diff --git a/CVE-2022/CVE-2022-489xx/CVE-2022-48925.json b/CVE-2022/CVE-2022-489xx/CVE-2022-48925.json index f57da0851d3..6fb6490b938 100644 --- a/CVE-2022/CVE-2022-489xx/CVE-2022-48925.json +++ b/CVE-2022/CVE-2022-489xx/CVE-2022-48925.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48925", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-08-22T02:15:08.750", - "lastModified": "2024-08-22T12:48:02.790", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:07:41.047", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,103 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: RDMA/cma: no cambie route.addr.src_addr fuera de las comprobaciones de estado. Si el estado no est\u00e1 inactivo, resolve_prepare_src() deber\u00eda fallar inmediatamente y no deber\u00eda ocurrir ning\u00fan cambio en el estado global. Sin embargo, sobrescribe incondicionalmente src_addr al intentar crear una direcci\u00f3n temporal. Por ejemplo, si el estado ya es RDMA_CM_LISTEN, esto da\u00f1ar\u00e1 src_addr y provocar\u00e1 la prueba en cma_cancel_operation(): if (cma_any_addr(cma_src_addr(id_priv)) && !id_priv->cma_dev) Lo que se manifestar\u00eda como este rastro de syzkaller: ERROR : KASAN: use-after-free en __list_add_valid+0x93/0xa0 lib/list_debug.c:26 Lectura de tama\u00f1o 8 en addr ffff8881546491e0 por tarea syz-executor.1/32204 CPU: 1 PID: 32204 Comm: syz-executor.1 No contaminado 5.12.0-rc8-syzkaller #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:79 [en l\u00ednea] dump_stack+0x141/0x1d7 lib /dump_stack.c:120 print_address_description.constprop.0.cold+0x5b/0x2f8 mm/kasan/report.c:232 __kasan_report mm/kasan/report.c:399 [en l\u00ednea] kasan_report.cold+0x7c/0xd8 mm/kasan/ report.c:416 __list_add_valid+0x93/0xa0 lib/list_debug.c:26 __list_add include/linux/list.h:67 [en l\u00ednea] list_add_tail include/linux/list.h:100 [en l\u00ednea] cma_listen_on_all drivers/infiniband/core/ cma.c:2557 [en l\u00ednea] rdma_listen+0x787/0xe00 controladores/infiniband/core/cma.c:3751 ucma_listen+0x16a/0x210 controladores/infiniband/core/ucma.c:1102 ucma_write+0x259/0x350 controladores/infiniband/core /ucma.c:1732 vfs_write+0x28e/0xa30 fs/read_write.c:603 ksys_write+0x1ee/0x250 fs/read_write.c:658 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 Entry_SYSCALL_64_after_hwframe+0x44/ 0xae Esto indica que un rdma_id_private fue destruido sin realizar cma_cancel_listens(). En lugar de intentar reutilizar la memoria src_addr para crear indirectamente cualquier direcci\u00f3n derivada del dst, cree una expl\u00edcitamente en la pila y vinc\u00falela como lo har\u00eda cualquier otro flujo normal. rdma_bind_addr() lo copiar\u00e1 sobre src_addr una vez que sepa que el estado es v\u00e1lido. Esto es similar al commit bc0bdc5afaa7 (\"RDMA/cma: No cambiar route.addr.src_addr.ss_family\")" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.10.103", + "matchCriteriaId": "B515B8BE-A929-4F26-A3AE-065750435804" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.26", + "matchCriteriaId": "9AB342AE-A62E-4947-A6EA-511453062B2B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "5.16.12", + "matchCriteriaId": "C76BAB21-7F23-4AD8-A25F-CA7B262A2698" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/00265efbd3e5705038c9492a434fda8cf960c8a2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/22e9f71072fa605cbf033158db58e0790101928d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5b1cef5798b4fd6e4fd5522e7b8a26248beeacaa", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d350724795c7a48b05bf921d94699fbfecf7da0b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-489xx/CVE-2022-48926.json b/CVE-2022/CVE-2022-489xx/CVE-2022-48926.json index b466322728a..ea9c63d6a99 100644 --- a/CVE-2022/CVE-2022-489xx/CVE-2022-48926.json +++ b/CVE-2022/CVE-2022-489xx/CVE-2022-48926.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48926", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-08-22T04:15:15.363", - "lastModified": "2024-08-22T12:48:02.790", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:05:14.960", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,159 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: usb: gadget: rndis: agregar spinlock para la lista de respuestas de rndis No hay bloqueo para la lista de respuestas de rndis. Podr\u00eda causar corrupci\u00f3n en la lista si hay dos list_add diferentes al mismo tiempo, como se muestra a continuaci\u00f3n. Es mejor agregar rndis_add_response / rndis_free_response / rndis_get_next_response para evitar cualquier condici\u00f3n de ejecuci\u00f3n en la lista de respuestas. [ 361.894299] [1: irq/191-dwc3:16979] list_add corrupci\u00f3n. siguiente->anterior deber\u00eda ser anterior (ffffff80651764d0), pero era ffffff883dc36f80. (siguiente=ffffff80651764d0). [ 361.904380] [1: irq/191-dwc3:16979] Rastreo de llamadas: [ 361.904391] [1: irq/191-dwc3:16979] __list_add_valid+0x74/0x90 [ 361.904401] [1: irq/191-dwc3:16979 ] rndis_msg_parser+0x168/0x8c0 [ 361.904409] [1: irq/191-dwc3:16979] rndis_command_complete+0x24/0x84 [ 361.904417] [1: irq/191-dwc3:16979] misi\u00f3n+0x20/0xe4 [ 361.904426] [1: irq /191-dwc3:16979] dwc3_gadget_giveback+0x44/0x60 [ 361.904434] [1: irq/191-dwc3:16979] dwc3_ep0_complete_data+0x1e8/0x3a0 [ 361.904442] [1: 16979] dwc3_ep0_interrupt+0x29c/0x3dc [ 361.904450] [1: irq/191-dwc3:16979] dwc3_process_event_entry+0x78/0x6cc [ 361.904457] [1: irq/191-dwc3:16979] dwc3_process_event_buf+0xa0/0x1ec [ 361.904465 ] [1: irq/191-dwc3: 16979] dwc3_thread_interrupt+0x34/0x5c" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.6", + "versionEndExcluding": "4.9.304", + "matchCriteriaId": "FA1E6BF0-F833-4FBE-8171-CC3C308EB3A0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.269", + "matchCriteriaId": "F0F577D3-EFEA-42CF-80AA-905297529D7F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.232", + "matchCriteriaId": "EF11C6DC-8B9A-4A37-B1E6-33B68F5366ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.182", + "matchCriteriaId": "EE74CED8-43BF-4060-9578-93A09735B4E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.103", + "matchCriteriaId": "1A95B717-3110-4D4F-B8FC-373919BB514D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.26", + "matchCriteriaId": "9AB342AE-A62E-4947-A6EA-511453062B2B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "5.16.12", + "matchCriteriaId": "C76BAB21-7F23-4AD8-A25F-CA7B262A2698" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/33222d1571d7ce8c1c75f6b488f38968fa93d2d9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4ce247af3f30078d5b97554f1ae6200a0222c15a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/669c2b178956718407af5631ccbc61c24413f038", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9ab652d41deab49848673c3dadb57ad338485376", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9f5d8ba538ef81cd86ea587ca3f8c77e26bea405", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9f688aadede6b862a0a898792b1a35421c93636f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/aaaba1c86d04dac8e49bf508b492f81506257da3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/da514063440b53a27309a4528b726f92c3cfe56f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-489xx/CVE-2022-48927.json b/CVE-2022/CVE-2022-489xx/CVE-2022-48927.json index 36e0143540b..86a1b412b36 100644 --- a/CVE-2022/CVE-2022-489xx/CVE-2022-48927.json +++ b/CVE-2022/CVE-2022-489xx/CVE-2022-48927.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48927", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-08-22T04:15:15.530", - "lastModified": "2024-08-22T12:48:02.790", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:05:45.170", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,89 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iio: adc: tsc2046: corrige la corrupci\u00f3n de la memoria evitando el desbordamiento de la matriz. Por un lado tenemos indio_dev->num_channels incluye todos los canales f\u00edsicos + canal de marca de tiempo. Del otro lado tenemos un array asignado s\u00f3lo para canales f\u00edsicos. Por lo tanto, corrija la corrupci\u00f3n de la memoria con ARRAY_SIZE() en lugar de la variable num_channels. Tenga en cuenta que el primer caso es una limpieza en lugar de una soluci\u00f3n, ya que el n\u00facleo IIO nunca establece el bit del canal de marca de tiempo del software en active_scanmask." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.14", + "versionEndExcluding": "5.15.26", + "matchCriteriaId": "C4549DFF-A0BC-4C08-B874-F0090921E478" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "5.16.12", + "matchCriteriaId": "C76BAB21-7F23-4AD8-A25F-CA7B262A2698" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/082d2c047b0d305bb0b6e9f9d671a09470e2db2d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0cb9b2f73c182d242a640e512f4785c7c504512f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b7a78a8adaa8849c02f174d707aead0f85dca0da", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-489xx/CVE-2022-48929.json b/CVE-2022/CVE-2022-489xx/CVE-2022-48929.json index cb7e703c5be..799fd9f07fc 100644 --- a/CVE-2022/CVE-2022-489xx/CVE-2022-48929.json +++ b/CVE-2022/CVE-2022-489xx/CVE-2022-48929.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48929", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-08-22T04:15:15.773", - "lastModified": "2024-08-22T12:48:02.790", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:00:22.653", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,89 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: bpf: Se corrigi\u00f3 el bloqueo debido al acceso fuera de los l\u00edmites a reg2btf_ids. Cuando el commit e6ac2450d6de (\"bpf: admite la funci\u00f3n del kernel que llama al programa bpf\") agreg\u00f3 soporte para kfunc, defini\u00f3 reg2btf_ids como una forma econ\u00f3mica de traducir el tipo de registro del verificador al ID de BTF btf_vmlinux apropiado; sin embargo, commit c25b2ae13603 (\"bpf: reemplace PTR_TO_XXX_OR_NULL con PTR_TO_XXX | PTR_MAYBE_NULL\") movi\u00f3 __BPF_REG_TYPE_MAX del \u00faltimo miembro de la enumeraci\u00f3n bpf_reg_type a despu\u00e9s de los tipos de registro base y defini\u00f3 otras variantes utilizando la composici\u00f3n de indicadores de tipo. Sin embargo, ahora, el uso directo de reg->type para indexar en reg2btf_ids ya no puede caer en el rango __BPF_REG_TYPE_MAX y, por lo tanto, provocar un acceso fuera de los l\u00edmites y un bloqueo del kernel al desreferenciar un puntero incorrecto." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15.15", + "versionEndExcluding": "5.15.37", + "matchCriteriaId": "BEB734DF-768A-48DC-8983-4ED1A0CA1A3D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16.1", + "versionEndExcluding": "5.16.12", + "matchCriteriaId": "4368C931-8568-4F36-A74D-8E41781257A6" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/45ce4b4f9009102cd9f581196d480a59208690c1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8c39925e98d498b9531343066ef82ae39e41adae", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f0ce1bc9e0235dd7412240be493d7ea65ed9eadc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-467xx/CVE-2023-46720.json b/CVE-2023/CVE-2023-467xx/CVE-2023-46720.json index e011b1b987c..b40abf5c0b5 100644 --- a/CVE-2023/CVE-2023-467xx/CVE-2023-46720.json +++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46720.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46720", "sourceIdentifier": "psirt@fortinet.com", "published": "2024-06-11T15:15:55.087", - "lastModified": "2024-06-13T18:36:45.417", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:42:50.907", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "psirt@fortinet.com", "type": "Secondary", @@ -41,8 +61,18 @@ }, "weaknesses": [ { - "source": "psirt@fortinet.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "psirt@fortinet.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +81,67 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.0.13", + "versionEndIncluding": "6.0.18", + "matchCriteriaId": "B338ECA4-60FD-499E-B22B-0F6D892C1896" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2.9", + "versionEndIncluding": "6.2.16", + "matchCriteriaId": "6C51858C-80AE-4826-ABB8-6A678FA2F075" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.4.6", + "versionEndIncluding": "6.4.15", + "matchCriteriaId": "E375A348-5D58-4EE0-9729-3A62BA8B7741" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndIncluding": "7.0.12", + "matchCriteriaId": "BA582D59-C740-4AE7-83CA-C09A1D0EDA88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.2.0", + "versionEndExcluding": "7.2.8", + "matchCriteriaId": "A6D2A14F-3916-45A0-AD4D-27C60E00AEC0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.4.0", + "versionEndExcluding": "7.4.3", + "matchCriteriaId": "757A5257-6103-4DC5-B79F-727E4279614A" + } + ] + } + ] + } + ], "references": [ { "url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-356", - "source": "psirt@fortinet.com" + "source": "psirt@fortinet.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-231xx/CVE-2024-23110.json b/CVE-2024/CVE-2024-231xx/CVE-2024-23110.json index bb0c0bd9647..b37699ba2d7 100644 --- a/CVE-2024/CVE-2024-231xx/CVE-2024-23110.json +++ b/CVE-2024/CVE-2024-231xx/CVE-2024-23110.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23110", "sourceIdentifier": "psirt@fortinet.com", "published": "2024-06-11T15:16:03.707", - "lastModified": "2024-06-13T18:36:45.417", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:45:28.487", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "psirt@fortinet.com", "type": "Secondary", @@ -41,8 +61,18 @@ }, "weaknesses": [ { - "source": "psirt@fortinet.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "psirt@fortinet.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +81,60 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.0.0", + "versionEndExcluding": "6.2.16", + "matchCriteriaId": "E9BCDC86-176E-401A-B188-F77E22BCFC2D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.4.0", + "versionEndExcluding": "6.4.15", + "matchCriteriaId": "4E29353F-8791-4117-BA7A-E32FAB8348A4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.14", + "matchCriteriaId": "C119229A-3805-47C1-B3F9-AF1A4007A63B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.2.0", + "versionEndExcluding": "7.2.7", + "matchCriteriaId": "553C4BA9-953B-4017-8498-785BDA7A3006" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.4.0", + "versionEndExcluding": "7.4.3", + "matchCriteriaId": "757A5257-6103-4DC5-B79F-727E4279614A" + } + ] + } + ] + } + ], "references": [ { "url": "https://fortiguard.com/psirt/FG-IR-23-460", - "source": "psirt@fortinet.com" + "source": "psirt@fortinet.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-231xx/CVE-2024-23111.json b/CVE-2024/CVE-2024-231xx/CVE-2024-23111.json index 20ee7dedd53..a899db82bc1 100644 --- a/CVE-2024/CVE-2024-231xx/CVE-2024-23111.json +++ b/CVE-2024/CVE-2024-231xx/CVE-2024-23111.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23111", "sourceIdentifier": "psirt@fortinet.com", "published": "2024-06-11T15:16:03.957", - "lastModified": "2024-08-19T06:15:05.107", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:47:13.560", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "psirt@fortinet.com", "type": "Secondary", @@ -51,10 +71,67 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.15", + "matchCriteriaId": "72ED8947-DBF3-483B-B267-117403A3D8E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.2.0", + "versionEndExcluding": "7.2.9", + "matchCriteriaId": "DF62C95E-AB35-4A8E-84F8-5197E9D33C21" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.4.0", + "versionEndExcluding": "7.4.3", + "matchCriteriaId": "4A077234-F19C-4E87-A7A5-A266B5C903C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.14", + "matchCriteriaId": "C119229A-3805-47C1-B3F9-AF1A4007A63B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.2.0", + "versionEndExcluding": "7.2.8", + "matchCriteriaId": "A6D2A14F-3916-45A0-AD4D-27C60E00AEC0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.4.0", + "versionEndExcluding": "7.4.4", + "matchCriteriaId": "1FDDB5F3-D229-4208-9110-8860A03C8B59" + } + ] + } + ] + } + ], "references": [ { "url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-471", - "source": "psirt@fortinet.com" + "source": "psirt@fortinet.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-313xx/CVE-2024-31398.json b/CVE-2024/CVE-2024-313xx/CVE-2024-31398.json index 75f4657454f..d8718f52586 100644 --- a/CVE-2024/CVE-2024-313xx/CVE-2024-31398.json +++ b/CVE-2024/CVE-2024-313xx/CVE-2024-31398.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31398", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-06-11T06:15:10.347", - "lastModified": "2024-06-11T13:54:12.057", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:29:18.453", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,75 @@ "value": "Existe un problema de inserci\u00f3n de informaci\u00f3n confidencial en los datos enviados en Cybozu Garoon 5.0.0 a 5.15.2. Si se explota esta vulnerabilidad, un usuario que pueda iniciar sesi\u00f3n en el producto puede obtener informaci\u00f3n sobre la lista de usuarios." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cybozu:garoon:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.0.0", + "versionEndIncluding": "5.15.2", + "matchCriteriaId": "1EAC3451-9DBB-4D52-9E03-CC2AE1F53513" + } + ] + } + ] + } + ], "references": [ { "url": "https://cs.cybozu.co.jp/2024/007901.html", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://jvn.jp/en/jp/JVN28869536/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-313xx/CVE-2024-31399.json b/CVE-2024/CVE-2024-313xx/CVE-2024-31399.json index 959a610c821..f9285fc5740 100644 --- a/CVE-2024/CVE-2024-313xx/CVE-2024-31399.json +++ b/CVE-2024/CVE-2024-313xx/CVE-2024-31399.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31399", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-06-11T06:15:10.490", - "lastModified": "2024-06-11T13:54:12.057", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:32:22.763", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,75 @@ "value": "Existe un consumo excesivo de recursos de la plataforma dentro de un problema de bucle en Cybozu Garoon 5.0.0 a 5.15.2. Si se aprovecha esta vulnerabilidad, el procesamiento de un correo manipulado puede provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cybozu:garoon:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.0.0", + "versionEndIncluding": "5.15.2", + "matchCriteriaId": "1EAC3451-9DBB-4D52-9E03-CC2AE1F53513" + } + ] + } + ] + } + ], "references": [ { "url": "https://cs.cybozu.co.jp/2024/007901.html", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://jvn.jp/en/jp/JVN28869536/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-314xx/CVE-2024-31402.json b/CVE-2024/CVE-2024-314xx/CVE-2024-31402.json index ce80f02adf0..dffc4e0068f 100644 --- a/CVE-2024/CVE-2024-314xx/CVE-2024-31402.json +++ b/CVE-2024/CVE-2024-314xx/CVE-2024-31402.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31402", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-06-11T06:15:10.650", - "lastModified": "2024-06-11T13:54:12.057", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:34:38.717", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,75 @@ "value": "Vulnerabilidad de autorizaci\u00f3n incorrecta en Cybozu Garoon 5.0.0 a 5.15.2 permite a un atacante autenticado remoto eliminar los datos de tareas pendientes compartidas." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cybozu:garoon:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.0.0", + "versionEndIncluding": "5.15.2", + "matchCriteriaId": "1EAC3451-9DBB-4D52-9E03-CC2AE1F53513" + } + ] + } + ] + } + ], "references": [ { "url": "https://cs.cybozu.co.jp/2024/007901.html", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://jvn.jp/en/jp/JVN28869536/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-385xx/CVE-2024-38504.json b/CVE-2024/CVE-2024-385xx/CVE-2024-38504.json index 92947b12b58..8e2eb8da315 100644 --- a/CVE-2024/CVE-2024-385xx/CVE-2024-38504.json +++ b/CVE-2024/CVE-2024-385xx/CVE-2024-38504.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38504", "sourceIdentifier": "cve@jetbrains.com", "published": "2024-06-18T11:15:51.467", - "lastModified": "2024-06-20T12:44:01.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:49:51.450", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "cve@jetbrains.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, { "source": "cve@jetbrains.com", "type": "Secondary", @@ -51,10 +81,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jetbrains:youtrack:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2024.2.34646", + "matchCriteriaId": "07483729-A274-498F-BF20-3670CD8474FF" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.jetbrains.com/privacy-security/issues-fixed/", - "source": "cve@jetbrains.com" + "source": "cve@jetbrains.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-385xx/CVE-2024-38505.json b/CVE-2024/CVE-2024-385xx/CVE-2024-38505.json index 923495e5ac1..fb7002107fe 100644 --- a/CVE-2024/CVE-2024-385xx/CVE-2024-38505.json +++ b/CVE-2024/CVE-2024-385xx/CVE-2024-38505.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38505", "sourceIdentifier": "cve@jetbrains.com", "published": "2024-06-18T11:15:51.733", - "lastModified": "2024-06-20T12:44:01.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:51:03.663", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "cve@jetbrains.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-522" + } + ] + }, { "source": "cve@jetbrains.com", "type": "Secondary", @@ -51,10 +81,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jetbrains:youtrack:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2024.2.34646", + "matchCriteriaId": "07483729-A274-498F-BF20-3670CD8474FF" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.jetbrains.com/privacy-security/issues-fixed/", - "source": "cve@jetbrains.com" + "source": "cve@jetbrains.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-385xx/CVE-2024-38506.json b/CVE-2024/CVE-2024-385xx/CVE-2024-38506.json index c5de8331fd9..86449da5d89 100644 --- a/CVE-2024/CVE-2024-385xx/CVE-2024-38506.json +++ b/CVE-2024/CVE-2024-385xx/CVE-2024-38506.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38506", "sourceIdentifier": "cve@jetbrains.com", "published": "2024-06-18T11:15:52.030", - "lastModified": "2024-06-20T12:44:01.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:52:39.013", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + }, { "source": "cve@jetbrains.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, { "source": "cve@jetbrains.com", "type": "Secondary", @@ -51,10 +81,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jetbrains:youtrack:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2024.2.34646", + "matchCriteriaId": "07483729-A274-498F-BF20-3670CD8474FF" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.jetbrains.com/privacy-security/issues-fixed/", - "source": "cve@jetbrains.com" + "source": "cve@jetbrains.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-385xx/CVE-2024-38507.json b/CVE-2024/CVE-2024-385xx/CVE-2024-38507.json index abca3dc6158..c133d817ed9 100644 --- a/CVE-2024/CVE-2024-385xx/CVE-2024-38507.json +++ b/CVE-2024/CVE-2024-385xx/CVE-2024-38507.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38507", "sourceIdentifier": "cve@jetbrains.com", "published": "2024-06-18T11:15:52.267", - "lastModified": "2024-06-20T12:44:01.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:53:32.417", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "cve@jetbrains.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "cve@jetbrains.com", "type": "Secondary", @@ -51,10 +81,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jetbrains:hub:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2024.2.34646", + "matchCriteriaId": "F929A37D-0090-4379-887B-D50512F74646" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.jetbrains.com/privacy-security/issues-fixed/", - "source": "cve@jetbrains.com" + "source": "cve@jetbrains.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-414xx/CVE-2024-41437.json b/CVE-2024/CVE-2024-414xx/CVE-2024-41437.json index 3f429b27f73..91c34c25eda 100644 --- a/CVE-2024/CVE-2024-414xx/CVE-2024-41437.json +++ b/CVE-2024/CVE-2024-414xx/CVE-2024-41437.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41437", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-30T19:15:10.933", - "lastModified": "2024-07-31T12:57:02.300", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-23T02:07:29.513", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,99 @@ "value": "Un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico en la funci\u00f3n cp_unfilter() (/vendor/cute_png.h) de hicolor v0.5.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un archivo PNG manipulado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dbohdan:hicolor:0.5.0:*:*:*:*:*:*:*", + "matchCriteriaId": "A3FC4704-4051-4523-B2E5-6AA587F562BD" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/heapof-r1-cp_unfilter-cute_png-1019c11/poc/sample6.png", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/heapof-r1-cp_unfilter-cute_png-1019c11/vulDescription.assets/image-20240530183857985.png", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/heapof-r1-cp_unfilter-cute_png-1019c11/vulDescription.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/Helson-S/FuzzyTesting/tree/master/hicolor/heapof-r1-cp_unfilter-cute_png-1019c11", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/Helson-S/FuzzyTesting/tree/master/hicolor/heapof-r1-cp_unfilter-cute_png-1019c11/poc", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-414xx/CVE-2024-41439.json b/CVE-2024/CVE-2024-414xx/CVE-2024-41439.json index 25c962e258a..a8985e03618 100644 --- a/CVE-2024/CVE-2024-414xx/CVE-2024-41439.json +++ b/CVE-2024/CVE-2024-414xx/CVE-2024-41439.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41439", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-30T19:15:11.123", - "lastModified": "2024-07-31T12:57:02.300", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-23T02:06:11.380", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,107 @@ "value": " Un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico en la funci\u00f3n cp_block() (/vendor/cute_png.h) de hicolor v0.5.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un archivo PNG manipulado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dbohdan:hicolor:0.5.0:*:*:*:*:*:*:*", + "matchCriteriaId": "A3FC4704-4051-4523-B2E5-6AA587F562BD" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/heapof-w98-cp_block-5c0-cute_png-642c5", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/heapof-w98-cp_block-5c0-cute_png-642c5/poc", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/heapof-w98-cp_block-5c0-cute_png-642c5/poc/sample13.png", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/heapof-w98-cp_block-5c0-cute_png-642c5/vulDescription.assets/image-20240530192505615.png", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/heapof-w98-cp_block-5c0-cute_png-642c5/vulDescription.assets/image-20240531002753478.png", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/heapof-w98-cp_block-5c0-cute_png-642c5/vulDescription.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-434xx/CVE-2024-43477.json b/CVE-2024/CVE-2024-434xx/CVE-2024-43477.json new file mode 100644 index 00000000000..e8a12032e43 --- /dev/null +++ b/CVE-2024/CVE-2024-434xx/CVE-2024-43477.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2024-43477", + "sourceIdentifier": "secure@microsoft.com", + "published": "2024-08-23T02:15:07.440", + "lastModified": "2024-08-23T02:15:07.440", + "vulnStatus": "Received", + "cveTags": [ + { + "sourceIdentifier": "secure@microsoft.com", + "tags": [ + "exclusively-hosted-service" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "Improper access control in Decentralized Identity Services allows an unathenticated attacker to disable Verifiable ID's on another tenant." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43477", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-61xx/CVE-2024-6111.json b/CVE-2024/CVE-2024-61xx/CVE-2024-6111.json index f4b103abd02..2de71629a70 100644 --- a/CVE-2024/CVE-2024-61xx/CVE-2024-6111.json +++ b/CVE-2024/CVE-2024-61xx/CVE-2024-6111.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6111", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-18T13:15:52.193", - "lastModified": "2024-06-20T12:44:01.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:24:17.607", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:janobe:pool_of_bethesda_online_reservation_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "9DE894B7-EE1B-4ABB-8881-CF3BA3911206" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/wangyuan-ui/CVE/issues/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.268857", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.268857", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.358988", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-61xx/CVE-2024-6112.json b/CVE-2024/CVE-2024-61xx/CVE-2024-6112.json index 44b58309330..43e54f85e8f 100644 --- a/CVE-2024/CVE-2024-61xx/CVE-2024-6112.json +++ b/CVE-2024/CVE-2024-61xx/CVE-2024-6112.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6112", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-18T13:15:52.550", - "lastModified": "2024-06-20T12:44:01.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:21:49.173", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:janobe:pool_of_bethesda_online_reservation_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "9DE894B7-EE1B-4ABB-8881-CF3BA3911206" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/wangyuan-ui/CVE/issues/2", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.268858", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.268858", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.358990", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-61xx/CVE-2024-6115.json b/CVE-2024/CVE-2024-61xx/CVE-2024-6115.json index c1e240f3e28..722a16dca1f 100644 --- a/CVE-2024/CVE-2024-61xx/CVE-2024-6115.json +++ b/CVE-2024/CVE-2024-61xx/CVE-2024-6115.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6115", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-18T13:15:53.267", - "lastModified": "2024-06-25T18:15:11.857", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:20:09.017", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:clivedelacruz:simple_online_hotel_reservation_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BEE3B1B1-BA46-42EB-BF9A-B1A7D52EF741" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/wangyuan-ui/CVE/issues/5", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.268867", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.268867", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.358996", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-61xx/CVE-2024-6116.json b/CVE-2024/CVE-2024-61xx/CVE-2024-6116.json index 1e67e14660f..b01b3ce4ee1 100644 --- a/CVE-2024/CVE-2024-61xx/CVE-2024-6116.json +++ b/CVE-2024/CVE-2024-61xx/CVE-2024-6116.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6116", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-18T14:15:12.440", - "lastModified": "2024-06-20T12:44:01.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:19:51.723", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:clivedelacruz:simple_online_hotel_reservation_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BEE3B1B1-BA46-42EB-BF9A-B1A7D52EF741" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/wangyuan-ui/CVE/issues/6", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.268868", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.268868", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.359002", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6212.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6212.json index e0a69c883ba..ddb5fe3f5dd 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6212.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6212.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6212", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-21T00:15:10.080", - "lastModified": "2024-06-21T15:15:16.313", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:16:46.820", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oretnom23:simple_student_attendance_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0907D49A-D649-42A3-BE96-A1EB234C6859" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.google.com/document/d/1tl9-EAxUR64Og9zS-nyUx3YtG1V32Monkvq-h39tjpw/edit?usp=sharing", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.269276", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.269276", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.359229", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6213.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6213.json index c15f360e42a..1ff514b3f29 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6213.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6213.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6213", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-21T01:16:02.880", - "lastModified": "2024-06-21T11:22:01.687", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:14:56.413", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oretnom23:food_ordering_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0C23C3FE-AF1E-4806-8E1D-010C47C3F72C" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/jadu101/CVE/blob/main/SourceCodester_Food_Ordering_Management_System_Sqli.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.269277", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.269277", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.359574", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6214.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6214.json index d545499b0d6..787ea6a2f01 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6214.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6214.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6214", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-21T01:16:04.743", - "lastModified": "2024-06-21T15:15:16.430", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:14:34.340", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oretnom23:food_ordering_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0C23C3FE-AF1E-4806-8E1D-010C47C3F72C" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/jadu101/CVE/blob/main/SourceCoderster_Food_Ordering_Management_System_add_item_Sqli.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.269278", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.269278", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.359582", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6215.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6215.json index 7c571ddb16a..f1961e04d30 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6215.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6215.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6215", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-21T02:15:11.877", - "lastModified": "2024-06-21T11:22:01.687", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:14:03.990", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oretnom23:food_ordering_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0C23C3FE-AF1E-4806-8E1D-010C47C3F72C" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/jadu101/CVE/blob/main/SourceCodester_Food_Ordering_Management_System_view_ticket_admin_Sqli.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.269279", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.269279", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.359595", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6216.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6216.json index 73e5dd51e0f..7d80e4ca3ae 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6216.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6216.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6216", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-21T02:15:12.173", - "lastModified": "2024-06-24T20:15:11.177", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:22:23.120", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oretnom23:food_ordering_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0C23C3FE-AF1E-4806-8E1D-010C47C3F72C" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/jadu101/CVE/blob/main/SourceCodester_Food_Ordering_Management_System_add_users_Sqli.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.269280", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.269280", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.359634", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6217.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6217.json index 794a13ee193..df84df29794 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6217.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6217.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6217", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-21T02:15:12.673", - "lastModified": "2024-06-21T11:22:01.687", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-23T02:22:56.160", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oretnom23:food_ordering_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0C23C3FE-AF1E-4806-8E1D-010C47C3F72C" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/jadu101/CVE/blob/main/SourceCodester_Food_Ordering_Management_System_user_router_Sqli.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.269281", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.269281", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.359644", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-71xx/CVE-2024-7178.json b/CVE-2024/CVE-2024-71xx/CVE-2024-7178.json index 81603b081f5..59467e56b01 100644 --- a/CVE-2024/CVE-2024-71xx/CVE-2024-7178.json +++ b/CVE-2024/CVE-2024-71xx/CVE-2024-7178.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7178", "sourceIdentifier": "cna@vuldb.com", "published": "2024-07-29T03:15:02.417", - "lastModified": "2024-07-29T14:12:08.783", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-23T02:55:43.233", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,64 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:totolink:a3600r_firmware:4.1.2cu.5182_b20201102:*:*:*:*:*:*:*", + "matchCriteriaId": "03658809-4127-4409-AD55-0700186EAFBD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:totolink:a3600r:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F10B282D-E388-4A52-B7F8-D08C83CF0D62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3600R/setMacQos.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.272599", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.272599", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.378045", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-75xx/CVE-2024-7559.json b/CVE-2024/CVE-2024-75xx/CVE-2024-7559.json new file mode 100644 index 00000000000..53f902ee83d --- /dev/null +++ b/CVE-2024/CVE-2024-75xx/CVE-2024-7559.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-7559", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-08-23T03:15:04.060", + "lastModified": "2024-08-23T03:15:04.060", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The File Manager Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and capability checks in the mk_file_folder_manager AJAX action in all versions up to, and including, 8.3.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://filemanagerpro.io/file-manager-pro/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f4b45791-4b85-4a2d-8019-1d438bd694cb?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 4b514668966..6e863edc30f 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-08-23T02:00:17.756271+00:00 +2024-08-23T04:00:17.693749+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-08-23T01:58:43.270000+00:00 +2024-08-23T03:15:04.060000+00:00 ``` ### Last Data Feed Release @@ -33,26 +33,46 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -260993 +260995 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `2` -- [CVE-2024-8089](CVE-2024/CVE-2024-80xx/CVE-2024-8089.json) (`2024-08-23T00:15:08.907`) +- [CVE-2024-43477](CVE-2024/CVE-2024-434xx/CVE-2024-43477.json) (`2024-08-23T02:15:07.440`) +- [CVE-2024-7559](CVE-2024/CVE-2024-75xx/CVE-2024-7559.json) (`2024-08-23T03:15:04.060`) ### CVEs modified in the last Commit -Recently modified CVEs: `6` +Recently modified CVEs: `27` -- [CVE-2022-48928](CVE-2022/CVE-2022-489xx/CVE-2022-48928.json) (`2024-08-23T01:58:43.270`) -- [CVE-2022-48930](CVE-2022/CVE-2022-489xx/CVE-2022-48930.json) (`2024-08-23T01:51:30.227`) -- [CVE-2022-48931](CVE-2022/CVE-2022-489xx/CVE-2022-48931.json) (`2024-08-23T01:54:11.640`) -- [CVE-2022-48932](CVE-2022/CVE-2022-489xx/CVE-2022-48932.json) (`2024-08-23T01:48:35.663`) -- [CVE-2022-48933](CVE-2022/CVE-2022-489xx/CVE-2022-48933.json) (`2024-08-23T01:50:09.313`) -- [CVE-2022-48935](CVE-2022/CVE-2022-489xx/CVE-2022-48935.json) (`2024-08-23T01:45:31.280`) +- [CVE-2022-48927](CVE-2022/CVE-2022-489xx/CVE-2022-48927.json) (`2024-08-23T02:05:45.170`) +- [CVE-2022-48929](CVE-2022/CVE-2022-489xx/CVE-2022-48929.json) (`2024-08-23T02:00:22.653`) +- [CVE-2023-46720](CVE-2023/CVE-2023-467xx/CVE-2023-46720.json) (`2024-08-23T02:42:50.907`) +- [CVE-2024-23110](CVE-2024/CVE-2024-231xx/CVE-2024-23110.json) (`2024-08-23T02:45:28.487`) +- [CVE-2024-23111](CVE-2024/CVE-2024-231xx/CVE-2024-23111.json) (`2024-08-23T02:47:13.560`) +- [CVE-2024-31398](CVE-2024/CVE-2024-313xx/CVE-2024-31398.json) (`2024-08-23T02:29:18.453`) +- [CVE-2024-31399](CVE-2024/CVE-2024-313xx/CVE-2024-31399.json) (`2024-08-23T02:32:22.763`) +- [CVE-2024-31402](CVE-2024/CVE-2024-314xx/CVE-2024-31402.json) (`2024-08-23T02:34:38.717`) +- [CVE-2024-38504](CVE-2024/CVE-2024-385xx/CVE-2024-38504.json) (`2024-08-23T02:49:51.450`) +- [CVE-2024-38505](CVE-2024/CVE-2024-385xx/CVE-2024-38505.json) (`2024-08-23T02:51:03.663`) +- [CVE-2024-38506](CVE-2024/CVE-2024-385xx/CVE-2024-38506.json) (`2024-08-23T02:52:39.013`) +- [CVE-2024-38507](CVE-2024/CVE-2024-385xx/CVE-2024-38507.json) (`2024-08-23T02:53:32.417`) +- [CVE-2024-41437](CVE-2024/CVE-2024-414xx/CVE-2024-41437.json) (`2024-08-23T02:07:29.513`) +- [CVE-2024-41439](CVE-2024/CVE-2024-414xx/CVE-2024-41439.json) (`2024-08-23T02:06:11.380`) +- [CVE-2024-6111](CVE-2024/CVE-2024-61xx/CVE-2024-6111.json) (`2024-08-23T02:24:17.607`) +- [CVE-2024-6112](CVE-2024/CVE-2024-61xx/CVE-2024-6112.json) (`2024-08-23T02:21:49.173`) +- [CVE-2024-6115](CVE-2024/CVE-2024-61xx/CVE-2024-6115.json) (`2024-08-23T02:20:09.017`) +- [CVE-2024-6116](CVE-2024/CVE-2024-61xx/CVE-2024-6116.json) (`2024-08-23T02:19:51.723`) +- [CVE-2024-6212](CVE-2024/CVE-2024-62xx/CVE-2024-6212.json) (`2024-08-23T02:16:46.820`) +- [CVE-2024-6213](CVE-2024/CVE-2024-62xx/CVE-2024-6213.json) (`2024-08-23T02:14:56.413`) +- [CVE-2024-6214](CVE-2024/CVE-2024-62xx/CVE-2024-6214.json) (`2024-08-23T02:14:34.340`) +- [CVE-2024-6215](CVE-2024/CVE-2024-62xx/CVE-2024-6215.json) (`2024-08-23T02:14:03.990`) +- [CVE-2024-6216](CVE-2024/CVE-2024-62xx/CVE-2024-6216.json) (`2024-08-23T02:22:23.120`) +- [CVE-2024-6217](CVE-2024/CVE-2024-62xx/CVE-2024-6217.json) (`2024-08-23T02:22:56.160`) +- [CVE-2024-7178](CVE-2024/CVE-2024-71xx/CVE-2024-7178.json) (`2024-08-23T02:55:43.233`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 3f16c1d329a..e081e6837e3 100644 --- a/_state.csv +++ b/_state.csv @@ -212436,18 +212436,18 @@ CVE-2022-48921,0,0,565ba181b0f1f2dfc9fe72312b91e9931d175894bd53f2b2a8229bd70f9ca CVE-2022-48922,0,0,485fd7b1352c6198add8f08095b571046478ed9662200df59a8f5eef93ca9987,2024-08-22T12:48:02.790000 CVE-2022-48923,0,0,7c871d7f7fad4b7b8cc0fef537eadf3094068942b00174225e14cad2e67b8948,2024-08-22T12:48:02.790000 CVE-2022-48924,0,0,e0bfb77d6c7b779c400d1b544938bf3cb6f80aae09edffc19024f5e7977cec33,2024-08-22T12:48:02.790000 -CVE-2022-48925,0,0,ff5926614a83baf0935fe0e95a03c9378350f3a649913fba8b288632dbffad29,2024-08-22T12:48:02.790000 -CVE-2022-48926,0,0,96fecd682b27cf2de3915a440e56df1865f27383d104b4ed458351fa9431ab6b,2024-08-22T12:48:02.790000 -CVE-2022-48927,0,0,a44e4b6ae745d40a786daa9c270c73173da73b553dac3a7d44f4764c34800a42,2024-08-22T12:48:02.790000 -CVE-2022-48928,0,1,cf82d2318ebf60dd17b10fc8e73dee5b3e1df59f5630104c07e23537fb817d1d,2024-08-23T01:58:43.270000 -CVE-2022-48929,0,0,f4cda031ac7c4aa132b3cf10147d34cbd29cdba8e6462b4c07fea2241e6f5ce7,2024-08-22T12:48:02.790000 +CVE-2022-48925,0,1,12c2847f9c2abd72fae449a80a3efdbc821679cca9a301519e7e3dab31ee93f8,2024-08-23T02:07:41.047000 +CVE-2022-48926,0,1,7c14eba9301c644179737e4ff06c47dd3ab70d7b7dc5b7cdc8ddbc7cbe0a8516,2024-08-23T02:05:14.960000 +CVE-2022-48927,0,1,47e842d42ecdc6f5e3e98c1aff8de17fbd61e972b7162f3074a8851d06b3bf55,2024-08-23T02:05:45.170000 +CVE-2022-48928,0,0,cf82d2318ebf60dd17b10fc8e73dee5b3e1df59f5630104c07e23537fb817d1d,2024-08-23T01:58:43.270000 +CVE-2022-48929,0,1,97a5c71b8188eb5cfea59d0bac07ab4572261063e827888831f2046ac4eb2767,2024-08-23T02:00:22.653000 CVE-2022-4893,0,0,e5120248272b3a04098ac5e53563854b20f8eec46dd8a336f605680da692549d,2023-11-07T03:59:15.230000 -CVE-2022-48930,0,1,0d8d1b52e4272ce19f68ae15f3df510be4587d8d1e9d8ea6eb15cc4100dd5d03,2024-08-23T01:51:30.227000 -CVE-2022-48931,0,1,03d430707b8e61189e16796d1dc7e95770c48fe272ba6c154dcc06164bc4ff14,2024-08-23T01:54:11.640000 -CVE-2022-48932,0,1,827a73f8f8e4e42d3c001e9e0940fd88c4ea31c4830d11930163e773566d86a6,2024-08-23T01:48:35.663000 -CVE-2022-48933,0,1,b006add90d90a7908ac31a96e3814a6ab2b6644466aadebc7bb2d78f8d5f146e,2024-08-23T01:50:09.313000 +CVE-2022-48930,0,0,0d8d1b52e4272ce19f68ae15f3df510be4587d8d1e9d8ea6eb15cc4100dd5d03,2024-08-23T01:51:30.227000 +CVE-2022-48931,0,0,03d430707b8e61189e16796d1dc7e95770c48fe272ba6c154dcc06164bc4ff14,2024-08-23T01:54:11.640000 +CVE-2022-48932,0,0,827a73f8f8e4e42d3c001e9e0940fd88c4ea31c4830d11930163e773566d86a6,2024-08-23T01:48:35.663000 +CVE-2022-48933,0,0,b006add90d90a7908ac31a96e3814a6ab2b6644466aadebc7bb2d78f8d5f146e,2024-08-23T01:50:09.313000 CVE-2022-48934,0,0,5b4d3e9f36a52ea0bbbb4966ebd00c594a823cadc603a7281937d3623cfb89c3,2024-08-22T20:33:29.860000 -CVE-2022-48935,0,1,b0558ba7333ba5b6f11a266cc14a6047809664d823e0a328d44fb10a334549ef,2024-08-23T01:45:31.280000 +CVE-2022-48935,0,0,b0558ba7333ba5b6f11a266cc14a6047809664d823e0a328d44fb10a334549ef,2024-08-23T01:45:31.280000 CVE-2022-48936,0,0,36ac70219cd8aef6a8970544481442eac16b9c0cd068921aa64078a27ffc7215,2024-08-22T19:03:59.643000 CVE-2022-48937,0,0,5acf0c5064ef79bcf25c1dae2675f0433d0999928e6f36ce64d5e6c9907aa5b9,2024-08-22T19:07:28.567000 CVE-2022-48938,0,0,eff2e9fbfc7aa611d20c84d8b3736eb4c859583a2ca7af1dd4c15351c5551139,2024-08-22T18:49:20.320000 @@ -234869,7 +234869,7 @@ CVE-2023-46713,0,0,4d1982060b9af1f91354c1a5dd3a3e3755258b8cb12afb63716b7a7248b3e CVE-2023-46714,0,0,f2e3a03531ad670c7899921964c9badd5e178742d870a03e1f9bdc1e680d8ef6,2024-05-23T16:03:21.917000 CVE-2023-46717,0,0,f83ee8e8fbd87d721d48a998691fe59888ad1ea77e6c5fdeddd19d5140658bce,2024-03-21T21:04:18.200000 CVE-2023-4672,0,0,ddb0f4a6e4ac58168ae9aac5deedd33751873d5b6960fe01bd27009046797b92,2024-01-04T20:09:31.050000 -CVE-2023-46720,0,0,46136811941fba25d5f3efa15cc7455406c6edb141f0b1eff261d3f4d2b53358,2024-06-13T18:36:45.417000 +CVE-2023-46720,0,1,b47774d5b1d2bce0ebfba99e5afc027d7cfb99ff22e5d027acbd6ccb167c2e58,2024-08-23T02:42:50.907000 CVE-2023-46722,0,0,48880bc670148614ab1811c04bcd49a8de25d53a450dd4d3d3c053cfe1278da4,2023-11-08T17:53:25.937000 CVE-2023-46723,0,0,799bcde61e70afee56af9fa6068820bd59631824ecd18b71c057987351698f96,2023-11-08T17:54:38.240000 CVE-2023-46724,0,0,c38c150cd81ad63df0c0ef8ce1d28bb3e9c4c4e289730b3e4a76abf7e2c273c2,2023-12-29T03:15:10.793000 @@ -244914,8 +244914,8 @@ CVE-2024-23107,0,0,d6937b9348182dfe97924e1cecfe2c6687d7424fe7d5ddbdbf511e3c22e50 CVE-2024-23108,0,0,a64833df07838c50bbfa8d8257b543a8708fc68f79a20e8766b85152b86a9490,2024-02-07T15:02:00.203000 CVE-2024-23109,0,0,ed437fa8fa255a648e5e5b42c3fc0ae6e3f80641b17f36309ca679fec69371cd,2024-02-07T15:04:28.237000 CVE-2024-2311,0,0,4aac7ca25d4746b431ed7ccd5e7d3d99df50290a301a85fe7466f2339700b152,2024-04-10T13:23:38.787000 -CVE-2024-23110,0,0,da98316deb5bb2042fb6d14e0b988f045cae18b061630af103b38529573ce45a,2024-06-13T18:36:45.417000 -CVE-2024-23111,0,0,763b01da7a9d1374c69bd63d4cdb7f56bebcac434fc8e9c4b3c4befae6a57984,2024-08-19T06:15:05.107000 +CVE-2024-23110,0,1,1ac4a7144e9209f9a89949f05fe1e7cc8c377744b32bfb607f177f1a970f34e1,2024-08-23T02:45:28.487000 +CVE-2024-23111,0,1,752974f238ed1f3e5e428baa91d031d0aceea7be33f8a58b9a2a43bae855557c,2024-08-23T02:47:13.560000 CVE-2024-23112,0,0,95e5175d7388e29c67df9af8c672941dd9e221ee4e0a1ee87f756c639ee8dad2,2024-03-15T14:51:58.497000 CVE-2024-23113,0,0,a86bcac9b7145820c2db580ab2ab4b188eadec5244c508e4a8d29ba1588a2fac,2024-02-22T15:33:00.970000 CVE-2024-23114,0,0,03e50e602026c87049fc39891badf0add6dff4aacb97347ed09b1b72c8d9744c,2024-02-20T19:50:53.960000 @@ -250833,12 +250833,12 @@ CVE-2024-31394,0,0,057a59cfe49b19144d2e3f8a03ac1db28c62eb3e70e92a240bc4577876d0a CVE-2024-31395,0,0,84ffe8279d5fc146d1e75e38d339843647ddbe44b201c68383044efb99b4ee60,2024-05-22T12:46:53.887000 CVE-2024-31396,0,0,3459f305b0a80cfe56958d75d2dbcac63c337a642c0a699b6a99c0cfafa2b0c8,2024-08-01T13:50:53.827000 CVE-2024-31397,0,0,84e5539fe288f7e4c3b9dc6907e828a79fd1c0ce0682e8ac0d31f1740d4dafd1,2024-07-03T01:54:48.070000 -CVE-2024-31398,0,0,b156fde340b89da93d374e79e7b71d01ab113051610ab9c2e057464460bfda6f,2024-06-11T13:54:12.057000 -CVE-2024-31399,0,0,1680f486e96a14043d1a63525cc1c03f62df58c7382b5ac587fb5d91e25f5f35,2024-06-11T13:54:12.057000 +CVE-2024-31398,0,1,9f26a8966841c1dd476fe71aad3f95e154dd42eb5a5c4250c23c422aac667aac,2024-08-23T02:29:18.453000 +CVE-2024-31399,0,1,d93b79c75bb57a6c7cbdbdec9f87597f88d10d47297f940463b57571514369ef,2024-08-23T02:32:22.763000 CVE-2024-3140,0,0,3b07d88e811fbb6101b4b543fa29cffe2172624cae4f66958da0e9316d4402b2,2024-05-17T02:39:44.507000 CVE-2024-31400,0,0,16835a1229db28588e0299986d00c2d0205f15046dbde55dff10b6a14c5f2ec4,2024-06-11T13:54:12.057000 CVE-2024-31401,0,0,b1f392d5797fcb52bdd41fd8d97bc9543b30afce53bb15f494cac005207df95c,2024-07-03T01:54:49.037000 -CVE-2024-31402,0,0,b572f3138a07f845b5fc01289b1bb6f046cd728fc0a5302ada10e7410f587825,2024-06-11T13:54:12.057000 +CVE-2024-31402,0,1,c29db4a048ec9774ef548a289fc2a98cd30777530f3e94468f19f6b59c56b82a,2024-08-23T02:34:38.717000 CVE-2024-31403,0,0,0224148112c12b7ed3a671555d8cb853847c387c0a01fd25254394bf7f9de8b8,2024-07-03T01:54:49.817000 CVE-2024-31404,0,0,4256fd8adbfc33fbeafded726cd549f291f03694e3ecf73a230c9ad3cdb8eef9,2024-06-11T13:54:12.057000 CVE-2024-31406,0,0,50456975bcaa7f8217ed5d32434dc8fe15a49c6e53ad431c822a1405fa86be01,2024-07-08T14:18:24.767000 @@ -255575,10 +255575,10 @@ CVE-2024-3850,0,0,2382357c8e4d6adda4f3540070cc5ea125c45aed93070563af82a0d6269556 CVE-2024-38501,0,0,107ba9da0def272edbee92f63403371ae902a6026765264509f3ddd58bca6605,2024-08-22T13:34:42.653000 CVE-2024-38502,0,0,b5bdc3f7b1bc56d47ac5d1146c261af04f17a5df43c92f8f1ba3633b24999ec3,2024-08-22T13:35:47.970000 CVE-2024-38503,0,0,57a42403e1de4dcbf683abc4eaadb7a1ac23c4ac22608d1c4298e8a1a0c607e4,2024-07-22T14:15:05.780000 -CVE-2024-38504,0,0,4c5e9d4e31ce363d990483052f136d892b9e9d476c16b9ba9ffe4f7ab7d68bdb,2024-06-20T12:44:01.637000 -CVE-2024-38505,0,0,b17f43381c815e52625008a26f98d511f617e1d606d0689fa471d4457a2ae811,2024-06-20T12:44:01.637000 -CVE-2024-38506,0,0,6799a88956d863931c42e9aeb0cb9941c5b7b49325fca0458fb0a8b8252d7e5a,2024-06-20T12:44:01.637000 -CVE-2024-38507,0,0,c3b5b994c8d108d133a9f6600c980364d8b83f9963a5e8ed82bd4640706691c5,2024-06-20T12:44:01.637000 +CVE-2024-38504,0,1,bdcaf5074354faf0cdfff183ef409e2ea10b03e0260d7e3d48701d88660181c6,2024-08-23T02:49:51.450000 +CVE-2024-38505,0,1,32ccdd92e433f3db8ed7bb675bb92e4152d96b3c6994f28b5055afef76402fb9,2024-08-23T02:51:03.663000 +CVE-2024-38506,0,1,12b82ad8cd179e1fb82826519690b684292f639073a92190db19fb8cdd1d4cc4,2024-08-23T02:52:39.013000 +CVE-2024-38507,0,1,f844f6ff2333273715bd3a85fdbd6f1f4df30d74acb0dc0008f15b9abcdb39cc,2024-08-23T02:53:32.417000 CVE-2024-38508,0,0,b55da0d5b22cfe80a20c56246e3dde244a996bc022e93d56134df0b22ec06ac4,2024-07-29T14:12:08.783000 CVE-2024-38509,0,0,83b96c630c78e968d359efe7db7cb60c248e87070e0f3b151a49d364b7ad17cc,2024-07-29T14:12:08.783000 CVE-2024-3851,0,0,7187c9061cc0262edad622ff69fee4bec57217bd837e5e893e6bd94c3506a5fb,2024-05-16T13:03:05.353000 @@ -257125,9 +257125,9 @@ CVE-2024-4141,0,0,6345d107b3806446cb477db17841c2bd741df862ff110a2cbbd3d3a9945eb2 CVE-2024-4142,0,0,15f953d52654601c03ad89c9ea21867b549a2aa12635e109fbf9627466e8a212,2024-05-02T13:27:25.103000 CVE-2024-4143,0,0,3e703fdfd0a07e589cb7985eb968c1c228e0bf41a25245c7c0c730d1481e87d2,2024-08-01T13:59:25.697000 CVE-2024-41432,0,0,8f4c9c137a73ce4492827c5d064849c429a9c8bcf4d56d4aa0a1d934e4b0578d,2024-08-08T15:02:52.647000 -CVE-2024-41437,0,0,7fc5e56a66787afbd1d8dca689f9c7d444aafcd507f4e7d126f6bc864bf56744,2024-07-31T12:57:02.300000 +CVE-2024-41437,0,1,fef9bc933390244a77d828781007c83a4899c964ddf0b6340d9dcc001af583ec,2024-08-23T02:07:29.513000 CVE-2024-41438,0,0,996a6cc02fa9447bba099c45bfb4b15a572a20ecb18cd6121c0e71f3f9fd5f1a,2024-08-01T13:58:40.670000 -CVE-2024-41439,0,0,e299e8c60711eb1ab32b8e6a7b9502e5dfd55efa249807013c738c43b8c98a27,2024-07-31T12:57:02.300000 +CVE-2024-41439,0,1,7b3c1664f9930e6509340f8cc42233a6bb9a46e8c57c131a2fcdb17cb5a1f1dc,2024-08-23T02:06:11.380000 CVE-2024-4144,0,0,f950a1b03316faa802a71776ce4e62cc15162cc9cec7d4c30c76255605b1c1fc,2024-05-14T19:17:55.627000 CVE-2024-41440,0,0,0bba27cb4081a14b1798eb2cddc147a76c07aeb5aeb07d5a7917e7317d9973b7,2024-08-01T13:58:41.773000 CVE-2024-41443,0,0,1be6f511e21ef9a107685136f15f3c2750b611a333337ffc199f4824cee060ab,2024-07-31T12:57:02.300000 @@ -258179,6 +258179,7 @@ CVE-2024-4345,0,0,991a52fb88968c952c460a76f59f283c0ad80fedc25d9533338fbc3b0d515f CVE-2024-4346,0,0,9d7617b39f85e35f3b425bc36c01c8cc51c24d84e65ff0d34bf4ea7488f000ec,2024-05-07T13:39:32.710000 CVE-2024-4347,0,0,f9a9185c34e13435315e8c5679dcdbef88eacdd68a031d012b94daf573ce3f3f,2024-05-24T01:15:30.977000 CVE-2024-43472,0,0,5e8b1f10b1ac66b87fc99a4bc40fd92adf2d19366f98cc60bf0ef2a8a8249713,2024-08-19T13:00:23.117000 +CVE-2024-43477,1,1,5faec321d3dfdc0711212e1dfae5e8677fffe678709ee6cd6e6bc5eb2e240d66,2024-08-23T02:15:07.440000 CVE-2024-4348,0,0,6e86bc5560fea8dde0d2ebca4133582cb5d1167a5aec18ad6c6b9b23741c69df,2024-06-04T19:20:36.223000 CVE-2024-4349,0,0,a8b03025f36b8713c52951e7ebcf312d165d904bb8cd188665520ff04ec5e58b,2024-06-04T19:20:36.340000 CVE-2024-4350,0,0,1a6f5a846c08d92d747bb60db8b475cd9e2a367d1319390edc34eccdbc5075d5,2024-08-19T21:15:10.053000 @@ -259760,12 +259761,12 @@ CVE-2024-6104,0,0,108534f982ecedc8e18a75e604642b0e40fef80fdd2c5d6c473bb0683c3035 CVE-2024-6108,0,0,8dcf8c978ffd08a68470779b67afcba2ef4b72c9a7a6acbd6d0451b159e2f4f9,2024-06-25T18:15:11.730000 CVE-2024-6109,0,0,bb0e3455a169d6bebc9d8b88e9df5fdfc40e2e3982d9fbc581f71bdf8363e7cb,2024-06-20T12:44:01.637000 CVE-2024-6110,0,0,b63b3d86bda62f504e857148e856fae2084982d1fba5e9f950f2c7804e723853,2024-08-08T16:12:55.633000 -CVE-2024-6111,0,0,98763a9958bd86a666bf14e0feaaf6fc585400a69f10e2d292b840aca2e315e8,2024-06-20T12:44:01.637000 -CVE-2024-6112,0,0,b1e6c0864e0ebee4a0a8c4638d7eeba1ec17f68eaa1c8ef1caada2a1fabb05a0,2024-06-20T12:44:01.637000 +CVE-2024-6111,0,1,0f5dcaf3bb90cd2b4a56b273b49e8495a655ec2b0e964da5b85ab541216d1365,2024-08-23T02:24:17.607000 +CVE-2024-6112,0,1,2f1dc59ba703cae38b91f780aba33aeeba31c527cd98a9cab51e900a1c049136,2024-08-23T02:21:49.173000 CVE-2024-6113,0,0,0258a013a0633b4223d3b34fa713df1179bb149b5036cecf3e425f58a1718b67,2024-08-19T15:24:11.240000 CVE-2024-6114,0,0,1d496eb490a052b12517f100a93bb767cf2cf15a2c008e0693dc387c679adba3,2024-06-20T12:44:01.637000 -CVE-2024-6115,0,0,b78a8bc77e5cbf73cf04c74141f6177c3ffa0587a4a1d2d98ad3bfe6bcce3476,2024-06-25T18:15:11.857000 -CVE-2024-6116,0,0,a6d83e3fcdc09a0a6cf307cbc9b62cfd655f854315f6260ca3a48d86acd6c58e,2024-06-20T12:44:01.637000 +CVE-2024-6115,0,1,15dd6157449ec10d31fd4366fb8ca14f8fe35af7e4b7d4c1bf3f3f7159a1a698,2024-08-23T02:20:09.017000 +CVE-2024-6116,0,1,f2ada37f40e94dafdc5d43df86df5904a49741c82bcc90227e41dbb655a1d08c,2024-08-23T02:19:51.723000 CVE-2024-6117,0,0,945b820f6f991f5a73623e522c44ca579eef282abb0425df98e1503fa24d0166,2024-08-05T12:41:45.957000 CVE-2024-6118,0,0,f3ae8e44c8d6ad2d05743a03f110c1037996a141d851edbbf3b28f2880774027,2024-08-05T12:41:45.957000 CVE-2024-6120,0,0,887a4e2aeba7d554804c74306237ee98da6982710d9ab44cbcf47e59767187c6,2024-06-24T20:03:04.363000 @@ -259845,12 +259846,12 @@ CVE-2024-6206,0,0,6f603126f815a80c6debdb2c8fc884bf16912b4470febb5eed843e2704856d CVE-2024-6208,0,0,b702d385d6dc69624ae253d69a727703b76fa8f218fc0fa3e0a52d494810eb10,2024-08-01T12:42:36.933000 CVE-2024-6209,0,0,dde817e69ddab612402867a39af366fc36713e43c4758f0a34432256fd885f93,2024-07-08T15:35:25.837000 CVE-2024-6210,0,0,d08d160d43811c5bb8dcf64fef0c280a0a7b1e98d094babc485e09ce9fa86125,2024-07-11T13:05:54.930000 -CVE-2024-6212,0,0,88ec49d2c928534d89fe27eda6cf31c3bdd1fe8db0b2d3f31b9f799a55beb699,2024-06-21T15:15:16.313000 -CVE-2024-6213,0,0,e0a082c06ad6326e4babbcac2f7d63d9d6942af79bc707d2297bf9b5c0e8751e,2024-06-21T11:22:01.687000 -CVE-2024-6214,0,0,bcbd38673007b8b58830f53dd93b398fbfef8bca1a665af1ac1a439986dc6e9b,2024-06-21T15:15:16.430000 -CVE-2024-6215,0,0,720f1739703095287552164316882a6b926c156c15e89c7dc7084a2a8b1f1173,2024-06-21T11:22:01.687000 -CVE-2024-6216,0,0,99a638bb9b091862ee1125e5c2af18142e9f2a446dc1f5e54add6d69d774b8bc,2024-06-24T20:15:11.177000 -CVE-2024-6217,0,0,caeef107ec037a20535b69bf461e75c9da91ce4fd887edb01336f60c235444b1,2024-06-21T11:22:01.687000 +CVE-2024-6212,0,1,34e191d45badaa7298b06fe6495d64a4a3476a62dbe33119476eeaabe8a8d0c5,2024-08-23T02:16:46.820000 +CVE-2024-6213,0,1,b88bd076337ef2a1e33e32994c835aeb58f4bcee4d9f1f644c98407fae8b17dd,2024-08-23T02:14:56.413000 +CVE-2024-6214,0,1,a8e239af08d0ab1246993374aef8204661658830db0ca6fca456fce88752f617,2024-08-23T02:14:34.340000 +CVE-2024-6215,0,1,d01466c5e4679da2e3cdde9d249cad88f46489a58c2f36859f7f149e67c89660,2024-08-23T02:14:03.990000 +CVE-2024-6216,0,1,fe1f34e9619d7bae700607092872e4843797973f7a0c9714b25790af3f1b2538,2024-08-23T02:22:23.120000 +CVE-2024-6217,0,1,f28648e0277ddbd712b9473f83f11301c76893b98cd82a40d2daa67293b40bfa,2024-08-23T02:22:56.160000 CVE-2024-6218,0,0,3cb8a30d4ddfe61bdea61d401bfb5f7d243e9ab40309c0377a9f4fcd89ff6826,2024-06-21T15:15:16.547000 CVE-2024-6220,0,0,e02b2d21f9831e678f98a588025ea8ceab0b9f96191557805441514ff6bc987f,2024-08-01T22:15:41.733000 CVE-2024-6221,0,0,61f042058b385b7bc60c2d633e822b23c6dcddf14b1004ade2fb997e73ad48f8,2024-08-20T19:37:23.077000 @@ -260479,7 +260480,7 @@ CVE-2024-7174,0,0,d36abd9cd6510076e70dd71c93b10f1e4d1fed543c9c27e06453ada743b13a CVE-2024-7175,0,0,17f9f11ad73b0149cbe68b3610e56dfc726e43ad613a2d806a5692ca7828052c,2024-08-06T12:57:14.623000 CVE-2024-7176,0,0,f0ec24b818ba0ff9dd236590bd5667a208b3bab5b5698785324754427c7e3ea5,2024-08-06T12:58:00.850000 CVE-2024-7177,0,0,32745634451f9d23649acc91ceb28c69502a441cced914546f92ea612c820689,2024-08-06T13:15:14.603000 -CVE-2024-7178,0,0,12b5a03567983a2b53c2596c56a86ec76b818dd1a7f31d8ff4a2f0b39fabe4e8,2024-07-29T14:12:08.783000 +CVE-2024-7178,0,1,9fcf4f0d4009fbbe1d73388d7f5f6c7cba7d46fc9fcc396b1d731744ea7fcfc7,2024-08-23T02:55:43.233000 CVE-2024-7179,0,0,60fe96820a42f503d3e0051c6836b461a0ac673d0e796dbd9db48974b589c555,2024-07-29T14:12:08.783000 CVE-2024-7180,0,0,b50659844a81c932fe482f2feac748f67d1b98280d089e9e54e10751f4720231,2024-07-29T14:12:08.783000 CVE-2024-7181,0,0,6d2b8582ba7389cf0c33d5638487e130e6a6bdc9c4f2de89e521673a1d9cc87b,2024-07-29T14:12:08.783000 @@ -260739,6 +260740,7 @@ CVE-2024-7552,0,0,811aa90d2d18bb406f73befc3765a8f78539782307b57a4dcd481925c3ed1f CVE-2024-7553,0,0,423c29f04f0f081a0c5d9465a918cf0ed131ece97e02d2f5996269c83101214a,2024-08-07T15:17:46.717000 CVE-2024-7554,0,0,4a573fb2ab24355a17092729215e215195bfd8edf91c08645b945dde25aae201,2024-08-08T13:04:18.753000 CVE-2024-7557,0,0,689a9daa3ab546590d7c99bd152e6a8f70602c50080585be6131605a7c141656,2024-08-13T17:00:53.670000 +CVE-2024-7559,1,1,2e7824eef5c242ea87ab859b0dacac2433ea95fdf12fc737458a6e5eef0b4117,2024-08-23T03:15:04.060000 CVE-2024-7560,0,0,69bf0d3c1d2353061d3a66813d4df2a8a02417391648b6018a10fb1d777785c6,2024-08-08T13:04:18.753000 CVE-2024-7561,0,0,4f145ac8bff9e09f18481f098864cf0c68d07bfaa0facd60438519477eaf9cd1,2024-08-08T13:04:18.753000 CVE-2024-7564,0,0,9647575e3fbd33f04dc9f7112e25f0abbbf3e6266c5fe28f9ec18868dfbd0106,2024-08-07T19:59:36.240000 @@ -260991,4 +260993,4 @@ CVE-2024-8084,0,0,54ebf9dbea9be8ad7540cd39535abccca8c201930c031c6494243052847220 CVE-2024-8086,0,0,0032322cb5219616ff9e8ac2385cd94278f0a48a10ad2e858e6762ceae5e7fac,2024-08-22T23:15:08.323000 CVE-2024-8087,0,0,ce74b4ff6db63303399517b3cc8a3518d37d14104709e6d8caee468523387dff,2024-08-22T23:15:08.633000 CVE-2024-8088,0,0,4ef83eee673ee14bb05eb2757d0f3a4f17e1e757b372b527d200b6de8438c4b6,2024-08-22T19:15:09.720000 -CVE-2024-8089,1,1,ecdc3c0a902521d8446bfc643aa4dadd0823df6493ad03befc85ba1d3e8d640f,2024-08-23T00:15:08.907000 +CVE-2024-8089,0,0,ecdc3c0a902521d8446bfc643aa4dadd0823df6493ad03befc85ba1d3e8d640f,2024-08-23T00:15:08.907000