admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-07-16T20:00:19.212607+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-07-16 20:03:13 +00:00
parent 62b4e86ac1
commit abde5666da
65 changed files with 1583 additions and 336 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2019/CVE-2019-166xx/CVE-2019-16638.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-16638",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T17:15:10.330",
"lastModified": "2024-07-16T17:15:10.330",
"vulnStatus": "Received",
"lastModified": "2024-07-16T18:00:02.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2019/CVE-2019-166xx/CVE-2019-16639.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-16639",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T17:15:10.430",
"lastModified": "2024-07-16T17:15:10.430",
"vulnStatus": "Received",
"lastModified": "2024-07-16T18:00:02.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2019/CVE-2019-166xx/CVE-2019-16640.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-16640",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T17:15:10.513",
"lastModified": "2024-07-16T17:15:10.513",
"vulnStatus": "Received",
"lastModified": "2024-07-16T18:00:02.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2019/CVE-2019-166xx/CVE-2019-16641.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-16641",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T17:15:10.600",
"lastModified": "2024-07-16T17:15:10.600",
"vulnStatus": "Received",
"lastModified": "2024-07-16T18:00:02.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2021/CVE-2021-37xx/CVE-2021-3773.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-3773",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-02-16T19:15:08.763",
"lastModified": "2023-02-24T14:41:18.053",
"vulnStatus": "Analyzed",
"lastModified": "2024-07-16T18:15:06.090",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -185,6 +185,10 @@
"Third Party Advisory"
]
},
{
"url": "https://citizenlab.ca/2024/07/vulnerabilities-in-vpns-paper-presented-at-the-privacy-enhancing-technologies-symposium-2024/",
"source": "secalert@redhat.com"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html",
"source": "secalert@redhat.com",

4
CVE-2022/CVE-2022-454xx/CVE-2022-45449.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45449",
"sourceIdentifier": "security@acronis.com",
"published": "2024-07-16T15:15:10.840",
"lastModified": "2024-07-16T15:15:10.840",
"vulnStatus": "Received",
"lastModified": "2024-07-16T18:00:02.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

25
CVE-2023/CVE-2023-314xx/CVE-2023-31456.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-31456",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T18:15:06.873",
"lastModified": "2024-07-16T18:15:06.873",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an SSRF vulnerability in the Fluid Topics platform that affects versions prior to 4.3, where the server can be forced to make arbitrary requests to internal and external resources by an authenticated user."
}
],
"metrics": {},
"references": [
{
"url": "https://antidot.net/blog/",
"source": "cve@mitre.org"
},
{
"url": "https://doc.fluidtopics.com/r/Fluid-Topics-Release-Notes/June-10th-2024",
"source": "cve@mitre.org"
}
]
}

58
CVE-2023/CVE-2023-419xx/CVE-2023-41916.json
View File

@ -2,16 +2,43 @@
"id": "CVE-2023-41916",
"sourceIdentifier": "security@apache.org",
"published": "2024-07-15T08:15:02.107",
"lastModified": "2024-07-15T13:00:34.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-16T18:06:13.463",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nIn Apache Linkis =1.4.0, due to the lack of effective filtering\nof parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will trigger\u00a0arbitrary file reading. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. Versions of Apache Linkis = 1.4.0 will be affected.\u00a0\nWe recommend users upgrade the version of Linkis to version 1.5.0.\n\n"
},
{
"lang": "es",
"value": "En Apache Linkis = 1.4.0, debido a la falta de filtrado efectivo de par\u00e1metros, un atacante que configure par\u00e1metros maliciosos de Mysql JDBC en el m\u00f3dulo DataSource Manager activar\u00e1 la lectura de archivos arbitrarios. Por lo tanto, los par\u00e1metros en la URL JDBC de Mysql deben estar en la lista negra. Este ataque requiere que el atacante obtenga una cuenta autorizada de Linkis antes de poder llevarse a cabo. Las versiones de Apache Linkis = 1.4.0 se ver\u00e1n afectadas. Recomendamos a los usuarios actualizar la versi\u00f3n de Linkis a la versi\u00f3n 1.5.0."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -24,10 +51,33 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.4.0",
"versionEndExcluding": "1.6.0",
"matchCriteriaId": "5F9BA8E6-F548-4333-989B-33F7B4362998"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/dxkpwyoxy1jpdwlpqp15zvo0jxn4v729",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-468xx/CVE-2023-46801.json
View File

@ -2,16 +2,43 @@
"id": "CVE-2023-46801",
"sourceIdentifier": "security@apache.org",
"published": "2024-07-15T08:15:02.253",
"lastModified": "2024-07-15T13:00:34.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-16T18:06:22.640",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nIn Apache Linkis <= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version < 1.8.0_241. The deserialization vulnerability exploited through jrmp can inject malicious files into the server and execute them. \n\nThis attack requires the attacker to obtain an authorized account from Linkis before it can be carried out.\u00a0 We recommend that users upgrade the java version to >= 1.8.0_241. Or users upgrade Linkis to version 1.6.0.\n\n"
},
{
"lang": "es",
"value": "En Apache Linkis &lt;= 1.5.0, el m\u00f3dulo de administraci\u00f3n de fuentes de datos, al agregar una fuente de datos Mysql, existe una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo para la versi\u00f3n de Java &lt;1.8.0_241. La vulnerabilidad de deserializaci\u00f3n explotada mediante jrmp puede inyectar archivos maliciosos en el servidor y ejecutarlos. Este ataque requiere que el atacante obtenga una cuenta autorizada de Linkis antes de poder llevarse a cabo. Recomendamos que los usuarios actualicen la versi\u00f3n de Java a &gt;= 1.8.0_241. O los usuarios actualizan Linkis a la versi\u00f3n 1.6.0."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -24,10 +51,33 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.4.0",
"versionEndExcluding": "1.6.0",
"matchCriteriaId": "5F9BA8E6-F548-4333-989B-33F7B4362998"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-495xx/CVE-2023-49566.json
View File

@ -2,16 +2,43 @@
"id": "CVE-2023-49566",
"sourceIdentifier": "security@apache.org",
"published": "2024-07-15T08:15:02.367",
"lastModified": "2024-07-15T13:00:34.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-16T18:06:05.347",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nIn Apache Linkis <=1.5.0, due to the lack of effective filtering\nof parameters, an attacker configuring malicious \n\ndb2\n\n parameters in the DataSource Manager Module will result\u00a0in jndi injection. Therefore, the parameters in the DB2 URL should be blacklisted.\u00a0\n\nThis attack requires the attacker to obtain an authorized account from Linkis before it can be carried out.\n\n Versions of Apache Linkis \n\n<=1.5.0\n\n will be affected.\nWe recommend users upgrade the version of Linkis to version 1.6.0.\n"
},
{
"lang": "es",
"value": "En Apache Linkis &lt;= 1.5.0, debido a la falta de un filtrado efectivo de par\u00e1metros, un atacante que configure par\u00e1metros db2 maliciosos en el m\u00f3dulo DataSource Manager resultar\u00e1 en una inyecci\u00f3n de jndi. Por lo tanto, los par\u00e1metros en la URL de DB2 deben estar en la lista negra. Este ataque requiere que el atacante obtenga una cuenta autorizada de Linkis antes de poder llevarse a cabo. Las versiones de Apache Linkis &lt;=1.5.0 se ver\u00e1n afectadas. Recomendamos a los usuarios actualizar la versi\u00f3n de Linkis a la versi\u00f3n 1.6.0."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -24,10 +51,33 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.4.0",
"versionEndExcluding": "1.6.0",
"matchCriteriaId": "5F9BA8E6-F548-4333-989B-33F7B4362998"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/t68yy52lmv7pxgrxnq6rw7rwvk9tb1xj",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

72
CVE-2024/CVE-2024-215xx/CVE-2024-21513.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-21513",
"sourceIdentifier": "report@snyk.io",
"published": "2024-07-15T05:15:01.857",
"lastModified": "2024-07-15T13:00:34.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-16T18:12:46.020",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Versions of the package langchain-experimental from 0.0.15 and before 0.0.21 are vulnerable to Arbitrary Code Execution when retrieving values from the database, the code will attempt to call 'eval' on all values. An attacker can exploit this vulnerability and execute arbitrary python code if they can control the input prompt and the server is configured with VectorSQLDatabaseChain.\r\r**Notes:**\r\rImpact on the Confidentiality, Integrity and Availability of the vulnerable component:\r\rConfidentiality: Code execution happens within the impacted component, in this case langchain-experimental, so all resources are necessarily accessible.\r\rIntegrity: There is nothing protected by the impacted component inherently. Although anything returned from the component counts as 'information' for which the trustworthiness can be compromised.\r\rAvailability: The loss of availability isn't caused by the attack itself, but it happens as a result during the attacker's post-exploitation steps.\r\r\rImpact on the Confidentiality, Integrity and Availability of the subsequent system:\r\rAs a legitimate low-privileged user of the package (PR:L) the attacker does not have more access to data owned by the package as a result of this vulnerability than they did with normal usage (e.g. can query the DB). The unintended action that one can perform by breaking out of the app environment and exfiltrating files, making remote connections etc. happens during the post exploitation phase in the subsequent system - in this case, the OS.\r\rAT:P: An attacker needs to be able to influence the input prompt, whilst the server is configured with the VectorSQLDatabaseChain plugin."
},
{
"lang": "es",
"value": "Las versiones del paquete langchain-experimental desde 0.0.15 y anteriores a 0.0.21 son vulnerables a la ejecuci\u00f3n de c\u00f3digo arbitrario cuando se recuperan valores de la base de datos; el c\u00f3digo intentar\u00e1 llamar a 'eval' en todos los valores. Un atacante puede aprovechar esta vulnerabilidad y ejecutar c\u00f3digo Python arbitrario si puede controlar el mensaje de entrada y el servidor est\u00e1 configurado con VectorSQLDatabaseChain. **Notas:** Impacto en la confidencialidad, integridad y disponibilidad del componente vulnerable: Confidencialidad: la ejecuci\u00f3n del c\u00f3digo ocurre dentro del componente afectado, en este caso langchain-experimental, por lo que todos los recursos son necesariamente accesibles. Integridad: No hay nada protegido inherentemente por el componente afectado. Aunque cualquier cosa devuelta por el componente cuenta como \"informaci\u00f3n\" cuya confiabilidad puede verse comprometida. Disponibilidad: la p\u00e9rdida de disponibilidad no es causada por el ataque en s\u00ed, sino que ocurre como resultado durante los pasos posteriores a la explotaci\u00f3n del atacante. Impacto en la confidencialidad, integridad y disponibilidad del sistema posterior: como usuario leg\u00edtimo con pocos privilegios del paquete (PR:L), el atacante no tiene m\u00e1s acceso a los datos propiedad del paquete como resultado de esta vulnerabilidad que antes. con uso normal (por ejemplo, puede consultar la base de datos). La acci\u00f3n no intencionada que se puede realizar al salir del entorno de la aplicaci\u00f3n y filtrar archivos, realizar conexiones remotas, etc., ocurre durante la fase posterior a la explotaci\u00f3n en el sistema posterior, en este caso, el sistema operativo. AT:P: Un atacante debe poder influir en el mensaje de entrada, mientras el servidor est\u00e1 configurado con el complemento VectorSQLDatabaseChain."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
},
{
"source": "report@snyk.io",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "report@snyk.io",
"type": "Secondary",
@ -47,18 +81,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:langchain:langchain-experimental:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.0.15",
"versionEndExcluding": "0.0.21",
"matchCriteriaId": "9A779A3F-F315-448F-8F23-3284923DED64"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/langchain-ai/langchain/blob/672907bbbb7c38bf19787b78e4ffd7c8a9026fe4/libs/experimental/langchain_experimental/sql/vector_sql.py%23L81",
"source": "report@snyk.io"
"source": "report@snyk.io",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/langchain-ai/langchain/commit/7b13292e3544b2f5f2bfb8a27a062ea2b0c34561",
"source": "report@snyk.io"
"source": "report@snyk.io",
"tags": [
"Patch"
]
},
{
"url": "https://security.snyk.io/vuln/SNYK-PYTHON-LANGCHAINEXPERIMENTAL-7278171",
"source": "report@snyk.io"
"source": "report@snyk.io",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-224xx/CVE-2024-22442.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22442",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-07-16T16:15:04.017",
"lastModified": "2024-07-16T16:15:04.017",
"vulnStatus": "Received",
"lastModified": "2024-07-16T18:00:02.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

62
CVE-2024/CVE-2024-237xx/CVE-2024-23794.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-23794",
"sourceIdentifier": "security@otrs.com",
"published": "2024-07-15T08:15:02.470",
"lastModified": "2024-07-15T13:00:34.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-16T18:05:45.550",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the setting 'RequiredLock' of 'AgentFrontend::Ticket::InlineEditing::Property###Watch' in the system configuration.This issue affects OTRS:\u00a0\n\n * 8.0.X\n * 2023.X\n * from 2024.X through 2024.4.x\n\n"
},
{
"lang": "es",
"value": "Una vulnerabilidad de asignaci\u00f3n de privilegios incorrecta en la funcionalidad de edici\u00f3n en l\u00ednea de OTRS puede provocar una escalada de privilegios. Esta falla permite que un agente con permisos de solo lectura obtenga acceso completo a un ticket. Este problema surge en casos muy raros cuando un administrador ha habilitado previamente la configuraci\u00f3n 'RequiredLock' de 'AgentFrontend::Ticket::InlineEditing::Property###Watch' en la configuraci\u00f3n del sistema. Este problema afecta a OTRS: * 8.0.X * 2023.X * desde 2024.X hasta 2024.4.x"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
},
{
"source": "security@otrs.com",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@otrs.com",
"type": "Secondary",
@ -47,10 +81,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "2024.5.2",
"matchCriteriaId": "9E122DB1-85DB-4430-A8C2-1B599364FD1F"
}
]
}
]
}
],
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2024-06/",
"source": "security@otrs.com"
"source": "security@otrs.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2024/CVE-2024-328xx/CVE-2024-32861.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-32861",
"sourceIdentifier": "productsecurity@jci.com",
"published": "2024-07-16T15:15:12.037",
"lastModified": "2024-07-16T15:15:12.037",
"vulnStatus": "Received",
"lastModified": "2024-07-16T18:00:02.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances the Software House C\u25cfCURE 9000 Site Server provides insufficient protection of directories containing executables."
"value": "Under certain circumstances the Software House C?CURE 9000 Site Server provides insufficient protection of directories containing executables."
}
],
"metrics": {

61
CVE-2024/CVE-2024-329xx/CVE-2024-32945.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-32945",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2024-07-15T09:15:02.260",
"lastModified": "2024-07-15T13:00:34.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-16T18:03:50.067",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state\u00a0which allows an attacker to change the contents of a LateX post, by creating another post with specific macro definitions."
},
{
"lang": "es",
"value": "Las versiones de Mattermost Mobile Apps &lt;= 2.16.0 no protegen contra el abuso de un estado MathJax compartido globalmente que permite a un atacante cambiar el contenido de una publicaci\u00f3n de LateX mediante la creaci\u00f3n de otra publicaci\u00f3n con definiciones de macro espec\u00edficas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-909"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -47,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_mobile:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.17.0",
"matchCriteriaId": "2FC511A8-A955-4FF9-AC43-A84FFC4C3142"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-32xx/CVE-2024-3232.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3232",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2024-07-16T17:15:11.267",
"lastModified": "2024-07-16T17:15:11.267",
"vulnStatus": "Received",
"lastModified": "2024-07-16T18:00:02.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-331xx/CVE-2024-33180.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-33180",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T16:15:04.767",
"lastModified": "2024-07-16T16:15:04.767",
"vulnStatus": "Received",
"lastModified": "2024-07-16T18:00:02.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

21
CVE-2024/CVE-2024-331xx/CVE-2024-33181.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-33181",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T18:15:07.617",
"lastModified": "2024-07-16T18:15:07.617",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceMac parameter at ip/goform/addWifiMacFilter."
}
],
"metrics": {},
"references": [
{
"url": "https://palm-vertebra-fe9.notion.site/addWifiMacFilter_2-0f7fab42d4254867b46fe92b25dc7c40",
"source": "cve@mitre.org"
}
]
}

4
CVE-2024/CVE-2024-331xx/CVE-2024-33182.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-33182",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T16:15:04.850",
"lastModified": "2024-07-16T16:15:04.850",
"vulnStatus": "Received",
"lastModified": "2024-07-16T18:00:02.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-353xx/CVE-2024-35338.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35338",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T16:15:04.933",
"lastModified": "2024-07-16T16:15:04.933",
"vulnStatus": "Received",
"lastModified": "2024-07-16T18:00:02.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

21
CVE-2024/CVE-2024-390xx/CVE-2024-39036.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-39036",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T19:15:12.460",
"lastModified": "2024-07-16T19:15:12.460",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SeaCMS v12.9 is vulnerable to Arbitrary File Read via admin_safe.php."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/seacms-net/CMS/issues/18",
"source": "cve@mitre.org"
}
]
}

60
CVE-2024/CVE-2024-397xx/CVE-2024-39700.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-39700",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-16T18:15:07.857",
"lastModified": "2024-07-16T18:15:07.857",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "JupyterLab extension template is a `copier` template for JupyterLab extensions. Repositories created using this template with `test` option include `update-integration-tests.yml` workflow which has an RCE vulnerability. Extension authors hosting their code on GitHub are urged to upgrade the template to the latest version. Users who made changes to `update-integration-tests.yml`, accept overwriting of this file and re-apply your changes later. Users may wish to temporarily disable GitHub Actions while working on the upgrade. We recommend rebasing all open pull requests from untrusted users as actions may run using the version from the `main` branch at the time when the pull request was created. Users who are upgrading from template version prior to 4.3.0 may wish to leave out proposed changes to the release workflow for now as it requires additional configuration."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/jupyterlab/extension-template/commit/035e78c1c65bcedee97c95bb683abe59c96bc4e6",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jupyterlab/extension-template/security/advisories/GHSA-45gq-v5wm-82wg",
"source": "security-advisories@github.com"
}
]
}

61
CVE-2024/CVE-2024-397xx/CVE-2024-39767.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-39767",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2024-07-15T09:15:02.573",
"lastModified": "2024-07-15T13:00:34.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-16T18:04:02.993",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mattermost Mobile Apps versions <=2.16.0 fail to validate that the push notifications received for a server actually came from this serve that which allows a malicious server to send push notifications with another server\u2019s diagnostic ID or server URL and have them show up in mobile apps as that server\u2019s push notifications."
},
{
"lang": "es",
"value": "Las versiones de Mattermost Mobile Apps &lt;= 2.16.0 no pueden validar que las notificaciones autom\u00e1ticas recibidas para un servidor en realidad provienen de este servicio, lo que permite a un servidor malicioso enviar notificaciones autom\u00e1ticas con el ID de diagn\u00f3stico o la URL del servidor de otro servidor y hacer que aparezcan en el dispositivo m\u00f3vil aplicaciones como las notificaciones push de ese servidor."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -47,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_mobile:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.17.0",
"matchCriteriaId": "2FC511A8-A955-4FF9-AC43-A84FFC4C3142"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-399xx/CVE-2024-39908.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-39908",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-16T18:15:08.167",
"lastModified": "2024-07-16T18:15:08.167",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": " REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as `<`, `0` and `%>`. If you need to parse untrusted XMLs, you many be impacted to these vulnerabilities. The REXML gem 3.3.2 or later include the patches to fix these vulnerabilities. Users are advised to upgrade. Users unable to upgrade should avoid parsing untrusted XML strings."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-4xqq-m2hx-25v8",
"source": "security-advisories@github.com"
},
{
"url": "https://www.ruby-lang.org/en/news/2024/07/16/dos-rexml-cve-2024-39908",
"source": "security-advisories@github.com"
}
]
}

25
CVE-2024/CVE-2024-401xx/CVE-2024-40129.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-40129",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T19:15:12.600",
"lastModified": "2024-07-16T19:15:12.600",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open5GS v2.6.4 is vulnerable to Buffer Overflow. via /lib/pfcp/context.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/open5gs/open5gs/commit/2fbc445d32aa7749166396a9c055a199f90a1b01",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/open5gs/open5gs/issues/2585",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-401xx/CVE-2024-40130.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-40130",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T19:15:12.683",
"lastModified": "2024-07-16T19:15:12.683",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "open5gs v2.6.4 is vulnerable to Buffer Overflow. via /lib/core/abts.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/open5gs/open5gs/issues/2577",
"source": "cve@mitre.org"
}
]
}

4
CVE-2024/CVE-2024-403xx/CVE-2024-40322.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40322",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T16:15:05.290",
"lastModified": "2024-07-16T16:15:05.290",
"vulnStatus": "Received",
"lastModified": "2024-07-16T18:00:02.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

21
CVE-2024/CVE-2024-403xx/CVE-2024-40392.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-40392",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T19:15:12.773",
"lastModified": "2024-07-16T19:15:12.773",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SourceCodester Pharmacy/Medical Store Point of Sale System Using PHP/MySQL and Bootstrap Framework with Source Code 1.0 was discovered to contain a SQL injection vulnerability via the name parameter under addnew.php."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/CveSecLook/cve/issues/46",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-403xx/CVE-2024-40393.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-40393",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T19:15:12.873",
"lastModified": "2024-07-16T19:15:12.873",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Online Clinic Management System In PHP With Free Source code v1.0 was discovered to contain a SQL injection vulnerability via the user parameter at login.php."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/CveSecLook/cve/issues/47",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-403xx/CVE-2024-40394.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-40394",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T19:15:12.957",
"lastModified": "2024-07-16T19:15:12.957",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Simple Library Management System Project Using PHP/MySQL v1.0 was discovered to contain an arbitrary file upload vulnerability via the component ajax.php."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/CveSecLook/cve/issues/48",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-404xx/CVE-2024-40425.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-40425",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T18:15:08.433",
"lastModified": "2024-07-16T18:15:08.433",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "File Upload vulnerability in Nanjin Xingyuantu Technology Co Sparkshop (Spark Mall B2C Mall v.1.1.6 and before allows a remote attacker to execute arbitrary code via the contorller/common.php component."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/J1rrY-learn/26524d4714a81cf2d64583069e96f765",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-405xx/CVE-2024-40503.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-40503",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T19:15:13.043",
"lastModified": "2024-07-16T19:15:13.043",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in Tenda AX12 v.16.03.49.18_cn+ allows a remote attacker to cause a denial of service via the Routing functionality and ICMP packet handling."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/Mivik/8927ad100a638756e1fe214dd5fca5f9",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-405xx/CVE-2024-40516.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-40516",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-16T19:15:13.133",
"lastModified": "2024-07-16T19:15:13.133",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in H3C Technologies Co., Limited H3C Magic RC3000 RC3000V100R009 allows a remote attacker to execute arbitrary code via the Routing functionality."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/as-lky/2acc62c6283c7a1fe3af046b05091d15",
"source": "cve@mitre.org"
}
]
}

4
CVE-2024/CVE-2024-406xx/CVE-2024-40626.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40626",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-16T17:15:11.580",
"lastModified": "2024-07-16T17:15:11.580",
"vulnStatus": "Received",
"lastModified": "2024-07-16T18:00:02.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-51xx/CVE-2024-5154.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-5154",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-06-12T09:15:19.973",
"lastModified": "2024-06-27T05:15:51.567",
"lastModified": "2024-07-16T18:15:08.530",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in cri-o. A malicious container can create a symbolic link pointing to an arbitrary directory or file on the host via directory traversal (\u201c../\u201c). This flaw allows the container to read and write to arbitrary files on the host system."
"value": "A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (\u201c../\u201c). This flaw allows the container to read and write to arbitrary files on the host system."
},
{
"lang": "es",

65
CVE-2024/CVE-2024-56xx/CVE-2024-5630.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5630",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-07-15T06:15:01.827",
"lastModified": "2024-07-15T13:00:34.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-16T18:10:17.693",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,68 @@
"value": "El complemento Insert or Embed Articulate Content into de WordPress anterior a 4.3000000024 no impide que los autores carguen archivos arbitrarios al sitio, lo que puede permitirles cargar shells PHP en los sitios afectados."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:elearningfreak:insert_or_embed_articulate_content:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.3000000024",
"matchCriteriaId": "CD0562B8-AB22-4C8D-A96B-A77EFDD164FE"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/538c875f-4c20-4be0-8098-5bddb7aecff4/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-60xx/CVE-2024-6089.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6089",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-07-16T17:15:11.817",
"lastModified": "2024-07-16T17:15:11.817",
"vulnStatus": "Received",
"lastModified": "2024-07-16T18:00:02.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

65
CVE-2024/CVE-2024-62xx/CVE-2024-6289.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6289",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-07-15T06:15:02.413",
"lastModified": "2024-07-15T13:00:34.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-16T18:08:12.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,68 @@
"value": "El complemento WPS Hide Login WordPress anterior a 1.9.16.4 no impide las redirecciones a la p\u00e1gina de inicio de sesi\u00f3n a trav\u00e9s de la funci\u00f3n auth_redirect de WordPress, lo que permite que un visitante no autenticado acceda a la p\u00e1gina de inicio de sesi\u00f3n oculta."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpserveur:wps_hide_login:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.9.16.4",
"matchCriteriaId": "664E9FF6-B832-4199-BA2B-5FC35CDCAD64"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/fd6d0362-df1d-4416-b8b5-6e5d0ce84793/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-63xx/CVE-2024-6325.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6325",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-07-16T17:15:11.947",
"lastModified": "2024-07-16T17:15:11.947",
"vulnStatus": "Received",
"lastModified": "2024-07-16T18:00:02.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-63xx/CVE-2024-6326.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6326",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-07-16T17:15:12.117",
"lastModified": "2024-07-16T17:15:12.117",
"vulnStatus": "Received",
"lastModified": "2024-07-16T18:00:02.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

21
CVE-2024/CVE-2024-64xx/CVE-2024-6492.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-6492",
"sourceIdentifier": "security@devolutions.net",
"published": "2024-07-16T19:15:13.567",
"lastModified": "2024-07-16T19:15:13.567",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Exposure of Sensitive Information in edge browser session proxy feature in Devolutions Remote Desktop Manager 2024.2.14.0 and earlier on Windows allows an attacker to intercept proxy credentials via a specially crafted website."
}
],
"metrics": {},
"references": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2024-0012",
"source": "security@devolutions.net"
}
]
}

62
CVE-2024/CVE-2024-65xx/CVE-2024-6540.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-6540",
"sourceIdentifier": "security@otrs.com",
"published": "2024-07-15T08:15:02.743",
"lastModified": "2024-07-15T13:00:34.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-16T18:05:37.267",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing information about tickets of other customers. The problem only occurs if the TicketSearchLegacyEngine has been disabled by the administrator.\nThis issue affects OTRS: 8.0.X, 2023.X, from 2024.X through 2024.4.x\n\n"
},
{
"lang": "es",
"value": "Un filtrado inadecuado de los campos al utilizar la funci\u00f3n de exportaci\u00f3n en la descripci\u00f3n general de tickets de la interfaz externa en OTRS podr\u00eda permitir a un usuario autorizado descargar una lista de tickets que contiene informaci\u00f3n sobre tickets de otros clientes. El problema solo ocurre si el administrador ha desactivado TicketSearchLegacyEngine. Este problema afecta a OTRS: 8.0.X, 2023.X, desde 2024.X hasta 2024.4.x"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
},
{
"source": "security@otrs.com",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@otrs.com",
"type": "Secondary",
@ -47,10 +81,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "2024.5.2",
"matchCriteriaId": "9E122DB1-85DB-4430-A8C2-1B599364FD1F"
}
]
}
]
}
],
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2024-07/",
"source": "security@otrs.com"
"source": "security@otrs.com",
"tags": [
"Vendor Advisory"
]
}
]
}

12
CVE-2024/CVE-2024-66xx/CVE-2024-6600.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-6600",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:12.273",
"lastModified": "2024-07-09T18:19:14.047",
"lastModified": "2024-07-16T18:15:08.737",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on mac OS. This vulnerability affects Firefox < 128 and Firefox ESR < 115.13."
"value": "Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on mac OS. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128."
},
{
"lang": "es",
@ -28,6 +28,14 @@
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-30/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-31/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"source": "security@mozilla.org"
}
]
}

12
CVE-2024/CVE-2024-66xx/CVE-2024-6601.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-6601",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:12.410",
"lastModified": "2024-07-09T18:19:14.047",
"lastModified": "2024-07-16T18:15:08.830",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128 and Firefox ESR < 115.13."
"value": "A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128."
},
{
"lang": "es",
@ -28,6 +28,14 @@
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-30/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-31/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"source": "security@mozilla.org"
}
]
}

12
CVE-2024/CVE-2024-66xx/CVE-2024-6602.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-6602",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:12.473",
"lastModified": "2024-07-11T15:06:37.333",
"lastModified": "2024-07-16T18:15:08.900",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A mismatch between allocator and deallocator could have lead to memory corruption. This vulnerability affects Firefox < 128 and Firefox ESR < 115.13."
"value": "A mismatch between allocator and deallocator could have lead to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128."
},
{
"lang": "es",
@ -51,6 +51,14 @@
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-30/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-31/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"source": "security@mozilla.org"
}
]
}

12
CVE-2024/CVE-2024-66xx/CVE-2024-6603.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-6603",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:12.533",
"lastModified": "2024-07-12T16:12:10.480",
"lastModified": "2024-07-16T18:15:08.990",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128 and Firefox ESR < 115.13."
"value": "In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128."
},
{
"lang": "es",
@ -63,6 +63,14 @@
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-30/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-31/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"source": "security@mozilla.org"
}
]
}

12
CVE-2024/CVE-2024-66xx/CVE-2024-6604.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-6604",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:12.597",
"lastModified": "2024-07-09T18:18:38.713",
"lastModified": "2024-07-16T18:15:09.077",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128 and Firefox ESR < 115.13."
"value": "Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128."
},
{
"lang": "es",
@ -28,6 +28,14 @@
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-30/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-31/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"source": "security@mozilla.org"
}
]
}

8
CVE-2024/CVE-2024-66xx/CVE-2024-6606.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-6606",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:12.727",
"lastModified": "2024-07-11T15:06:37.647",
"lastModified": "2024-07-16T18:15:09.247",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Clipboard code failed to check the index on an array access. This could have lead to an out-of-bounds read. This vulnerability affects Firefox < 128."
"value": "Clipboard code failed to check the index on an array access. This could have lead to an out-of-bounds read. This vulnerability affects Firefox < 128 and Thunderbird < 128."
},
{
"lang": "es",
@ -47,6 +47,10 @@
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"source": "security@mozilla.org"
}
]
}

8
CVE-2024/CVE-2024-66xx/CVE-2024-6607.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-6607",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:12.790",
"lastModified": "2024-07-09T18:18:38.713",
"lastModified": "2024-07-16T18:15:09.327",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `&lt;select&gt;` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox < 128."
"value": "It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `&lt;select&gt;` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox < 128 and Thunderbird < 128."
},
{
"lang": "es",
@ -24,6 +24,10 @@
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"source": "security@mozilla.org"
}
]
}

8
CVE-2024/CVE-2024-66xx/CVE-2024-6608.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-6608",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:12.863",
"lastModified": "2024-07-09T18:18:38.713",
"lastModified": "2024-07-16T18:15:09.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128."
"value": "It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128."
},
{
"lang": "es",
@ -24,6 +24,10 @@
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"source": "security@mozilla.org"
}
]
}

8
CVE-2024/CVE-2024-66xx/CVE-2024-6609.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-6609",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:12.923",
"lastModified": "2024-07-09T18:18:38.713",
"lastModified": "2024-07-16T18:15:09.457",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128."
"value": "When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128."
},
{
"lang": "es",
@ -24,6 +24,10 @@
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"source": "security@mozilla.org"
}
]
}

8
CVE-2024/CVE-2024-66xx/CVE-2024-6610.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-6610",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:12.983",
"lastModified": "2024-07-09T18:18:38.713",
"lastModified": "2024-07-16T18:15:09.527",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128."
"value": "Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128."
},
{
"lang": "es",
@ -24,6 +24,10 @@
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"source": "security@mozilla.org"
}
]
}

8
CVE-2024/CVE-2024-66xx/CVE-2024-6611.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-6611",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:13.047",
"lastModified": "2024-07-11T15:06:37.977",
"lastModified": "2024-07-16T18:15:09.590",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox < 128."
"value": "A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox < 128 and Thunderbird < 128."
},
{
"lang": "es",
@ -59,6 +59,10 @@
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"source": "security@mozilla.org"
}
]
}

8
CVE-2024/CVE-2024-66xx/CVE-2024-6612.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-6612",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:13.107",
"lastModified": "2024-07-11T15:06:38.870",
"lastModified": "2024-07-16T18:15:09.667",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox < 128."
"value": "CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox < 128 and Thunderbird < 128."
},
{
"lang": "es",
@ -59,6 +59,10 @@
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"source": "security@mozilla.org"
}
]
}

8
CVE-2024/CVE-2024-66xx/CVE-2024-6613.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-6613",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:13.170",
"lastModified": "2024-07-09T18:18:38.713",
"lastModified": "2024-07-16T18:15:09.747",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128."
"value": "The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128 and Thunderbird < 128."
},
{
"lang": "es",
@ -24,6 +24,10 @@
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"source": "security@mozilla.org"
}
]
}

8
CVE-2024/CVE-2024-66xx/CVE-2024-6614.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-6614",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:13.237",
"lastModified": "2024-07-09T18:18:38.713",
"lastModified": "2024-07-16T18:15:09.813",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128."
"value": "The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128 and Thunderbird < 128."
},
{
"lang": "es",
@ -24,6 +24,10 @@
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"source": "security@mozilla.org"
}
]
}

8
CVE-2024/CVE-2024-66xx/CVE-2024-6615.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-6615",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:13.307",
"lastModified": "2024-07-09T18:18:38.713",
"lastModified": "2024-07-16T18:15:09.893",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory safety bugs present in Firefox 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128."
"value": "Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128 and Thunderbird < 128."
},
{
"lang": "es",
@ -24,6 +24,10 @@
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-29/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-32/",
"source": "security@mozilla.org"
}
]
}

4
CVE-2024/CVE-2024-66xx/CVE-2024-6655.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6655",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-07-16T15:15:12.597",
"lastModified": "2024-07-16T15:15:12.597",
"vulnStatus": "Received",
"lastModified": "2024-07-16T18:00:02.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

79
CVE-2024/CVE-2024-67xx/CVE-2024-6739.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-6739",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-07-15T04:15:02.073",
"lastModified": "2024-07-15T13:00:34.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-16T18:02:40.327",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The session cookie in MailGates and MailAudit from Openfind does not have the HttpOnly flag enabled, allowing remote attackers to potentially steal the session cookie via XSS."
},
{
"lang": "es",
"value": "La cookie de sesi\u00f3n en MailGates y MailAudit de Openfind no tiene el indicador HttpOnly habilitado, lo que permite a atacantes remotos potencialmente robar la cookie de sesi\u00f3n a trav\u00e9s de XSS."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "twcert@cert.org.tw",
"type": "Secondary",
@ -37,8 +61,18 @@
},
"weaknesses": [
{
"source": "twcert@cert.org.tw",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "twcert@cert.org.tw",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -47,18 +81,51 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openfind:mailaudit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.7.040",
"matchCriteriaId": "AD9F67A2-3B7D-4883-8EC0-6B8473D9D621"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openfind:mailgates:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.7.040",
"matchCriteriaId": "AD67B0A9-415B-4005-9FE5-21FDC1A12619"
}
]
}
]
}
],
"references": [
{
"url": "https://www.openfind.com.tw/taiwan/download/Openfind_OF-ISAC-24-007.pdf",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Exploit"
]
},
{
"url": "https://www.twcert.org.tw/en/cp-139-7928-04e8a-2.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.twcert.org.tw/tw/cp-132-7927-03837-1.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2024/CVE-2024-67xx/CVE-2024-6740.json
View File

@ -2,19 +2,23 @@
"id": "CVE-2024-6740",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-07-15T08:15:03.087",
"lastModified": "2024-07-15T13:00:34.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-16T18:04:27.443",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Openfind's Mail2000 does not properly validate email atachments, allowing unauthenticated remote attackers to inject JavaScript code within the attachment and perform Stored Cross-site scripting attacks."
},
{
"lang": "es",
"value": "Mail2000 de Openfind no valida adecuadamente los archivos adjuntos de correo electr\u00f3nico, lo que permite a atacantes remotos no autenticados inyectar c\u00f3digo JavaScript dentro del archivo adjunto y realizar ataques de Cross-site Scripting Almacenado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "twcert@cert.org.tw",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -32,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "twcert@cert.org.tw",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -47,18 +71,49 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openfind:mail2000:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1762976A-2372-49D5-BD94-77F8C0C86DC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openfind:mail2000:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC17A2D8-B006-4738-A6CB-F6B277460B6B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.openfind.com.tw/taiwan/download/Openfind_OF-ISAC-24-007.pdf",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Exploit"
]
},
{
"url": "https://www.twcert.org.tw/en/cp-139-7939-3423f-2.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.twcert.org.tw/tw/cp-132-7938-d9c97-1.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-67xx/CVE-2024-6742.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6742",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-07-15T06:15:02.497",
"lastModified": "2024-07-15T13:00:34.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-16T18:07:58.773",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:space_management_system_project:space_management_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024-04-09-3302",
"matchCriteriaId": "1259629D-B4F6-4082-BB0D-122E0904C3B4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/en/cp-139-7931-608eb-2.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.twcert.org.tw/tw/cp-132-7930-e0368-1.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

41
CVE-2024/CVE-2024-67xx/CVE-2024-6743.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-6743",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-07-15T07:15:25.310",
"lastModified": "2024-07-15T13:00:34.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-16T18:07:47.567",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "AguardNet's Space Management System does not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents."
},
{
"lang": "es",
"value": "El sistema de gesti\u00f3n espacial de AguardNet no valida adecuadamente la entrada del usuario, lo que permite a atacantes remotos no autenticados inyectar comandos SQL arbitrarios para leer, modificar y eliminar contenidos de la base de datos."
}
],
"metrics": {
@ -47,14 +51,43 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:space_management_system_project:space_management_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024-04-09-3302",
"matchCriteriaId": "1259629D-B4F6-4082-BB0D-122E0904C3B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:space_management_system_project:space_management_system:2024-04-09-3302:*:*:*:*:*:*:*",
"matchCriteriaId": "F5EF5546-580E-4D3B-A038-B716F22EE25F"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/en/cp-139-7933-9a38d-2.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.twcert.org.tw/tw/cp-132-7932-a6d4d-1.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

48
CVE-2024/CVE-2024-67xx/CVE-2024-6744.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-6744",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-07-15T07:15:25.573",
"lastModified": "2024-07-15T13:00:34.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-16T18:06:51.390",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Overflow vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands on the remote server."
},
{
"lang": "es",
"value": "El detector SMTP de Secure Email Gateway de Cellopoint no valida correctamente la entrada del usuario, lo que genera una vulnerabilidad de desbordamiento del b\u00fafer. Un atacante remoto no autenticado puede aprovechar esta vulnerabilidad para ejecutar comandos arbitrarios del sistema en el servidor remoto."
}
],
"metrics": {
@ -37,8 +41,18 @@
},
"weaknesses": [
{
"source": "twcert@cert.org.tw",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "twcert@cert.org.tw",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -47,14 +61,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cellopoint:secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0",
"matchCriteriaId": "6E822200-5CA2-4BCF-B9E8-5E0DD3B93D30"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/en/cp-139-7937-acbb5-2.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.twcert.org.tw/tw/cp-132-7936-f6381-1.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

86
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-07-16T18:00:19.141732+00:00
2024-07-16T20:00:19.212607+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-07-16T17:58:57.337000+00:00
2024-07-16T19:15:13.567000+00:00
```
### Last Data Feed Release
@ -33,58 +33,58 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
257208
257222
```
### CVEs added in the last Commit
Recently added CVEs: `14`
- [CVE-2019-16638](CVE-2019/CVE-2019-166xx/CVE-2019-16638.json) (`2024-07-16T17:15:10.330`)
- [CVE-2019-16639](CVE-2019/CVE-2019-166xx/CVE-2019-16639.json) (`2024-07-16T17:15:10.430`)
- [CVE-2019-16640](CVE-2019/CVE-2019-166xx/CVE-2019-16640.json) (`2024-07-16T17:15:10.513`)
- [CVE-2019-16641](CVE-2019/CVE-2019-166xx/CVE-2019-16641.json) (`2024-07-16T17:15:10.600`)
- [CVE-2024-22442](CVE-2024/CVE-2024-224xx/CVE-2024-22442.json) (`2024-07-16T16:15:04.017`)
- [CVE-2024-3232](CVE-2024/CVE-2024-32xx/CVE-2024-3232.json) (`2024-07-16T17:15:11.267`)
- [CVE-2024-33180](CVE-2024/CVE-2024-331xx/CVE-2024-33180.json) (`2024-07-16T16:15:04.767`)
- [CVE-2024-33182](CVE-2024/CVE-2024-331xx/CVE-2024-33182.json) (`2024-07-16T16:15:04.850`)
- [CVE-2024-35338](CVE-2024/CVE-2024-353xx/CVE-2024-35338.json) (`2024-07-16T16:15:04.933`)
- [CVE-2024-40322](CVE-2024/CVE-2024-403xx/CVE-2024-40322.json) (`2024-07-16T16:15:05.290`)
- [CVE-2024-40626](CVE-2024/CVE-2024-406xx/CVE-2024-40626.json) (`2024-07-16T17:15:11.580`)
- [CVE-2024-6089](CVE-2024/CVE-2024-60xx/CVE-2024-6089.json) (`2024-07-16T17:15:11.817`)
- [CVE-2024-6325](CVE-2024/CVE-2024-63xx/CVE-2024-6325.json) (`2024-07-16T17:15:11.947`)
- [CVE-2024-6326](CVE-2024/CVE-2024-63xx/CVE-2024-6326.json) (`2024-07-16T17:15:12.117`)
- [CVE-2023-31456](CVE-2023/CVE-2023-314xx/CVE-2023-31456.json) (`2024-07-16T18:15:06.873`)
- [CVE-2024-33181](CVE-2024/CVE-2024-331xx/CVE-2024-33181.json) (`2024-07-16T18:15:07.617`)
- [CVE-2024-39036](CVE-2024/CVE-2024-390xx/CVE-2024-39036.json) (`2024-07-16T19:15:12.460`)
- [CVE-2024-39700](CVE-2024/CVE-2024-397xx/CVE-2024-39700.json) (`2024-07-16T18:15:07.857`)
- [CVE-2024-39908](CVE-2024/CVE-2024-399xx/CVE-2024-39908.json) (`2024-07-16T18:15:08.167`)
- [CVE-2024-40129](CVE-2024/CVE-2024-401xx/CVE-2024-40129.json) (`2024-07-16T19:15:12.600`)
- [CVE-2024-40130](CVE-2024/CVE-2024-401xx/CVE-2024-40130.json) (`2024-07-16T19:15:12.683`)
- [CVE-2024-40392](CVE-2024/CVE-2024-403xx/CVE-2024-40392.json) (`2024-07-16T19:15:12.773`)
- [CVE-2024-40393](CVE-2024/CVE-2024-403xx/CVE-2024-40393.json) (`2024-07-16T19:15:12.873`)
- [CVE-2024-40394](CVE-2024/CVE-2024-403xx/CVE-2024-40394.json) (`2024-07-16T19:15:12.957`)
- [CVE-2024-40425](CVE-2024/CVE-2024-404xx/CVE-2024-40425.json) (`2024-07-16T18:15:08.433`)
- [CVE-2024-40503](CVE-2024/CVE-2024-405xx/CVE-2024-40503.json) (`2024-07-16T19:15:13.043`)
- [CVE-2024-40516](CVE-2024/CVE-2024-405xx/CVE-2024-40516.json) (`2024-07-16T19:15:13.133`)
- [CVE-2024-6492](CVE-2024/CVE-2024-64xx/CVE-2024-6492.json) (`2024-07-16T19:15:13.567`)
### CVEs modified in the last Commit
Recently modified CVEs: `113`
Recently modified CVEs: `49`
- [CVE-2020-1956](CVE-2020/CVE-2020-19xx/CVE-2020-1956.json) (`2024-07-16T17:41:15.993`)
- [CVE-2020-25223](CVE-2020/CVE-2020-252xx/CVE-2020-25223.json) (`2024-07-16T17:40:47.167`)
- [CVE-2020-7247](CVE-2020/CVE-2020-72xx/CVE-2020-7247.json) (`2024-07-16T17:40:26.627`)
- [CVE-2020-9377](CVE-2020/CVE-2020-93xx/CVE-2020-9377.json) (`2024-07-16T17:40:37.377`)
- [CVE-2021-20028](CVE-2021/CVE-2021-200xx/CVE-2021-20028.json) (`2024-07-16T17:51:07.847`)
- [CVE-2021-34486](CVE-2021/CVE-2021-344xx/CVE-2021-34486.json) (`2024-07-16T17:50:44.237`)
- [CVE-2021-38646](CVE-2021/CVE-2021-386xx/CVE-2021-38646.json) (`2024-07-16T17:50:15.667`)
- [CVE-2022-21999](CVE-2022/CVE-2022-219xx/CVE-2022-21999.json) (`2024-07-16T17:47:26.240`)
- [CVE-2022-44036](CVE-2022/CVE-2022-440xx/CVE-2022-44036.json) (`2024-07-16T16:15:03.690`)
- [CVE-2023-38947](CVE-2023/CVE-2023-389xx/CVE-2023-38947.json) (`2024-07-16T16:15:03.893`)
- [CVE-2024-30219](CVE-2024/CVE-2024-302xx/CVE-2024-30219.json) (`2024-07-16T16:15:04.540`)
- [CVE-2024-30220](CVE-2024/CVE-2024-302xx/CVE-2024-30220.json) (`2024-07-16T16:15:04.620`)
- [CVE-2024-31956](CVE-2024/CVE-2024-319xx/CVE-2024-31956.json) (`2024-07-16T16:27:59.690`)
- [CVE-2024-36499](CVE-2024/CVE-2024-364xx/CVE-2024-36499.json) (`2024-07-16T16:29:46.650`)
- [CVE-2024-36500](CVE-2024/CVE-2024-365xx/CVE-2024-36500.json) (`2024-07-16T16:26:36.050`)
- [CVE-2024-36501](CVE-2024/CVE-2024-365xx/CVE-2024-36501.json) (`2024-07-16T16:25:49.413`)
- [CVE-2024-37969](CVE-2024/CVE-2024-379xx/CVE-2024-37969.json) (`2024-07-16T16:33:58.220`)
- [CVE-2024-37970](CVE-2024/CVE-2024-379xx/CVE-2024-37970.json) (`2024-07-16T16:34:31.423`)
- [CVE-2024-37971](CVE-2024/CVE-2024-379xx/CVE-2024-37971.json) (`2024-07-16T16:35:10.503`)
- [CVE-2024-37972](CVE-2024/CVE-2024-379xx/CVE-2024-37972.json) (`2024-07-16T16:36:32.987`)
- [CVE-2024-37973](CVE-2024/CVE-2024-379xx/CVE-2024-37973.json) (`2024-07-16T16:35:57.130`)
- [CVE-2024-37974](CVE-2024/CVE-2024-379xx/CVE-2024-37974.json) (`2024-07-16T16:37:07.930`)
- [CVE-2024-37977](CVE-2024/CVE-2024-379xx/CVE-2024-37977.json) (`2024-07-16T16:37:44.987`)
- [CVE-2024-37978](CVE-2024/CVE-2024-379xx/CVE-2024-37978.json) (`2024-07-16T16:39:11.783`)
- [CVE-2024-37981](CVE-2024/CVE-2024-379xx/CVE-2024-37981.json) (`2024-07-16T16:38:46.800`)
- [CVE-2024-6289](CVE-2024/CVE-2024-62xx/CVE-2024-6289.json) (`2024-07-16T18:08:12.880`)
- [CVE-2024-6325](CVE-2024/CVE-2024-63xx/CVE-2024-6325.json) (`2024-07-16T18:00:02.110`)
- [CVE-2024-6326](CVE-2024/CVE-2024-63xx/CVE-2024-6326.json) (`2024-07-16T18:00:02.110`)
- [CVE-2024-6540](CVE-2024/CVE-2024-65xx/CVE-2024-6540.json) (`2024-07-16T18:05:37.267`)
- [CVE-2024-6600](CVE-2024/CVE-2024-66xx/CVE-2024-6600.json) (`2024-07-16T18:15:08.737`)
- [CVE-2024-6601](CVE-2024/CVE-2024-66xx/CVE-2024-6601.json) (`2024-07-16T18:15:08.830`)
- [CVE-2024-6602](CVE-2024/CVE-2024-66xx/CVE-2024-6602.json) (`2024-07-16T18:15:08.900`)
- [CVE-2024-6603](CVE-2024/CVE-2024-66xx/CVE-2024-6603.json) (`2024-07-16T18:15:08.990`)
- [CVE-2024-6604](CVE-2024/CVE-2024-66xx/CVE-2024-6604.json) (`2024-07-16T18:15:09.077`)
- [CVE-2024-6606](CVE-2024/CVE-2024-66xx/CVE-2024-6606.json) (`2024-07-16T18:15:09.247`)
- [CVE-2024-6607](CVE-2024/CVE-2024-66xx/CVE-2024-6607.json) (`2024-07-16T18:15:09.327`)
- [CVE-2024-6608](CVE-2024/CVE-2024-66xx/CVE-2024-6608.json) (`2024-07-16T18:15:09.393`)
- [CVE-2024-6609](CVE-2024/CVE-2024-66xx/CVE-2024-6609.json) (`2024-07-16T18:15:09.457`)
- [CVE-2024-6610](CVE-2024/CVE-2024-66xx/CVE-2024-6610.json) (`2024-07-16T18:15:09.527`)
- [CVE-2024-6611](CVE-2024/CVE-2024-66xx/CVE-2024-6611.json) (`2024-07-16T18:15:09.590`)
- [CVE-2024-6612](CVE-2024/CVE-2024-66xx/CVE-2024-6612.json) (`2024-07-16T18:15:09.667`)
- [CVE-2024-6613](CVE-2024/CVE-2024-66xx/CVE-2024-6613.json) (`2024-07-16T18:15:09.747`)
- [CVE-2024-6614](CVE-2024/CVE-2024-66xx/CVE-2024-6614.json) (`2024-07-16T18:15:09.813`)
- [CVE-2024-6615](CVE-2024/CVE-2024-66xx/CVE-2024-6615.json) (`2024-07-16T18:15:09.893`)
- [CVE-2024-6655](CVE-2024/CVE-2024-66xx/CVE-2024-6655.json) (`2024-07-16T18:00:02.110`)
- [CVE-2024-6739](CVE-2024/CVE-2024-67xx/CVE-2024-6739.json) (`2024-07-16T18:02:40.327`)
- [CVE-2024-6740](CVE-2024/CVE-2024-67xx/CVE-2024-6740.json) (`2024-07-16T18:04:27.443`)
- [CVE-2024-6742](CVE-2024/CVE-2024-67xx/CVE-2024-6742.json) (`2024-07-16T18:07:58.773`)
- [CVE-2024-6743](CVE-2024/CVE-2024-67xx/CVE-2024-6743.json) (`2024-07-16T18:07:47.567`)
- [CVE-2024-6744](CVE-2024/CVE-2024-67xx/CVE-2024-6744.json) (`2024-07-16T18:06:51.390`)
## Download and Usage

338
_state.csv
View File

File diff suppressed because it is too large Load Diff