admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-06T11:00:26.647805+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-06 11:00:30 +00:00
parent 3283647034
commit a503940f45
15 changed files with 768 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
CVE-2022/CVE-2022-36xx/CVE-2022-3647.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-3647",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-10-21T18:15:10.183",
"lastModified": "2023-11-07T03:51:34.463",
"lastModified": "2024-02-06T10:15:08.497",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in Redis. Affected is the function sigsegvHandler of the file debug.c of the component Crash Report. The manipulation leads to denial of service. The real existence of this vulnerability is still doubted at the moment. The name of the patch is 0bf90d944313919eb8e63d3588bf63a367f020a3. It is recommended to apply a patch to fix this issue. VDB-211962 is the identifier assigned to this vulnerability. NOTE: The vendor claims that this is not a DoS because it applies to the crash logging mechanism which is triggered after a crash has occurred."
"value": "** DISPUTED ** A vulnerability, which was classified as problematic, was found in Redis up to 6.2.7/7.0.5. Affected is the function sigsegvHandler of the file debug.c of the component Crash Report. The manipulation leads to denial of service. The complexity of an attack is rather high. The exploitability is told to be difficult. The real existence of this vulnerability is still doubted at the moment. Upgrading to version 6.2.8 and 7.0.6 is able to address this issue. The patch is identified as 0bf90d944313919eb8e63d3588bf63a367f020a3. It is recommended to apply a patch to fix this issue. VDB-211962 is the identifier assigned to this vulnerability. NOTE: The vendor claims that this is not a DoS because it applies to the crash logging mechanism which is triggered after a crash has occurred."
},
{
"lang": "es",
@ -37,7 +37,7 @@
"impactScore": 1.4
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -56,11 +56,36 @@
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:P",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "HIGH",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.8
},
"baseSeverity": "LOW",
"exploitabilityScore": 3.2,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
@ -98,6 +123,10 @@
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.211962",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.211962",
"source": "cna@vuldb.com",

75
CVE-2023/CVE-2023-45xx/CVE-2023-4503.json Normal file
View File

@ -0,0 +1,75 @@
{
"id": "CVE-2023-4503",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-02-06T09:15:52.407",
"lastModified": "2024-02-06T09:15:52.407",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-665"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:7637",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7638",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7639",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7641",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4503",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184751",
"source": "secalert@redhat.com"
}
]
}

63
CVE-2024/CVE-2024-06xx/CVE-2024-0684.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-0684",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2024-02-06T09:15:52.643",
"lastModified": "2024-02-06T09:15:52.643",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the GNU coreutils \"split\" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "patrick@puiterwijk.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "patrick@puiterwijk.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-0684",
"source": "patrick@puiterwijk.org"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258948",
"source": "patrick@puiterwijk.org"
},
{
"url": "https://www.openwall.com/lists/oss-security/2024/01/18/2",
"source": "patrick@puiterwijk.org"
}
]
}

55
CVE-2024/CVE-2024-236xx/CVE-2024-23673.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-23673",
"sourceIdentifier": "security@apache.org",
"published": "2024-02-06T10:15:08.833",
"lastModified": "2024-02-06T10:15:08.833",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nMalicious code execution via path traversal in Apache Software Foundation Apache Sling Servlets Resolver.This issue affects all version of Apache Sling Servlets Resolver before 2.11.0. However, whether a system is vulnerable to this attack depends on the exact configuration of the system.\nIf the system is vulnerable, a user with write access to the repository might be able to trick the Sling Servlet Resolver to load a previously uploaded script.\u00a0\n\nUsers are recommended to upgrade to version 2.11.0, which fixes this issue. It is recommended to upgrade, regardless of whether your system configuration currently allows this attack or not."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@apache.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/5zzx8ztwc6tmbwlw80m2pbrp3913l2kl",
"source": "security@apache.org"
}
]
}

55
CVE-2024/CVE-2024-239xx/CVE-2024-23917.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-23917",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-02-06T10:15:09.280",
"lastModified": "2024-02-06T10:15:09.280",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-288"
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
}
]
}

55
CVE-2024/CVE-2024-249xx/CVE-2024-24936.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24936",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-02-06T10:15:09.553",
"lastModified": "2024-02-06T10:15:09.553",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
}
]
}

55
CVE-2024/CVE-2024-249xx/CVE-2024-24937.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24937",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-02-06T10:15:09.957",
"lastModified": "2024-02-06T10:15:09.957",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
}
]
}

55
CVE-2024/CVE-2024-249xx/CVE-2024-24938.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24938",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-02-06T10:15:10.303",
"lastModified": "2024-02-06T10:15:10.303",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-23"
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
}
]
}

55
CVE-2024/CVE-2024-249xx/CVE-2024-24939.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24939",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-02-06T10:15:10.603",
"lastModified": "2024-02-06T10:15:10.603",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was possible"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
}
]
}

55
CVE-2024/CVE-2024-249xx/CVE-2024-24940.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24940",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-02-06T10:15:10.960",
"lastModified": "2024-02-06T10:15:10.960",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.3,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-23"
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
}
]
}

55
CVE-2024/CVE-2024-249xx/CVE-2024-24941.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24941",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-02-06T10:15:11.183",
"lastModified": "2024-02-06T10:15:11.183",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In JetBrains IntelliJ IDEA before 2023.3.3 a plugin for JetBrains Space was able to send an authentication token to an inappropriate URL"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
}
]
}

55
CVE-2024/CVE-2024-249xx/CVE-2024-24942.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24942",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-02-06T10:15:11.590",
"lastModified": "2024-02-06T10:15:11.590",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-23"
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
}
]
}

55
CVE-2024/CVE-2024-249xx/CVE-2024-24943.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24943",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-02-06T10:15:11.837",
"lastModified": "2024-02-06T10:15:11.837",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In JetBrains Toolbox App before 2.2 a DoS attack was possible via a malicious SVG image"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
}
]
}

28
CVE-2024/CVE-2024-251xx/CVE-2024-25140.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2024-25140",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-06T09:15:52.827",
"lastModified": "2024-02-06T09:15:52.827",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under Trusted Root Certification Authorities with Enhanced Key Usage of Code Signing (1.3.6.1.5.5.7.3.3), valid from 2023 until 2033. This is potentially unwanted, e.g., because there is no public documentation of security measures for the private key, and arbitrary software could be signed if the private key were to be compromised. NOTE: the vendor's position is \"we do not have EV cert, so we use test cert as a workaround.\" Insertion into Trusted Root Certification Authorities was the originally intended behavior, and the UI ensured that the certificate installation step (checked by default) was visible to the user before proceeding with the product installation."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/rustdesk/rustdesk/discussions/6444",
"source": "cve@mitre.org"
},
{
"url": "https://news.ycombinator.com/item?id=39256493",
"source": "cve@mitre.org"
},
{
"url": "https://serverfault.com/questions/837994",
"source": "cve@mitre.org"
}
]
}

36
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-02-06T09:00:23.653777+00:00
2024-02-06T11:00:26.647805+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-02-06T08:15:52.203000+00:00
2024-02-06T10:15:11.837000+00:00
```
### Last Data Feed Release
@ -29,31 +29,33 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
237753
237766
```
### CVEs added in the last Commit
Recently added CVEs: `10`
Recently added CVEs: `13`
* [CVE-2023-25543](CVE-2023/CVE-2023-255xx/CVE-2023-25543.json) (`2024-02-06T07:15:08.170`)
* [CVE-2023-28049](CVE-2023/CVE-2023-280xx/CVE-2023-28049.json) (`2024-02-06T07:15:09.167`)
* [CVE-2023-52239](CVE-2023/CVE-2023-522xx/CVE-2023-52239.json) (`2024-02-06T07:15:10.530`)
* [CVE-2023-28063](CVE-2023/CVE-2023-280xx/CVE-2023-28063.json) (`2024-02-06T08:15:46.863`)
* [CVE-2023-32451](CVE-2023/CVE-2023-324xx/CVE-2023-32451.json) (`2024-02-06T08:15:48.843`)
* [CVE-2023-32454](CVE-2023/CVE-2023-324xx/CVE-2023-32454.json) (`2024-02-06T08:15:49.850`)
* [CVE-2023-32474](CVE-2023/CVE-2023-324xx/CVE-2023-32474.json) (`2024-02-06T08:15:50.647`)
* [CVE-2023-32479](CVE-2023/CVE-2023-324xx/CVE-2023-32479.json) (`2024-02-06T08:15:51.383`)
* [CVE-2024-22433](CVE-2024/CVE-2024-224xx/CVE-2024-22433.json) (`2024-02-06T07:15:11.337`)
* [CVE-2024-22365](CVE-2024/CVE-2024-223xx/CVE-2024-22365.json) (`2024-02-06T08:15:52.203`)
* [CVE-2023-4503](CVE-2023/CVE-2023-45xx/CVE-2023-4503.json) (`2024-02-06T09:15:52.407`)
* [CVE-2024-0684](CVE-2024/CVE-2024-06xx/CVE-2024-0684.json) (`2024-02-06T09:15:52.643`)
* [CVE-2024-25140](CVE-2024/CVE-2024-251xx/CVE-2024-25140.json) (`2024-02-06T09:15:52.827`)
* [CVE-2024-23673](CVE-2024/CVE-2024-236xx/CVE-2024-23673.json) (`2024-02-06T10:15:08.833`)
* [CVE-2024-23917](CVE-2024/CVE-2024-239xx/CVE-2024-23917.json) (`2024-02-06T10:15:09.280`)
* [CVE-2024-24936](CVE-2024/CVE-2024-249xx/CVE-2024-24936.json) (`2024-02-06T10:15:09.553`)
* [CVE-2024-24937](CVE-2024/CVE-2024-249xx/CVE-2024-24937.json) (`2024-02-06T10:15:09.957`)
* [CVE-2024-24938](CVE-2024/CVE-2024-249xx/CVE-2024-24938.json) (`2024-02-06T10:15:10.303`)
* [CVE-2024-24939](CVE-2024/CVE-2024-249xx/CVE-2024-24939.json) (`2024-02-06T10:15:10.603`)
* [CVE-2024-24940](CVE-2024/CVE-2024-249xx/CVE-2024-24940.json) (`2024-02-06T10:15:10.960`)
* [CVE-2024-24941](CVE-2024/CVE-2024-249xx/CVE-2024-24941.json) (`2024-02-06T10:15:11.183`)
* [CVE-2024-24942](CVE-2024/CVE-2024-249xx/CVE-2024-24942.json) (`2024-02-06T10:15:11.590`)
* [CVE-2024-24943](CVE-2024/CVE-2024-249xx/CVE-2024-24943.json) (`2024-02-06T10:15:11.837`)
### CVEs modified in the last Commit
Recently modified CVEs: `2`
Recently modified CVEs: `1`
* [CVE-2023-36260](CVE-2023/CVE-2023-362xx/CVE-2023-36260.json) (`2024-02-06T07:15:09.673`)
* [CVE-2024-1143](CVE-2024/CVE-2024-11xx/CVE-2024-1143.json) (`2024-02-06T07:15:10.813`)
* [CVE-2022-3647](CVE-2022/CVE-2022-36xx/CVE-2022-3647.json) (`2024-02-06T10:15:08.497`)
## Download and Usage