diff --git a/CVE-2022/CVE-2022-275xx/CVE-2022-27592.json b/CVE-2022/CVE-2022-275xx/CVE-2022-27592.json new file mode 100644 index 00000000000..802d7154a9c --- /dev/null +++ b/CVE-2022/CVE-2022-275xx/CVE-2022-27592.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2022-27592", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:11.173", + "lastModified": "2024-09-06T17:15:11.173", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An unquoted search path or element vulnerability has been reported to affect QVR Smart Client. If exploited, the vulnerability could allow local authenticated administrators to execute unauthorized code or commands via unspecified vectors.\n\nWe have already fixed the vulnerability in the following version:\nWindows 10 SP1, Windows 11, Mac OS, and Mac M1: QVR Smart Client 2.4.0.0570 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-428" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-22", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34974.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34974.json new file mode 100644 index 00000000000..6f2ab285986 --- /dev/null +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34974.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-34974", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:11.440", + "lastModified": "2024-09-06T17:15:11.440", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network.\nQuTScloud, QVR, QES are not affected.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 4.5.4.2790 build 20240605 and later\nQuTS hero h4.5.4.2626 build 20231225 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-32", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34979.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34979.json new file mode 100644 index 00000000000..14f681c7451 --- /dev/null +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34979.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-34979", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:11.653", + "lastModified": "2024-09-06T17:15:11.653", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 4.5.4.2790 build 20240605 and later\nQuTS hero h4.5.4.2790 build 20240606 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-32", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38391.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38391.json index dfffed921f2..63ae42b412e 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38391.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38391.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38391", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-04T00:15:08.730", - "lastModified": "2023-11-09T20:07:33.613", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T16:35:00.437", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.2, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 } ] }, diff --git a/CVE-2023/CVE-2023-392xx/CVE-2023-39298.json b/CVE-2023/CVE-2023-392xx/CVE-2023-39298.json new file mode 100644 index 00000000000..a99779d8389 --- /dev/null +++ b/CVE-2023/CVE-2023-392xx/CVE-2023-39298.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-39298", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:11.860", + "lastModified": "2024-09-06T17:15:11.860", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A missing authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated users to access data or perform actions that they should not be allowed to perform via unspecified vectors.\nQuTScloud, is not affected.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.0.2737 build 20240417 and later\nQuTS hero h5.2.0.2782 build 20240601 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-28", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-393xx/CVE-2023-39300.json b/CVE-2023/CVE-2023-393xx/CVE-2023-39300.json new file mode 100644 index 00000000000..8fbb31e3a17 --- /dev/null +++ b/CVE-2023/CVE-2023-393xx/CVE-2023-39300.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-39300", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:12.070", + "lastModified": "2024-09-06T17:15:12.070", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An OS command injection vulnerability has been reported to affect legacy QTS. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 4.3.6.2805 build 20240619 and later\nQTS 4.3.4.2814 build 20240618 and later\nQTS 4.3.3.2784 build 20240619 and later\nQTS 4.2.6 build 20240618 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-26", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-450xx/CVE-2023-45038.json b/CVE-2023/CVE-2023-450xx/CVE-2023-45038.json new file mode 100644 index 00000000000..c0137576d6d --- /dev/null +++ b/CVE-2023/CVE-2023-450xx/CVE-2023-45038.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-45038", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:12.300", + "lastModified": "2024-09-06T17:15:12.300", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An improper authentication vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to compromise the security of the system via a network.\n\nWe have already fixed the vulnerability in the following version:\nMusic Station 5.4.0 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-25", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-469xx/CVE-2023-46947.json b/CVE-2023/CVE-2023-469xx/CVE-2023-46947.json index a2a6c843e13..b7722b6efa3 100644 --- a/CVE-2023/CVE-2023-469xx/CVE-2023-46947.json +++ b/CVE-2023/CVE-2023-469xx/CVE-2023-46947.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46947", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-03T13:15:08.797", - "lastModified": "2023-11-13T18:50:17.157", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T16:35:01.237", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-94" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-469xx/CVE-2023-46954.json b/CVE-2023/CVE-2023-469xx/CVE-2023-46954.json index 0b57043c591..4565673818a 100644 --- a/CVE-2023/CVE-2023-469xx/CVE-2023-46954.json +++ b/CVE-2023/CVE-2023-469xx/CVE-2023-46954.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46954", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-03T03:15:07.920", - "lastModified": "2023-11-09T21:38:55.393", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T17:35:01.953", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-89" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-475xx/CVE-2023-47563.json b/CVE-2023/CVE-2023-475xx/CVE-2023-47563.json new file mode 100644 index 00000000000..f87e4a27420 --- /dev/null +++ b/CVE-2023/CVE-2023-475xx/CVE-2023-47563.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2023-47563", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:12.513", + "lastModified": "2024-09-06T17:15:12.513", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to execute commands via a network.\n\nWe have already fixed the vulnerability in the following version:\nVideo Station 5.8.2 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + }, + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-24", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-503xx/CVE-2023-50360.json b/CVE-2023/CVE-2023-503xx/CVE-2023-50360.json new file mode 100644 index 00000000000..8c040b81ae5 --- /dev/null +++ b/CVE-2023/CVE-2023-503xx/CVE-2023-50360.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-50360", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:12.710", + "lastModified": "2024-09-06T17:15:12.710", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.\n\nWe have already fixed the vulnerability in the following version:\nVideo Station 5.8.1 ( 2024/02/26 ) and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-24", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-503xx/CVE-2023-50366.json b/CVE-2023/CVE-2023-503xx/CVE-2023-50366.json new file mode 100644 index 00000000000..696d7d32a65 --- /dev/null +++ b/CVE-2023/CVE-2023-503xx/CVE-2023-50366.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-50366", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:12.907", + "lastModified": "2024-09-06T17:15:12.907", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.6.2722 build 20240402 and later\nQuTS hero h5.1.6.2734 build 20240414 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-20", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-513xx/CVE-2023-51366.json b/CVE-2023/CVE-2023-513xx/CVE-2023-51366.json new file mode 100644 index 00000000000..ef4bc20bb54 --- /dev/null +++ b/CVE-2023/CVE-2023-513xx/CVE-2023-51366.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-51366", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:13.107", + "lastModified": "2024-09-06T17:15:13.107", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.6.2722 build 20240402 and later\nQuTS hero h5.1.6.2734 build 20240414 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.7, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-20", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-513xx/CVE-2023-51367.json b/CVE-2023/CVE-2023-513xx/CVE-2023-51367.json new file mode 100644 index 00000000000..4ecbd5b6ad8 --- /dev/null +++ b/CVE-2023/CVE-2023-513xx/CVE-2023-51367.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2023-51367", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:13.300", + "lastModified": "2024-09-06T17:15:13.300", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.6.2722 build 20240402 and later\nQuTS hero h5.1.6.2734 build 20240414 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + }, + { + "lang": "en", + "value": "CWE-121" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-20", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-513xx/CVE-2023-51368.json b/CVE-2023/CVE-2023-513xx/CVE-2023-51368.json new file mode 100644 index 00000000000..bf3fec1e539 --- /dev/null +++ b/CVE-2023/CVE-2023-513xx/CVE-2023-51368.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-51368", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:13.487", + "lastModified": "2024-09-06T17:15:13.487", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to launch a denial-of-service (DoS) attack via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.6.2722 build 20240402 and later\nQuTS hero h5.1.6.2734 build 20240414 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-20", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52043.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52043.json index ad4cdf1c8fe..33fa6c96c16 100644 --- a/CVE-2023/CVE-2023-520xx/CVE-2023-52043.json +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52043.json @@ -2,7 +2,7 @@ "id": "CVE-2023-52043", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-03T22:15:06.920", - "lastModified": "2024-04-04T12:48:41.700", + "lastModified": "2024-09-06T17:35:03.427", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Un problema en D-Link COVR 1100, 1102, 1103 AC1200 Dual-Band Whole-Home Mesh Wi-Fi System (Hardware Rev B1) trunca las contrase\u00f1as del punto de acceso inal\u00e1mbrico (WPA-PSK), lo que permite a un atacante obtener acceso no autorizado a la red mediante una autenticaci\u00f3n d\u00e9bil control S." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-347" + } + ] + } + ], "references": [ { "url": "https://exploots.github.io/posts/2024/01/18/d-link-covr-1102-vulnerability.html", diff --git a/CVE-2023/CVE-2023-72xx/CVE-2023-7265.json b/CVE-2023/CVE-2023-72xx/CVE-2023-7265.json index b3436e41bdc..e1f9ff2619d 100644 --- a/CVE-2023/CVE-2023-72xx/CVE-2023-7265.json +++ b/CVE-2023/CVE-2023-72xx/CVE-2023-7265.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7265", "sourceIdentifier": "psirt@huawei.com", "published": "2024-08-08T08:15:04.740", - "lastModified": "2024-08-08T13:04:18.753", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-06T16:38:04.533", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.2, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.5, + "impactScore": 3.6 + }, { "source": "psirt@huawei.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "psirt@huawei.com", "type": "Secondary", @@ -51,10 +81,70 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:huawei:emui:14.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "32FBF39A-164F-4F98-AB49-28C50A430C36" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:huawei:harmonyos:2.1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "C01447F1-7F58-4AE3-B403-C01B2575D898" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:huawei:harmonyos:4.2.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2401DE15-9DBF-4645-A261-8C24D57C6342" + } + ] + } + ] + } + ], "references": [ { "url": "https://consumer.huawei.com/en/support/bulletin/2024/8/", - "source": "psirt@huawei.com" + "source": "psirt@huawei.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-17xx/CVE-2024-1744.json b/CVE-2024/CVE-2024-17xx/CVE-2024-1744.json index da3c885b24a..f1618de5a89 100644 --- a/CVE-2024/CVE-2024-17xx/CVE-2024-1744.json +++ b/CVE-2024/CVE-2024-17xx/CVE-2024-1744.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1744", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2024-09-06T13:15:03.467", - "lastModified": "2024-09-06T13:15:03.467", - "vulnStatus": "Received", + "lastModified": "2024-09-06T16:46:47.907", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20488.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20488.json index 0702e64a8e0..a76d4d6a5d0 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20488.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20488.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20488", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-08-21T19:15:13.163", - "lastModified": "2024-08-22T12:48:02.790", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-06T17:18:11.813", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "ykramarz@cisco.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "ykramarz@cisco.com", "type": "Secondary", @@ -51,10 +81,130 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\):*:*:*:*:*:*:*", + "matchCriteriaId": "3EB73BD4-9ECC-458E-925D-FECE9A49BD48" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su1:*:*:*:*:*:*:*", + "matchCriteriaId": "1C9751FC-5C3C-4D7B-B368-39FF096C1581" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su2:*:*:*:*:*:*:*", + "matchCriteriaId": "E411B60D-4EFA-4A8C-A9A0-74B7524B2B72" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su3:*:*:*:*:*:*:*", + "matchCriteriaId": "EC7EAB06-39FB-4897-BDCC-B84041DA9AB0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su4:*:*:*:*:*:*:*", + "matchCriteriaId": "2E727720-92A8-430E-881F-091ACC71E87F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su5:*:*:*:*:*:*:*", + "matchCriteriaId": "511D0C5D-55DB-4293-BFE0-17D31073C5BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su6:*:*:*:*:*:*:*", + "matchCriteriaId": "294B9E10-2CF1-47D3-9725-E2A568E17AD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su7:*:*:*:*:*:*:*", + "matchCriteriaId": "397E6105-7508-4DEB-AD6D-1E702E31C875" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su7a:*:*:*:*:*:*:*", + "matchCriteriaId": "1DD5882F-47AD-44BF-BAF5-4DA6B59A45A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su8:*:*:*:*:*:*:*", + "matchCriteriaId": "65580374-43E4-4EB4-8D66-76FB8AF11568" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su8a:*:*:*:*:*:*:*", + "matchCriteriaId": "D501B7FB-1335-4C44-8C4F-DDF033A41E4A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su9:*:*:*:*:*:*:*", + "matchCriteriaId": "7E5D489D-D2D3-4784-8B80-209344A9FC76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.6\\(1\\):*:*:*:*:*:*:*", + "matchCriteriaId": "655AA70A-8784-4D5D-9DB2-799A2ADF9317" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "5FFCAAB4-CED3-4D68-9572-15B27876B1F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:14.0su1:*:*:*:*:*:*:*", + "matchCriteriaId": "7A860A99-9641-47E8-B986-F118B8B77EDE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:14.0su2:*:*:*:*:*:*:*", + "matchCriteriaId": "55AE4879-442D-4100-A31E-DC46D34B9506" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:14.0su2a:*:*:*:*:*:*:*", + "matchCriteriaId": "065D488E-C375-4EF4-9C80-0E160AE74FCB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:14.0su3:*:*:*:*:*:*:*", + "matchCriteriaId": "02CA71E0-431C-4B45-AAF1-5471EF7226FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:14.0su4:*:*:*:*:*:*:*", + "matchCriteriaId": "8A60531F-11B6-4278-9B42-735F374CDE44" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:14.0su4a:*:*:*:*:*:*:*", + "matchCriteriaId": "582F9D45-5F04-44F8-8FB5-812D30EFDE70" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2426B367-BC52-4006-8D17-8CBB3EC65800" + } + ] + } + ] + } + ], "references": [ { "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-9zmfHyZ", - "source": "ykramarz@cisco.com" + "source": "ykramarz@cisco.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-218xx/CVE-2024-21897.json b/CVE-2024/CVE-2024-218xx/CVE-2024-21897.json new file mode 100644 index 00000000000..7b7470436c4 --- /dev/null +++ b/CVE-2024/CVE-2024-218xx/CVE-2024-21897.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-21897", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:13.713", + "lastModified": "2024-09-06T17:15:13.713", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.6.2722 build 20240402 and later\nQuTS hero h5.1.6.2734 build 20240414 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.9, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-20", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-218xx/CVE-2024-21898.json b/CVE-2024/CVE-2024-218xx/CVE-2024-21898.json new file mode 100644 index 00000000000..017df0f9750 --- /dev/null +++ b/CVE-2024/CVE-2024-218xx/CVE-2024-21898.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-21898", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:13.920", + "lastModified": "2024-09-06T17:15:13.920", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network.\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.6.2722 build 20240402 and later\nQuTS hero h5.1.6.2734 build 20240414 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-20", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-219xx/CVE-2024-21903.json b/CVE-2024/CVE-2024-219xx/CVE-2024-21903.json new file mode 100644 index 00000000000..2f622e4da4e --- /dev/null +++ b/CVE-2024/CVE-2024-219xx/CVE-2024-21903.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-21903", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:14.113", + "lastModified": "2024-09-06T17:15:14.113", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.6.2722 build 20240402 and later\nQuTS hero h5.1.6.2734 build 20240414 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + }, + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-20", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-219xx/CVE-2024-21904.json b/CVE-2024/CVE-2024-219xx/CVE-2024-21904.json new file mode 100644 index 00000000000..d92ec27f388 --- /dev/null +++ b/CVE-2024/CVE-2024-219xx/CVE-2024-21904.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-21904", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:14.317", + "lastModified": "2024-09-06T17:15:14.317", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.7.2770 build 20240520 and later\nQuTS hero h5.1.7.2770 build 20240520 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-23", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-219xx/CVE-2024-21906.json b/CVE-2024/CVE-2024-219xx/CVE-2024-21906.json new file mode 100644 index 00000000000..edc3ffdefeb --- /dev/null +++ b/CVE-2024/CVE-2024-219xx/CVE-2024-21906.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-21906", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:14.513", + "lastModified": "2024-09-06T17:15:14.513", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.8.2823 build 20240712 and later\nQuTS hero h5.1.8.2823 build 20240712 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-33", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-255xx/CVE-2024-25584.json b/CVE-2024/CVE-2024-255xx/CVE-2024-25584.json index 2c9745ff617..7d937ceb755 100644 --- a/CVE-2024/CVE-2024-255xx/CVE-2024-25584.json +++ b/CVE-2024/CVE-2024-255xx/CVE-2024-25584.json @@ -2,8 +2,8 @@ "id": "CVE-2024-25584", "sourceIdentifier": "security@open-xchange.com", "published": "2024-09-06T15:15:12.950", - "lastModified": "2024-09-06T15:15:12.950", - "vulnStatus": "Received", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-258xx/CVE-2024-25808.json b/CVE-2024/CVE-2024-258xx/CVE-2024-25808.json index df5d45a5665..c3c8a268f76 100644 --- a/CVE-2024/CVE-2024-258xx/CVE-2024-25808.json +++ b/CVE-2024/CVE-2024-258xx/CVE-2024-25808.json @@ -2,7 +2,7 @@ "id": "CVE-2024-25808", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-22T04:15:11.087", - "lastModified": "2024-03-22T12:45:36.130", + "lastModified": "2024-09-06T17:35:05.610", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Vulnerabilidad de Cross-site Request Forgery (CSRF) en Lychee versi\u00f3n 3.1.6, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de la funci\u00f3n de creaci\u00f3n de nuevo \u00e1lbum." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 8.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.5 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], "references": [ { "url": "https://github.com/Hebing123/cve/issues/17", diff --git a/CVE-2024/CVE-2024-26xx/CVE-2024-2653.json b/CVE-2024/CVE-2024-26xx/CVE-2024-2653.json index 90d220ede51..f033f9ad0ee 100644 --- a/CVE-2024/CVE-2024-26xx/CVE-2024-2653.json +++ b/CVE-2024/CVE-2024-26xx/CVE-2024-2653.json @@ -2,7 +2,7 @@ "id": "CVE-2024-2653", "sourceIdentifier": "cret@cert.org", "published": "2024-04-03T18:15:07.317", - "lastModified": "2024-05-01T18:15:19.257", + "lastModified": "2024-09-06T17:35:08.337", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,30 @@ "value": "amphp/http recopilar\u00e1 cuadros de CONTINUACI\u00d3N en un b\u00fafer ilimitado y no verificar\u00e1 un l\u00edmite hasta que haya recibido el indicador END_HEADERS establecido, lo que provocar\u00e1 un bloqueo de OOM." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.2 + } + ] + }, "references": [ { "url": "http://www.openwall.com/lists/oss-security/2024/04/03/16", diff --git a/CVE-2024/CVE-2024-271xx/CVE-2024-27122.json b/CVE-2024/CVE-2024-271xx/CVE-2024-27122.json new file mode 100644 index 00000000000..f53b0742fee --- /dev/null +++ b/CVE-2024/CVE-2024-271xx/CVE-2024-27122.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-27122", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:14.723", + "lastModified": "2024-09-06T17:15:14.723", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nNotes Station 3 3.9.6 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-21", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-271xx/CVE-2024-27125.json b/CVE-2024/CVE-2024-271xx/CVE-2024-27125.json new file mode 100644 index 00000000000..0cbbf45d78c --- /dev/null +++ b/CVE-2024/CVE-2024-271xx/CVE-2024-27125.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-27125", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:14.927", + "lastModified": "2024-09-06T17:15:14.927", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A cross-site scripting (XSS) vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network.\n\nWe have already fixed the vulnerability in the following version:\nHelpdesk 3.3.1 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 0.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-29", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-271xx/CVE-2024-27126.json b/CVE-2024/CVE-2024-271xx/CVE-2024-27126.json new file mode 100644 index 00000000000..f50dc183fa2 --- /dev/null +++ b/CVE-2024/CVE-2024-271xx/CVE-2024-27126.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-27126", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:15.130", + "lastModified": "2024-09-06T17:15:15.130", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nNotes Station 3 3.9.6 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-21", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28816.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28816.json index 1be725e003a..81ee9a5d8ad 100644 --- a/CVE-2024/CVE-2024-288xx/CVE-2024-28816.json +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28816.json @@ -2,7 +2,7 @@ "id": "CVE-2024-28816", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-11T03:15:05.943", - "lastModified": "2024-03-11T12:47:42.653", + "lastModified": "2024-09-06T17:35:06.960", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -16,6 +16,18 @@ } ], "metrics": {}, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], "references": [ { "url": "https://github.com/AaravRajSIngh/Chatbot/pull/10", diff --git a/CVE-2024/CVE-2024-317xx/CVE-2024-31777.json b/CVE-2024/CVE-2024-317xx/CVE-2024-31777.json index 31b96163e34..e9336c49a06 100644 --- a/CVE-2024/CVE-2024-317xx/CVE-2024-31777.json +++ b/CVE-2024/CVE-2024-317xx/CVE-2024-31777.json @@ -2,7 +2,7 @@ "id": "CVE-2024-31777", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-13T23:15:50.293", - "lastModified": "2024-06-17T12:43:31.090", + "lastModified": "2024-09-06T17:35:08.643", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Vulnerabilidad de carga de archivos en openeclass v.3.15 y anteriores permite a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo manipulado en el endpoint certbadge.php." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], "references": [ { "url": "https://github.com/FreySolarEye/Exploit-CVE-2024-31777", diff --git a/CVE-2024/CVE-2024-321xx/CVE-2024-32152.json b/CVE-2024/CVE-2024-321xx/CVE-2024-32152.json index a56be63fb7e..e8d3e2bd4ed 100644 --- a/CVE-2024/CVE-2024-321xx/CVE-2024-32152.json +++ b/CVE-2024/CVE-2024-321xx/CVE-2024-32152.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32152", "sourceIdentifier": "talos-cna@cisco.com", "published": "2024-07-22T15:15:03.197", - "lastModified": "2024-07-24T12:55:13.223", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T17:22:12.383", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "talos-cna@cisco.com", "type": "Secondary", @@ -41,8 +61,18 @@ }, "weaknesses": [ { - "source": "talos-cna@cisco.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "talos-cna@cisco.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +81,48 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ankitects:anki:24.04:*:*:*:*:*:*:*", + "matchCriteriaId": "A4503900-0DB5-402F-B7AD-36456CFF3DAE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1994", - "source": "talos-cna@cisco.com" + "source": "talos-cna@cisco.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-327xx/CVE-2024-32762.json b/CVE-2024/CVE-2024-327xx/CVE-2024-32762.json new file mode 100644 index 00000000000..409a28e30b7 --- /dev/null +++ b/CVE-2024/CVE-2024-327xx/CVE-2024-32762.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-32762", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:15.697", + "lastModified": "2024-09-06T17:15:15.697", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow users to inject malicious code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQuLog Center 1.8.0.872 ( 2024/06/17 ) and later\nQuLog Center 1.7.0.827 ( 2024/06/17 ) and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-30", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-327xx/CVE-2024-32763.json b/CVE-2024/CVE-2024-327xx/CVE-2024-32763.json new file mode 100644 index 00000000000..1a3c4714656 --- /dev/null +++ b/CVE-2024/CVE-2024-327xx/CVE-2024-32763.json @@ -0,0 +1,82 @@ +{ + "id": "CVE-2024-32763", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:15.920", + "lastModified": "2024-09-06T17:15:15.920", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.8.2823 build 20240712 and later\nQuTS hero h5.1.8.2823 build 20240712 and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "LOW", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + }, + { + "lang": "en", + "value": "CWE-122" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-33", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-327xx/CVE-2024-32771.json b/CVE-2024/CVE-2024-327xx/CVE-2024-32771.json new file mode 100644 index 00000000000..eb94027a399 --- /dev/null +++ b/CVE-2024/CVE-2024-327xx/CVE-2024-32771.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-32771", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:16.077", + "lastModified": "2024-09-06T17:15:16.077", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An improper restriction of excessive authentication attempts vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local network authenticated administrators to perform an arbitrary number of authentication attempts via unspecified vectors.\nQuTScloud is not affected.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.0.2782 build 20240601 and later\nQuTS hero h5.2.0.2782 build 20240601 and later" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.6, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.0, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-307" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-28", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-333xx/CVE-2024-33377.json b/CVE-2024/CVE-2024-333xx/CVE-2024-33377.json index 123d8e791f1..1aa971dc0ff 100644 --- a/CVE-2024/CVE-2024-333xx/CVE-2024-33377.json +++ b/CVE-2024/CVE-2024-333xx/CVE-2024-33377.json @@ -2,7 +2,7 @@ "id": "CVE-2024-33377", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-14T15:15:50.270", - "lastModified": "2024-06-17T18:15:16.107", + "lastModified": "2024-09-06T17:35:09.517", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Se descubri\u00f3 que LB-LINK BL-W1210M v2.0 contiene una vulnerabilidad de clickjacking a trav\u00e9s de la p\u00e1gina de inicio de sesi\u00f3n del administrador. Los atacantes pueden hacer que los usuarios v\u00edctimas realicen operaciones arbitrarias mediante la interacci\u00f3n con elementos manipulados en la p\u00e1gina web." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-1021" + } + ] + } + ], "references": [ { "url": "https://github.com/ShravanSinghRathore/Security-Advisory-Multiple-Vulnerabilities-in-LB-link-BL-W1210M-Router/wiki/Clickjacking-%28CVE%E2%80%902024%E2%80%9033377%29", diff --git a/CVE-2024/CVE-2024-365xx/CVE-2024-36523.json b/CVE-2024/CVE-2024-365xx/CVE-2024-36523.json index 78f2cd3f420..73a0d248a06 100644 --- a/CVE-2024/CVE-2024-365xx/CVE-2024-36523.json +++ b/CVE-2024/CVE-2024-365xx/CVE-2024-36523.json @@ -2,7 +2,7 @@ "id": "CVE-2024-36523", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-12T21:15:50.407", - "lastModified": "2024-06-13T18:36:09.010", + "lastModified": "2024-09-06T17:35:10.403", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Un problema de control de acceso en Wvp GB28181 Pro 2.0 permite a los usuarios continuar accediendo a la informaci\u00f3n en la aplicaci\u00f3n despu\u00e9s de eliminar sus propias cuentas o las de administrador. Esto siempre que los usuarios no cierren sesi\u00f3n en sus cuentas eliminadas." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-613" + } + ] + } + ], "references": [ { "url": "https://github.com/648540858/wvp-GB28181-pro/issues/1456", diff --git a/CVE-2024/CVE-2024-376xx/CVE-2024-37630.json b/CVE-2024/CVE-2024-376xx/CVE-2024-37630.json index 6ef8650b7c3..2e87ee7cd7a 100644 --- a/CVE-2024/CVE-2024-376xx/CVE-2024-37630.json +++ b/CVE-2024/CVE-2024-376xx/CVE-2024-37630.json @@ -2,7 +2,7 @@ "id": "CVE-2024-37630", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-13T18:15:11.030", - "lastModified": "2024-06-13T18:35:19.777", + "lastModified": "2024-09-06T17:35:11.240", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Se descubri\u00f3 que D-Link DIR-605L v2.13B01 contiene una vulnerabilidad de contrase\u00f1a codificada en /etc/passwd, que permite a los atacantes iniciar sesi\u00f3n como root." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-798" + } + ] + } + ], "references": [ { "url": "https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/D-link/DIR-605L/README.md", diff --git a/CVE-2024/CVE-2024-386xx/CVE-2024-38640.json b/CVE-2024/CVE-2024-386xx/CVE-2024-38640.json new file mode 100644 index 00000000000..e1c500cf841 --- /dev/null +++ b/CVE-2024/CVE-2024-386xx/CVE-2024-38640.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-38640", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:16.443", + "lastModified": "2024-09-06T17:15:16.443", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A cross-site scripting (XSS) vulnerability has been reported to affect Download Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.\n\nWe have already fixed the vulnerability in the following version:\nDownload Station 5.8.6.283 ( 2024/06/21 ) and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 7.0, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-35", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-386xx/CVE-2024-38641.json b/CVE-2024/CVE-2024-386xx/CVE-2024-38641.json new file mode 100644 index 00000000000..53f487e4072 --- /dev/null +++ b/CVE-2024/CVE-2024-386xx/CVE-2024-38641.json @@ -0,0 +1,82 @@ +{ + "id": "CVE-2024-38641", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:16.550", + "lastModified": "2024-09-06T17:15:16.550", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local network users to execute commands via unspecified vectors.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.8.2823 build 20240712 and later\nQuTS hero h5.1.8.2823 build 20240712 and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "PHYSICAL", + "attackComplexity": "HIGH", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "ACTIVE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "HIGH", + "subsequentSystemIntegrity": "HIGH", + "subsequentSystemAvailability": "HIGH", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 7.3, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + }, + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-33", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-386xx/CVE-2024-38642.json b/CVE-2024/CVE-2024-386xx/CVE-2024-38642.json new file mode 100644 index 00000000000..f6dbceca024 --- /dev/null +++ b/CVE-2024/CVE-2024-386xx/CVE-2024-38642.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-38642", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-09-06T17:15:16.677", + "lastModified": "2024-09-06T17:15:16.677", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An improper certificate validation vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow local network users to compromise the security of the system via unspecified vectors.\n\nWe have already fixed the vulnerability in the following version:\nQuMagie 2.3.1 and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "LOW", + "subsequentSystemAvailability": "LOW", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 1.0, + "baseSeverity": "LOW" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-295" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-34", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-397xx/CVE-2024-39713.json b/CVE-2024/CVE-2024-397xx/CVE-2024-39713.json index b1ba8b97072..d76525a205c 100644 --- a/CVE-2024/CVE-2024-397xx/CVE-2024-39713.json +++ b/CVE-2024/CVE-2024-397xx/CVE-2024-39713.json @@ -2,8 +2,8 @@ "id": "CVE-2024-39713", "sourceIdentifier": "support@hackerone.com", "published": "2024-08-05T05:15:39.297", - "lastModified": "2024-08-30T15:47:55.637", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T17:35:12.380", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -71,6 +71,16 @@ "value": "CWE-918" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-407xx/CVE-2024-40766.json b/CVE-2024/CVE-2024-407xx/CVE-2024-40766.json index 7924922c3e5..dfa0e57ced9 100644 --- a/CVE-2024/CVE-2024-407xx/CVE-2024-40766.json +++ b/CVE-2024/CVE-2024-407xx/CVE-2024-40766.json @@ -2,7 +2,7 @@ "id": "CVE-2024-40766", "sourceIdentifier": "PSIRT@sonicwall.com", "published": "2024-08-23T07:15:03.643", - "lastModified": "2024-08-23T16:18:28.547", + "lastModified": "2024-09-06T17:35:13.197", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,30 @@ "value": "Se ha identificado una vulnerabilidad de control de acceso inadecuado en el acceso de administraci\u00f3n de SonicWall SonicOS, que potencialmente conduce a un acceso no autorizado a recursos y, en condiciones espec\u00edficas, provoca que el firewall falle. Este problema afecta a los dispositivos SonicWall Firewall Gen 5 y Gen 6, as\u00ed como a los dispositivos Gen 7 que ejecutan SonicOS 7.0.1-5035 y versiones anteriores." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 9.3, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, "weaknesses": [ { "source": "PSIRT@sonicwall.com", diff --git a/CVE-2024/CVE-2024-415xx/CVE-2024-41572.json b/CVE-2024/CVE-2024-415xx/CVE-2024-41572.json index 2ffc13844f1..eacfc89ca08 100644 --- a/CVE-2024/CVE-2024-415xx/CVE-2024-41572.json +++ b/CVE-2024/CVE-2024-415xx/CVE-2024-41572.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41572", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-21T19:15:13.380", - "lastModified": "2024-08-22T21:15:16.797", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-06T17:02:47.470", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,73 @@ "value": "Learning with Texts (LWT) 2.0.3 es vulnerable a Cross Site Scripting (XSS). La aplicaci\u00f3n tiene una funci\u00f3n espec\u00edfica que no filtra caracteres especiales en los par\u00e1metros de la URL. Los atacantes remotos pueden inyectar c\u00f3digo JavaScript sin autorizaci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lang-learn-guy:learning_with_texts:2.0.3:*:*:*:*:*:*:*", + "matchCriteriaId": "1C21149A-45A1-49B6-AB7D-6E30407C3D22" + } + ] + } + ] + } + ], "references": [ { "url": "https://drive.google.com/drive/folders/12NAfZ2VrMvJug1JVSzfz9PwCuttnlwzP", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://medium.com/%40ChadSecurity/cve-2024-41572-68397fae354b", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41928.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41928.json index dd29f7a122c..b2b40df4588 100644 --- a/CVE-2024/CVE-2024-419xx/CVE-2024-41928.json +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41928.json @@ -2,7 +2,7 @@ "id": "CVE-2024-41928", "sourceIdentifier": "secteam@freebsd.org", "published": "2024-09-05T04:15:06.947", - "lastModified": "2024-09-05T12:53:21.110", + "lastModified": "2024-09-06T17:35:13.400", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,30 @@ "value": "El software malintencionado que se ejecuta en una m\u00e1quina virtual invitada puede aprovechar el desbordamiento del b\u00fafer para lograr la ejecuci\u00f3n de c\u00f3digo en el host en el proceso de espacio de usuario bhyve, que normalmente se ejecuta como ra\u00edz. Tenga en cuenta que bhyve se ejecuta en un entorno aislado de Capsicum, por lo que el c\u00f3digo malintencionado est\u00e1 limitado por las capacidades disponibles para el proceso bhyve." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.5, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "secteam@freebsd.org", diff --git a/CVE-2024/CVE-2024-425xx/CVE-2024-42557.json b/CVE-2024/CVE-2024-425xx/CVE-2024-42557.json index 973af6c33cd..c038ea29b00 100644 --- a/CVE-2024/CVE-2024-425xx/CVE-2024-42557.json +++ b/CVE-2024/CVE-2024-425xx/CVE-2024-42557.json @@ -2,7 +2,7 @@ "id": "CVE-2024-42557", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-20T13:15:06.523", - "lastModified": "2024-08-20T15:44:20.567", + "lastModified": "2024-09-06T17:35:13.597", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Una Cross-Site Request Forgery (CSRF) en el componente admin_modify_room.php del commit de Hotel Management System 91caab8 permite a los atacantes escalar privilegios." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], "references": [ { "url": "https://gist.github.com/topsky979/0785597ae7abc8f10cd5c5537f5467b5", diff --git a/CVE-2024/CVE-2024-426xx/CVE-2024-42679.json b/CVE-2024/CVE-2024-426xx/CVE-2024-42679.json index 7a3b1593d7e..287149dd927 100644 --- a/CVE-2024/CVE-2024-426xx/CVE-2024-42679.json +++ b/CVE-2024/CVE-2024-426xx/CVE-2024-42679.json @@ -2,8 +2,8 @@ "id": "CVE-2024-42679", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-15T14:15:11.003", - "lastModified": "2024-08-21T11:06:24.627", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T17:35:14.393", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-89" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-429xx/CVE-2024-42919.json b/CVE-2024/CVE-2024-429xx/CVE-2024-42919.json index cadc9a3638c..8bb56d1f583 100644 --- a/CVE-2024/CVE-2024-429xx/CVE-2024-42919.json +++ b/CVE-2024/CVE-2024-429xx/CVE-2024-42919.json @@ -2,7 +2,7 @@ "id": "CVE-2024-42919", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-20T17:15:19.463", - "lastModified": "2024-08-21T12:30:33.697", + "lastModified": "2024-09-06T17:35:15.190", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "eScan Management Console 14.0.1400.2281 es vulnerable a un control de acceso incorrecto a trav\u00e9s de acteScanAVReport." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], "references": [ { "url": "https://github.com/jeyabalaji711/CVE-2024-42919", diff --git a/CVE-2024/CVE-2024-429xx/CVE-2024-42947.json b/CVE-2024/CVE-2024-429xx/CVE-2024-42947.json index ba36bb18fc3..386d20b8f52 100644 --- a/CVE-2024/CVE-2024-429xx/CVE-2024-42947.json +++ b/CVE-2024/CVE-2024-429xx/CVE-2024-42947.json @@ -2,8 +2,8 @@ "id": "CVE-2024-42947", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-15T17:15:19.187", - "lastModified": "2024-08-16T13:32:05.103", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T17:35:15.987", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -49,6 +49,16 @@ "value": "NVD-CWE-noinfo" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-429xx/CVE-2024-42967.json b/CVE-2024/CVE-2024-429xx/CVE-2024-42967.json index 24c555b92bf..ebfb2d0827e 100644 --- a/CVE-2024/CVE-2024-429xx/CVE-2024-42967.json +++ b/CVE-2024/CVE-2024-429xx/CVE-2024-42967.json @@ -2,8 +2,8 @@ "id": "CVE-2024-42967", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-15T17:15:20.273", - "lastModified": "2024-08-16T13:34:29.780", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T17:35:16.717", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -49,6 +49,16 @@ "value": "NVD-CWE-noinfo" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-432xx/CVE-2024-43240.json b/CVE-2024/CVE-2024-432xx/CVE-2024-43240.json index 5f649318e71..7086d5fb3e6 100644 --- a/CVE-2024/CVE-2024-432xx/CVE-2024-43240.json +++ b/CVE-2024/CVE-2024-432xx/CVE-2024-43240.json @@ -2,8 +2,8 @@ "id": "CVE-2024-43240", "sourceIdentifier": "audit@patchstack.com", "published": "2024-08-19T17:15:08.850", - "lastModified": "2024-08-19T18:36:07.297", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:57:58.130", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -41,8 +61,18 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +81,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpindeed:ultimate_membership_pro:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "12.6", + "matchCriteriaId": "D722238C-D4D1-4B04-BDE9-D5A84220226C" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/indeed-membership-pro/wordpress-indeed-ultimate-membership-pro-plugin-12-6-unauthenticated-privilege-escalation-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-432xx/CVE-2024-43242.json b/CVE-2024/CVE-2024-432xx/CVE-2024-43242.json index 1026f3eeb19..196459cff4d 100644 --- a/CVE-2024/CVE-2024-432xx/CVE-2024-43242.json +++ b/CVE-2024/CVE-2024-432xx/CVE-2024-43242.json @@ -2,8 +2,8 @@ "id": "CVE-2024-43242", "sourceIdentifier": "audit@patchstack.com", "published": "2024-08-19T18:15:10.463", - "lastModified": "2024-08-19T18:36:07.297", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:57:46.497", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -51,10 +71,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpindeed:ultimate_membership_pro:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "12.6", + "matchCriteriaId": "D722238C-D4D1-4B04-BDE9-D5A84220226C" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/indeed-membership-pro/wordpress-indeed-ultimate-membership-pro-plugin-12-6-unauthenticated-php-object-injection-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-432xx/CVE-2024-43248.json b/CVE-2024/CVE-2024-432xx/CVE-2024-43248.json index 7c12531dac4..558fbef364f 100644 --- a/CVE-2024/CVE-2024-432xx/CVE-2024-43248.json +++ b/CVE-2024/CVE-2024-432xx/CVE-2024-43248.json @@ -2,8 +2,8 @@ "id": "CVE-2024-43248", "sourceIdentifier": "audit@patchstack.com", "published": "2024-08-19T18:15:11.030", - "lastModified": "2024-08-19T18:36:07.297", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:32:16.687", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -51,10 +71,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:bitapps:bit_form:*:*:*:*:pro:wordpress:*:*", + "versionEndIncluding": "2.6.4", + "matchCriteriaId": "C8FA22BD-69F8-4726-B4F6-F3826BEFD28F" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/bitformpro/wordpress-bit-form-pro-plugin-2-6-4-unauthenticated-arbitrary-file-deletion-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-432xx/CVE-2024-43249.json b/CVE-2024/CVE-2024-432xx/CVE-2024-43249.json index 0478fe72579..5faaaee9ff1 100644 --- a/CVE-2024/CVE-2024-432xx/CVE-2024-43249.json +++ b/CVE-2024/CVE-2024-432xx/CVE-2024-43249.json @@ -2,8 +2,8 @@ "id": "CVE-2024-43249", "sourceIdentifier": "audit@patchstack.com", "published": "2024-08-19T18:15:11.217", - "lastModified": "2024-08-19T18:36:07.297", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:30:49.183", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -51,10 +71,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:bitapps:bit_form:*:*:*:*:pro:wordpress:*:*", + "versionEndIncluding": "2.6.4", + "matchCriteriaId": "C8FA22BD-69F8-4726-B4F6-F3826BEFD28F" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/bitformpro/wordpress-bit-form-pro-plugin-2-6-4-authenticated-arbitrary-file-upload-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-432xx/CVE-2024-43250.json b/CVE-2024/CVE-2024-432xx/CVE-2024-43250.json index 1905aff5cde..7e78b5145e5 100644 --- a/CVE-2024/CVE-2024-432xx/CVE-2024-43250.json +++ b/CVE-2024/CVE-2024-432xx/CVE-2024-43250.json @@ -2,8 +2,8 @@ "id": "CVE-2024-43250", "sourceIdentifier": "audit@patchstack.com", "published": "2024-08-19T18:15:11.420", - "lastModified": "2024-08-19T18:36:07.297", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:02:16.067", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -51,10 +71,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:bitapps:bit_form:*:*:*:*:pro:wordpress:*:*", + "versionEndIncluding": "2.6.4", + "matchCriteriaId": "C8FA22BD-69F8-4726-B4F6-F3826BEFD28F" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/bitformpro/wordpress-bit-form-pro-plugin-2-6-4-authenticated-plugin-settings-change-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-440xx/CVE-2024-44073.json b/CVE-2024/CVE-2024-440xx/CVE-2024-44073.json index 0a32e1e5cee..b00af25e3cf 100644 --- a/CVE-2024/CVE-2024-440xx/CVE-2024-44073.json +++ b/CVE-2024/CVE-2024-440xx/CVE-2024-44073.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44073", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-19T03:15:03.790", - "lastModified": "2024-08-21T12:32:44.470", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T17:35:17.523", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-674" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-444xx/CVE-2024-44400.json b/CVE-2024/CVE-2024-444xx/CVE-2024-44400.json index f6e1a33c585..81b0d1fa098 100644 --- a/CVE-2024/CVE-2024-444xx/CVE-2024-44400.json +++ b/CVE-2024/CVE-2024-444xx/CVE-2024-44400.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44400", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-04T13:15:06.867", - "lastModified": "2024-09-05T17:37:42.787", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T16:15:03.030", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -111,6 +111,10 @@ } ], "references": [ + { + "url": "https://github.com/lonelylonglong/openfile-/blob/main/D-link_DI_8400-16.07.26A1_Command_Injection.md/CVE-2024-44400", + "source": "cve@mitre.org" + }, { "url": "https://github.com/lonelylonglong/openfile-/blob/main/D-link_DI_8400-16.07.26A1_Command_Injection.md/D-link_DI_8400-16.07.26A1_Command_Injection.md", "source": "cve@mitre.org", diff --git a/CVE-2024/CVE-2024-444xx/CVE-2024-44401.json b/CVE-2024/CVE-2024-444xx/CVE-2024-44401.json new file mode 100644 index 00000000000..7b69ef7a60e --- /dev/null +++ b/CVE-2024/CVE-2024-444xx/CVE-2024-44401.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-44401", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-09-06T16:15:03.110", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via sub47A60C function in the upgrade_filter.asp file" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/lonelylonglong/openfile-/blob/main/D-link_DI_8100GA1_Command_Injection.md/CVE-2024-44401", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/lonelylonglong/openfile-/blob/main/D-link_DI_8100GA1_Command_Injection.md/D-link_DI_8100GA1_Command_Injection.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-444xx/CVE-2024-44402.json b/CVE-2024/CVE-2024-444xx/CVE-2024-44402.json new file mode 100644 index 00000000000..00842ae8e66 --- /dev/null +++ b/CVE-2024/CVE-2024-444xx/CVE-2024-44402.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-44402", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-09-06T16:15:03.183", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via msp_info.htm." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/lonelylonglong/openfile-/blob/main/msp.md/CVE-2024-44402", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/lonelylonglong/openfile-/blob/main/msp.md/msp.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-444xx/CVE-2024-44408.json b/CVE-2024/CVE-2024-444xx/CVE-2024-44408.json new file mode 100644 index 00000000000..1e60907dc82 --- /dev/null +++ b/CVE-2024/CVE-2024-444xx/CVE-2024-44408.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-44408", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-09-06T16:15:03.243", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows unauthorized configuration file downloads, and the downloaded configuration files contain plaintext user passwords." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/lonelylonglong/openfile-/blob/main/DIR-823G.md/CVE-2024-44408", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/lonelylonglong/openfile-/blob/main/DIR-823G.md/DIR-823G.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-447xx/CVE-2024-44739.json b/CVE-2024/CVE-2024-447xx/CVE-2024-44739.json index 5e8fe5615c2..3b8db239489 100644 --- a/CVE-2024/CVE-2024-447xx/CVE-2024-44739.json +++ b/CVE-2024/CVE-2024-447xx/CVE-2024-44739.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44739", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-06T13:15:04.323", - "lastModified": "2024-09-06T15:35:02.807", - "vulnStatus": "Received", + "lastModified": "2024-09-06T16:46:47.907", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-448xx/CVE-2024-44837.json b/CVE-2024/CVE-2024-448xx/CVE-2024-44837.json index 51bfda4b74f..c408a1cc8f4 100644 --- a/CVE-2024/CVE-2024-448xx/CVE-2024-44837.json +++ b/CVE-2024/CVE-2024-448xx/CVE-2024-44837.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44837", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-06T14:15:12.517", - "lastModified": "2024-09-06T14:35:11.887", - "vulnStatus": "Received", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44952.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44952.json index e44d6e7c3e7..0ad1b87f391 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44952.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44952.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44952", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.213", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:37:38.370", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,169 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: n\u00facleo del controlador: se corrige uevent_show() frente a la ejecuci\u00f3n de desconexi\u00f3n del controlador uevent_show() quiere desreferenciar dev->driver->name. No hay una forma clara de que un atributo de dispositivo desreferenciar dev->driver a menos que ese atributo se defina mediante (struct device_driver).dev_groups. En cambio, el antipatr\u00f3n de tomar device_lock() en el controlador de atributos corre el riesgo de bloqueos con rutas de c\u00f3digo que eliminan los atributos del dispositivo mientras mantienen el bloqueo. Este interbloqueo es t\u00edpicamente invisible para lockdep dado que device_lock() est\u00e1 marcado como lockdep_set_novalidate_class(), pero algunos subsistemas asignan una clave lockdep local para que @dev->mutex revele informes del formato: ======================================================== ADVERTENCIA: posible dependencia de bloqueo circular detectada 6.10.0-rc7+ #275 Tainted: G OE N ------------------------------------------------------ modprobe/2374 est\u00e1 intentando adquirir el bloqueo: ffff8c2270070de0 (kn->active#6){++++}-{0:0}, en: __kernfs_remove+0xde/0x220 pero la tarea ya tiene el bloqueo: ffff8c22016e88f8 (&cxl_root_key){+.+.}-{3:3}, en: device_release_driver_internal+0x39/0x210 cuyo bloqueo ya depende del nuevo bloqueo. la cadena de dependencia existente (en orden inverso) es: -> #1 (&cxl_root_key){+.+.}-{3:3}: __mutex_lock+0x99/0xc30 uevent_show+0xac/0x130 dev_attr_show+0x18/0x40 sysfs_kf_seq_show+0xac/0xf0 seq_read_iter+0x110/0x450 vfs_read+0x25b/0x340 ksys_read+0x67/0xf0 do_syscall_64+0x75/0x190 entry_SYSCALL_64_after_hwframe+0x76/0x7e -> #0 (kn->active#6){++++}-{0:0}: __lock_acquire+0x121a/0x1fa0 lock_acquire+0xd6/0x2e0 kernfs_drain+0x1e9/0x200 __kernfs_remove+0xde/0x220 kernfs_remove_by_name_ns+0x5e/0xa0 device_del+0x168/0x410 device_unregister+0x13/0x60 devres_release_all+0xb8/0x110 device_unbind_cleanup+0xe/0x70 device_release_driver_internal+0x1c7/0x210 driver_detach+0x47/0x90 bus_remove_driver+0x6c/0xf0 cxl_acpi_exit+0xc/0x11 [cxl_acpi] __do_sys_delete_module.isra.0+0x181/0x260 do_syscall_64+0x75/0x190 entry_SYSCALL_64_after_hwframe+0x76/0x7e Sin embargo, la observaci\u00f3n es que los objetos de controlador suelen tener una vida \u00fatil mucho m\u00e1s larga que los objetos de dispositivo. Es razonable realizar una desreferencia sin bloqueo de un puntero @driver incluso si est\u00e1 compitiendo por desconectarse de un dispositivo. Dada la poca frecuencia de anulaci\u00f3n del registro de un controlador, usesynchronous_rcu() en module_remove_driver() para cerrar cualquier ejecuci\u00f3n potencial. Es potencialmente excesivo sufrirsynchronous_rcu() solo para manejar el raro evento uevent_show() de ejecuci\u00f3n de eliminaci\u00f3n de m\u00f3dulo. Gracias a Tetsuo Handa por el an\u00e1lisis de depuraci\u00f3n del informe de syzbot [1]." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.19.317", + "versionEndExcluding": "4.19.320", + "matchCriteriaId": "1240340E-2DC8-4009-B5E9-4AAAA32919D5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.4.279", + "versionEndExcluding": "5.4.282", + "matchCriteriaId": "3F107F61-4091-4152-93E2-9FA21FEA7F9F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10.221", + "versionEndExcluding": "5.10.224", + "matchCriteriaId": "301A0246-1161-4A6B-908F-525515AD5B20" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15.162", + "versionEndExcluding": "5.15.165", + "matchCriteriaId": "11D5C434-764B-4DCC-80A5-5AFDA2AEB21B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.1.95", + "versionEndExcluding": "6.1.105", + "matchCriteriaId": "87C01B09-845B-40F1-B369-37F1DF0684A2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6.35", + "versionEndExcluding": "6.6.46", + "matchCriteriaId": "F3B250C6-4051-44AD-A9A1-E3D0CB23666C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.10", + "versionEndExcluding": "6.10.5", + "matchCriteriaId": "1AE7EF1B-AA0B-4EB4-8930-E0DBB74897B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", + "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", + "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/15fffc6a5624b13b428bb1c6e9088e32a55eb82c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/49ea4e0d862632d51667da5e7a9c88a560e9c5a1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4a7c2a8387524942171037e70b80e969c3b5c05b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4d035c743c3e391728a6f81cbf0f7f9ca700cf62", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9c23fc327d6ec67629b4ad323bd64d3834c0417d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cd490a247ddf325325fd0de8898659400c9237ef", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/dd98c9630b7ee273da87e9a244f94ddf947161e2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f098e8fc7227166206256c18d56ab622039108b1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44953.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44953.json index cdb3f1232ac..d872978e89e 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44953.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44953.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44953", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.297", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:37:33.650", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,80 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: ufs: core: Se corrige un bloqueo durante la actualizaci\u00f3n de RTC. Hay un bloqueo cuando la suspensi\u00f3n en tiempo de ejecuci\u00f3n espera la limpieza del trabajo de RTC y el trabajo de RTC llama a ufshcd_rpm_get_sync() para esperar la reanudaci\u00f3n del tiempo de ejecuci\u00f3n. Aqu\u00ed est\u00e1 el backtrace del bloqueo: kworker/0:1 D 4892.876354 10 10971 4859 0x4208060 0x8 10 0 120 670730152367 ptr f0ffff80c2e40000 0 1 0x00000001 0x000000ff 0x000000ff 0x000000ff __switch_to+0x1a8/0x2d4 __schedule+0x684/0xa98 schedule+0x48/0xc8 schedule_timeout+0x48/0x170 do_wait_for_common+0x108/0x1b0 wait_for_completion+0x44/0x60 __flush_work+0x39c/0x424 __cancel_work_sync+0xd8/0x208 cancel_delayed_work_sync+0x14/0x28 __ufshcd_wl_suspend+0x19c/0x480 ufshcd_wl_runtime_suspend+0x3c/0x1d4 scsi_runtime_suspend+0x78/0xc8 __rpm_callback+0x94/0x3e0 rpm_suspend+0x2d4/0x65c __pm_runtime_suspend+0x80/0x114 scsi_runtime_idle+0x38/0x6c rpm_idle+0x264/0x338 __pm_runtime_idle+0x80/0x110 ufshcd_rtc_work+0x128/0x1e4 process_one_work+0x26c/0x650 worker_thread+0x260/0x3d8 kthread+0x110/0x134 ret_from_fork+0x10/0x20 Skip updating RTC if RPM state is not RPM_ACTIVE. " } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.10.5", + "matchCriteriaId": "48E239A0-A959-4FAB-8475-D045FED3DDA5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", + "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/3911af778f208e5f49d43ce739332b91e26bc48e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f13f1858a28c68b7fc0d72c2008d5c1f80d2e8d5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44956.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44956.json index 2d88154fc0f..6ad48a769c6 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44956.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44956.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44956", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.480", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:37:11.777", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,74 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe/preempt_fence: agrandar la secci\u00f3n cr\u00edtica de la cerca Es realmente f\u00e1cil introducir bloqueos sutiles en preempt_fence_work_func() ya que operamos en un solo wq ordenado global para se\u00f1alar nuestras cercas de preempci\u00f3n detr\u00e1s de escena, por lo que incluso aunque se\u00f1alemos una cerca en particular, todo en la devoluci\u00f3n de llamada debe estar en la secci\u00f3n cr\u00edtica de la cerca, ya que el bloqueo en la devoluci\u00f3n de llamada evitar\u00e1 que otras cercas publicadas se\u00f1alicen. Si agrandamos la secci\u00f3n cr\u00edtica de la cerca para cubrir toda la devoluci\u00f3n de llamada, entonces lockdep deber\u00eda poder entender esto mejor y quejarse si tomamos un bloqueo sensible como vm->lock, que tambi\u00e9n se mantiene cuando se espera en cercas de preempci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.10.5", + "matchCriteriaId": "E4CB0927-C720-465B-99F2-3E47215515F2" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/3cd1585e57908b6efcd967465ef7685f40b2a294", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/458bb83119dfee5d14c677f7846dd9363817006f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44957.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44957.json index 3228469869f..f27b82062eb 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44957.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44957.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44957", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.523", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:37:00.077", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,88 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: xen: privcmd: Cambiar de mutex a spinlock para irqfds irqfd_wakeup() obtiene EPOLLHUP, cuando es llamado por eventfd_release() por medio de wake_up_poll(&ctx->wqh, EPOLLHUP), que se llama bajo spin_lock_irqsave(). No podemos usar un mutex aqu\u00ed ya que conducir\u00eda a un interbloqueo. Arr\u00e9glelo cambiando a un spinlock." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.6.46", + "matchCriteriaId": "84C35A98-08C9-4674-8AC8-9CC0757B7699" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.5", + "matchCriteriaId": "D074AE50-4A5E-499C-A2FD-75FD60DEA560" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1c682593096a487fd9aebc079a307ff7a6d054a3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/49f2a5da6785b2dbde93e291cae037662440346e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c2775ae4d9227729f8ca9ee2a068f62a00d5ea9c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44964.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44964.json index ba070c70c75..53b5b7ed604 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44964.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44964.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44964", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T19:15:30.940", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:36:45.137", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,89 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: idpf: corrige fugas de memoria y fallos al realizar un reinicio suave El segundo commit etiquetado introdujo un UAF, ya que elimin\u00f3 la restauraci\u00f3n de punteros q_vector->vport despu\u00e9s de reinicializar las estructuras. Esto se debe a que todas las funciones de asignaci\u00f3n de colas se realizan aqu\u00ed con la nueva estructura vport temporal y esas funciones reescriben los punteros hacia atr\u00e1s al vport. Luego, esta nueva estructura se libera y los punteros comienzan a no llevar a ninguna parte. Pero en t\u00e9rminos generales, la l\u00f3gica actual es muy fr\u00e1gil. Afirma ser m\u00e1s confiable cuando el sistema tiene poca memoria, pero de hecho, consume dos veces m\u00e1s memoria ya que en el momento de ejecutar esta funci\u00f3n, hay dos vports asignados con sus colas y vectores. Adem\u00e1s, afirma evitar que el controlador entre en \"mal estado\", pero de hecho, cualquier error durante la reconstrucci\u00f3n deja el antiguo vport en el estado parcialmente asignado. Finalmente, si la interfaz est\u00e1 inactiva cuando se llama a la funci\u00f3n, siempre asigna un nuevo conjunto de colas, pero cuando el usuario decide habilitar la interfaz m\u00e1s adelante, vport_open() las asigna una vez m\u00e1s, es decir, hay una clara p\u00e9rdida de memoria aqu\u00ed. Simplemente no asigne un nuevo conjunto de colas cuando realice un reinicio, eso resuelve fallas y p\u00e9rdidas de memoria. Vuelva a agregar el n\u00famero de cola anterior y vuelva a abrir la interfaz en la reversi\u00f3n: eso resuelve los estados de limbo cuando el dispositivo se deja deshabilitado y/o sin colas de HW habilitadas." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + }, + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.5", + "matchCriteriaId": "D074AE50-4A5E-499C-A2FD-75FD60DEA560" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", + "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", + "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/6b289f8d91537ec1e4f9c7b38b31b90d93b1419b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f01032a2ca099ec8d619aaa916c3762aa62495df", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44989.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44989.json index 8f69a14e2cc..cb72a7be6a6 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44989.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44989.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44989", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.020", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:31:22.253", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,151 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bonding: fix xfrm real_dev null pointer dereference No deber\u00edamos establecer real_dev en NULL porque los paquetes pueden estar en tr\u00e1nsito y xfrm podr\u00eda llamar a xdo_dev_offload_ok() en paralelo. Todas las devoluciones de llamadas suponen que real_dev est\u00e1 establecido. Ejemplo de seguimiento: kernel: BUG: no se puede manejar el error de p\u00e1gina para la direcci\u00f3n: 0000000000001030 kernel: bond0: (esclavo eni0np1): haciendo que la interfaz sea la nueva activa kernel: #PF: acceso de escritura del supervisor en modo kernel kernel: #PF: error_code(0x0002) - p\u00e1gina no presente kernel: PGD 0 P4D 0 kernel: Oops: 0002 [#1] PREEMPT SMP kernel: CPU: 4 PID: 2237 Comm: ping No contaminado 6.7.7+ #12 kernel: Nombre del hardware: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014 kernel: RIP: 0010:nsim_ipsec_offload_ok+0xc/0x20 [netdevsim] kernel: bond0: (esclavo eni0np1): bond_ipsec_add_sa_all: no se pudo agregar el kernel SA: C\u00f3digo: e0 0f 0b 48 83 7f 38 00 74 de 0f 0b 48 8b 47 08 48 8b 37 48 8b 78 40 e9 b2 e5 9a d7 66 90 0f 1f 44 00 00 48 8b 86 80 02 00 00 <83> 80 30 10 00 00 01 b8 01 00 00 00 c3 0f 1f 80 00 00 00 00 0f 1f kernel: bond0: (esclavo eni0np1): haciendo que la interfaz sea la nueva activa kernel: RSP: 0018:ffffabde81553b98 EFLAGS: 00010246 kernel: bond0: (esclavo eni0np1): bond_ipsec_add_sa_all: no se pudo agregar SA kernel: kernel: RAX: 0000000000000000 RBX: ffff9eb404e74900 RCX: ffff9eb403d97c60 kernel: RDX: ffffffffc090de10 RSI: ffff9eb404e74900 RDI: ffff9eb3c5de9e00 kernel: RBP: ffff9eb3c0a42000 R08: 000000000000010 R09: 0000000000000014 kernel: R10: 797420303030303030 R11: 3030303030303030 R12: 0000000000000000 n\u00facleo: R13: ffff9eb3c5de9e00 R14: ffffabde81553cc8 R15: ffff9eb404c53000 n\u00facleo: FS: 00007f2a77a3ad00(0000) GS:ffff9eb43bd00000(0000) knlGS:0000000000000000 n\u00facleo: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 n\u00facleo: CR2: 0000000000001030 CR3: 00000001122ab000 CR4: 0000000000350ef0 kernel: bond0: (esclavo eni0np1): haciendo que la interfaz sea la nueva activa kernel: Seguimiento de llamadas: kernel: kernel: ? __die+0x1f/0x60 kernel: bond0: (esclavo eni0np1): bond_ipsec_add_sa_all: error al agregar SA kernel: ? page_fault_oops+0x142/0x4c0 kernel: ? do_user_addr_fault+0x65/0x670 kernel: ? kvm_read_and_reset_apf_flags+0x3b/0x50 kernel: bond0: (esclavo eni0np1): haciendo que la interfaz sea la nueva activa kernel: ? exc_page_fault+0x7b/0x180 kernel: ? asm_exc_page_fault+0x22/0x30 kernel: ? nsim_bpf_uninit+0x50/0x50 [netdevsim] kernel: bond0: (esclavo eni0np1): bond_ipsec_add_sa_all: no se pudo agregar SA kernel: ? nsim_ipsec_offload_ok+0xc/0x20 [netdevsim] kernel: bond0: (esclavo eni0np1): haciendo que la interfaz sea la nueva activa kernel: bond_ipsec_offload_ok+0x7b/0x90 [vinculaci\u00f3n] kernel: xfrm_output+0x61/0x3b0 kernel: bond0: (esclavo eni0np1): bond_ipsec_add_sa_all: no se pudo agregar SA kernel: ip_push_pending_frames+0x56/0x80" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.9", + "versionEndExcluding": "5.10.225", + "matchCriteriaId": "2ED1D527-637B-4492-80FC-ADBDF6E9E2C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.166", + "matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.107", + "matchCriteriaId": "53954FF8-CB48-4302-BC4C-9DA7A88F44A2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.48", + "matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.7", + "matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", + "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", + "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*", + "matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/21816b696c172c19d53a30d45ee005cce246ed21", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2f72c6a66bcd7e0187ec085237fee5db27145294", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4582d4ff413a07d4ed8a4823c652dc5207760548", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7fa9243391ad2afe798ef4ea2e2851947b95754f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/89fc1dca79db5c3e7a2d589ecbf8a3661c65f436", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f8cde9805981c50d0c029063dc7d82821806fc44", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44990.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44990.json index 7f4aa0bd704..9bccb11be57 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44990.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44990.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44990", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.087", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:31:12.870", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,151 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bonding: corregir desreferenciaci\u00f3n de puntero nulo en bond_ipsec_offload_ok Debemos comprobar si hay un esclavo activo antes de desreferenciar el puntero." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.9", + "versionEndExcluding": "5.10.225", + "matchCriteriaId": "2ED1D527-637B-4492-80FC-ADBDF6E9E2C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.166", + "matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.107", + "matchCriteriaId": "53954FF8-CB48-4302-BC4C-9DA7A88F44A2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.48", + "matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.7", + "matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", + "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", + "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*", + "matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0707260a18312bbcd2a5668584e3692d0a29e3f6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2f5bdd68c1ce64bda6bef4d361a3de23b04ccd59", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/32a0173600c63aadaf2103bf02f074982e8602ab", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/81216b9352be43f8958092d379f6dec85443c309", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/95c90e4ad89d493a7a14fa200082e466e2548f9d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b70b0ddfed31fc92c8dc722d0afafc8e14cb550c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44992.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44992.json index 1eec5d8ee09..cab4d68dbb8 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44992.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44992.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44992", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.207", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:29:28.963", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,90 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb/client: evitar posible desreferencia NULL en cifs_free_subrequest() Advertencia del verificador est\u00e1tico de Clang (scan-build): cifsglob.h:l\u00ednea 890, columna 3 El acceso al campo 'ops' da como resultado una desreferencia de un puntero nulo. El commit 519be989717c (\"cifs: Agregar un punto de seguimiento para rastrear cr\u00e9ditos involucrados en solicitudes R/W\") agrega una verificaci\u00f3n para 'rdata->server' y permite que clang lance esta advertencia sobre la desreferencia NULL. Cuando sucede 'rdata->credits.value != 0 && rdata->server == NULL', add_credits_and_wake_if() llamar\u00e1 a rdata->server->ops->add_credits(). Esto causar\u00e1 un problema de desreferencia NULL. Agregue una verificaci\u00f3n para 'rdata->server' para evitar la desreferencia NULL." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.10", + "versionEndExcluding": "6.10.7", + "matchCriteriaId": "E55C1263-DF43-41EF-8DA8-2BA68DF4FFFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", + "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", + "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/74c2ab6d653b4c2354df65a7f7f2df1925a40a51", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fead60a6d5f84b472b928502a42c419253afe6c1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44993.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44993.json index 75c6f0f73fc..93db88434ad 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44993.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44993.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44993", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.257", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:28:49.180", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,90 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/v3d: Corregir lectura fuera de los l\u00edmites en `v3d_csd_job_run()` Al habilitar UBSAN en Raspberry Pi 5, obtenemos la siguiente advertencia: [ 387.894977] UBSAN: array-index-out-of-bounds en drivers/gpu/drm/v3d/v3d_sched.c:320:3 [ 387.903868] el \u00edndice 7 est\u00e1 fuera de rango para el tipo '__u32 [7]' [ 387.909692] CPU: 0 PID: 1207 Comm: kworker/u16:2 Tainted: G WC 6.10.3-v8-16k-numa #151 [ 387.919166] Nombre del hardware: Raspberry Pi 5 Model B Rev 1.0 (DT) [ 387.925961] Cola de trabajo: v3d_csd drm_sched_run_job_work [gpu_sched] [ 387.932525] Rastreo de llamadas: [ 387.935296] dump_backtrace+0x170/0x1b8 [ 387.939403] show_stack+0x20/0x38 [ 387.942907] dump_stack_lvl+0x90/0xd0 [ 387.946785] dump_stack+0x18/0x28 [ 387.950301] __ubsan_handle_out_of_bounds+0x98/0xd0 [ 387.955383] v3d_csd_job_run+0x3a8/0x438 [v3d] [ 387.960707] drm_sched_run_job_work+0x520/0x6d0 [gpu_sched] [ 387.966862] process_one_work+0x62c/0xb48 [ 387.971296] worker_thread+0x468/0x5b0 [ 387.975317] kthread+0x1c4/0x1e0 [ 387.978818] ret_from_fork+0x10/0x20 [ 387.983014] ---[ fin del seguimiento ]--- Esto sucede porque la UAPI proporciona solo siete registros de configuraci\u00f3n y estamos leyendo la octava posici\u00f3n de esta matriz u32. Por lo tanto, solucione la lectura fuera de los l\u00edmites en `v3d_csd_job_run()` accediendo solo a siete posiciones en la matriz '__u32 [7]'. El octavo registro existe de hecho en V3D 7.1, pero no se utiliza actualmente. Siendo as\u00ed, garanticemos que permanezca sin uso y agreguemos una nota que indique que podr\u00eda configurarse en un parche futuro." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.10.7", + "matchCriteriaId": "E89DCAFA-7226-4A61-B500-1229E533B4BD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", + "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", + "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/497d370a644d95a9f04271aa92cb96d32e84c770", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d656b82c4b30cf12715e6cd129d3df808fde24a7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44995.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44995.json index af864268397..ffe8fc79860 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44995.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44995.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44995", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.353", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:28:37.107", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,160 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net:hns3: se corrige un problema de bloqueo cuando se configura TC durante el reinicio Cuando se configura TC durante el proceso de reinicio, puede causar un bloqueo, el flujo es el siguiente: pf reset start ? ? ...... setup tc ? ? ? ? DOWN: napi_disable() napi_disable()(skip) ? ? ? ? ? ...... ...... ? ? ? ? napi_enable() ? ? UINIT: netif_napi_del() ? ? ...... ? ? INIT: netif_napi_add() ? ? ...... global reset start ? ? ? ? UP: napi_enable()(skip) ...... ? ? ? ? ...... napi_disable() En el proceso de reinicio, el controlador DESACTIVAR\u00c1 el puerto y luego UINIT; en este caso, el proceso de configuraci\u00f3n tc DESACTIVAR\u00c1 el puerto antes de UINIT, lo que provocar\u00e1 el problema. Agrega un proceso DESACTIVADO en UINIT para solucionarlo." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "5.4.283", + "matchCriteriaId": "087CB42F-3AD4-4BBD-B90F-8A0A1C83B5AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.225", + "matchCriteriaId": "C57B46A9-B105-4792-8481-1870DEFB436A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.166", + "matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.107", + "matchCriteriaId": "53954FF8-CB48-4302-BC4C-9DA7A88F44A2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.48", + "matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.7", + "matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", + "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", + "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/195918217448a6bb7f929d6a2ffffce9f1ece1cc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/67492d4d105c0a6321b00c393eec96b9a7a97a16", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6ae2b7d63cd056f363045eb65409143e16f23ae8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/be5e816d00a506719e9dbb1a9c861c5ced30a109", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/de37408d5c26fc4a296a28a0c96dcb814219bfa1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fa1d4de7265c370e673583ac8d1bd17d21826cd9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fc250eca15bde34c4c8f806b9d88f55bd56a992c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44997.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44997.json index 768fdfa44fa..6f9e56ce36c 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44997.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44997.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44997", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.470", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:28:25.183", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,104 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ethernet: mtk_wed: arregla el p\u00e1nico de use after free en mtk_wed_setup_tc_block_cb() Cuando hay m\u00faltiples interfaces de punto de acceso en una banda y con WED activado, desactivar la interfaz provocar\u00e1 un p\u00e1nico de kernel en MT798X. Anteriormente, cb_priv se liberaba en mtk_wed_setup_tc_block() sin marcar NULL, y mtk_wed_setup_tc_block_cb() tampoco verificaba el valor. Asigna NULL despu\u00e9s de liberar cb_priv en mtk_wed_setup_tc_block() y marca NULL en mtk_wed_setup_tc_block_cb(). ---------- No se puede manejar la solicitud de paginaci\u00f3n del n\u00facleo en la direcci\u00f3n virtual 0072460bca32b4f5 Seguimiento de llamadas: mtk_wed_setup_tc_block_cb+0x4/0x38 0xffffffc0794084bc tcf_block_playback_offloads+0x70/0x1e8 tcf_block_unbind+0x6c/0xc8 ... ---------" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.48", + "matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.7", + "matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", + "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", + "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/326a89321f9d5fe399fe6f9ff7c0fc766582a6a0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b453a4bbda03aa8741279c360ac82d1c3ac33548", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/db1b4bedb9b97c6d34b03d03815147c04fffe8b4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44998.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44998.json index 149787b7e9f..8360007940a 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44998.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44998.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44998", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.520", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:28:16.000", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,174 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: atm: idt77252: evitar use after free en dequeue_rx() No podemos desreferenciar \"skb\" despu\u00e9s de llamar a vcc->push() porque skb est\u00e1 liberado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.12", + "versionEndExcluding": "4.19.321", + "matchCriteriaId": "45DA6709-0A60-464F-A456-D2255279E01D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.283", + "matchCriteriaId": "8E6B390A-0CE6-44FC-8CD5-BE8226D6D24C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.225", + "matchCriteriaId": "C57B46A9-B105-4792-8481-1870DEFB436A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.166", + "matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.107", + "matchCriteriaId": "53954FF8-CB48-4302-BC4C-9DA7A88F44A2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.48", + "matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.7", + "matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", + "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", + "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/09e086a5f72ea27c758b3f3b419a69000c32adc1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1cece837e387c039225f19028df255df87a97c0d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/24cf390a5426aac9255205e9533cdd7b4235d518", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/379a6a326514a3e2f71b674091dfb0e0e7522b55", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/628ea82190a678a56d2ec38cda3addf3b3a6248d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/91b4850e7165a4b7180ef1e227733bcb41ccdf10", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a9a18e8f770c9b0703dab93580d0b02e199a4c79", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ef23c18ab88e33ce000d06a5c6aad0620f219bfd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-449xx/CVE-2024-44999.json b/CVE-2024/CVE-2024-449xx/CVE-2024-44999.json index 72e8fb39ef9..c50c9f1d731 100644 --- a/CVE-2024/CVE-2024-449xx/CVE-2024-44999.json +++ b/CVE-2024/CVE-2024-449xx/CVE-2024-44999.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44999", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.590", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:27:51.890", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,174 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: gtp: extraer encabezados de red en gtp_dev_xmit() syzbot/KMSAN inform\u00f3 del uso de uninit-value en get_dev_xmit() [1] Debemos asegurarnos de que el encabezado IPv4 o Ipv6 se extraiga en skb->head antes de acceder a los campos que contienen. Utilice pskb_inet_may_pull() para solucionar este problema. [1] ERROR: KMSAN: valor no inicializado en ipv6_pdp_find drivers/net/gtp.c:220 [en l\u00ednea] ERROR: KMSAN: valor no inicializado en gtp_build_skb_ip6 drivers/net/gtp.c:1229 [en l\u00ednea] ERROR: KMSAN: valor no inicializado en gtp_dev_xmit+0x1424/0x2540 drivers/net/gtp.c:1281 ipv6_pdp_find drivers/net/gtp.c:220 [en l\u00ednea] gtp_build_skb_ip6 drivers/net/gtp.c:1229 [en l\u00ednea] gtp_dev_xmit+0x1424/0x2540 drivers/net/gtp.c:1281 __netdev_start_xmit incluir/linux/netdevice.h:4913 [en l\u00ednea] netdev_start_xmit incluir/linux/netdevice.h:4922 [en l\u00ednea] xmit_one net/core/dev.c:3580 [en l\u00ednea] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3596 __dev_queue_xmit+0x358c/0x5610 net/core/dev.c:4423 dev_queue_xmit incluir/linux/netdevice.h:3105 [en l\u00ednea] paquete_xmit+0x9c/0x6c0 net/paquete/af_packet.c:276 paquete_snd net/paquete/af_packet.c:3145 [en l\u00ednea] paquete_sendmsg+0x90e3/0xa3a0 net/packet/af_packet.c:3177 sock_sendmsg_nosec net/socket.c:730 [en l\u00ednea] __sock_sendmsg+0x30f/0x380 net/socket.c:745 __sys_sendto+0x685/0x830 net/socket.c:2204 __do_sys_sendto net/socket.c:2216 [en l\u00ednea] __se_sys_sendto net/socket.c:2212 [en l\u00ednea] __x64_sys_sendto+0x125/0x1d0 net/socket.c:2212 x64_sys_call+0x3799/0x3c10 arch/x86/include/generated/asm/syscalls_64.h:45 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit se cre\u00f3 en: slab_post_alloc_hook mm/slub.c:3994 [en l\u00ednea] slab_alloc_node mm/slub.c:4037 [en l\u00ednea] kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4080 kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:583 __alloc_skb+0x363/0x7b0 net/core/skbuff.c:674 alloc_skb include/linux/skbuff.h:1320 [en l\u00ednea] alloc_skb_with_frags+0xc8/0xbf0 net/core/skbuff.c:6526 sock_alloc_send_pskb+0xa81/0xbf0 net/core/sock.c:2815 packet_alloc_skb net/packet/af_packet.c:2994 [en l\u00ednea] packet_snd net/packet/af_packet.c:3088 [en l\u00ednea] packet_sendmsg+0x749c/0xa3a0 net/packet/af_packet.c:3177 sock_sendmsg_nosec net/socket.c:730 [en l\u00ednea] __sock_sendmsg+0x30f/0x380 net/socket.c:745 __sys_sendto+0x685/0x830 red/socket.c:2204 __do_sys_sendto red/socket.c:2216 [en l\u00ednea] __se_sys_sendto red/socket.c:2212 [en l\u00ednea] __x64_sys_sendto+0x125/0x1d0 red/socket.c:2212 x64_sys_call+0x3799/0x3c10 arch/x86/include/generated/asm/syscalls_64.h:45 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f CPU: 0 UID: 0 PID: 7115 Comm: syz.1.515 No contaminado 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 27/06/2024" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-908" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.7", + "versionEndExcluding": "4.19.321", + "matchCriteriaId": "2182122C-2D3A-4507-B128-955820A30780" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.283", + "matchCriteriaId": "8E6B390A-0CE6-44FC-8CD5-BE8226D6D24C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.225", + "matchCriteriaId": "C57B46A9-B105-4792-8481-1870DEFB436A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.166", + "matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.107", + "matchCriteriaId": "53954FF8-CB48-4302-BC4C-9DA7A88F44A2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.48", + "matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.7", + "matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", + "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", + "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/137d565ab89ce3584503b443bc9e00d44f482593", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1f6b62392453d8f36685d19b761307a8c5617ac1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/34ba4f29f3d9eb52dee37512059efb2afd7e966f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3939d787139e359b77aaf9485d1e145d6713d7b9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3a3be7ff9224f424e485287b54be00d2c6bd9c40", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3d89d0c4a1c6d4d2a755e826351b0a101dbc86f3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cbb9a969fc190e85195d1b0f08038e7f6199044e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f5dda8db382c5751c4e572afc7c99df7da1f83ca", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45000.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45000.json index d776d475684..fa73f31db80 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45000.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45000.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45000", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.657", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:27:31.003", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,118 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fs/netfs/fscache_cookie: agregar comprobaci\u00f3n \"n_accesses\" faltante Esto corrige un error de desreferencia de puntero NULL debido a una ejecuci\u00f3n de datos que se ve as\u00ed: ERROR: desreferencia de puntero NULL del kernel, direcci\u00f3n: 0000000000000008 #PF: acceso de lectura de supervisor en modo kernel #PF: error_code(0x0000) - p\u00e1gina no presente PGD 0 P4D 0 Oops: 0000 [#1] SMP PTI CPU: 33 PID: 16573 Comm: kworker/u97:799 No contaminado 6.8.7-cm4all1-hp+ #43 Nombre del hardware: HP ProLiant DL380 Gen9/ProLiant DL380 Gen9, BIOS P89 17/10/2018 Cola de trabajo: events_unbound netfs_rreq_write_to_cache_work RIP: 0010:cachefiles_prepare_write+0x30/0xa0 C\u00f3digo: 57 41 56 45 89 ce 41 55 49 89 cd 41 54 49 89 d4 55 53 48 89 fb 48 83 ec 08 48 8b 47 08 48 83 7f 10 00 48 89 34 24 48 8b 68 20 <48> 8b 45 08 4c 8b 38 74 45 49 8b 7f 50 e8 4e a9 b0 ff 48 8b 73 10 RSP: 0018:ffffb4e78113bde0 EFLAGS: 00010286 RAX: ffff976126be6d10 RBX: ffff97615cdb8438 RCX: 0000000000020000 RDX: ffff97605e6c4c68 RSI: ffff97605e6c4c60 RDI: ffff97615cdb8438 RBP: 000000000000000 R08: 0000000000278333 R09: 0000000000000001 R10: ffff97605e6c4600 R11: 0000000000000001 R12: ffff97605e6c4c68 R13: 0000000000020000 R14: 0000000000000001 R15: ffff976064fe2c00 FS: 000000000000000(0000) GS:ffff9776dfd40000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000000008 CR3: 000000005942c002 CR4: 00000000001706f0 Seguimiento de llamadas: ? __die+0x1f/0x70 ? page_fault_oops+0x15d/0x440 ? search_module_extables+0xe/0x40 ? fixup_exception+0x22/0x2f0 ? exc_page_fault+0x5f/0x100 ? asm_exc_page_fault+0x22/0x30 ? cachefiles_prepare_write+0x30/0xa0 netfs_rreq_write_to_cache_work+0x135/0x2e0 process_one_work+0x137/0x2c0 subproceso_trabajador+0x2e9/0x400 ? __pfx_worker_thread+0x10/0x10 kthread+0xcc/0x100 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x30/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1b/0x30 M\u00f3dulos vinculados en: CR2: 000000000000008 ---[ fin del seguimiento 000000000000000 ]--- Esto sucedi\u00f3 porque fscache_cookie_state_machine() era lento y todav\u00eda se estaba ejecutando mientras otro proceso invocaba fscache_unuse_cookie(); Esto llev\u00f3 a una llamada a fscache_cookie_lru_do_one(), que estableci\u00f3 el indicador FSCACHE_COOKIE_DO_LRU_DISCARD, que fue detectado por fscache_cookie_state_machine(), retirando la cookie a trav\u00e9s de cachefiles_withdraw_cookie(), borrando cookie->cache_priv. Al mismo tiempo, otro proceso invoc\u00f3 cachefiles_prepare_write(), que encontr\u00f3 un puntero NULL en esta l\u00ednea de c\u00f3digo: struct cachefiles_object *object = cachefiles_cres_object(cres); La siguiente l\u00ednea falla, obviamente: struct cachefiles_cache *cache = object->volume->cache; Durante cachefiles_prepare_write(), el contador \"n_accesses\" no es cero (a trav\u00e9s de fscache_begin_operation()). La cookie no debe retirarse hasta que baje a cero. El contador se comprueba mediante fscache_cookie_state_machine() antes de cambiar a FSCACHE_COOKIE_STATE_RELINQUISHING y FSCACHE_COOKIE_STATE_WITHDRAWING (en el \"caso FSCACHE_COOKIE_STATE_FAILED\"), pero no para FSCACHE_COOKIE_STATE_LRU_DISCARDING (\"caso FSCACHE_COOKIE_STATE_ACTIVE\"). Este parche agrega la comprobaci\u00f3n faltante. Con un contador de acceso distinto de cero, la funci\u00f3n retorna y la siguiente llamada fscache_end_cookie_access() pondr\u00e1 en cola otra llamada fscache_cookie_state_machine() para manejar la FSCACHE_COOKIE_DO_LRU_DISCARD a\u00fan pendiente." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.17", + "versionEndExcluding": "6.1.107", + "matchCriteriaId": "E1FCBB3B-3EA3-4D99-B4C1-E8EA9F3DA097" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.48", + "matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.7", + "matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", + "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", + "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0a4d41fa14b2a0efd40e350cfe8ec6a4c998ac1d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b8a50877f68efdcc0be3fcc5116e00c31b90e45b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/dfaa39b05a6cf34a16c525a2759ee6ab26b5fef6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f71aa06398aabc2e3eaac25acdf3d62e0094ba70", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45002.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45002.json index 98152708a86..8b07aa4aa44 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45002.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45002.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45002", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.763", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:27:13.727", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,118 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: rtla/osnoise: Evitar la desreferenciaci\u00f3n NULL en el manejo de errores. Si la asignaci\u00f3n \"tool->data\" falla, entonces no es necesario llamar a osnoise_free_top() y, de hecho, hacerlo provocar\u00e1 una desreferenciaci\u00f3n NULL." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.17", + "versionEndExcluding": "6.1.107", + "matchCriteriaId": "E1FCBB3B-3EA3-4D99-B4C1-E8EA9F3DA097" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.48", + "matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.7", + "matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", + "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", + "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/753f1745146e03abd17eec8eee95faffc96d743d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/90574d2a675947858b47008df8d07f75ea50d0d0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/abdb9ddaaab476e62805e36cce7b4ef8413ffd01", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fc575212c6b75d538e1a0a74f4c7e2ac73bc46ac", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45006.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45006.json index 1b516b58900..82dfa10c1d8 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45006.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45006.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45006", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-09-04T20:15:08.997", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:26:52.640", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,174 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: xhci: Fix Panther point NULL point deref at full-speed re-enumeration reenumerar dispositivos de velocidad completa despu\u00e9s de un comando de dispositivo de direcci\u00f3n fallido puede desencadenar una desreferencia de puntero NULL. Los dispositivos de velocidad completa pueden necesitar reconfigurar el valor 0 Max Packet Size del endpoint durante la enumeraci\u00f3n. Usb core llama a usb_ep0_reinit() en este caso, que termina llamando a xhci_configure_endpoint(). En Panther point xHC, la funci\u00f3n xhci_configure_endpoint() verificar\u00e1 y reservar\u00e1 adicionalmente el ancho de banda en el software. Otros hosts hacen esto en el hardware Si el comando de dispositivo de direcci\u00f3n xHC falla, se asigna una nueva estructura xhci_virt_device como parte de la rehabilitaci\u00f3n de la ranura, pero los punteros de la tabla de ancho de banda no se configuran correctamente aqu\u00ed. Esto activa la desreferencia del puntero NULL la pr\u00f3xima vez que se llama a usb_ep0_reinit() y xhci_configure_endpoint() intenta verificar y reservar el ancho de banda [46710.713538] usb 3-1: nuevo dispositivo USB de velocidad completa n\u00famero 5 que usa xhci_hcd [46710.713699] usb 3-1: el dispositivo no responde a la direcci\u00f3n de configuraci\u00f3n. [46710.917684] usb 3-1: el dispositivo no responde a la direcci\u00f3n de configuraci\u00f3n. [46711.125536] usb 3-1: el dispositivo no acepta la direcci\u00f3n 5, error -71 [46711.125594] ERROR: desreferencia de puntero NULL del kernel, direcci\u00f3n: 0000000000000008 [46711.125600] #PF: acceso de lectura del supervisor en modo kernel [46711.125603] #PF: error_code(0x0000) - p\u00e1gina no presente [46711.125606] PGD 0 P4D 0 [46711.125610] Oops: Oops: 0000 [#1] PREEMPT SMP PTI [46711.125615] CPU: 1 PID: 25760 Comm: kworker/1:2 No contaminado 6.10.3_2 #1 [46711.125620] Nombre del hardware: Gigabyte Technology Co., Ltd. [46711.125623] Cola de trabajo: usb_hub_wq hub_event [usbcore] [46711.125668] RIP: 0010:xhci_reserve_bandwidth (drivers/usb/host/xhci.c Solucione esto asegur\u00e1ndose de que los punteros de la tabla de ancho de banda est\u00e9n configurados correctamente despu\u00e9s de un comando de dispositivo de direcci\u00f3n fallido y, adem\u00e1s, evitando verificar el ancho de banda en casos como este donde no se agregan ni eliminan endpoints reales, es decir, solo se eval\u00faa el contexto para el endpoint de control predeterminado 0." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.321", + "matchCriteriaId": "69564093-AC65-49E3-B85D-1A63FE8258FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.283", + "matchCriteriaId": "8E6B390A-0CE6-44FC-8CD5-BE8226D6D24C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.225", + "matchCriteriaId": "C57B46A9-B105-4792-8481-1870DEFB436A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.166", + "matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.107", + "matchCriteriaId": "53954FF8-CB48-4302-BC4C-9DA7A88F44A2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.48", + "matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.10.7", + "matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", + "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", + "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*", + "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0f0654318e25b2c185e245ba4a591e42fabb5e59", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/365ef7c4277fdd781a695c3553fa157d622d805d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5ad898ae82412f8a689d59829804bff2999dd0ea", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6b99de301d78e1f5249e57ef2c32e1dec3df2bb1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8fb9d412ebe2f245f13481e4624b40e651570cbd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a57b0ebabe6862dce0a2e0f13e17941ad72fc56b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/af8e119f52e9c13e556be9e03f27957554a84656", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ef0a0e616b2789bb804a0ce5e161db03170a85b6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45039.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45039.json index e03af3a96cf..898612c6676 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45039.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45039.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45039", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-06T13:15:04.400", - "lastModified": "2024-09-06T13:15:04.400", - "vulnStatus": "Received", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45040.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45040.json index fdd3a932838..93c8cfa3a5a 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45040.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45040.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45040", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-06T13:15:04.893", - "lastModified": "2024-09-06T13:15:04.893", - "vulnStatus": "Received", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45063.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45063.json index 1ed0510c0a7..18dda0d5bc3 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45063.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45063.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45063", "sourceIdentifier": "secteam@freebsd.org", "published": "2024-09-05T05:15:13.830", - "lastModified": "2024-09-05T21:21:37.113", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T17:35:18.370", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.0, "impactScore": 6.0 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45074.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45074.json index e586aec4389..c42463b4247 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45074.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45074.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45074", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-09-04T16:15:08.110", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:45:32.767", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:webmethods_integration:10.15:*:*:*:*:*:*:*", + "matchCriteriaId": "A74F598F-90A3-4F57-99B8-5BA7AD731699" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.ibm.com/support/pages/node/7167245", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45075.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45075.json index 1f8d66bb435..d209c24c7f4 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45075.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45075.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45075", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-09-04T16:15:08.357", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:45:12.980", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -41,8 +41,18 @@ }, "weaknesses": [ { - "source": "psirt@us.ibm.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "psirt@us.ibm.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +61,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:webmethods_integration:10.15:*:*:*:*:*:*:*", + "matchCriteriaId": "A74F598F-90A3-4F57-99B8-5BA7AD731699" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.ibm.com/support/pages/node/7167245", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-450xx/CVE-2024-45076.json b/CVE-2024/CVE-2024-450xx/CVE-2024-45076.json index 29e59a5c02a..fd6e4e7aa21 100644 --- a/CVE-2024/CVE-2024-450xx/CVE-2024-45076.json +++ b/CVE-2024/CVE-2024-450xx/CVE-2024-45076.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45076", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-09-04T16:15:08.600", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:44:52.310", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:webmethods_integration:10.15:*:*:*:*:*:*:*", + "matchCriteriaId": "A74F598F-90A3-4F57-99B8-5BA7AD731699" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.ibm.com/support/pages/node/7167245", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-451xx/CVE-2024-45107.json b/CVE-2024/CVE-2024-451xx/CVE-2024-45107.json index 9ea11eabcf4..d3f3fe02c20 100644 --- a/CVE-2024/CVE-2024-451xx/CVE-2024-45107.json +++ b/CVE-2024/CVE-2024-451xx/CVE-2024-45107.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45107", "sourceIdentifier": "psirt@adobe.com", "published": "2024-09-05T09:15:03.123", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:26:03.440", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Acrobat Reader versions 20.005.30636, 24.002.20964, 24.001.30123, 24.002.20991 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + }, + { + "lang": "es", + "value": "Las versiones 20.005.30636, 24.002.20964, 24.001.30123, 24.002.20991 y anteriores de Acrobat Reader se ven afectadas por una vulnerabilidad de tipo Use After Free que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para eludir mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso." } ], "metrics": { @@ -47,10 +51,77 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", + "versionStartIncluding": "20.001.30005", + "versionEndExcluding": "20.005.30655", + "matchCriteriaId": "B9311FEC-D9CC-421C-8E5E-8131E460FC42" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", + "versionStartIncluding": "24.001.20604", + "versionEndExcluding": "24.001.30159", + "matchCriteriaId": "1A09E4B8-DB3B-45EC-B441-2C9549D299B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", + "versionStartIncluding": "15.007.20033", + "versionEndExcluding": "24.002.21005", + "matchCriteriaId": "192EE3D7-728B-4C1E-A40D-63EC7192E8C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", + "versionStartIncluding": "20.001.30005", + "versionEndExcluding": "20.005.30655", + "matchCriteriaId": "D6422E51-47B6-4E3E-BEAF-A2B8EADB3ACD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", + "versionStartIncluding": "15.007.20033", + "versionEndExcluding": "24.002.21005", + "matchCriteriaId": "3FA83F14-5ED2-4271-8F40-CF13A8A36458" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-452xx/CVE-2024-45287.json b/CVE-2024/CVE-2024-452xx/CVE-2024-45287.json index 0f113c428f4..b7338a571ca 100644 --- a/CVE-2024/CVE-2024-452xx/CVE-2024-45287.json +++ b/CVE-2024/CVE-2024-452xx/CVE-2024-45287.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45287", "sourceIdentifier": "secteam@freebsd.org", "published": "2024-09-05T04:15:07.410", - "lastModified": "2024-09-05T13:35:02.927", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:26:26.303", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + }, { "source": "secteam@freebsd.org", "type": "Secondary", @@ -55,10 +85,152 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "E82CE719-C11D-4C34-BDF9-5AA704884289" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:13.3:-:*:*:*:*:*:*", + "matchCriteriaId": "17DAE911-21E1-4182-85A0-B9F0059DDA7F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:13.3:p1:*:*:*:*:*:*", + "matchCriteriaId": "ABEA48EC-24EA-4106-9465-CE66B938635F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:13.3:p2:*:*:*:*:*:*", + "matchCriteriaId": "8DFB5BD0-E777-4CAA-B2E0-3F3357D06D01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:13.3:p3:*:*:*:*:*:*", + "matchCriteriaId": "BC8C769C-A23E-4F61-AC42-4DA64421B096" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:13.3:p4:*:*:*:*:*:*", + "matchCriteriaId": "45B0589E-2E7D-4516-A8A0-88F30038EAB0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:13.3:p5:*:*:*:*:*:*", + "matchCriteriaId": "C5CD8EF6-B119-488F-A278-8E9740E3E482" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:13.4:beta3:*:*:*:*:*:*", + "matchCriteriaId": "2F52349C-6051-4CB9-8659-763A22C31640" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:-:*:*:*:*:*:*", + "matchCriteriaId": "FA25530A-133C-4D7C-8993-D5C42D79A0B5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:beta5:*:*:*:*:*:*", + "matchCriteriaId": "DB7B021E-F4AD-44AC-96AB-8ACAF8AB1B88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "69A72B5A-2189-4700-8E8B-1E5E7CA86C40" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "5771F187-281B-4680-B562-EFC7441A8F88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "0A4437F5-9DDA-4769-974E-23BFA085E0DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "A9C3A3D4-C9F4-41EB-B532-821AF83470B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "878A1F0A-087F-47D7-9CA5-A54BB8D6676A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "CE73CDC3-B5A7-4921-89C6-8F9DC426CB3E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "50A5E650-31FB-45BE-8827-641B58A83E45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "D59CFDD3-AEC3-43F1-A620-0B1F0BAD9048" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "44B8A489-6314-460D-90DA-AFB54298C8E6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:rc3:*:*:*:*:*:*", + "matchCriteriaId": "038E5B85-7F60-4D71-8D3F-EDBF6E036CE0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1:*:*:*:*:*:*", + "matchCriteriaId": "BF309824-D379-4749-A1FA-BCB2987DD671" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:14.1:-:*:*:*:*:*:*", + "matchCriteriaId": "79D770C6-7A57-4A49-8164-C55391F62301" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:14.1:p1:*:*:*:*:*:*", + "matchCriteriaId": "AA813990-8C8F-4EE8-9F2B-9F73C510A7B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:14.1:p2:*:*:*:*:*:*", + "matchCriteriaId": "D4DFA201-27D5-4C01-B90F-E24778943C3B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:freebsd:freebsd:14.1:p3:*:*:*:*:*:*", + "matchCriteriaId": "01DD321B-E5E2-49F7-86A1-D40B13E257C7" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.freebsd.org/advisories/FreeBSD-SA-24:09.libnv.asc", - "source": "secteam@freebsd.org" + "source": "secteam@freebsd.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-452xx/CVE-2024-45294.json b/CVE-2024/CVE-2024-452xx/CVE-2024-45294.json new file mode 100644 index 00000000000..9998f2c8847 --- /dev/null +++ b/CVE-2024/CVE-2024-452xx/CVE-2024-45294.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-45294", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-09-06T16:15:03.300", + "lastModified": "2024-09-06T17:15:16.977", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The HL7 FHIR Core Artifacts repository provides the java core object handling code, with utilities (including validator), for the Fast Healthcare Interoperability Resources (FHIR) specification. Prior to version 6.3.23, XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external clients can submit XML. This issue has been patched in release 6.3.23. No known workarounds are available." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 8.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-611" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/HL7/fhir-ig-publisher/releases/tag/1.6.22", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/HL7/fhir-ig-publisher/security/advisories/GHSA-59rq-22fm-x8q5", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-452xx/CVE-2024-45295.json b/CVE-2024/CVE-2024-452xx/CVE-2024-45295.json new file mode 100644 index 00000000000..4f901a5c1fd --- /dev/null +++ b/CVE-2024/CVE-2024-452xx/CVE-2024-45295.json @@ -0,0 +1,16 @@ +{ + "id": "CVE-2024-45295", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-09-06T17:15:17.053", + "lastModified": "2024-09-06T17:15:17.053", + "vulnStatus": "Rejected", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-45294. Reason: This candidate is a duplicate of CVE-2024-45294. Notes: All CVE users should reference CVE-2024-45294 instead of this candidate. This CVE was issued to a vulnerability that is dependent on CVE-2024-45294. According to rule 4.2.15 of the CVE CNA rules, \"CNAs MUST NOT assign a different CVE ID to a Vulnerability that is fully interdependent with another Vulnerability. The Vulnerabilities are effectively the same single Vulnerability and MUST use one CVE ID.\"" + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-452xx/CVE-2024-45299.json b/CVE-2024/CVE-2024-452xx/CVE-2024-45299.json index 05bcd605bd8..446a59ee70c 100644 --- a/CVE-2024/CVE-2024-452xx/CVE-2024-45299.json +++ b/CVE-2024/CVE-2024-452xx/CVE-2024-45299.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45299", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-06T13:15:05.253", - "lastModified": "2024-09-06T13:15:05.253", - "vulnStatus": "Received", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-453xx/CVE-2024-45300.json b/CVE-2024/CVE-2024-453xx/CVE-2024-45300.json index bda729c595f..8f1cf1d9803 100644 --- a/CVE-2024/CVE-2024-453xx/CVE-2024-45300.json +++ b/CVE-2024/CVE-2024-453xx/CVE-2024-45300.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45300", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-06T13:15:05.537", - "lastModified": "2024-09-06T13:15:05.537", - "vulnStatus": "Received", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-454xx/CVE-2024-45405.json b/CVE-2024/CVE-2024-454xx/CVE-2024-45405.json index fa3c77d1242..8c038bb5b16 100644 --- a/CVE-2024/CVE-2024-454xx/CVE-2024-45405.json +++ b/CVE-2024/CVE-2024-454xx/CVE-2024-45405.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45405", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-06T13:15:05.830", - "lastModified": "2024-09-06T13:15:05.830", - "vulnStatus": "Received", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45758.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45758.json new file mode 100644 index 00000000000..956bb72a271 --- /dev/null +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45758.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-45758", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-09-06T16:15:03.517", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "H2O.ai H2O through 3.46.0.4 allows attackers to arbitrarily set the JDBC URL, leading to deserialization attacks, file reads, and command execution. Exploitation can occur when an attacker has access to post to the ImportSQLTable URI with a JSON document containing a connection_url property with any typical JDBC Connection URL attack payload such as one that uses queryInterceptors." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/AfterSnows/c24ca3c26dc89ab797e610e92a6a9acb", + "source": "cve@mitre.org" + }, + { + "url": "https://spear-shield.notion.site/Unauthenticated-Remote-Code-Execution-via-Unrestricted-JDBC-Connection-87a958a4874044199cbb86422d1f6068", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-59xx/CVE-2024-5956.json b/CVE-2024/CVE-2024-59xx/CVE-2024-5956.json index 30d6247067a..87f7d600019 100644 --- a/CVE-2024/CVE-2024-59xx/CVE-2024-5956.json +++ b/CVE-2024/CVE-2024-59xx/CVE-2024-5956.json @@ -2,17 +2,41 @@ "id": "CVE-2024-5956", "sourceIdentifier": "trellixpsirt@trellix.com", "published": "2024-09-05T11:15:12.387", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:25:19.253", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly" + }, + { + "lang": "es", + "value": "Esta vulnerabilidad permite a atacantes remotos no autenticados eludir la autenticaci\u00f3n y obtener acceso parcial a los datos del Trellix IPS Manager vulnerable con datos basura en respuesta principalmente." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "trellixpsirt@trellix.com", "type": "Secondary", @@ -37,8 +61,18 @@ }, "weaknesses": [ { - "source": "trellixpsirt@trellix.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + }, + { + "source": "trellixpsirt@trellix.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -47,10 +81,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:trellix:intrusion_prevention_system_manager:11.1.7.97:*:*:*:*:*:*:*", + "matchCriteriaId": "1F69AE8A-D07B-4315-80B0-FC8B6DB4815D" + } + ] + } + ] + } + ], "references": [ { "url": "https://thrive.trellix.com/s/article/000013870", - "source": "trellixpsirt@trellix.com" + "source": "trellixpsirt@trellix.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-59xx/CVE-2024-5957.json b/CVE-2024/CVE-2024-59xx/CVE-2024-5957.json index 9a66512961b..6eb8fe9258d 100644 --- a/CVE-2024/CVE-2024-59xx/CVE-2024-5957.json +++ b/CVE-2024/CVE-2024-59xx/CVE-2024-5957.json @@ -2,17 +2,41 @@ "id": "CVE-2024-5957", "sourceIdentifier": "trellixpsirt@trellix.com", "published": "2024-09-05T11:15:12.610", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:24:23.317", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs access of the Manager." + }, + { + "lang": "es", + "value": "Esta vulnerabilidad permite a atacantes remotos no autenticados eludir la autenticaci\u00f3n y obtener acceso a las API del Administrador." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "trellixpsirt@trellix.com", "type": "Secondary", @@ -37,8 +61,18 @@ }, "weaknesses": [ { - "source": "trellixpsirt@trellix.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + }, + { + "source": "trellixpsirt@trellix.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -47,10 +81,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:trellix:intrusion_prevention_system_manager:*:*:*:*:*:*:*:*", + "versionEndExcluding": "11.1.7.97", + "matchCriteriaId": "C7F621EC-B77F-4D68-9B5C-CC041F87FCB9" + } + ] + } + ] + } + ], "references": [ { "url": "https://thrive.trellix.com/s/article/000013870", - "source": "trellixpsirt@trellix.com" + "source": "trellixpsirt@trellix.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-61xx/CVE-2024-6191.json b/CVE-2024/CVE-2024-61xx/CVE-2024-6191.json index d837a1800af..6432cbe6bbc 100644 --- a/CVE-2024/CVE-2024-61xx/CVE-2024-6191.json +++ b/CVE-2024/CVE-2024-61xx/CVE-2024-6191.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6191", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-20T15:15:51.230", - "lastModified": "2024-06-20T16:07:50.417", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T17:01:53.530", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,54 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:angeljudesuarez:student_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7816C1E9-D65F-4652-A2F5-27FDEAA6B33D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/HryspaHodor/CVE/issues/3", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.269163", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.269163", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?submit.359009", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-61xx/CVE-2024-6192.json b/CVE-2024/CVE-2024-61xx/CVE-2024-6192.json index 8668a3a5108..cd49201d5bf 100644 --- a/CVE-2024/CVE-2024-61xx/CVE-2024-6192.json +++ b/CVE-2024/CVE-2024-61xx/CVE-2024-6192.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6192", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-20T15:15:51.517", - "lastModified": "2024-06-20T18:15:13.337", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T17:00:18.537", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,55 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:angeljudesuarez:loan_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "250E4057-0CA7-43C6-8B0E-D37FEF3D3CF2" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/HryspaHodor/CVE/issues/4", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.269164", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.269164", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.359017", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6253.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6253.json index 05a720f7aea..0f8e5c65e88 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6253.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6253.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6253", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-22T14:15:09.673", - "lastModified": "2024-06-25T18:15:12.000", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:57:26.650", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,55 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:kevinwong:online_food_ordering_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "9E6AA4AA-216E-471B-9107-65E50C880042" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Desenchanted/cve/issues/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.269420", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.269420", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.361840", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6267.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6267.json index e9e79b1fe6e..fd9fb21dcee 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6267.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6267.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6267", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-23T06:15:09.633", - "lastModified": "2024-06-24T15:15:12.093", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:56:11.543", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,26 +140,61 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oretnom23:service_provider_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F7C20DC3-D0C4-4D07-A2AA-8057A70FC448" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.google.com/document/d/1upC4101Ob9UW7fGC_valsEa45Q5xuBgcKZhs1Q-WoBM/edit?usp=sharing", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://github.com/sgr-xd/CVEs/blob/main/CVE-2024-6267.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.269479", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.269479", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.362661", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6273.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6273.json index 028d6cdbf1f..8ca4a2d30dd 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6273.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6273.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6273", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-23T22:15:09.490", - "lastModified": "2024-06-25T13:15:50.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:54:20.973", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,26 +140,61 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oretnom23:clinic_queuing_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "959FD20D-FEFB-455F-9689-7C16934B6290" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.google.com/document/d/14ExrgXqPQlgvjw2poqNzYzAOi-C5tda-XBJF513yzag/edit?usp=sharing", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://github.com/sgr-xd/CVEs/blob/main/CVE-2024-6273.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.269485", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.269485", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.362873", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6280.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6280.json index b695d55263d..a376acbaf77 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6280.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6280.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6280", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-24T03:15:10.847", - "lastModified": "2024-06-24T12:57:36.513", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:52:22.133", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,54 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oretnom23:simple_online_bidding_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0BDDF483-CE42-4DCA-95DC-47AF1F9FB9CF" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Isfulou/cve/blob/main/upload.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.269493", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.269493", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.363054", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6445.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6445.json index 78db489df25..f104a1683b5 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6445.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6445.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6445", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2024-09-06T14:15:12.683", - "lastModified": "2024-09-06T14:15:12.683", - "vulnStatus": "Received", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6459.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6459.json index bfba8d0347e..26ff4dd1626 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6459.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6459.json @@ -2,7 +2,7 @@ "id": "CVE-2024-6459", "sourceIdentifier": "contact@wpscan.com", "published": "2024-08-17T06:15:03.973", - "lastModified": "2024-08-19T13:00:23.117", + "lastModified": "2024-09-06T17:35:18.880", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,30 @@ "value": "El complemento News Element Elementor Blog Magazine de WordPress anterior a 1.0.6 es vulnerable a la inclusi\u00f3n de archivos locales a trav\u00e9s del par\u00e1metro de plantilla. Esto hace posible que un atacante no autenticado incluya y ejecute archivos PHP en el servidor, permitiendo la ejecuci\u00f3n de cualquier c\u00f3digo PHP en esos archivos." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, "references": [ { "url": "https://wpscan.com/vulnerability/330359fa-d085-4923-b5a8-c0e2e5267247/", diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6477.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6477.json index 7a307f50f07..0f22051deba 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6477.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6477.json @@ -2,7 +2,7 @@ "id": "CVE-2024-6477", "sourceIdentifier": "contact@wpscan.com", "published": "2024-08-03T06:16:29.427", - "lastModified": "2024-08-05T12:41:45.957", + "lastModified": "2024-09-06T17:35:19.087", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,30 @@ "value": "El complemento UsersWP de WordPress anterior a 1.2.12 usa nombres de archivos predecibles cuando un administrador genera una exportaci\u00f3n, lo que podr\u00eda permitir a atacantes no autenticados descargarlos y recuperar informaci\u00f3n confidencial como IP, nombre de usuario y direcci\u00f3n de correo electr\u00f3nico." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "references": [ { "url": "https://wpscan.com/vulnerability/346c855a-4d42-4a87-aac9-e5bfc2242b16/", diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6498.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6498.json index e69b427e9e1..54e40b00d7c 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6498.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6498.json @@ -2,13 +2,13 @@ "id": "CVE-2024-6498", "sourceIdentifier": "contact@wpscan.com", "published": "2024-08-05T06:16:41.677", - "lastModified": "2024-09-05T15:30:12.140", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T17:35:19.293", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "The Chatbot for WordPress by Collect.chat ?? WordPress plugin before 2.4.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed" + "value": "The Chatbot for WordPress by Collect.chat \u26a1\ufe0f WordPress plugin before 2.4.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed" }, { "lang": "es", @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.7, "impactScore": 2.7 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-79" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-68xx/CVE-2024-6892.json b/CVE-2024/CVE-2024-68xx/CVE-2024-6892.json index 08b4e3d4151..dee90aafb2a 100644 --- a/CVE-2024/CVE-2024-68xx/CVE-2024-6892.json +++ b/CVE-2024/CVE-2024-68xx/CVE-2024-6892.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6892", "sourceIdentifier": "bbf0bd87-ece2-41be-b873-96928ee8fab9", "published": "2024-08-08T00:15:40.707", - "lastModified": "2024-08-09T16:35:06.330", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-06T16:33:34.360", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "bbf0bd87-ece2-41be-b873-96928ee8fab9", "type": "Secondary", @@ -51,10 +81,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:journyx:journyx:11.5.4:*:*:*:*:*:*:*", + "matchCriteriaId": "AF1266F5-FC56-4EB7-8ACD-A8010389CC3A" + } + ] + } + ] + } + ], "references": [ { "url": "https://korelogic.com/Resources/Advisories/KL-001-2024-009.txt", - "source": "bbf0bd87-ece2-41be-b873-96928ee8fab9" + "source": "bbf0bd87-ece2-41be-b873-96928ee8fab9", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-70xx/CVE-2024-7006.json b/CVE-2024/CVE-2024-70xx/CVE-2024-7006.json index 9d81c83116c..28a0992f310 100644 --- a/CVE-2024/CVE-2024-70xx/CVE-2024-7006.json +++ b/CVE-2024/CVE-2024-70xx/CVE-2024-7006.json @@ -2,7 +2,7 @@ "id": "CVE-2024-7006", "sourceIdentifier": "secalert@redhat.com", "published": "2024-08-12T13:38:40.577", - "lastModified": "2024-09-04T23:15:12.977", + "lastModified": "2024-09-06T17:15:17.387", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -61,7 +61,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "secalert@redhat.com", "type": "Primary", "description": [ { @@ -71,12 +71,12 @@ ] }, { - "source": "secalert@redhat.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-754" + "value": "CWE-476" } ] } diff --git a/CVE-2024/CVE-2024-74xx/CVE-2024-7493.json b/CVE-2024/CVE-2024-74xx/CVE-2024-7493.json index ffa194a80c4..7b9917a6a0b 100644 --- a/CVE-2024/CVE-2024-74xx/CVE-2024-7493.json +++ b/CVE-2024/CVE-2024-74xx/CVE-2024-7493.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7493", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-06T14:15:12.860", - "lastModified": "2024-09-06T14:15:12.860", - "vulnStatus": "Received", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-75xx/CVE-2024-7599.json b/CVE-2024/CVE-2024-75xx/CVE-2024-7599.json index c6c746c56fc..d0527dc9ca8 100644 --- a/CVE-2024/CVE-2024-75xx/CVE-2024-7599.json +++ b/CVE-2024/CVE-2024-75xx/CVE-2024-7599.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7599", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-06T14:15:13.107", - "lastModified": "2024-09-06T14:15:13.107", - "vulnStatus": "Received", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7611.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7611.json index 48337239570..911e42bbc4b 100644 --- a/CVE-2024/CVE-2024-76xx/CVE-2024-7611.json +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7611.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7611", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-06T14:15:13.330", - "lastModified": "2024-09-06T14:15:13.330", - "vulnStatus": "Received", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7622.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7622.json index a3e424fea69..1c44f9f17a0 100644 --- a/CVE-2024/CVE-2024-76xx/CVE-2024-7622.json +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7622.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7622", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-06T14:15:13.553", - "lastModified": "2024-09-06T14:15:13.553", - "vulnStatus": "Received", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7693.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7693.json index 40e6852379d..6ee2b3456a8 100644 --- a/CVE-2024/CVE-2024-76xx/CVE-2024-7693.json +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7693.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7693", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-08-12T13:38:58.150", - "lastModified": "2024-08-12T13:41:36.517", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-06T16:51:35.647", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -18,7 +18,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "twcert@cert.org.tw", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -36,13 +36,43 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "twcert@cert.org.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, "weaknesses": [ { - "source": "twcert@cert.org.tw", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, + { + "source": "twcert@cert.org.tw", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,14 +81,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:raidenmaild:raidenmaild:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.0.2", + "matchCriteriaId": "DCD34C77-82DE-4116-9D09-639588C953D4" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.twcert.org.tw/en/cp-139-7999-208bf-2.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.twcert.org.tw/tw/cp-132-7997-31bef-1.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7694.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7694.json index 10d42ff5cb4..c0482599484 100644 --- a/CVE-2024/CVE-2024-76xx/CVE-2024-7694.json +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7694.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7694", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-08-12T13:38:58.553", - "lastModified": "2024-08-12T13:41:36.517", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-06T17:24:42.573", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:teamt5:threatsonar_anti-ransomware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.0", + "matchCriteriaId": "D9A8CAE4-32DB-42E7-9791-5C3D0C4FC2D2" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.twcert.org.tw/en/cp-139-8000-e5a5c-2.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.twcert.org.tw/tw/cp-132-7998-d76dd-1.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-81xx/CVE-2024-8117.json b/CVE-2024/CVE-2024-81xx/CVE-2024-8117.json index ed40a82b758..019e3784cda 100644 --- a/CVE-2024/CVE-2024-81xx/CVE-2024-8117.json +++ b/CVE-2024/CVE-2024-81xx/CVE-2024-8117.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8117", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-04T07:15:04.407", - "lastModified": "2024-09-04T13:05:36.067", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:04:23.413", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,18 +51,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpextended:wp_extended:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.0.9", + "matchCriteriaId": "A0AEBA1D-445D-46DC-88FF-D829DA324207" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/wpextended/trunk/includes/modules/core_extensions/wpext_snippets/wpext_snippets.php#L293", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3145430%40wpextended%2Ftrunk&old=3134345%40wpextended%2Ftrunk&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0f7f91f6-9fe6-4bbf-ba3c-380ba2e97dcd?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-81xx/CVE-2024-8119.json b/CVE-2024/CVE-2024-81xx/CVE-2024-8119.json index ee87813c415..1674cdf16a9 100644 --- a/CVE-2024/CVE-2024-81xx/CVE-2024-8119.json +++ b/CVE-2024/CVE-2024-81xx/CVE-2024-8119.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8119", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-04T07:15:04.650", - "lastModified": "2024-09-04T13:05:36.067", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:11:02.370", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,18 +51,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpextended:wp_extended:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.0.9", + "matchCriteriaId": "A0AEBA1D-445D-46DC-88FF-D829DA324207" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/wpextended/trunk/includes/modules/core_extensions/wpext_snippets/wp-extend-module-listing.php#L216", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3145430%40wpextended%2Ftrunk&old=3134345%40wpextended%2Ftrunk&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/50798706-ad0d-431e-ac5f-57a0606c6f94?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-81xx/CVE-2024-8121.json b/CVE-2024/CVE-2024-81xx/CVE-2024-8121.json index d1256741565..3a78bce0cc1 100644 --- a/CVE-2024/CVE-2024-81xx/CVE-2024-8121.json +++ b/CVE-2024/CVE-2024-81xx/CVE-2024-8121.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8121", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-04T07:15:04.887", - "lastModified": "2024-09-04T13:05:36.067", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:20:59.767", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -18,8 +18,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", @@ -51,18 +71,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpextended:wp_extended:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.0.9", + "matchCriteriaId": "A0AEBA1D-445D-46DC-88FF-D829DA324207" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/wpextended/trunk/includes/modules/core_extensions/wpext_block_user_name_admin/wpext_block_user_name_admin.php#L49", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3145430%40wpextended%2Ftrunk&old=3134345%40wpextended%2Ftrunk&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f3d08ac9-22f7-45f4-9896-05b90f5fce64?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-81xx/CVE-2024-8123.json b/CVE-2024/CVE-2024-81xx/CVE-2024-8123.json index d35ca10a22b..86fde328ed9 100644 --- a/CVE-2024/CVE-2024-81xx/CVE-2024-8123.json +++ b/CVE-2024/CVE-2024-81xx/CVE-2024-8123.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8123", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-04T07:15:05.130", - "lastModified": "2024-09-04T13:05:36.067", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T17:20:28.600", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -51,18 +71,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpextended:wp_extended:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.0.9", + "matchCriteriaId": "A0AEBA1D-445D-46DC-88FF-D829DA324207" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/wpextended/trunk/includes/modules/core_extensions/wpext_duplicator/wpext_duplicator.php#L48", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3145430%40wpextended%2Ftrunk&old=3134345%40wpextended%2Ftrunk&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b1e421fb-4839-4e2d-911f-e2fa8c756744?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-81xx/CVE-2024-8178.json b/CVE-2024/CVE-2024-81xx/CVE-2024-8178.json index 2be46c9aa06..131d27a2cdd 100644 --- a/CVE-2024/CVE-2024-81xx/CVE-2024-8178.json +++ b/CVE-2024/CVE-2024-81xx/CVE-2024-8178.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8178", "sourceIdentifier": "secteam@freebsd.org", "published": "2024-09-05T05:15:13.907", - "lastModified": "2024-09-05T21:21:06.637", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T17:35:20.203", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.0, "impactScore": 6.0 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.3, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.5, + "impactScore": 6.0 } ] }, diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8381.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8381.json index 4b24f603178..aa77ad5de96 100644 --- a/CVE-2024/CVE-2024-83xx/CVE-2024-8381.json +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8381.json @@ -2,13 +2,13 @@ "id": "CVE-2024-8381", "sourceIdentifier": "security@mozilla.org", "published": "2024-09-03T13:15:05.553", - "lastModified": "2024-09-04T15:02:54.417", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T17:15:17.573", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15." + "value": "A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15." }, { "lang": "es", @@ -141,6 +141,14 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2024-43/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2024-44/", + "source": "security@mozilla.org" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8382.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8382.json index 798cd7f789e..c9ad8e4727b 100644 --- a/CVE-2024/CVE-2024-83xx/CVE-2024-8382.json +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8382.json @@ -2,13 +2,13 @@ "id": "CVE-2024-8382", "sourceIdentifier": "security@mozilla.org", "published": "2024-09-03T13:15:05.630", - "lastModified": "2024-09-04T15:10:09.713", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T17:15:17.677", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15." + "value": "Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15." }, { "lang": "es", @@ -111,6 +111,14 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2024-43/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2024-44/", + "source": "security@mozilla.org" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8383.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8383.json index 9944a230cdd..a0968a0ff53 100644 --- a/CVE-2024/CVE-2024-83xx/CVE-2024-8383.json +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8383.json @@ -2,13 +2,13 @@ "id": "CVE-2024-8383", "sourceIdentifier": "security@mozilla.org", "published": "2024-09-03T13:15:05.687", - "lastModified": "2024-09-04T15:09:52.937", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T17:15:17.750", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15." + "value": "Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15." }, { "lang": "es", @@ -111,6 +111,14 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2024-43/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2024-44/", + "source": "security@mozilla.org" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8384.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8384.json index 9c12574169a..aae153b452e 100644 --- a/CVE-2024/CVE-2024-83xx/CVE-2024-8384.json +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8384.json @@ -2,13 +2,13 @@ "id": "CVE-2024-8384", "sourceIdentifier": "security@mozilla.org", "published": "2024-09-03T13:15:05.743", - "lastModified": "2024-09-04T15:50:28.300", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T17:15:17.847", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15." + "value": "The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15." }, { "lang": "es", @@ -141,6 +141,14 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2024-43/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2024-44/", + "source": "security@mozilla.org" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8385.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8385.json index b4dc3af6454..bcf2a9af4a8 100644 --- a/CVE-2024/CVE-2024-83xx/CVE-2024-8385.json +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8385.json @@ -2,13 +2,13 @@ "id": "CVE-2024-8385", "sourceIdentifier": "security@mozilla.org", "published": "2024-09-03T13:15:05.803", - "lastModified": "2024-09-04T15:43:57.797", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T17:15:17.980", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability affects Firefox < 130 and Firefox ESR < 128.2." + "value": "A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2." }, { "lang": "es", @@ -127,6 +127,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2024-43/", + "source": "security@mozilla.org" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8386.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8386.json index c1bcb214dfe..3500876d068 100644 --- a/CVE-2024/CVE-2024-83xx/CVE-2024-8386.json +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8386.json @@ -2,13 +2,13 @@ "id": "CVE-2024-8386", "sourceIdentifier": "security@mozilla.org", "published": "2024-09-03T13:15:05.860", - "lastModified": "2024-09-04T15:44:30.137", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T17:15:18.147", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130 and Firefox ESR < 128.2." + "value": "If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2." }, { "lang": "es", @@ -113,6 +113,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2024-43/", + "source": "security@mozilla.org" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8387.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8387.json index 40edceb6f48..c101ef5c07e 100644 --- a/CVE-2024/CVE-2024-83xx/CVE-2024-8387.json +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8387.json @@ -2,13 +2,13 @@ "id": "CVE-2024-8387", "sourceIdentifier": "security@mozilla.org", "published": "2024-09-03T13:15:05.917", - "lastModified": "2024-09-04T15:44:52.153", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-06T17:15:18.253", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130 and Firefox ESR < 128.2." + "value": "Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2." }, { "lang": "es", @@ -129,6 +129,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2024-43/", + "source": "security@mozilla.org" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8394.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8394.json new file mode 100644 index 00000000000..9799c9dac96 --- /dev/null +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8394.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-8394", + "sourceIdentifier": "security@mozilla.org", + "published": "2024-09-06T17:15:18.360", + "lastModified": "2024-09-06T17:15:18.360", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 128.2." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1895737", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2024-43/", + "source": "security@mozilla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8414.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8414.json index bc27ee9f917..2169fb7d6ff 100644 --- a/CVE-2024/CVE-2024-84xx/CVE-2024-8414.json +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8414.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8414", "sourceIdentifier": "cna@vuldb.com", "published": "2024-09-04T17:15:15.013", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:44:04.583", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -109,6 +129,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,26 +150,60 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:munyweki:insurance_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "826B7388-F683-45AE-908E-A26D1D12CCAD" + } + ] + } + ] + } + ], "references": [ { "url": "https://drive.google.com/file/d/1LMkTt5gbVXnRB9m9o2MdgB1S0fsSAvGL/view", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.276493", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.276493", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.402344", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://www.sourcecodester.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8415.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8415.json index ec10516607c..a37d96ccc64 100644 --- a/CVE-2024/CVE-2024-84xx/CVE-2024-8415.json +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8415.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8415", "sourceIdentifier": "cna@vuldb.com", "published": "2024-09-04T17:15:15.300", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:40:06.120", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,26 +140,61 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oretnom23:food_ordering_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0C23C3FE-AF1E-4806-8E1D-010C47C3F72C" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Niu-zida/cve/blob/main/sql.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.276494", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.276494", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.402345", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://www.sourcecodester.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8416.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8416.json index dfd8d65470f..4b6bd0c7997 100644 --- a/CVE-2024/CVE-2024-84xx/CVE-2024-8416.json +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8416.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8416", "sourceIdentifier": "cna@vuldb.com", "published": "2024-09-04T18:15:05.980", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:38:44.053", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,26 +140,61 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oretnom23:food_ordering_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0C23C3FE-AF1E-4806-8E1D-010C47C3F72C" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/SherlockMA0/cve/blob/main/sql2.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.276495", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.276495", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.402369", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://www.sourcecodester.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8428.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8428.json index 12b43acd1d9..369a8dc2d53 100644 --- a/CVE-2024/CVE-2024-84xx/CVE-2024-8428.json +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8428.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8428", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-06T14:15:13.823", - "lastModified": "2024-09-06T14:15:13.823", - "vulnStatus": "Received", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8460.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8460.json index e41b9ff40d4..92a42b85498 100644 --- a/CVE-2024/CVE-2024-84xx/CVE-2024-8460.json +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8460.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8460", "sourceIdentifier": "cna@vuldb.com", "published": "2024-09-05T12:15:03.010", - "lastModified": "2024-09-05T12:53:21.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-06T16:30:54.027", + "vulnStatus": "Analyzed", "cveTags": [ { "sourceIdentifier": "cna@vuldb.com", @@ -16,6 +16,10 @@ { "lang": "en", "value": "A vulnerability, which was classified as problematic, has been found in D-Link DNS-320 2.02b01. Affected by this issue is some unknown functionality of the file /cgi-bin/widget_api.cgi of the component Web Management Interface. The manipulation of the argument getHD/getSer/getSys leads to information disclosure. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad, que se ha clasificado como problem\u00e1tica, en D-Link DNS-320 2.02b01. Este problema afecta a algunas funciones desconocidas del archivo /cgi-bin/widget_api.cgi del componente Interfaz de gesti\u00f3n web. La manipulaci\u00f3n del argumento getHD/getSer/getSys conduce a la divulgaci\u00f3n de informaci\u00f3n. El ataque puede iniciarse de forma remota. La complejidad de un ataque es bastante alta. Se sabe que la explotaci\u00f3n es dif\u00edcil. El exploit se ha divulgado al p\u00fablico y puede utilizarse. NOTA: Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante. Se contact\u00f3 primeramente con el proveedor y confirm\u00f3 que el producto ha llegado al final de su vida \u00fatil. Deber\u00eda retirarse y reemplazarse." } ], "metrics": { @@ -64,6 +68,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -113,8 +137,18 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -123,30 +157,80 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dns-320_firmware:2.02b01:*:*:*:*:*:*:*", + "matchCriteriaId": "F6E90A65-4000-458D-B401-60C1BA3F88EE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dns-320:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A0F5355E-F68D-49FE-9793-1FD9BD9AF3E1" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/leetsun/IoT-Vuls/tree/main/Dlink-dns320/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.276626", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.276626", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.401297", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://www.dlink.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-85xx/CVE-2024-8509.json b/CVE-2024/CVE-2024-85xx/CVE-2024-8509.json new file mode 100644 index 00000000000..53d4dbca107 --- /dev/null +++ b/CVE-2024/CVE-2024-85xx/CVE-2024-8509.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-8509", + "sourceIdentifier": "secalert@redhat.com", + "published": "2024-09-06T16:15:03.583", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Forklift Controller.\u00a0 There is no verification against the authorization header except to ensure it uses bearer authentication. Without an Authorization header and some form of a Bearer token, a 401 error occurs. The presence of a token value provides a 200 response with the requested information." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-8509", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310406", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-85xx/CVE-2024-8517.json b/CVE-2024/CVE-2024-85xx/CVE-2024-8517.json new file mode 100644 index 00000000000..f895767bc7c --- /dev/null +++ b/CVE-2024/CVE-2024-85xx/CVE-2024-8517.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-8517", + "sourceIdentifier": "disclosure@vulncheck.com", + "published": "2024-09-06T16:15:03.793", + "lastModified": "2024-09-06T16:46:26.830", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SPIP before 4.3.2, 4.2.16, and \n4.1.18 is vulnerable to a command injection issue. A \nremote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "disclosure@vulncheck.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "disclosure@vulncheck.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-646" + } + ] + } + ], + "references": [ + { + "url": "https://blog.spip.net/Mise-a-jour-critique-de-securite-sortie-de-SPIP-4-3-2-SPIP-4-2-16-SPIP-4-1-18.html", + "source": "disclosure@vulncheck.com" + }, + { + "url": "https://thinkloveshare.com/hacking/spip_preauth_rce_2024_part_2_a_big_upload/", + "source": "disclosure@vulncheck.com" + }, + { + "url": "https://vulncheck.com/advisories/spip-upload-rce", + "source": "disclosure@vulncheck.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index d79b756243b..6d16a75ec66 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-09-06T16:00:17.996592+00:00 +2024-09-06T18:00:17.802923+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-09-06T15:57:25.657000+00:00 +2024-09-06T17:35:20.203000+00:00 ``` ### Last Data Feed Release @@ -33,52 +33,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -262067 +262102 ``` ### CVEs added in the last Commit -Recently added CVEs: `8` +Recently added CVEs: `35` -- [CVE-2024-25584](CVE-2024/CVE-2024-255xx/CVE-2024-25584.json) (`2024-09-06T15:15:12.950`) -- [CVE-2024-44837](CVE-2024/CVE-2024-448xx/CVE-2024-44837.json) (`2024-09-06T14:15:12.517`) -- [CVE-2024-6445](CVE-2024/CVE-2024-64xx/CVE-2024-6445.json) (`2024-09-06T14:15:12.683`) -- [CVE-2024-7493](CVE-2024/CVE-2024-74xx/CVE-2024-7493.json) (`2024-09-06T14:15:12.860`) -- [CVE-2024-7599](CVE-2024/CVE-2024-75xx/CVE-2024-7599.json) (`2024-09-06T14:15:13.107`) -- [CVE-2024-7611](CVE-2024/CVE-2024-76xx/CVE-2024-7611.json) (`2024-09-06T14:15:13.330`) -- [CVE-2024-7622](CVE-2024/CVE-2024-76xx/CVE-2024-7622.json) (`2024-09-06T14:15:13.553`) -- [CVE-2024-8428](CVE-2024/CVE-2024-84xx/CVE-2024-8428.json) (`2024-09-06T14:15:13.823`) +- [CVE-2023-51367](CVE-2023/CVE-2023-513xx/CVE-2023-51367.json) (`2024-09-06T17:15:13.300`) +- [CVE-2023-51368](CVE-2023/CVE-2023-513xx/CVE-2023-51368.json) (`2024-09-06T17:15:13.487`) +- [CVE-2024-21897](CVE-2024/CVE-2024-218xx/CVE-2024-21897.json) (`2024-09-06T17:15:13.713`) +- [CVE-2024-21898](CVE-2024/CVE-2024-218xx/CVE-2024-21898.json) (`2024-09-06T17:15:13.920`) +- [CVE-2024-21903](CVE-2024/CVE-2024-219xx/CVE-2024-21903.json) (`2024-09-06T17:15:14.113`) +- [CVE-2024-21904](CVE-2024/CVE-2024-219xx/CVE-2024-21904.json) (`2024-09-06T17:15:14.317`) +- [CVE-2024-21906](CVE-2024/CVE-2024-219xx/CVE-2024-21906.json) (`2024-09-06T17:15:14.513`) +- [CVE-2024-27122](CVE-2024/CVE-2024-271xx/CVE-2024-27122.json) (`2024-09-06T17:15:14.723`) +- [CVE-2024-27125](CVE-2024/CVE-2024-271xx/CVE-2024-27125.json) (`2024-09-06T17:15:14.927`) +- [CVE-2024-27126](CVE-2024/CVE-2024-271xx/CVE-2024-27126.json) (`2024-09-06T17:15:15.130`) +- [CVE-2024-32762](CVE-2024/CVE-2024-327xx/CVE-2024-32762.json) (`2024-09-06T17:15:15.697`) +- [CVE-2024-32763](CVE-2024/CVE-2024-327xx/CVE-2024-32763.json) (`2024-09-06T17:15:15.920`) +- [CVE-2024-32771](CVE-2024/CVE-2024-327xx/CVE-2024-32771.json) (`2024-09-06T17:15:16.077`) +- [CVE-2024-38640](CVE-2024/CVE-2024-386xx/CVE-2024-38640.json) (`2024-09-06T17:15:16.443`) +- [CVE-2024-38641](CVE-2024/CVE-2024-386xx/CVE-2024-38641.json) (`2024-09-06T17:15:16.550`) +- [CVE-2024-38642](CVE-2024/CVE-2024-386xx/CVE-2024-38642.json) (`2024-09-06T17:15:16.677`) +- [CVE-2024-44401](CVE-2024/CVE-2024-444xx/CVE-2024-44401.json) (`2024-09-06T16:15:03.110`) +- [CVE-2024-44402](CVE-2024/CVE-2024-444xx/CVE-2024-44402.json) (`2024-09-06T16:15:03.183`) +- [CVE-2024-44408](CVE-2024/CVE-2024-444xx/CVE-2024-44408.json) (`2024-09-06T16:15:03.243`) +- [CVE-2024-45294](CVE-2024/CVE-2024-452xx/CVE-2024-45294.json) (`2024-09-06T16:15:03.300`) +- [CVE-2024-45295](CVE-2024/CVE-2024-452xx/CVE-2024-45295.json) (`2024-09-06T17:15:17.053`) +- [CVE-2024-45758](CVE-2024/CVE-2024-457xx/CVE-2024-45758.json) (`2024-09-06T16:15:03.517`) +- [CVE-2024-8394](CVE-2024/CVE-2024-83xx/CVE-2024-8394.json) (`2024-09-06T17:15:18.360`) +- [CVE-2024-8509](CVE-2024/CVE-2024-85xx/CVE-2024-8509.json) (`2024-09-06T16:15:03.583`) +- [CVE-2024-8517](CVE-2024/CVE-2024-85xx/CVE-2024-8517.json) (`2024-09-06T16:15:03.793`) ### CVEs modified in the last Commit -Recently modified CVEs: `42` +Recently modified CVEs: `98` -- [CVE-2023-46352](CVE-2023/CVE-2023-463xx/CVE-2023-46352.json) (`2024-09-06T14:35:04.850`) -- [CVE-2023-46404](CVE-2023/CVE-2023-464xx/CVE-2023-46404.json) (`2024-09-06T14:35:05.673`) -- [CVE-2023-46817](CVE-2023/CVE-2023-468xx/CVE-2023-46817.json) (`2024-09-06T14:35:06.507`) -- [CVE-2023-46958](CVE-2023/CVE-2023-469xx/CVE-2023-46958.json) (`2024-09-06T14:35:08.110`) -- [CVE-2023-46980](CVE-2023/CVE-2023-469xx/CVE-2023-46980.json) (`2024-09-06T14:35:08.953`) -- [CVE-2023-47204](CVE-2023/CVE-2023-472xx/CVE-2023-47204.json) (`2024-09-06T14:35:09.823`) -- [CVE-2023-51785](CVE-2023/CVE-2023-517xx/CVE-2023-51785.json) (`2024-09-06T15:35:02.360`) -- [CVE-2023-5528](CVE-2023/CVE-2023-55xx/CVE-2023-5528.json) (`2024-09-06T15:15:12.640`) -- [CVE-2024-27394](CVE-2024/CVE-2024-273xx/CVE-2024-27394.json) (`2024-09-06T14:35:11.027`) -- [CVE-2024-34641](CVE-2024/CVE-2024-346xx/CVE-2024-34641.json) (`2024-09-06T15:27:40.647`) -- [CVE-2024-34656](CVE-2024/CVE-2024-346xx/CVE-2024-34656.json) (`2024-09-06T15:57:25.657`) -- [CVE-2024-38321](CVE-2024/CVE-2024-383xx/CVE-2024-38321.json) (`2024-09-06T14:50:53.583`) -- [CVE-2024-41912](CVE-2024/CVE-2024-419xx/CVE-2024-41912.json) (`2024-09-06T15:13:26.177`) -- [CVE-2024-42257](CVE-2024/CVE-2024-422xx/CVE-2024-42257.json) (`2024-09-06T14:12:22.577`) -- [CVE-2024-43918](CVE-2024/CVE-2024-439xx/CVE-2024-43918.json) (`2024-09-06T15:51:25.957`) -- [CVE-2024-44082](CVE-2024/CVE-2024-440xx/CVE-2024-44082.json) (`2024-09-06T15:15:13.180`) -- [CVE-2024-44739](CVE-2024/CVE-2024-447xx/CVE-2024-44739.json) (`2024-09-06T15:35:02.807`) -- [CVE-2024-45195](CVE-2024/CVE-2024-451xx/CVE-2024-45195.json) (`2024-09-06T15:35:05.483`) -- [CVE-2024-45321](CVE-2024/CVE-2024-453xx/CVE-2024-45321.json) (`2024-09-06T14:35:13.113`) -- [CVE-2024-45446](CVE-2024/CVE-2024-454xx/CVE-2024-45446.json) (`2024-09-06T14:01:37.120`) -- [CVE-2024-45447](CVE-2024/CVE-2024-454xx/CVE-2024-45447.json) (`2024-09-06T14:17:55.720`) -- [CVE-2024-45448](CVE-2024/CVE-2024-454xx/CVE-2024-45448.json) (`2024-09-06T14:24:21.837`) -- [CVE-2024-45449](CVE-2024/CVE-2024-454xx/CVE-2024-45449.json) (`2024-09-06T14:38:08.067`) -- [CVE-2024-8181](CVE-2024/CVE-2024-81xx/CVE-2024-8181.json) (`2024-09-06T15:35:07.267`) -- [CVE-2024-8298](CVE-2024/CVE-2024-82xx/CVE-2024-8298.json) (`2024-09-06T14:53:06.890`) +- [CVE-2024-6892](CVE-2024/CVE-2024-68xx/CVE-2024-6892.json) (`2024-09-06T16:33:34.360`) +- [CVE-2024-7006](CVE-2024/CVE-2024-70xx/CVE-2024-7006.json) (`2024-09-06T17:15:17.387`) +- [CVE-2024-7493](CVE-2024/CVE-2024-74xx/CVE-2024-7493.json) (`2024-09-06T16:46:26.830`) +- [CVE-2024-7599](CVE-2024/CVE-2024-75xx/CVE-2024-7599.json) (`2024-09-06T16:46:26.830`) +- [CVE-2024-7611](CVE-2024/CVE-2024-76xx/CVE-2024-7611.json) (`2024-09-06T16:46:26.830`) +- [CVE-2024-7622](CVE-2024/CVE-2024-76xx/CVE-2024-7622.json) (`2024-09-06T16:46:26.830`) +- [CVE-2024-7693](CVE-2024/CVE-2024-76xx/CVE-2024-7693.json) (`2024-09-06T16:51:35.647`) +- [CVE-2024-7694](CVE-2024/CVE-2024-76xx/CVE-2024-7694.json) (`2024-09-06T17:24:42.573`) +- [CVE-2024-8117](CVE-2024/CVE-2024-81xx/CVE-2024-8117.json) (`2024-09-06T16:04:23.413`) +- [CVE-2024-8119](CVE-2024/CVE-2024-81xx/CVE-2024-8119.json) (`2024-09-06T16:11:02.370`) +- [CVE-2024-8121](CVE-2024/CVE-2024-81xx/CVE-2024-8121.json) (`2024-09-06T16:20:59.767`) +- [CVE-2024-8123](CVE-2024/CVE-2024-81xx/CVE-2024-8123.json) (`2024-09-06T17:20:28.600`) +- [CVE-2024-8178](CVE-2024/CVE-2024-81xx/CVE-2024-8178.json) (`2024-09-06T17:35:20.203`) +- [CVE-2024-8381](CVE-2024/CVE-2024-83xx/CVE-2024-8381.json) (`2024-09-06T17:15:17.573`) +- [CVE-2024-8382](CVE-2024/CVE-2024-83xx/CVE-2024-8382.json) (`2024-09-06T17:15:17.677`) +- [CVE-2024-8383](CVE-2024/CVE-2024-83xx/CVE-2024-8383.json) (`2024-09-06T17:15:17.750`) +- [CVE-2024-8384](CVE-2024/CVE-2024-83xx/CVE-2024-8384.json) (`2024-09-06T17:15:17.847`) +- [CVE-2024-8385](CVE-2024/CVE-2024-83xx/CVE-2024-8385.json) (`2024-09-06T17:15:17.980`) +- [CVE-2024-8386](CVE-2024/CVE-2024-83xx/CVE-2024-8386.json) (`2024-09-06T17:15:18.147`) +- [CVE-2024-8387](CVE-2024/CVE-2024-83xx/CVE-2024-8387.json) (`2024-09-06T17:15:18.253`) +- [CVE-2024-8414](CVE-2024/CVE-2024-84xx/CVE-2024-8414.json) (`2024-09-06T16:44:04.583`) +- [CVE-2024-8415](CVE-2024/CVE-2024-84xx/CVE-2024-8415.json) (`2024-09-06T16:40:06.120`) +- [CVE-2024-8416](CVE-2024/CVE-2024-84xx/CVE-2024-8416.json) (`2024-09-06T16:38:44.053`) +- [CVE-2024-8428](CVE-2024/CVE-2024-84xx/CVE-2024-8428.json) (`2024-09-06T16:46:26.830`) +- [CVE-2024-8460](CVE-2024/CVE-2024-84xx/CVE-2024-8460.json) (`2024-09-06T16:30:54.027`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 4818ce8a41a..9431251547a 100644 --- a/_state.csv +++ b/_state.csv @@ -153867,7 +153867,7 @@ CVE-2020-24194,0,0,5b90090107d29f2f11ff3959af64bb5060c6e7bed49ac494e26c0b24ecefb CVE-2020-24195,0,0,befd0c430e4d1ef7b8a1be08af12bb8b3d414beb9eb254d56854047c04294665,2020-09-15T16:59:25.990000 CVE-2020-24196,0,0,86645ebba61d71fb4d54ae9f027af99a5843de1e042289ac6312e8444a51d9b6,2020-09-02T16:49:40.777000 CVE-2020-24197,0,0,723e3ae6da543830e22e28fe2841d413930a5160a1f609bc252a3f53abb68f35,2020-09-15T15:50:04.857000 -CVE-2020-24198,0,1,15ddfff1da837863ab2bdf8815d9035fea495d2b5bb6f9cf42ee157b0201e21b,2024-09-06T15:15:12.180000 +CVE-2020-24198,0,0,15ddfff1da837863ab2bdf8815d9035fea495d2b5bb6f9cf42ee157b0201e21b,2024-09-06T15:15:12.180000 CVE-2020-24199,0,0,f39282985de3f1cad9fa2006126026f95615216b580c10b1cf47f7ef1f2b756d,2020-09-10T01:58:07.613000 CVE-2020-24200,0,0,48903473c4f64a50e47cde0aab311c57314f4bff29894dee5f9fcbc3511b6517,2023-11-07T03:19:51.410000 CVE-2020-24202,0,0,aca9347d15938f12c32a4656c36fccdbf170812ee017f7739b90841c9cc9796a,2020-08-31T16:06:50.940000 @@ -154337,7 +154337,7 @@ CVE-2020-24913,0,0,e7cc4322e4e552018a9027030e57e1e0c5e1d0e78c1263e54eddd7993641b CVE-2020-24914,0,0,03b58b08021d6e1b841516f2339a6e8f01016f0a889416f9cf7ca471d80b5df2,2021-07-21T11:39:23.747000 CVE-2020-24916,0,0,def4fdcfe97ccf043aa11b2e8023b978c448dd6bbab71e5ac737219593b61974,2022-12-06T21:08:01.340000 CVE-2020-24917,0,0,ec0ce60520eb05835c6b098cd8f2093d6c866d0c6bad9500b001d4a88bc8919c,2020-09-03T18:19:41.233000 -CVE-2020-24918,0,1,1e0bb67e08fa945b90fe2eb589d12262d9187a77aab2d1dff68a8c1c6d54689d,2024-09-06T15:15:12.280000 +CVE-2020-24918,0,0,1e0bb67e08fa945b90fe2eb589d12262d9187a77aab2d1dff68a8c1c6d54689d,2024-09-06T15:15:12.280000 CVE-2020-2492,0,0,4d71359ecf0867fee72611f87f7b96254f2f4c1403d0a5fcb64ef508981e2b31,2020-11-30T17:24:19.097000 CVE-2020-24922,0,0,6b22fbc97fcd8c2e9a4e6abbf3224edf5c6ea30e7ce8a56830914bb3619687a2,2023-08-17T02:04:52.340000 CVE-2020-24924,0,0,c8aafbd48cc46995bc350dddb141565fd756c4e1f1fb69e1490ed1b6dae8cfdb,2020-09-18T20:13:24.157000 @@ -196085,6 +196085,7 @@ CVE-2022-27585,0,0,06bd67868494e48600b1e88772f0d06eeb9e5edbaab726ccfbe26c3e24d06 CVE-2022-27586,0,0,07100889aae941602772df408a285c729afa35da3e646d67a217a253d61f5785,2023-03-31T16:11:07.293000 CVE-2022-27588,0,0,c8c843a51b73d17fc5ad8c84b81a450869de76e594dfd66a4355994a422db1c2,2022-05-13T04:03:37.187000 CVE-2022-2759,0,0,94ec1874b395b7471d795b84e4f7a560900905e9d42ff4804e1aeea35f373c65,2022-09-02T21:53:44.030000 +CVE-2022-27592,1,1,9a58f2808b3544de1b45be0c71990d03f96a1d987fd06d643ccf7aad57adbb99,2024-09-06T17:15:11.173000 CVE-2022-27593,0,0,56fafb9518e5fb764ee2a86c9284349ca9bf7294d7c59fe8cdb5292b04dab2ac,2022-09-13T14:41:36.173000 CVE-2022-27596,0,0,e9bb74716a5676f20e7ebc2e01d61a53693ebfcfe25ec7fd68966aab916e53d0,2023-11-07T03:45:21.480000 CVE-2022-27597,0,0,6633b782cbe58b62e962ad2a4704cecb30b098c5d341786e9d2e705cf87f27da,2023-09-01T17:10:13.670000 @@ -212396,13 +212397,13 @@ CVE-2022-48863,0,0,0b99b60ca586a6da4e957e9e6764f579d04f3de517666b5d23308eb74a032 CVE-2022-48864,0,0,20a93d8c717514ed3619da6525932e50b688bd0d476c290094d596cb506d7b10,2024-07-23T14:44:00.093000 CVE-2022-48865,0,0,131f2466a64b0e56f3543f09aa08c5ba9a2688ed851b0bd16452f38d0b32c199,2024-07-23T14:42:20.300000 CVE-2022-48866,0,0,dd9632abea944a27af10a71970d4f3466ac4d00c77d7597d39b4974e89d54588,2024-07-23T14:36:54.493000 -CVE-2022-48867,0,1,89034f4334adb42c738a2be5473270c0911dc0d920f1ac0b4d28776cb614bd16,2024-09-06T14:15:33.733000 +CVE-2022-48867,0,0,89034f4334adb42c738a2be5473270c0911dc0d920f1ac0b4d28776cb614bd16,2024-09-06T14:15:33.733000 CVE-2022-48868,0,0,71930151dd2da4effce87b0c58f00690726edc337608125881b75d568929e549,2024-09-04T18:38:59.113000 -CVE-2022-48869,0,1,81cd4ff86b96462ecc32eabab5dc68a611a20d50189b0c7defb877a6ec4a6bc6,2024-09-06T14:19:58.030000 -CVE-2022-48870,0,1,052813c05f68cd1137ebb2d6c98a2533be475a75001381ffb2e8d1dcdfd83aa8,2024-09-06T14:20:52.290000 -CVE-2022-48871,0,1,54c92c84f06585b0cd1c34723550764f6703255705ce6e16624f4ee65b310912,2024-09-06T14:23:03.010000 -CVE-2022-48872,0,1,a3443f4aed44991e8ffdbfd238d0e943d43a4860a6c9c651e9a7e87452acbecd,2024-09-06T14:30:06.730000 -CVE-2022-48873,0,1,393b434d14e5250aa2645834684365ee6b2c73719b32b9c93d10b0bc701cbbc4,2024-09-06T14:44:16.677000 +CVE-2022-48869,0,0,81cd4ff86b96462ecc32eabab5dc68a611a20d50189b0c7defb877a6ec4a6bc6,2024-09-06T14:19:58.030000 +CVE-2022-48870,0,0,052813c05f68cd1137ebb2d6c98a2533be475a75001381ffb2e8d1dcdfd83aa8,2024-09-06T14:20:52.290000 +CVE-2022-48871,0,0,54c92c84f06585b0cd1c34723550764f6703255705ce6e16624f4ee65b310912,2024-09-06T14:23:03.010000 +CVE-2022-48872,0,0,a3443f4aed44991e8ffdbfd238d0e943d43a4860a6c9c651e9a7e87452acbecd,2024-09-06T14:30:06.730000 +CVE-2022-48873,0,0,393b434d14e5250aa2645834684365ee6b2c73719b32b9c93d10b0bc701cbbc4,2024-09-06T14:44:16.677000 CVE-2022-48874,0,0,b7c8e23068e04a991fde0d03cbdf1c4f3ccb10a413c897663da1c235e44314de,2024-08-29T02:42:02.070000 CVE-2022-48875,0,0,e2caa42e0dd6ec750fd9e46e92848849f463307e55477fd45d25751b4883f44b,2024-09-04T18:33:03.537000 CVE-2022-48876,0,0,dd7145c2e72a17454bb985d184ad79104309aabd2355fce75e49acbb3b771a5f,2024-08-29T02:41:34.627000 @@ -212415,14 +212416,14 @@ CVE-2022-48881,0,0,b70be3d1ee4e769ba4344a8e2f0e797098bfa307c63cbc3c862df6517648d CVE-2022-48882,0,0,a4cc9ef14b31d7f9d8718b6e7650e6d5e257977ea609b6e0ca6de853f5e46dfd,2024-08-29T02:36:29.837000 CVE-2022-48883,0,0,393ba512ffb574163a9f61b49138c9f5fd99ee611a3c62b415a0eaf8e576afe0,2024-08-21T12:30:33.697000 CVE-2022-48884,0,0,442f30c7bc460d0b750d0d62192aad9e98cf9980141831c7f81e4f22265a3feb,2024-08-21T12:30:33.697000 -CVE-2022-48885,0,1,96a2bdaa99e975d1de06bd449b235bf2aad940ee327e3c25406244d9ddb292ad,2024-09-06T14:46:30.067000 -CVE-2022-48886,0,1,32b6f7b27749a93c357033c3466e2b43f740116b44efe497d8cefb500ee1a0bd,2024-09-06T14:48:20.907000 -CVE-2022-48887,0,1,03b8fd7e085deadf361cc8da2df815cc48acdfd7e0c823a279cecbdf2eb6da9c,2024-09-06T14:55:46.460000 +CVE-2022-48885,0,0,96a2bdaa99e975d1de06bd449b235bf2aad940ee327e3c25406244d9ddb292ad,2024-09-06T14:46:30.067000 +CVE-2022-48886,0,0,32b6f7b27749a93c357033c3466e2b43f740116b44efe497d8cefb500ee1a0bd,2024-09-06T14:48:20.907000 +CVE-2022-48887,0,0,03b8fd7e085deadf361cc8da2df815cc48acdfd7e0c823a279cecbdf2eb6da9c,2024-09-06T14:55:46.460000 CVE-2022-48888,0,0,42d6982698129b610dfcc8d0e9291c31502606f4c6a721867d9f51b6d6879cfd,2024-08-29T02:36:17.273000 -CVE-2022-48889,0,1,26fe6c772af27a72a4dbc4a4042cab4c16d41f4bffb83c7a9c5c75fe7d3e69ec,2024-09-06T15:08:10.060000 +CVE-2022-48889,0,0,26fe6c772af27a72a4dbc4a4042cab4c16d41f4bffb83c7a9c5c75fe7d3e69ec,2024-09-06T15:08:10.060000 CVE-2022-4889,0,0,e28145e6bac3566714c615b828c485e97008b42961c16fdc8c566e13678a4601,2024-05-17T02:17:01.537000 -CVE-2022-48890,0,1,86d632bf5df80684b404ab7b8921bbf892e25d0ec1b61ff33de7d34236ea41bb,2024-09-06T15:11:16.120000 -CVE-2022-48891,0,1,e53cdfff9c40301449889e2be599113f4029581bf8c097ee401be6555cedf27f,2024-09-06T15:39:03.433000 +CVE-2022-48890,0,0,86d632bf5df80684b404ab7b8921bbf892e25d0ec1b61ff33de7d34236ea41bb,2024-09-06T15:11:16.120000 +CVE-2022-48891,0,0,e53cdfff9c40301449889e2be599113f4029581bf8c097ee401be6555cedf27f,2024-09-06T15:39:03.433000 CVE-2022-48892,0,0,e5d1d64acbb59160918aa70cc9f19716880e808c7570261094b023c94b7fa4ef,2024-08-29T02:35:56.343000 CVE-2022-48893,0,0,63e898874aefd1107ff228212c8a194675f7243efe81828dac0b0a89625bb2d3,2024-08-21T12:30:33.697000 CVE-2022-48894,0,0,f64cef72f9d2bc85e042e4ad9d8fef3cc48a4f3edb26d765133492c365bf2387,2024-08-21T12:30:33.697000 @@ -223443,7 +223444,7 @@ CVE-2023-31099,0,0,316dca47a441bcbff49b7c01682f0edc834d3579c34610a0d65d4f7cacad7 CVE-2023-3110,0,0,cb45d3e424e5f4d9ba44917b64a5258a7d77c882331cea6e65d589e098116cad,2023-06-28T15:59:59.863000 CVE-2023-31100,0,0,52728b9e8ab26aa70b0ab55039f170907999be466f5e8b560dabc4fb805a29bd,2024-02-01T02:30:22.687000 CVE-2023-31101,0,0,77f4e544f11b5e739b1479f6e19b6ccd2456975f67b8561aaa2c58229b75968c,2023-05-27T02:26:38.467000 -CVE-2023-31102,0,1,5080e71e8f917eeae0dd70983299a81d3f1547c01aad2307d315c1afe001c7a1,2024-09-06T14:35:01.717000 +CVE-2023-31102,0,0,5080e71e8f917eeae0dd70983299a81d3f1547c01aad2307d315c1afe001c7a1,2024-09-06T14:35:01.717000 CVE-2023-31103,0,0,6ebfd0cb1ac0bdf08f28442094dae38ea2ac9a0d7b487e908849ac1cf56c0fa7,2023-05-27T02:19:27.643000 CVE-2023-3111,0,0,88f6d634aaf66868e24baf1dc9c03254a9f0153d8412ca9a1ccbb2e70bf88d7f,2023-11-07T04:17:55.503000 CVE-2023-31114,0,0,a2299262529dc59f23001a6935a0db69324f1ad31cfb90d0de3beb6d9fb6507e,2023-06-14T13:43:45.193000 @@ -225928,7 +225929,7 @@ CVE-2023-34255,0,0,80be5f9e6f93d1dff56157d1720c5c0d5b302e9fcf81ddd8a1748a4ec5b2a CVE-2023-34256,0,0,06e655546c54f56248a7bbbb0bd9dfe93b8c16a4183434e9ab515b7b0eb05a57,2024-08-02T16:16:11.203000 CVE-2023-34257,0,0,0320d12b069a7394c51c703bc5f9098562946b70a12bfe53ad75f5a07d652796,2024-08-02T16:16:11.363000 CVE-2023-34258,0,0,2e656b6b465dd8addf89d28d27a2f63785e04de044f2ca4973a2e285fba2546b,2023-06-08T17:26:19.893000 -CVE-2023-34259,0,1,710e591d41187a09c0c879c2b28e77b17f59e8df4a70e82104fd10051415f806,2024-09-06T14:35:03.133000 +CVE-2023-34259,0,0,710e591d41187a09c0c879c2b28e77b17f59e8df4a70e82104fd10051415f806,2024-09-06T14:35:03.133000 CVE-2023-3426,0,0,935e9c3168851c6b164d09f4971cdc352a7eb4e1fb48d323d9ca5e3f69c4f253,2023-08-05T03:45:57.627000 CVE-2023-34260,0,0,c253d0086191543f48833b7cd2c6b64feac20efd450b29e43c25d5bd3f3dfe93,2023-11-13T17:38:02.170000 CVE-2023-34261,0,0,1729daad30a7372c87b9ad3bf7407e2b7cbc075d6b545c22578d51675898073f,2024-09-05T15:35:08.697000 @@ -226346,9 +226347,11 @@ CVE-2023-34970,0,0,0cf20f552104745cd280f12f0fd3bfe8bacaaf04a1a90475f6f521b43ad00 CVE-2023-34971,0,0,c3932e8bd56bd77fc7fd5cf0b1fb386979202df6d96186f9d8e41b71600dc57f,2023-08-31T18:00:43.533000 CVE-2023-34972,0,0,70b20675ed2ee4c95151469aeb78a909de2b984fd537a93f645d4b4e4c1b00e3,2023-08-31T18:03:09.587000 CVE-2023-34973,0,0,6f1ad8976d7acb9e188dcf76a592ec21ff839e89b6522974f09eea0afe45a4e2,2023-08-31T12:53:25.140000 +CVE-2023-34974,1,1,5ec6ef2254c694529c54ec249786d4809cd05dcfb5f6746ad2e5801b274b5e69,2024-09-06T17:15:11.440000 CVE-2023-34975,0,0,4aafbc812392a63c850dd48e16a90f8d91b972c393c224c27a84ee73a41b8ef0,2024-03-08T17:15:21.860000 CVE-2023-34976,0,0,0b3b94df7723f0287929ab195b214722cecf51cbb481f91e6d3fef26aa3d4fed,2023-10-18T19:56:09.990000 CVE-2023-34977,0,0,1703b848a5df1bb3394008c0819906a5fa78d63da44b9476eede69386548ece9,2023-10-14T01:49:11.190000 +CVE-2023-34979,1,1,70b1565aa4ec43fab9fa10d0d8c5ff7b316b62f20dd776ffc60e2d8ce974af08,2024-09-06T17:15:11.653000 CVE-2023-34980,0,0,7421b70c66abd07a5d88b0843ee0000c9380414adbb83621b8449b4538a68f8d,2024-03-08T21:19:43.127000 CVE-2023-34981,0,0,a0c1096a64a6474e5577b62a0185b97ce8f132224687c311ad618bd58d87f813,2023-07-21T19:20:13.337000 CVE-2023-34982,0,0,69ddd85a34f25c63fa63f83f2232e3dfa5c88ebfb8548a87e8b550ae4963b78c,2023-12-08T18:53:18.187000 @@ -228888,7 +228891,7 @@ CVE-2023-38388,0,0,a556899abb5ef3e4ce84b0e2b763302b7c2ef10672f09248bcde1fbc02f9c CVE-2023-38389,0,0,69a7c490c70c7f4a973dad71cba428fbcb755afed48ef9a16a4bbdcd9d5dea1a,2024-06-24T19:13:48.847000 CVE-2023-3839,0,0,ff3d80dd0658d20367c6884152eed19cbbddefc5969d266fbe2f54b3232aa2e7,2024-05-17T02:27:52.343000 CVE-2023-38390,0,0,420c5bd352090809654cfedc1f47bd757d1679ba59ed7c2716a890f9c61b1a24,2023-10-04T19:58:33.723000 -CVE-2023-38391,0,0,14d72f023560c638f4bc35c29a9319ab5b0c39484eb972ed5c5a09303f83788f,2023-11-09T20:07:33.613000 +CVE-2023-38391,0,1,b449434fa5ed10e00fe541b52f436af6184b4e42bdebbea36228e68e7435549c,2024-09-06T16:35:00.437000 CVE-2023-38392,0,0,88a2f062cfd189bdbbdf5be8c9f1715a83b94dd910a87849b86f6dedbd838e63,2023-08-09T18:01:11.383000 CVE-2023-38393,0,0,39c71ce8f9c8959d6ffcaadcbcf020c55b3bcaad05097e1ce1aff92721650b93,2024-07-31T20:00:48.130000 CVE-2023-38394,0,0,2078bc0269b2000b9280611961fd69dc831585401808de167fd879dc87b66398,2024-07-31T20:00:32.553000 @@ -229612,7 +229615,9 @@ CVE-2023-39294,0,0,8490128fb72ac603eb09c380014dc5c9e74507cec45a1a672a686d2f29a0c CVE-2023-39295,0,0,cfb5a82039011da96ee4b2f647ff1004d69374396b073dfc26f537e80eb080ba,2023-11-16T17:57:01.447000 CVE-2023-39296,0,0,d2ec6b91dad78c170d91d5c6c2c3863f4db2498df87584b7c243e2866ab2c3fc,2024-01-11T17:09:17.823000 CVE-2023-39297,0,0,4286e66a3fc85dffb0bf2ab3f29bb0e61528784bb09b30507bf508702bcc2a90,2024-02-08T03:51:19.150000 +CVE-2023-39298,1,1,7498f9b3ad29bf15e07b8b8dd2b1a9eeaf7bd73238cb48688736e8f749c3f93f,2024-09-06T17:15:11.860000 CVE-2023-39299,0,0,ed3a79cdf9f92da55d26eba629e88b3987231e3e3c75647573478f1f547565f6,2023-11-14T14:07:58.267000 +CVE-2023-39300,1,1,dd49741ea9f3e5273e3f4a7ef88a2e6ef6c5733a393285d7c4e4cf6cc5d0068e,2024-09-06T17:15:12.070000 CVE-2023-39301,0,0,dc6e14951492020f95c90c8273cb9de69be93c16f1238b0bd06656b85ced5463,2023-11-14T15:29:43.047000 CVE-2023-39302,0,0,563e576c55b23b655a16b30bf6ef18ed5199da3ecc4dfcd0590830de8b5b54d5,2024-02-06T19:54:10.380000 CVE-2023-39303,0,0,6bc9866c62d077bd4443fc92245de27e9bff5a3693a8a8a86261e910d43203f1,2024-02-06T19:57:03.963000 @@ -233648,7 +233653,7 @@ CVE-2023-45017,0,0,65e43eb5c20215dbd8113ce9610636bdf9d663f68632a4e6e9ea172ebce7e CVE-2023-45018,0,0,4b3aa2e7aa53bf1137cdeaf696b6e89c047ec9b2d6e185fc8ed7340212f35ae1,2023-11-08T23:12:44.263000 CVE-2023-45019,0,0,6756673a243c148f6687da7c598825f2cacee4f4acf7e92cd0d342c7394f6dcb,2023-11-08T23:12:33.400000 CVE-2023-4502,0,0,795bfd0690e1416eff545f176193f92114ef18497bc171c578f98c2d3fa302e9,2023-11-07T04:22:40.457000 -CVE-2023-45024,0,1,f2d68990083eaed6e2e393d4f47a7412a386d70e98010fcd59f705eae07e764a,2024-09-06T14:35:03.993000 +CVE-2023-45024,0,0,f2d68990083eaed6e2e393d4f47a7412a386d70e98010fcd59f705eae07e764a,2024-09-06T14:35:03.993000 CVE-2023-45025,0,0,22225a208e6e749be5e365a5cd6088b337e24ebc60fa184bb20debdf2e56d502,2024-02-08T03:50:56.280000 CVE-2023-45026,0,0,ace3e9e7504a230bf0f52db55a017c6a164facec9477c23b480dab35f3cfa63c,2024-02-06T20:04:57.903000 CVE-2023-45027,0,0,dec72d4ea7216f1091be3baa008ddf528eb2aa0aa6fe7400dfe1915525e3c842,2024-02-06T20:19:44.367000 @@ -233657,6 +233662,7 @@ CVE-2023-4503,0,0,9a35d49a48b71f7276fb8172166d6d1aecccabc3aade6184e25e8c96138a6a CVE-2023-45035,0,0,48123901d1326f450c18d3b0ccad106d9e148b3033fe2b672e89055fc85cad07,2024-02-08T03:48:56.403000 CVE-2023-45036,0,0,5b3e2bf8b11caa6b50968173d283a1eec4ca6a58ec51bfb3f0740601e12c6547,2024-02-06T20:18:45.043000 CVE-2023-45037,0,0,d9bef7c23ea9eb8863eec401793407eae857058b6098d8a56b377750f03a7bed,2024-02-06T20:18:34.557000 +CVE-2023-45038,1,1,df0f0c9c67d6ca3e30669ee596960852cffd2ffe872ac1bb6b4ce73fa4e535de,2024-09-06T17:15:12.300000 CVE-2023-45039,0,0,e8930afda8d133bbe65ee717cfe9224bd9cb5c74f33c400953a957a39946a6d1,2024-01-10T16:59:35.883000 CVE-2023-4504,0,0,48b788a38cbf3794838d5825f4a3d5b50fb58219a94aae40cd43de2ab240310f,2023-11-09T20:58:00.163000 CVE-2023-45040,0,0,4264dd7f7c1bfe78bdbabea796f0de0efca1ab106d71d9c726cef2ae7b66f8b6,2024-01-10T16:57:27.477000 @@ -234633,7 +234639,7 @@ CVE-2023-46349,0,0,fa8706ca991001eb68023bbbd50f48c04c1e6773c2aa28b396804205566f7 CVE-2023-4635,0,0,2a1da06dc8a738bf0c0dd49928ef7b27b3967b3b9559f3ca5bbf110ed4883c15,2023-11-07T04:22:48.320000 CVE-2023-46350,0,0,ebcd02500bbe1a318214c2b2ba01ffcc512b6c2abbc3ace41f39f107e3e685ac,2024-02-15T19:28:38.503000 CVE-2023-46351,0,0,0734126f837adf1ad2f4c776d84e59edd8ea1ef20a4f3dcd58b32efefc748414,2024-01-25T20:14:36.637000 -CVE-2023-46352,0,1,c36e4aaa6be42e94fbe892ec2efa133418c229b57ab90e554fa69bb1b0cad042,2024-09-06T14:35:04.850000 +CVE-2023-46352,0,0,c36e4aaa6be42e94fbe892ec2efa133418c229b57ab90e554fa69bb1b0cad042,2024-09-06T14:35:04.850000 CVE-2023-46353,0,0,fd411c6eaa4e91c547796857513980a4c12bd13c784beb220df409a1749f9a21,2023-12-09T04:52:16.587000 CVE-2023-46354,0,0,646d4c6f527aa08230069854fd8f4ca59ccefe3c7118324409117f6f903ba93e,2023-12-09T04:52:09.277000 CVE-2023-46355,0,0,4ee96b2791ee4c5e055da2defa499604a3040d03bdefc4968b32dec7604cd73f,2023-12-01T21:17:19.887000 @@ -234671,7 +234677,7 @@ CVE-2023-46394,0,0,a4de4800ba9072f54d1bc0271928ac028c9cbec6c3baa0f74abcd72cfb575 CVE-2023-46396,0,0,74f481bd37b42e6c5810d0851c91d8d9d55975de01fc2eeba4f5140ada061430,2023-11-02T15:03:59.683000 CVE-2023-4640,0,0,ef517ea28d5508716f101ef0a0cba846372ee2fe78cf6a3f47954c41f51018f6,2023-09-05T15:22:15.190000 CVE-2023-46402,0,0,b1fd8b46799103c9e0b2fb413484e3dcb6319b937b704740b5bc888e6a7e65f7,2023-11-28T18:15:08.910000 -CVE-2023-46404,0,1,1e6a766bbfb5b2e5616335c5b7c891f0a8dbf45897aa6b28c2cd67072296b8e5,2024-09-06T14:35:05.673000 +CVE-2023-46404,0,0,1e6a766bbfb5b2e5616335c5b7c891f0a8dbf45897aa6b28c2cd67072296b8e5,2024-09-06T14:35:05.673000 CVE-2023-46407,0,0,8a56926a3b97b20a2e3d962774aa035f3b6a36c5705fa9e9f85d167876e00393,2024-01-30T20:17:05.310000 CVE-2023-46408,0,0,969e60cfa27859d12bc5027e1c21c739d529469acc8a1688fabf2be4ac44b061,2023-11-01T16:34:49.837000 CVE-2023-46409,0,0,9c51efb60b1edd50700983003f7e7d932e6c553a120828d87024c27ce7705834,2023-11-01T16:34:59.410000 @@ -235002,7 +235008,7 @@ CVE-2023-46813,0,0,54a5b81ea9d5fb0a268b9293a603071610c41491ab8bbea7095535d094697 CVE-2023-46814,0,0,3cecb5f50c237020a17039ffce04adce16d590a4b77f65a0bce23076a5def1ab,2023-11-29T18:54:35.827000 CVE-2023-46815,0,0,73a8d2839a8f681dd5b4deacb0da64bfc7a2eb89a272b7c57e16fb00a27289cd,2023-11-07T20:46:40.287000 CVE-2023-46816,0,0,457f8b7969b679493dd123ee82eb2b848a16353b6b57ef98524a216099740713,2023-11-07T20:47:44.823000 -CVE-2023-46817,0,1,c622a0bab2dc85efdb3e6cac535b776216f5068d508925e89ceecc35669aaa4c,2024-09-06T14:35:06.507000 +CVE-2023-46817,0,0,c622a0bab2dc85efdb3e6cac535b776216f5068d508925e89ceecc35669aaa4c,2024-09-06T14:35:06.507000 CVE-2023-46818,0,0,f234f9e3a48282f81299c3ff6ed7b1a1d071eb6e821f675508ca8b30a7e7e109,2023-12-13T00:15:07.247000 CVE-2023-46819,0,0,b9144c8b43b7e50be02f0a7adb87559b3a81cc8b960f11a9c9b61dc6bebac590,2024-09-04T19:35:08.043000 CVE-2023-4682,0,0,c1c0d3bcf2f406c6bcb06b0a440260f9dabf84e5ad23fa025bbfa655e8c647fb,2023-09-05T16:24:54.687000 @@ -235072,15 +235078,15 @@ CVE-2023-4694,0,0,4af374561d98d7a571388b06aeba9e13942d2790ea5a987ac4c7923a7f5060 CVE-2023-46942,0,0,08c6a8e886f7fae2bf06aacf692a2d0eed974ee4f1370b18828db7f2c8bda870,2024-07-25T18:15:03.177000 CVE-2023-46943,0,0,5e72269c5a836854623c2606edd356b5ca5012a0c878af4c6b559f44b7507ffe,2024-08-30T19:35:03.363000 CVE-2023-46944,0,0,cdecfb8ec33e56621b60ab98b450535b2a63b71d0ae32649b6017af3e94bf349,2023-12-04T19:39:27.447000 -CVE-2023-46947,0,0,69c22ce145401493ee925255d856f76068fc4e105d8df29e207613a75508c727,2023-11-13T18:50:17.157000 +CVE-2023-46947,0,1,02f4ab8fd983a8ec568f29c208d0508bdcd494c298f6d5cc456d9681b6a16bb1,2024-09-06T16:35:01.237000 CVE-2023-4695,0,0,4336782c8ea05850b9eeaa8589b146f9074b1ac72d74510c5d547425385f33fc,2023-09-07T19:10:59.810000 CVE-2023-46950,0,0,bb37bdee2d537a3890f65f9adf5263b8532fbc8731ec9c20145eca143a90b86e,2024-08-21T15:35:01.203000 CVE-2023-46951,0,0,109e2cbefa7e947d662ef6c944162b97936120093db19f170230b0541b6882f1,2024-08-01T13:45:03.913000 CVE-2023-46952,0,0,4bcf3948e8ecb1744ce911545c8fe6c861e6c40af1d5cc477719602d32e4f796,2024-01-23T21:44:21.433000 CVE-2023-46953,0,0,a872c64c0c4c630030a60d7892d6bcb58eb0d3a3b33b50c7787cc33ab267e7ac,2024-01-11T17:06:37.437000 -CVE-2023-46954,0,0,4555002c4c62abc01ac36bee743cac877d3c7eea57b71b3900e5569dd91ed77c,2023-11-09T21:38:55.393000 +CVE-2023-46954,0,1,027d3e8eb2a616e66ceedcb4a181a859da01b616cab639574d99af94762dbf8e,2024-09-06T17:35:01.953000 CVE-2023-46956,0,0,31cbd0a04e29ac22bd9f823d3179040618ffc4e9e1a4e90764004517af632bb2,2023-12-06T18:39:39.687000 -CVE-2023-46958,0,1,598349dfda94719665577de5fe0aa92d56da1b66528cb3b507f9540b0549c2e6,2024-09-06T14:35:08.110000 +CVE-2023-46958,0,0,598349dfda94719665577de5fe0aa92d56da1b66528cb3b507f9540b0549c2e6,2024-09-06T14:35:08.110000 CVE-2023-4696,0,0,c17d353a65b5fe55231e71fd5dd8d9e90c20a1609f561de61d8d7b05e4fee642,2023-09-01T13:06:59.890000 CVE-2023-46960,0,0,60db2322c4a9b765f494d0ebafcd8efdc2e2d2d8adcbfbca9f64c33ec63e600d,2024-08-01T13:45:04.950000 CVE-2023-46963,0,0,35077921eccf07ef2dd7ed76ca66b1edda65dcfed35fff2218ba7101c90c7075,2023-11-14T17:37:06.293000 @@ -235093,7 +235099,7 @@ CVE-2023-46977,0,0,718dedcf7e8d60c50f7c513c762fe46ed89e1b2889465f858307796b59884 CVE-2023-46978,0,0,5f5770b9875ebf3fd6d8857acc9e9b125d758788e26c96e3b1b178fd0c24a635,2023-11-08T02:58:11.953000 CVE-2023-46979,0,0,eae1994492758c7970bddfa5af4bb3178bdebcc096f9f0f555ab9653a8becdcc,2023-11-08T02:56:22.127000 CVE-2023-4698,0,0,f67219d933e95e412da2b616588dd9f7b8818435fbd1498ccb40e5f4049ed99a,2023-09-01T13:07:30.360000 -CVE-2023-46980,0,1,cc67874b097e0fe762ff091e7672831ece4fc0faa50aca2caad3a6a3a1cb63e5,2024-09-06T14:35:08.953000 +CVE-2023-46980,0,0,cc67874b097e0fe762ff091e7672831ece4fc0faa50aca2caad3a6a3a1cb63e5,2024-09-06T14:35:08.953000 CVE-2023-46981,0,0,865ec0b7ef3df7198714d9479b263e54d44d5181af5d1cf0172c63bfd8768173,2023-11-13T19:37:07.107000 CVE-2023-46987,0,0,374b064ecd125c9b3c77e3133bffffe989aa2b01517a094fbc764346da32f40e,2024-01-05T17:03:26.977000 CVE-2023-46989,0,0,fd52fc2c8815b71d6a3aa76a5b70a3b0954c93b4887d037a1f94f52ffb7b26c9,2024-01-04T17:14:27.397000 @@ -235269,7 +235275,7 @@ CVE-2023-4720,0,0,46591defb0eac08427334746c7818447cf582c5424371a76c1075c34de9c7b CVE-2023-47200,0,0,025c71894267700a5e7056344c512f44bc82a3ded295dbf8eeddf8b55a5f0af2,2024-01-30T17:24:40.857000 CVE-2023-47201,0,0,010269aeda58fc1e6a818783c5fc20cf915d7f9eb250e73afd49bb3845663cd5,2024-08-29T20:35:26.107000 CVE-2023-47202,0,0,cd0a9ef7969c2c659da6bda7e00d321e0d90cfae7491531717def749ce6d1fb2,2024-01-29T19:57:32.707000 -CVE-2023-47204,0,1,5056a1187ced6a17077a06f6a567308da8d7f19e695c5a1ded59952e9bfba957,2024-09-06T14:35:09.823000 +CVE-2023-47204,0,0,5056a1187ced6a17077a06f6a567308da8d7f19e695c5a1ded59952e9bfba957,2024-09-06T14:35:09.823000 CVE-2023-47207,0,0,0cbc0cd1878f3c8c27d3c0cfe52bfac26630ea0fde092dbaaacacf727f3ed4e9,2023-12-06T18:48:48.427000 CVE-2023-47209,0,0,8c71bbf11f39ea38c0f1ca1872233ee269a7df5592660f74d12bf31cfdf93912,2024-02-09T02:10:45.003000 CVE-2023-4721,0,0,5bed59ffe75b8be3189e2ebb35f3a3a5791725bfc9ef99b944f3d40b2e758745,2023-09-06T00:15:28.960000 @@ -235493,6 +235499,7 @@ CVE-2023-4756,0,0,60c65032e5b93776fef6f38ba2fedf37023289c4f2a24ceb78bc3b2f406a9e CVE-2023-47560,0,0,5ac28e7e9a66106b736371a34b3097e66ad1cda34200867e184b83d8e20d363c,2024-01-11T14:07:09.593000 CVE-2023-47561,0,0,8c6823c8294618b7f2c78f304596bd27d313bc780b9a248a6002fe2f9ebd6d0f,2024-02-07T17:51:35.570000 CVE-2023-47562,0,0,eed5fa12d7eedb3933e2c8a9aa4171d8041e9fcfcc221d3d86745eee17563b9c,2024-02-07T17:50:38.510000 +CVE-2023-47563,1,1,2a518fa63ab28401f9f1f7cf824a2c137d742931dfabfa061718857ec0b68b2b,2024-09-06T17:15:12.513000 CVE-2023-47564,0,0,34d735757dd301c9641e82718c2dd925495c3b8fb8af8ff042788502c1634ad5,2024-02-09T19:33:26.900000 CVE-2023-47565,0,0,282333723d94196bbefe55ff568702e2610a6820a9456aa9fe6ac73919207aea,2023-12-22T02:00:01.337000 CVE-2023-47566,0,0,26a4a10ebe40b2b5bf6badce33dd8f30d8b09a56a91b1061398ee28499d68a36,2024-02-06T20:18:26.263000 @@ -237496,10 +237503,12 @@ CVE-2023-50357,0,0,c49fba6a6b8ae43153115bdc180d0a50fda6badb9bd287f826717a708c649 CVE-2023-50358,0,0,affeae249fec946895d3bef4063e720c758024b3343a9b8cb10accf20047afe3,2024-02-15T06:15:45.960000 CVE-2023-50359,0,0,017df15c1e36b7a4da9c2a548d3a19bcce6cc2270ecdf18aa860e29b8b47570d,2024-02-06T20:18:14.547000 CVE-2023-5036,0,0,142ff7c8f9f78ca5371b9c6802e1971802347d9f04e927ee76b2acbd83ef8ec5,2023-09-19T13:18:54.193000 +CVE-2023-50360,1,1,fa09b809cd006e44c734c90e802d9786a0f359ed47fac9e4a9d105242cac95ee,2024-09-06T17:15:12.710000 CVE-2023-50361,0,0,0d75a0b067ca545dea6884d42866a4f3b43a1c9e144df756fe87a374d8d828a3,2024-04-26T15:32:22.523000 CVE-2023-50362,0,0,61284198a77bea4f5698e9b79c52301b02bc9fcebdee9d0f17ee1e00046a1693,2024-04-26T15:32:22.523000 CVE-2023-50363,0,0,ea196417d788c028f5ae4d39012e3d939c60bdca742ae5387a1a5c0f0dda19a9,2024-04-26T15:32:22.523000 CVE-2023-50364,0,0,5ebcba5ff099f592bcecf06f3c0a2102e8ea15aa4f1dfe8f5c83889ed420a991,2024-05-09T01:15:06.410000 +CVE-2023-50366,1,1,8d5469045d9481714cd1e7c2b2b2520ce798557bfbad7c4349ec45c50aa9eeb7,2024-09-06T17:15:12.907000 CVE-2023-50368,0,0,2502892e31a2cfe7ba5757a614e9ccb5d13bb3d37b1e5e5f9c83f964a8c8bdcc,2023-12-18T18:51:37.847000 CVE-2023-50369,0,0,1f644665bd6d98350f1e0b5e8d76855bad90129b7e0344cb76ccff00233f3168,2023-12-18T18:57:46.290000 CVE-2023-5037,0,0,b61f9e5293a245d0731630bde8c8e331452dbd9240703e4e53835fd60155124e,2024-07-02T17:47:47.367000 @@ -237989,6 +237998,9 @@ CVE-2023-51361,0,0,ba54ccebbed10dc03d1df5016391e1e4912facf1264383768104a7e94a698 CVE-2023-51363,0,0,c603f2d1ac67a022ac5d7a06ed6265eb7080a88729cf3e6dc9c173f519db3812,2024-02-20T18:52:19.997000 CVE-2023-51364,0,0,66f24a5548b6e0407e1db99b943e553d1f8b2fb0236c73b021ff05abfe96f73b,2024-04-26T15:32:22.523000 CVE-2023-51365,0,0,75dfb749a4fff9e57c582f17613cedf12c189e3833be6d95923c080346b9fe67,2024-04-26T15:32:22.523000 +CVE-2023-51366,1,1,9b95584d4c7bd8ef840cd0578fd69eacbf19dc92e01219d848e986e324231d06,2024-09-06T17:15:13.107000 +CVE-2023-51367,1,1,9964b06e9d17b1e95879b20b32f7bbe7aa63c4b50bccf2f5c83a573ba379fc1d,2024-09-06T17:15:13.300000 +CVE-2023-51368,1,1,8eb7eddfc202e8e8a6b1d44ae381cb670eba5f27cd509b01db2aad75e835d5cb,2024-09-06T17:15:13.487000 CVE-2023-51369,0,0,8f265df3d4e40621d656fb0071a5c62084dc6119e0f3ed735a9b7c50f66b4c96,2024-03-15T16:26:49.320000 CVE-2023-5137,0,0,f4d50157363ee87d922395d6d0725c0ab84d476da7eb0900b229c1c7873d5b05,2023-12-07T20:19:29.557000 CVE-2023-51370,0,0,d88ef02ccef5b281de9bdc5f8bc54d789db591cc67bea89f80ef0446d5745352,2024-02-12T14:20:03.287000 @@ -238404,7 +238416,7 @@ CVE-2023-51780,0,0,7d213db1d3b1f7169b1ee960fe76bc900ec825971d3159c6587e7ccc180c3 CVE-2023-51781,0,0,be5054a4d6b1496efeb300d0972eaa9aed760c8f3595ab6d8f076735cf23d2df,2024-01-18T19:58:50.630000 CVE-2023-51782,0,0,226d3cdca2a1281d03aacf683fa229f2432a76022577875d6f89499a1a72964d,2024-01-18T19:31:37.630000 CVE-2023-51784,0,0,7d601840dd52665386e56042b61153e0dd9d156e79737ee0b7e9f683c831f447,2024-01-09T19:19:59.413000 -CVE-2023-51785,0,1,a5a445bd201beb0ef44e66fc50da12391cbc8ef78a9e16c735ecec117160c9c5,2024-09-06T15:35:02.360000 +CVE-2023-51785,0,0,a5a445bd201beb0ef44e66fc50da12391cbc8ef78a9e16c735ecec117160c9c5,2024-09-06T15:35:02.360000 CVE-2023-51786,0,0,ff2ae0afd5896bfcccd08328ace3cce896bcb8fbd8728c747c3e38d3deae4327,2024-08-27T21:35:04.790000 CVE-2023-51787,0,0,32045d14c29a8e094b6fc542eae69fe0fa1d19c1ca4a4442151912591cfe915f,2024-08-01T13:45:32.003000 CVE-2023-5179,0,0,ad8ed58fdb4084553e041d0d1d973d60d06712443de8134346a8a8ead34c4da1,2023-11-14T21:29:41.243000 @@ -238520,7 +238532,7 @@ CVE-2023-5204,0,0,8ca655249825d178ece09fc5352ceb26e87055104512991305d7a295d26b5f CVE-2023-52040,0,0,762939d11515580f100465151a16fe161b0f305136b11d8c988a24ca3b912b57,2024-08-01T13:45:33.877000 CVE-2023-52041,0,0,d822171150327a12062651891084a07154ed2e15efb3b51e285b66f24f49d7e8,2024-01-19T20:39:37.587000 CVE-2023-52042,0,0,d63c4bc544afb86a58bb15680099cbb76d2fb1c561f2e9993a893dae4d480107,2024-08-30T19:35:04.953000 -CVE-2023-52043,0,0,7eaf060af774c8e1f4c03b48ff5bc234f4b5ce940181e844fdb57d43a56d9b09,2024-04-04T12:48:41.700000 +CVE-2023-52043,0,1,2598b3da2f921eccbd3a41321ff24953e0fd67e0dc8e0987c81c7b871cbfaaa7,2024-09-06T17:35:03.427000 CVE-2023-52046,0,0,9b8f5c0f61db55c891d556798c9c9da378945fb25af6cd3feea31d7ec4cb7ccf,2024-02-13T16:05:49.580000 CVE-2023-52047,0,0,0a58a1c6d75330480a1c8c9c493c63f296c64ed482e86c7d753ecc6c013c567f,2024-08-13T20:35:05.050000 CVE-2023-52048,0,0,e51406b0a7e0f54ab5f0d8fcca043edf25903f6ec066c183786088e2dc13a5e3,2024-02-29T13:49:47.277000 @@ -239571,7 +239583,7 @@ CVE-2023-5523,0,0,bdd48092e4d5ab76434220a199e56d98fa47c395fbcc23ebc7c69d7e127f5d CVE-2023-5524,0,0,5169d7d8052a7012dbff7cd323a414cd5852b5c7221b30db93dc2bf8e43af6f6,2024-08-28T09:15:09.707000 CVE-2023-5525,0,0,543ec82aa94363be260145436c9c180cacc4af427707ae230febd3148ae15c39,2023-11-30T20:15:18.223000 CVE-2023-5527,0,0,1e958c164e488718f37dd43daa67a175a10841217dba121ce89025ac9ba89004,2024-07-05T14:11:01.873000 -CVE-2023-5528,0,1,d1db7bd851cb1f2811816c0e6d89bc69ee1d3bf5f3cb446769f932c51fef40f9,2024-09-06T15:15:12.640000 +CVE-2023-5528,0,0,d1db7bd851cb1f2811816c0e6d89bc69ee1d3bf5f3cb446769f932c51fef40f9,2024-09-06T15:15:12.640000 CVE-2023-5530,0,0,c3e6a7cea79bf4cfc7586400dcaf9455390e41ce881f41dcf28765de1970c973,2023-11-14T15:31:50.170000 CVE-2023-5531,0,0,9076d00a4817e2fe00125f34f0d658f0ea9c411a20b192f3479cd194c21f8dc0,2023-11-07T04:24:07.297000 CVE-2023-5532,0,0,f74dbaab5b090b0e034d237c85162d6bdfa882ba3950ea1c5ed23a1cc57994d9,2023-11-14T18:17:45.437000 @@ -241114,7 +241126,7 @@ CVE-2023-7259,0,0,4927c73cd38943cc915f51b0766c09a76100affe33b1049612344f19331c1f CVE-2023-7260,0,0,a283d80bfb35f6dd126dbb811c8254dc2cb2d619c2a0fdb098a89d48e2a7bedf,2024-08-23T16:18:28.547000 CVE-2023-7261,0,0,44080cc2bc0d6a25d80bc7855327b03309b2d9def17d97f1c55e50122c67ac97,2024-07-03T01:44:30.563000 CVE-2023-7264,0,0,51dd8b83703649c91504628a1d95022ef41c77d28d8363a527e775cafaba1511,2024-06-11T13:54:12.057000 -CVE-2023-7265,0,0,f2f550eec8eb52e2d7c6d4751c88c82f6bbba78e56c41a54eac7449c27df676c,2024-08-08T13:04:18.753000 +CVE-2023-7265,0,1,fb43e2fc7ead32f16ab1a40e592be4835649042e83490e66c86a7fe9f44ca4b0,2024-09-06T16:38:04.533000 CVE-2023-7268,0,0,cddf00fb75fb363308068c92d4a58df3d516324074a1a2ced29fd3b08d0ccedc,2024-08-01T13:45:52.747000 CVE-2023-7269,0,0,110b6fee8b2eb3cb456f239293a3205ab38d8cdb9856a830f8977329472aa48f,2024-08-01T13:45:52.937000 CVE-2023-7270,0,0,c4a95bbd7a0e223852dd2f2d2c06a04667d14324aaf73c1dbbc09c6df6d4237c,2024-08-01T13:45:53.123000 @@ -242693,7 +242705,7 @@ CVE-2024-1740,0,0,974b4647e97273950b6a297affa420d08f59acef309aa37814c6598a456898 CVE-2024-1741,0,0,9b90ffeb3b03d37716707b75f2cc4dbd5a37dfb34e59e240c9be2fa85842dcc2,2024-04-15T18:15:09.937000 CVE-2024-1742,0,0,ef8e2131c95185fddee2b27fa43b85956207ef471d56b7605b9d2e6a1c53a4d4,2024-03-22T12:45:36.130000 CVE-2024-1743,0,0,483e7e67b70ea440915c26337d00527748cea35503b453ed4beec805a523f208,2024-07-03T01:45:31.390000 -CVE-2024-1744,0,0,46a92b6e23a003fa03614f282fe8f61945617d9a5cfebce37256108fa317faa9,2024-09-06T13:15:03.467000 +CVE-2024-1744,0,1,c6532bf3533469994f6d640349977d69c47a7501435377aebea228bd604083d2,2024-09-06T16:46:47.907000 CVE-2024-1745,0,0,1e43ec903cdd08626f0d20b4612f3ce6507e55e2bd5bb05034398a450502f6f7,2024-08-05T19:35:01.720000 CVE-2024-1746,0,0,8022383f443dbbb627f1c414153375fa50b320afeba598d9c8de3dc5c8a81f57,2024-04-15T13:15:31.997000 CVE-2024-1747,0,0,62057f23570bb0721b1db5127075f49bb03ce7c371cab177ae217aa948df9df2,2024-08-01T15:35:05.150000 @@ -243191,7 +243203,7 @@ CVE-2024-20478,0,0,2552b4b9bbc0a5cff57b3b8f7e9d97910094a88aceb9d33bb06e1a51f9db4 CVE-2024-20479,0,0,ced5b461eb6ab05478119ddf8b399bbc19a6ff248adc19d6fde8eab586c6db76,2024-08-23T15:14:45.913000 CVE-2024-2048,0,0,3fe9d949673d5eedf190595df45c4c7d30c6a66a4722ea0631f740f815dd3cc0,2024-06-10T17:16:25.067000 CVE-2024-20486,0,0,1ec7a6c2a991b67e11827b3b316fed30b5b5340988b303f9088e0f10e2e894f9,2024-08-22T12:48:02.790000 -CVE-2024-20488,0,0,5e03b3c0947210c585c771df848af06c1b2af4239c20e96c284c2af200a13f32,2024-08-22T12:48:02.790000 +CVE-2024-20488,0,1,b3c319abc05ee7d52fc498f08ba4c2d91fe7b6f1527a7957b5c4a113170ee559,2024-09-06T17:18:11.813000 CVE-2024-2049,0,0,398a9eaf0287296877598afba029844504bbde28a3270479d8cbbb594cc11b40,2024-03-12T16:02:33.900000 CVE-2024-20497,0,0,422eb4ecec5d7dd92ef5d49505af3bc2f0e220b53f5fa76471b6dd3d460b94cb,2024-09-05T12:53:21.110000 CVE-2024-2050,0,0,309a92deb7dc6d1c9b389273f8521ce493fa3e8c536f740883081c4cdf858e77,2024-03-18T19:40:00.173000 @@ -244279,11 +244291,16 @@ CVE-2024-21892,0,0,b66f3720c2f8a6ca915b3a29134f8ea92c61757569ab02f4e0972950cde5a CVE-2024-21893,0,0,5d8ce33d1c55fcf2beea2facee684393ccb80962bcd0328324d1b1c6e19de8a2,2024-08-14T19:51:42.643000 CVE-2024-21894,0,0,99d4be035674fd6f5aa2e0bb3c54ccc20c81ba516b5e4a7075a4f68df66ede3d,2024-07-03T01:46:56.430000 CVE-2024-21896,0,0,e5ee458c4fdcb804ce384ce01bebd179e3ae066792496cc0c6eb52547c53fb06,2024-08-27T16:35:07.720000 +CVE-2024-21897,1,1,ac9773a8ed5ad820e4dd768e35fe2e8b89aa6c07f7e198ac484439ca3498e46f,2024-09-06T17:15:13.713000 +CVE-2024-21898,1,1,7dac4beb29f40755dd0b31eabf51558fd81896cd18471c06f1f8373185db8a1b,2024-09-06T17:15:13.920000 CVE-2024-21899,0,0,ea2bec435e523de6db6aefd008c9f2a8d3114c121ab32f7f7c7d657ac45c9cc0,2024-03-13T14:25:02.043000 CVE-2024-21900,0,0,4a0954c4dc8c82825eb9602fc119b1b6a8fa3cc787c21459fb57ecdb0f42c7e0,2024-03-13T14:24:02.157000 CVE-2024-21901,0,0,2e3365239da0866c80c17edf651e9957c764643b06c562ba356a811a2c94a337,2024-03-13T14:23:12.393000 CVE-2024-21902,0,0,3cad8f4d0a1fdfcaa033094049c56569c91e9a2df4c45b397e5f407e73106aea,2024-05-21T16:53:56.550000 +CVE-2024-21903,1,1,e4a2db8ced59107488abee9c9967d677dfea029bbae5d0e39f9609b849a4e2ea,2024-09-06T17:15:14.113000 +CVE-2024-21904,1,1,b946e6c0cfe31eddec6378170331bf8df9c7f3042888cf68cb2fb8e360d1c785,2024-09-06T17:15:14.317000 CVE-2024-21905,0,0,42f4c99afc15a6e391f56804659fa665f7173363cc94d3e1c6d36a6169d77bbc,2024-04-26T15:32:22.523000 +CVE-2024-21906,1,1,4314052a6b2d78c56c9a08f2081efc323563766e9ce0463ed8f11e87b90bf92b,2024-09-06T17:15:14.513000 CVE-2024-21907,0,0,03287e73a7ebd39fc76c844dd98ba2ea0ee6ca991a1516f5e4ee0f292e3e1cd4,2024-01-17T15:24:07.360000 CVE-2024-21908,0,0,efb1602b68ca3edbd02814fb4baf13f8379032dd9c42ee01d4051ea756802e70,2024-01-08T19:46:41.157000 CVE-2024-21909,0,0,a00293ee6f1906373e260a62411fe26c925f44a1d8a31f7f97fc61cbe46df7e2,2024-02-08T02:15:40.883000 @@ -246635,7 +246652,7 @@ CVE-2024-25580,0,0,d25d9f73e9fc463223909f23338d50734f85395c9d208e28fc6abf197ca8c CVE-2024-25581,0,0,7b661193358cc282ffdeeb44cff665ab8564f25632f9671f041e9f50015c108f,2024-06-10T18:15:27.650000 CVE-2024-25582,0,0,62d9159e0b1a2860275799366d4e29ceadc17aa10726dd8de14b9c6e306d70ce,2024-08-19T12:59:59.177000 CVE-2024-25583,0,0,6e3f5afaa55d00544b0a17a1114934680c9d4fc2071988d62cf80e5688bf7955,2024-05-01T17:15:29.917000 -CVE-2024-25584,1,1,89b20e5dcd3d8c4c3ce9109e9e1254d69764a5640f158a1eab12a09150002c22,2024-09-06T15:15:12.950000 +CVE-2024-25584,0,1,24c72cb01b0af9d4708f6fd53d8dd17ae76d9c8dab05637de6a4947826f979ae,2024-09-06T16:46:26.830000 CVE-2024-2559,0,0,642c1f03947aacfb3c18bcf4d539f5f80f1fa8009f630aa1b6518220561e974a,2024-05-17T02:38:19.053000 CVE-2024-25591,0,0,e315c0ed01e598ec7e003ff81cc81e0d8a90e92647ce95f4238660e2e3cb63e0,2024-03-17T22:38:29.433000 CVE-2024-25592,0,0,13e401ed83dddc5e0ca4a766450281e95f13649cc9bdbd70b9d6ebf050e92c48,2024-03-15T16:26:49.320000 @@ -246781,7 +246798,7 @@ CVE-2024-2580,0,0,f1dd66fbf84d74580d929f75d3e5a752178d849505161b5daa24286248a8e9 CVE-2024-25801,0,0,28a9d6eacf99d1abdd83a784126e6c3bc5997f43f3087477c08ded27d7a7a5ff,2024-02-22T19:07:27.197000 CVE-2024-25802,0,0,eb6011ed10c2b0a50a53fb86b470b39611323f781e2f2158cb49a6af1de42730,2024-02-22T19:07:27.197000 CVE-2024-25807,0,0,842f9a5e9e10408e46e0a439e695cbb579bc0c4b444593c08bc5ab70315f1236,2024-08-01T21:35:13.397000 -CVE-2024-25808,0,0,56823cb1538bf83b266e824a90333c1b7a15dc68defca54aafe7f2be4923b4ee,2024-03-22T12:45:36.130000 +CVE-2024-25808,0,1,c8b3842916e7c06900b08f9fd62594e0f61e1918f91fddba1f15f9656576b1c8,2024-09-06T17:35:05.610000 CVE-2024-2581,0,0,41246128334c0147c39b69b67a7b8a68f9df4e44ae695bfb23a0c0e11cadb9ca,2024-05-17T02:38:20.983000 CVE-2024-25811,0,0,19975e07ecf1fabf59b175c7c29029eca5183606ae6164f55f4361c17d565764,2024-08-04T12:35:05.137000 CVE-2024-25817,0,0,594e7944f467d2705810e71e76846a873167e65fb8715f24384d52ab7508e60a,2024-08-08T21:35:05.550000 @@ -247318,7 +247335,7 @@ CVE-2024-26517,0,0,26d33e1785f323f6a59cabe443b6ac20ef93d37ea417fa08778ea549f2006 CVE-2024-26520,0,0,86e0582816b93edd4eb3d1c9ff436171e7839b198d50b34d2ff44523de982520,2024-08-01T15:35:07.080000 CVE-2024-26521,0,0,ff2a5c02f9a6415a5b63e6732629254f75c56e7bdeff107f4eb34b7b12623384,2024-08-27T21:35:14.300000 CVE-2024-26529,0,0,a99f8b82dd93bb8e095cf66957c2511d719283fb972a26f9f23d0d1aca2bb1bf,2024-08-28T19:35:10.463000 -CVE-2024-2653,0,0,b3409d37c73c6e84286baa910f6042b0e4464dede287f82c98b61b036f897600,2024-05-01T18:15:19.257000 +CVE-2024-2653,0,1,0fa2a7ab044cd5c87bbae5e65f9e9c648e6de5784bc6bdca74d95c19e7108087,2024-09-06T17:35:08.337000 CVE-2024-2654,0,0,44518084de18b3ca2eeba7166bf4da9d0a7d05a78603be70a4c69d74aa776745,2024-04-10T13:23:38.787000 CVE-2024-26540,0,0,261971c75fd99d69bc373d27d0b3c0e0616255d37283f552b45502ec0054fabe,2024-08-27T18:35:05.790000 CVE-2024-26542,0,0,0552587f0d89665ed80dc12bb31e4bf79576fc07cfb6b7e3f69abcad15ec010e,2024-08-15T21:35:10.243000 @@ -247918,7 +247935,10 @@ CVE-2024-27110,0,0,cbd5f20a9295447075c0d9ddae39d8a0518f51482cf9653676931acac4a2a CVE-2024-2712,0,0,12d5f119117cab5321059a19687d0b6e7d22fe860cd65815723e1f9810583e44,2024-06-27T19:15:13.167000 CVE-2024-27120,0,0,4abe17d3c70fcebeaed9cfc849b5af8035eacfb7b2d62a88500c7d222ad02f14,2024-08-20T19:08:54.490000 CVE-2024-27121,0,0,39e3c543f4cb1f4387938b375f2e3c2bc314311eef182b0a4559027c027334eb,2024-08-16T20:35:07.017000 +CVE-2024-27122,1,1,394975c01402e3afc26dbcbf322e6ee5a66f662127ce0b6581dbc71d6cc3b4b7,2024-09-06T17:15:14.723000 CVE-2024-27124,0,0,26db67db3453e1dd267c91698f9b1417c8d160e52aa7cf62e0f7bdbf1310db55,2024-07-03T01:50:21.947000 +CVE-2024-27125,1,1,26d96cb6400c4e38a61bc21ccf92917804f9796d6459d6689982b169c2647a74,2024-09-06T17:15:14.927000 +CVE-2024-27126,1,1,6e8d9e5bfcfa2f99ac1bb245bbc2416df7bcd6ddf2c8aab9720938f7f83564fb,2024-09-06T17:15:15.130000 CVE-2024-27127,0,0,9db4e520391111d0d952131fd607fdbcf8e683f9c38cfdc16ee36395b41e60cb,2024-05-21T16:53:56.550000 CVE-2024-27128,0,0,2021a2a14b0f826780d5560b8b9bb99a4711ec9151c05d68f7390b6c63abaedd,2024-05-21T16:53:56.550000 CVE-2024-27129,0,0,c838bb2b385d203be2afd1de6c340cf463a63e6845885e2a154d91a0f0e8812f,2024-05-21T16:53:56.550000 @@ -248173,7 +248193,7 @@ CVE-2024-27390,0,0,fd939b5a46e3db47e38737677dc08895d4507457dc8c59f804a220890fafa CVE-2024-27391,0,0,c609df1ae4a0d8b672f84b73ef5e4ba82e2a581d1583d7f5330bf8875e22776f,2024-05-01T19:50:25.633000 CVE-2024-27392,0,0,d71bd39d141dc4709bff7fbbc837ba796224bb31c86e71592537c5234c653cf4,2024-05-01T19:50:25.633000 CVE-2024-27393,0,0,0d122d1a50515c52a623d15f9a0d95a22f7e02938fb8b22e82a5712750ad9006,2024-06-10T17:16:23.223000 -CVE-2024-27394,0,1,08a27f4278e90895db869570c2ad1394d2b1b7ce2eebd13c81985e703b3d5763,2024-09-06T14:35:11.027000 +CVE-2024-27394,0,0,08a27f4278e90895db869570c2ad1394d2b1b7ce2eebd13c81985e703b3d5763,2024-09-06T14:35:11.027000 CVE-2024-27395,0,0,f509312d757b52ad19fbd73ceeb6a726f1f69fc5206c32a2cd50e6d3c74db34b,2024-06-27T12:15:24.577000 CVE-2024-27396,0,0,e14a9534df6188e2d3948f71aa579b6ff342c8dd8805de92331af3aa294e2094,2024-06-27T12:15:24.647000 CVE-2024-27397,0,0,a0f40ad4c2f891849c489ae4b9841685ad4e227c084159373a42e20fef210207,2024-08-19T05:15:06.293000 @@ -249043,7 +249063,7 @@ CVE-2024-28805,0,0,57ffe0c5396b469d1d6aea3771a149218b95fafbad9b52c6f522fc5113787 CVE-2024-28806,0,0,b0870c92c612bc52e55ac5da958c74e320d7e205346206836a7ae598363f9d27,2024-08-05T11:35:01.757000 CVE-2024-2881,0,0,65fc535be8a815e92053ae1d797e8977602b99048c471a2a98041135b70a0df9,2024-09-04T14:27:24.057000 CVE-2024-28815,0,0,a66a592511ffd5b563fa083295811494fe79ce7c34bc79ae02ae7f38cd9af9c2,2024-08-01T13:49:20.227000 -CVE-2024-28816,0,0,6ee14c0c184476ced399e15a2ac6d0162b81cd21899a98e17bebc5eeaa09e33f,2024-03-11T12:47:42.653000 +CVE-2024-28816,0,1,75a949219f8a896ffef945213a1610d3de2a2cf64da977b1d4287b567e2864da,2024-09-06T17:35:06.960000 CVE-2024-28818,0,0,553ea080520e3ef7d7c194b1130a084d77d8e937a2b2bb8942609e2870cc98f5,2024-06-27T16:43:48.633000 CVE-2024-2882,0,0,ac3db032a55af245aeee4f2522d2c10c01bd50b8ed58cf00aeea2dd39d0cf75d,2024-06-27T19:25:12.067000 CVE-2024-28820,0,0,095fd29e11db669f6714a4a5dc4339712d67abbd0b3541df2a561e8f599caac0,2024-07-03T01:51:51.323000 @@ -251120,7 +251140,7 @@ CVE-2024-3176,0,0,b581b35f96c3e71f6864e9ec04e922ca6011a2abb5dc1a155976a5a31d9d63 CVE-2024-31760,0,0,f16f02679dd1d653421cfa1b377c9d22a632b6c4fccebc3d14af855ae5a31d71,2024-08-01T13:51:06.777000 CVE-2024-3177,0,0,572d97d46eb0c253ee03c3934b9d649f7fc7d88b4a672b4edb358cf1ed9c5fcc,2024-05-01T19:15:27.480000 CVE-2024-31771,0,0,c3825df4b447ac4b345aa011816cd48fbe81f0c245e9701ffd2133b4087f8a30,2024-08-23T16:35:04.007000 -CVE-2024-31777,0,0,ef9296c289f84fbcdb21b0dd4c346ef8f49d1c2a11212e62a5ece22535a4ac6c,2024-06-17T12:43:31.090000 +CVE-2024-31777,0,1,da4353a4f0737942663a07d7116ef4f3311d2e7b3ddf37c7de09b9535063afe5,2024-09-06T17:35:08.643000 CVE-2024-3178,0,0,bf4c45e3c1d782f870ed9c6a613a91c31fb14e19f71f9399652568b39bbae160,2024-08-30T22:15:06.333000 CVE-2024-31783,0,0,dea8534fc1b6933b26cda6217a1982520e5d50556b9ff7b4e3fbbb8c80f4a35b,2024-04-16T13:24:07.103000 CVE-2024-31784,0,0,872beb17d1c68d7ed92a4188cf9514602c2aada50c10052ecdc3a0e44dff88ee,2024-08-01T13:51:07.627000 @@ -251415,7 +251435,7 @@ CVE-2024-32147,0,0,ed14700cccfb0cda87a633109f0f7bc757ba5c2081f42bfda22f3a7feb6f7 CVE-2024-32148,0,0,22eaa682ca57be740d99255c2e5fbd248f14af606d84d6d3c9100973529ff0b8,2024-06-13T18:36:45.417000 CVE-2024-32149,0,0,b2b226678f5b6fc3063af16db3df1b1f5beae60c5b5de2cd72494f3a01514fcc,2024-04-15T13:15:31.997000 CVE-2024-3215,0,0,e5fb2a5f0603876a47fbaf0581a5b0a27f3e787377440e3d933b055fa124676e,2024-05-02T18:00:37.360000 -CVE-2024-32152,0,0,a8965bd98aaf555e9ed23e2749d018dcc788d77b05f790c2a8051b506ebc5a9c,2024-07-24T12:55:13.223000 +CVE-2024-32152,0,1,df67a1c7620164eaaccbec2e8f2fd9292dea378bf2d693bf6152652954ec5ae3,2024-09-06T17:22:12.383000 CVE-2024-3216,0,0,36d9056f12425336af262dd787bf04647621823ca6d005690ab6601a9ec48458,2024-04-08T18:49:25.863000 CVE-2024-32161,0,0,aa486a10e1c1e1d4ce96087862c0685a8206cb453d4b368274ea4d3fc4398d92,2024-07-03T01:55:49.600000 CVE-2024-32162,0,0,79bb256c753e86717e2b344f028c2567dd019ed62cdd4e35ab62a9b68c306261,2024-08-01T13:51:21.033000 @@ -251861,10 +251881,13 @@ CVE-2024-32759,0,0,e561891056edc630b07789b7eea3e9c4ca316a3bd4320f86e19aed48b5719 CVE-2024-3276,0,0,954e640f132b9cefdd02d650fab115252b37920b2c727ceb9c716e480c00b1fe,2024-07-08T14:19:01.997000 CVE-2024-32760,0,0,8a4cdc5bcedb63264846221216208f424d8dc5b52e5ca3fc3e32534258ddc5b1,2024-06-10T18:15:34.203000 CVE-2024-32761,0,0,6f0bcd58c8810c383235a1c03265eeb31754d4f607b95d657c69e92af8f87390,2024-05-08T17:05:24.083000 +CVE-2024-32762,1,1,b958d021669c0b0cd801bb87db2a0c116ecab2ecb87d5d4a6bcefbc7ba2816f4,2024-09-06T17:15:15.697000 +CVE-2024-32763,1,1,8e284924e300248cf28ae47c8caeaae01d97ea31efa09ee35089d36761f23faf,2024-09-06T17:15:15.920000 CVE-2024-32764,0,0,cbd096bb04ee402e99d0d45a6cfbe8f32e2f75d2ff7a1df390f3f5f243db0155,2024-04-26T15:32:22.523000 CVE-2024-32765,0,0,35561f1e2d8e5dd6735e6e8df0d66c0f4f8b058fbb28846300e2342f7a1d6cd4,2024-08-12T13:41:36.517000 CVE-2024-32766,0,0,9d30325125ed70eb28a6908ff1f024ce0f6a7eaa4cb759703e88fcb2e840ce2c,2024-04-26T15:32:22.523000 CVE-2024-3277,0,0,b592398116a75f979391fd7af2ddcb8b25c0761ad60be8a878cb41360c56e23d,2024-05-30T13:15:41.297000 +CVE-2024-32771,1,1,d08873ddc3d79667c0bb7fc81f667754d1a0f452bd3993057afa767a33b45f70,2024-09-06T17:15:16.077000 CVE-2024-32772,0,0,01d607098e736d0def6b40c8eb83d353249a9660360929859e991ce179c3c6fe,2024-04-24T13:39:42.883000 CVE-2024-32773,0,0,bd43be03db9e543f482786f89054c6832e43844e7d63ec7b86c385d56a1c12fc,2024-04-24T17:16:50.397000 CVE-2024-32774,0,0,16ba2eb1abe290c6d1cd0f6b863689f4728f1ce1e716cf1fab2a1a9af035904c,2024-05-17T18:35:35.070000 @@ -252244,7 +252267,7 @@ CVE-2024-33371,0,0,e62923a0247293e9f796432d7299bfd32c3f9d7f0037d1c3b023058b5d67d CVE-2024-33373,0,0,1310aa8488d26ba93bc57409318880dd75ff8c9ca32bcabb44ee33f3844ee015,2024-06-17T18:15:15.920000 CVE-2024-33374,0,0,243e9f210ed37aee6e82391955d78875fcc399a2a4a1c88574efbf4fc6f1f077,2024-07-03T01:57:58.047000 CVE-2024-33375,0,0,5d7df8240369da1ea82d816f49a8798a22ce4828b4c1dbb3062e5d8eb520b928,2024-08-01T13:51:54.967000 -CVE-2024-33377,0,0,6251b0a1a5395fb43785352f146ee3a108da78ac236988b83117c2dea94d739f,2024-06-17T18:15:16.107000 +CVE-2024-33377,0,1,5c66eca70fd229829a7599a954669068b1cb2c9f37ae66f1e849ed753dd8febc,2024-09-06T17:35:09.517000 CVE-2024-3338,0,0,b2327c11e1d762220f8764f83498076a393d83520a65cf1a3ec9854d72e0d01a,2024-05-02T18:00:37.360000 CVE-2024-33382,0,0,dc1b896c815bbb6d05d98ce7170409486d331681fef4f2caee5818b69d11fbd6,2024-05-09T13:05:45.620000 CVE-2024-33383,0,0,a17ca065fb2e7fbe2ec9dff63547764a7d93f23fc83c9cf36fdef1a320ec24ba,2024-07-03T01:57:58.903000 @@ -253172,7 +253195,7 @@ CVE-2024-34638,0,0,91fe3b834e3462c15fbf154ef3d7ab38d545a9a64e15797ac8088d6d5c627 CVE-2024-34639,0,0,5126f9cb6c976682c17d65ace1405f88764b328ae3db088d28e0b57940c92216,2024-09-05T18:04:37.677000 CVE-2024-3464,0,0,9e608448fda895152ed315d883c9d4488539c5d01a2437614b47cfb67b0a4466,2024-05-17T02:39:57.540000 CVE-2024-34640,0,0,4c7fde7ff03197842352a86e70dbc537d9f440fdf4872caf494fd8acfe50d0ca,2024-09-05T18:04:28.607000 -CVE-2024-34641,0,1,c77ca2edd0db150eb0811c6441d08a57704276bdc068d117b8e1f90660357ea8,2024-09-06T15:27:40.647000 +CVE-2024-34641,0,0,c77ca2edd0db150eb0811c6441d08a57704276bdc068d117b8e1f90660357ea8,2024-09-06T15:27:40.647000 CVE-2024-34642,0,0,54c219cd85c017e71c929c36652a56a6824f245d2f9be41abdf874c9b8dc39de,2024-09-05T18:03:57.407000 CVE-2024-34643,0,0,fbb923e6665e4b9fcb93b30b65b07d4c83673c639c27d25afd12c5e752b948df,2024-09-05T18:03:12.323000 CVE-2024-34644,0,0,3e53979f9850d51f064780cf789bbea28badd5caf32db28756d92b8a7c8bcf96,2024-09-05T18:03:00.687000 @@ -253188,7 +253211,7 @@ CVE-2024-34652,0,0,5fcd4fa460cbaeec0f8df845e452b826bda7eb569c47b7926c3e1d9633ab5 CVE-2024-34653,0,0,677330c93a4b4f53244647b85632be75f577b8d63e27df66036ceaf9279b43ee,2024-09-05T18:04:40.810000 CVE-2024-34654,0,0,6f465f944e3d70bce6526d6d1148c1e634bb7c08992888ceb1abb536af6c667d,2024-09-05T18:00:07.057000 CVE-2024-34655,0,0,dfac8eb7e02ea4fde394dff14f36d75c33b2306795d4e4e527cae6398c8df500,2024-09-05T18:00:39.270000 -CVE-2024-34656,0,1,9b7706f2da7b41644d68334787754fd19696d282433ff97b1c940cde45b0d353,2024-09-06T15:57:25.657000 +CVE-2024-34656,0,0,9b7706f2da7b41644d68334787754fd19696d282433ff97b1c940cde45b0d353,2024-09-06T15:57:25.657000 CVE-2024-34657,0,0,e76dd3b191c96b6eebc5e6b8603c75eeff96d8eae90f914ab3a15f3eb419d2ec,2024-09-05T13:48:54.077000 CVE-2024-34658,0,0,0bdbae0b2b42061a8353c4769a7cf5c4aeee0cbc7bbbfd2a997adcca4577f91e,2024-09-05T13:48:52.273000 CVE-2024-34659,0,0,dd3f9420e24bf859148c793c2123fe1fcf6f82da97ec67367518f44415c24946,2024-09-05T13:48:55.767000 @@ -254493,7 +254516,7 @@ CVE-2024-36517,0,0,f6ee0eedf2e64a55166ea4be64f622599a7d65058d16696b7490edcac4631 CVE-2024-36518,0,0,064cad3de67032c4f830b8ce3196cfd8df79e51094d50317231dcf250dd1a617,2024-08-12T13:41:36.517000 CVE-2024-3652,0,0,df71e97982cfb8bbdea2c8b53979ee8792aae4a73aef6703ec1b621d3f12e772,2024-05-01T17:15:37.793000 CVE-2024-36522,0,0,86674e42114231d1026f4ff35fe6fe6affeea594b7c00b1a81ef4e17dc0fe83d,2024-08-01T13:52:58.033000 -CVE-2024-36523,0,0,3016893dc57dcd62edd08208dde4ce2567742ed11633d9956e63ba6b508801fd,2024-06-13T18:36:09.010000 +CVE-2024-36523,0,1,509aa41f79d639bcf8d1da94de1df3fba083ad2047ce4b8c7f980f34318ba2c7,2024-09-06T17:35:10.403000 CVE-2024-36526,0,0,1ddb30b565e6d7a152e00264224393d020c0bb948b7f968c326e2d1f8170cd41,2024-08-01T13:52:58.227000 CVE-2024-36527,0,0,5a4da781a91464af6910d804126691f30125cf5f5ae9e52379cc70e43ae0f627,2024-07-03T02:03:14.827000 CVE-2024-36528,0,0,219b411ec1aa5180703f379d25449667f2052c277c02e441e2817dff73b784e2,2024-08-21T17:35:02.500000 @@ -255201,7 +255224,7 @@ CVE-2024-37625,0,0,95c9b73188ad25a4b67832313f47c75a350d24daec22e7fd49da395350f4b CVE-2024-37626,0,0,67f0e21678f6260b33b002fa2f7c441578e8bb71c1b35d831202b3d9d14d22d7,2024-07-03T02:04:23.230000 CVE-2024-37629,0,0,c452ca69266bafb149b8a8c25dc755c132605c57e188dcb250482aa14f3f8d70,2024-07-19T16:13:17.120000 CVE-2024-3763,0,0,cd55c084ec54d3c0946f7ee5493c1963824aa0176b48aa87ed4ff8f27854003d,2024-06-05T20:15:13.530000 -CVE-2024-37630,0,0,dee490b16555575e984fef6b53d7765fc875bc84b7dc261110f314722879b3fc,2024-06-13T18:35:19.777000 +CVE-2024-37630,0,1,b73fafa23f6f8f8d3f613797e56521f00b8303c2808cdb99d411fdd5c8f71481,2024-09-06T17:35:11.240000 CVE-2024-37631,0,0,a5cd8ddcd7ce699acdac9f3f2fda8f6d11cc509e6dadfd80153c488cb1c74926,2024-07-03T02:04:24.127000 CVE-2024-37632,0,0,d01b52b8e66490156eb3a16ca33b4814211737a83815b462a53e59e26de8e387,2024-08-07T16:43:37.570000 CVE-2024-37633,0,0,99956c5373735a5feafab5f8f91db462df7c04d480ce88e052b279d716c258f7,2024-07-03T02:04:24.930000 @@ -255631,7 +255654,7 @@ CVE-2024-38312,0,0,1eb38797c2d82d591d8abe57f1d4573a3412cb86f39c7ea700474f2d0b5ea CVE-2024-38313,0,0,99d0ffe48700cf0aafe0ab7664577089c510c6757d7ad1e1517ef516a283543d,2024-06-17T12:43:31.090000 CVE-2024-38319,0,0,baca4c6dd463198ff6e83e4d1d026e029418f6c2a504c13c76e1be823b804509,2024-06-24T12:57:36.513000 CVE-2024-3832,0,0,9a695728462575e75497ca13bb41d4307d467f786773e32ceb92b024954b50b9,2024-08-14T20:35:21.240000 -CVE-2024-38321,0,1,2710f443b4070c40eb4ddb90b32a5c6553d12d8c8899edd19abf3192e0c71b2d,2024-09-06T14:50:53.583000 +CVE-2024-38321,0,0,2710f443b4070c40eb4ddb90b32a5c6553d12d8c8899edd19abf3192e0c71b2d,2024-09-06T14:50:53.583000 CVE-2024-38322,0,0,74b9e97c7c82afcc24ac902608f17e4ba9d4e2fd0a18a6e0da522de36e8692a9,2024-08-20T17:27:59.567000 CVE-2024-38329,0,0,515bd4f8a6975d0242eb5160bb598bf35297ce9bdbe7a3832edd58be7833ade0,2024-08-03T12:15:16.803000 CVE-2024-3833,0,0,d8bd7ba32ab0c5df93ed1bc71c84eca78bd804cb628236293c000739d365ad50,2024-08-01T13:56:42.740000 @@ -255896,6 +255919,9 @@ CVE-2024-38635,0,0,82c05d5461024536a7eca544742658a15aca67670d5473d3ab28fcdf85287 CVE-2024-38636,0,0,39fe2743512ad3bce5f80041cae8719a346f16bdf419751542e29e8318105523,2024-06-21T11:22:01.687000 CVE-2024-38637,0,0,73dfe838ab3a4a3bdef26c72205f7e2908e62b38c42443b0d3887f952bc61af5,2024-07-15T07:15:14.093000 CVE-2024-3864,0,0,c7c600ab2d47995fde4727e677425dc294b0dc7019ce4f56ba3ea3d46f02c40c,2024-08-12T17:35:09.733000 +CVE-2024-38640,1,1,0a9cd90ebfbe37ad1e2182183348d7a0f69130cdae9c1211d208c9fcc20b6758,2024-09-06T17:15:16.443000 +CVE-2024-38641,1,1,911194a65196a2372b31f65b46b0030ec8684f073af8b9dde60a51379b15a532,2024-09-06T17:15:16.550000 +CVE-2024-38642,1,1,0bad981e037cb7c53782d01ba764ae7638d3436cd6e0adf410e8b18a9609bdb3,2024-09-06T17:15:16.677000 CVE-2024-3865,0,0,d6f5dd3766d85f1a043ebf5d3172442b73d2c19e5b446b7220941e0632bb3f23,2024-04-17T12:48:31.863000 CVE-2024-38652,0,0,c09b7df399ce36bfa6f99e496912789d409fa436d96980e8d3bf3eedfe5b5878,2024-08-15T17:32:39.067000 CVE-2024-38653,0,0,c8ed77058a52701b560001b5f44bd7270c8687b6c4890948d6b9eaf03edfd74d,2024-08-15T17:32:57.587000 @@ -256541,7 +256567,7 @@ CVE-2024-39704,0,0,1d59c065d69d465eb86bf6114b5299aaf44c728f69d6748df6b6bd65077d4 CVE-2024-39705,0,0,e4b6d32dbf56290b80b8c0b89889459c855e182d434956c162d34a43f4f676db,2024-08-26T16:15:08.633000 CVE-2024-39708,0,0,2eafb164d29e8efc470b1c615a7a961efa5060a31edd6795a1174fbb57cde7b9,2024-08-15T16:15:20.100000 CVE-2024-3971,0,0,232de18e9e74ddfe0c81af44fc47161b6db81bcc698685ef24ea3f7084d9ef87,2024-07-29T16:51:34.570000 -CVE-2024-39713,0,0,b3e3e0d8b3515d4d46b8be4682c466cda0b8a7349b24f7e16d49f1073ff7de9b,2024-08-30T15:47:55.637000 +CVE-2024-39713,0,1,8b5ceb8324ff1f59d883393f3c2fa903aaaabc7a64330bd1fe2b73aa3534e83b,2024-09-06T17:35:12.380000 CVE-2024-39717,0,0,5c727700f5fb9ffcdff7d74de82f8cc7669d0dbb9bbb395cb4e4ef77f2b2701c,2024-08-28T19:47:25.410000 CVE-2024-3972,0,0,0caddd7b34d493c3554c875afe72275890f23d83038241874e85ef811a9076b6,2024-08-01T13:56:47.637000 CVE-2024-39723,0,0,003097d794792a3e1194202f71608927b35e402887d5f5ddf07d35b5dd183916,2024-07-11T14:54:10.243000 @@ -256930,7 +256956,7 @@ CVE-2024-4075,0,0,29d19ea935c989efa2e770180ba61eb06fe49f0b181d6d812a7498d3145b98 CVE-2024-40750,0,0,123c568c4a271c6bb023f9091df0f00fec1f937f3d0585148d7948581d7b9455,2024-07-11T13:06:13.187000 CVE-2024-4076,0,0,3600a7160ba6cb63d73da78d982aeb737757fd1783e0b44697873d9ae49c2d36,2024-08-01T13:59:24.073000 CVE-2024-40764,0,0,ab85577e2cb5d9a786ef6b191ba8264da7952ad06ab8f1b0e070c99f55710d56,2024-08-01T13:58:00.227000 -CVE-2024-40766,0,0,9b19e3d52aaa135f9cc56596c996a927986297a8633542c152546999e540f888,2024-08-23T16:18:28.547000 +CVE-2024-40766,0,1,e31161ec82c98df7ac27cd9814f645a0cb258a6de6a168796806651ef268f178,2024-09-06T17:35:13.197000 CVE-2024-40767,0,0,0f0f227d49db4f76a18af060eeadd57ea0ca5da0ccc7bd26ef12905f9453740a,2024-07-30T19:19:40.767000 CVE-2024-4077,0,0,d4f08c4fa42913c8d00f3fecbe96233f1448e9383bf97ebcbeca4cc0f2c8ae2b,2024-04-25T13:18:02.660000 CVE-2024-40774,0,0,20f4c2f88088010929acd58158f18d58b2de8f6cd0c1c18a2a116c0b40766ad5,2024-08-20T15:16:40.210000 @@ -257412,7 +257438,7 @@ CVE-2024-41564,0,0,ed2eb1a56935798a0fef3d91df46815a2d063b1d7caa9d554fe7f607bff6d CVE-2024-41565,0,0,73705e4299029ad2a5306d99d1289512d405841c1f23cb5741b41f59418e695d,2024-08-29T13:25:27.537000 CVE-2024-4157,0,0,ac5ec2e690c76b81403cfa49bc63d1a8caa2fb9d97d28a1055398849720db727,2024-05-22T12:46:53.887000 CVE-2024-41570,0,0,548cd2006d0021700d97d9ac462942b0586c18cb85e20f0c023fdc6e3f8676c8,2024-08-29T13:32:21.020000 -CVE-2024-41572,0,0,3538ce626eeeb6e9299463c0d735b4d1491706bbb85dc5c5ebc08929e34353d5,2024-08-22T21:15:16.797000 +CVE-2024-41572,0,1,5ab0affa6bbc5d5f486a4c3a5f4ad932ecbaa2919c2f69bc28efbb9f6dd3e06b,2024-09-06T17:02:47.470000 CVE-2024-41577,0,0,1db7c1144df378d1f0197182c3eb7cc1bf4798d90e82fc3037fda80bd09f3f04,2024-08-12T13:41:36.517000 CVE-2024-4158,0,0,9bd0a38e47c5b6d26f1e587737a0ffeb7c251278f38061995fc29ba309646aa6,2024-05-14T16:11:39.510000 CVE-2024-4159,0,0,72a4ec46db1a22f62474bfa22a14f37a28a6ceba3042de92b905fca6cc58c082,2024-04-25T23:15:47.087000 @@ -257609,7 +257635,7 @@ CVE-2024-41908,0,0,4395c5591073b43f4724f4131ff7c57ca0e5c0cbe6832eb0944957596ef1d CVE-2024-41909,0,0,ae6686d5ad4d2ebfd635dbae6d1f881b365882bc35a01efb94a8b8f78e60a1e9,2024-08-30T18:32:14.467000 CVE-2024-41910,0,0,06fef1a1746e307a7b6963424f9e76401a3fb6190b3818fc37dc793d73a60b2e,2024-08-13T13:06:13.467000 CVE-2024-41911,0,0,b542ab6549d1a6ba75d487319609cd34daa1d1d30a8cdf77ef05c27a0b475654,2024-08-13T13:06:50.707000 -CVE-2024-41912,0,1,87ea3b9bad9f8b63d89c4540ebebc21c4d13ff1285933095e3aece696e2e2968,2024-09-06T15:13:26.177000 +CVE-2024-41912,0,0,87ea3b9bad9f8b63d89c4540ebebc21c4d13ff1285933095e3aece696e2e2968,2024-09-06T15:13:26.177000 CVE-2024-41913,0,0,c6ad0a1fb279b7b6cd3ae0202ead0c310e4163291803f6da39ff84b133ebe42f,2024-08-13T13:06:48.547000 CVE-2024-41914,0,0,cbc550b915270d7e2f2879c2f4d0216e7f6bd6d1cd3a3c180c2f13327702487c,2024-08-01T13:59:14.250000 CVE-2024-41915,0,0,79e27d81a466e27de33128fccf775ada519c090b73b4d198c18c4a0be866e968,2024-08-01T13:59:14.947000 @@ -257619,7 +257645,7 @@ CVE-2024-4192,0,0,0768e429bccaed861e82d220deefd437e5feb26a94e95c7a12162631897066 CVE-2024-41924,0,0,06cc2d8c551d8fd39f4e2ff31447bb4070ddde2d992cf8f0c8cb1b0035280973,2024-08-01T13:59:15.743000 CVE-2024-41926,0,0,d7564816d433232552fda23a5f10a79963d6c502f628c4841f8484c17aa4f54f,2024-09-04T16:55:35.570000 CVE-2024-41927,0,0,3f14dee01fa3694f7158b974636fe5732c1b814a7e4bf1d4bb902d85a63f55ab,2024-09-04T13:05:36.067000 -CVE-2024-41928,0,0,05da596a46719b7fff49d3ba366cedec1c4b490f560d51bb3d3b7047069a99a4,2024-09-05T12:53:21.110000 +CVE-2024-41928,0,1,fac45a5eba953351f64e8420aefaa828221c1e8b109e75da05d07c8ee7a8c443,2024-09-06T17:35:13.400000 CVE-2024-4193,0,0,4d4f4fcde78b01b33e30a077c434c1714d01a9ac9cd58d916bc86b963b6ddbd7,2024-05-14T16:11:39.510000 CVE-2024-41936,0,0,d330b2a32a604797fc4eb94f395ba3140911090caf0d19e4d7603d421735298b,2024-08-20T16:26:54.663000 CVE-2024-41937,0,0,17d01be9af92612ee6b4d89126a811836507d3fbf35417e172928be42551212a,2024-08-23T16:21:21.893000 @@ -257863,7 +257889,7 @@ CVE-2024-42253,0,0,6e0fa931ea229e2f23314c5453d8b7e015461615e534d12df0d8c2957c5e1 CVE-2024-42254,0,0,e0173cdd4809cbf30e0c1ff24a3b56e94fae700787305a6587ee3f29a79ddd0f,2024-09-06T13:40:04.737000 CVE-2024-42255,0,0,34fe6ca394a4d37dfeae64c43b4e81284ae1fd88f707998530c97485d050831b,2024-09-06T13:41:30.843000 CVE-2024-42256,0,0,f03d3d34e99a43b4ab4d3700a1810230a20f71fae4e12698f26d3c94c2fbe1db,2024-09-06T13:56:00.207000 -CVE-2024-42257,0,1,dd66a8bc9ea528d2f2ed1dbef8528f021678b42931c435b735ebdb99ef0374d3,2024-09-06T14:12:22.577000 +CVE-2024-42257,0,0,dd66a8bc9ea528d2f2ed1dbef8528f021678b42931c435b735ebdb99ef0374d3,2024-09-06T14:12:22.577000 CVE-2024-42258,0,0,6b21eaebf58128d72e1ceab7d48900d2d3972b04dba8579ddc705c6be6f5d3cd,2024-08-14T14:15:27.727000 CVE-2024-42259,0,0,29b4a2e7ef9e0c3eb8144aa95f30b45d14ba1954b7d6ca5651fd3521fa620dbb,2024-08-19T05:15:07.053000 CVE-2024-4226,0,0,5a1ca6b12b6f72b0f4206f29fce66dc2868959ed888bfbcbc74131b5725a94eb,2024-04-30T13:11:16.690000 @@ -258062,7 +258088,7 @@ CVE-2024-42553,0,0,8f227c5ce6dec5fca50f603fee4bfb7fdbed42a017e18f5af0ff87fdb6ddb CVE-2024-42554,0,0,607af9765da36ac41c494fb4a661f7b3fda4b009cba4b1ac1fb452a65cce01a1,2024-08-20T15:44:20.567000 CVE-2024-42555,0,0,c04e4ccc144ae75e0f52b65d3def4d5497ae77dff950a9988affe49cdc7ed2ad,2024-08-20T16:35:23.320000 CVE-2024-42556,0,0,81d6db8e8a0baef375d5428aa737e7b39335d62051ece35a19f26aa45f376141,2024-08-21T16:35:08.730000 -CVE-2024-42557,0,0,7f045eb8af1bf1ade913604258f04af7f27b2c20c98ea5154e454d7e7b0d59af,2024-08-20T15:44:20.567000 +CVE-2024-42557,0,1,1e84bbc90e36d6c037e1766091beeed77ce5e49df20950600fdcdda59d6bcfa0,2024-09-06T17:35:13.597000 CVE-2024-42558,0,0,d0d55b5754a8cdb8c903faf57f92e239068d1e9db5f28d39c6f26f03e32bb295,2024-08-20T21:35:04.467000 CVE-2024-42559,0,0,5bfb1eb26fc68874c5f0c03cf099efb8a9649c42bb96379dd6408dae9ac674de,2024-08-20T19:35:10.850000 CVE-2024-4256,0,0,2885dad709315de5112b738946979afcb06c4d717b1b754bf7bfd87477f08c3d,2024-06-04T19:20:34.517000 @@ -258146,7 +258172,7 @@ CVE-2024-42675,0,0,92c6b6457955ed616d1577d62ebea7dcf172d2ecdd66922f34ded7a7ee2d3 CVE-2024-42676,0,0,ee04f7bab8ee13bdc864d5bc2a4a11bd3644007d71c7b1c26d6531bc1196494f,2024-08-19T16:11:33.843000 CVE-2024-42677,0,0,85c08a22e8a37131c90308072afe209c51004b01a70c30ff33acbdf877c43e4a,2024-08-19T16:08:17.727000 CVE-2024-42678,0,0,ce8a3f135d4f809369d6b75de9ff99127513c0db10a407cdd20ba786f1f3cdc9,2024-08-19T16:06:36.343000 -CVE-2024-42679,0,0,2ffe2a4be5c215d810f5b898b95b8290538512d66dc44037835c595a5e530f63,2024-08-21T11:06:24.627000 +CVE-2024-42679,0,1,e76aaa5887122d6232dc83073fc758cc42de2802e94141ff1ce4fac272e935d1,2024-09-06T17:35:14.393000 CVE-2024-4268,0,0,ed1b7008ff1a2549bc2f685279352d3a8f5b6d435592b2f29fd10fa9328ca71d,2024-07-02T18:08:17.817000 CVE-2024-42680,0,0,b168ab4cd2e2150be7aaf36c84a318add99cf48e6e7026b9bd7262bb9f167200,2024-08-21T11:06:00.887000 CVE-2024-42681,0,0,38014007bcc5735791461b793967c4dfbe475531f64d8682f14c63500277a9d8,2024-08-19T19:35:08.437000 @@ -258240,7 +258266,7 @@ CVE-2024-42913,0,0,2ff9c56d853649a800b84b6cb1da831a3ed40465a00c98ace5410f80abf8e CVE-2024-42914,0,0,3f5ac8ab7960d4d4afba31e3c38cdf6845691feab9592a20b6c730d697770531,2024-08-26T17:35:10.510000 CVE-2024-42915,0,0,f864c31afbca80b902e69688b4024ae2389f775878951406a546e92d288d6fa4,2024-08-23T18:35:05.490000 CVE-2024-42918,0,0,657578840f633e762a27e4a0853fb47eccdc1027e81e0975d029fe8916be4e17,2024-08-27T14:47:12.097000 -CVE-2024-42919,0,0,7884ca2db3b42df8cea014fe9c7f92e13b5906264980e99d7b276d089e845d16,2024-08-21T12:30:33.697000 +CVE-2024-42919,0,1,9d550152ff2dbb619a2352d654d17d8b55fb6100bbcd2b5aebd58ed74198ad98,2024-09-06T17:35:15.190000 CVE-2024-4292,0,0,3da8afef6eac3f0e74c17cae2760dab77b8f6d77627214b0783fc9bf5f2f59b0,2024-06-04T19:20:35.097000 CVE-2024-4293,0,0,32ea35cbc5ba91cf83ff71be9c2b19347dd1b3b0949ec88573415a66fabe3aec,2024-06-04T19:20:35.203000 CVE-2024-42939,0,0,de039fed771097613977a1859b988b285b10e3afaa2ac25fdead7645e1c3a33c,2024-08-31T02:58:34.660000 @@ -258252,7 +258278,7 @@ CVE-2024-42943,0,0,65be748316e28c3e012b02c07cb2acdc9089785ab234cef5a5ac32b87966a CVE-2024-42944,0,0,f6c484d3a149f0abfd628917712128d294643148c09cc797b6deeefa656227a8,2024-08-15T19:35:13.737000 CVE-2024-42945,0,0,527c2acfc2ac79e3ae4484bb113cde41f1a0c19bbf139705416ac7d653f09941,2024-08-16T18:15:36.950000 CVE-2024-42946,0,0,d0f7e8d7d1788119449618db3b1da4ffbfa720ab07647edae28d1ada00373d08,2024-08-16T17:35:08.227000 -CVE-2024-42947,0,0,e7d01f7003d2f409e61d4e637f7500689fb65c07673a6b4b02e4e7886d96fafe,2024-08-16T13:32:05.103000 +CVE-2024-42947,0,1,137e28ab0008e6472e4ec4bdca125217f60aac5ff19d42d47f1062829b53f04d,2024-09-06T17:35:15.987000 CVE-2024-42948,0,0,4727dd22a0403edbc3fcca21716cc1b2ada4ce207acf040c2c79859709e837d9,2024-09-03T18:35:12.773000 CVE-2024-42949,0,0,44c6441194e695d5a683578273dc6ba440e5cf17bcd806ba53209d34b464cf71,2024-08-16T18:15:30.507000 CVE-2024-4295,0,0,848d1af2676088d8bdb79c5f7e3bd4f81684dc40347bc492c56560372b53041d,2024-06-11T17:15:18.997000 @@ -258264,7 +258290,7 @@ CVE-2024-42954,0,0,d7dc5fdc7066bd66ef4157db7606f6118c02f98972de6c14f0326e5f39a08 CVE-2024-42955,0,0,00b8e7d9e7586e92f9d97b1e6a1644d4d4ca5fa3cfd628bfbd234416a0d76773,2024-08-16T17:35:08.957000 CVE-2024-4296,0,0,052b4ea8fe5e477de9d37ee5afe4ea95ec74241a638e1e02dda20e9782a7e237,2024-04-29T12:42:03.667000 CVE-2024-42966,0,0,11fb4f8406b51aaf92dcd9c74f137affdd9a6a6d3d3dd012cff469b6ec43d58b,2024-08-19T19:35:09.913000 -CVE-2024-42967,0,0,7e74ee4a2d6a17af6b0f12f00eb90c60c9c52c49e61e430789bbc0c38446386e,2024-08-16T13:34:29.780000 +CVE-2024-42967,0,1,9bc6baaf78abe67d011872c60700b9f7e2345b7623db19a03a7fee28d9c0f735,2024-09-06T17:35:16.717000 CVE-2024-42968,0,0,ea8af3ba9d524f0f7175c3ac05010317eb6e0c3232797df2ec4eeeed8bf7be47,2024-08-16T18:14:39.303000 CVE-2024-42969,0,0,8304dea3c274f1ae2ddaad05a344a9bb249c0e2abc4bd40a669c59c89b06623c,2024-08-16T18:35:15.027000 CVE-2024-4297,0,0,391cde32595a6f10054c7e99797c9f48482f1c612a355cb934b7ce023c8828d7,2024-04-29T12:42:03.667000 @@ -258391,17 +258417,17 @@ CVE-2024-43236,0,0,023011a32949e87f6bc318354cd0a34190696d548e7018a1624254d686b58 CVE-2024-43238,0,0,c8521e7625c83e605f0b6621da252175bd1f21854b9854934939807c71b6a24b,2024-08-19T12:59:59.177000 CVE-2024-43239,0,0,79d51d8573e5ae7ca3d4a994fc625c6641954aca391d8556cc284fe714bd5440,2024-08-19T12:59:59.177000 CVE-2024-4324,0,0,fc63521759a8641132ed78ae3099f2b2ca0952db3d329b9ead7b1b38a39cf68e,2024-05-02T18:00:37.360000 -CVE-2024-43240,0,0,1e36d49142341dfc276ca2c9a31217c7268b0c833e13e28494158cdcd691b2c8,2024-08-19T18:36:07.297000 +CVE-2024-43240,0,1,c0337462e0216defbb94a6add218ed181e8b2fd60593c83358aa092a744bcfcb,2024-09-06T16:57:58.130000 CVE-2024-43241,0,0,c39932a6e0a58bfac7ae4f1cf6af814f732177d07f4a962afc92645b7cabd135,2024-08-19T12:59:59.177000 -CVE-2024-43242,0,0,fddcd872b8e9a015101bd5f90d077add290353b7310be17f199e83b1914823f6,2024-08-19T18:36:07.297000 +CVE-2024-43242,0,1,636fa996f52062017b6b765b82114ab7344df4323c4de28305e8c74515111a81,2024-09-06T16:57:46.497000 CVE-2024-43244,0,0,1886195ce7a92c6294c50cae518f93eff0f2be660d6ad12e641d6bae1e37edd4,2024-08-19T12:59:59.177000 CVE-2024-43245,0,0,2b8638d0e152f7907646c235ec6c3796723307ed7d6ff6c611db5ee41d18dff6,2024-08-19T18:36:07.297000 CVE-2024-43246,0,0,44a65a28ca2af5cc21ed79f6503fa68b6cded6fd3bf6e91f921a120c96c44499,2024-08-19T12:59:59.177000 CVE-2024-43247,0,0,220191dd10152667288134a16c89cbb59fca851cc3c6624699a29db3935ac221,2024-08-19T18:36:07.297000 -CVE-2024-43248,0,0,6a13f78107791ff57a39ed29d7de26bdcdbaffee8662ea53d46b528dbd8b4650,2024-08-19T18:36:07.297000 -CVE-2024-43249,0,0,da066f138595e280cdf9e25966126d1d3aef579ac6d6562135b177671a68e4b7,2024-08-19T18:36:07.297000 +CVE-2024-43248,0,1,37e2b8cca688a0234dda3a9dab634a52bdc30376015e490ed29d6343038e8a15,2024-09-06T16:32:16.687000 +CVE-2024-43249,0,1,daa9c739bf37aa314068fc6a2bce3483193f437aa67d0043602d733ed9ca6ca0,2024-09-06T16:30:49.183000 CVE-2024-4325,0,0,76d9bad54216516dac1d03211c486bb781521a024ebba7e9a0e98047a78d0bf5,2024-06-07T14:56:05.647000 -CVE-2024-43250,0,0,77bf63c2156dcab9b54d4260595862492409dfce5d3ef4678379339d694267b5,2024-08-19T18:36:07.297000 +CVE-2024-43250,0,1,a841443f689b24b465816a01f105b6a5bcdc875b6da892ea807eb0553baf62d4,2024-09-06T16:02:16.067000 CVE-2024-43251,0,0,288c86c035f283137de3da99ba5c14446ca5b1bddcca54ee12bc0425a59e8a6b,2024-08-27T13:01:52.723000 CVE-2024-43252,0,0,b771f9e76d477a6b132719a51019c908bb6489774cbaa7cda1dfd67b307e9d1d,2024-08-19T18:36:07.297000 CVE-2024-43255,0,0,b6d91cbee1f38dc4f34c4c2cea2111eef43f73e9868d430d05c5d2d072f1af75,2024-08-27T13:01:52.723000 @@ -258721,7 +258747,7 @@ CVE-2024-43914,0,0,cecc040296533d16ec68f112b8d7429d7c31abfac86050a6f05da890be7d2 CVE-2024-43915,0,0,d179827f4a2239697e62ac501a97b8b3109220e3bde2278c20f3a196442ad24d,2024-08-28T17:44:45.193000 CVE-2024-43916,0,0,f029d23d9b2bb2878425bf53ff3e166ae08ff9834b0ced7b956909e8c596933c,2024-08-27T13:01:37.913000 CVE-2024-43917,0,0,763320422d1f5f6b627e67997133b73d2d81c353f19b439bce5f72673e32a57d,2024-08-30T13:00:05.390000 -CVE-2024-43918,0,1,ddd56bcf8df0ced2fd43f465099ef1734f47f7e198c9ebd8d1474897ffb0a07e,2024-09-06T15:51:25.957000 +CVE-2024-43918,0,0,ddd56bcf8df0ced2fd43f465099ef1734f47f7e198c9ebd8d1474897ffb0a07e,2024-09-06T15:51:25.957000 CVE-2024-4392,0,0,5c82c123a66d3444e81adbb958bd6b8cf11e432e36668571a78dbfc8c82c1c37,2024-05-14T19:17:55.627000 CVE-2024-43920,0,0,4fe0b9b4bdc3c773cef62ba0a55678a848520d2f26b7c394fdfed7064f320ada,2024-09-04T14:06:43.780000 CVE-2024-43921,0,0,8cb3a8317d91fe8c86f2a088d9aae7d066ad8cdfd297a2cc1e6c90830f46e738,2024-09-04T14:12:12.957000 @@ -258771,9 +258797,9 @@ CVE-2024-4406,0,0,4d2edf89174eefb11c1e35948c69459d7b4d6dd1a09c10eb7a0704c1561ef9 CVE-2024-44067,0,0,f6acc392be4d580c3750239c741db14e9e0b23cb38f1820ef772266e93e1673a,2024-08-20T20:35:34.497000 CVE-2024-44069,0,0,2eb956dd06d71bb925b0fe816cbe078cd7c5c9a8647e07e8d081256cc543fa9f,2024-08-19T12:59:59.177000 CVE-2024-44070,0,0,897c04ba9a67e5ea511bddee651919522720d2ac02cb9c6411d8cfecd25984e1,2024-08-30T16:19:49.587000 -CVE-2024-44073,0,0,ad93c7cd67f110b3f3dbf8094f03e2f128eb131898a84b811a05132b4dd487f2,2024-08-21T12:32:44.470000 +CVE-2024-44073,0,1,de55f1c002ffa890fb79df1a9da58802af7cfd53cb9325cc406c6e277fabf47c,2024-09-06T17:35:17.523000 CVE-2024-44076,0,0,d8ab474e3e0cd492e411ba495a07543359555360960989541af9d6ad1fd6855e,2024-08-21T12:33:42.487000 -CVE-2024-44082,0,1,eca3489830dade6ed42141e32f34d30f3f0c158d92e0366e9686c819b89d9a20,2024-09-06T15:15:13.180000 +CVE-2024-44082,0,0,eca3489830dade6ed42141e32f34d30f3f0c158d92e0366e9686c819b89d9a20,2024-09-06T15:15:13.180000 CVE-2024-44083,0,0,0fbb97686726ee4d6be299ae185c5a7e6d7807c436d290993d1b41ed0119344c,2024-08-28T15:15:17.050000 CVE-2024-4409,0,0,ef601ae22761768812ec6eb133885b7a6b08c5417903a944100f49b603e1172f,2024-05-24T13:03:11.993000 CVE-2024-4410,0,0,ca43b98286a78ab63b5139b50b93fc074ee9aec4c16e78097aa3514c43622322,2024-07-29T14:12:08.783000 @@ -258811,7 +258837,10 @@ CVE-2024-44387,0,0,f40bbfc4dd5c4303dcc7ceb337218443a73c6de292a9dc96408915cc8c9cb CVE-2024-4439,0,0,18d544a04352d4558f54a1793cd800ab605d9132c8464460d2f7ebbde183ef12,2024-07-03T02:07:34.593000 CVE-2024-44390,0,0,6367b383b322d2f53bd8e6d4e8d76904ca1c75a20fddee8fd1295aedac6b8243,2024-08-27T14:48:18.393000 CVE-2024-4440,0,0,32e49728cdc055a1dbfbd90b8e03664859c56d56e36afdc46644ff6b145c71da,2024-05-14T19:17:55.627000 -CVE-2024-44400,0,0,0c3e5b1800b447d6bd6ab238fd2bacb82ed9f30c0c18da18f32396adadb223dc,2024-09-05T17:37:42.787000 +CVE-2024-44400,0,1,46cca54dff368c30e19e4d79a9e5fc6607a7b0ccd1e0fdcd2b02aab471f7abd6,2024-09-06T16:15:03.030000 +CVE-2024-44401,1,1,d7e1eca6e4b5bbab07ba3b8dcaef091e82fde014d41242a147cbc898d94d677c,2024-09-06T16:46:26.830000 +CVE-2024-44402,1,1,66345d63e17d9a099a170e00d7f5d340c32f8d45e262f36914334d682baad4f4,2024-09-06T16:46:26.830000 +CVE-2024-44408,1,1,7197b2b3c5b0ce76b459295715f302baec8260eeb2649b36eaf8fe08e6fae7f6,2024-09-06T16:46:26.830000 CVE-2024-4441,0,0,ac0779300bad801b6c25a6a11418596c16f707acafd8505b85edf037d6de9dc4,2024-05-14T16:11:39.510000 CVE-2024-4442,0,0,9c1eda6fa3435f8c4d08218c5481ff931fe1467531bf106c3f2c1021638ef5a8,2024-05-21T12:37:59.687000 CVE-2024-4443,0,0,844cc6ae76fc91b0a9b2c7cc836e7c7382ecc4895f252d76709d68a22aac17cb,2024-05-22T12:46:53.887000 @@ -258860,7 +258889,7 @@ CVE-2024-44717,0,0,4633d8ec58d1349f11ca257535d78e1a19dae6e8b84c1661ccc3922a9791e CVE-2024-44727,0,0,519c6edd63986291fddd28777499b5bf49fa3688edaaf8c8b5736fac2c095d2c,2024-09-06T13:15:09.567000 CVE-2024-44728,0,0,cb7a7604dfcd48f9cda73a0c69d9a24576616f565cbb7b44a1dd956c1a2540eb,2024-09-06T13:23:23.743000 CVE-2024-4473,0,0,8a0cf4a98efdbfb5770862e11c920028f2e3a9a43c44eb843685fb5ef0c3f72b,2024-05-14T19:17:55.627000 -CVE-2024-44739,0,1,508250faa2e35fa83b62df00c700ebac0a014366777587ff05f9ffe009e520f2,2024-09-06T15:35:02.807000 +CVE-2024-44739,0,1,54a38adff579570d6fdeb42c9659a2340e73f3defb9a38a637d9838ec6a01202,2024-09-06T16:46:47.907000 CVE-2024-4474,0,0,f8c1a36ad14efe96f98dae06e1720ed737c744e50cd9a9e3991eaed9f98aef96,2024-07-17T02:48:04.213000 CVE-2024-4475,0,0,b199ea7732b827fa53d53ebb43badb03a8dff248a786cc8d7d2459800e62c08e,2024-07-17T02:47:07.620000 CVE-2024-44760,0,0,0d252ff08482783aaee88c027910c09101e7f32f15f52b69e5e2b4482012606e,2024-08-30T15:55:41.137000 @@ -258888,7 +258917,7 @@ CVE-2024-4482,0,0,30c719bdf44110f5d77595f668147507c21a010645f412257434e159bd101a CVE-2024-44820,0,0,f15637d2ac032c543e5fcbbe9f5d1cb1b7c83c8e990be9337cf6d7655fcc3e7a,2024-09-04T19:35:13.010000 CVE-2024-44821,0,0,ff3428c7064f35632ec8516d4f1ffbf8326fb53cbc8ff73f0451f03ff4bad1c7,2024-09-05T12:53:21.110000 CVE-2024-4483,0,0,d9fadea227cf106e149715592d31bb2d237147d959617b97c9049a0f6f95d28f,2024-08-01T13:59:31.397000 -CVE-2024-44837,1,1,aa232528d672ffea9aad1130f1b32dbe0d70ea6a605d547dc9751c510d261d22,2024-09-06T14:35:11.887000 +CVE-2024-44837,0,1,253c4b98d471b14a46b3f3274bda3284d342567e55e989a3afe5e23485326395,2024-09-06T16:46:26.830000 CVE-2024-4484,0,0,f8c7c7a90ad9fb2504d28a2d6c05b973f8e6ce86f54104c89b314d37b71fcc46,2024-05-24T13:03:05.093000 CVE-2024-4485,0,0,a27e77eb6786137f1ff33a4e5e44b17657a4b120ca60b51b6c6a25a52d6e7411,2024-05-24T13:03:05.093000 CVE-2024-44859,0,0,361e21bdfe4afccedd32d666cb901903834fe5ed28d7a4a2b19923a7bb2e90ef,2024-09-05T12:53:21.110000 @@ -258932,12 +258961,12 @@ CVE-2024-44949,0,0,6aaa0682857021304830f46058e76a9629475e0612eeb15cc3936e646938a CVE-2024-4495,0,0,cb1d8bc801c43f7ab8180176a646c9e39a56603c1305eac804522af3adac0fa8,2024-05-17T02:40:25.167000 CVE-2024-44950,0,0,d3089902efd7e9aab9d892a62faf29027951968ca15a849fa454a848592a1ba2,2024-09-05T12:53:21.110000 CVE-2024-44951,0,0,91785c90cadc8356660ba7fdec9917fa45a207e0be2c7481dad5e2297fb51b52,2024-09-05T12:53:21.110000 -CVE-2024-44952,0,0,3e7f7fc3f19a6b8c8b2ad971400987413f5f03a616833233266eff89d0d21202,2024-09-05T12:53:21.110000 -CVE-2024-44953,0,0,cbaf78facc00ba2382a16f654ddc1a05a298914ec55c1a3c666bb3b29c753793,2024-09-05T12:53:21.110000 +CVE-2024-44952,0,1,6abe9435eb01f0417ea6e45511928e929f498aad7a413484748a480c46e0c4ce,2024-09-06T16:37:38.370000 +CVE-2024-44953,0,1,f2ec50e0309c43f7cf9bb2e776118a51e77c29a5f9b8c0285a1645b3f3d10a0b,2024-09-06T16:37:33.650000 CVE-2024-44954,0,0,31b5dfbb887da799bd2bd3ced4c927fc2ecea3232fc0eafa678eaf39c7e755f6,2024-09-05T12:53:21.110000 CVE-2024-44955,0,0,2a6532accf02411787cbf424bddea1cf6a2c7506af16dac0f1dc27d82c748f26,2024-09-05T12:53:21.110000 -CVE-2024-44956,0,0,7869397996f74394cc4c799fff8f28f6f1ae1bc5584e6a6f4fcfdbfafec4b955,2024-09-05T12:53:21.110000 -CVE-2024-44957,0,0,4765e817cf743edc20709de59d942aadb2406e8cddf770aa33fac73252ab27f0,2024-09-05T12:53:21.110000 +CVE-2024-44956,0,1,6af1a87a6f61cb2e54a20c3401cc5debba4744f6ee0ebb8ac5c756a545a18cee,2024-09-06T16:37:11.777000 +CVE-2024-44957,0,1,e09ae721dc946241eec9f81a8aaa6dbc034c414b1c1b70d35ec2e90777c333a8,2024-09-06T16:37:00.077000 CVE-2024-44958,0,0,49c750c0a9b2f5b7b2c2c67e4181474af81d7c9d2786a41fdac4a4241460e7f1,2024-09-05T12:53:21.110000 CVE-2024-44959,0,0,ce07f05b33b1296682d80c2098d95c4078dc762d4b2d2681cf75b77f51bfb848,2024-09-05T12:53:21.110000 CVE-2024-4496,0,0,6e858d3d5b48b877aff577f900a80fd10c799bd74cdf4188d346fa0d13641a80,2024-06-04T19:20:39.340000 @@ -258945,7 +258974,7 @@ CVE-2024-44960,0,0,987a31728bcd78fdf4111b52e7274a270cfc8db8ae282e2fdf60f5ee873fb CVE-2024-44961,0,0,0e478ffba41ea52197924449673447dd2bbc8d5bc63fd267e662106285f3040b,2024-09-05T12:53:21.110000 CVE-2024-44962,0,0,62f984d94b9c38c66188a73a7cba9ab055d947730f9f25dcfd1ba6d4b898204c,2024-09-05T12:53:21.110000 CVE-2024-44963,0,0,2a9a1dcf88072c0992b95aef60f3dabe7b5cb2ba2989e7d5b5c12170d1463819,2024-09-05T12:53:21.110000 -CVE-2024-44964,0,0,2f11180c5953328396d560d66ad421e009065636b706e723421fd352a4873490,2024-09-05T12:53:21.110000 +CVE-2024-44964,0,1,92da6b1c7506252085cb6ce3b4a63a90bf76ee9c325045a05e219bb266a13dd0,2024-09-06T16:36:45.137000 CVE-2024-44965,0,0,a67ed955c7c9b2e3eef499a286ca4740ad761b25efa52479e58602cb7dd5aca6,2024-09-05T12:53:21.110000 CVE-2024-44966,0,0,d7104e5cb92928ee3834c49471184f77f9ba1bb26484d1483e455fa7aadbae27,2024-09-05T12:53:21.110000 CVE-2024-44967,0,0,89dfada01527c8edfcdf75e8d03ff9e48cea3fb292c10119a2487efa60d42183,2024-09-05T12:53:21.110000 @@ -258972,26 +259001,26 @@ CVE-2024-44985,0,0,89614f0dc5a1bc1e42d274d3ec6531500905f54e1226dc3d0cfa558fdaf45 CVE-2024-44986,0,0,7b1b7f962a5dde2e3112c86530d9327efd0060e0a73a92ec7225981af2f022b4,2024-09-05T17:54:04.127000 CVE-2024-44987,0,0,80c7ee92eb0c64e1bc51cb1cea659b21d515983723260d3a4a67be7790dea749,2024-09-05T17:53:54.687000 CVE-2024-44988,0,0,88c9242491758cb5cb40dacc794baa4f1069a31af76a02349607187c0ed57054,2024-09-05T12:53:21.110000 -CVE-2024-44989,0,0,66cb11edf9d1909542342085f72a5573b26127c4e7900cbcb71ee304cabd5de7,2024-09-05T12:53:21.110000 +CVE-2024-44989,0,1,f232cbe2cf85d26edc47089ff1f523369ffa3f6479342bd09b010a8ff52ddbe8,2024-09-06T16:31:22.253000 CVE-2024-4499,0,0,570303fc4016a4dd92480bffd8c28af92c74f4e1e3602b750ed7335c1012dd3c,2024-06-24T12:57:36.513000 -CVE-2024-44990,0,0,5596a6de7b3ce32365210bb44f806ea44f34fa45a5453f219b86942db0945f17,2024-09-05T12:53:21.110000 +CVE-2024-44990,0,1,87bc0c256d1ef863849319b5a4078ee77f85507d6091a25f9ed554ccb2e112e7,2024-09-06T16:31:12.870000 CVE-2024-44991,0,0,f23c23b71c26972b3340d83e99de181ad1289651fc94dc7dc1ac2f47ac20d2f8,2024-09-05T12:53:21.110000 -CVE-2024-44992,0,0,d7c361e4984c11f6862791382ede40d51127deebbd9fae5325f7a3bee33fad8f,2024-09-05T12:53:21.110000 -CVE-2024-44993,0,0,61d9e27a66fedf1fd65e8ad25b15ef545f43267db17579c4035bf9c78a7533c3,2024-09-05T12:53:21.110000 +CVE-2024-44992,0,1,97ef2dd55e50d283d25cb375a53b1b9e4ced48005c60f251c68cb5bcbe063f3e,2024-09-06T16:29:28.963000 +CVE-2024-44993,0,1,83c20e8055b5f920fb8768cd48edd51dee49d28189ff000654e3b9aceca5b744,2024-09-06T16:28:49.180000 CVE-2024-44994,0,0,077657e93a1c5153a567e0a622109d3f9d5a912137e3785d416b4a628cffcce8,2024-09-05T12:53:21.110000 -CVE-2024-44995,0,0,f74e1be3ab3b188848e3b7ba965cf8c7dadd1b67dd4e80f9241bf7efc8c356bc,2024-09-05T12:53:21.110000 +CVE-2024-44995,0,1,7d1a36abe3b165c53d9619eb103cbadefccba9b4bce35767a085555f4fc3dbaa,2024-09-06T16:28:37.107000 CVE-2024-44996,0,0,f6ac21dbf7ca4e48c96d2f064d3030e3ec7942596ac80f3d42ca724e6f5d9ee3,2024-09-05T12:53:21.110000 -CVE-2024-44997,0,0,c4f12968ddb8e8d0f2ea40a977372f31c0c799d88ab39d50de5abe548e8324fc,2024-09-05T12:53:21.110000 -CVE-2024-44998,0,0,6a504aaf4fa845b067c2321d17033fd8357d4298684ea1f5bddda4136c36910c,2024-09-05T12:53:21.110000 -CVE-2024-44999,0,0,8ccef336ee5544959a53a8ddff12dd0924c582d551ce6a59b504d88cf52ca6c3,2024-09-05T12:53:21.110000 +CVE-2024-44997,0,1,e3f86ed864785c36fda99f43974c4da9bece309546ba3123a45070f74f032602,2024-09-06T16:28:25.183000 +CVE-2024-44998,0,1,40b25cb37bb885401e69911af67b231d0343f60d965743732a0c70cf3b146611,2024-09-06T16:28:16 +CVE-2024-44999,0,1,e380bf728dfa26ece10d7874c8b05bc3764e80af89ddf0e41877fbdc49e455a1,2024-09-06T16:27:51.890000 CVE-2024-4500,0,0,a407be114022fa5d45245610952c429e57739daa41702d131b7165fd39ef277f,2024-06-04T19:20:39.540000 -CVE-2024-45000,0,0,2c0be4e691f519dd141265f06c70a26c4fb13678f8e75581e557ecade1db0210,2024-09-05T12:53:21.110000 +CVE-2024-45000,0,1,79a57d7b11c85e25d75eaa2ad0e074d3c11bd38520cca8fd127bbed6b352c944,2024-09-06T16:27:31.003000 CVE-2024-45001,0,0,c257b8093542d3214f8b8457670ca8ef622c934f177f6cf0e1843db5f562416f,2024-09-05T12:53:21.110000 -CVE-2024-45002,0,0,7365f265cebdeeeace0af406b537b88eee1049b6640d08cf0266f40445abf03d,2024-09-05T12:53:21.110000 +CVE-2024-45002,0,1,e2071222d816d9fc367eba910a87fa209d5c35705a0723b76f0ecea5701cdf74,2024-09-06T16:27:13.727000 CVE-2024-45003,0,0,9a17c6672d49f0a64ef38d9007573bd12c155422950b6ac7943e2a76bc748892,2024-09-05T12:53:21.110000 CVE-2024-45004,0,0,452734981a95050fea18e4e68a9afad7a31ec41d9f67e0aa5e6636a929ebdc48,2024-09-05T12:53:21.110000 CVE-2024-45005,0,0,e451b7c2f4add710887224d994f9dffc8ac56adf3dcc9794335f8f3deeed48af,2024-09-05T12:53:21.110000 -CVE-2024-45006,0,0,6cacce4253b934c99cfc34568aedda38184f70b5be8c633532c070fa60f17ff5,2024-09-05T12:53:21.110000 +CVE-2024-45006,0,1,5452c1a79742ccdebb367ec30c38e9d482e8d0678948443e98ba439908eac48e,2024-09-06T16:26:52.640000 CVE-2024-45007,0,0,9c51cc66379cf576bcd17f9e957329cedbd34ee23634a31bf340e6e230dd369f,2024-09-05T12:53:21.110000 CVE-2024-45008,0,0,37dc0718d2dd8ba9fb7eca159ff733be9b954368896d4dc7e665604ee4c36c7c,2024-09-05T12:53:21.110000 CVE-2024-4501,0,0,3baebe0a469dd4bf55eae5f370777b6e334d89a3883f98b03d03b2205353433a,2024-06-04T19:20:39.640000 @@ -259000,9 +259029,9 @@ CVE-2024-4503,0,0,580a13ae85da881d7284f0e9b163135d237ab58a854d76134955e6cc28d662 CVE-2024-45036,0,0,b93ba1b942c2a90c7150ffd72c683d09bcb868f6dc285088962d5acc53d2e2e4,2024-08-27T13:01:37.913000 CVE-2024-45037,0,0,0a75dee24a9a0746d4b594073f73eebe38a0d6b0ee92331f507c53bf54c314fe,2024-08-28T12:57:39.090000 CVE-2024-45038,0,0,9bc86932f350806c3a4bfe09c65e8bf9ee10a426832d16050cb88cd3f58d1bd8,2024-08-28T12:57:39.090000 -CVE-2024-45039,0,0,8dff50a2b407ef59c03c573a53a6c1d07ac352c0d299898c5535283308bfc0d4,2024-09-06T13:15:04.400000 +CVE-2024-45039,0,1,153a025720324af8a6180ac165aba04bdd8019f56e8ac817b76b7ae2de3e1281,2024-09-06T16:46:26.830000 CVE-2024-4504,0,0,db7504bed7bbf326ed6569d421c20101dbf56fa9ab20eccbe7468f7c026f345b,2024-06-04T19:20:39.947000 -CVE-2024-45040,0,0,f0d49bbb1adcbd0063af224744665e5c90152971b42a20e3b85899112dcb5dce,2024-09-06T13:15:04.893000 +CVE-2024-45040,0,1,b4035d66fbe9be3b1a38a449021b6a22211d9c2e557f22a75464449c4ea544e1,2024-09-06T16:46:26.830000 CVE-2024-45043,0,0,813b7117a1d59d56cbce89ce53b65dfc1ca707523a63233a1be8257ae8cc6c73,2024-08-29T13:25:27.537000 CVE-2024-45045,0,0,c746f1c0e6db0596dc093f08d310bbebe72a6c977f5bda8337efa37c3e8dcc04,2024-09-03T15:13:16.580000 CVE-2024-45046,0,0,de3e74d0bfabac0255c06ca581d92948e03ddaa7217a0f0cf71d9507430ac3e4,2024-09-04T17:32:51.960000 @@ -259019,18 +259048,18 @@ CVE-2024-45057,0,0,9d8b06345321949fa48379fc2183ae1808eec74c9e7dce5df7d16d85f9e3f CVE-2024-45058,0,0,7787e6673db22abfd684889eec25f0d15a1228d1d6048ef359937e89120200d3,2024-08-29T13:25:27.537000 CVE-2024-45059,0,0,1db4a990b2e27521ef605a35909b28cc3d1be1d4c9ec2ad338f6d6fa0c866be3,2024-08-29T13:25:27.537000 CVE-2024-4506,0,0,ddf6bfe33c9fb68b792eae19c37cbcf6030ec7e8a9a0c1f6ead94d2f62170a3f,2024-06-04T19:20:40.150000 -CVE-2024-45063,0,0,2e8a9449f4af8b37051cbdc7be5985df593bee79e2f377e8e2fc65c9ad519861,2024-09-05T21:21:37.113000 +CVE-2024-45063,0,1,33e08634550506363c06b675c8eebdf6582cbbe73548148f8e40aee753dad000,2024-09-06T17:35:18.370000 CVE-2024-4507,0,0,feffcf27ced8e6be5fca9d21b321343c494624929485135b513ee1c93a346051,2024-06-04T19:20:40.250000 -CVE-2024-45074,0,0,2acf4f0c25bbf5eac392bebe7ceb928355c00f7621cfd672d38777710d0e6cb2,2024-09-05T12:53:21.110000 -CVE-2024-45075,0,0,970063a21cc69312ed5905047a4f8f95237496df40f08985a6b50e18ab5ad76e,2024-09-05T12:53:21.110000 -CVE-2024-45076,0,0,0d010c89a424f0e84ebaa9873d815dffe8bb1375c669731f5cae4948fe4c87e7,2024-09-05T12:53:21.110000 +CVE-2024-45074,0,1,410d152e2b1ce535bb792f747dab438d63c99a6f6d04953bcc95f60bfd46ac78,2024-09-06T16:45:32.767000 +CVE-2024-45075,0,1,72725abf8f0bda55b265624cd19c42b954d17e9672b7c19951b6fe04531ef578,2024-09-06T16:45:12.980000 +CVE-2024-45076,0,1,5fb321e82c08a6c58252337bee6e5fcb4b13786a863fe8ca643f04e713d05d32,2024-09-06T16:44:52.310000 CVE-2024-4508,0,0,26388c420646a8ddc4ee2de628a691e0fa51808e2f848ae0f9b7aad58ccb1298,2024-05-17T02:40:26.220000 CVE-2024-4509,0,0,996942a0a2c59f4d53067a2868fbad35944719504585e3998bbd4d788c545588,2024-06-04T19:20:40.347000 CVE-2024-45096,0,0,d4f642a1e6bb8f30a3a63abc6de33d2a734d4a63841c63adbbf0861fc10b1ff8,2024-09-06T12:34:17.957000 CVE-2024-45097,0,0,66f33176e0c07f5466116654bcd7c2847267016c1af22914a830c235e4290102,2024-09-06T12:51:59.750000 CVE-2024-45098,0,0,d99373b3861e761d69e1423a19b397cd3881f87fabdf54ab0162bbecfa72f038,2024-09-06T13:01:44.023000 CVE-2024-4510,0,0,e609022dce213b03ba687f592023f15f3e261f085d88e9ff14f3b7ffe9969d1b,2024-05-17T02:40:26.417000 -CVE-2024-45107,0,0,5e2ac9906d55f0e5240ab60036468d760c6dd02ed6b1d647a490b90389e8644b,2024-09-05T12:53:21.110000 +CVE-2024-45107,0,1,d5e30880270706ae80f98d427d6a3501f7b9d607b88b780b72f90a000a13f3a6,2024-09-06T16:26:03.440000 CVE-2024-4511,0,0,4d9dcedc762dab13753e2b0a6fba06d0880c8f0afe543668ff587ed1c4cea3d1,2024-06-04T19:20:40.443000 CVE-2024-4512,0,0,26a6b6bccaf4c25a8f55831184ccf900ec4db9044766abdc62f8dfefbc7cb546,2024-06-04T19:20:40.540000 CVE-2024-4513,0,0,6c3f318b0d8a8c538c1f3920692d132bd9a92a5cfece17f174b91ed826f80818,2024-06-04T19:20:40.633000 @@ -259066,7 +259095,7 @@ CVE-2024-45190,0,0,d66cd4c54a74e68d49ead3a1a738b5a5af6006ce6c10ee38db19e97b19943 CVE-2024-45191,0,0,8410bc983e36e5828d4c81d5e10811b72eb1342d768b1b1249b7ba20875ec3a3,2024-09-01T22:15:13.697000 CVE-2024-45192,0,0,5da4aeb150ce1f250e3c04f3741f974ba0c69f3ea24005aed7598a0020d8fabe,2024-09-01T22:15:13.880000 CVE-2024-45193,0,0,1554745324792bf9e818f523be327d3eb138b0a7e9f93b1f1c9abf081b45aade,2024-09-01T22:15:13.943000 -CVE-2024-45195,0,1,6ffd475ceaf8128f565ed8b5cb0ab8e8ef23a6c0d5b146527899f5211dfb9259,2024-09-06T15:35:05.483000 +CVE-2024-45195,0,0,6ffd475ceaf8128f565ed8b5cb0ab8e8ef23a6c0d5b146527899f5211dfb9259,2024-09-06T15:35:05.483000 CVE-2024-4520,0,0,b2949348c863aeabf77cf8262dadc8a1301ac645ed88723ebde503df8cb28e51,2024-06-11T17:02:16.967000 CVE-2024-45201,0,0,83db05d7484ca5c2638e18e64e3b5c06d28a9caaae332ad6d01f844ea902b04a,2024-08-23T16:18:28.547000 CVE-2024-4521,0,0,a1d240438f25322e21494c2ddd2f5ee26b23410f012534bc2c27a0a49b09a860,2024-06-04T19:20:41.223000 @@ -259094,12 +259123,14 @@ CVE-2024-45269,0,0,930c2dda66909b7393cc3daf8d8e0bcb8066c589d45124dd784354d0c2c32 CVE-2024-4527,0,0,c7ad79186f39af6c4287cf90f197f2ec298291b738fc5af7e4ddede8b4e9adfb,2024-06-04T19:20:41.810000 CVE-2024-45270,0,0,c7af37af49333c30529c68858eecc171381f5cb95414149d25997e187a81c107,2024-09-04T11:51:30.887000 CVE-2024-4528,0,0,7b720d00d965c73e07e6aefd4c36ac932b079840a05c5efc530ca8c4800fb595,2024-06-04T19:20:41.917000 -CVE-2024-45287,0,0,b8f5d1a4e2e5997ea2c47b168fd9a9add6545241bf0ce8d4616381f847e8f565,2024-09-05T13:35:02.927000 +CVE-2024-45287,0,1,045bfb0d53167c55abd32c57163028c51920368f50e2cf76774839485016e81f,2024-09-06T16:26:26.303000 CVE-2024-45288,0,0,955296d26f6688a711bb67949962e8bc8a5c80938f39e5cdb2e043fe3c66ded8,2024-09-05T14:35:25.337000 CVE-2024-4529,0,0,5fbb4c14219ef7d51954458b7780a68dbee769876e9489db6e9ba34bd68834fa,2024-07-03T02:07:42.220000 -CVE-2024-45299,0,0,6949881772edebd6b9c3e13d4dce18df4b3e6bef001cad1a646e9b1ac6fc6d97,2024-09-06T13:15:05.253000 +CVE-2024-45294,1,1,aea60512b4d24376f133c23c43cdb7817f0d718abc51286f2a286f4cb6d84051,2024-09-06T17:15:16.977000 +CVE-2024-45295,1,1,9cbcd7c9c4357757a60245b46b7ad7987cdeaebea00bcdcc3890fa90524c0282,2024-09-06T17:15:17.053000 +CVE-2024-45299,0,1,954c7c10e3e27d01c74d7dbf2e119ecf2e67338229cd2f4df8e5453ce4a4b5ce,2024-09-06T16:46:26.830000 CVE-2024-4530,0,0,6b78f15ba2a60e96a20ff176cd49d228ee37f0e30a4b3e696092a717f8a23e27,2024-05-28T12:39:28.377000 -CVE-2024-45300,0,0,0da933355136fae05e1ca75338f285bff861224029440e3ffe2a75dabc63f08d,2024-09-06T13:15:05.537000 +CVE-2024-45300,0,1,16b87f5c0983c10d96a860a768ea4f018c449876fdebfed42bf2eda57fdf4026,2024-09-06T16:46:26.830000 CVE-2024-45302,0,0,81d543b8058ec9a64648a785b7fa014c697fce5846d6cc78b75fe051c3ed2104,2024-08-30T13:00:05.390000 CVE-2024-45304,0,0,1414ce8fe9746c46bc2063f6428cc45402e10f1afbb5a5e378e238c2ed3a1fbe,2024-09-03T12:59:02.453000 CVE-2024-45305,0,0,d8e5983b9530b80332e508eeeefa8750e30400000717cc407d2937a9af13a873,2024-09-03T12:59:02.453000 @@ -259113,7 +259144,7 @@ CVE-2024-45312,0,0,3ab127ae457c159e255763a9cac499b257dedfb3025d06ab78788175895c2 CVE-2024-45313,0,0,7f2c32db2a1d116c11ba8b1d5ff95be26c7a6f4c5dba7ff892eb13c5baf4c8a1,2024-09-03T12:59:02.453000 CVE-2024-45314,0,0,b63eb7e37a749fb3c308d5e710eb140bbcfefc4e3df4519b3385c13ecabef564,2024-09-05T12:53:21.110000 CVE-2024-4532,0,0,4fd2f02f0358f1c611846b77f1b0e80bcb1985e07f23fa6a21a71cc25593500a,2024-05-28T12:39:28.377000 -CVE-2024-45321,0,1,fb18f1dc20e468dc3e9b1a9f0b38a9a704b0b668d302eb3f364e6f7d26aab3c7,2024-09-06T14:35:13.113000 +CVE-2024-45321,0,0,fb18f1dc20e468dc3e9b1a9f0b38a9a704b0b668d302eb3f364e6f7d26aab3c7,2024-09-06T14:35:13.113000 CVE-2024-4533,0,0,aca3a412ead1ce1343d6f498450801be5e059db6302d74881039b5fe75fb6c09,2024-05-28T12:39:28.377000 CVE-2024-4534,0,0,527a3127a7586bdf18d80cd2b5b17fe74ac5ed6a2aa4ee562148173cc1d9d3e9,2024-08-09T19:35:09.923000 CVE-2024-45346,0,0,2f7f906fa8e830e09f5dc1994b30102df77aeab36a86b7c31755a212ce377dbe,2024-08-29T03:15:05.247000 @@ -259133,7 +259164,7 @@ CVE-2024-45399,0,0,a1cf7f5ebf189fb42f167aadd6e82f696503abfd38953cb1d8591d5d8cf1b CVE-2024-4540,0,0,56ac6cff101cc91d96d8daf4bfda0c052b655471dc0698e77d798366d59b9124,2024-06-03T23:15:08.930000 CVE-2024-45400,0,0,e1cbf68a489f22b5a95eced8c7088417f4e5cd32b236fc73a99dbc623ef016c3,2024-09-06T12:08:04.550000 CVE-2024-45401,0,0,6fc32f001fc61968bb9f618abcd6061edaccad267666bcf7a6b24833d7a60445,2024-09-06T12:08:21.290000 -CVE-2024-45405,0,0,586bc54971d05dcddee15980f3c82c87d64b20f9ffd26dfb8d5cb4920d02acf0,2024-09-06T13:15:05.830000 +CVE-2024-45405,0,1,e0983766e4b3d0668ba058c09b44bc2ee123196af9d88b08813ded0853cf5b2e,2024-09-06T16:46:26.830000 CVE-2024-4541,0,0,3195b1a81526d9da93cf28b1e1f763238ece2897561011f493b9a3c77f12398c,2024-06-20T12:44:01.637000 CVE-2024-4542,0,0,188546ca483f93e7131261a5bd57b93b03491de5e62247759ac8c05b93c8f51b,2024-05-16T14:15:08.980000 CVE-2024-45429,0,0,b6682f6c5fc95a0ea1e918cc9175ec1c4ba8aa26e7eab550751e1679316bee68,2024-09-05T12:53:21.110000 @@ -259147,10 +259178,10 @@ CVE-2024-45442,0,0,2c6961d1d58c78433d275cad97385307540e57f4ac06bb8459d4fa71156da CVE-2024-45443,0,0,162552df88a79f08b277538012a14f30ef91af105cdfa5945ebbfc7ec02b8e03,2024-09-06T13:33:10.347000 CVE-2024-45444,0,0,321f9f6e4d1f412085fa1b37c689a5a7d228fe4c829fe455b2d62bd64bdb658e,2024-09-06T13:48:17.260000 CVE-2024-45445,0,0,45a1c87a577b88492ff7122c62a15d952a88af2f589f552d69e64885c645bd1f,2024-09-06T13:54:42.663000 -CVE-2024-45446,0,1,af4d9be5af37ce7556a9f76528c376e7df21ae3230b2a446b998a2c4c80f381b,2024-09-06T14:01:37.120000 -CVE-2024-45447,0,1,b1ca5bf01175d943b0546e709af95ed880695cf0a55c8b64522f7e1c895fa3c7,2024-09-06T14:17:55.720000 -CVE-2024-45448,0,1,baaac6177753b9ef1526bea7e39de3dc043a4ca1913a07543e6e5e11685c2217,2024-09-06T14:24:21.837000 -CVE-2024-45449,0,1,16fcc8f3add1fcba18b36fc04f0c4a19c97d176cb514abd9722e7bafd45dc227,2024-09-06T14:38:08.067000 +CVE-2024-45446,0,0,af4d9be5af37ce7556a9f76528c376e7df21ae3230b2a446b998a2c4c80f381b,2024-09-06T14:01:37.120000 +CVE-2024-45447,0,0,b1ca5bf01175d943b0546e709af95ed880695cf0a55c8b64522f7e1c895fa3c7,2024-09-06T14:17:55.720000 +CVE-2024-45448,0,0,baaac6177753b9ef1526bea7e39de3dc043a4ca1913a07543e6e5e11685c2217,2024-09-06T14:24:21.837000 +CVE-2024-45449,0,0,16fcc8f3add1fcba18b36fc04f0c4a19c97d176cb514abd9722e7bafd45dc227,2024-09-06T14:38:08.067000 CVE-2024-4545,0,0,864a22773c6eaa7a20fdb4cf4c4b7a2709a2c8e64cfe98132d05364d67e97af4,2024-05-14T16:11:39.510000 CVE-2024-45450,0,0,c06e5e6343abf6ab1ba08a36cd39179f5f795e20e409c99cf975d7573fa7a254,2024-09-04T13:05:36.067000 CVE-2024-4546,0,0,da973c82a9042d639d29e7a0c2ffb48d440dea200e6df21027887041c43a68db,2024-05-16T13:03:05.353000 @@ -259208,6 +259239,7 @@ CVE-2024-4572,0,0,6754f54e88e479a744a4367c8d1d2577fd697a90d0783dabcb9fc508df6109 CVE-2024-4574,0,0,5bc00996fe57104150ae610f292ff224de65f0948423aca3282fe7d917884520,2024-05-14T16:11:39.510000 CVE-2024-4575,0,0,9d22d248e877183fb374174504fab6bfc500414f16c234b88b687abe10cd48be,2024-05-24T01:15:30.977000 CVE-2024-45751,0,0,9d644b0c14d0d0ef7e1334ce6c40fff034d24fd661ea8076c5e0aad911a46551,2024-09-06T12:08:04.550000 +CVE-2024-45758,1,1,db5236fa95d35b600ea396ba231e3385b0e33406b7ab4f6fff0ffcefaba254b4,2024-09-06T16:46:26.830000 CVE-2024-4576,0,0,bef0c1eb81bb0f4c3eef72c993d9a673f04f17bc2d954741979507814d4ccd99,2024-07-02T14:41:30.777000 CVE-2024-4577,0,0,b55cac970df35b2daf21f1bc20cfa9dd0965f08c49eae1007fc9a139f9980913,2024-08-14T19:23:47.253000 CVE-2024-4578,0,0,de2bf1ab8b65cf8119579f63d8e64a9383c9519828d1fae8ddac21d6dcb5605a,2024-06-27T19:25:12.067000 @@ -260401,8 +260433,8 @@ CVE-2024-5950,0,0,f2973766f812398c51fdc9e52a19a5f151706c2da451b30e218939a121000c CVE-2024-5951,0,0,6febf2923b11ad8e5c0b580c95ce8478dd937b62c84a55da1a853959f3aac15d,2024-08-07T18:12:55.977000 CVE-2024-5952,0,0,4b0244413edcc544ed5c05479b5dbc3eeb5d75652ce440b39e8ad3eb0aaa28bb,2024-08-07T17:50:09.493000 CVE-2024-5953,0,0,b751d8c3256cadea715af09554e498d62ce421392f8f753ae9bea01ad7d81fc9,2024-09-03T11:15:15.463000 -CVE-2024-5956,0,0,65b2e6d0076fdcfc50a26cdad4c01df6c7f252ab6eb4302ece19d8bcb7f9fb50,2024-09-05T12:53:21.110000 -CVE-2024-5957,0,0,bf5bcb6583fdb2044ed97ff58330d1cb7624eb9f015b3a60658443805c23b9f5,2024-09-05T12:53:21.110000 +CVE-2024-5956,0,1,420ebddf13dc6945f3b24acaba57b0a6b03370d22cfc4e076d52d9e45c18f699,2024-09-06T16:25:19.253000 +CVE-2024-5957,0,1,c06bad62b3a76beb3abdcaffc89e2e904ca620c6e7deccb3fcebfda71eaf22f8,2024-09-06T16:24:23.317000 CVE-2024-5961,0,0,458be8cb6fdb0d558a4d51d11b5f294250dd9695661afd805b88290bb2df249d,2024-06-17T12:42:04.623000 CVE-2024-5963,0,0,a4cccf44b2eb0314cba658473713210aafeaf2066181b69f96f839930da4f321,2024-08-06T16:30:24.547000 CVE-2024-5964,0,0,d6f5f38a4c6449f04f742ee04a5db3f604bc83ddff32647d9051bd1d156e71e9,2024-07-18T12:28:43.707000 @@ -260592,8 +260624,8 @@ CVE-2024-6187,0,0,46a9ddc8bb6bbc4e903f9925f1ffd0840f6c35cdad7ceeddf74058350bff44 CVE-2024-6188,0,0,4625f1b2f464b662fbeded6da9887ec07a27d81c66aeccd1b897d9eab956f4de,2024-06-20T16:15:15.003000 CVE-2024-6189,0,0,2355a57183440873745a58c5ee4255e73d48e3621df08442512d4d5de5154bef,2024-06-25T16:15:25.607000 CVE-2024-6190,0,0,0d9b6329ee32034191535752143a1d403a57031330b300e1c4402182e9e21794,2024-08-21T14:19:02.380000 -CVE-2024-6191,0,0,97e62f49bbf59d417e17e1c185a719d026dd666b9cea29cbaf2df8f078cf498d,2024-06-20T16:07:50.417000 -CVE-2024-6192,0,0,f3fb71ab4261b9f1fe9614be4c3aca69249da1a29d73f44d5548ddecce138315,2024-06-20T18:15:13.337000 +CVE-2024-6191,0,1,330c40649cc23f60ebbd2883bf7c6d69830478bc5c6384deed1ff0d6e2cbc937,2024-09-06T17:01:53.530000 +CVE-2024-6192,0,1,105253632c005c6f5f9f7aec634d59fed0c2132bb8e863fb609377b64752c275,2024-09-06T17:00:18.537000 CVE-2024-6193,0,0,476b924f51226d24001327f060e7c65bf0fd7643e073512f604e9ac2113d6939,2024-08-01T13:52:16.463000 CVE-2024-6194,0,0,f00a226f70ff49a057b84fcaca304b983b6bd1564bd5a99084e1dc1658dc9a5e,2024-08-01T13:52:05.673000 CVE-2024-6195,0,0,d35dc776097027653d4328476e596f9f167a82473590f04576da829da4609970,2024-08-01T13:51:26.273000 @@ -260641,7 +260673,7 @@ CVE-2024-6244,0,0,4cbb950433f554609a829b59a39adf424a1ad2c2835842fe2854036e922c35 CVE-2024-6250,0,0,65144edeea3f44f34a4643fe614f57e1f379d6c9ac265963a9d3e1dd464fb73c,2024-06-27T19:25:12.067000 CVE-2024-6251,0,0,4ff3c6977b6838552fca6fd96450148c0a810a0b49d59064a41fd5d7df8c3900,2024-06-24T12:57:36.513000 CVE-2024-6252,0,0,f925951499780a86ba894fc39baf0f6088fcb6c4e2787ea242a732a2e35ea460,2024-06-26T19:15:14.383000 -CVE-2024-6253,0,0,d70df9ffdc81f7d3511638a8a32373070f208c5646ec9496ca814b85bf15f7ca,2024-06-25T18:15:12 +CVE-2024-6253,0,1,01b6d1d17531ea68c5548dabbc96f038e6efc11a085c095b9b4d1329d8cd997b,2024-09-06T16:57:26.650000 CVE-2024-6254,0,0,fde0fafe626682898f8bbfd16af33ff0c947c80d91ffee5375f17b755d365a35,2024-08-08T13:04:18.753000 CVE-2024-6255,0,0,4b23bc0ba79484acd9ec84f5e33767095b874b70e803764459f9fd056777671c,2024-08-30T16:15:10.467000 CVE-2024-6256,0,0,cd0156365b21d4bea53ae3ad70dcec4b1c8c7fe2a610d4e79db68145fb523cc9,2024-07-12T16:53:35.083000 @@ -260651,20 +260683,20 @@ CVE-2024-6263,0,0,ea6dc54bae9a6133bb18ce010b56ac510f28080d60dc0881662f41b01cd3c1 CVE-2024-6264,0,0,ad70cfe4611bfb10e28e7f1e9ab3f1d3972f21098785857aa1fab5f0efe27af2,2024-07-02T17:57:31.737000 CVE-2024-6265,0,0,31e31d78b3c7a6511102ac434eb579b5f62a9a1e1457304e8802b01e8e49e130,2024-08-01T16:53:56.223000 CVE-2024-6266,0,0,20534bd9562365f2e6a746e76af397ec0ac4597526b88e144b7ab5fafa0d2223,2024-06-24T12:57:36.513000 -CVE-2024-6267,0,0,693665502396a8f2760ff0a194782c5c48821dd90ed508792042af1972e2adac,2024-06-24T15:15:12.093000 +CVE-2024-6267,0,1,33ac6ef4afec730cb116f41e289137ef2658a3490dc4f1e070ef9295b99330a6,2024-09-06T16:56:11.543000 CVE-2024-6268,0,0,e3e35d0049e774331d2151e442525bd992cba867b327c069ba368c32d8bd87bf,2024-06-26T20:15:16.893000 CVE-2024-6269,0,0,5faaf462a19676e34593dd0a0afbe0cb206ebbb8a7e70c532ba34e4117e361f3,2024-06-26T19:15:14.483000 CVE-2024-6270,0,0,afb158e2a27846102675d7c9b52684128d3f9cc58ddd69c86dbb7ca5aa644315,2024-08-05T14:35:08.040000 CVE-2024-6271,0,0,427d631db618dffd77aaff0c6f93b041e9536bc7bd39022d5cb6f3d2036ef186,2024-08-01T14:00:18.090000 CVE-2024-6272,0,0,f7daf3f4a3aace9a87ac703b7515196ea33a67e89fc732d0dfedb60e5408f0c9,2024-08-01T15:35:19.753000 -CVE-2024-6273,0,0,ee5202b6a0bcfc7a40a266aa2aa86d2d546d7d0a335d210650da452fe4ac0950,2024-06-25T13:15:50.403000 +CVE-2024-6273,0,1,d046e8009aa5553aa5bf1fd3a64a9eb55ab80ff6184fba9c23626c1afd5e8440,2024-09-06T16:54:20.973000 CVE-2024-6274,0,0,5445e5244574eb35dee4d3a86757e63aa764a2dd3baf93da96725400aa49bff7,2024-06-24T12:57:36.513000 CVE-2024-6275,0,0,34263dcde8e1b5222af573d3152e1f6b3c783b399a6e9b4a2a7c05be9cba88fa,2024-06-25T16:15:25.923000 CVE-2024-6276,0,0,1def0fac41c30c038718cf9b791387b07e134444c43b5f3644fc93429c2b36c5,2024-06-24T15:15:12.200000 CVE-2024-6277,0,0,d0f7f00d5819b230843407b9bc3f1c7e29ec0322737584d90fb8a2a7a06622d4,2024-06-24T15:15:12.297000 CVE-2024-6278,0,0,fef0d28a31a7314ee6fcb58b59b6730b2b275f5a8f8d33529ccdd59b9724e679,2024-06-24T14:15:13.293000 CVE-2024-6279,0,0,f2caca6d37e74fba33e3ab428913517d72dcdb95f2cf0501739ddd9806dc7417,2024-06-26T20:15:17.003000 -CVE-2024-6280,0,0,6253a77410b62b74de6727f15951d9cf7c735a643bd8fffe051d2d292dc0ad4e,2024-06-24T12:57:36.513000 +CVE-2024-6280,0,1,53e9097fb099dd3ec6185a9b8b59575874e3b050c48e208cc0f20896ca10b944,2024-09-06T16:52:22.133000 CVE-2024-6281,0,0,709a859f49498e3e71bff09d88107556f15663d7c1ae6811fce3a162e288bb4f,2024-07-22T13:00:53.287000 CVE-2024-6283,0,0,84796e0660e5beb3ad885e74e117108f941d8d6090497e3b6867080b852b92df,2024-06-28T13:37:44.763000 CVE-2024-6284,0,0,73ccbe59cd13df171bbc79ab6b910254c728a7cb44133bad73b07b9d4dc26d5e,2024-07-05T12:55:51.367000 @@ -260798,7 +260830,7 @@ CVE-2024-6438,0,0,dda5c3ef0b29175f6296e0b89d7c12c3e07fe51c2f0cc30ea59ffede8f2663 CVE-2024-6439,0,0,17c8c0dedf84f798cc0f5ae1eb12bcfee8d03a9530b75eee07a6ecb983f8a09a,2024-07-02T17:58:39.773000 CVE-2024-6440,0,0,2c5be04f311531a7679fd469afc24458b735968d4c5b698cdcf03804f39d3eef,2024-07-02T17:58:15.410000 CVE-2024-6441,0,0,15383e1684ea64dc1d374e71fe60467b8bfc18bde94b0e73415ebe68688c2118,2024-07-02T17:44:45.700000 -CVE-2024-6445,1,1,16567ab0b3fb9a93fe14c1d341ae72ba8fd54bee773d71d9baca06ce19334323,2024-09-06T14:15:12.683000 +CVE-2024-6445,0,1,939be2821bb3e6e38c9453090ec6defd5bf8ac1efc7595722fac59a1baa14676,2024-09-06T16:46:26.830000 CVE-2024-6447,0,0,45fe1e3b45bb9052a54143ac6931092e1b37ff897cd56aa11e3df59780bc06cb,2024-07-11T13:05:54.930000 CVE-2024-6448,0,0,29c9fba3b86c8e9eb615a2e1f73377ed9eea71e4eb21902a2662b1cd45074970,2024-08-28T12:57:27.610000 CVE-2024-6449,0,0,21995eacdcc0c8443a9e9f3d4edb41f9e9ea5b155f883c2dcc53c4e74b6c4d69,2024-09-06T13:15:06.110000 @@ -260810,7 +260842,7 @@ CVE-2024-6455,0,0,8630ebc1a98e741e91f009e85126d02bca9a8a2c6f3c48f74f4c74c8c868f3 CVE-2024-6456,0,0,985d91070de732475e9817d5c1cb8157cd7895c8a1c97541c28eeac31792dc6e,2024-08-19T13:00:23.117000 CVE-2024-6457,0,0,2021b397e47ab38cda013de2c201fe3ea53b49570246fbb65269f60be90e5ab4,2024-07-16T13:43:58.773000 CVE-2024-6458,0,0,e6f4f9a699790cfa92517dafe90bcdba32232615fceb305817a9ccda94d06fc4,2024-07-29T14:12:08.783000 -CVE-2024-6459,0,0,06c32140b382c3e01dc42c2173fd1ab4e0f89b156db0633d82f3173dc4401e40,2024-08-19T13:00:23.117000 +CVE-2024-6459,0,1,3ff430d736297ca429a1cfcce90a5e73076ed85fd284ad232bec189a59352230,2024-09-06T17:35:18.880000 CVE-2024-6460,0,0,536621846acbd821a16a827f05c4fd3bfa066a90141fb4ddb3b27a641b3113dd,2024-08-29T21:35:12.753000 CVE-2024-6461,0,0,86a214d0c7bd3f57cea37cd567b01f1a0e55f8d4342f6c7c46fd15b8942c8d90,2024-07-03T21:15:04.580000 CVE-2024-6463,0,0,f8d7d80ca565804c0caafdbc8214fe1eca7dc83d43861affc813af07365c0cc0,2024-07-03T21:15:04.640000 @@ -260823,7 +260855,7 @@ CVE-2024-6470,0,0,c9a33c23ec7370c50b4df58ad71ec5e181cf8d29947a984c43804e0a58dc77 CVE-2024-6471,0,0,09d48a1225aac8158aa4c1ca2c8aef77a523ae62ed5b11e34f01b64da625d366,2024-08-23T16:47:32.537000 CVE-2024-6472,0,0,06cfc3c26e9764572c1adb3e446cad13cb9599b02c4c47946f6698a134e25867,2024-08-06T16:31:05.780000 CVE-2024-6473,0,0,9d329dd670917bde4dfbebd26b87a1f0ac64a0b550d97fba6854ff35150aadd6,2024-09-05T14:19:45.153000 -CVE-2024-6477,0,0,af465e59718721c7b727c1ec6a265ade947c829c05464c1090814aa1a74a6b13,2024-08-05T12:41:45.957000 +CVE-2024-6477,0,1,095ad8bec127bb97feb0819e6df5852cd52601b6cc4ba1d92128a3b9897811f6,2024-09-06T17:35:19.087000 CVE-2024-6481,0,0,8a6ed16cb15e9b1be7b8ecc3c869a269748ddec5ecbc3504e8d7f068ea116af3,2024-08-08T14:35:14.190000 CVE-2024-6484,0,0,bc633abd6bfb9da06585afdfb273066dfbc508847026385eb612d46f7c70ed29,2024-07-11T18:09:58.777000 CVE-2024-6485,0,0,b143d2f5de1cad2c57f83d18fe64abfe0ba2da69210341aec4863f07cdd850cb,2024-07-11T18:09:58.777000 @@ -260837,7 +260869,7 @@ CVE-2024-6494,0,0,5d616b6f04502e7b8421d6bcde94ff1c84cc44e101748b87939c18b401c713 CVE-2024-6495,0,0,b5144ce6ead337054723bddaa938cbde5875226dc2ad6f1282d875ef6548d915,2024-07-12T16:34:58.687000 CVE-2024-6496,0,0,4f2145d6969061de095037c65c4c02c00a89d2331ecd0d31a6eacfc030927f42,2024-08-07T14:35:07.403000 CVE-2024-6497,0,0,b980a8afca3367d307f1b8ae084c1de1478e48fcb0a6d42a16be67c3823c34b0,2024-07-22T13:00:31.330000 -CVE-2024-6498,0,0,0f1ed999e5654b64108e6e5c9f85a2f8467da7fabfe3576cf3b3aac330109b23,2024-09-05T15:30:12.140000 +CVE-2024-6498,0,1,1ed281221bc697855933115a42dfe940bdc52a0072d0e3695abed7f798c88ab5,2024-09-06T17:35:19.293000 CVE-2024-6499,0,0,692791d166e405b753065debb373657f70139bba5a26e85530dc737d8a19a270,2024-08-26T12:47:20.187000 CVE-2024-6500,0,0,d6e17cf29259cccc059c07e88e123ff08e9fd8308cfe5e11844bc5a9a1491c18,2024-08-19T13:00:23.117000 CVE-2024-6501,0,0,45d58d6fcd90c3b83531e796541078a549af17f7a81eb1fbfe7d6944aa2bc8ac,2024-07-11T13:06:13.187000 @@ -261097,7 +261129,7 @@ CVE-2024-6888,0,0,7821f6ad756a40ba9974e9367cfa80ba14bf6ad061fb58534103c07dbd9c83 CVE-2024-6889,0,0,0d71ba8db5d6e12f2200830434e214b33ddf0e478787afb192cd93b07991608f,2024-09-04T15:35:26.040000 CVE-2024-6890,0,0,a4b61d6d84db517405e5620d04c7a39034adaee98aaff7a0c1a327ff7affb43d,2024-08-08T20:53:15.917000 CVE-2024-6891,0,0,0319d5fe5c9f95304d92792a4ec9eb62a36bb2ecf00a0444185d206c61336dba,2024-08-08T20:53:26.090000 -CVE-2024-6892,0,0,94014e6ee35e3929306c8f74e16e30b86ead304734b682c8817df82d89ee99e2,2024-08-09T16:35:06.330000 +CVE-2024-6892,0,1,e4d4a45dea5ac3bfd3178aff9cd146ed7228dfe66d6dd24031916d015c098554,2024-09-06T16:33:34.360000 CVE-2024-6893,0,0,07759fcd96135a135ba512fb22253857e5bc78dc38f1fd228c0dfc24706d33b4,2024-08-08T20:53:37.443000 CVE-2024-6894,0,0,9fccc7ee6c25b4dea4174212aeb325748e3072223b078243002cdfe67f15a3db,2024-09-05T12:53:21.110000 CVE-2024-6895,0,0,ba732cd0d0196677d9fba02b4344054d4844d09e5d174114e4dcf4446ecf9262,2024-07-22T13:00:53.287000 @@ -261192,7 +261224,7 @@ CVE-2024-7001,0,0,c36cc44ed743aca43eac7951b6662bd893691f9a45d57142d09098c4fe318e CVE-2024-7003,0,0,c2f51c1b71164a15818ef9209a48a467e859077ffdde417023c4b7a222f91993,2024-08-07T19:52:18.500000 CVE-2024-7004,0,0,579c7092925f522b24930d2f858d246e2f0e8b8814ade95b044da8929a9fa444,2024-08-07T21:32:44.190000 CVE-2024-7005,0,0,50047c6e5a9aa1663d251a4f8d2f7feee05d4f308668b613173701adaf5c68b3,2024-08-07T19:56:48.777000 -CVE-2024-7006,0,0,8bd270169275c3a939797d8747668648b93c090c3795f1c0651d8a42df1da8fb,2024-09-04T23:15:12.977000 +CVE-2024-7006,0,1,407596314396364e4943bbca86287583cbccbfd5ef54346220152eb6a6a02378,2024-09-06T17:15:17.387000 CVE-2024-7007,0,0,6c2603aae32d52f56620cb62e82bb337e026d3d4a4716b72dab9674c5cf4b216,2024-08-26T16:40:44.500000 CVE-2024-7008,0,0,e9008eac80639f6b75fc8244a6b0baab3d6a7fa095b7e9aa58d7626a117a490a,2024-08-19T17:19:25.390000 CVE-2024-7009,0,0,63b067a161bbf9c0630f63b1d51ac801565652e58cd58fdd4516392106a400e2,2024-08-19T17:18:50.290000 @@ -261517,7 +261549,7 @@ CVE-2024-7485,0,0,0b34fc91c3d825ea4087a792a0e5c6d839cf66a581a05d0c60df64b0af48f9 CVE-2024-7486,0,0,e2579b82a31704160b51da6f8b3285ef5bff1d765f5e0369c7378c4f856658fb,2024-08-08T13:04:18.753000 CVE-2024-7490,0,0,2dbd6717a12bca522d1065ac017f63874351831b0b05b9f6e750116d667cf962,2024-08-12T15:22:20.267000 CVE-2024-7492,0,0,6476a74ce2975ad097c7a45c1f2f905cc77480bec2260de48447ae3a8b41df62,2024-08-08T13:04:18.753000 -CVE-2024-7493,1,1,3983f8f12bcdac52d18ee94fdbe74777367d291efcf4374db0d074a462506bb4,2024-09-06T14:15:12.860000 +CVE-2024-7493,0,1,4ca46098f98491e9403ec1a93ebac88b92cb0f8e17ac8e30b82e93cabc942eb5,2024-09-06T16:46:26.830000 CVE-2024-7494,0,0,3a598ade67522bffd51a3365723ddb5bff4182d602034c8ec8df719958075683,2024-08-19T17:34:50.933000 CVE-2024-7495,0,0,c193334e09e583bf41cda7d073dca2acbe46aabc3be2513a6c4a0be4587cb1db,2024-08-19T17:10:27.693000 CVE-2024-7496,0,0,427bcb1106924d8f1bd58fd00923557097983d876631b3e46ebbaafc9076bb1e,2024-08-19T16:48:09.717000 @@ -261595,7 +261627,7 @@ CVE-2024-7590,0,0,7c97d5aae327ca695e1cd419af58bc8aaacb7517411055405e5e64d98b0261 CVE-2024-7591,0,0,93e76a9c527669096be2abfdb6462a0311db24e202fd8d23d80d88ff40dd1ed7,2024-09-06T12:08:21.290000 CVE-2024-7592,0,0,af44aafcb14e521ee1ae85082a6a487c5d017e994f40b59b2c958cad447a75f0,2024-09-04T21:15:14.643000 CVE-2024-7593,0,0,2efb8857fe8e314338e0788060f0e22f0d56642d5618c3e3d62e70b5e7e24bac,2024-08-14T02:07:05.410000 -CVE-2024-7599,1,1,d2cfbe8b9504a24c243969ff7e7c7980806c2c4d9052825181e0fce0f65f025c,2024-09-06T14:15:13.107000 +CVE-2024-7599,0,1,a956cdc05d3339353d73900769844a6746f6caba229f81de6c9855b66ed02e8f,2024-09-06T16:46:26.830000 CVE-2024-7600,0,0,456ca552c9a809b72d1cc9f2b35e12282778424a2ecdfd82d7e98a6e39cd97fa,2024-08-23T16:35:31.137000 CVE-2024-7601,0,0,db9958425836572eda0b52c7e651aff0e41e4dc47ec55ea348bc5752e1b198d2,2024-08-23T16:35:52.383000 CVE-2024-7602,0,0,1295ede0549ca488da522cbefe2db5abad88498e69c53af1f38f0ee81eb69b62,2024-08-23T16:36:11.690000 @@ -261606,14 +261638,14 @@ CVE-2024-7606,0,0,d1994339c445d05a7d0516150729b84de3d1d7c8a4d08e8012b40ecbd6deed CVE-2024-7607,0,0,1fc6dc2de47de502ba4dba054f1982731028b52bc9234ef0062aa94d686e06ad,2024-08-30T15:41:02.407000 CVE-2024-7608,0,0,b8872988f702757177432eab77e95a14e7cc629ce3c064dd49371a09c8fc5a16,2024-08-28T12:15:06.900000 CVE-2024-7610,0,0,b0ce86cdbef2b0081b727d87f884505d4aea23572226b0988a51de68f40b68a6,2024-08-29T15:45:27.523000 -CVE-2024-7611,1,1,bf291dbcbb039addec6a2c6c79a7915577b4807ea6d2d84fb3da08156a618706,2024-09-06T14:15:13.330000 +CVE-2024-7611,0,1,db70058b6397d742564fc21e6b8d970c1b2568cab38c9220600047b13074fed8,2024-09-06T16:46:26.830000 CVE-2024-7613,0,0,595ae1d3f56b81eeb34ef1e184ddf7962f3a8fbfc042ff77a8fcf0bd3f10f263,2024-08-21T18:47:11.523000 CVE-2024-7614,0,0,70ea68e630891f9909a0a8afd3fe5566dad840edc8df033b5c308064cf074a69,2024-08-21T18:48:47.273000 CVE-2024-7615,0,0,bdb4e2a47bb0b635ad5424e7dee382fdbc667ab1983b9e7b4b79b80817773efa,2024-08-21T18:48:19.590000 CVE-2024-7616,0,0,240142a7cf93711d379b14c2a6284d004fd0a2d1c674fc02d32efdd57aa3e2bd,2024-08-13T16:59:39.517000 CVE-2024-7619,0,0,52e157835f9b49014d03653876a6177ba54feacc6eb580f7a52506ce1aa54bb3,2024-09-03T18:15:09.223000 CVE-2024-7621,0,0,07161284faa2eb0637370b6ff462e631787a37850cefb6ac5fa6750545dd7050,2024-08-12T13:41:36.517000 -CVE-2024-7622,1,1,cad29f0e85c68145b0137f39a5c768eea33e114cdeca8620411f143343f84ae8,2024-09-06T14:15:13.553000 +CVE-2024-7622,0,1,41080b8f1642847053c248a2e34bb5df066f530f68fb68bf2bfb90777306d338,2024-09-06T16:46:26.830000 CVE-2024-7624,0,0,c87cdcd90fb34d1c79e4bedcfe521cd45a7c97d88fc176665ac59544b2fffb63,2024-08-15T13:01:10.150000 CVE-2024-7625,0,0,cf7951ec684c41cac7f2f6e12b1507a1eac20d5a4914135abea68670c2031228,2024-08-15T13:01:10.150000 CVE-2024-7627,0,0,af96392fc36e867c15605b6e1dc599aeac0b5c5d59eb872427406ab6bc591879,2024-09-05T12:53:21.110000 @@ -261666,8 +261698,8 @@ CVE-2024-7686,0,0,f064743866c554c4f2e90ed0b10058d3ac9c7fa057a74b3ddc10388a40d223 CVE-2024-7690,0,0,d641c397b389582990875041f83e3f7cf4b821780cef851109280aeeabb26909,2024-09-03T14:35:08.507000 CVE-2024-7691,0,0,be3e7969d66daef31c8f4d2ca08f6fc545d3ce4a9f5e0f354c807322de787fd3,2024-09-03T16:35:11.383000 CVE-2024-7692,0,0,53a3a528e0e26eebc3a24b8375fbb7b9fd52b7aeb81816897422b7295867b483,2024-09-03T16:35:12.363000 -CVE-2024-7693,0,0,f2cd1103366bcfd179be09779784b86ac2f98679921c4f629dd8dbd0c14eefbf,2024-08-12T13:41:36.517000 -CVE-2024-7694,0,0,7ad6784b26040f06619a4364e66ebaeeebc13317865a5794a53c5e6dcb080aaf,2024-08-12T13:41:36.517000 +CVE-2024-7693,0,1,8f49e917567dbf3d83b8fab0c0f87defce06a4391222113e25ab3be3d08b6e06,2024-09-06T16:51:35.647000 +CVE-2024-7694,0,1,915a620e49de11e538187b87ae1859b4dd8b81a9c117898d10d07c783b69fb2e,2024-09-06T17:24:42.573000 CVE-2024-7697,0,0,ec740217e8324af4933e81b05285aef1954371b3c254be0eabb50b05e6bbef72,2024-08-21T06:15:13.187000 CVE-2024-7700,0,0,3e081f65a743f7c2243d16cda14609415c7128fbdf01790b4350a9589b48c796,2024-08-12T18:57:17.383000 CVE-2024-7702,0,0,35104b2d835bcff771d3508b754ac4f00b960fb6fd0cdfa84ab47a794def21ca,2024-08-26T18:15:46.870000 @@ -261886,11 +261918,11 @@ CVE-2024-8106,0,0,918839130e1d38968c976a0bfdbedb93d4d38744e55b3c51d6882ceb90663b CVE-2024-8108,0,0,60015ebbd181aea00918abf3b3af4bc88fba5109d0b4aa167c5902152afce1db,2024-09-03T12:59:02.453000 CVE-2024-8112,0,0,53bc9e4fb84bb028363b46c3cb18428063770b5e5c085f93ec85e24d18222c0b,2024-08-23T16:18:28.547000 CVE-2024-8113,0,0,663828d204cb9ecb17f530ae295b4541dee23e7a4b7b9d658530d5cb44ff87e3,2024-08-23T16:18:28.547000 -CVE-2024-8117,0,0,3304f3a8e649018272c617d5a4c22042deb493552acdfb80f1b6c94a1d472f49,2024-09-04T13:05:36.067000 -CVE-2024-8119,0,0,de71332bbf2daa535714ab7c6635b40b17fee9eae8063b754941246023647aec,2024-09-04T13:05:36.067000 +CVE-2024-8117,0,1,8911918cea1d80613ef158836fc25c8d180447229a308c8b8d66c79bd51e5356,2024-09-06T16:04:23.413000 +CVE-2024-8119,0,1,209c67cb8bfc8afcb7a4732dcac7c96ef9caf231c5c5c990646aa6c9fa168084,2024-09-06T16:11:02.370000 CVE-2024-8120,0,0,01c88c2799a0f705aef2a62e6160ed1b8715b8884806e83ea99e7deea744cebf,2024-08-26T12:47:20.187000 -CVE-2024-8121,0,0,b80dfa5aa35e220dcd36f253d48d989dd2c56c8b0ff45638f2b63fdf32130eb6,2024-09-04T13:05:36.067000 -CVE-2024-8123,0,0,1fa10852b0c44f9e6a0a92aac1a13bc404f38a6cc3179f59936ca29f0c28ac97,2024-09-04T13:05:36.067000 +CVE-2024-8121,0,1,ff1e52368219900437efe7b0d09c59c3cd45c1a8ee1d51b7c00a17f9caa0d460,2024-09-06T16:20:59.767000 +CVE-2024-8123,0,1,0c7aca2112819fbb5f60b01b3de749c0321788022ccd287129bcc300c493718d,2024-09-06T17:20:28.600000 CVE-2024-8127,0,0,5102baf959cfebdfcce1f9ebf5537e39c68d598c19a75f9e8284fbe283c6efe3,2024-08-27T14:53:45.257000 CVE-2024-8128,0,0,d07e75d47fb86cf66a48a7ed0955a75ebdca9af77e0b6c43500f577ad4f51a7f,2024-08-27T15:32:47.997000 CVE-2024-8129,0,0,39dbf19e98dba6341432a7bc1b8c1b6b77a667d2938ed3ce971d1f146a38e875,2024-08-27T15:33:23.187000 @@ -261932,8 +261964,8 @@ CVE-2024-8171,0,0,799233d1b504a7fe9d2115d4edb9b50fc766ecc29c803bfb00827a455960ad CVE-2024-8172,0,0,0f560f815e4f982c5fa8dce4e33b1159bf9bccf943a059983fd049dd30da680a,2024-08-27T16:01:35.047000 CVE-2024-8173,0,0,50ae04f881a2d18920200f91fab2c91cb50ce1f1b838a9340ca053dbaf5dd83c,2024-09-05T18:39:00.950000 CVE-2024-8174,0,0,8543f0d8f92ea7727c4605df4b165224a3b6d137f11ee710b81d48c311ac7b21,2024-08-27T14:32:08.607000 -CVE-2024-8178,0,0,2a2797f6457c9a816d7cd4650d8d0f80ee22a85af7d3d544cabca5e14371a945,2024-09-05T21:21:06.637000 -CVE-2024-8181,0,1,493690832b830d715024bac2c57cbeb9d316626844b43ee44a3d0839b5d01d36,2024-09-06T15:35:07.267000 +CVE-2024-8178,0,1,ba572c1f8157c41d405fb002c7b6f163f2d56dcc78fed52d2bcc31657caf5604,2024-09-06T17:35:20.203000 +CVE-2024-8181,0,0,493690832b830d715024bac2c57cbeb9d316626844b43ee44a3d0839b5d01d36,2024-09-06T15:35:07.267000 CVE-2024-8182,0,0,9ca161eed16086dd999c3dcdddb12be07c44a0882f46a0d2167122ca829615b9,2024-08-30T13:53:52.197000 CVE-2024-8188,0,0,bf948f939efb55d2700c81c8fb5cefa3fc31038462bfeb7ac3e161719faca6b2,2024-08-26T20:15:08.760000 CVE-2024-8193,0,0,2f2a75e240e354e8f0e14f5f9d5e6a02eb535e669399224b9d10e7e4f72f0d51,2024-08-30T15:52:33.747000 @@ -261983,7 +262015,7 @@ CVE-2024-8294,0,0,76cafe7a1838d9cd0244706a299f12cd4ba69ef653952654db2fa070ca07bd CVE-2024-8295,0,0,907331a3a97a6618443e3aff92f4e758c3135b25ca0d9fb01d74d067e9cd6716,2024-08-30T15:37:41.510000 CVE-2024-8296,0,0,e31c225486c181d770097ee2f86386b9a5d776a033c8c4a5860d3ba550c9de51,2024-08-30T15:36:36.383000 CVE-2024-8297,0,0,cc2df51be4ac5261775d9a448c17018496059825966f6585d5dfd052f6e898fe,2024-08-30T15:28:50.863000 -CVE-2024-8298,0,1,b6e0265f7e06064f96a4b1454f4843c935b76c78438dc3aea3b160aebd5f455b,2024-09-06T14:53:06.890000 +CVE-2024-8298,0,0,b6e0265f7e06064f96a4b1454f4843c935b76c78438dc3aea3b160aebd5f455b,2024-09-06T14:53:06.890000 CVE-2024-8301,0,0,517ca402c22af2219c7d5e72c26f25471bc06be609f1fc004544a29726452fb8,2024-08-30T15:24:09.830000 CVE-2024-8302,0,0,bda50b555854cd31882c0ef2167f779bd3ff1746a67f4e225a03fe8a32f42f3f,2024-08-30T13:00:05.390000 CVE-2024-8303,0,0,7d291660edacb98ef58ef33c4f7785c68c1ad74e546b2f9d99bc765dad9ef6ed,2024-08-30T13:00:05.390000 @@ -262024,16 +262056,17 @@ CVE-2024-8370,0,0,64120d391bac6f64ab186b0c09a7545128a19dc5df44f367c6d51bbce7b58a CVE-2024-8371,0,0,7b748619aff48ca851aaa4522abab6772c72472a7e35dd23e50368b3e3907681,2024-09-03T13:15:05.500000 CVE-2024-8374,0,0,4f80f55becbb7c7a1bdcff55c8c8caebb4200525c557f5f15c3a81de804dfdac,2024-09-03T12:59:02.453000 CVE-2024-8380,0,0,036c8c11a05ec98776794766e58c3583b3eabb4c67c37c1216e0519e7baf5609,2024-09-04T14:58:49.450000 -CVE-2024-8381,0,0,873ddabbe1ea7126699754013df74027e5a6b78d9bcb49c6bbca3db63c8f7e51,2024-09-04T15:02:54.417000 -CVE-2024-8382,0,0,4497b58a7dd538aed67e17ea3178c7d765a561d529d3de9c16c2a182286aedbd,2024-09-04T15:10:09.713000 -CVE-2024-8383,0,0,d0679fa9efa3791de0cf5eecfd2e51e64b58b0dddec9290ff1b20bea9ada9093,2024-09-04T15:09:52.937000 -CVE-2024-8384,0,0,b7c733fd8d78e29ce6154a2d6a01411ee3aaf60c3d431c3394eaf21030291575,2024-09-04T15:50:28.300000 -CVE-2024-8385,0,0,ff4ba23b943024fe5e860de5aec53eac4c6926e2cd7431bde2616351cf7794bb,2024-09-04T15:43:57.797000 -CVE-2024-8386,0,0,98c8b0053aadc06b4825adcb2958d67457b6ae5e5478d1432e7a1db07426ffc7,2024-09-04T15:44:30.137000 -CVE-2024-8387,0,0,cccfa2a9463c00af390408978c7133aa456cc8cd4e2c49e9e0114842d3fd1cfb,2024-09-04T15:44:52.153000 +CVE-2024-8381,0,1,71cd6342a2b6c00c154431956e1e93b11926fd4f87284990ba91ff899e315a4c,2024-09-06T17:15:17.573000 +CVE-2024-8382,0,1,6313fe051491464f5060a11c4fbfc0623b9d0d82cc5fbeccd812557ff3cd8b8d,2024-09-06T17:15:17.677000 +CVE-2024-8383,0,1,84d489e7850eb38748c7ec770ce0c397ce0b113f98a548454271b27bf9d85786,2024-09-06T17:15:17.750000 +CVE-2024-8384,0,1,7f643a14ceffced6d0d3e99b7b5797044b595379fd33f7956a2ce3d49b93443c,2024-09-06T17:15:17.847000 +CVE-2024-8385,0,1,872fe06c6b294313fd73974851ece3a7b150af3cd55f8851236acdbb2fa92f66,2024-09-06T17:15:17.980000 +CVE-2024-8386,0,1,8b34d4ba1d63296afda5e75e2a105c44c8fe2c828a5521a3c426a1f456b14da0,2024-09-06T17:15:18.147000 +CVE-2024-8387,0,1,0236f6236e30b259f0ad5d7ef58b73e88f9716952aaecf201cfb31f83aed0c30,2024-09-06T17:15:18.253000 CVE-2024-8388,0,0,c9864eb6d3c315590c52d0b0a1a482222ad75576dc8d176a33dcc59976d2f97c,2024-09-04T15:49:19.170000 CVE-2024-8389,0,0,b86f9dffcb24008ea2fc4581b98019930f23a761524133d12e1b7b2aa1f8008a,2024-09-04T15:50:02.933000 CVE-2024-8391,0,0,6ffd51df6432b1e5cadf1919587edc296707fce8f9413505ec3bec8317c9d0a8,2024-09-05T12:53:21.110000 +CVE-2024-8394,1,1,9662986a567095cc393d0f5c2428dfe7850677529e45de771a4f2d8d27da2913,2024-09-06T17:15:18.360000 CVE-2024-8395,0,0,10c6e3be3a1861aa869e0c4efda44dd094344a7e5d86fc81c1f9f94b8a222ae9,2024-09-06T12:08:04.550000 CVE-2024-8399,0,0,3faa142573b2658da1828ae3d2ac176955aecf342f632daae5bde690c496cf4c,2024-09-04T13:05:36.067000 CVE-2024-8407,0,0,190893f5b3da05c3b04f6347e8d36e88eb22b5329ec3a82949674ad3abb1a15d,2024-09-05T14:48:28.513000 @@ -262043,15 +262076,15 @@ CVE-2024-8410,0,0,2e5ace471a9894647ef29b6ebd87c70c70869b886444866dda4ae993cd050d CVE-2024-8411,0,0,b4f7e89f5a480939e3a01a132dc8fe8e09d6e0d2ced62a743c053df55b7374b3,2024-09-05T14:19:38.377000 CVE-2024-8412,0,0,d0351d4c1c74894581bf0ef5deff245493bcbfdb0a46fd49491e896953e0c3d1,2024-09-05T12:53:21.110000 CVE-2024-8413,0,0,c7339b673131014f9dfb6c78c5b0192adccb852147a0c7cbd0ff5fa07a785425,2024-09-05T17:40:36.953000 -CVE-2024-8414,0,0,c7a278942d1133117f185ab4b3c94fa3f349e952cb00264f39f6a8b179d4c200,2024-09-05T12:53:21.110000 -CVE-2024-8415,0,0,d8c5585e64bc4323fcda510a16df97bcb1ec11253c5d38c080bb7195e38687ce,2024-09-05T12:53:21.110000 -CVE-2024-8416,0,0,c7d13bc001a0210b2e719e08e8651ac5ae2e4ed0ee9e6e0088ac4a7e467de1ca,2024-09-05T12:53:21.110000 +CVE-2024-8414,0,1,40169a23a4033486754844c64fbfe06d703efd0c5e76953cc0d7fdb87952af16,2024-09-06T16:44:04.583000 +CVE-2024-8415,0,1,ab2184731c9f97a955dc07eba7cdff71ad9ccc33249e750d3db8dd063bdd30fc,2024-09-06T16:40:06.120000 +CVE-2024-8416,0,1,135a04ecfe4373dd7e99d043d76128d31e33f9197f002be9000b3ee4a6fb8417,2024-09-06T16:38:44.053000 CVE-2024-8417,0,0,a9619e26c595954087d9c9b458e78703071fbd5bf87ff4a22ec6d8ecc7076fcb,2024-09-05T12:53:21.110000 CVE-2024-8418,0,0,f7342b1aaf36f471815aa50c659bed6ce97deba1a8dc8297ac025dec31c9e421,2024-09-05T14:18:49.537000 CVE-2024-8427,0,0,1d0d7daf1e8474e50325418d52e79c4545246c244dd6a29747e6934be9944c58,2024-09-06T12:08:04.550000 -CVE-2024-8428,1,1,48e8956360ad489ac607d313b2c10fa73efbec1a6a07f94a1767a2771b07c260,2024-09-06T14:15:13.823000 +CVE-2024-8428,0,1,32f99662d2ff0a82eac2c387b5879cdce3b74766786e4d561b16e1b245df448a,2024-09-06T16:46:26.830000 CVE-2024-8445,0,0,11be885f11a2f2b8a202932b0e16edeb442a7212afe3a0c8e195900656f3fddf,2024-09-05T17:44:56.007000 -CVE-2024-8460,0,0,9f3f8eceb3112773f2710cd04ce3ea02c4b8eea37add051a54caa5d3f11f68a4,2024-09-05T12:53:21.110000 +CVE-2024-8460,0,1,21c8cc38664ba19f902747cfc2492ea27c718e3ca35401645ae4d1c6ff7413b5,2024-09-06T16:30:54.027000 CVE-2024-8461,0,0,e49804a708251a77ac276dc2c87288b6f990bf8f9a9704c388f55d96a1de96d3,2024-09-05T17:45:07.877000 CVE-2024-8462,0,0,8682862ce3f64006ead2b5107e241d40db31c5fa4d83c6d6ef7e924f1f4b5669,2024-09-05T17:45:07.877000 CVE-2024-8463,0,0,f4cdf675d6b0eb7f01f77f31a8fd89b2a766f7cce7cb1cccf094868a09c458d5,2024-09-05T17:45:07.877000 @@ -262066,3 +262099,5 @@ CVE-2024-8471,0,0,d4cac4daadf018326a13905f788e8fc27e503497a3cff6ab0ea980773a6f76 CVE-2024-8472,0,0,a896e0fd54ff62d16feed47be0f08dd27e23a8a4def269ca8073766b75918cef,2024-09-06T11:44:34.543000 CVE-2024-8473,0,0,0d318dfea88475fed5cabdbe761e188358c3ae35cd6d226ef3fe46f2f9041c00,2024-09-06T11:44:45.017000 CVE-2024-8480,0,0,6f63c0c2b913be669f1e72f74bb0555ea9046fdf00f5eabae51a6bc6bb95358b,2024-09-06T12:08:04.550000 +CVE-2024-8509,1,1,607386a7561a0cf76a75ba79c4a5e02f31641d78da4de1b4e77855ea4dab4759,2024-09-06T16:46:26.830000 +CVE-2024-8517,1,1,1628e737f0fcbd77974e159f81779c83f91f4a793640e8505b34b5ee35dfa2f5,2024-09-06T16:46:26.830000