diff --git a/CVE-2023/CVE-2023-375xx/CVE-2023-37540.json b/CVE-2023/CVE-2023-375xx/CVE-2023-37540.json index 07300b3ca3f..87d2bb369b7 100644 --- a/CVE-2023/CVE-2023-375xx/CVE-2023-37540.json +++ b/CVE-2023/CVE-2023-375xx/CVE-2023-37540.json @@ -2,7 +2,7 @@ "id": "CVE-2023-37540", "sourceIdentifier": "psirt@hcl.com", "published": "2024-02-23T07:15:47.700", - "lastModified": "2024-02-23T16:14:43.447", + "lastModified": "2024-11-29T16:15:07.357", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", + "baseScore": 3.9, + "baseSeverity": "LOW", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,19 +32,33 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 3.9, - "baseSeverity": "LOW" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.3, "impactScore": 2.5 } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-922" + } + ] + } + ], "references": [ { "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109082", "source": "psirt@hcl.com" + }, + { + "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109082", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-429xx/CVE-2023-42916.json b/CVE-2023/CVE-2023-429xx/CVE-2023-42916.json index d0d48d40abf..ac60b740522 100644 --- a/CVE-2023/CVE-2023-429xx/CVE-2023-42916.json +++ b/CVE-2023/CVE-2023-429xx/CVE-2023-42916.json @@ -2,13 +2,9 @@ "id": "CVE-2023-42916", "sourceIdentifier": "product-security@apple.com", "published": "2023-11-30T23:15:07.223", - "lastModified": "2024-08-14T19:56:50.687", + "lastModified": "2024-11-29T15:03:51.967", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2023-12-04", - "cisaActionDue": "2023-12-25", - "cisaRequiredAction": "Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.", - "cisaVulnerabilityName": "Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability", "descriptions": [ { "lang": "en", @@ -27,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -34,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 3.6 @@ -47,6 +43,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -54,15 +52,17 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 3.6 } ] }, + "cisaExploitAdd": "2023-12-04", + "cisaActionDue": "2023-12-25", + "cisaRequiredAction": "Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.", + "cisaVulnerabilityName": "Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability", "weaknesses": [ { "source": "nvd@nist.gov", @@ -296,7 +296,6 @@ "url": "https://support.apple.com/en-us/HT214031", "source": "product-security@apple.com", "tags": [ - "Release Notes", "Vendor Advisory" ] }, @@ -304,7 +303,6 @@ "url": "https://support.apple.com/en-us/HT214032", "source": "product-security@apple.com", "tags": [ - "Release Notes", "Vendor Advisory" ] }, @@ -312,7 +310,6 @@ "url": "https://support.apple.com/en-us/HT214033", "source": "product-security@apple.com", "tags": [ - "Release Notes", "Vendor Advisory" ] }, @@ -320,7 +317,6 @@ "url": "https://support.apple.com/kb/HT214033", "source": "product-security@apple.com", "tags": [ - "Release Notes", "Vendor Advisory" ] }, @@ -328,7 +324,6 @@ "url": "https://support.apple.com/kb/HT214034", "source": "product-security@apple.com", "tags": [ - "Release Notes", "Vendor Advisory" ] }, @@ -336,17 +331,149 @@ "url": "https://support.apple.com/kb/HT214062", "source": "product-security@apple.com", "tags": [ - "Release Notes", "Vendor Advisory" ] }, { "url": "https://www.debian.org/security/2023/dsa-5575", "source": "product-security@apple.com", + "tags": [ + "Mailing List" + ] + }, + { + "url": "http://seclists.org/fulldisclosure/2023/Dec/12", + "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ] + }, + { + "url": "http://seclists.org/fulldisclosure/2023/Dec/13", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "http://seclists.org/fulldisclosure/2023/Dec/3", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "http://seclists.org/fulldisclosure/2023/Dec/4", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "http://seclists.org/fulldisclosure/2023/Dec/5", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "http://seclists.org/fulldisclosure/2023/Dec/8", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/35", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "http://www.openwall.com/lists/oss-security/2023/12/05/1", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List" + ] + }, + { + "url": "https://security.gentoo.org/glsa/202401-04", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT214031", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT214032", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT214033", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/kb/HT214033", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/kb/HT214034", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/kb/HT214062", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://www.debian.org/security/2023/dsa-5575", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-460xx/CVE-2023-46051.json b/CVE-2023/CVE-2023-460xx/CVE-2023-46051.json index d81af104e27..be2216c2980 100644 --- a/CVE-2023/CVE-2023-460xx/CVE-2023-46051.json +++ b/CVE-2023/CVE-2023-460xx/CVE-2023-46051.json @@ -2,7 +2,7 @@ "id": "CVE-2023-46051", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-27T06:15:10.243", - "lastModified": "2024-08-02T21:15:49.273", + "lastModified": "2024-11-29T15:15:15.547", "vulnStatus": "Awaiting Analysis", "cveTags": [ { @@ -22,7 +22,42 @@ "value": "TeX Live 944e257 permite una desreferencia de puntero NULL en texk/web2c/pdftexdir/tounicode.c. NOTA: esto est\u00e1 en disputa porque deber\u00eda categorizarse como un problema de usabilidad." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", + "baseScore": 3.3, + "baseSeverity": "LOW", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], "references": [ { "url": "http://seclists.org/fulldisclosure/2024/Jan/68", @@ -31,6 +66,14 @@ { "url": "https://tug.org/pipermail/tex-live/2023-August/049406.html", "source": "cve@mitre.org" + }, + { + "url": "http://seclists.org/fulldisclosure/2024/Jan/68", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://tug.org/pipermail/tex-live/2023-August/049406.html", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-492xx/CVE-2023-49250.json b/CVE-2023/CVE-2023-492xx/CVE-2023-49250.json index a5d8871e2b6..440eb15b75b 100644 --- a/CVE-2023/CVE-2023-492xx/CVE-2023-49250.json +++ b/CVE-2023/CVE-2023-492xx/CVE-2023-49250.json @@ -2,7 +2,7 @@ "id": "CVE-2023-49250", "sourceIdentifier": "security@apache.org", "published": "2024-02-20T10:15:08.040", - "lastModified": "2024-02-20T19:50:53.960", + "lastModified": "2024-11-29T16:15:07.953", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,11 +15,34 @@ "value": "Debido a que la clase HttpUtils no verific\u00f3 los certificados, un atacante que pudiera realizar un ataque Man-in-the-Middle (MITM) en conexiones https salientes podr\u00eda hacerse pasar por el servidor. Este problema afecta a Apache DolphinScheduler: versiones anteriores a 3.2.0. Se recomienda a los usuarios actualizar a la versi\u00f3n 3.2.1, que soluciona el problema." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -40,6 +63,18 @@ { "url": "https://lists.apache.org/thread/wgs2jvhbmq8xnd6rmg0ymz73nyj7b3qn", "source": "security@apache.org" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/02/20/1", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://github.com/apache/dolphinscheduler/pull/15288", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://lists.apache.org/thread/wgs2jvhbmq8xnd6rmg0ymz73nyj7b3qn", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-00xx/CVE-2024-0012.json b/CVE-2024/CVE-2024-00xx/CVE-2024-0012.json index 8a927ed570a..61ba7b4c83d 100644 --- a/CVE-2024/CVE-2024-00xx/CVE-2024-0012.json +++ b/CVE-2024/CVE-2024-00xx/CVE-2024-0012.json @@ -2,8 +2,9 @@ "id": "CVE-2024-0012", "sourceIdentifier": "psirt@paloaltonetworks.com", "published": "2024-11-18T16:15:11.683", - "lastModified": "2024-11-24T15:15:05.860", - "vulnStatus": "Modified", + "lastModified": "2024-11-29T16:15:08.167", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], "descriptions": [ { "lang": "en", @@ -184,6 +185,10 @@ { "url": "https://unit42.paloaltonetworks.com/cve-2024-0012-cve-2024-9474/", "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://labs.watchtowr.com/pots-and-pans-aka-an-sslvpn-palo-alto-pan-os-cve-2024-0012-and-cve-2024-9474/", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-104xx/CVE-2024-10473.json b/CVE-2024/CVE-2024-104xx/CVE-2024-10473.json index 3b88a4d1243..67c87abe4fc 100644 --- a/CVE-2024/CVE-2024-104xx/CVE-2024-10473.json +++ b/CVE-2024/CVE-2024-104xx/CVE-2024-10473.json @@ -2,16 +2,55 @@ "id": "CVE-2024-10473", "sourceIdentifier": "contact@wpscan.com", "published": "2024-11-28T06:15:07.697", - "lastModified": "2024-11-28T06:15:07.697", - "vulnStatus": "Received", + "lastModified": "2024-11-29T16:15:08.390", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Logo Slider WordPress plugin before 4.5.0 does not sanitise and escape some of its Logo Settings when outputing them in pages where the Logo Slider shortcode is embed, which could allow users with a role as low as Author to perform Cross-Site Scripting attacks." + }, + { + "lang": "es", + "value": "El complemento Logo Slider de WordPress anterior a la versi\u00f3n 4.5.0 no desinfecta ni escapa de algunas de sus configuraciones de logotipo al mostrarlas en p\u00e1ginas donde est\u00e1 incrustado el c\u00f3digo corto Logo Slider, lo que podr\u00eda permitir a los usuarios con un rol tan bajo como Autor realizar ataques de Cross-Site Scripting." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://wpscan.com/vulnerability/7512cbdf-cf27-4a1f-bac8-9fcb14bf463e/", diff --git a/CVE-2024/CVE-2024-104xx/CVE-2024-10493.json b/CVE-2024/CVE-2024-104xx/CVE-2024-10493.json index 66f7e10690f..90dc70b612c 100644 --- a/CVE-2024/CVE-2024-104xx/CVE-2024-10493.json +++ b/CVE-2024/CVE-2024-104xx/CVE-2024-10493.json @@ -2,16 +2,55 @@ "id": "CVE-2024-10493", "sourceIdentifier": "contact@wpscan.com", "published": "2024-11-28T06:15:08.017", - "lastModified": "2024-11-28T06:15:08.017", - "vulnStatus": "Received", + "lastModified": "2024-11-29T16:15:08.583", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) WordPress plugin before 5.10.3 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks." + }, + { + "lang": "es", + "value": "El complemento Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) de WordPress anterior a la versi\u00f3n 5.10.3 no valida ni escapa algunas de sus opciones de bloque antes de mostrarlas nuevamente en una p\u00e1gina o publicaci\u00f3n donde est\u00e1 incrustado el bloque, lo que podr\u00eda permitir a los usuarios con el rol de colaborador y superior realizar ataques de Cross-Site Scripting almacenado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://wpscan.com/vulnerability/2e7f7196-054b-4cfd-9219-c60bb8275e8d/", diff --git a/CVE-2024/CVE-2024-105xx/CVE-2024-10510.json b/CVE-2024/CVE-2024-105xx/CVE-2024-10510.json index 89420de0c48..b7415ac5acb 100644 --- a/CVE-2024/CVE-2024-105xx/CVE-2024-10510.json +++ b/CVE-2024/CVE-2024-105xx/CVE-2024-10510.json @@ -2,16 +2,55 @@ "id": "CVE-2024-10510", "sourceIdentifier": "contact@wpscan.com", "published": "2024-11-28T06:15:08.120", - "lastModified": "2024-11-28T06:15:08.120", - "vulnStatus": "Received", + "lastModified": "2024-11-29T16:15:08.733", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The adBuddy+ (AdBlocker Detection) by NetfunkDesign WordPress plugin through 1.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + }, + { + "lang": "es", + "value": "El complemento adBuddy+ (AdBlocker Detection) de NetfunkDesign para WordPress hasta la versi\u00f3n 1.1.3 no desinfecta ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir que usuarios con privilegios elevados como el administrador realicen ataques de Cross-Site Scripting almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n de varios sitios)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://wpscan.com/vulnerability/ca499752-b516-42e7-8c2f-18e4428a92c7/", diff --git a/CVE-2024/CVE-2024-107xx/CVE-2024-10704.json b/CVE-2024/CVE-2024-107xx/CVE-2024-10704.json index 4c0467cbe9f..d522427ac37 100644 --- a/CVE-2024/CVE-2024-107xx/CVE-2024-10704.json +++ b/CVE-2024/CVE-2024-107xx/CVE-2024-10704.json @@ -2,16 +2,43 @@ "id": "CVE-2024-10704", "sourceIdentifier": "contact@wpscan.com", "published": "2024-11-29T06:15:06.423", - "lastModified": "2024-11-29T06:15:06.423", - "vulnStatus": "Received", + "lastModified": "2024-11-29T15:15:15.777", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Photo Gallery by 10Web WordPress plugin before 1.8.31 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + }, + { + "lang": "es", + "value": "El complemento Photo Gallery de 10Web para WordPress anterior a la versi\u00f3n 1.8.31 no desinfecta ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir que usuarios con privilegios elevados como el administrador realicen ataques de Cross-Site Scripting almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n de varios sitios)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, "references": [ { "url": "https://wpscan.com/vulnerability/6c115117-11c0-4c9e-9988-8547c9364c01/", diff --git a/CVE-2024/CVE-2024-108xx/CVE-2024-10896.json b/CVE-2024/CVE-2024-108xx/CVE-2024-10896.json index b20198e4ade..823531378a1 100644 --- a/CVE-2024/CVE-2024-108xx/CVE-2024-10896.json +++ b/CVE-2024/CVE-2024-108xx/CVE-2024-10896.json @@ -2,16 +2,55 @@ "id": "CVE-2024-10896", "sourceIdentifier": "contact@wpscan.com", "published": "2024-11-28T06:15:08.233", - "lastModified": "2024-11-28T06:15:08.233", - "vulnStatus": "Received", + "lastModified": "2024-11-29T16:15:08.880", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Logo Slider WordPress plugin before 4.5.0 does not sanitise and escape some of its Logo and Slider settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting" + }, + { + "lang": "es", + "value": "El complemento Logo Slider de WordPress anterior a la versi\u00f3n 4.5.0 no desinfecta ni evita algunas de las configuraciones de su logotipo y control deslizante, lo que podr\u00eda permitir que usuarios con privilegios elevados, como los colaboradores, realicen Cross-Site Scripting almacenado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://wpscan.com/vulnerability/1304c2b6-922d-455e-bae8-d6bf855eddd9/", diff --git a/CVE-2024/CVE-2024-109xx/CVE-2024-10980.json b/CVE-2024/CVE-2024-109xx/CVE-2024-10980.json index f59d2226fb8..14c40f60b35 100644 --- a/CVE-2024/CVE-2024-109xx/CVE-2024-10980.json +++ b/CVE-2024/CVE-2024-109xx/CVE-2024-10980.json @@ -2,16 +2,43 @@ "id": "CVE-2024-10980", "sourceIdentifier": "contact@wpscan.com", "published": "2024-11-29T06:15:06.633", - "lastModified": "2024-11-29T06:15:06.633", - "vulnStatus": "Received", + "lastModified": "2024-11-29T15:15:15.903", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) WordPress plugin before 5.10.3 does not validate and escape some of its Cookie Consent block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks." + }, + { + "lang": "es", + "value": "El complemento Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) de WordPress anterior a la versi\u00f3n 5.10.3 no valida ni escapa algunas de sus opciones de bloque de consentimiento de cookies antes de mostrarlas nuevamente en una p\u00e1gina o publicaci\u00f3n donde el bloque est\u00e1 incrustado, lo que podr\u00eda permitir a los usuarios con el rol de colaborador y superior realizar ataques de Cross-Site Scripting almacenado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, "references": [ { "url": "https://wpscan.com/vulnerability/915daad8-d14c-4457-a3a0-aa21744f4ae0/", diff --git a/CVE-2024/CVE-2024-115xx/CVE-2024-11506.json b/CVE-2024/CVE-2024-115xx/CVE-2024-11506.json index 14f85a279ea..21cc2c8f09a 100644 --- a/CVE-2024/CVE-2024-115xx/CVE-2024-11506.json +++ b/CVE-2024/CVE-2024-115xx/CVE-2024-11506.json @@ -2,15 +2,42 @@ "id": "CVE-2024-11506", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:08.743", - "lastModified": "2024-11-22T21:15:08.743", - "vulnStatus": "Received", + "lastModified": "2024-11-29T16:56:17.683", + "vulnStatus": "Analyzed", + "cveTags": [], "descriptions": [ { "lang": "en", "value": "IrfanView DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read before the start of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22169." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto en el an\u00e1lisis de archivos DWG de IrfanView que permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de IrfanView. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos DWG. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura antes del inicio de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22169." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -46,10 +73,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:irfanview:irfanview:4.62:*:*:*:*:*:x64:*", + "matchCriteriaId": "8FA15341-CEA4-4200-A02B-5274AA8B76F5" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1594/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-115xx/CVE-2024-11507.json b/CVE-2024/CVE-2024-115xx/CVE-2024-11507.json index 5eb3d5aae90..71555a8b9c7 100644 --- a/CVE-2024/CVE-2024-115xx/CVE-2024-11507.json +++ b/CVE-2024/CVE-2024-115xx/CVE-2024-11507.json @@ -2,15 +2,42 @@ "id": "CVE-2024-11507", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:08.867", - "lastModified": "2024-11-22T21:15:08.867", - "vulnStatus": "Received", + "lastModified": "2024-11-29T16:55:51.040", + "vulnStatus": "Analyzed", + "cveTags": [], "descriptions": [ { "lang": "en", "value": "IrfanView DXF File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22177." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por confusi\u00f3n de tipos en el an\u00e1lisis de archivos DXF de IrfanView. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de IrfanView. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos DXF. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede generar una condici\u00f3n de confusi\u00f3n de tipos. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22177." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -46,10 +73,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:irfanview:irfanview:4.62:*:*:*:*:*:x86:*", + "matchCriteriaId": "9E619807-7CD2-4D78-8D7D-604AE6C850D4" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1604/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-115xx/CVE-2024-11508.json b/CVE-2024/CVE-2024-115xx/CVE-2024-11508.json index a8c4ff6a997..f6c2456ac3e 100644 --- a/CVE-2024/CVE-2024-115xx/CVE-2024-11508.json +++ b/CVE-2024/CVE-2024-115xx/CVE-2024-11508.json @@ -2,15 +2,42 @@ "id": "CVE-2024-11508", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:08.973", - "lastModified": "2024-11-22T21:15:08.973", - "vulnStatus": "Received", + "lastModified": "2024-11-29T16:55:14.120", + "vulnStatus": "Analyzed", + "cveTags": [], "descriptions": [ { "lang": "en", "value": "IrfanView DXF File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22184." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por confusi\u00f3n de tipos en el an\u00e1lisis de archivos DXF de IrfanView. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de IrfanView. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos DXF. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede generar una condici\u00f3n de confusi\u00f3n de tipos. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22184." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -46,10 +73,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:irfanview:irfanview:4.62:*:*:*:*:*:x86:*", + "matchCriteriaId": "9E619807-7CD2-4D78-8D7D-604AE6C850D4" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1603/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-115xx/CVE-2024-11509.json b/CVE-2024/CVE-2024-115xx/CVE-2024-11509.json index 6b22b32d54f..1fae677c5c9 100644 --- a/CVE-2024/CVE-2024-115xx/CVE-2024-11509.json +++ b/CVE-2024/CVE-2024-115xx/CVE-2024-11509.json @@ -2,15 +2,42 @@ "id": "CVE-2024-11509", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:09.077", - "lastModified": "2024-11-22T21:15:09.077", - "vulnStatus": "Received", + "lastModified": "2024-11-29T16:54:40.307", + "vulnStatus": "Analyzed", + "cveTags": [], "descriptions": [ { "lang": "en", "value": "IrfanView SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SVG files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22185." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en mont\u00f3n en el an\u00e1lisis de archivos SVG de IrfanView. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de IrfanView. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos SVG. El problema es el resultado de la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en mont\u00f3n. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-22185." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -44,12 +71,43 @@ "value": "CWE-122" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:irfanview:irfanview:4.62:*:*:*:*:*:x86:*", + "matchCriteriaId": "9E619807-7CD2-4D78-8D7D-604AE6C850D4" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1602/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-212xx/CVE-2024-21287.json b/CVE-2024/CVE-2024-212xx/CVE-2024-21287.json index fd7dc35ad21..e4179ada4a3 100644 --- a/CVE-2024/CVE-2024-212xx/CVE-2024-21287.json +++ b/CVE-2024/CVE-2024-212xx/CVE-2024-21287.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21287", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-11-18T22:15:05.897", - "lastModified": "2024-11-19T21:57:32.967", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-29T15:26:04.440", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,16 +32,28 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" + "availabilityImpact": "NONE" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } ] }, + "cisaExploitAdd": "2024-11-21", + "cisaActionDue": "2024-12-12", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability", "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,10 +65,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:agile_product_lifecycle_management:9.3.6:*:*:*:*:*:*:*", + "matchCriteriaId": "4305ED0E-30CC-4AEA-8988-3D1EC93A0BB2" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.oracle.com/security-alerts/alert-cve-2024-21287.html", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-213xx/CVE-2024-21338.json b/CVE-2024/CVE-2024-213xx/CVE-2024-21338.json index fbf4658fbfc..02e42e41ad0 100644 --- a/CVE-2024/CVE-2024-213xx/CVE-2024-21338.json +++ b/CVE-2024/CVE-2024-213xx/CVE-2024-21338.json @@ -2,13 +2,9 @@ "id": "CVE-2024-21338", "sourceIdentifier": "secure@microsoft.com", "published": "2024-02-13T18:15:49.083", - "lastModified": "2024-10-10T15:14:00.550", + "lastModified": "2024-11-29T15:27:05.917", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-03-04", - "cisaActionDue": "2024-03-25", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability", "descriptions": [ { "lang": "en", @@ -23,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -34,26 +32,18 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 } ] }, + "cisaExploitAdd": "2024-03-04", + "cisaActionDue": "2024-03-25", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability", "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - }, { "source": "secure@microsoft.com", "type": "Secondary", @@ -63,6 +53,16 @@ "value": "CWE-822" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] } ], "configurations": [ @@ -139,6 +139,23 @@ "Patch", "Vendor Advisory" ] + }, + { + "url": "https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Technical Description", + "Third Party Advisory" + ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21338", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-213xx/CVE-2024-21351.json b/CVE-2024/CVE-2024-213xx/CVE-2024-21351.json index 6359d6c8572..2c6d83bbc71 100644 --- a/CVE-2024/CVE-2024-213xx/CVE-2024-21351.json +++ b/CVE-2024/CVE-2024-213xx/CVE-2024-21351.json @@ -2,13 +2,9 @@ "id": "CVE-2024-21351", "sourceIdentifier": "secure@microsoft.com", "published": "2024-02-13T18:15:51.333", - "lastModified": "2024-08-14T19:41:39.193", + "lastModified": "2024-11-29T15:27:41.817", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-02-13", - "cisaActionDue": "2024-03-05", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Microsoft Windows SmartScreen Security Feature Bypass Vulnerability", "descriptions": [ { "lang": "en", @@ -23,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L", + "baseScore": 7.6, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -34,19 +32,21 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", - "availabilityImpact": "LOW", - "baseScore": 7.6, - "baseSeverity": "HIGH" + "availabilityImpact": "LOW" }, "exploitabilityScore": 2.8, "impactScore": 4.7 } ] }, + "cisaExploitAdd": "2024-02-13", + "cisaActionDue": "2024-03-05", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Microsoft Windows SmartScreen Security Feature Bypass Vulnerability", "weaknesses": [ { - "source": "nvd@nist.gov", - "type": "Primary", + "source": "secure@microsoft.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -55,12 +55,12 @@ ] }, { - "source": "secure@microsoft.com", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-94" + "value": "NVD-CWE-noinfo" } ] } @@ -156,6 +156,14 @@ "Patch", "Vendor Advisory" ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21351", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-214xx/CVE-2024-21410.json b/CVE-2024/CVE-2024-214xx/CVE-2024-21410.json index c5332ef56a2..d5bd2904cb8 100644 --- a/CVE-2024/CVE-2024-214xx/CVE-2024-21410.json +++ b/CVE-2024/CVE-2024-214xx/CVE-2024-21410.json @@ -2,13 +2,9 @@ "id": "CVE-2024-21410", "sourceIdentifier": "secure@microsoft.com", "published": "2024-02-13T18:15:59.680", - "lastModified": "2024-06-10T16:05:10.343", + "lastModified": "2024-11-29T15:28:11.497", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-02-15", - "cisaActionDue": "2024-03-07", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Microsoft Exchange Server Privilege Escalation Vulnerability", "descriptions": [ { "lang": "en", @@ -23,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -34,26 +32,18 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 5.9 } ] }, + "cisaExploitAdd": "2024-02-15", + "cisaActionDue": "2024-03-07", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Microsoft Exchange Server Privilege Escalation Vulnerability", "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - }, { "source": "secure@microsoft.com", "type": "Secondary", @@ -63,6 +53,16 @@ "value": "CWE-287" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] } ], "configurations": [ @@ -100,6 +100,14 @@ "Patch", "Vendor Advisory" ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21410", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-214xx/CVE-2024-21412.json b/CVE-2024/CVE-2024-214xx/CVE-2024-21412.json index df182e0badd..c1829367b0e 100644 --- a/CVE-2024/CVE-2024-214xx/CVE-2024-21412.json +++ b/CVE-2024/CVE-2024-214xx/CVE-2024-21412.json @@ -2,13 +2,9 @@ "id": "CVE-2024-21412", "sourceIdentifier": "secure@microsoft.com", "published": "2024-02-13T18:15:59.903", - "lastModified": "2024-08-14T19:47:44.623", + "lastModified": "2024-11-29T15:25:25.097", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-02-13", - "cisaActionDue": "2024-03-05", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability", "descriptions": [ { "lang": "en", @@ -23,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", + "baseScore": 8.1, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -34,26 +32,18 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 8.1, - "baseSeverity": "HIGH" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 5.2 } ] }, + "cisaExploitAdd": "2024-02-13", + "cisaActionDue": "2024-03-05", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability", "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - }, { "source": "secure@microsoft.com", "type": "Secondary", @@ -63,6 +53,16 @@ "value": "CWE-693" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] } ], "configurations": [ @@ -139,6 +139,14 @@ "Patch", "Vendor Advisory" ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21412", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-217xx/CVE-2024-21762.json b/CVE-2024/CVE-2024-217xx/CVE-2024-21762.json index 756bda1d3e2..4407ad3d4cb 100644 --- a/CVE-2024/CVE-2024-217xx/CVE-2024-21762.json +++ b/CVE-2024/CVE-2024-217xx/CVE-2024-21762.json @@ -2,13 +2,9 @@ "id": "CVE-2024-21762", "sourceIdentifier": "psirt@fortinet.com", "published": "2024-02-09T09:15:08.087", - "lastModified": "2024-02-13T18:21:14.607", + "lastModified": "2024-11-29T15:23:32.167", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-02-09", - "cisaActionDue": "2024-02-16", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Fortinet FortiOS Out-of-Bound Write Vulnerability", "descriptions": [ { "lang": "en", @@ -21,32 +17,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, { "source": "psirt@fortinet.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -54,19 +32,41 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 5.9 } ] }, + "cisaExploitAdd": "2024-02-09", + "cisaActionDue": "2024-02-16", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Fortinet FortiOS Out-of-Bound Write Vulnerability", "weaknesses": [ { "source": "psirt@fortinet.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -114,8 +114,15 @@ "vulnerable": true, "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0.0", + "versionEndExcluding": "6.0.18", + "matchCriteriaId": "AE33B892-8CBB-4E16-B529-A1A0C48CE664" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2.0", "versionEndExcluding": "6.2.16", - "matchCriteriaId": "E9BCDC86-176E-401A-B188-F77E22BCFC2D" + "matchCriteriaId": "3DF10835-8DE2-415B-9EE8-99FFD699193E" }, { "vulnerable": true, @@ -157,6 +164,13 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://fortiguard.com/psirt/FG-IR-24-015", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-218xx/CVE-2024-21887.json b/CVE-2024/CVE-2024-218xx/CVE-2024-21887.json index eda70a07731..8ac0fd08901 100644 --- a/CVE-2024/CVE-2024-218xx/CVE-2024-21887.json +++ b/CVE-2024/CVE-2024-218xx/CVE-2024-21887.json @@ -2,13 +2,9 @@ "id": "CVE-2024-21887", "sourceIdentifier": "support@hackerone.com", "published": "2024-01-12T17:15:10.017", - "lastModified": "2024-06-10T16:21:07.127", + "lastModified": "2024-11-29T15:21:57.970", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-01-10", - "cisaActionDue": "2024-01-22", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Ivanti Connect Secure and Policy Secure Command Injection Vulnerability", "descriptions": [ { "lang": "en", @@ -27,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", @@ -34,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.1, - "baseSeverity": "CRITICAL" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.3, "impactScore": 6.0 @@ -49,6 +45,8 @@ "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", @@ -56,15 +54,17 @@ "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.1, - "baseSeverity": "CRITICAL" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.3, "impactScore": 6.0 } ] }, + "cisaExploitAdd": "2024-01-10", + "cisaActionDue": "2024-01-22", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Ivanti Connect Secure and Policy Secure Command Injection Vulnerability", "weaknesses": [ { "source": "nvd@nist.gov", @@ -510,6 +510,22 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] + }, + { + "url": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-218xx/CVE-2024-21893.json b/CVE-2024/CVE-2024-218xx/CVE-2024-21893.json index 5b86e9b3bdd..f3477301410 100644 --- a/CVE-2024/CVE-2024-218xx/CVE-2024-21893.json +++ b/CVE-2024/CVE-2024-218xx/CVE-2024-21893.json @@ -2,13 +2,9 @@ "id": "CVE-2024-21893", "sourceIdentifier": "support@hackerone.com", "published": "2024-01-31T18:15:47.437", - "lastModified": "2024-08-14T19:51:42.643", + "lastModified": "2024-11-29T15:16:27.133", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-01-31", - "cisaActionDue": "2024-02-02", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability", "descriptions": [ { "lang": "en", @@ -27,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", + "baseScore": 8.2, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -34,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 8.2, - "baseSeverity": "HIGH" + "availabilityImpact": "NONE" }, "exploitabilityScore": 3.9, "impactScore": 4.2 @@ -49,6 +45,8 @@ "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", + "baseScore": 8.2, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -56,15 +54,17 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 8.2, - "baseSeverity": "HIGH" + "availabilityImpact": "NONE" }, "exploitabilityScore": 3.9, "impactScore": 4.2 } ] }, + "cisaExploitAdd": "2024-01-31", + "cisaActionDue": "2024-02-02", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability", "weaknesses": [ { "source": "nvd@nist.gov", @@ -394,11 +394,6 @@ "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r2.1:*:*:*:*:*:*", "matchCriteriaId": "EA574551-14BF-45E1-AC2A-2FB5B265640E" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E4387B4-BC5C-41DE-92DA-84866A649AD2" - }, { "vulnerable": true, "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*", @@ -632,6 +627,76 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0E4387B4-BC5C-41DE-92DA-84866A649AD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r1:*:*:*:*:*:*", + "matchCriteriaId": "24514B40-540E-45D7-90DC-BCC1D9D7E92C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r4:*:*:*:*:*:*", + "matchCriteriaId": "BFD510E9-12DC-4942-BAA0-6405CBD905EF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.2:r5:*:*:*:*:*:*", + "matchCriteriaId": "EA11BB6D-36C7-438B-A5A7-71C3CB2E5EC8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.3:r1:*:*:*:*:*:*", + "matchCriteriaId": "7B01001B-FA11-4297-AB81-12A00B97C820" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.3:r4:*:*:*:*:*:*", + "matchCriteriaId": "9F28E6B1-44AB-4635-8939-5B0A44BED1E6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.4:r1:*:*:*:*:*:*", + "matchCriteriaId": "3E9D957B-49F9-492D-A66A-0D25BA27AD35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.4:r3:*:*:*:*:*:*", + "matchCriteriaId": "D1AB497E-E403-4DEE-A83D-CB2E119E5E96" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.5:r1:*:*:*:*:*:*", + "matchCriteriaId": "CA6B3322-9AFB-44B5-B571-995AB606FD01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.5:r1.2:*:*:*:*:*:*", + "matchCriteriaId": "47CB7C12-D642-4015-842C-37241F87DB86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1:*:*:*:*:*:*", + "matchCriteriaId": "58E49DF1-F66A-4F52-87FA-A50DFD735ECB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:22.6:r1.2:*:*:*:*:*:*", + "matchCriteriaId": "62A0393A-C1C6-4708-BC41-5A5B8FB765FF" + } + ] + } + ] } ], "references": [ @@ -641,6 +706,13 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-231xx/CVE-2024-23113.json b/CVE-2024/CVE-2024-231xx/CVE-2024-23113.json index da6d144f39b..b7bcfba1ea7 100644 --- a/CVE-2024/CVE-2024-231xx/CVE-2024-23113.json +++ b/CVE-2024/CVE-2024-231xx/CVE-2024-23113.json @@ -2,13 +2,9 @@ "id": "CVE-2024-23113", "sourceIdentifier": "psirt@fortinet.com", "published": "2024-02-15T14:15:46.503", - "lastModified": "2024-10-10T01:00:01.433", + "lastModified": "2024-11-29T15:09:12.633", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-10-09", - "cisaActionDue": "2024-10-30", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Fortinet Multiple Products Format String Vulnerability", "descriptions": [ { "lang": "en", @@ -21,32 +17,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, { "source": "psirt@fortinet.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -54,19 +32,41 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 5.9 } ] }, + "cisaExploitAdd": "2024-10-09", + "cisaActionDue": "2024-10-30", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Fortinet Multiple Products Format String Vulnerability", "weaknesses": [ { "source": "psirt@fortinet.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -169,6 +169,13 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://fortiguard.com/psirt/FG-IR-24-029", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-232xx/CVE-2024-23222.json b/CVE-2024/CVE-2024-232xx/CVE-2024-23222.json index b6c0ffc3211..335589307b7 100644 --- a/CVE-2024/CVE-2024-232xx/CVE-2024-23222.json +++ b/CVE-2024/CVE-2024-232xx/CVE-2024-23222.json @@ -2,13 +2,9 @@ "id": "CVE-2024-23222", "sourceIdentifier": "product-security@apple.com", "published": "2024-01-23T01:15:11.500", - "lastModified": "2024-08-14T17:00:37.360", + "lastModified": "2024-11-29T15:05:53.577", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-01-23", - "cisaActionDue": "2024-02-13", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Apple Multiple Products WebKit Type Confusion Vulnerability", "descriptions": [ { "lang": "en", @@ -27,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -34,15 +32,17 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 5.9 } ] }, + "cisaExploitAdd": "2024-01-23", + "cisaActionDue": "2024-02-13", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Apple Multiple Products WebKit Type Confusion Vulnerability", "weaknesses": [ { "source": "nvd@nist.gov", @@ -199,6 +199,86 @@ "Release Notes", "Vendor Advisory" ] + }, + { + "url": "https://support.apple.com/en-us/HT214055", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT214059", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT214061", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/kb/HT214055", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/kb/HT214056", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/kb/HT214057", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/kb/HT214058", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/kb/HT214059", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/kb/HT214061", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/kb/HT214063", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-261xx/CVE-2024-26169.json b/CVE-2024/CVE-2024-261xx/CVE-2024-26169.json index 994581cc6c8..f05a22004dc 100644 --- a/CVE-2024/CVE-2024-261xx/CVE-2024-26169.json +++ b/CVE-2024/CVE-2024-261xx/CVE-2024-26169.json @@ -2,13 +2,9 @@ "id": "CVE-2024-26169", "sourceIdentifier": "secure@microsoft.com", "published": "2024-03-12T17:15:56.173", - "lastModified": "2024-06-14T17:36:18.710", + "lastModified": "2024-11-29T16:24:31.767", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-06-13", - "cisaActionDue": "2024-07-04", - "cisaRequiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", - "cisaVulnerabilityName": "Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability", "descriptions": [ { "lang": "en", @@ -23,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -34,26 +32,18 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 } ] }, + "cisaExploitAdd": "2024-06-13", + "cisaActionDue": "2024-07-04", + "cisaRequiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", + "cisaVulnerabilityName": "Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability", "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - }, { "source": "secure@microsoft.com", "type": "Secondary", @@ -63,6 +53,16 @@ "value": "CWE-269" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] } ], "configurations": [ @@ -80,15 +80,33 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.14393.6796", - "matchCriteriaId": "6EA7DB91-749B-4BD6-87E8-0D132A69128B" + "matchCriteriaId": "EA2CA05A-8688-45D6-BC96-627DEB1962E4" }, { "vulnerable": true, - "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.14393.6796", + "matchCriteriaId": "F7C03B8B-2E86-4FEB-9925-623CC805AD34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.17763.5576", - "matchCriteriaId": "6FBF7292-731F-493E-BF30-C8561ACFE379" + "matchCriteriaId": "54A84FB6-B0C7-437B-B95A-F2B4CF18F853" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.17763.5576", + "matchCriteriaId": "4C9B0826-AE47-44B1-988F-6B5CEFB45BD5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.17763.5576", + "matchCriteriaId": "E037C8AE-56A8-4507-A34B-371A7D49F28D" }, { "vulnerable": true, @@ -176,6 +194,14 @@ "Patch", "Vendor Advisory" ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26169", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-271xx/CVE-2024-27198.json b/CVE-2024/CVE-2024-271xx/CVE-2024-27198.json index 41da2fea5e2..5c79aded8f3 100644 --- a/CVE-2024/CVE-2024-271xx/CVE-2024-27198.json +++ b/CVE-2024/CVE-2024-271xx/CVE-2024-27198.json @@ -2,13 +2,9 @@ "id": "CVE-2024-27198", "sourceIdentifier": "cve@jetbrains.com", "published": "2024-03-04T18:15:09.040", - "lastModified": "2024-05-23T17:57:49.653", + "lastModified": "2024-11-29T16:25:32.523", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-03-07", - "cisaActionDue": "2024-03-28", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "JetBrains TeamCity Authentication Bypass Vulnerability", "descriptions": [ { "lang": "en", @@ -21,32 +17,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, { "source": "cve@jetbrains.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -54,26 +32,38 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 5.9 } ] }, + "cisaExploitAdd": "2024-03-07", + "cisaActionDue": "2024-03-28", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "JetBrains TeamCity Authentication Bypass Vulnerability", "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-Other" - } - ] - }, { "source": "cve@jetbrains.com", "type": "Secondary", @@ -83,6 +73,16 @@ "value": "CWE-288" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] } ], "configurations": [ @@ -118,6 +118,21 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Press/Media Coverage", + "Third Party Advisory" + ] + }, + { + "url": "https://www.jetbrains.com/privacy-security/issues-fixed/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-278xx/CVE-2024-27896.json b/CVE-2024/CVE-2024-278xx/CVE-2024-27896.json index 17a22714e5c..82923f37f12 100644 --- a/CVE-2024/CVE-2024-278xx/CVE-2024-27896.json +++ b/CVE-2024/CVE-2024-278xx/CVE-2024-27896.json @@ -2,7 +2,7 @@ "id": "CVE-2024-27896", "sourceIdentifier": "psirt@huawei.com", "published": "2024-04-08T10:15:08.640", - "lastModified": "2024-04-08T18:48:40.217", + "lastModified": "2024-11-29T15:15:16.833", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,30 @@ "value": "Vulnerabilidad de verificaci\u00f3n de entrada en el m\u00f3dulo de registro. Impacto: La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la integridad." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { "source": "psirt@huawei.com", @@ -36,6 +59,14 @@ { "url": "https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", "source": "psirt@huawei.com" + }, + { + "url": "https://consumer.huawei.com/en/support/bulletin/2024/3/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202403-0000001667644725", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-289xx/CVE-2024-28987.json b/CVE-2024/CVE-2024-289xx/CVE-2024-28987.json index bde4ad9dc77..f87a29a399d 100644 --- a/CVE-2024/CVE-2024-289xx/CVE-2024-28987.json +++ b/CVE-2024/CVE-2024-289xx/CVE-2024-28987.json @@ -2,13 +2,9 @@ "id": "CVE-2024-28987", "sourceIdentifier": "psirt@solarwinds.com", "published": "2024-08-21T22:15:04.350", - "lastModified": "2024-10-16T13:05:08.363", + "lastModified": "2024-11-29T16:34:47.650", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-10-15", - "cisaActionDue": "2024-11-05", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "SolarWinds Web Help Desk Hardcoded Credential Vulnerability", "descriptions": [ { "lang": "en", @@ -21,32 +17,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 9.1, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.2 - }, { "source": "psirt@solarwinds.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -54,19 +32,41 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "baseScore": 9.1, - "baseSeverity": "CRITICAL" + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" }, "exploitabilityScore": 3.9, "impactScore": 5.2 } ] }, + "cisaExploitAdd": "2024-10-15", + "cisaActionDue": "2024-11-05", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "SolarWinds Web Help Desk Hardcoded Credential Vulnerability", "weaknesses": [ { "source": "psirt@solarwinds.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -108,8 +108,7 @@ "url": "https://support.solarwinds.com/SuccessCenter/s/article/SolarWinds-Web-Help-Desk-12-8-3-Hotfix-2", "source": "psirt@solarwinds.com", "tags": [ - "Release Notes", - "Vendor Advisory" + "Release Notes" ] }, { @@ -118,6 +117,14 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.theregister.com/2024/08/22/hardcoded_credentials_bug_solarwinds_whd/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Press/Media Coverage", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-289xx/CVE-2024-28995.json b/CVE-2024/CVE-2024-289xx/CVE-2024-28995.json index 3e1bfe1082c..6319569bc4d 100644 --- a/CVE-2024/CVE-2024-289xx/CVE-2024-28995.json +++ b/CVE-2024/CVE-2024-289xx/CVE-2024-28995.json @@ -2,13 +2,9 @@ "id": "CVE-2024-28995", "sourceIdentifier": "psirt@solarwinds.com", "published": "2024-06-06T09:15:14.167", - "lastModified": "2024-07-18T01:00:03.197", + "lastModified": "2024-11-29T16:35:14.907", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-07-17", - "cisaActionDue": "2024-08-07", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "SolarWinds Serv-U Path Traversal Vulnerability ", "descriptions": [ { "lang": "en", @@ -21,32 +17,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, { "source": "psirt@solarwinds.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", + "baseScore": 8.6, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -54,19 +32,41 @@ "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 8.6, - "baseSeverity": "HIGH" + "availabilityImpact": "NONE" }, "exploitabilityScore": 3.9, "impactScore": 4.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, + "cisaExploitAdd": "2024-07-17", + "cisaActionDue": "2024-08-07", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "SolarWinds Serv-U Path Traversal Vulnerability ", "weaknesses": [ { "source": "psirt@solarwinds.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -110,6 +110,13 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-297xx/CVE-2024-29745.json b/CVE-2024/CVE-2024-297xx/CVE-2024-29745.json index bbb8c5b13ff..1104601851a 100644 --- a/CVE-2024/CVE-2024-297xx/CVE-2024-29745.json +++ b/CVE-2024/CVE-2024-297xx/CVE-2024-29745.json @@ -2,13 +2,9 @@ "id": "CVE-2024-29745", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-04-05T20:15:08.253", - "lastModified": "2024-08-14T16:59:22.427", + "lastModified": "2024-11-29T16:36:23.337", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-04-04", - "cisaActionDue": "2024-04-25", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Android Pixel Information Disclosure Vulnerability", "descriptions": [ { "lang": "en", @@ -27,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -34,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.8, "impactScore": 3.6 @@ -47,6 +43,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -54,15 +52,17 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.8, "impactScore": 3.6 } ] }, + "cisaExploitAdd": "2024-04-04", + "cisaActionDue": "2024-04-25", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Android Pixel Information Disclosure Vulnerability", "weaknesses": [ { "source": "nvd@nist.gov", @@ -109,6 +109,13 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://source.android.com/security/bulletin/pixel/2024-04-01", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-297xx/CVE-2024-29748.json b/CVE-2024/CVE-2024-297xx/CVE-2024-29748.json index 341e64082f4..e22d79e46c4 100644 --- a/CVE-2024/CVE-2024-297xx/CVE-2024-29748.json +++ b/CVE-2024/CVE-2024-297xx/CVE-2024-29748.json @@ -2,13 +2,9 @@ "id": "CVE-2024-29748", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-04-05T20:15:08.407", - "lastModified": "2024-08-14T16:58:53.233", + "lastModified": "2024-11-29T16:39:20.167", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-04-04", - "cisaActionDue": "2024-04-25", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Android Pixel Privilege Escalation Vulnerability", "descriptions": [ { "lang": "en", @@ -27,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -34,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 @@ -47,6 +43,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -54,15 +52,17 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 } ] }, + "cisaExploitAdd": "2024-04-04", + "cisaActionDue": "2024-04-25", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Android Pixel Privilege Escalation Vulnerability", "weaknesses": [ { "source": "nvd@nist.gov", @@ -95,8 +95,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26" + "criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2024-04-05", + "matchCriteriaId": "1CBAE50F-4C4C-4B51-90A9-E2228D211DC5" } ] }, @@ -121,6 +122,21 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://source.android.com/security/bulletin/pixel/2024-04-01", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://twitter.com/GrapheneOS/status/1775308208472813609", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "tags": [ + "Broken Link", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-298xx/CVE-2024-29824.json b/CVE-2024/CVE-2024-298xx/CVE-2024-29824.json index 0e69bd0059b..5d9cceafdf3 100644 --- a/CVE-2024/CVE-2024-298xx/CVE-2024-29824.json +++ b/CVE-2024/CVE-2024-298xx/CVE-2024-29824.json @@ -2,13 +2,9 @@ "id": "CVE-2024-29824", "sourceIdentifier": "support@hackerone.com", "published": "2024-05-31T18:15:11.177", - "lastModified": "2024-10-03T16:45:28.117", + "lastModified": "2024-11-29T16:45:04.187", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-10-02", - "cisaActionDue": "2024-10-23", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability", "descriptions": [ { "lang": "en", @@ -27,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -34,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 5.9 @@ -49,6 +45,8 @@ "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 9.6, + "baseSeverity": "CRITICAL", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -56,15 +54,17 @@ "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.6, - "baseSeverity": "CRITICAL" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 6.0 } ] }, + "cisaExploitAdd": "2024-10-02", + "cisaActionDue": "2024-10-23", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability", "weaknesses": [ { "source": "nvd@nist.gov", @@ -142,6 +142,13 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://forums.ivanti.com/s/article/Security-Advisory-May-2024", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29988.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29988.json index fcc622b3fe7..e75ac2b41a2 100644 --- a/CVE-2024/CVE-2024-299xx/CVE-2024-29988.json +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29988.json @@ -2,13 +2,9 @@ "id": "CVE-2024-29988", "sourceIdentifier": "secure@microsoft.com", "published": "2024-04-09T17:16:01.830", - "lastModified": "2024-05-03T16:13:41.277", + "lastModified": "2024-11-29T16:28:51.757", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-04-30", - "cisaActionDue": "2024-05-21", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability", "descriptions": [ { "lang": "en", @@ -23,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -34,26 +32,18 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 5.9 } ] }, + "cisaExploitAdd": "2024-04-30", + "cisaActionDue": "2024-05-21", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability", "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - }, { "source": "secure@microsoft.com", "type": "Secondary", @@ -63,6 +53,16 @@ "value": "CWE-693" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] } ], "configurations": [ @@ -72,23 +72,47 @@ "operator": "OR", "negate": false, "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.17763.5696", + "matchCriteriaId": "C0B1F352-9256-4EF4-82D9-E1F72D71A98F" + }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.17763.5696", "matchCriteriaId": "7400FF15-17AF-402C-9FEB-BFBCEB49F6FB" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.17763.5696", + "matchCriteriaId": "927AEA5D-3E87-4353-8C41-6EC1AC18AB14" + }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", - "versionEndExcluding": "10.0.22000.2899", - "matchCriteriaId": "A7B8BF71-D89F-4CC0-BEFA-4E1988171F3A" + "versionEndExcluding": "10.0.19044.4291", + "matchCriteriaId": "1BE5B3C6-9F18-44A0-95CC-B4CD358794BF" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.4291", + "matchCriteriaId": "23C51F9B-0BF1-414C-BFA5-4F5B81413E9E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2899", + "matchCriteriaId": "39B18FD8-656D-46D2-8BDE-AF030C278E02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.22621.3447", - "matchCriteriaId": "C03FA6B4-F1CC-49E5-B936-15F6720092F0" + "matchCriteriaId": "54B49649-55CB-4BFF-BB50-592662435694" }, { "vulnerable": true, @@ -127,6 +151,14 @@ "Patch", "Vendor Advisory" ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29988", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-300xx/CVE-2024-30040.json b/CVE-2024/CVE-2024-300xx/CVE-2024-30040.json index 5fe99bebdf7..99ded5814a1 100644 --- a/CVE-2024/CVE-2024-300xx/CVE-2024-30040.json +++ b/CVE-2024/CVE-2024-300xx/CVE-2024-30040.json @@ -2,13 +2,9 @@ "id": "CVE-2024-30040", "sourceIdentifier": "secure@microsoft.com", "published": "2024-05-14T17:17:12.410", - "lastModified": "2024-05-16T18:01:55.157", + "lastModified": "2024-11-29T15:41:55.210", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-05-14", - "cisaActionDue": "2024-06-04", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability", "descriptions": [ { "lang": "en", @@ -23,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -34,26 +32,18 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 5.9 } ] }, + "cisaExploitAdd": "2024-05-14", + "cisaActionDue": "2024-06-04", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability", "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - }, { "source": "secure@microsoft.com", "type": "Secondary", @@ -63,6 +53,16 @@ "value": "CWE-20" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] } ], "configurations": [ @@ -92,9 +92,21 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*", "versionEndExcluding": "10.0.17763.5820", - "matchCriteriaId": "7CA2824B-BEA1-438D-A606-65BF5C85AF19" + "matchCriteriaId": "62EE1E28-FCAB-4D01-8636-B0DC6A0EAEA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.17763.5820", + "matchCriteriaId": "779CE6DB-5665-40E7-86DE-D30DF4E67270" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.17763.5820", + "matchCriteriaId": "E0C5CB98-D377-473B-A1B9-749DD1FF1783" }, { "vulnerable": true, @@ -163,6 +175,14 @@ "Patch", "Vendor Advisory" ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-300xx/CVE-2024-30051.json b/CVE-2024/CVE-2024-300xx/CVE-2024-30051.json index c61f8b51654..0f170f002bd 100644 --- a/CVE-2024/CVE-2024-300xx/CVE-2024-30051.json +++ b/CVE-2024/CVE-2024-300xx/CVE-2024-30051.json @@ -2,13 +2,9 @@ "id": "CVE-2024-30051", "sourceIdentifier": "secure@microsoft.com", "published": "2024-05-14T17:17:21.763", - "lastModified": "2024-05-16T20:27:22.830", + "lastModified": "2024-11-29T16:31:39.730", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-05-14", - "cisaActionDue": "2024-06-04", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": " Microsoft DWM Core Library Privilege Escalation Vulnerability", "descriptions": [ { "lang": "en", @@ -23,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -34,26 +32,18 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 } ] }, + "cisaExploitAdd": "2024-05-14", + "cisaActionDue": "2024-06-04", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": " Microsoft DWM Core Library Privilege Escalation Vulnerability", "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, { "source": "secure@microsoft.com", "type": "Secondary", @@ -63,6 +53,16 @@ "value": "CWE-122" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ @@ -74,9 +74,15 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.10240.20651", - "matchCriteriaId": "37A197DA-6408-4B32-A3C5-4ED9F8D9B100" + "matchCriteriaId": "3CAB1AF9-3205-47E7-9F73-B4F29CB7499E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.10240.20651", + "matchCriteriaId": "17FA38AD-A8CD-4141-A555-0756F05C69B1" }, { "vulnerable": true, @@ -157,6 +163,14 @@ "Patch", "Vendor Advisory" ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30051", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-300xx/CVE-2024-30088.json b/CVE-2024/CVE-2024-300xx/CVE-2024-30088.json index a7ee00238d8..d95645ed82e 100644 --- a/CVE-2024/CVE-2024-300xx/CVE-2024-30088.json +++ b/CVE-2024/CVE-2024-300xx/CVE-2024-30088.json @@ -2,13 +2,9 @@ "id": "CVE-2024-30088", "sourceIdentifier": "secure@microsoft.com", "published": "2024-06-11T17:15:56.810", - "lastModified": "2024-10-16T01:00:01.723", + "lastModified": "2024-11-29T15:44:17.180", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-10-15", - "cisaActionDue": "2024-11-05", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Microsoft Windows Kernel TOCTOU Race Condition Vulnerability", "descriptions": [ { "lang": "en", @@ -23,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.0, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", @@ -34,19 +32,21 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.0, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.0, "impactScore": 5.9 } ] }, + "cisaExploitAdd": "2024-10-15", + "cisaActionDue": "2024-11-05", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Microsoft Windows Kernel TOCTOU Race Condition Vulnerability", "weaknesses": [ { - "source": "nvd@nist.gov", - "type": "Primary", + "source": "secure@microsoft.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -55,8 +55,8 @@ ] }, { - "source": "secure@microsoft.com", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "description": [ { "lang": "en", @@ -80,9 +80,15 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", "versionEndExcluding": "10.0.14393.7070", - "matchCriteriaId": "D96DA51E-404E-49AE-B852-56FF8A1CEEA6" + "matchCriteriaId": "0F5BFA22-D18B-47A8-B26F-882E0910FE6B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.14393.7070", + "matchCriteriaId": "1EA9F602-3E4B-4A9B-8D15-D8CA75CA859B" }, { "vulnerable": true, @@ -157,6 +163,14 @@ "Patch", "Vendor Advisory" ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30088", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-328xx/CVE-2024-32896.json b/CVE-2024/CVE-2024-328xx/CVE-2024-32896.json index bdac5e345dd..929ca518b77 100644 --- a/CVE-2024/CVE-2024-328xx/CVE-2024-32896.json +++ b/CVE-2024/CVE-2024-328xx/CVE-2024-32896.json @@ -2,13 +2,9 @@ "id": "CVE-2024-32896", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-06-13T21:15:54.080", - "lastModified": "2024-08-14T19:33:40.713", + "lastModified": "2024-11-29T16:43:34.323", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-06-13", - "cisaActionDue": "2024-07-04", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Android Pixel Privilege Escalation Vulnerability", "descriptions": [ { "lang": "en", @@ -27,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -34,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 @@ -47,6 +43,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", @@ -54,15 +52,17 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.1, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.2, "impactScore": 5.9 } ] }, + "cisaExploitAdd": "2024-06-13", + "cisaActionDue": "2024-07-04", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Android Pixel Privilege Escalation Vulnerability", "weaknesses": [ { "source": "nvd@nist.gov", @@ -109,6 +109,13 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://source.android.com/security/bulletin/pixel/2024-06-01", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3272.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3272.json index e3b84f362dd..2381a879ff7 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3272.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3272.json @@ -2,7 +2,7 @@ "id": "CVE-2024-3272", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-04T01:15:50.123", - "lastModified": "2024-08-14T19:32:10.557", + "lastModified": "2024-11-29T16:45:43.063", "vulnStatus": "Analyzed", "cveTags": [ { @@ -12,10 +12,6 @@ ] } ], - "cisaExploitAdd": "2024-04-11", - "cisaActionDue": "2024-05-02", - "cisaRequiredAction": "This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.", - "cisaVulnerabilityName": "D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability", "descriptions": [ { "lang": "en", @@ -28,32 +24,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, { "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -61,9 +39,27 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 5.9 @@ -76,13 +72,13 @@ "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", + "baseScore": 10.0, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", - "availabilityImpact": "COMPLETE", - "baseScore": 10.0 + "availabilityImpact": "COMPLETE" }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, @@ -95,10 +91,14 @@ } ] }, + "cisaExploitAdd": "2024-04-11", + "cisaActionDue": "2024-05-02", + "cisaRequiredAction": "This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.", + "cisaVulnerabilityName": "D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability", "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -117,8 +117,18 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:dlink:dns-320l_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4599D769-0210-4D49-9896-9AD1376A037E" + "criteria": "cpe:2.3:o:dlink:dns-320l_firmware:1.01.0702.2013:*:*:*:*:*:*:*", + "matchCriteriaId": "9F733CFC-CB96-46B0-AE7E-21822560C774" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dns-320l_firmware:1.03.0904.2013:*:*:*:*:*:*:*", + "matchCriteriaId": "93290C71-4CDF-4645-AB29-49E832AE6BF4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dns-320l_firmware:1.11:*:*:*:*:*:*:*", + "matchCriteriaId": "91A5ABBE-0AC8-47CB-B420-3C68020B9132" } ] }, @@ -278,9 +288,9 @@ "negate": false, "cpeMatch": [ { - "vulnerable": true, - "criteria": "cpe:2.3:o:dlink:dns-321_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC28053F-88A9-4CA1-A2A2-CC90FEEA68FC" + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dns-321:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2A278BC9-6197-43D9-93C2-3DF760856FB7" } ] }, @@ -289,9 +299,9 @@ "negate": false, "cpeMatch": [ { - "vulnerable": false, - "criteria": "cpe:2.3:h:dlink:dns-321:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A278BC9-6197-43D9-93C2-3DF760856FB7" + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dns-321_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DC28053F-88A9-4CA1-A2A2-CC90FEEA68FC" } ] } @@ -305,9 +315,9 @@ "negate": false, "cpeMatch": [ { - "vulnerable": true, - "criteria": "cpe:2.3:o:dlink:dnr-322l_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AD3AD5EE-8E1E-4336-A1AB-AB028CC71286" + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dnr-322l:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5DAF62A4-2429-4B89-8FAD-8B23EF15E050" } ] }, @@ -316,9 +326,9 @@ "negate": false, "cpeMatch": [ { - "vulnerable": false, - "criteria": "cpe:2.3:h:dlink:dnr-322l:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5DAF62A4-2429-4B89-8FAD-8B23EF15E050" + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dnr-322l_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AD3AD5EE-8E1E-4336-A1AB-AB028CC71286" } ] } @@ -360,8 +370,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:dlink:dns-325_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "16954393-3449-438A-978C-265EE3A35FF8" + "criteria": "cpe:2.3:o:dlink:dns-325_firmware:1.01:*:*:*:*:*:*:*", + "matchCriteriaId": "F42F8AA8-30F9-46D9-92D9-CF8876E04FFA" } ] }, @@ -414,8 +424,13 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:dlink:dns-327l_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "172D5EFF-E0DF-4A99-8499-71450A46A86C" + "criteria": "cpe:2.3:o:dlink:dns-327l_firmware:1.00.0409.2013:*:*:*:*:*:*:*", + "matchCriteriaId": "288DA5DF-BC45-4B81-82C6-9E78417F415B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dns-327l_firmware:1.09:*:*:*:*:*:*:*", + "matchCriteriaId": "45D36608-4CCB-4B4F-AC7C-AB925817FF83" } ] }, @@ -468,8 +483,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:dlink:dns-340l_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39FF9666-8493-4A36-A199-1190AD8FAF3D" + "criteria": "cpe:2.3:o:dlink:dns-340l_firmware:1.08:*:*:*:*:*:*:*", + "matchCriteriaId": "9A2A09C0-1495-4999-A2B2-CE3474A02CC8" } ] }, @@ -494,9 +509,9 @@ "negate": false, "cpeMatch": [ { - "vulnerable": true, - "criteria": "cpe:2.3:o:dlink:dns-343_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD656642-EDD4-4EB2-81AB-04207BC14196" + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dns-343:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F968791D-D3BD-442C-818E-4E878B12776D" } ] }, @@ -505,9 +520,9 @@ "negate": false, "cpeMatch": [ { - "vulnerable": false, - "criteria": "cpe:2.3:h:dlink:dns-343:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F968791D-D3BD-442C-818E-4E878B12776D" + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dns-343_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DD656642-EDD4-4EB2-81AB-04207BC14196" } ] } @@ -516,17 +531,6 @@ { "operator": "AND", "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:dlink:dns-345_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "12C5E2D7-018E-4ED1-92C7-B5B1D8CC6990" - } - ] - }, { "operator": "OR", "negate": false, @@ -537,23 +541,23 @@ "matchCriteriaId": "C7E56821-7EA0-4CA1-BA17-7FD4ED9F794C" } ] - } - ] - }, - { - "operator": "AND", - "nodes": [ + }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:dlink:dns-726-4_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A74D270-9076-474D-A06F-C915FCEA2164" + "criteria": "cpe:2.3:o:dlink:dns-345_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "12C5E2D7-018E-4ED1-92C7-B5B1D8CC6990" } ] - }, + } + ] + }, + { + "operator": "AND", + "nodes": [ { "operator": "OR", "negate": false, @@ -564,23 +568,23 @@ "matchCriteriaId": "75E5010F-21BA-4B6B-B00C-2688268FD67B" } ] - } - ] - }, - { - "operator": "AND", - "nodes": [ + }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:dlink:dns-1100-4_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CAFE1E3-B705-4CF1-AEB9-A474432B6D34" + "criteria": "cpe:2.3:o:dlink:dns-726-4_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2A74D270-9076-474D-A06F-C915FCEA2164" } ] - }, + } + ] + }, + { + "operator": "AND", + "nodes": [ { "operator": "OR", "negate": false, @@ -591,23 +595,23 @@ "matchCriteriaId": "D5D08ED7-3E7F-4D30-890E-6535F6C34682" } ] - } - ] - }, - { - "operator": "AND", - "nodes": [ + }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:dlink:dns-1200-05_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42DA6DEB-3578-44A5-916F-1628141F0DDE" + "criteria": "cpe:2.3:o:dlink:dns-1100-4_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7CAFE1E3-B705-4CF1-AEB9-A474432B6D34" } ] - }, + } + ] + }, + { + "operator": "AND", + "nodes": [ { "operator": "OR", "negate": false, @@ -618,6 +622,17 @@ "matchCriteriaId": "D042C75D-6731-46B2-B11E-A009B9029B3F" } ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dns-1200-05_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "42DA6DEB-3578-44A5-916F-1628141F0DDE" + } + ] } ] }, @@ -629,9 +644,9 @@ "negate": false, "cpeMatch": [ { - "vulnerable": true, - "criteria": "cpe:2.3:o:dlink:dns-1550-04_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B2C1EF70-AD9B-48D7-8DF6-A6416C517F12" + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dns-1550-04:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E691E775-382C-4BA9-AA44-FBC3148D3E54" } ] }, @@ -640,9 +655,9 @@ "negate": false, "cpeMatch": [ { - "vulnerable": false, - "criteria": "cpe:2.3:h:dlink:dns-1550-04:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E691E775-382C-4BA9-AA44-FBC3148D3E54" + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dns-1550-04_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B2C1EF70-AD9B-48D7-8DF6-A6416C517F12" } ] } @@ -678,6 +693,35 @@ "tags": [ "Third Party Advisory" ] + }, + { + "url": "https://github.com/netsecfish/dlink", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] + }, + { + "url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://vuldb.com/?ctiid.259283", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required" + ] + }, + { + "url": "https://vuldb.com/?id.259283", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3273.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3273.json index a92f67a0829..f6405fcd619 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3273.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3273.json @@ -2,7 +2,7 @@ "id": "CVE-2024-3273", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-04T01:15:50.387", - "lastModified": "2024-08-14T19:31:37.420", + "lastModified": "2024-11-29T16:45:55.877", "vulnStatus": "Analyzed", "cveTags": [ { @@ -12,10 +12,6 @@ ] } ], - "cisaExploitAdd": "2024-04-11", - "cisaActionDue": "2024-05-02", - "cisaRequiredAction": "This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.", - "cisaVulnerabilityName": "D-Link Multiple NAS Devices Command Injection Vulnerability", "descriptions": [ { "lang": "en", @@ -28,32 +24,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, { "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -61,12 +39,30 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.3, - "baseSeverity": "HIGH" + "availabilityImpact": "LOW" }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -76,13 +72,13 @@ "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", - "availabilityImpact": "PARTIAL", - "baseScore": 7.5 + "availabilityImpact": "PARTIAL" }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, @@ -95,10 +91,14 @@ } ] }, + "cisaExploitAdd": "2024-04-11", + "cisaActionDue": "2024-05-02", + "cisaRequiredAction": "This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.", + "cisaVulnerabilityName": "D-Link Multiple NAS Devices Command Injection Vulnerability", "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -117,8 +117,18 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:dlink:dns-320l_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4599D769-0210-4D49-9896-9AD1376A037E" + "criteria": "cpe:2.3:o:dlink:dns-320l_firmware:1.01.0702.2013:*:*:*:*:*:*:*", + "matchCriteriaId": "9F733CFC-CB96-46B0-AE7E-21822560C774" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dns-320l_firmware:1.03.0904.2013:*:*:*:*:*:*:*", + "matchCriteriaId": "93290C71-4CDF-4645-AB29-49E832AE6BF4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dns-320l_firmware:1.11:*:*:*:*:*:*:*", + "matchCriteriaId": "91A5ABBE-0AC8-47CB-B420-3C68020B9132" } ] }, @@ -360,8 +370,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:dlink:dns-325_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "16954393-3449-438A-978C-265EE3A35FF8" + "criteria": "cpe:2.3:o:dlink:dns-325_firmware:1.01:*:*:*:*:*:*:*", + "matchCriteriaId": "F42F8AA8-30F9-46D9-92D9-CF8876E04FFA" } ] }, @@ -414,8 +424,13 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:dlink:dns-327l_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "172D5EFF-E0DF-4A99-8499-71450A46A86C" + "criteria": "cpe:2.3:o:dlink:dns-327l_firmware:1.00.0409.2013:*:*:*:*:*:*:*", + "matchCriteriaId": "288DA5DF-BC45-4B81-82C6-9E78417F415B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dns-327l_firmware:1.09:*:*:*:*:*:*:*", + "matchCriteriaId": "45D36608-4CCB-4B4F-AC7C-AB925817FF83" } ] }, @@ -468,8 +483,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:dlink:dns-340l_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39FF9666-8493-4A36-A199-1190AD8FAF3D" + "criteria": "cpe:2.3:o:dlink:dns-340l_firmware:1.08:*:*:*:*:*:*:*", + "matchCriteriaId": "9A2A09C0-1495-4999-A2B2-CE3474A02CC8" } ] }, @@ -685,6 +700,42 @@ "tags": [ "Third Party Advisory" ] + }, + { + "url": "https://github.com/netsecfish/dlink", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] + }, + { + "url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://vuldb.com/?ctiid.259284", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required" + ] + }, + { + "url": "https://vuldb.com/?id.259284", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://vuldb.com/?submit.304661", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-341xx/CVE-2024-34102.json b/CVE-2024/CVE-2024-341xx/CVE-2024-34102.json index 2adb1c31dfc..a3a6e2dbac9 100644 --- a/CVE-2024/CVE-2024-341xx/CVE-2024-34102.json +++ b/CVE-2024/CVE-2024-341xx/CVE-2024-34102.json @@ -2,13 +2,9 @@ "id": "CVE-2024-34102", "sourceIdentifier": "psirt@adobe.com", "published": "2024-06-13T09:15:10.380", - "lastModified": "2024-07-18T01:00:03.197", + "lastModified": "2024-11-29T15:33:14.280", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-07-17", - "cisaActionDue": "2024-08-07", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability", "descriptions": [ { "lang": "en", @@ -23,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -34,19 +32,21 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 5.9 } ] }, + "cisaExploitAdd": "2024-07-17", + "cisaActionDue": "2024-08-07", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability", "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -62,101 +62,6 @@ "operator": "OR", "negate": false, "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.3.7:-:*:*:*:*:*:*", - "matchCriteriaId": "4346BF61-743B-4BBE-AC90-9954FEE6E943" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.3.7:p1:*:*:*:*:*:*", - "matchCriteriaId": "9F471E19-8AFE-4A6C-88EA-DF94428518F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.3.7:p2:*:*:*:*:*:*", - "matchCriteriaId": "27E5B990-1E1C-46AC-815F-AF737D211C16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.3.7:p3:*:*:*:*:*:*", - "matchCriteriaId": "8D1598F4-AA41-4F94-A986-E603DC42AC8B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.3.7:p4:*:*:*:*:*:*", - "matchCriteriaId": "3A3535F6-227F-4DD2-881F-9ADAB68373CD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.3.7:p4-ext1:*:*:*:*:*:*", - "matchCriteriaId": "428B889D-3BAF-46A2-913A-E0022217F804" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.3.7:p4-ext2:*:*:*:*:*:*", - "matchCriteriaId": "2A0A7F6F-6218-4714-A7C7-79580FBA8FFF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.3.7:p4-ext3:*:*:*:*:*:*", - "matchCriteriaId": "304A7DB2-0174-42A2-A357-944634C2ADFA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.3.7:p4-ext4:*:*:*:*:*:*", - "matchCriteriaId": "C5954698-9CA1-4463-833C-E7DB447AC80A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.4.0:-:*:*:*:*:*:*", - "matchCriteriaId": "D845F99F-2958-4118-B27E-6D84602B7FB1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.4.0:ext-1:*:*:*:*:*:*", - "matchCriteriaId": "61266FCB-916E-4B72-A5CE-8E9D3D817996" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.4.0:ext-2:*:*:*:*:*:*", - "matchCriteriaId": "4B4BB14A-5BBE-4FF3-B956-306D721D99E3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.4.0:ext-3:*:*:*:*:*:*", - "matchCriteriaId": "8D33D70D-84E7-46D9-A50B-857DF71B43C6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.4.0:ext-4:*:*:*:*:*:*", - "matchCriteriaId": "6291AFE6-3F06-4796-B6B8-761D995F1F9D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.4.1:-:*:*:*:*:*:*", - "matchCriteriaId": "33BE2A5D-A4B1-4863-A1D9-29F08CA8CCE2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.4.1:ext-1:*:*:*:*:*:*", - "matchCriteriaId": "F1BCDF10-D4D2-4FB5-8A6A-960730C17911" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.4.1:ext-2:*:*:*:*:*:*", - "matchCriteriaId": "F747F9C6-BD3F-4DFC-BC91-6361F66E50D0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.4.1:ext-3:*:*:*:*:*:*", - "matchCriteriaId": "8249B061-BD24-4A05-A08B-8CE776C23F79" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:commerce:2.4.1:ext-4:*:*:*:*:*:*", - "matchCriteriaId": "40315EF0-0EAF-465B-BC82-57B74C23ED98" - }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.2:-:*:*:*:*:*:*", @@ -182,6 +87,11 @@ "criteria": "cpe:2.3:a:adobe:commerce:2.4.2:ext-4:*:*:*:*:*:*", "matchCriteriaId": "B0B4ABDB-1C22-4B26-BA4D-DA73ED1F50D2" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:commerce:2.4.2:ext-7:*:*:*:*:*:*", + "matchCriteriaId": "F4F3CDEB-7BEE-44F7-A927-DCA209429D96" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.3:-:*:*:*:*:*:*", @@ -207,6 +117,11 @@ "criteria": "cpe:2.3:a:adobe:commerce:2.4.3:ext-4:*:*:*:*:*:*", "matchCriteriaId": "25A9AC2F-7AAC-41FF-8D93-3A5CBE24BED6" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:commerce:2.4.3:ext-7:*:*:*:*:*:*", + "matchCriteriaId": "FFCF3470-0C38-4F54-9BFF-B5819805AECB" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*", @@ -242,6 +157,11 @@ "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*", "matchCriteriaId": "69A1F1F7-E53C-40F3-B3D9-DC011FC353BF" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p8:*:*:*:*:*:*", + "matchCriteriaId": "8867F510-201C-4199-8554-53DE156CE669" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*", @@ -272,6 +192,11 @@ "criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*", "matchCriteriaId": "54151A00-CFB8-4E6A-8E74-497CB67BF7E2" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p7:*:*:*:*:*:*", + "matchCriteriaId": "8922D646-1A97-47ED-91C6-5A426781C98A" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*", @@ -292,12 +217,22 @@ "criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:*", "matchCriteriaId": "A576B1B5-73A2-431E-998F-7E5458B51D6A" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p5:*:*:*:*:*:*", + "matchCriteriaId": "3A9A62EE-1649-4815-8EC9-7AEF7949EB2F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:commerce:2.4.7:-:*:*:*:*:*:*", + "matchCriteriaId": "B5D04853-0C2F-47DD-A939-3A8F6E22CB7D" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:commerce_webhooks:*:*:*:*:*:*:*:*", "versionStartIncluding": "1.2.0", - "versionEndIncluding": "1.4.0", - "matchCriteriaId": "75FC038A-FDAE-4A80-B3A2-BE38F53841B6" + "versionEndExcluding": "1.5.0", + "matchCriteriaId": "7EC901F8-73E4-4B13-9855-D7B157D37EA3" }, { "vulnerable": true, @@ -414,6 +349,11 @@ "criteria": "cpe:2.3:a:adobe:magento:2.4.6:p5:*:*:open_source:*:*:*", "matchCriteriaId": "2A2DD9C6-BAF5-4DF5-9C14-3478923B2019" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:magento:2.4.7:-:*:*:open_source:*:*:*", + "matchCriteriaId": "0E06FE04-8844-4409-92D9-4972B47C921B" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:magento:2.4.7:b1:*:*:open_source:*:*:*", @@ -440,6 +380,22 @@ "Technical Description", "Third Party Advisory" ] + }, + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Technical Description", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-34xx/CVE-2024-3400.json b/CVE-2024/CVE-2024-34xx/CVE-2024-3400.json index e89c87378f9..13ef8345890 100644 --- a/CVE-2024/CVE-2024-34xx/CVE-2024-3400.json +++ b/CVE-2024/CVE-2024-34xx/CVE-2024-3400.json @@ -2,13 +2,9 @@ "id": "CVE-2024-3400", "sourceIdentifier": "psirt@paloaltonetworks.com", "published": "2024-04-12T08:15:06.230", - "lastModified": "2024-05-29T16:00:24.093", + "lastModified": "2024-11-29T16:47:54.893", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-04-12", - "cisaActionDue": "2024-04-19", - "cisaRequiredAction": "Apply mitigations per vendor instructions as they become available. Otherwise, users with vulnerable versions of affected devices should enable Threat Prevention IDs available from the vendor. See the vendor bulletin for more details and a patch release schedule.", - "cisaVulnerabilityName": "Palo Alto Networks PAN-OS Command Injection Vulnerability", "descriptions": [ { "lang": "en", @@ -21,32 +17,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 10.0, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 6.0 - }, { "source": "psirt@paloaltonetworks.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 10.0, + "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -54,26 +32,38 @@ "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "baseScore": 10.0, - "baseSeverity": "CRITICAL" + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 6.0 } ] }, + "cisaExploitAdd": "2024-04-12", + "cisaActionDue": "2024-04-19", + "cisaRequiredAction": "Apply mitigations per vendor instructions as they become available. Otherwise, users with vulnerable versions of affected devices should enable Threat Prevention IDs available from the vendor. See the vendor bulletin for more details and a patch release schedule.", + "cisaVulnerabilityName": "Palo Alto Networks PAN-OS Command Injection Vulnerability", "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-77" - } - ] - }, { "source": "psirt@paloaltonetworks.com", "type": "Secondary", @@ -87,6 +77,16 @@ "value": "CWE-77" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] } ], "configurations": [ @@ -111,11 +111,6 @@ "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*", "matchCriteriaId": "DDDEB31F-EFDD-4A66-9687-7FFCF8EFDAAF" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*", - "matchCriteriaId": "9C664207-FA80-467E-853B-CBF61F01115F" - }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*", @@ -126,11 +121,6 @@ "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*", "matchCriteriaId": "5CB7F608-4F03-46EF-A27E-4C8F5363FF5E" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*", - "matchCriteriaId": "2269819F-11BD-482C-B8D2-96A9C7AD54D4" - }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*", @@ -151,11 +141,6 @@ "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*", "matchCriteriaId": "4B86668F-7BC5-4F50-AE80-E99F6DE370D7" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*", - "matchCriteriaId": "0E4172BC-EA53-4E01-B14D-BA897EBA2EAE" - }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*", @@ -171,11 +156,6 @@ "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*", "matchCriteriaId": "A7FCFB45-1150-4F9C-8E4B-3DB2ADE89454" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*", - "matchCriteriaId": "0D4B4DCE-1593-4F8A-A461-A41290FE0041" - }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*", @@ -201,11 +181,6 @@ "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*", "matchCriteriaId": "6ADF2A5B-DC55-44B1-A033-4A29C32AB5B1" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*", - "matchCriteriaId": "A17FE6D6-E0C3-4E82-A721-75C4E8001984" - }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*", @@ -236,11 +211,6 @@ "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*", "matchCriteriaId": "1360C403-BCD8-420E-B907-4127E12B3A3A" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:*", - "matchCriteriaId": "22206C8D-A8E8-4947-A277-F3256FD5D8ED" - }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*", @@ -251,11 +221,6 @@ "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*", "matchCriteriaId": "09F61A78-1B7C-41F1-A0D8-0AB1E7ADF68C" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:*", - "matchCriteriaId": "7B7C37B3-EDA9-45D9-94A2-E7B24BA6C887" - }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*", @@ -276,31 +241,16 @@ "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*", "matchCriteriaId": "CBE09375-A863-42FF-813F-C20679D7C45C" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*", - "matchCriteriaId": "1311961A-0EF6-488E-B0C2-EDBD508587C9" - }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*", "matchCriteriaId": "5D64390F-F870-4DBF-B0FE-BCDFE58C8685" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*", - "matchCriteriaId": "CBA2B4FA-16C2-41B9-856D-EDC0CAF7A164" - }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*", "matchCriteriaId": "D814F3A3-5E9D-426D-A654-1346D9ECE9B3" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*", - "matchCriteriaId": "8C7E9211-7041-4720-B4B9-3EA95D425263" - }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*", @@ -316,11 +266,6 @@ "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*", "matchCriteriaId": "3EF4AE4F-36F3-4923-AE1E-DE9E036D4E2F" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*", - "matchCriteriaId": "10587864-8777-40F9-B162-BFBFAB8F5E06" - }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*", @@ -336,11 +281,6 @@ "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*", "matchCriteriaId": "50EA3EAC-91BD-4B30-A885-BED95B48CC3F" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*", - "matchCriteriaId": "FD0CC02E-6079-4094-A355-E3300D7D4DD1" - }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*", @@ -361,11 +301,6 @@ "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*", "matchCriteriaId": "8B689FAD-0469-4222-A7EF-3268CCDA43A7" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*", - "matchCriteriaId": "CB3F7D3E-1479-435B-9249-F8F963440D0A" - }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*", @@ -376,11 +311,6 @@ "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*", "matchCriteriaId": "B4425F47-446D-49C1-AAC9-5F5B7E5422A6" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*", - "matchCriteriaId": "CC74ECE3-4F2C-450C-A781-16B1E53AF960" - }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*", @@ -396,11 +326,6 @@ "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*", "matchCriteriaId": "723956E9-11FD-42A0-8A35-C1FDE9E1877C" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*", - "matchCriteriaId": "5601B7E0-68C9-4226-AA3D-D20012F6394B" - }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*", @@ -416,21 +341,11 @@ "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:*", "matchCriteriaId": "B3D65F1C-B055-408E-B7F2-512F13BEDCA6" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:*", - "matchCriteriaId": "B1B284FD-575E-46EA-95D8-D9E5FBBA8229" - }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:*", "matchCriteriaId": "2DC41D6E-8632-44BB-BC05-7C22A02306A2" }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:*", - "matchCriteriaId": "AF099226-A77E-4FDC-A044-8CA46D015C2C" - }, { "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*", @@ -440,11 +355,6 @@ "vulnerable": true, "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*", "matchCriteriaId": "275872C1-1EBB-4447-8C9F-347F757BFF42" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*", - "matchCriteriaId": "4F36A8CA-4B15-4A88-BA51-2346506DE6E5" } ] } @@ -482,6 +392,37 @@ "Exploit", "Third Party Advisory" ] + }, + { + "url": "https://security.paloaltonetworks.com/CVE-2024-3400", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://unit42.paloaltonetworks.com/cve-2024-3400/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Vendor Advisory" + ] + }, + { + "url": "https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Technical Description", + "Vendor Advisory" + ] + }, + { + "url": "https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-364xx/CVE-2024-36401.json b/CVE-2024/CVE-2024-364xx/CVE-2024-36401.json index 11f59b617ff..7a431bddce4 100644 --- a/CVE-2024/CVE-2024-364xx/CVE-2024-36401.json +++ b/CVE-2024/CVE-2024-364xx/CVE-2024-36401.json @@ -2,13 +2,9 @@ "id": "CVE-2024-36401", "sourceIdentifier": "security-advisories@github.com", "published": "2024-07-01T16:15:04.120", - "lastModified": "2024-07-16T01:00:01.567", + "lastModified": "2024-11-29T15:32:24.923", "vulnStatus": "Analyzed", "cveTags": [], - "cisaExploitAdd": "2024-07-15", - "cisaActionDue": "2024-08-05", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "OSGeo GeoServer GeoTools Eval Injection Vulnerability", "descriptions": [ { "lang": "en", @@ -21,32 +17,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, { "source": "security-advisories@github.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -54,26 +32,38 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 5.9 } ] }, + "cisaExploitAdd": "2024-07-15", + "cisaActionDue": "2024-08-05", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "OSGeo GeoServer GeoTools Eval Injection Vulnerability", "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-94" - } - ] - }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -83,6 +73,16 @@ "value": "CWE-95" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] } ], "configurations": [ @@ -176,6 +176,53 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://github.com/Warxim/CVE-2022-41852?tab=readme-ov-file#workaround-for-cve-2022-41852", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] + }, + { + "url": "https://github.com/geoserver/geoserver/security/advisories/GHSA-6jj6-gm7p-fcvv", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mitigation", + "Vendor Advisory" + ] + }, + { + "url": "https://github.com/geotools/geotools/pull/4797", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Patch" + ] + }, + { + "url": "https://github.com/geotools/geotools/security/advisories/GHSA-w3pj-wh35-fq8w", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Vendor Advisory" + ] + }, + { + "url": "https://osgeo-org.atlassian.net/browse/GEOT-7587", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://www.vicarius.io/vsociety/posts/geoserver-rce-cve-2024-36401", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-366xx/CVE-2024-36671.json b/CVE-2024/CVE-2024-366xx/CVE-2024-36671.json new file mode 100644 index 00000000000..f5994afd46d --- /dev/null +++ b/CVE-2024/CVE-2024-366xx/CVE-2024-36671.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2024-36671", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-29T15:15:17.027", + "lastModified": "2024-11-29T15:15:17.027", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "nodemcu before v3.0.0-release_20240225 was discovered to contain an integer overflow via the getnum function at /modules/struct.c." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/nodemcu/nodemcu-firmware/commit/193fe3593eb1537667179089535cdb7457327887#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/nodemcu/nodemcu-firmware/issues/3626", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/nodemcu/nodemcu-firmware/pull/3633", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/nodemcu/nodemcu-firmware/pull/3634", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/nodemcu/nodemcu-firmware/pull/3635", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-37xx/CVE-2024-3703.json b/CVE-2024/CVE-2024-37xx/CVE-2024-3703.json index 6a17afe5bcf..a7d80de653f 100644 --- a/CVE-2024/CVE-2024-37xx/CVE-2024-3703.json +++ b/CVE-2024/CVE-2024-37xx/CVE-2024-3703.json @@ -2,7 +2,7 @@ "id": "CVE-2024-3703", "sourceIdentifier": "contact@wpscan.com", "published": "2024-05-03T06:15:14.800", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-11-29T16:15:10.427", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,11 +15,38 @@ "value": "El complemento Carousel Slider de WordPress anterior a 2.2.10 no valida ni escapa algunas de sus opciones de diapositiva antes de devolverlas a la p\u00e1gina/publicaci\u00f3n donde est\u00e1 incrustado el c\u00f3digo abreviado de diapositiva relacionado, lo que podr\u00eda permitir a los usuarios con la funci\u00f3n de editor y superior realizar ataques de Cross-Site Scripting Almacenado" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", + "baseScore": 4.7, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, "references": [ { "url": "https://wpscan.com/vulnerability/3242b820-1da0-41ba-9f35-7be5dbc6d4b0/", "source": "contact@wpscan.com" + }, + { + "url": "https://wpscan.com/vulnerability/3242b820-1da0-41ba-9f35-7be5dbc6d4b0/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-391xx/CVE-2024-39162.json b/CVE-2024/CVE-2024-391xx/CVE-2024-39162.json index 1f7943a80a4..6ce09a9ed16 100644 --- a/CVE-2024/CVE-2024-391xx/CVE-2024-39162.json +++ b/CVE-2024/CVE-2024-391xx/CVE-2024-39162.json @@ -2,8 +2,8 @@ "id": "CVE-2024-39162", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-29T06:15:06.947", - "lastModified": "2024-11-29T06:15:06.947", - "vulnStatus": "Received", + "lastModified": "2024-11-29T15:15:17.140", + "vulnStatus": "Awaiting Analysis", "cveTags": [ { "sourceIdentifier": "cve@mitre.org", @@ -16,9 +16,48 @@ { "lang": "en", "value": "pyspider through 0.3.10 allows /update XSS. NOTE: This vulnerability only affects products that are no longer supported by the maintainer" + }, + { + "lang": "es", + "value": "Pyspider hasta la versi\u00f3n 0.3.10 permite el XSS /update. NOTA: Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://docs.pyspider.org/en/latest/", diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39460.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39460.json index ed584d0563e..440c29062c5 100644 --- a/CVE-2024/CVE-2024-394xx/CVE-2024-39460.json +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39460.json @@ -2,7 +2,7 @@ "id": "CVE-2024-39460", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2024-06-26T17:15:27.180", - "lastModified": "2024-06-27T12:47:19.847", + "lastModified": "2024-11-29T16:15:10.243", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": " El complemento Jenkins Bitbucket Branch Source 886.v44cf5e4ecec5 y anteriores imprime el token de acceso Bitbucket OAuth como parte de la URL de Bitbucket en el registro de compilaci\u00f3n en algunos casos." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2024/06/26/2", @@ -24,6 +59,14 @@ { "url": "https://www.jenkins.io/security/advisory/2024-06-26/#SECURITY-3363", "source": "jenkinsci-cert@googlegroups.com" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/06/26/2", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://www.jenkins.io/security/advisory/2024-06-26/#SECURITY-3363", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-484xx/CVE-2024-48406.json b/CVE-2024/CVE-2024-484xx/CVE-2024-48406.json new file mode 100644 index 00000000000..1f8044e15c5 --- /dev/null +++ b/CVE-2024/CVE-2024-484xx/CVE-2024-48406.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-48406", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-29T15:15:17.297", + "lastModified": "2024-11-29T15:15:17.297", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in SunBK201 umicat through v.0.3.2 and fixed in v.0.3.3 allows an attacker to execute arbitrary code via the power(uct_int_t x, uct_int_t n) in src/uct_upstream.c." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/SunBK201/umicat/issues/2", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/SunBK201/umicat/pull/3", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-486xx/CVE-2024-48651.json b/CVE-2024/CVE-2024-486xx/CVE-2024-48651.json index f71dcb123ac..c91dd1f6c60 100644 --- a/CVE-2024/CVE-2024-486xx/CVE-2024-48651.json +++ b/CVE-2024/CVE-2024-486xx/CVE-2024-48651.json @@ -2,16 +2,43 @@ "id": "CVE-2024-48651", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-29T05:15:05.963", - "lastModified": "2024-11-29T05:15:05.963", - "vulnStatus": "Received", + "lastModified": "2024-11-29T15:15:17.403", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from mod_sql." + }, + { + "lang": "es", + "value": "En ProFTPD hasta 1.3.8b antes de cec01cc, la herencia de grupo suplementario otorga acceso no deseado a GID 0 debido a la falta de grupos suplementarios de mod_sql." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "references": [ { "url": "https://github.com/proftpd/proftpd/commit/cec01cc0a2523453e5da5a486bc6d977c3768db1", diff --git a/CVE-2024/CVE-2024-523xx/CVE-2024-52338.json b/CVE-2024/CVE-2024-523xx/CVE-2024-52338.json index 6515b76b989..14e643f7884 100644 --- a/CVE-2024/CVE-2024-523xx/CVE-2024-52338.json +++ b/CVE-2024/CVE-2024-523xx/CVE-2024-52338.json @@ -2,16 +2,43 @@ "id": "CVE-2024-52338", "sourceIdentifier": "security@apache.org", "published": "2024-11-28T17:15:48.690", - "lastModified": "2024-11-28T20:15:17.490", - "vulnStatus": "Received", + "lastModified": "2024-11-29T15:15:17.550", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versions\u00a04.0.0 through 16.1.0 allows arbitrary code execution. An application is vulnerable if it \nreads Arrow IPC, Feather or Parquet data from untrusted sources (for \nexample, user-supplied input files). This vulnerability only affects the arrow R package, not other Apache Arrow \nimplementations or bindings unless those bindings are specifically used via the R package (for example, an R application that embeds a Python interpreter and uses PyArrow to read files from untrusted sources is still vulnerable if the arrow R package is an affected version). It is recommended that users of the arrow R package upgrade to 17.0.0 or later. Similarly, it\n is recommended that downstream libraries upgrade their dependency \nrequirements to arrow 17.0.0 or later. If using an affected\nversion of the package, untrusted data can read into a Table and its internal to_data_frame() method can be used as a workaround (e.g., read_parquet(..., as_data_frame = FALSE)$to_data_frame()).\n\n\nThis issue affects the Apache Arrow R package: from 4.0.0 through 16.1.0.\n\n\nUsers are recommended to upgrade to version 17.0.0, which fixes the issue." + }, + { + "lang": "es", + "value": "La deserializaci\u00f3n de datos no confiables en lectores IPC y Parquet en las versiones 4.0.0 a 16.1.0 del paquete Apache Arrow R permite la ejecuci\u00f3n de c\u00f3digo arbitrario. Una aplicaci\u00f3n es vulnerable si lee datos IPC, Feather o Parquet de Arrow de fuentes no confiables (por ejemplo, archivos de entrada proporcionados por el usuario). Esta vulnerabilidad solo afecta al paquete R arrow, no a otras implementaciones o enlaces de Apache Arrow a menos que esos enlaces se utilicen espec\u00edficamente a trav\u00e9s del paquete R (por ejemplo, una aplicaci\u00f3n R que incorpora un int\u00e9rprete de Python y utiliza PyArrow para leer archivos de fuentes no confiables sigue siendo vulnerable si el paquete R arrow es una versi\u00f3n afectada). Se recomienda que los usuarios del paquete R arrow actualicen a la versi\u00f3n 17.0.0 o posterior. De manera similar, se recomienda que las bibliotecas posteriores actualicen sus requisitos de dependencia a arrow 17.0.0 o posterior. Si se utiliza una versi\u00f3n afectada del paquete, se pueden leer datos no confiables en una tabla y se puede utilizar su m\u00e9todo interno to_data_frame() como soluci\u00f3n alternativa (por ejemplo, read_parquet(..., as_data_frame = FALSE)$to_data_frame()). Este problema afecta al paquete Apache Arrow R: desde la versi\u00f3n 4.0.0 hasta la 16.1.0. Se recomienda a los usuarios que actualicen a la versi\u00f3n 17.0.0, que soluciona el problema." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", diff --git a/CVE-2024/CVE-2024-527xx/CVE-2024-52777.json b/CVE-2024/CVE-2024-527xx/CVE-2024-52777.json new file mode 100644 index 00000000000..7c21bd5236c --- /dev/null +++ b/CVE-2024/CVE-2024-527xx/CVE-2024-52777.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-52777", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-29T16:15:10.577", + "lastModified": "2024-11-29T16:15:10.577", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L, <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/system/basic/license_update.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://ba1100n.tech/%E6%BC%8F%E6%B4%9E%E6%8A%A5%E5%91%8A/dcme-all-series-rcessix-one/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-527xx/CVE-2024-52778.json b/CVE-2024/CVE-2024-527xx/CVE-2024-52778.json new file mode 100644 index 00000000000..fbe0056f812 --- /dev/null +++ b/CVE-2024/CVE-2024-527xx/CVE-2024-52778.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-52778", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-29T16:15:10.700", + "lastModified": "2024-11-29T16:15:10.700", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/audit/newstatistics/mon_stat_hist.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://ba1100n.tech/%E6%BC%8F%E6%B4%9E%E6%8A%A5%E5%91%8A/dcme-all-series-rcessix-one/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-527xx/CVE-2024-52779.json b/CVE-2024/CVE-2024-527xx/CVE-2024-52779.json new file mode 100644 index 00000000000..13635bd71c0 --- /dev/null +++ b/CVE-2024/CVE-2024-527xx/CVE-2024-52779.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-52779", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-29T16:15:10.810", + "lastModified": "2024-11-29T16:15:10.810", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/audit/newstatistics/mon_stat_top10.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://ba1100n.tech/%E6%BC%8F%E6%B4%9E%E6%8A%A5%E5%91%8A/dcme-all-series-rcessix-one/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-527xx/CVE-2024-52780.json b/CVE-2024/CVE-2024-527xx/CVE-2024-52780.json new file mode 100644 index 00000000000..3ea0e383f6d --- /dev/null +++ b/CVE-2024/CVE-2024-527xx/CVE-2024-52780.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-52780", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-29T16:15:10.933", + "lastModified": "2024-11-29T16:15:10.933", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/system/basic/mgmt_edit.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://ba1100n.tech/%E6%BC%8F%E6%B4%9E%E6%8A%A5%E5%91%8A/dcme-all-series-rcessix-one/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-527xx/CVE-2024-52781.json b/CVE-2024/CVE-2024-527xx/CVE-2024-52781.json new file mode 100644 index 00000000000..7b37e962e1c --- /dev/null +++ b/CVE-2024/CVE-2024-527xx/CVE-2024-52781.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-52781", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-29T16:15:11.040", + "lastModified": "2024-11-29T16:15:11.040", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/system/tool/traceroute.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://ba1100n.tech/%E6%BC%8F%E6%B4%9E%E6%8A%A5%E5%91%8A/dcme-all-series-rcessix-one/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-527xx/CVE-2024-52782.json b/CVE-2024/CVE-2024-527xx/CVE-2024-52782.json new file mode 100644 index 00000000000..33e278a6884 --- /dev/null +++ b/CVE-2024/CVE-2024-527xx/CVE-2024-52782.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-52782", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-29T16:15:11.163", + "lastModified": "2024-11-29T16:15:11.163", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/audit/newstatistics/mon_stat_hist_new.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://ba1100n.tech/%E6%BC%8F%E6%B4%9E%E6%8A%A5%E5%91%8A/dcme-all-series-rcessix-one/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9474.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9474.json index afb52520ad9..977a2012af5 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9474.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9474.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9474", "sourceIdentifier": "psirt@paloaltonetworks.com", "published": "2024-11-18T16:15:29.780", - "lastModified": "2024-11-26T19:55:09.117", - "vulnStatus": "Analyzed", + "lastModified": "2024-11-29T16:15:11.400", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -211,6 +211,14 @@ "Press/Media Coverage", "Vendor Advisory" ] + }, + { + "url": "https://github.com/k4nfr3/CVE-2024-9474", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + }, + { + "url": "https://labs.watchtowr.com/pots-and-pans-aka-an-sslvpn-palo-alto-pan-os-cve-2024-0012-and-cve-2024-9474/", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/README.md b/README.md index 5f04f507f33..cca16222787 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-11-29T15:02:12.371333+00:00 +2024-11-29T17:02:10.096491+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-11-29T14:58:56.110000+00:00 +2024-11-29T16:56:17.683000+00:00 ``` ### Last Data Feed Release @@ -33,46 +33,52 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -271656 +271664 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `8` -- [CVE-2024-11990](CVE-2024/CVE-2024-119xx/CVE-2024-11990.json) (`2024-11-29T13:15:04.170`) -- [CVE-2024-11992](CVE-2024/CVE-2024-119xx/CVE-2024-11992.json) (`2024-11-29T13:15:05.210`) +- [CVE-2024-36671](CVE-2024/CVE-2024-366xx/CVE-2024-36671.json) (`2024-11-29T15:15:17.027`) +- [CVE-2024-48406](CVE-2024/CVE-2024-484xx/CVE-2024-48406.json) (`2024-11-29T15:15:17.297`) +- [CVE-2024-52777](CVE-2024/CVE-2024-527xx/CVE-2024-52777.json) (`2024-11-29T16:15:10.577`) +- [CVE-2024-52778](CVE-2024/CVE-2024-527xx/CVE-2024-52778.json) (`2024-11-29T16:15:10.700`) +- [CVE-2024-52779](CVE-2024/CVE-2024-527xx/CVE-2024-52779.json) (`2024-11-29T16:15:10.810`) +- [CVE-2024-52780](CVE-2024/CVE-2024-527xx/CVE-2024-52780.json) (`2024-11-29T16:15:10.933`) +- [CVE-2024-52781](CVE-2024/CVE-2024-527xx/CVE-2024-52781.json) (`2024-11-29T16:15:11.040`) +- [CVE-2024-52782](CVE-2024/CVE-2024-527xx/CVE-2024-52782.json) (`2024-11-29T16:15:11.163`) ### CVEs modified in the last Commit -Recently modified CVEs: `25` +Recently modified CVEs: `49` -- [CVE-2023-41061](CVE-2023/CVE-2023-410xx/CVE-2023-41061.json) (`2024-11-29T14:27:09.157`) -- [CVE-2023-41064](CVE-2023/CVE-2023-410xx/CVE-2023-41064.json) (`2024-11-29T14:30:06.457`) -- [CVE-2023-41179](CVE-2023/CVE-2023-411xx/CVE-2023-41179.json) (`2024-11-29T14:33:04.283`) -- [CVE-2023-41265](CVE-2023/CVE-2023-412xx/CVE-2023-41265.json) (`2024-11-29T14:35:25.510`) -- [CVE-2023-41266](CVE-2023/CVE-2023-412xx/CVE-2023-41266.json) (`2024-11-29T14:36:05.433`) -- [CVE-2023-41763](CVE-2023/CVE-2023-417xx/CVE-2023-41763.json) (`2024-11-29T14:36:59.690`) -- [CVE-2023-41990](CVE-2023/CVE-2023-419xx/CVE-2023-41990.json) (`2024-11-29T14:39:00.893`) -- [CVE-2023-41991](CVE-2023/CVE-2023-419xx/CVE-2023-41991.json) (`2024-11-29T14:41:00.430`) -- [CVE-2023-41992](CVE-2023/CVE-2023-419xx/CVE-2023-41992.json) (`2024-11-29T14:41:50.523`) -- [CVE-2023-41993](CVE-2023/CVE-2023-419xx/CVE-2023-41993.json) (`2024-11-29T14:43:20.857`) -- [CVE-2023-4211](CVE-2023/CVE-2023-42xx/CVE-2023-4211.json) (`2024-11-29T14:45:13.110`) -- [CVE-2023-42793](CVE-2023/CVE-2023-427xx/CVE-2023-42793.json) (`2024-11-29T14:47:58.587`) -- [CVE-2023-42824](CVE-2023/CVE-2023-428xx/CVE-2023-42824.json) (`2024-11-29T14:58:56.110`) -- [CVE-2024-20927](CVE-2024/CVE-2024-209xx/CVE-2024-20927.json) (`2024-11-29T14:08:26.950`) -- [CVE-2024-20931](CVE-2024/CVE-2024-209xx/CVE-2024-20931.json) (`2024-11-29T14:08:24.607`) -- [CVE-2024-20937](CVE-2024/CVE-2024-209xx/CVE-2024-20937.json) (`2024-11-29T14:08:17.250`) -- [CVE-2024-20939](CVE-2024/CVE-2024-209xx/CVE-2024-20939.json) (`2024-11-29T14:08:10.783`) -- [CVE-2024-20947](CVE-2024/CVE-2024-209xx/CVE-2024-20947.json) (`2024-11-29T14:08:04.547`) -- [CVE-2024-20951](CVE-2024/CVE-2024-209xx/CVE-2024-20951.json) (`2024-11-29T14:07:57.480`) -- [CVE-2024-20953](CVE-2024/CVE-2024-209xx/CVE-2024-20953.json) (`2024-11-29T14:07:16.767`) -- [CVE-2024-20960](CVE-2024/CVE-2024-209xx/CVE-2024-20960.json) (`2024-11-29T14:06:46.623`) -- [CVE-2024-20962](CVE-2024/CVE-2024-209xx/CVE-2024-20962.json) (`2024-11-29T14:06:30.670`) -- [CVE-2024-20964](CVE-2024/CVE-2024-209xx/CVE-2024-20964.json) (`2024-11-29T14:06:13.857`) -- [CVE-2024-20970](CVE-2024/CVE-2024-209xx/CVE-2024-20970.json) (`2024-11-29T14:05:47.220`) -- [CVE-2024-53604](CVE-2024/CVE-2024-536xx/CVE-2024-53604.json) (`2024-11-29T14:15:05.893`) +- [CVE-2024-23222](CVE-2024/CVE-2024-232xx/CVE-2024-23222.json) (`2024-11-29T15:05:53.577`) +- [CVE-2024-26169](CVE-2024/CVE-2024-261xx/CVE-2024-26169.json) (`2024-11-29T16:24:31.767`) +- [CVE-2024-27198](CVE-2024/CVE-2024-271xx/CVE-2024-27198.json) (`2024-11-29T16:25:32.523`) +- [CVE-2024-27896](CVE-2024/CVE-2024-278xx/CVE-2024-27896.json) (`2024-11-29T15:15:16.833`) +- [CVE-2024-28987](CVE-2024/CVE-2024-289xx/CVE-2024-28987.json) (`2024-11-29T16:34:47.650`) +- [CVE-2024-28995](CVE-2024/CVE-2024-289xx/CVE-2024-28995.json) (`2024-11-29T16:35:14.907`) +- [CVE-2024-29745](CVE-2024/CVE-2024-297xx/CVE-2024-29745.json) (`2024-11-29T16:36:23.337`) +- [CVE-2024-29748](CVE-2024/CVE-2024-297xx/CVE-2024-29748.json) (`2024-11-29T16:39:20.167`) +- [CVE-2024-29824](CVE-2024/CVE-2024-298xx/CVE-2024-29824.json) (`2024-11-29T16:45:04.187`) +- [CVE-2024-29988](CVE-2024/CVE-2024-299xx/CVE-2024-29988.json) (`2024-11-29T16:28:51.757`) +- [CVE-2024-30040](CVE-2024/CVE-2024-300xx/CVE-2024-30040.json) (`2024-11-29T15:41:55.210`) +- [CVE-2024-30051](CVE-2024/CVE-2024-300xx/CVE-2024-30051.json) (`2024-11-29T16:31:39.730`) +- [CVE-2024-30088](CVE-2024/CVE-2024-300xx/CVE-2024-30088.json) (`2024-11-29T15:44:17.180`) +- [CVE-2024-3272](CVE-2024/CVE-2024-32xx/CVE-2024-3272.json) (`2024-11-29T16:45:43.063`) +- [CVE-2024-3273](CVE-2024/CVE-2024-32xx/CVE-2024-3273.json) (`2024-11-29T16:45:55.877`) +- [CVE-2024-32896](CVE-2024/CVE-2024-328xx/CVE-2024-32896.json) (`2024-11-29T16:43:34.323`) +- [CVE-2024-3400](CVE-2024/CVE-2024-34xx/CVE-2024-3400.json) (`2024-11-29T16:47:54.893`) +- [CVE-2024-34102](CVE-2024/CVE-2024-341xx/CVE-2024-34102.json) (`2024-11-29T15:33:14.280`) +- [CVE-2024-36401](CVE-2024/CVE-2024-364xx/CVE-2024-36401.json) (`2024-11-29T15:32:24.923`) +- [CVE-2024-3703](CVE-2024/CVE-2024-37xx/CVE-2024-3703.json) (`2024-11-29T16:15:10.427`) +- [CVE-2024-39162](CVE-2024/CVE-2024-391xx/CVE-2024-39162.json) (`2024-11-29T15:15:17.140`) +- [CVE-2024-39460](CVE-2024/CVE-2024-394xx/CVE-2024-39460.json) (`2024-11-29T16:15:10.243`) +- [CVE-2024-48651](CVE-2024/CVE-2024-486xx/CVE-2024-48651.json) (`2024-11-29T15:15:17.403`) +- [CVE-2024-52338](CVE-2024/CVE-2024-523xx/CVE-2024-52338.json) (`2024-11-29T15:15:17.550`) +- [CVE-2024-9474](CVE-2024/CVE-2024-94xx/CVE-2024-9474.json) (`2024-11-29T16:15:11.400`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 01b224f58cf..5020796969e 100644 --- a/_state.csv +++ b/_state.csv @@ -228696,7 +228696,7 @@ CVE-2023-37537,0,0,668cc4ef2c3bedcb9b7aa5291e0f510eb017eaeea4f2121c576d9316ffa36 CVE-2023-37538,0,0,f5df475d23358809f10f5b875f0df5f89b50359fff9cbc4fc2e3d043623902e2,2023-10-18T16:40:26.580000 CVE-2023-37539,0,0,f5ad991a7235d53d7ad3dfd48814d5d4b1c8314c1332f15b8949db201edbc6d7,2024-08-01T13:44:11.527000 CVE-2023-3754,0,0,d95c87403c07b6b3b86b9c0ce13879a940a365f1d4e03f0ab922c08265afefbd,2024-05-17T02:27:45.643000 -CVE-2023-37540,0,0,962bbe0cfc5a67c187be958196b7a18f4ae64844343b376ce6821aabeb2da944,2024-02-23T16:14:43.447000 +CVE-2023-37540,0,1,3c6799f76c6051093c99b54f7df7198740dc5d7484c7d9fda8e53d1a8134262c,2024-11-29T16:15:07.357000 CVE-2023-37541,0,0,6314f70ea3d9ed9df64f396a902819101f3cf8e0c36275d42758ab7df7d6185c,2024-06-25T18:50:42.040000 CVE-2023-37543,0,0,725b194c57cc36b9b958a79e78d335626e39636733ba9253aa7b3edf77aab077,2023-11-07T04:16:58.957000 CVE-2023-37544,0,0,be411b7aaf2a8d51708bc9f23f79c099a87d1c9164eb33fd538220f2ef291f90,2024-01-04T18:52:01.020000 @@ -231517,9 +231517,9 @@ CVE-2023-41057,0,0,bab22b4c8afa9e49b979b455aeef838024e3305529d6f05392f3b68684df1 CVE-2023-41058,0,0,5361709366f7219ffddcf198478b5fe6d0bc60edc2cfeb2ab2b0ed0601727b0f,2023-09-08T17:17:55.097000 CVE-2023-4106,0,0,24d2949fff527e2d16cc4628627476a765e8dcc51764fc08fd4393353c38ee6f,2023-08-15T20:37:02.983000 CVE-2023-41060,0,0,9702b0dfd9a74cff99a7e4397056828f1dbf61a23e79392d4016e52dc88bb679,2024-01-16T23:51:58.007000 -CVE-2023-41061,0,1,51f7d5bec3db4b4922f90bd9e41c0b71fc7a7ea6b11425d8b5b9bd5abb61bf60,2024-11-29T14:27:09.157000 +CVE-2023-41061,0,0,51f7d5bec3db4b4922f90bd9e41c0b71fc7a7ea6b11425d8b5b9bd5abb61bf60,2024-11-29T14:27:09.157000 CVE-2023-41063,0,0,c3643ae8e22869ffbfb42dc76a7b37773a84dff9955486c484b71eb1c7b3c401,2023-11-07T04:20:51.513000 -CVE-2023-41064,0,1,72ac17b802b429a251f9356e21d9f3dc3e530be183aad4a4617d0e83003920f9,2024-11-29T14:30:06.457000 +CVE-2023-41064,0,0,72ac17b802b429a251f9356e21d9f3dc3e530be183aad4a4617d0e83003920f9,2024-11-29T14:30:06.457000 CVE-2023-41065,0,0,3844631e47b306668712679b0263762e583cb63ef13169ce96506fd6a4552365,2023-10-12T02:35:43.833000 CVE-2023-41066,0,0,5eef01852f4e878837de2f30d07b8858d40bdedf1174d438b11baf691c85655d,2023-10-12T02:36:20.743000 CVE-2023-41067,0,0,7d4cf40b0a0f19bbb046a2516a19287ea9c976dfff5c542cc05c309eddde99a5,2023-10-12T02:37:44.647000 @@ -231631,7 +231631,7 @@ CVE-2023-41175,0,0,cb65543453f121349d5cfbc0b570e4d3e43da4a0cb71aa166cae8accaf974 CVE-2023-41176,0,0,735a0bc0e4dcb12596e8399bf2bb3db1e454d6b0ecbf729493e45efd006cfa90,2024-01-29T17:36:19.543000 CVE-2023-41177,0,0,85d92f4605d3211cf1bde63a5199a5251834ff7f9b179a06c1231042c732c91a,2024-01-29T17:36:01.880000 CVE-2023-41178,0,0,ae4285b4cb6a4ba4be6bd1f532eeda2be8bd03382dfa154527e14597a8ca5649,2024-01-29T17:35:46.797000 -CVE-2023-41179,0,1,c7cace5ed1ea13e5a6801113691df6e1b50b293e61d00883a368ffad506f41d3,2024-11-29T14:33:04.283000 +CVE-2023-41179,0,0,c7cace5ed1ea13e5a6801113691df6e1b50b293e61d00883a368ffad506f41d3,2024-11-29T14:33:04.283000 CVE-2023-4118,0,0,49c8fd5dcf6c9d8b3d7fdb70da024ff5326d11c7e410f78e141b30dbfc95b82d,2024-05-17T02:31:20.433000 CVE-2023-41180,0,0,1b43d9ebf796521501b25c4d1df423a5fa172bc47aa4e768647fe9d6437306b7,2023-09-08T17:15:34.357000 CVE-2023-41181,0,0,ce8d7f4f3537484fb37642fb235ff955f751e8845ab8f79a0432507c247ddc49,2024-05-03T12:49:24.027000 @@ -231721,8 +231721,8 @@ CVE-2023-41261,0,0,c86ec737c54286565878c0093ce9504e1fada31e29d26dee85c4e63bc1886 CVE-2023-41262,0,0,cfb0f64cf093138f784d94aa803de4c5937e23efd43dcd1055a31ba029128054,2023-10-16T18:17:04.240000 CVE-2023-41263,0,0,094720288d882b16bce74f8a3c21bbb4ef8d8223e12c5536de0e0c5d491cc3b8,2023-10-16T18:24:04.600000 CVE-2023-41264,0,0,19205e4dffccea5e89e823528cc534a6b2151c280f40f347026790eb8dc01744,2024-08-01T13:44:37.760000 -CVE-2023-41265,0,1,bb2138f2214c8e72623fa6ca513e660877ec54ed094533e914924468baf0f94c,2024-11-29T14:35:25.510000 -CVE-2023-41266,0,1,c86e4306e4eacd41ea5d4377bfbb4d5a11e744a082f8575a5becea5475dc942a,2024-11-29T14:36:05.433000 +CVE-2023-41265,0,0,bb2138f2214c8e72623fa6ca513e660877ec54ed094533e914924468baf0f94c,2024-11-29T14:35:25.510000 +CVE-2023-41266,0,0,c86e4306e4eacd41ea5d4377bfbb4d5a11e744a082f8575a5becea5475dc942a,2024-11-29T14:36:05.433000 CVE-2023-41267,0,0,a1382ab5a18055ea77cc3bd8c6478550b3b378148502ceeaa996746670b95a29,2023-09-19T17:52:38.127000 CVE-2023-41268,0,0,b6c6c250c7c77a67e446a0973ec3e843e8d604b546d93d0f28cef79aa11dbb2c,2023-12-14T10:15:07.723000 CVE-2023-41269,0,0,6d072f604858b44ae84c99955b842360c54cc3283d637a4e83b9c4ccf3c17bba,2023-11-07T04:20:57.590000 @@ -232040,7 +232040,7 @@ CVE-2023-41750,0,0,d02f4ee1be58d164e65e56049cc3f5815d573c373afe606c2f11c7adc3c96 CVE-2023-41751,0,0,beadcfe323255203288f2fda677bf530a53791df90642a6a7316f870167fb0b2,2023-09-06T20:45:46.590000 CVE-2023-41752,0,0,9fd1e14a7781be567a98338c46146fdc81b4edf7aa2cdb5c04383214708fcf95,2023-11-06T03:15:12.027000 CVE-2023-4176,0,0,5b764b7fc9cf5cf137e73c9f11a2858451173ac93abf27a6feafe012a2134de8,2024-05-17T02:31:24.177000 -CVE-2023-41763,0,1,eddfe062202454b6ba760a4a553ce657032e047b5b9510ce3b5f9ce7a6ad3d6c,2024-11-29T14:36:59.690000 +CVE-2023-41763,0,0,eddfe062202454b6ba760a4a553ce657032e047b5b9510ce3b5f9ce7a6ad3d6c,2024-11-29T14:36:59.690000 CVE-2023-41764,0,0,6b49617adb8212e2520566711d697a8e71a66ca509df33175fb841e5160b5139,2024-05-29T03:16:07.710000 CVE-2023-41765,0,0,88d6951cbe758f32ac34e706f819286e0120dc614560901992c53584f455021d,2024-05-29T02:16:30.230000 CVE-2023-41766,0,0,b765881357a0038a0f2a7c7ef9c2172957a9e1733d9d08347774db91e4d88b28,2024-05-29T02:16:30.380000 @@ -232252,10 +232252,10 @@ CVE-2023-41987,0,0,be75c78d1854c13942da9ec99a874e5d9d92126e8d2b45f4b961f9abf8aed CVE-2023-41988,0,0,d5c0cfdead9e8e0e375f7814161638c832d9fc92829326cc119f2f0772ddc264,2024-09-10T15:35:02.160000 CVE-2023-41989,0,0,15f79255385af8fb2c8a30eb63e3493891c5848369d603df8b11d0b204f7007c,2024-07-17T02:15:09.923000 CVE-2023-4199,0,0,a8ea3fa4d5e12ff9268e1923814442991e8e8fd68b876f0d3acd52313915f0a2,2024-05-17T02:31:25.960000 -CVE-2023-41990,0,1,a54b5680f267aa187518a44533cffb59647b3d00addec1efd53a07ee9ddd3ad3,2024-11-29T14:39:00.893000 -CVE-2023-41991,0,1,2fb2880aa40074b032d65ce6ac7506e6365b0b65aed846b5628a9026a23a0ffb,2024-11-29T14:41:00.430000 -CVE-2023-41992,0,1,9944f25da860c7fc53365c19a76d53290f304dd150b6360220b5f639ea3be66c,2024-11-29T14:41:50.523000 -CVE-2023-41993,0,1,bd48d882a96810dfe23f61a5030d88b925d2e7f1533943705b9c74ec2cca8319,2024-11-29T14:43:20.857000 +CVE-2023-41990,0,0,a54b5680f267aa187518a44533cffb59647b3d00addec1efd53a07ee9ddd3ad3,2024-11-29T14:39:00.893000 +CVE-2023-41991,0,0,2fb2880aa40074b032d65ce6ac7506e6365b0b65aed846b5628a9026a23a0ffb,2024-11-29T14:41:00.430000 +CVE-2023-41992,0,0,9944f25da860c7fc53365c19a76d53290f304dd150b6360220b5f639ea3be66c,2024-11-29T14:41:50.523000 +CVE-2023-41993,0,0,bd48d882a96810dfe23f61a5030d88b925d2e7f1533943705b9c74ec2cca8319,2024-11-29T14:43:20.857000 CVE-2023-41994,0,0,fca2a76e701117262f4c394231cf47cb35835d15def47d1f0c93b1a0a162e64c,2024-01-12T14:42:23.890000 CVE-2023-41995,0,0,bff330b3ab2b16e5b7044964878608991bc296d9a7ca0fe23d41cea3d93ae8cd,2023-12-22T16:15:29.073000 CVE-2023-41996,0,0,bd95150c944007b324f1eb54aa2850f1293c1f3f23e462b6f5c192d3b6c5905a,2023-12-22T22:15:07.727000 @@ -232368,7 +232368,7 @@ CVE-2023-42106,0,0,04119732d8e9cabe6bf0270dac3d3ed32bfe30a0fba33d596b1a7bd65599f CVE-2023-42107,0,0,a4adbaaeab3fefca6245959e839e2b67be11a518b16c07b1ebf3f23829399e55,2024-05-03T12:49:24.027000 CVE-2023-42108,0,0,18e7b31bdcaea0a7da9f0b7482270042258b9a24fc3ccb610a882c24a3878383,2024-05-03T12:49:24.027000 CVE-2023-42109,0,0,c1e2f418e4e99f76e654703becc2c8ccda557cd163f51ea3b27a0fd9415a9f6c,2024-05-03T12:49:24.027000 -CVE-2023-4211,0,1,b1ab19d481207a1938f55802fe0297e4d7e538bbeec739b39f34049d12926b89,2024-11-29T14:45:13.110000 +CVE-2023-4211,0,0,b1ab19d481207a1938f55802fe0297e4d7e538bbeec739b39f34049d12926b89,2024-11-29T14:45:13.110000 CVE-2023-42110,0,0,fe297725a6b457386e3e1219b4e84eca5fa5c8d7873be61568c00950c3e73369,2024-05-03T12:49:24.027000 CVE-2023-42111,0,0,9de2b9991998b0aab77d9be306f08eaab3879d8a480818c36d810baddf0bf36e,2024-05-03T12:49:24.027000 CVE-2023-42112,0,0,60b430bfd4c7527b55f39e38a78e3d4afcdc6c5ef1dafa2b4c60d257e6a5e0d5,2024-05-03T12:49:24.027000 @@ -232806,7 +232806,7 @@ CVE-2023-4279,0,0,e2f1e8efe1c145f679a270d20b9a75a5446ae32b314d3f169d104c00c78b00 CVE-2023-42790,0,0,7a2637c75ef726e177f905de28e0570dcbdbfb2ebfb92a7620f5626c521a5d83,2024-03-19T08:15:06.147000 CVE-2023-42791,0,0,52ddca3028e0cbc39c03eb320ade720795bae5d5b73ad5f85620f16affbe8223,2024-02-20T19:50:53.960000 CVE-2023-42792,0,0,368d74491184590cc71bf579bc53d6ab21c1d3bd6e6ef5954109709cd2182e67,2023-12-21T15:15:08.710000 -CVE-2023-42793,0,1,bece86b4120d15fedf0acf5f4479e37a47464d567754426ab2b23acf64a99730,2024-11-29T14:47:58.587000 +CVE-2023-42793,0,0,bece86b4120d15fedf0acf5f4479e37a47464d567754426ab2b23acf64a99730,2024-11-29T14:47:58.587000 CVE-2023-42794,0,0,f62802925383693b5ced4ca352650dc67ac5f3e81350554fe6b9bbd9a0bef7ff,2023-12-11T18:23:56.740000 CVE-2023-42795,0,0,5f62c11db2f75296657d4890a44b58f915d57153a6b6ce33f03ac3e107be7db8,2023-11-04T06:15:51.963000 CVE-2023-42796,0,0,5cfb091fe1dbe6507a85154ef5245e6811b2df11a098a4cde7edf2a9af6af16e,2023-10-16T18:36:54.670000 @@ -232840,7 +232840,7 @@ CVE-2023-42820,0,0,4f4a424580624de974093ce23efe959ca821d9a703013ffd027ed0f76cbf6 CVE-2023-42821,0,0,66f6aadae2a34eeac865f857102bc3b26a5c60b6e36f3488d9988d4daf35e5af,2023-09-26T14:59:06.790000 CVE-2023-42822,0,0,8190ac9dadae4e7d4fa3ad2550ce9d236b8884c40ebd4e9f3eb483d3c568be1d,2023-11-03T21:15:16.230000 CVE-2023-42823,0,0,db1fd6995028860cfdc29311d82aa77ca995032e2e43b4369365896bb8231790,2024-11-04T17:35:04.180000 -CVE-2023-42824,0,1,fbab300b421eef9746a3064fce9bc8b6eeaaf600e6642ec0d3b5a6981e34e19e,2024-11-29T14:58:56.110000 +CVE-2023-42824,0,0,fbab300b421eef9746a3064fce9bc8b6eeaaf600e6642ec0d3b5a6981e34e19e,2024-11-29T14:58:56.110000 CVE-2023-42826,0,0,c7e4ad3cd8aa997f54826518199738e903ac4af1c487d59e3b2d8e98f8642331,2024-01-12T14:42:28.700000 CVE-2023-42828,0,0,e2f1754bcff1d34297cb8e4955796ced60cae334d5c978995cc13802654d392a,2024-01-17T21:22:41.863000 CVE-2023-42829,0,0,eb585b02e6e91680228dd0894a68815d9c213d80aa9c42744e2f9ee94fe3dcd5,2024-01-17T21:14:33.897000 @@ -232924,7 +232924,7 @@ CVE-2023-42912,0,0,4f59851d28667e2dcf76c61193d2449cebacb999e6c4b97aea2d2ae6e7293 CVE-2023-42913,0,0,1e3bf24022dad83b877c25c3f1c7b8d64d690a46660a40be6b61c31bc8370e63,2024-08-01T15:35:03.843000 CVE-2023-42914,0,0,f5f29cd9efb0b6e902e417bba37ba297b7c917356de5179adf80ab896d374326,2023-12-14T14:54:10.347000 CVE-2023-42915,0,0,a491c801967ea665e6a1e7894d12e52fc0e3bc74c17c4ea7b2e5a98e97053fd8,2024-02-14T03:15:13.210000 -CVE-2023-42916,0,0,7443a4831c61476236fe3a701818a7ff545b608de742ac7095465f4f20c45304,2024-08-14T19:56:50.687000 +CVE-2023-42916,0,1,c4f2d6fad88b2ab94029c8171644207bc7bb425f096dc8185d78b52adf2970af,2024-11-29T15:03:51.967000 CVE-2023-42917,0,0,15549d591e10c4a0f8e1ae1b9de5e6d4081ffb5c46b1b7c185d2789ea21a2acb,2024-06-26T20:01:23.280000 CVE-2023-42918,0,0,e7908c8ff0df70036d83a2992880cac479113ceab891ae7f56021128a2de4e5a,2024-08-01T13:44:48.283000 CVE-2023-42919,0,0,f9a3b1dae89bc9cf392d1cf8dea65cc44606d99a0ff0603d430f6ace7681b3a7,2023-12-14T14:08:16.317000 @@ -234931,7 +234931,7 @@ CVE-2023-46048,0,0,fdc0cbd47578c151a3373264bac42e14fbe5938d1d4d2542c8c29ee6e1717 CVE-2023-46049,0,0,8e6f7b6c7a7eac9ea78c6ce3bd00ffa3c645397b30e7e0d1d00f973f47c0bc45,2024-11-06T22:35:01.887000 CVE-2023-4605,0,0,4ca1198891ef7f19a4427afe916541ae6cc98eedaf95349b4181266b8438d380,2024-04-08T18:49:25.863000 CVE-2023-46050,0,0,87b655fafc2924f1174e71a2efa862ed9e13b897c527143d58a0e534f2058a50,2024-01-29T09:15:42.640000 -CVE-2023-46051,0,0,2eb4bb56bef8fa961b472990c5ab8fe369fd9c4072f6f002726f3dd2b9de96c0,2024-08-02T21:15:49.273000 +CVE-2023-46051,0,1,82b7bf6b84405e7def65ebe1d7b65bf87d15e0730eb2f99a1de272649d0a8475,2024-11-29T15:15:15.547000 CVE-2023-46052,0,0,4e078c22bac3ce5941bf4400589b8cd965ff95e48cc8367d245d7cdf8e9c48e7,2024-08-02T21:15:49.347000 CVE-2023-46054,0,0,8f2f31414fd7c4be56c3692a657c1905d7c96814e14954efe8cb73f16a2e674d,2023-10-27T19:35:22.627000 CVE-2023-46055,0,0,eed1989a9e887681dad2fc9115cca2cb2034eb2154846bf584d334c3659f8c7c,2024-09-17T02:35:32.393000 @@ -237311,7 +237311,7 @@ CVE-2023-49246,0,0,6c0b170be9a238612de3ef4d9b208d0eb597a5e98065d60d2e7efe6053be3 CVE-2023-49247,0,0,3907b313d62d4c6fd2c5b0edbcabb2bd13a7d33c2c394448887732ab59d25026,2023-12-12T17:19:24.277000 CVE-2023-49248,0,0,f81b0f41674af51303a6ade10a2c47b7a789998f67a87969c2471092e36b00a4,2023-12-12T15:29:11.907000 CVE-2023-4925,0,0,56749f7b5817ae08d916077de1f8679e56446fbf094dc50f9f0b47a3ec6bb2f1,2024-01-19T17:53:08.507000 -CVE-2023-49250,0,0,43b5b29f5e83b0117ddd5343605ecfc6aa68b10832fc318f27fe833fd166784b,2024-02-20T19:50:53.960000 +CVE-2023-49250,0,1,0ede21553fc1ace33e371fea26c1e553e49682046b56082d91f4e4dc15a8e0c5,2024-11-29T16:15:07.953000 CVE-2023-49251,0,0,a3d936d2861f4e18a9a33d155c964c0356b238e19d0bc4f995019f4a92a1682c,2024-01-12T15:37:49.740000 CVE-2023-49252,0,0,6696676ea138bbbe3898a0462d8349d55e4aa53c82758205c6683cad9207ac1c,2024-01-11T22:43:37.097000 CVE-2023-49253,0,0,39190be26437367f0cb128dcd19588699a00c78d11d0cabd94b801e94a74f9b6,2024-01-18T21:14:22.820000 @@ -241766,7 +241766,7 @@ CVE-2024-0008,0,0,899bae3dea0b6932a6d046356f47764b32f025595d0eef60d8e0e433b2b040 CVE-2024-0009,0,0,31a37345511ab8f9e782cdcb9d09dfe3dad4751b5c25ab7a9b1c5c74d0c64c05,2024-02-15T06:23:39.303000 CVE-2024-0010,0,0,0619a8beffc460e406861d5436887a98d4820a4ca409aea20f604a00879fcec0,2024-02-15T06:23:39.303000 CVE-2024-0011,0,0,871bd2790e1644ed9a3dece6c89b7131ea036c72c23f82726bf2a5f6003f50ac,2024-02-15T06:23:39.303000 -CVE-2024-0012,0,0,a829f0a1b8deec54ca601ead0c28902fa355408a33946fb830573636d19968e5,2024-11-24T15:15:05.860000 +CVE-2024-0012,0,1,39c96b315f311cf70d7acce2e03df6f2da2b13764db334539ea5108a55d95b48,2024-11-29T16:15:08.167000 CVE-2024-0014,0,0,57b1d977bcf36a4089ab5ef9c9905bf2b69a9e66b00e8c3e91bd20eccc0f8b75,2024-08-26T18:35:03.770000 CVE-2024-0015,0,0,00e8b369d8c884be684dc161c3d8d59320e06337f56989191711b768cfe02c9b,2024-08-28T17:35:03.353000 CVE-2024-0016,0,0,07b99aa38f7f021ca30f24587ae8679400297ca98f5e8da8ccc928cbae430ba9,2024-10-31T15:35:18.640000 @@ -243023,7 +243023,7 @@ CVE-2024-10469,0,0,c023e9dfb8e38961747979c6b3a11e6b64f49a167ced1df26b660ad57b7e9 CVE-2024-1047,0,0,9e4259d94ff11bf1ad41662d7bc4dfa8d24742c305a04d1b6bfc3e99b49e569b,2024-02-08T14:20:23.387000 CVE-2024-10470,0,0,a1e42a94b1ab92bb172948d5f556160411eda471cfe55f94496fa89ac969feb5,2024-11-12T13:56:24.513000 CVE-2024-10471,0,0,d1c180c529acd20cd017f3e0d3c15fe3f7bcc638f11e57cff67c3025b9d73e9f,2024-11-26T15:15:31.083000 -CVE-2024-10473,0,0,277a828d77e89bec3073325994eb4210947015983bae08c54605e4c111af1ee6,2024-11-28T06:15:07.697000 +CVE-2024-10473,0,1,bf3c1f751720194f350ca93367122168de420fe2ef48da8c20175d99c985532f,2024-11-29T16:15:08.390000 CVE-2024-10474,0,0,e927def1f3fd2126e99e660d96adf5a931edb32585de89bb5c57d9d2e8d1c817,2024-11-04T13:34:48.513000 CVE-2024-10477,0,0,ec5d3377a9eba885093e83f0ffc2c5214a9fc83d05d2bcf419cfa0429899b307,2024-10-29T14:34:04.427000 CVE-2024-10478,0,0,a63bf38a8bfa46322ffe79a3260a2e62e4168a517fb088dc75202387c0a46091,2024-10-29T14:34:04.427000 @@ -243035,7 +243035,7 @@ CVE-2024-10488,0,0,045961a4da52daca0a2cd9eefa7cb2efdc030f8f660cedb82c9b820a312a0 CVE-2024-1049,0,0,bd86fa3ef2f3a9c880f8a662bf41f8b013cc8d0ec2ff1efa897f3a7402b5b977,2024-03-25T01:51:01.223000 CVE-2024-10491,0,0,e248bde85b2f7fd1287809048c400717455f435ea164b73bd377fe9febeb3eb0,2024-11-06T23:08:49.780000 CVE-2024-10492,0,0,a604e2796b006c65216b1c0eacba3562048fb386350f20f059e5d64c58a4853f,2024-11-25T08:15:08.453000 -CVE-2024-10493,0,0,b0f5827bcb7bc7c112ff633796a73063aec3f85c72c3a29870bbaf850e715557,2024-11-28T06:15:08.017000 +CVE-2024-10493,0,1,8b36ab5511eb3bbf88fe3b986fb9a2e12d56937db7b6e071f13b5eb806dc7131,2024-11-29T16:15:08.583000 CVE-2024-1050,0,0,f9f89980ca3ef0ce2f5e1044207260b8a92a6effafa867ba6315fdcbfcd0b749,2024-05-06T12:44:56.377000 CVE-2024-10500,0,0,bddae50bc804155e5161a5d251f766fa5e94cb4ca0f1c821cd5c6c71919d4e5d,2024-11-05T21:02:30.333000 CVE-2024-10501,0,0,e92a1c96016022d8025ef3fd666c6c9af09cbae079cb6d8e90c401d3e79e1def,2024-11-06T17:20:32.857000 @@ -243047,7 +243047,7 @@ CVE-2024-10507,0,0,f18494a65f96198598cd9275318405539a3d8636ddbe0a37967ba2288eae0 CVE-2024-10508,0,0,af9f95e5d7d630b3cf33e7ae9f2d3118be1f7da09e31e6491ee65e4e58c1137c,2024-11-12T13:56:24.513000 CVE-2024-10509,0,0,a9d05e50f1563ceed5339878fa8c2329eea9e28284f4c0c86984d14b77803f94,2024-11-01T20:52:15.573000 CVE-2024-1051,0,0,301df872c002365b13eaea34d02a8084366516306d472e0b862c9b6067f5d33d,2024-04-01T01:12:59.077000 -CVE-2024-10510,0,0,f5c1e49b2aad1004ba780cb86cdaec39812f990d0efd1d03a8ee48498b01da12,2024-11-28T06:15:08.120000 +CVE-2024-10510,0,1,1a1b225dc371f891ed5076d52ce3977c9397cc1b9a9aecca92726347c481951f,2024-11-29T16:15:08.733000 CVE-2024-10515,0,0,907400a34dad51b072b2c37123f6c966421eb7a65eb80907a16cb7d23ffaf400,2024-11-20T16:35:17.020000 CVE-2024-10519,0,0,764e527fb6f6b94c2143fe0825f329c8a5cf4ea95dfe91426d264d50631dfd38,2024-11-23T10:15:03.600000 CVE-2024-1052,0,0,2826dc83bebd9032f48348a63ffd25025c2a6126abd483892ed79004a77aef0f,2024-02-15T18:49:40.180000 @@ -243176,7 +243176,7 @@ CVE-2024-1070,0,0,945eeccf4f5ba232f5b58cbe0a0fb277520149997c332f988c0ef3d652aa0c CVE-2024-10700,0,0,31233b8d64f3c9c8e4fb3c67b64a1725548271e95821d774cfaec82689cc694a,2024-11-05T20:15:39.427000 CVE-2024-10701,0,0,53baafb789e17d3adca0638e17c429a583b20f9faed929ac230c13977cad3370,2024-11-05T16:52:44.937000 CVE-2024-10702,0,0,1494650cf24141bf55e997b208eb307166b880baeab6c7ba81f17c35396d74f0,2024-11-05T16:52:11.193000 -CVE-2024-10704,0,0,02bdacae02c905bf49a2823498b57bd1219a15f644714ed66dce8fef3a667f75,2024-11-29T06:15:06.423000 +CVE-2024-10704,0,1,ba32dc9400bcf601c7de3ed1f96e389b9876b8709121dc8baeae8e0502050909,2024-11-29T15:15:15.777000 CVE-2024-10709,0,0,8495777014ebdd1f62f037e2e2ca6d83df0925466fbc2abfccb8e053fc8a7cf4,2024-11-25T21:15:08.837000 CVE-2024-1071,0,0,203dd69d50b387b330a57560d4e66e827311506680b4f1e4c4b62b6aa394169c,2024-03-13T18:16:18.563000 CVE-2024-10710,0,0,5e7c2f6f8d036436e8970bbc3c9b61158d8fb2052d5ec036090fdb11e7558d66,2024-11-25T17:15:11.747000 @@ -243304,7 +243304,7 @@ CVE-2024-10887,0,0,6f1c620112f0531885feb58bf605da1bdf3e2be3ee69e7f92d5d01d446076 CVE-2024-1089,0,0,9442709e929187c1b992d082c3eaeec9226480f80fc28198e3a73f4a684640d5,2024-02-29T13:49:29.390000 CVE-2024-10891,0,0,75368c42ada2eff64310eb4f2bf04c277030b9ed62814601df628d2e55a629ad,2024-11-20T10:15:05.273000 CVE-2024-10895,0,0,595bc2f289687b30c5fe4f154f1211dd293d99cd45db772babe4d8ed8c825807,2024-11-27T07:15:08.347000 -CVE-2024-10896,0,0,7b2ace8589bd378992fcb2cef01f38d52290a2aa2f1f10f8a723716a05f54d75,2024-11-28T06:15:08.233000 +CVE-2024-10896,0,1,e962891bb7ff0bd290fd7c88332bde91f2f69d0bdc8b8df6012dc8f056efaa3b,2024-11-29T16:15:08.880000 CVE-2024-10897,0,0,5090338464622dc9d5ece2556a5b89ff3e6aa995d53aa797095eaa9a0db6f534,2024-11-20T16:09:16.643000 CVE-2024-10898,0,0,29bba6e208449ebd52631361f4bdc8eca3c372d754cd58876d30ee6c07372718,2024-11-26T20:32:20.217000 CVE-2024-10899,0,0,3af5ea7b90e5da0230215c5076c9eff9b3749f9f5f947443d89625612842d08a,2024-11-26T21:01:21.643000 @@ -243356,7 +243356,7 @@ CVE-2024-10977,0,0,29b2ddc2319ae0c0d223db4a89d3fc8449062a0e9ea3025a5b9e5c6a1b746 CVE-2024-10978,0,0,3ebab35a4eede26cd6c86db97fd53ab90e5957182d37b6e0abcc8e9197e65113,2024-11-15T13:58:08.913000 CVE-2024-10979,0,0,a91abf8f72250735a354665af1da4360069454d6fbd5ebcce4960e8d75911739,2024-11-25T05:15:08.710000 CVE-2024-1098,0,0,7637c79f93f6fef4c2ad0472be16e5b2b85cffeb9436b7defda280fbd3390871,2024-05-17T02:35:14.017000 -CVE-2024-10980,0,0,a705362bf2b9d2d222a12bda25548008994ca564fa11788ed795c29cd2a88310,2024-11-29T06:15:06.633000 +CVE-2024-10980,0,1,21985ec12d369d83f43992fef14c6cbc6da6c1d5ef9577ac04d2bad895eff395,2024-11-29T15:15:15.903000 CVE-2024-10987,0,0,3d92aa33c7cd82b5da2d8627d31a00cc6f3627f00f3b6f252e968a08d3bf860d,2024-11-13T00:58:55.400000 CVE-2024-10988,0,0,6d214b682ab0622d06c1c4f694c05924f3acdece53f5429fbbce41d026ca23b5,2024-11-13T00:59:17.867000 CVE-2024-10989,0,0,1b4f905eda4958eac87015d8dbff6168d0e3098d937762941916947c71256edc,2024-11-13T00:59:42.403000 @@ -243644,10 +243644,10 @@ CVE-2024-11494,0,0,5890d4fb88df3d8f55b6792aa5c18e107344b1b8b9d64b1485bac263c175d CVE-2024-11495,0,0,79062961a6b5f76603192d58576bb23157ae662ae3c66c7b46038e4fdb4d0e00,2024-11-20T13:15:04.197000 CVE-2024-11498,0,0,a8ac2c30c03f42b9942a8db1241cf2182e07c4915a2b1066626b489721900469,2024-11-25T14:15:06.607000 CVE-2024-1150,0,0,b47a3c09b3a331a50594ab70df2061c7818f30992462806b6f5b7a310a00b60b,2024-02-15T17:42:08.113000 -CVE-2024-11506,0,0,4c7ec94842471c431cd212c6943e02a7dfc411145d8209ad357ca05b0b5e8d8f,2024-11-22T21:15:08.743000 -CVE-2024-11507,0,0,9d175120b6e707cc8e6e9224cab720d52e5dabd0dca50b8fa35967b0537f6f4b,2024-11-22T21:15:08.867000 -CVE-2024-11508,0,0,c074d47efc8dafd3dcb23355d9a7180652a3b50feab669a5db527a7b52c14511,2024-11-22T21:15:08.973000 -CVE-2024-11509,0,0,fcb678bb7980ac586c4996ce45c7b1e94c5c1b19075ff6ff8e5c0ebbf71a4ed6,2024-11-22T21:15:09.077000 +CVE-2024-11506,0,1,261c11ee89dc36d20a0a142698c23be6e2a278a7870fac587739396dcc7f8e45,2024-11-29T16:56:17.683000 +CVE-2024-11507,0,1,3c9ff9e5a5b66994c6b76e6717cb4542dea605a452c493bc60a70003c43627c8,2024-11-29T16:55:51.040000 +CVE-2024-11508,0,1,73969bc5ecf824ea65b02f8898704e5863331bc9ba81a96903c7b32ed7fc81cc,2024-11-29T16:55:14.120000 +CVE-2024-11509,0,1,fe419f20de116fed461bb1e4d95063f890287edc4dfd7b8180aebb81b0a3d83f,2024-11-29T16:54:40.307000 CVE-2024-1151,0,0,7121c04433e319cadf01da487c5bbfa2040f1a20de12a9b96c3c123bdd1e595e,2024-11-12T16:15:21.213000 CVE-2024-11510,0,0,ffe33a1c531077f4fae7c4b7c7c7d55f315a1583911fdad78c236d3caa10f7c3,2024-11-22T21:15:09.183000 CVE-2024-11511,0,0,b16a1b757781bfacc24a799d35e8cae90f6541006f0982074557f3f4a6bef1fe,2024-11-22T21:15:09.363000 @@ -243886,8 +243886,8 @@ CVE-2024-11981,0,0,be6ee509d3f8872b5ca890261b250c30bf07582770ed0b1b95babded2d99f CVE-2024-11982,0,0,179284d056dff6c909d9fc5ba2e2b2097bba6ddfe2e4e1f84392ff9837f41426,2024-11-29T08:15:04.580000 CVE-2024-11983,0,0,1494cd6825cb1279c1c5cc1f6b3f60736092f3a2dc6c2ab58516f5286cd35a62,2024-11-29T08:15:04.733000 CVE-2024-1199,0,0,9a04e528b30ee4387e68bb38a7f1be0392a71f3796108477e123a7601c79c0fa,2024-05-17T02:35:18.570000 -CVE-2024-11990,1,1,0ea61f760bb00d4ee0bb54c1c5f4898913a822219e93c4dad86c6424a909019a,2024-11-29T13:15:04.170000 -CVE-2024-11992,1,1,dec6f82d309a9ca3d0c0e65e3be01067bf6c8b19cbafb67c3c3b2120ec9fbb36,2024-11-29T13:15:05.210000 +CVE-2024-11990,0,0,0ea61f760bb00d4ee0bb54c1c5f4898913a822219e93c4dad86c6424a909019a,2024-11-29T13:15:04.170000 +CVE-2024-11992,0,0,dec6f82d309a9ca3d0c0e65e3be01067bf6c8b19cbafb67c3c3b2120ec9fbb36,2024-11-29T13:15:05.210000 CVE-2024-1200,0,0,cbf824dd51d7a3b837d210f60d3bc2fcd8c0de7dc55b64bf2469e6bd3fafa8cd,2024-05-17T02:35:18.673000 CVE-2024-1201,0,0,f9834193bbb62b403f23d3357a53cc3ad9bb6173e269e5c9bf81a47c0a1a0786,2024-02-09T19:27:29.517000 CVE-2024-1202,0,0,6132da5e9762048f130f38f4ec670738f94221153725a0b95c9666bf5c59cb16,2024-08-01T19:15:32.277000 @@ -245379,20 +245379,20 @@ CVE-2024-20923,0,0,a934b00b98c73c6c804cd41561d4b37cf6c513d57c870a7d7f13953b985bc CVE-2024-20924,0,0,aa705676d818ea61bdcda935a9cb8840e65e8e9593651a69e0996920595f990b,2024-01-23T19:41:50.120000 CVE-2024-20925,0,0,3dde6a9bbe622bd1295c7fd1929176e041ba14bdc7270f5fd1b4b124dff6d62a,2024-02-20T19:51:05.510000 CVE-2024-20926,0,0,2676243d73169d3f8964f2ed3664e12885fa1d27cd509002949c778d1bfc5393,2024-02-02T17:35:48.843000 -CVE-2024-20927,0,1,ca55ea8249dd6da5bce45be24e758d5916de4e68aac8cb4e1500a7b028f69ab4,2024-11-29T14:08:26.950000 +CVE-2024-20927,0,0,ca55ea8249dd6da5bce45be24e758d5916de4e68aac8cb4e1500a7b028f69ab4,2024-11-29T14:08:26.950000 CVE-2024-20928,0,0,fc96e36f3a9d5ea60c883a27a8025d85f323f0d0d3a677697e49dd5078d924a0,2024-01-20T18:37:12.027000 CVE-2024-20929,0,0,6a334fcb9e1a38537d0030d6dc1d1c00c6b32fe3e7ffe70a766d4d253c5ced96,2024-04-26T16:03:34.963000 CVE-2024-2093,0,0,079d9e9604827a4c25e77eb9350d5db2178004f91f7910b9b24cbd37a234888f,2024-04-10T13:23:38.787000 CVE-2024-20930,0,0,b32f422ab4d45b84995bbdb96ed692f89844b097060f0942fe72da2764953d01,2024-01-20T18:36:08.060000 -CVE-2024-20931,0,1,eb859c7c3304359ab3ed6fd9c97bc8bd77221ca2085a58c00beaa26823966198,2024-11-29T14:08:24.607000 +CVE-2024-20931,0,0,eb859c7c3304359ab3ed6fd9c97bc8bd77221ca2085a58c00beaa26823966198,2024-11-29T14:08:24.607000 CVE-2024-20932,0,0,b6a5e08f31bc64d8dfd7f42e9d3e9b939e7b79c077de8ac45ea3d3d631b33901,2024-08-30T16:35:09.817000 CVE-2024-20933,0,0,a5bb1ca13772c5cf38572f5de702a270d60fabb0e63c4a0fbf4a9ad976d93f9e,2024-04-26T16:03:09.047000 CVE-2024-20934,0,0,5acabbe49edd58ec131b480cc50d69da0378844497a0eb69036f3b8449dd657a,2024-01-20T18:35:47.127000 CVE-2024-20935,0,0,47973a6d787dac96f84797f9cffe113a23daf9fe3790cd7bf0778215187cf83f,2024-04-26T16:03:04.253000 CVE-2024-20936,0,0,9168f4ba66edc4ee88084dd88c53bc9a4e52b9cf9ba0cac7de14201203eafb93,2024-01-20T18:35:22.853000 -CVE-2024-20937,0,1,e13f01babff9b61d538f970cec0d9a3e824121f116253a0fe63f89fd87e3afeb,2024-11-29T14:08:17.250000 +CVE-2024-20937,0,0,e13f01babff9b61d538f970cec0d9a3e824121f116253a0fe63f89fd87e3afeb,2024-11-29T14:08:17.250000 CVE-2024-20938,0,0,a5a1923d2a8bb7a245ced396143858e15996403b286c3ee53076a3b6c546d021,2024-01-20T18:35:05.397000 -CVE-2024-20939,0,1,87557ecd36248f272037ad6da2a9ab8892f275432bdc2263410f993834339eb5,2024-11-29T14:08:10.783000 +CVE-2024-20939,0,0,87557ecd36248f272037ad6da2a9ab8892f275432bdc2263410f993834339eb5,2024-11-29T14:08:10.783000 CVE-2024-20940,0,0,8879740232e3b1d4ded00848c3f5ddd4d2fc5a9e0c82194d9243bd46a78bbc23,2024-01-20T18:34:47.863000 CVE-2024-20941,0,0,432097a0e08365dd57f0447a52ded0a281b4295456f7af31a527d203b7335473,2024-03-12T14:56:25.870000 CVE-2024-20942,0,0,138cd75b35d318f86006ff20a4b3b9623740d177f3b79d48f82f62a57936df7d,2024-01-20T18:34:14.440000 @@ -245400,31 +245400,31 @@ CVE-2024-20943,0,0,c893b8e5b6540c97f966b32b9f9335406bebc3fc0fcebe2041732294e6d7a CVE-2024-20944,0,0,455869c6c4218017ed3052a739e20e96a49e80460128731305c47837c36967b5,2024-01-20T18:33:55 CVE-2024-20945,0,0,c9a7660aedc8461cf49457ff4506ab3c831d2d70e2229c352a5ff786b482ec6f,2024-11-12T19:35:05.470000 CVE-2024-20946,0,0,df3034f1fad61ed84baa5888e8cbfac598e430fe48771252310c446f30669d8c,2024-11-27T16:07:37.487000 -CVE-2024-20947,0,1,72016728d1eee1da2772631c467c4e835bd047d470b14bd7d620786178a348ce,2024-11-29T14:08:04.547000 +CVE-2024-20947,0,0,72016728d1eee1da2772631c467c4e835bd047d470b14bd7d620786178a348ce,2024-11-29T14:08:04.547000 CVE-2024-20948,0,0,12e9e8a4ba5f0d4d5a3ec7d1b0d3211c79a9e2d1eccf174b1829b4aa21974fac,2024-01-20T18:33:19.560000 CVE-2024-20949,0,0,a2a9e2bb1ecc05c1ef53d90345f7a09727513acaa3e67eae682ecc91fa3b450c,2024-02-20T19:51:05.510000 CVE-2024-20950,0,0,a8dcbd8cc1ddfff3d855b715bc3cb1c5e0aab4e149120b29bfe9971dd0c3b192,2024-01-20T18:32:03.153000 -CVE-2024-20951,0,1,23e725bdafd7d3367fba7c07eea777ef136dfd7464fb10144de702713e69b528,2024-11-29T14:07:57.480000 +CVE-2024-20951,0,0,23e725bdafd7d3367fba7c07eea777ef136dfd7464fb10144de702713e69b528,2024-11-29T14:07:57.480000 CVE-2024-20952,0,0,ee7670e91d33e31160e61df658911f1f989f8a5d8151285943b5c8af49a8a00e,2024-08-30T16:35:10.593000 -CVE-2024-20953,0,1,a3b1b4e0f383af8fc79c967ea17100da30c8b057c63a1edb23f07de9cfb7f270,2024-11-29T14:07:16.767000 +CVE-2024-20953,0,0,a3b1b4e0f383af8fc79c967ea17100da30c8b057c63a1edb23f07de9cfb7f270,2024-11-29T14:07:16.767000 CVE-2024-20954,0,0,57a73413d0e3acca6ee4a29e076cb030f710aa01f467c3e7bf98fabced0d9135,2024-04-17T12:48:31.863000 CVE-2024-20955,0,0,3ef5989170bb1b485154f91fb8591afd4cb71f457c0fd734cc9a4a4e8a7d2a89,2024-02-09T02:26:25.517000 CVE-2024-20956,0,0,78d82b52430d3bd5c36b5846b4138f4e211c247ebf893f680bcabf1f8af52ffe,2024-11-27T16:37:04.993000 CVE-2024-20957,0,0,e93e5f63896ca6389639f28c6915c0999c46dc6fe6eef70f268dfc725114f0ba,2024-01-20T18:31:43.287000 CVE-2024-20958,0,0,efd3fe866dd6ac978ea48339b2dd74375e92e3a0c2e0492d39bdbdca54bbfc34,2024-11-27T16:37:02.780000 CVE-2024-20959,0,0,65f727318b2446b38daf72eb41cf2e9b4f6d535e05783839d548b8b026463599,2024-01-20T18:31:27.417000 -CVE-2024-20960,0,1,5431fa6ec95a185c3809c1c486566339630ff90be3bd423ab1eac9d97762e16d,2024-11-29T14:06:46.623000 +CVE-2024-20960,0,0,5431fa6ec95a185c3809c1c486566339630ff90be3bd423ab1eac9d97762e16d,2024-11-29T14:06:46.623000 CVE-2024-20961,0,0,1cad69d2442213fdaa659cc4c85bbaf05d35d026075b85bdaedf813ff8fbfb75,2024-02-02T17:36:27.917000 -CVE-2024-20962,0,1,814fbc459cb7911ce83ab3bf5f607eb5971245c56232f40734e448206135f898,2024-11-29T14:06:30.670000 +CVE-2024-20962,0,0,814fbc459cb7911ce83ab3bf5f607eb5971245c56232f40734e448206135f898,2024-11-29T14:06:30.670000 CVE-2024-20963,0,0,777b7cd2ebaadb4763a737f62544d35f548c2765fd413ec39c0e69f1d2e44eee,2024-02-02T17:36:33.743000 -CVE-2024-20964,0,1,811fc022361134f6a343b6233bc13cc59a9415418699599392263774769e5ce6,2024-11-29T14:06:13.857000 +CVE-2024-20964,0,0,811fc022361134f6a343b6233bc13cc59a9415418699599392263774769e5ce6,2024-11-29T14:06:13.857000 CVE-2024-20965,0,0,d41d12dc1f39ed4f3636fac85c63e6e6a8b99443b9015fee96d2868d746c8460,2024-02-02T17:42:20.270000 CVE-2024-20966,0,0,dab87e37585bb236d1417d0345775a702be652c48f5564f545a9e12473d94c75,2024-11-06T19:35:08.623000 CVE-2024-20967,0,0,24e7161f6aa52b5a617854b182e26d8b3a2b8a2e00cfc6867379e3242f7ad4f6,2024-02-02T17:42:32.037000 CVE-2024-20968,0,0,f87c3ac120b069363cef49b73c4bea5dd9bdd52a2a03eea095a7ff8c6c344cb0,2024-02-20T19:50:53.960000 CVE-2024-20969,0,0,058e957bc600be5635dd584028438dce1629507fbbb938dc220b2cfe0d1cbacd,2024-02-02T17:24:44.617000 CVE-2024-2097,0,0,a5296fddd51fdc72e41983e3c675924f4a793d98bfa3d9f0f2108a4308ad6079,2024-08-02T16:35:42.490000 -CVE-2024-20970,0,1,f2c4d46466280b4c7f5c17a0bbfdd8fbd8de9b5300a1a582642a8853ce7d7769,2024-11-29T14:05:47.220000 +CVE-2024-20970,0,0,f2c4d46466280b4c7f5c17a0bbfdd8fbd8de9b5300a1a582642a8853ce7d7769,2024-11-29T14:05:47.220000 CVE-2024-20971,0,0,367d48e0b7823c6c5b99eec1ce1922e745a2a037848ba6c835262e0bd2e639cb,2024-02-02T17:24:10.267000 CVE-2024-20972,0,0,a4a5fe183266fd9b82b77ef2f4fefcc3b5224f5c85eb8a078e64b18cf5d25504,2024-03-01T23:18:40.500000 CVE-2024-20973,0,0,f35708de75dad56ee7540b2e1b19707400f84662172c67827d75ea7e20f698b9,2024-02-02T17:22:04.880000 @@ -245748,7 +245748,7 @@ CVE-2024-21283,0,0,0ddbb462ca0821dacd37d3533c526ba14fd88aa793b081385070a77512efd CVE-2024-21284,0,0,b26beb8928847ddda7596ad1b5456aaf9e461763a25565fb76df745f1499af72,2024-10-18T16:45:58.217000 CVE-2024-21285,0,0,94befa20d99f1e44a7a6e1443028684d2864251495f642087aa70fa909cebf20,2024-10-18T16:46:27.283000 CVE-2024-21286,0,0,165be3dcf0a6405bd236710f2cf171c0d7219a16c20a273c1cdda02d4e5f4acd,2024-10-21T16:16:31.867000 -CVE-2024-21287,0,0,899b026678307ba0c067f2d642514368a5be63f4d437f3e920cba7d08ad306d0,2024-11-19T21:57:32.967000 +CVE-2024-21287,0,1,3fa403c22f24e1ef1d9572ad7971727eefad394ffd6de14f7fc63427216eda73,2024-11-29T15:26:04.440000 CVE-2024-2129,0,0,5f52407743c1f969b3fa77917deda7339874ee16ffe5a9c10d3a77b843fb1d95,2024-03-20T13:00:16.367000 CVE-2024-2130,0,0,949f4490e30f20ac86b94271cd74ebfff8857dc5306a19f843591857ffe5e5d6,2024-03-13T12:33:51.697000 CVE-2024-21302,0,0,7f391d893a5dfcd3f80503750e1f19b379a4e74727dc288c2f0c00e1775f3cc9,2024-09-18T00:15:03.243000 @@ -245789,7 +245789,7 @@ CVE-2024-21334,0,0,bb98735e0397eef282b3bf0c8a7f17fd1a894c0580516f67c50b6ae552edb CVE-2024-21335,0,0,d3be0da75c93e40dc74ef43532ac464e7457c464e235cbe682e70d325b6a979e,2024-07-09T18:18:38.713000 CVE-2024-21336,0,0,4632192569ed60af4d57d1dd58a5b140d682aa1d82fc677d5ec51bcb39be3541,2024-06-11T15:15:59.553000 CVE-2024-21337,0,0,1ed4e9ec6936be258d1de771e0acb5830541ca48fb0a246032f3c3930147d134,2024-05-29T00:15:20.793000 -CVE-2024-21338,0,0,3aa0124262ccd838e18fcb8d62fa84ec847253898437096a73d841c68b97cdf8,2024-10-10T15:14:00.550000 +CVE-2024-21338,0,1,8655cbd90bc258de70dddac479ae65b5c4bd5b0079bd0591624f7635efe256c9,2024-11-29T15:27:05.917000 CVE-2024-21339,0,0,3b2246ef5e1d88b753a2538b4b172fb8ad25db9ef5e4dae729823984d67c0483,2024-05-29T00:15:21.830000 CVE-2024-2134,0,0,32f7b6769a3de1e870eb862cfbcf578418aa858e7cc01f11b7b77f4ab31882e5,2024-05-17T02:38:03.667000 CVE-2024-21340,0,0,54f8fce81fb3f01b0990ebeb93fb4090923de6185bd8f6ef3135f577fe07fabe,2024-05-29T00:15:22.083000 @@ -245804,7 +245804,7 @@ CVE-2024-21348,0,0,caeb5276d893c45605b780b8ef141aef8bfed0cbae12d833d0fe232be544c CVE-2024-21349,0,0,90c648e3936cf215126669f41021491c5d3ba1f9aafacc27fc041d6e936564d0,2024-05-29T00:15:25.707000 CVE-2024-2135,0,0,032e08576f1a919dbd64cc39c28fba4589e603c1caf1d8a7d889f6041b4d561f,2024-05-17T02:38:03.763000 CVE-2024-21350,0,0,7525b1762c57d2ce5a42020afae104f3c442aa63226c725bbac8a0f98d73d320,2024-05-29T00:15:25.863000 -CVE-2024-21351,0,0,2ff82a141ac9387e60215f87eeeddce588b0938830dd77037c78f044cd1656c7,2024-08-14T19:41:39.193000 +CVE-2024-21351,0,1,38ac782f46c416a945d3146062642937d409d55a678722f7e23334e451fafa52,2024-11-29T15:27:41.817000 CVE-2024-21352,0,0,2da0fbfe11837bfc015b80d01c632c71d438753b834565ae31f1f2ab5396454d,2024-05-29T00:15:26.060000 CVE-2024-21353,0,0,75209ae3e8c4f957caeb7539e232153190351d797234b8772890d5e6f5bc0690,2024-05-29T00:15:26.197000 CVE-2024-21354,0,0,46b0e09b1d5cc5193e76d3af9ed0cacd2750c473654b7e05b2ba202c171f6bf6,2024-05-29T00:15:26.367000 @@ -245869,9 +245869,9 @@ CVE-2024-21407,0,0,b97717af0ca40d5dd8149f03bb696422755881da95f19e32bd685e70a138f CVE-2024-21408,0,0,ceba20eaafa3d075959fb9b8d698ccca9ebbb8337c5cd45e799c17579458c090,2024-06-11T16:15:17.727000 CVE-2024-21409,0,0,6438b4e02907d0771fccd1df4ebaf57987752ea28dce3ec82cc1dd0b4a802554,2024-04-10T13:24:00.070000 CVE-2024-2141,0,0,7c4bf37cd4081c2cd46a042815f9ce375b39a3545b48e0b5b91eba9a22eb0fa5,2024-04-01T01:12:59.077000 -CVE-2024-21410,0,0,c8e90612f8b38e6b1f13375d68516f4b4a5a3386c3f385305f0005a7f45de49a,2024-06-10T16:05:10.343000 +CVE-2024-21410,0,1,cff9ec17f7c98dd2a10dfde7d5847d7f80f14e8f69eab3ffc175bf54ec78e14c,2024-11-29T15:28:11.497000 CVE-2024-21411,0,0,e4762a6b8c68f949f9dbcca9e77f1e8e5511c352d40e6306cffb620bae6ab489,2024-06-11T16:15:17.890000 -CVE-2024-21412,0,0,19f94d89a29568d47135b4b672838e496edc30a72400f126ad5b6bf639eb739b,2024-08-14T19:47:44.623000 +CVE-2024-21412,0,1,cd5f81d0bb26393d2beeaf99973518c2a2ed4697bcfe091a6f357d6ed694ebfb,2024-11-29T15:25:25.097000 CVE-2024-21413,0,0,9ff3f40aef94a5855a3aa31dca1b2a383efeb4c413a3d395684e572375312500,2024-10-09T02:15:22.417000 CVE-2024-21414,0,0,cb5be5a0298e388117cb17fb4e38b11bac4cf16d9158b5abf408d82cf361dfc1,2024-07-09T18:18:38.713000 CVE-2024-21415,0,0,42bcd1202ef0ba594d559bd9441152ac5ae9644c270ba50531381a1aa41e9e3f,2024-07-09T18:18:38.713000 @@ -246165,7 +246165,7 @@ CVE-2024-21757,0,0,66e21018e776a45a8ac67481d369c1c7c7a16e8eeafbc02057073be569347 CVE-2024-21759,0,0,d165ae3a9708367c28525bd41d7fe549357acc1e0023c89ebc6f25ff1ff9fe47,2024-09-09T16:02:11.507000 CVE-2024-2176,0,0,2ba78cf020993deed98ae980ebb92c5b68a22bb08492374d068beaa29a78e2e2,2024-08-08T21:35:08.447000 CVE-2024-21761,0,0,2f2a716518ed143d836c780b247de3ae3910c7d7d968185283e0e6563fd7349d,2024-03-21T21:04:27.653000 -CVE-2024-21762,0,0,84db6239690371b7c5c10ef720dbcf2d622d5440e87b70d1c21a79a857f8ea72,2024-02-13T18:21:14.607000 +CVE-2024-21762,0,1,19837661690ea17394b764006eb17103263b7e53db08c2a7ab09d97acc58dd79,2024-11-29T15:23:32.167000 CVE-2024-21763,0,0,d8d7d7a6603289e83c84acd8db83028421c70629bc8061b793ed05808f5d1ea3,2024-02-14T18:04:45.380000 CVE-2024-21764,0,0,287abdc987e0870c03af48d2a4a16556307bc5666f731f2a33122b74652efde4,2024-02-07T17:15:22.520000 CVE-2024-21765,0,0,6018624150e2bb1d3abc9ed035b414ee5730b32b22c6bd7e3e26ce4277230556,2024-01-30T22:14:09.087000 @@ -246273,13 +246273,13 @@ CVE-2024-21880,0,0,1ddc742a1415ed9c83f0b08f07d66002d3238df7214af576a1aba215e4338 CVE-2024-21881,0,0,a3ca078f1a94b860c30187f42bba36f3f423640c700d8c006c38cdeb14d70ba9,2024-08-12T13:41:36.517000 CVE-2024-21885,0,0,cf90aec7f32d7d853355af178410105b6c585a9e6dc2e566dbe61e9e757b8124,2024-09-16T16:15:13.080000 CVE-2024-21886,0,0,d9ed72d5cc76ab779e42960fcab2b1d8ba99a9322ac8a915c7bbeae73a4df89b,2024-05-22T17:16:14.343000 -CVE-2024-21887,0,0,dee851222e694d95b0f1691d3a26fa26718084755139b924be089cf79647c8cc,2024-06-10T16:21:07.127000 +CVE-2024-21887,0,1,32565b841d9b4dae54816d3da7e79f9ed246a27048012f3c4381537be5a1984a,2024-11-29T15:21:57.970000 CVE-2024-21888,0,0,1af4592530911930febf4afd7665511e2c8fda62482b2672711b02a531f43354,2024-01-31T19:53:06.303000 CVE-2024-2189,0,0,4bc6863d436faf478f94c0d38ebd9410e037fb46deff7032e182765deeefc5f7,2024-10-27T15:35:06.613000 CVE-2024-21890,0,0,4b9ed22caff018766cab85c6e667a0eff64ed32711f3a42c1733a2a3816dfa42,2024-05-01T18:15:13.430000 CVE-2024-21891,0,0,43cd3c587046828ef679aa8aab18a78abfa7e42f02c7b966a4e2fcb63257f1a5,2024-05-01T18:15:13.500000 CVE-2024-21892,0,0,b66f3720c2f8a6ca915b3a29134f8ea92c61757569ab02f4e0972950cde5a9ef,2024-05-01T18:15:13.610000 -CVE-2024-21893,0,0,5d8ce33d1c55fcf2beea2facee684393ccb80962bcd0328324d1b1c6e19de8a2,2024-08-14T19:51:42.643000 +CVE-2024-21893,0,1,e526f17c4117b0594f892986704f00492d28f916b3e77a051a630f156948cf6b,2024-11-29T15:16:27.133000 CVE-2024-21894,0,0,d904fb3f63a6256b59daa9a2520af7b682f9d26b030557622ab52d0190660c37,2024-10-03T22:35:00.567000 CVE-2024-21896,0,0,e5ee458c4fdcb804ce384ce01bebd179e3ae066792496cc0c6eb52547c53fb06,2024-08-27T16:35:07.720000 CVE-2024-21897,0,0,166468f3f58982ddfc6f1fdf4b5aa1e4f1c8d0a117c98f515754520794406072,2024-09-11T13:34:44.987000 @@ -247035,7 +247035,7 @@ CVE-2024-2311,0,0,4aac7ca25d4746b431ed7ccd5e7d3d99df50290a301a85fe7466f2339700b1 CVE-2024-23110,0,0,1ac4a7144e9209f9a89949f05fe1e7cc8c377744b32bfb607f177f1a970f34e1,2024-08-23T02:45:28.487000 CVE-2024-23111,0,0,752974f238ed1f3e5e428baa91d031d0aceea7be33f8a58b9a2a43bae855557c,2024-08-23T02:47:13.560000 CVE-2024-23112,0,0,95e5175d7388e29c67df9af8c672941dd9e221ee4e0a1ee87f756c639ee8dad2,2024-03-15T14:51:58.497000 -CVE-2024-23113,0,0,e4a22a572f804e3f962d65a633155804365118f9caaa4bc464f5658928aefd90,2024-10-10T01:00:01.433000 +CVE-2024-23113,0,1,95b5961bcf78810b549334be42156f77f3d93c53d460297efa7bd349ecdbd7eb,2024-11-29T15:09:12.633000 CVE-2024-23114,0,0,7252a5a302093b43221ea76f9a6a29eda61311bf101ae44cd86a63862ce26956,2024-08-28T20:35:06.210000 CVE-2024-23115,0,0,7b60c057c6ecb2992362930744ce2990e40a5ef55d9da25b0609baa5f284fa28,2024-04-02T12:50:42.233000 CVE-2024-23116,0,0,b697b868738862e20bfb62cd043729402a6443f2a45a0bdae976d2a021726d27,2024-04-02T12:50:42.233000 @@ -247137,7 +247137,7 @@ CVE-2024-23218,0,0,764d9591d3c5e993d8e4b9e38693ec8072deb6341bcae3b3215d2e62a1427 CVE-2024-23219,0,0,478ca77553ffcd9677d8ceaf589ef8d6cf6bae32d2a8df76b85c410ad74b3348,2024-01-30T14:36:42.017000 CVE-2024-2322,0,0,776e33fcdf567ae537046234d62ca7db5b963706682e8716d8d5dc09cd7f8be6,2024-04-03T12:38:04.840000 CVE-2024-23220,0,0,f101ffaef9dad46b0d302b5c295ba98ebf46d5f444c97ba83b37945ab744597e,2024-11-18T21:35:04.300000 -CVE-2024-23222,0,0,44336c8d85b23e6e2233166fe3c1c9c1f9c6b2a05acffb99e131c49efb0b4d09,2024-08-14T17:00:37.360000 +CVE-2024-23222,0,1,234fbc8851ab910f53af22b06eaa70a751c876141fb023e6fa28056f96c7e426,2024-11-29T15:05:53.577000 CVE-2024-23223,0,0,464a4cf7e8bb6b5e08b4ad8ad5f4cdf79fe55ec2d8d88009937799f33564faa5,2024-01-27T03:48:24.797000 CVE-2024-23224,0,0,fa172b394ba1cf6f7733db8331430ccce1bd8679933444bf6fb2bfbefeaa9833,2024-01-27T03:45:02.100000 CVE-2024-23225,0,0,5e4a7bac3a06241496875f13b40354e356bfb680348fe60d93915e2d4f0c623e,2024-08-14T17:00:03.717000 @@ -249254,7 +249254,7 @@ CVE-2024-26165,0,0,83eab2c0875e9b88a1f7ce329398a5e0cce759e0512193fa6f5822a067798 CVE-2024-26166,0,0,2dced7e6cfb444dab6a8949445585382808844907087fc776f21c6d4c672ba6a,2024-04-11T20:15:33.987000 CVE-2024-26167,0,0,bbd84f3e641e9d975722dcd02ef6a412570e8d613f30b550ec8c1746242bc7cf,2024-06-11T16:15:19.920000 CVE-2024-26168,0,0,79980e86f7902cdfbf2750e2f70229d42c3911a1aa52728ae4a317e89b62a526,2024-04-10T13:24:00.070000 -CVE-2024-26169,0,0,d4539fff7083a2e990e8c56b0d7ea67a6cb20dceddeeda3f540973114f499680,2024-06-14T17:36:18.710000 +CVE-2024-26169,0,1,1019f2fc447e0f9753156720ba4d1d39073dcb9223b8501955c81cf0a85bd6ec,2024-11-29T16:24:31.767000 CVE-2024-2617,0,0,c735ab59fafbabeeafc878072d5ef91a88b0cb8e9dc08af938860e93db5c996f,2024-07-03T01:53:23.587000 CVE-2024-26170,0,0,0aa973e8130637a5ee27105a50fa35cd27805a60f2c73c82c1364fd1c2385819,2024-05-29T00:15:37.043000 CVE-2024-26171,0,0,af1eab8c900cacb292f00614fb9cafca32a87af2cc2398a192e37b10928b396f,2024-04-10T13:24:00.070000 @@ -250160,7 +250160,7 @@ CVE-2024-27194,0,0,78757982100acc79dc9a814faa23f62bcf314b322453e88a479530d3e4d56 CVE-2024-27195,0,0,d578fa406d15c6e0ddafa4b7f3575d2941d60300f55b4250560315d72b6f30a2,2024-03-17T22:38:29.433000 CVE-2024-27196,0,0,5bc65a724f5b943b60299306107e6a7e61fea3b9831199c98ec3939a19422ddf,2024-03-15T16:26:49.320000 CVE-2024-27197,0,0,b073898ec17a08d3b1a11c7b0c90ebe35fb389ca08bf315d6421cc3959bbe84d,2024-03-17T22:38:29.433000 -CVE-2024-27198,0,0,bac9f46c484adf9de6a634098336c1e11ababf2b56401655185bb4c8e491abfd,2024-05-23T17:57:49.653000 +CVE-2024-27198,0,1,de438747af70d3a35b18668b9b31d3da0ee0ca592d998e76d2e324c336123584,2024-11-29T16:25:32.523000 CVE-2024-27199,0,0,b7165fde30d8edec4986915f0c4ca7947c54838852015584a90e5050c5a6077c,2024-03-11T15:15:47.663000 CVE-2024-2720,0,0,85869b201641191d674a3d8cb0449932108d6f33187a3194c3a297f2e914d0b6,2024-05-17T02:38:27.590000 CVE-2024-27200,0,0,85aaff6fe226984a748b9a99f9d807d66ef62a7ac2cdd3e0e23654f62a36798c,2024-11-15T14:00:09.720000 @@ -250676,7 +250676,7 @@ CVE-2024-27889,0,0,7117aad45d32aeaef1ee1fabf03a8eb1a99ce1846aae926fc9cdd323c7a5b CVE-2024-2789,0,0,34742259502804c5b95d3d9e3233d720754fd74f45f9568c62dc8f4e6bc9ffb3,2024-04-10T13:23:38.787000 CVE-2024-27894,0,0,a037a624d2f95391d5ae19191b0926bbf6c393d1d253b2842dc172d91ee0ac42,2024-05-01T17:15:30.557000 CVE-2024-27895,0,0,de6fd28f801c22465e6c2372870db62d38c20d7ecaa9fe3a9dbc39ac3ffe028b,2024-04-08T18:48:40.217000 -CVE-2024-27896,0,0,5b7de755513c16004a65ac1bfdae4d7451cf85111e626a9660001b4949624188,2024-04-08T18:48:40.217000 +CVE-2024-27896,0,1,cefb57e4fd2360f9ca76121f5d55c0879f2b9778073436f6d450ff9f01865a42,2024-11-29T15:15:16.833000 CVE-2024-27897,0,0,7ac8d31efbe5ad58e008b8dc7cbcfd70d656041f754fbe829593aa8d64d8dd36,2024-08-01T14:35:06.260000 CVE-2024-27898,0,0,c03cdc1eb2060aabd14ba3445af2836842c63fe91e356c4d224987929ed74c5d,2024-04-09T12:48:04.090000 CVE-2024-27899,0,0,2548fc8496c2288b6ebd21a36453437c0dd04b82ed7ec63497ebeec2c076ee43,2024-04-09T12:48:04.090000 @@ -251424,13 +251424,13 @@ CVE-2024-28982,0,0,a19015356d660d2e2e0aa0476b84c95e664ecbb510badb624ee4eb55091f6 CVE-2024-28983,0,0,703d0fea3e992e6c157faf14895b95484e69f73d18d43a1bdd6448ade19b1d58,2024-09-18T14:36:16.267000 CVE-2024-28984,0,0,061a156a04ab4e4c76d21331d25299f4cff837eab5762774bbd4e38e96a6350a,2024-09-18T15:22:51.163000 CVE-2024-28986,0,0,1bc724868f1fc8a3c45a5557a2e0154a8318c8e26360517fdaccaced6288454f,2024-08-16T15:04:28.150000 -CVE-2024-28987,0,0,134caea59d5c8acf403cbb3a7d3c67116746c4784635b286d9fa1320e0c17afe,2024-10-16T13:05:08.363000 +CVE-2024-28987,0,1,2bbbf75717f20424ad40b4a6c110f5cfa5d59b8a2fac29d6eaa80887c6bbd9ff,2024-11-29T16:34:47.650000 CVE-2024-2899,0,0,0be0fb50fdcc13228c9b49554460e4a306be4c6e83ee7f9bfb94b945f4f9e595,2024-05-17T02:38:36.220000 CVE-2024-28990,0,0,c552d85779f742e9eee5a53e7cb3b834247c40cd3dea313e4f856bb71772b3d4,2024-09-16T18:05:28.957000 CVE-2024-28991,0,0,f3a76278588de09c2001ab77f03da4ee20a5494ef74524c789ac890512227cb2,2024-09-16T18:06:20.037000 CVE-2024-28992,0,0,dcb8c493077168591aebe4d60d7719870f581d45ce48e73108abe9067fb629eb,2024-08-22T15:56:58.207000 CVE-2024-28993,0,0,9c5125da7327315f017a58b350f8b638b25e9c0dcede224162aff682993b7d59,2024-08-22T15:54:56.087000 -CVE-2024-28995,0,0,23c52fbffb3e9fb74833a00e094548a239a07eefa8716c4e259000599c6e6a05,2024-07-18T01:00:03.197000 +CVE-2024-28995,0,1,f5d8c1a7299e3b3e44c2ed598899a37593a1c1911e24ae407dc7970cbaefdd91,2024-11-29T16:35:14.907000 CVE-2024-28996,0,0,09468fc42886d2b9d5b470ae44f5a5cbca16443960a600683fb24e9570dc922c,2024-06-06T16:23:24.377000 CVE-2024-28999,0,0,768d1b3fe866566c9082c710789c8fcaa529e82f91bdfdec236693dabe93837d,2024-06-06T19:06:50.923000 CVE-2024-2900,0,0,9bd5558f52cf3da4bca76efc39f079db00859b82397c98864e9f0561a07bb703,2024-05-17T02:38:36.333000 @@ -251841,10 +251841,10 @@ CVE-2024-29741,0,0,a475db5d288fe89871088d062fc43a43c29a2a7a1fc8050faa6de7801796d CVE-2024-29742,0,0,3670333ea9fbb45ca159956c69b3ce18ac4d0f3cf08b138c36c7c46652b7f763,2024-11-06T20:35:13.483000 CVE-2024-29743,0,0,84c45acac68285953d0f847d89629f6df4afe2ae0557e844a739860834244671,2024-04-08T18:49:25.863000 CVE-2024-29744,0,0,261c7417210a4d10590c39459d063b6a3382c5fabd76d0ef2ba580fc9b59de43,2024-04-08T18:49:25.863000 -CVE-2024-29745,0,0,40250cabd067f394dda6fb03fe08d83fd93611782b23244c4a5077110391f2e7,2024-08-14T16:59:22.427000 +CVE-2024-29745,0,1,bf63f81b122e717cc482b45d1aac05d06c9f46bf3a261cf059c0f224a80b06b1,2024-11-29T16:36:23.337000 CVE-2024-29746,0,0,e8b3ba99fcdc8897610d1b7db4ca55c1c26a70bf988c543b9680a50462c3b0e9,2024-08-27T15:35:12.773000 CVE-2024-29747,0,0,a9bb38ddde46ade8292f525e19d236b5bd174a30f99b61fb435143ca6b2dcbce,2024-04-08T18:49:25.863000 -CVE-2024-29748,0,0,96767832c3cd8bcc7713d77da33946498c08ad89c922c3cb2ab003c983f6b2f2,2024-08-14T16:58:53.233000 +CVE-2024-29748,0,1,ca7247b4c92b5b0b2770a7d09ee9d04ef840d91c04b73451de9c5b47779e76b2,2024-11-29T16:39:20.167000 CVE-2024-29749,0,0,8a7e6237bf5dc8c5dbffc0cf5683dd39781e31dc868515daebcad93f5f9b5cad,2024-08-20T16:35:07.913000 CVE-2024-2975,0,0,ce2c1eaa1d0b58261b411dcccccd364c347ae6cf1b55cf3907ef667aa6188f26,2024-07-03T01:53:41.630000 CVE-2024-29750,0,0,7a2be3474be8eb9a9a1f00370f7dd146a6646a497f8aa987bac4348534bf962f,2024-08-21T14:35:07.240000 @@ -251928,7 +251928,7 @@ CVE-2024-29820,0,0,2528d491aed96a02281e4f078b8e3f22ccbe89d79da1f8a661b52ce76993e CVE-2024-29821,0,0,b4c6b50dcd0aa25f58b1925e34b668429968d3d74b8651b3de59e06c3145e1e4,2024-10-21T18:35:11.957000 CVE-2024-29822,0,0,5d2c9e00bb0fe2f46c08dc837f1280f283485a53b01db1b74e5b392194998b98,2024-10-03T16:45:19.060000 CVE-2024-29823,0,0,7935be43b4ac46d887d4f03748872441ac79f4dab527d9f95095fada77eba679,2024-10-03T16:45:20.897000 -CVE-2024-29824,0,0,1b740fa01a83c6e4b995d74f425eef2cbb5e7538bcbdf87088945ee820fd5f8a,2024-10-03T16:45:28.117000 +CVE-2024-29824,0,1,026a1e11df9ee3d899d0c2bf095da1fd35d7176765e00f85991baa53a5f0fb88,2024-11-29T16:45:04.187000 CVE-2024-29825,0,0,64f20a619106a2238134429fdb8e4c509475afb0bbf6fe71f9a7b74df6e38add,2024-10-03T16:45:33.987000 CVE-2024-29826,0,0,4420a5c92afcf7dafa33fd0a69ec14c612bcd13044533315a80a000c94462c69,2024-10-03T16:45:41.590000 CVE-2024-29827,0,0,4227865e64ab65a99bcb96c6435a0a175dc3393f0caa0974c0f5b53e90fe9c08,2024-10-03T16:45:46.257000 @@ -252090,7 +252090,7 @@ CVE-2024-29984,0,0,4aa09e74314dd8592868f3bd0ea912d1b236caa15f34115035ce29a8b7f8c CVE-2024-29985,0,0,b1b5802eef3be3200a89e63bc946916a32ea509374c3a92616bee231e3771457,2024-04-10T13:24:00.070000 CVE-2024-29986,0,0,c7aca2685c1bb88b4eb91e7726f383be984bf6ef1b130d30792cbbbd2dfc99f9,2024-04-19T13:10:25.637000 CVE-2024-29987,0,0,739a645d6cb57eafd57ae46b02a164214b94110d7027433cafab7724c5c859ab,2024-07-03T01:52:55.750000 -CVE-2024-29988,0,0,ec0e1f6f6f5e1da0d86c67b3db60bb23e35c4b1fb4703a4d3f975512fd927e81,2024-05-03T16:13:41.277000 +CVE-2024-29988,0,1,23b0a749208660a6ff0dfc654162a52b649398e53f68d880ee3c39b2cbfea104,2024-11-29T16:28:51.757000 CVE-2024-29989,0,0,9c97f8b2ef22ac25d0b59debe7af67bef9fd292864777778e5e24a19ad37811b,2024-04-10T13:24:00.070000 CVE-2024-2999,0,0,45eda8c0f343ee6af25af4bd083b90545a7796afa172633de4ceab132f8c0033,2024-05-17T02:38:41.973000 CVE-2024-29990,0,0,88f62d98b9a5bff093ce0abfbfe9db0761686bfc063b806cbd26f72b79b6939d,2024-04-10T13:24:00.070000 @@ -252147,7 +252147,7 @@ CVE-2024-30037,0,0,53430a270f51df19e8e0f2a22c8a0c4d1e0d24050fc2932af59dbf2704a16 CVE-2024-30038,0,0,a70d8175f0e84ee4bba48e08160e6d41574a825f9b149ce526abcb6211bb5df9,2024-05-14T19:17:55.627000 CVE-2024-30039,0,0,3fe79636c5fd9084cfd586c9ae3a3e669cc043c843d47be0743f65f3ca050346,2024-05-14T19:17:55.627000 CVE-2024-3004,0,0,86123f1df73dd32bca5fb17291675546e219ee31ee6047da613833491f953cb2,2024-05-17T02:39:40.003000 -CVE-2024-30040,0,0,13d8fc5bc8820076a4d4d9223db8c87b6ae2869890066211674e3db34da5f549,2024-05-16T18:01:55.157000 +CVE-2024-30040,0,1,53137381cad4836b484aca2921dfa740d0639018920e030d4cd815e000aa758f,2024-11-29T15:41:55.210000 CVE-2024-30041,0,0,b838b91a8a25eb9ddb67001fea8c2ff712f019f909c1593ed099ffc986688ba4,2024-05-14T19:17:55.627000 CVE-2024-30042,0,0,2db4712d541eee877d6df49497261a7670d9457ef77fd66f4c689a30d966188c,2024-05-14T19:17:55.627000 CVE-2024-30043,0,0,77f5aed2a8c31debb17674f5ad64bec92145dfa955afc07964ab55c62e81ac11,2024-05-14T19:17:55.627000 @@ -252159,7 +252159,7 @@ CVE-2024-30048,0,0,3fbc2bd0064423f61ad9a68d9e223e9ae6caf17c244f17d7fbb13b42186c3 CVE-2024-30049,0,0,cb94664ec7f30710d33908854d1f85be3a7ede949ab75e05b29e339a1c51cdc5,2024-05-14T19:17:55.627000 CVE-2024-3005,0,0,846c3bd8a4daf30969a52fa498adc43872ca65d40a1311ddbbeb5f45d2c4bd5f,2024-05-02T13:27:25.103000 CVE-2024-30050,0,0,c0c5f8a710f4beef8a562ba7ad27b099c8c54e77b5a9cafb06c275f32ebaf912,2024-06-11T16:15:27.137000 -CVE-2024-30051,0,0,a59dfbc72dbe2e6dda382958d4199090cdf95905558a8a6fa49af8322dece8e7,2024-05-16T20:27:22.830000 +CVE-2024-30051,0,1,f3d7e31338c8088a249f8ce59310ac1cfeceb64ac3766a9e058b1303d7825f6c,2024-11-29T16:31:39.730000 CVE-2024-30052,0,0,bd8b9f6cadebfe1e64f7416eccb3e938316cf292f11c0d4ac3022e963441dd3a,2024-07-02T14:20:55.230000 CVE-2024-30053,0,0,c1b00e8a2e45d39778d41ed44bce8cd343672ededb3a7201678d37ea0c9af801,2024-05-14T19:17:55.627000 CVE-2024-30054,0,0,4dde3cd5f0020ff99cbe06936615da565bc5eb9ab23b0ade4593c19aaa73d864,2024-05-14T19:17:55.627000 @@ -252199,7 +252199,7 @@ CVE-2024-30084,0,0,2ff230b9f7ca79d2e13580712575b84ad5e2b5c2664fbf927cd3b01799152 CVE-2024-30085,0,0,7bcf589ad2fcfd591da16d9a82e9fed93eee502e186b3681a570437395d20843,2024-06-21T19:04:40.340000 CVE-2024-30086,0,0,f882e05c20af3aa996eda8fc685faf0f7c5bd9402acf367a3fcc83efbca59416,2024-06-21T19:05:24.723000 CVE-2024-30087,0,0,29e2979e5f743bab013bd32b6e284a6d8c8d52b45482fd4dd89773d24b210e59,2024-06-21T18:32:33.037000 -CVE-2024-30088,0,0,615caa652e3da358da51c51f15135d7f6e7dd002c7c240bcf66b58eaa65c211f,2024-10-16T01:00:01.723000 +CVE-2024-30088,0,1,1dab43093b5072901da9066acd27eca8d351db0c5ffbd1285c5130761a385550,2024-11-29T15:44:17.180000 CVE-2024-30089,0,0,4e43134615c92032b0bcfe7d8f16028651d0419f3008bbba71b76be12059cb5b,2024-06-20T18:29:16.590000 CVE-2024-3009,0,0,8b899c397ecfd00f1ee3f51dbae8d515d2e3bb4c62eb0c1196641a4d91245267,2024-05-17T02:39:40.367000 CVE-2024-30090,0,0,96ebf0a7f0985ae46a2d723452a41ed657ba6b4ce79af153544cf75f0eac0ea5,2024-06-20T18:29:05.917000 @@ -254192,7 +254192,7 @@ CVE-2024-32716,0,0,18afc8e04e3fe20832b5fd3e295b6e2693a134ce99e181e3fef76e8391792 CVE-2024-32717,0,0,6bd860787c15d43975c77d2af79fad6c11c14c29ff18c0a86463e0672bf8af6e,2024-05-14T16:12:23.490000 CVE-2024-32718,0,0,34e79e1e2c610555e55fc391be5e68422098743d8187beea3a1cea724e709008,2024-04-24T13:39:42.883000 CVE-2024-32719,0,0,cefdc329118d69bf9e9cd6c9f04be6ddde7aeabac264be2925db1e2c0c3ddd3a,2024-05-14T16:12:23.490000 -CVE-2024-3272,0,0,c87b1496ac380aee2603524829fa96a7bfbdd6732cd5f81216d68334db5ad9b7,2024-08-14T19:32:10.557000 +CVE-2024-3272,0,1,8a5bbaa37744a77f5481c61a0b5f41ac9eef81e9741440f793473f5f8997d964,2024-11-29T16:45:43.063000 CVE-2024-32720,0,0,93a986cf75ca7625296d874a93af540d4e2c4eeb61a32deb3150b7b85a594a26,2024-05-17T18:35:35.070000 CVE-2024-32721,0,0,75d78333cd5d4cfed628f407eeb139e9db1d1908561efda48391bf39f7f95596,2024-04-24T13:39:42.883000 CVE-2024-32722,0,0,cc16e376360eb5ebf3e87ebde446dfebb17d5765bb423a1ccbad10bc4b863a32,2024-04-24T13:39:42.883000 @@ -254202,7 +254202,7 @@ CVE-2024-32725,0,0,ba392962caa870d6dfdad19734f9bf05645abc90c52d6080ffd98658c9d72 CVE-2024-32726,0,0,a7ad06ee22e722708bde34380a9a3798a181ec1a58780eee1169e7e2af334959,2024-04-24T13:39:42.883000 CVE-2024-32727,0,0,9e0f632c4bab561da89d6eacfc516793f5c94c57ff80cab560c6a68be16eb02c,2024-06-10T02:52:08.267000 CVE-2024-32728,0,0,00d9a94204337b954f172cec1e9f8fc5f31052a503c019e964e7ec72aeef06df,2024-04-24T17:16:50.397000 -CVE-2024-3273,0,0,415a43879e6a61ad10f137a816d5591339acd7b8df993cb43a330c4833e0448d,2024-08-14T19:31:37.420000 +CVE-2024-3273,0,1,e3e44b9a3a4ea2b228a7dfbca83bbc951e933501bb1dadf04b2691f25d37a328,2024-11-29T16:45:55.877000 CVE-2024-32730,0,0,0f333dbc863a9b66a759494964706dc841a0ddf45c0ed625b0d519a91b995cfe,2024-05-14T16:12:23.490000 CVE-2024-32731,0,0,9d3d7152eafe04ddb4ceb8a6b8c5b7504937fd292fca19c3ba2719df5aa836da,2024-05-14T19:17:55.627000 CVE-2024-32733,0,0,512fae47d8492d67b5639a6600e40ffaec9fbfa42f39c9dd4638f65430227418,2024-05-14T19:17:55.627000 @@ -254370,7 +254370,7 @@ CVE-2024-32892,0,0,6a017ad3b0c485077b83258ac2bcaa1581888670cd70963636eab58dba47d CVE-2024-32893,0,0,b11c36070d9dea986999a56213dd8e5d4f6f27474c49daf549b45061c7426f08,2024-07-11T14:04:33.807000 CVE-2024-32894,0,0,ba70a76f8b71eb537b49cee6f7fa1a0772490fb4332fb5fa1e4daabf4368ae19,2024-07-11T14:03:46.810000 CVE-2024-32895,0,0,37ca6b8571316751b05d4a9e48777cfb4897d71b63649b4eb730c4bef86865bb,2024-08-19T14:35:06.930000 -CVE-2024-32896,0,0,c56f21205218f41fb4988e64f30c654ae489c711d73d748f0dbf267b0a3dcb03,2024-08-14T19:33:40.713000 +CVE-2024-32896,0,1,dd18a2d0e9ceab5cd619fb697b3cdaf9a96542d355fbe789f097d6e43c131218,2024-11-29T16:43:34.323000 CVE-2024-32897,0,0,90e26042088ada707b934da98a5303718a15c9664281ad13fb45655a7f047677,2024-07-11T14:28:06.287000 CVE-2024-32898,0,0,a1164d1f13a42749bf96f7e0b3ba86ae7d47aa4b6dca1eac9925e7f63479422a,2024-07-11T14:28:44.707000 CVE-2024-32899,0,0,74d49a0c054c70b6782d3d17817d354b539c7fc1885677c696b3943279ac6319,2024-08-08T14:35:04.040000 @@ -255128,7 +255128,7 @@ CVE-2024-33996,0,0,3a1ccff7b15ef74d30247c0f7f73ffcc0dc644d71df2ad9a3b66250554292 CVE-2024-33997,0,0,a1b67f9141e983abbb533434dc38928810b4315794a01f73fb3845b5ec77f911,2024-06-03T14:46:24.250000 CVE-2024-33998,0,0,9e3de27d8bf76d6956fcf84fb478824118f2a7a5526fa450d9858736f7cac784,2024-06-03T14:46:24.250000 CVE-2024-33999,0,0,9ff412930445f4c469385132086f7d2514cfafda5bf0ca410efabaa361c1a624,2024-08-29T20:36:44.303000 -CVE-2024-3400,0,0,ac7236e657f4c64879864508ce5e161ec2ccd4c7e837c165c57bf7e10fe0f424,2024-05-29T16:00:24.093000 +CVE-2024-3400,0,1,517e51ed9f1965a8eab4217aa51ea77906cf8166fdca3f971bc721bf9b4c6050,2024-11-29T16:47:54.893000 CVE-2024-34000,0,0,9c8973bf50d20fe199c73acb3b12691230b30b8721d0a7e2cfac32d2e8620ee3,2024-11-14T21:35:05.657000 CVE-2024-34001,0,0,f47716837d9d4b12395545e21b0b97bd8f96773591892a37286f525df4cfafaf,2024-07-03T01:59:15.240000 CVE-2024-34002,0,0,7d5aad854779b78532969fe54f5cfd243c35b0bc72cafa02f18bbd3a15fadf2f,2024-10-31T18:35:12.750000 @@ -255224,7 +255224,7 @@ CVE-2024-34099,0,0,e726ec893da8bd1b2d593478012deb02081fb3ea5ef144a8f74b134b032b0 CVE-2024-3410,0,0,533c3c87802e0074c9d8405f1348fe90ff7e170f7331b0fceecfe41f39301921,2024-07-11T15:06:16.780000 CVE-2024-34100,0,0,d8828e50212ed74523ec3b065b2e3e4ed1a87a7eeaaf810d753c27d5c9b78bae,2024-05-15T16:40:19.330000 CVE-2024-34101,0,0,57dc3c112be34ec8b6fa52914716368e3e0d45ef2055bcb7e2a377daf556b987,2024-05-15T16:40:19.330000 -CVE-2024-34102,0,0,f536eb73d9ffa51de1c60d0da7cdbc91c1a0278d2ed255da17cedda31f00687f,2024-07-18T01:00:03.197000 +CVE-2024-34102,0,1,876ce402f51a8b6c02751efc7e4b69c49e28c64490e386fcdd90c90466ff21d3,2024-11-29T15:33:14.280000 CVE-2024-34103,0,0,8e858e6deebf3dd74486b084ebc01e723dadd4c1741289465f9eef03525519ca,2024-07-09T15:36:11.363000 CVE-2024-34104,0,0,0c3b9794948346667daf712c1fa8aea7e59869808e596eca4e201c3b2e06e87d,2024-07-09T15:36:40.730000 CVE-2024-34105,0,0,279c20cbee5e4f9fb4c4f5bc11b2ac4f0b15f01288e2ef51f37efbef66bcba62,2024-07-09T15:34:26.507000 @@ -256980,7 +256980,7 @@ CVE-2024-36398,0,0,a017912eaa359ccb64abc99a5eaf9e72ec22d15a9aaa14311e3308a01f19c CVE-2024-36399,0,0,c7ed7ab098785a5683d2c97a727166f68dcba37830b5786dc0593a492c6ddde9,2024-09-24T13:59:59.243000 CVE-2024-3640,0,0,634a3a61b60e4b6447ed9849adb2e8bddc05031ce5f2169a17d54b538992fc1b,2024-05-17T18:36:31.297000 CVE-2024-36400,0,0,47a38d468bfeafda14a4695dfbafb860220a66750f81a96f50551b5447b95aa6,2024-06-10T19:39:21.660000 -CVE-2024-36401,0,0,7b961e16e8c76d966a8d4e4c01c4b1bb9e6f5fd7f69da9cc9d7ed38678bd1ea3,2024-07-16T01:00:01.567000 +CVE-2024-36401,0,1,31255c330f99246bfe0bc2f818cca78d4cdf5df279630134ddcb3f5120ee0894,2024-11-29T15:32:24.923000 CVE-2024-36404,0,0,3acffb6244683e4a1012496e9fc835dc1388b16e0b939e0d9941ea3b83d69170,2024-07-02T17:44:45.700000 CVE-2024-36405,0,0,aef1812a23732b9ef129b2cdc8bca411888a4fc297cdf234b620831e8ff9e66f,2024-06-10T18:06:22.600000 CVE-2024-36406,0,0,7289600dbe296bcae2729bc0a37d0f467cb743e2f5a7ddff63acd9d68aa5aab9,2024-06-10T18:06:22.600000 @@ -257150,6 +257150,7 @@ CVE-2024-36668,0,0,e89c82c7c160394ecd7b95ff1019b3a4f5a00e165fb18cb7d323518ccaecb CVE-2024-36669,0,0,104d3a672bff1b5eaa10a113e663439a5f312f1541afff3e81ca8512250c4931,2024-08-19T17:35:19.970000 CVE-2024-3667,0,0,67c8386bf84232df2260001ef819e9d91b62f19cfb2a953cb76f444117b56973,2024-06-06T14:07:44.473000 CVE-2024-36670,0,0,8c5c9627ff09a12b5e27ead5d0f61ddab2f6322e6098c049f6b7c3d486873c80,2024-09-15T19:35:03.920000 +CVE-2024-36671,1,1,f307b046cafff8b0c64f417de583d26a02c04c10a4bdab7a0fa8252e1f8d3f2c,2024-11-29T15:15:17.027000 CVE-2024-36673,0,0,cb39668f9f58f2d8a6040611ae210c70420486b9fecf13d73a34b4086d9c3fd5,2024-08-16T18:35:11.847000 CVE-2024-36674,0,0,596db0f4764134086c028a91606ddd737131283bc4cd84cec3a5aabc9728f98e,2024-08-01T13:53:10.830000 CVE-2024-36675,0,0,445aea8b3a6805ba892fe7f2869c750c2b3d6134bd47b4b793be34b5aae951a9,2024-08-14T20:35:12.980000 @@ -257384,7 +257385,7 @@ CVE-2024-37026,0,0,72a4b17689cbdac04fb86cce78128e997cb4a2e097881aab9fb79c35d7ec4 CVE-2024-37027,0,0,4dc3e5cb80d4569b9b5d635193d722e490eb58453dc362e1599e328fb4c05632,2024-11-15T14:00:09.720000 CVE-2024-37028,0,0,b7e9c99e1fd0ecec6eefdacd33a3c9c912ef383532f72bb887cdccaeaf455e4d,2024-08-20T19:26:49.730000 CVE-2024-37029,0,0,2af12962304df614d8d33d4ab08c57fecf21a37e5688c3ed4ee5182e993c1306,2024-10-03T16:43:40.713000 -CVE-2024-3703,0,0,bd96f9d277c687f2c8df474724f359223698fb8a762e1288e006520ebff94d49,2024-05-03T12:48:41.067000 +CVE-2024-3703,0,1,2080817821aef58a35950a9a2e43fea9084fbc80f2586d869a26da229ac0b7a6,2024-11-29T16:15:10.427000 CVE-2024-37030,0,0,fd2ffe0451343e3904eb1ef2d3bdd61d01972dcadf49b7446191716921ad8082,2024-09-09T12:21:53.383000 CVE-2024-37031,0,0,2f7d5c8e7174260869edfe36942dd307dd6fa83a5cb85c12b2e7b310dd87c034,2024-10-27T14:35:09.030000 CVE-2024-37032,0,0,beeaa82ce4e7adb7aae5c7f769a38fdec94afd87f3fb4ab76e8b43cd58eb538b,2024-07-15T22:15:02.747000 @@ -259037,7 +259038,7 @@ CVE-2024-39156,0,0,77ee55fa44e5b5a1aee8c345b1d4424c08513568738373a9ed7a7016b20f5 CVE-2024-39157,0,0,7034c13893105630c126aaeda1d41a6cc977f264ae0a5560b4322987c45914a9,2024-07-03T02:05:42.557000 CVE-2024-39158,0,0,beef67f67d5e34e77b6dda17b52b1b915715ad948b917471fcfb6cb43631b837,2024-08-12T14:35:10.937000 CVE-2024-3916,0,0,f95518a402c56c15214d8c7d6dfe42604495d4bb38ccc0f52b32e4da2a1f88ce,2024-05-14T16:11:39.510000 -CVE-2024-39162,0,0,a94a801ddf1953019c781f8e5ed9896e90268b964a7649e82775feb6d245d876,2024-11-29T06:15:06.947000 +CVE-2024-39162,0,1,d89402b30ddce5f1d9bae9a5e9d5f1c6914a5fb854eec868c1c810e9722b3d34,2024-11-29T15:15:17.140000 CVE-2024-39165,0,0,865aa0107f3f6748d69255a4f99cc73813afe8f9fc3ab112adbd557bcb0e49d1,2024-08-01T13:55:29.123000 CVE-2024-3917,0,0,87493362103f61e3758851588aca1cc3facb0cf1f97ad5b068e06e988e9b2161,2024-07-03T02:06:53.877000 CVE-2024-39171,0,0,979bc13509f362c564b7984548b10a6ed307c7ff17f59734c1b5aba694dfcb6e,2024-07-12T17:15:38.200000 @@ -259235,7 +259236,7 @@ CVE-2024-39457,0,0,71348762cda2a65a9fb6ee86fb97ddb6684e341009bf79ffb50846af36c0e CVE-2024-39458,0,0,8e56dde5ecb35995bda9cb2458c23110885150a83030838204ca13c3649ba360,2024-11-05T21:35:10.140000 CVE-2024-39459,0,0,1425a7c40438beae2fcc381ff226df8d3356f5a9da722ef4550496b08e48d151,2024-11-01T17:35:06.707000 CVE-2024-3946,0,0,ab824b4f2a8403c27b100f5c3d6e7f8d9dd1c20c9aa138888e04631941f166f6,2024-05-30T13:15:41.297000 -CVE-2024-39460,0,0,4f78962312c460642ba8951e77b013301d272c348dd713c542bd0b2b628a69cf,2024-06-27T12:47:19.847000 +CVE-2024-39460,0,1,9d61a536a27d65684c6084e992b80cf96ee2aa8701ccc8a9334b62260368ed4f,2024-11-29T16:15:10.243000 CVE-2024-39461,0,0,bf1816ecd185e36f42cd6844b143d10650e3a0c645cde3f5c825da5e93746f58,2024-09-03T18:12:22.633000 CVE-2024-39462,0,0,d6fa49df9f42ed202e5a3cc2f250dce01e83d58a2dd9514f13116e83ffa785aa,2024-07-03T02:05:49.283000 CVE-2024-39463,0,0,02d5cb158e4460fecc3499fd90d0eee06e16e66094a4534822b29e1653529b96,2024-10-17T14:15:06.833000 @@ -265028,6 +265029,7 @@ CVE-2024-4838,0,0,18fa2348db877da11c5078171d002c78cc86239f9092091ea1ecb3106ab228 CVE-2024-4839,0,0,b71f0924b0409cbf87c224c453882d6c9b4eee1b8a725627eb630ec6587a6e2b,2024-06-24T19:26:47.037000 CVE-2024-48396,0,0,e6bec06764d82cb7bcb788cbf02d61a5b8cf783d546a1c28ebb405611c8acc81,2024-10-30T20:35:31.167000 CVE-2024-4840,0,0,7a8f20a0ec5233209e4a41e695adc74d1c7cda82b3b5dffacdd4c6925c1a6f23,2024-11-25T05:15:11.437000 +CVE-2024-48406,1,1,19744959b655292a8f4f695d60bad40be772c0195f590d0227cf84212c49d190,2024-11-29T15:15:17.297000 CVE-2024-4841,0,0,65ebfdfe2681835a6b4ece6477d685d2c79df9dc285d61b3c6847a6703ab5189,2024-06-24T12:57:36.513000 CVE-2024-48410,0,0,ccc65ac0ed111907d1e5a65a9755c401ec69cc35af0c3e48b39cab031ff07170,2024-11-04T21:35:10.317000 CVE-2024-48411,0,0,f02f5a173c68a1066ae1d0ad3ecb091448747ebc7ae5d98814db8ad4f2b7f72f,2024-10-16T19:35:11.290000 @@ -265115,7 +265117,7 @@ CVE-2024-48646,0,0,aee518bd8639c2b1389bb6f84d4647d768b8d41c706ad60bcac378e227396 CVE-2024-48647,0,0,44c6c007236263e21117c35fb111c988b9270e6496ba7b5759e642eb67e4cacb,2024-11-01T12:57:03.417000 CVE-2024-48648,0,0,2371cc8030e8ac186094519130fa5ca1a4f83235a8abc42b65aa3298adf54e50,2024-11-01T12:57:03.417000 CVE-2024-4865,0,0,df8706c5d26e485ec9b623150b314bb58c6338346ba72ce79d78a6dbca58bc77,2024-05-20T13:00:34.807000 -CVE-2024-48651,0,0,69115e3ff31cfcfdf39498bf674cb8d81057ba6ed5d4d238714e8052ceb01f99,2024-11-29T05:15:05.963000 +CVE-2024-48651,0,1,f0197e7609d526e9b91c56abb48f7be52f102bc1a47973d0312a75c9bc7d3752,2024-11-29T15:15:17.403000 CVE-2024-48652,0,0,de9357326c4ec67fec06a2f6916117e7d67385a63ec8c48f3929233398d3928a,2024-10-25T16:51:57.013000 CVE-2024-48654,0,0,b1175c42eb9b6ad703f77f6cacd261d0eb5f65c9d2e13e20c8b31a8501988240,2024-10-28T13:58:09.230000 CVE-2024-48655,0,0,deba327296a08d0d696cf679af86f2908e28c85780c887ff64191976b25da062,2024-10-29T20:35:33.500000 @@ -267333,7 +267335,7 @@ CVE-2024-52323,0,0,4140a8efee2487f8a0ab9781f1095192b3a647c23a2a9eaba3cf214b9a3b6 CVE-2024-5233,0,0,d230ff373762a089849cb791769c151d4d1eb1a364270894bffa0dbac945e679,2024-06-04T19:21:02.993000 CVE-2024-52336,0,0,949ae269b798bab2d7ca218eb98d31568214b48956aca56a8c3ba9923efc6b62,2024-11-29T05:15:06.110000 CVE-2024-52337,0,0,a5649257b85f98002715bd406fde94c10ebe08828f591a2b4f1615b14fa3d5c1,2024-11-29T05:15:06.337000 -CVE-2024-52338,0,0,5d2ff6f8e9c744aafe1b5c4345f4ae9cc033eb24a3a4e592b592f1ffe6f81a27,2024-11-28T20:15:17.490000 +CVE-2024-52338,0,1,9bcca0f5584def2789a1613da17d1dfa11f003cf9877e634fced8f070cd4a571,2024-11-29T15:15:17.550000 CVE-2024-52339,0,0,a92fd5f858dc2ec0979f9ef9252c34f43da704c1fe29995d6e8479e981a2460e,2024-11-19T21:57:32.967000 CVE-2024-5234,0,0,14a09ab7485c5dff6a0e2d37ff7f584b26da4a8cf075e00d5ab541632ac32bbb,2024-06-04T19:21:03.100000 CVE-2024-52340,0,0,1ce8f72307b0aab768065c6e681deaa5810d8249edcdb0269dd2cfb07a2d1504,2024-11-19T21:57:32.967000 @@ -267571,7 +267573,13 @@ CVE-2024-52769,0,0,b6cb45d7326db7c74bf072246ac67a1dfffc75d7966f0886ca77640876da3 CVE-2024-5277,0,0,c22b3e398c55d24f660b1a45a3310a9c6b0abef458e72374f87af318fc09202a,2024-10-09T14:49:25.753000 CVE-2024-52770,0,0,7aa9649a9670c716ce311ac92684885a9b795e1a2574f48cc59bb70ef562262a,2024-11-20T17:15:20.200000 CVE-2024-52771,0,0,57831cc0aec212fa9f5452cd5864fd9f742774698e80266ca54ea858d750ac1e,2024-11-27T17:15:14.017000 +CVE-2024-52777,1,1,7ad0491b8f875064d66bd961cd83d65b6ad880a0328eeadff65018faec39e4ed,2024-11-29T16:15:10.577000 +CVE-2024-52778,1,1,a309f27474b5a0f5486527ba9ed6d6490041c538f1278435c17cd04593b78e15,2024-11-29T16:15:10.700000 +CVE-2024-52779,1,1,f5d06d49ff2d0ee92e6acec43a59786cfd35a1c4943f516ab71468a0e6f60736,2024-11-29T16:15:10.810000 CVE-2024-5278,0,0,f0307415163f20adf37f2c92a0ed4578caa6aa4e699bedaa3aae52fa3124b77a,2024-10-17T13:56:49.813000 +CVE-2024-52780,1,1,08fc3421a66c2de7e5bfe396a14e694c13682ec45f0f42fdea140b90e0533de7,2024-11-29T16:15:10.933000 +CVE-2024-52781,1,1,4a48bdc08717ba656721859e84b3cc98c893a1a482ea553ec0d3c6a2e7d5654a,2024-11-29T16:15:11.040000 +CVE-2024-52782,1,1,063aee2f0f61419fcfd41d5d882306a3c5cea4c46847dd71358716d6a5dcf60d,2024-11-29T16:15:11.163000 CVE-2024-52787,0,0,f0be565609d1e673f989f286ed2b83aaf7115a7b1858a856c2ab7b57c986e03e,2024-11-27T17:15:14.397000 CVE-2024-52788,0,0,4abe1fd7690362e0e6e7183fadbb1999ee1afb82444324d21e730957cf5066a2,2024-11-22T17:15:10.490000 CVE-2024-52789,0,0,f640d56967c5320ac75d58f4ec0e813038d23df15a507a7fb489e9968905a84b,2024-11-22T17:15:10.660000 @@ -267763,7 +267771,7 @@ CVE-2024-53597,0,0,6fb1877a0982ea160cbc42724beb034aa3214028a5ebc23f5e6957510a045 CVE-2024-53599,0,0,fd3383bf56de062fbdbeb229ef5252493e3482e4bcfabf0584010575f7387ef2,2024-11-25T21:15:21.993000 CVE-2024-5360,0,0,9a09bdfd8f70d621de992279dbf64a12a444818faeedf82bbd859ed192a0d3f0,2024-05-28T12:39:42.673000 CVE-2024-53603,0,0,162b8a1c0030915029673db748be5d0adb733dae81b9ae207cb34767108f84eb,2024-11-27T16:15:14.583000 -CVE-2024-53604,0,1,f62d305bb98148833da87db5a11321e6ca6d6dd658f1c5fbfba2d66d119aa0aa,2024-11-29T14:15:05.893000 +CVE-2024-53604,0,0,f62d305bb98148833da87db5a11321e6ca6d6dd658f1c5fbfba2d66d119aa0aa,2024-11-29T14:15:05.893000 CVE-2024-5361,0,0,5486d2207143454b44a9225276732f9ee62f5258ee0c41c9fa5501a1b55451e4,2024-05-28T12:39:42.673000 CVE-2024-53619,0,0,7d24d177db4282b10dd583a800553384958865a9c2b032eab35d21cf889272f3,2024-11-26T20:15:33.880000 CVE-2024-5362,0,0,5b47523dd74fc943fbc0021df1551e4d13ec69c02c41616d4b2935f18460ef93,2024-06-04T19:21:06.287000 @@ -271255,7 +271263,7 @@ CVE-2024-9470,0,0,13c3a583553fbf2e90723a5a0ed6f2354808c5a1753993b658aba04d0ed9b2 CVE-2024-9471,0,0,2517c360d1e41d9c7ea79e15df7f34465e8f98b985f9011876ffa34a1656df21,2024-10-15T16:55:45.090000 CVE-2024-9472,0,0,6dc75bb8c902376e1f062a26c7a99982f272de37330a03e0fbfe9796bed76fac,2024-11-15T13:58:08.913000 CVE-2024-9473,0,0,2610a860a1ec132e11b499793a273ee08374ba46887944874ff47b7b5fdd4588,2024-10-17T06:15:04.983000 -CVE-2024-9474,0,0,289b7014b673ee54a94f6f35e0f3d8595096fe993d8f61499f7625b54ec1bb22,2024-11-26T19:55:09.117000 +CVE-2024-9474,0,1,448681945b27cd81e60c109742d670c65e5f749a03241b9c1a9adf61cc5b662e,2024-11-29T16:15:11.400000 CVE-2024-9475,0,0,273622ecfea8dd0cb8d3a034084a5946e50b2bee83443e844bae24857067e968,2024-10-28T13:58:09.230000 CVE-2024-9476,0,0,e9d7dbd43229ebc9ea9972271d753666a58d144ea232688064d92b4b52fc9277,2024-11-15T14:00:09.720000 CVE-2024-9477,0,0,cf43e95350fa7037b016e95ffdd76723a0091878a7d1f39dfbb116076ef07df2,2024-11-15T22:54:21.233000