02-01T11:15:09.810`) -* [CVE-2023-51540](CVE-2023/CVE-2023-515xx/CVE-2023-51540.json) (`2024-02-01T11:15:10.020`) -* [CVE-2023-51548](CVE-2023/CVE-2023-515xx/CVE-2023-51548.json) (`2024-02-01T11:15:10.243`) -* [CVE-2023-51666](CVE-2023/CVE-2023-516xx/CVE-2023-51666.json) (`2024-02-01T11:15:10.440`) -* [CVE-2023-51669](CVE-2023/CVE-2023-516xx/CVE-2023-51669.json) (`2024-02-01T11:15:10.647`) -* [CVE-2023-51674](CVE-2023/CVE-2023-516xx/CVE-2023-51674.json) (`2024-02-01T11:15:10.847`) -* [CVE-2023-51677](CVE-2023/CVE-2023-516xx/CVE-2023-51677.json) (`2024-02-01T11:15:11.050`) -* [CVE-2023-51684](CVE-2023/CVE-2023-516xx/CVE-2023-51684.json) (`2024-02-01T11:15:11.260`) -* [CVE-2023-51685](CVE-2023/CVE-2023-516xx/CVE-2023-51685.json) (`2024-02-01T11:15:11.463`) -* [CVE-2023-51689](CVE-2023/CVE-2023-516xx/CVE-2023-51689.json) (`2024-02-01T11:15:11.760`) -* [CVE-2023-51690](CVE-2023/CVE-2023-516xx/CVE-2023-51690.json) (`2024-02-01T11:15:11.973`) -* [CVE-2023-51691](CVE-2023/CVE-2023-516xx/CVE-2023-51691.json) (`2024-02-01T11:15:12.200`) -* [CVE-2023-51693](CVE-2023/CVE-2023-516xx/CVE-2023-51693.json) (`2024-02-01T11:15:12.390`) -* [CVE-2023-51694](CVE-2023/CVE-2023-516xx/CVE-2023-51694.json) (`2024-02-01T11:15:12.610`) -* [CVE-2023-51695](CVE-2023/CVE-2023-516xx/CVE-2023-51695.json) (`2024-02-01T11:15:12.790`) -* [CVE-2023-52118](CVE-2023/CVE-2023-521xx/CVE-2023-52118.json) (`2024-02-01T11:15:12.970`) -* [CVE-2023-51506](CVE-2023/CVE-2023-515xx/CVE-2023-51506.json) (`2024-02-01T12:15:53.533`) -* [CVE-2023-51509](CVE-2023/CVE-2023-515xx/CVE-2023-51509.json) (`2024-02-01T12:15:53.733`) -* [CVE-2023-51514](CVE-2023/CVE-2023-515xx/CVE-2023-51514.json) (`2024-02-01T12:15:53.917`) -* [CVE-2023-51520](CVE-2023/CVE-2023-515xx/CVE-2023-51520.json) (`2024-02-01T12:15:54.100`) +* [CVE-2023-6078](CVE-2023/CVE-2023-60xx/CVE-2023-6078.json) (`2024-02-01T14:15:55.810`) +* [CVE-2024-0935](CVE-2024/CVE-2024-09xx/CVE-2024-0935.json) (`2024-02-01T14:15:56.040`) +* [CVE-2024-24059](CVE-2024/CVE-2024-240xx/CVE-2024-24059.json) (`2024-02-01T14:15:56.230`) +* [CVE-2024-24060](CVE-2024/CVE-2024-240xx/CVE-2024-24060.json) (`2024-02-01T14:15:56.283`) +* [CVE-2024-24061](CVE-2024/CVE-2024-240xx/CVE-2024-24061.json) (`2024-02-01T14:15:56.333`) +* [CVE-2024-24062](CVE-2024/CVE-2024-240xx/CVE-2024-24062.json) (`2024-02-01T14:15:56.380`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `56` +* [CVE-2023-51514](CVE-2023/CVE-2023-515xx/CVE-2023-51514.json) (`2024-02-01T13:41:44.257`) +* [CVE-2023-51520](CVE-2023/CVE-2023-515xx/CVE-2023-51520.json) (`2024-02-01T13:41:44.257`) +* [CVE-2023-37903](CVE-2023/CVE-2023-379xx/CVE-2023-37903.json) (`2024-02-01T13:46:33.280`) +* [CVE-2023-37283](CVE-2023/CVE-2023-372xx/CVE-2023-37283.json) (`2024-02-01T13:48:57.980`) +* [CVE-2023-39219](CVE-2023/CVE-2023-392xx/CVE-2023-39219.json) (`2024-02-01T13:57:07.213`) +* [CVE-2023-37466](CVE-2023/CVE-2023-374xx/CVE-2023-37466.json) (`2024-02-01T14:05:45.750`) +* [CVE-2023-32305](CVE-2023/CVE-2023-323xx/CVE-2023-32305.json) (`2024-02-01T14:06:55.693`) +* [CVE-2023-35936](CVE-2023/CVE-2023-359xx/CVE-2023-35936.json) (`2024-02-01T14:08:22.863`) +* [CVE-2023-27559](CVE-2023/CVE-2023-275xx/CVE-2023-27559.json) (`2024-02-01T14:09:30.907`) +* [CVE-2023-34455](CVE-2023/CVE-2023-344xx/CVE-2023-34455.json) (`2024-02-01T14:17:17.223`) +* [CVE-2023-30631](CVE-2023/CVE-2023-306xx/CVE-2023-30631.json) (`2024-02-01T14:50:25.267`) +* [CVE-2023-25832](CVE-2023/CVE-2023-258xx/CVE-2023-25832.json) (`2024-02-01T14:55:46.047`) +* [CVE-2024-23941](CVE-2024/CVE-2024-239xx/CVE-2024-23941.json) (`2024-02-01T13:41:44.257`) +* [CVE-2024-22859](CVE-2024/CVE-2024-228xx/CVE-2024-22859.json) (`2024-02-01T13:41:44.257`) +* [CVE-2024-24548](CVE-2024/CVE-2024-245xx/CVE-2024-24548.json) (`2024-02-01T13:41:44.257`) +* [CVE-2024-21750](CVE-2024/CVE-2024-217xx/CVE-2024-21750.json) (`2024-02-01T13:41:44.257`) +* [CVE-2024-22148](CVE-2024/CVE-2024-221xx/CVE-2024-22148.json) (`2024-02-01T13:41:44.257`) +* [CVE-2024-22430](CVE-2024/CVE-2024-224xx/CVE-2024-22430.json) (`2024-02-01T13:41:44.257`) +* [CVE-2024-22449](CVE-2024/CVE-2024-224xx/CVE-2024-22449.json) (`2024-02-01T13:41:44.257`) +* [CVE-2024-0932](CVE-2024/CVE-2024-09xx/CVE-2024-0932.json) (`2024-02-01T14:08:37.997`) +* [CVE-2024-0931](CVE-2024/CVE-2024-09xx/CVE-2024-0931.json) (`2024-02-01T14:19:37.457`) +* [CVE-2024-0933](CVE-2024/CVE-2024-09xx/CVE-2024-0933.json) (`2024-02-01T14:21:18.320`) +* [CVE-2024-0930](CVE-2024/CVE-2024-09xx/CVE-2024-0930.json) (`2024-02-01T14:24:36.343`) +* [CVE-2024-0929](CVE-2024/CVE-2024-09xx/CVE-2024-0929.json) (`2024-02-01T14:25:45.113`) +* [CVE-2024-0928](CVE-2024/CVE-2024-09xx/CVE-2024-0928.json) (`2024-02-01T14:33:39.600`) ## Download and Usage