admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-10-30T21:00:20.417446+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-10-30 21:03:21 +00:00
parent ff07c8e554
commit ae3b7df1b6
95 changed files with 3328 additions and 462 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
CVE-2017/CVE-2017-201xx/CVE-2017-20193.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-20193", "id": "CVE-2017-20193",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T08:15:03.223", "published": "2024-10-16T08:15:03.223",
"lastModified": "2024-10-16T16:38:14.557", "lastModified": "2024-10-30T20:46:34.060",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -18,8 +18,28 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
@ -51,26 +71,59 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:woo:product_vendors:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0.35",
"matchCriteriaId": "76289A49-81AF-456A-8436-712F858E7FCA"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://hackerone.com/reports/253313", "url": "https://hackerone.com/reports/253313",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://threatpost.com/reflected-xss-bug-patched-in-popular-woocommerce-wordpress-plugin/127744/", "url": "https://threatpost.com/reflected-xss-bug-patched-in-popular-woocommerce-wordpress-plugin/127744/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Press/Media Coverage"
]
}, },
{ {
"url": "https://woocommerce.com/products/product-vendors/", "url": "https://woocommerce.com/products/product-vendors/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.majemedia.com/2017/09/xss-vulnerability-in-woocommerce-product-vendors-plugin/", "url": "https://www.majemedia.com/2017/09/xss-vulnerability-in-woocommerce-product-vendors-plugin/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a224e745-f9c7-4ca6-b656-e94862b1dc57?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a224e745-f9c7-4ca6-b656-e94862b1dc57?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

64
CVE-2021/CVE-2021-44xx/CVE-2021-4452.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4452", "id": "CVE-2021-4452",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T08:15:04.160", "published": "2024-10-16T08:15:04.160",
"lastModified": "2024-10-16T16:38:14.557", "lastModified": "2024-10-30T20:57:03.520",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -18,8 +18,28 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
@ -51,22 +71,52 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gtranslate:google_language_translator:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "6.0.9",
"matchCriteriaId": "E18C110B-588F-4EA2-9D8C-8E701620EBDB"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset/2567703", "url": "https://plugins.trac.wordpress.org/changeset/2567703",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/2567706", "url": "https://plugins.trac.wordpress.org/changeset/2567706",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://wpscan.com/vulnerability/1bd8bc19-5a6f-410b-897e-4887c05378ea", "url": "https://wpscan.com/vulnerability/1bd8bc19-5a6f-410b-897e-4887c05378ea",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aa2bd74a-563a-4a2d-b1d7-b3678db82b00?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aa2bd74a-563a-4a2d-b1d7-b3678db82b00?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

14
CVE-2023/CVE-2023-205xx/CVE-2023-20512.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20512", "id": "CVE-2023-20512",
"sourceIdentifier": "psirt@amd.com", "sourceIdentifier": "psirt@amd.com",
"published": "2024-08-13T17:15:18.957", "published": "2024-08-13T17:15:18.957",
"lastModified": "2024-08-14T02:07:05.410", "lastModified": "2024-10-30T19:35:02.517",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -39,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html", "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html",

14
CVE-2023/CVE-2023-313xx/CVE-2023-31356.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31356", "id": "CVE-2023-31356",
"sourceIdentifier": "psirt@amd.com", "sourceIdentifier": "psirt@amd.com",
"published": "2024-08-13T17:15:21.733", "published": "2024-08-13T17:15:21.733",
"lastModified": "2024-08-14T02:07:05.410", "lastModified": "2024-10-30T19:35:03.503",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -39,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-459"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html", "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html",

14
CVE-2023/CVE-2023-318xx/CVE-2023-31824.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31824", "id": "CVE-2023-31824",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-13T15:15:09.123", "published": "2023-07-13T15:15:09.123",
"lastModified": "2023-07-25T18:55:34.030", "lastModified": "2024-10-30T20:35:01.893",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -45,6 +45,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
} }
], ],
"configurations": [ "configurations": [

14
CVE-2023/CVE-2023-381xx/CVE-2023-38198.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38198", "id": "CVE-2023-38198",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-13T03:15:09.977", "published": "2023-07-13T03:15:09.977",
"lastModified": "2023-07-25T14:30:35.337", "lastModified": "2024-10-30T19:35:06.120",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -45,6 +45,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2023/CVE-2023-459xx/CVE-2023-45985.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45985", "id": "CVE-2023-45985",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-10-16T18:15:16.577", "published": "2023-10-16T18:15:16.577",
"lastModified": "2023-10-19T13:05:14.910", "lastModified": "2024-10-30T20:35:04.147",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2023/CVE-2023-524xx/CVE-2023-52428.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52428", "id": "CVE-2023-52428",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-02-11T05:15:08.383", "published": "2024-02-11T05:15:08.383",
"lastModified": "2024-10-16T20:01:01.777", "lastModified": "2024-10-30T20:35:05.083",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2023/CVE-2023-524xx/CVE-2023-52446.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52446", "id": "CVE-2023-52446",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-22T17:15:08.527", "published": "2024-02-22T17:15:08.527",
"lastModified": "2024-03-14T19:47:14.733", "lastModified": "2024-10-30T20:35:05.923",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-416" "value": "CWE-416"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
} }
], ],
"configurations": [ "configurations": [

73
CVE-2023/CVE-2023-60xx/CVE-2023-6080.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6080", "id": "CVE-2023-6080",
"sourceIdentifier": "mandiant-cve@google.com", "sourceIdentifier": "mandiant-cve@google.com",
"published": "2024-10-18T17:15:12.353", "published": "2024-10-18T17:15:12.353",
"lastModified": "2024-10-21T17:10:22.857", "lastModified": "2024-10-30T20:12:50.090",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,8 +15,41 @@
"value": "La versi\u00f3n 10.7.8 del instalador SysTrack LsiAgent de Lakeside Software para Windows contiene una vulnerabilidad de escalada de privilegios locales que permite a los atacantes acceso a nivel de SYSTEM." "value": "La versi\u00f3n 10.7.8 del instalador SysTrack LsiAgent de Lakeside Software para Windows contiene una vulnerabilidad de escalada de privilegios locales que permite a los atacantes acceso a nivel de SYSTEM."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{ {
"source": "mandiant-cve@google.com", "source": "mandiant-cve@google.com",
"type": "Secondary", "type": "Secondary",
@ -28,18 +61,46 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lakesidesoftware:systrack_lsiagent:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "10.7.8",
"versionEndExcluding": "11.0",
"matchCriteriaId": "A277FDEC-1405-4ED3-8D9B-4EB5EDAF5BED"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2024/MNDT-2024-0009.md", "url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2024/MNDT-2024-0009.md",
"source": "mandiant-cve@google.com" "source": "mandiant-cve@google.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6080", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6080",
"source": "mandiant-cve@google.com" "source": "mandiant-cve@google.com",
"tags": [
"US Government Resource"
]
}, },
{ {
"url": "https://www.lakesidesoftware.com/", "url": "https://www.lakesidesoftware.com/",
"source": "mandiant-cve@google.com" "source": "mandiant-cve@google.com",
"tags": [
"Product"
]
} }
] ]
} }

14
CVE-2024/CVE-2024-00xx/CVE-2024-0067.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-0067", "id": "CVE-2024-0067",
"sourceIdentifier": "product-security@axis.com", "sourceIdentifier": "product-security@axis.com",
"published": "2024-09-10T05:15:10.460", "published": "2024-09-10T05:15:10.460",
"lastModified": "2024-09-10T12:09:50.377", "lastModified": "2024-10-30T19:35:07.080",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -39,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.axis.com/dam/public/c7/d0/91/cve-2024-0067-en-US-448994.pdf", "url": "https://www.axis.com/dam/public/c7/d0/91/cve-2024-0067-en-US-448994.pdf",

63
CVE-2024/CVE-2024-101xx/CVE-2024-10120.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10120", "id": "CVE-2024-10120",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-18T17:15:12.537", "published": "2024-10-18T17:15:12.537",
"lastModified": "2024-10-21T17:10:22.857", "lastModified": "2024-10-30T20:20:46.010",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -61,6 +61,26 @@
} }
], ],
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Secondary", "type": "Secondary",
@ -120,22 +140,53 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:riskengine:radar:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.8",
"matchCriteriaId": "7A651BF4-204E-436A-A0D3-F8868BCA1678"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/weliveby/ForCVE/blob/main/radar%20Arbitrary%20file%20upload%20vulnerability.md", "url": "https://github.com/weliveby/ForCVE/blob/main/radar%20Arbitrary%20file%20upload%20vulnerability.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.280912", "url": "https://vuldb.com/?ctiid.280912",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}, },
{ {
"url": "https://vuldb.com/?id.280912", "url": "https://vuldb.com/?id.280912",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?submit.420959", "url": "https://vuldb.com/?submit.420959",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

60
CVE-2024/CVE-2024-101xx/CVE-2024-10128.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10128", "id": "CVE-2024-10128",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-18T21:15:03.340", "published": "2024-10-18T21:15:03.340",
"lastModified": "2024-10-21T17:10:22.857", "lastModified": "2024-10-30T20:31:33.213",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -61,6 +61,26 @@
} }
], ],
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Secondary", "type": "Secondary",
@ -120,18 +140,48 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:topdata:inner_rep_plus:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "1EBD086E-B71F-47DC-B335-0228F1EB61FF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://vuldb.com/?ctiid.280916", "url": "https://vuldb.com/?ctiid.280916",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.280916", "url": "https://vuldb.com/?id.280916",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?submit.422604", "url": "https://vuldb.com/?submit.422604",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

137
CVE-2024/CVE-2024-105xx/CVE-2024-10546.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-10546",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-30T20:15:03.700",
"lastModified": "2024-10-30T20:15:03.700",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in open-scratch Teaching \u5728\u7ebf\u6559\u5b66\u5e73\u53f0 up to 2.7. This vulnerability affects unknown code of the file /api/sys/ng-alain/getDictItemsByTable/ of the component URL Handler. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.282520",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.282520",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.429033",
"source": "cna@vuldb.com"
},
{
"url": "https://wiki.shikangsi.com/post/share/dfde9afc-8d64-4022-a6ca-3c1a323c5e66",
"source": "cna@vuldb.com"
}
]
}

39
CVE-2024/CVE-2024-200xx/CVE-2024-20050.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-20050", "id": "CVE-2024-20050",
"sourceIdentifier": "security@mediatek.com", "sourceIdentifier": "security@mediatek.com",
"published": "2024-04-01T03:15:08.383", "published": "2024-04-01T03:15:08.383",
"lastModified": "2024-04-01T12:49:00.877", "lastModified": "2024-10-30T20:35:07.260",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "En flashc, existe una posible divulgaci\u00f3n de informaci\u00f3n debido a una excepci\u00f3n no detectada. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08541757; ID del problema: ALPS08541757." "value": "En flashc, existe una posible divulgaci\u00f3n de informaci\u00f3n debido a una excepci\u00f3n no detectada. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08541757; ID del problema: ALPS08541757."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://corp.mediatek.com/product-security-bulletin/April-2024", "url": "https://corp.mediatek.com/product-security-bulletin/April-2024",

14
CVE-2024/CVE-2024-222xx/CVE-2024-22231.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-22231", "id": "CVE-2024-22231",
"sourceIdentifier": "security@vmware.com", "sourceIdentifier": "security@vmware.com",
"published": "2024-06-27T07:15:52.623", "published": "2024-06-27T07:15:52.623",
"lastModified": "2024-06-27T12:47:19.847", "lastModified": "2024-10-30T19:35:07.910",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -39,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://saltproject.io/security-announcements/2024-01-31-advisory/", "url": "https://saltproject.io/security-announcements/2024-01-31-advisory/",

39
CVE-2024/CVE-2024-232xx/CVE-2024-23229.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23229", "id": "CVE-2024-23229",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-05-14T14:58:46.647", "published": "2024-05-14T14:58:46.647",
"lastModified": "2024-06-10T19:15:53.010", "lastModified": "2024-10-30T20:35:08.097",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Este problema se solucion\u00f3 mejorando la redacci\u00f3n de informaci\u00f3n confidencial. Este problema se solucion\u00f3 en macOS Monterey 12.7.5, macOS Ventura 13.6.5, macOS Sonoma 14.4. Es posible que una aplicaci\u00f3n maliciosa pueda acceder a Buscar mis datos." "value": "Este problema se solucion\u00f3 mejorando la redacci\u00f3n de informaci\u00f3n confidencial. Este problema se solucion\u00f3 en macOS Monterey 12.7.5, macOS Ventura 13.6.5, macOS Sonoma 14.4. Es posible que una aplicaci\u00f3n maliciosa pueda acceder a Buscar mis datos."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
}
],
"references": [ "references": [
{ {
"url": "http://seclists.org/fulldisclosure/2024/May/14", "url": "http://seclists.org/fulldisclosure/2024/May/14",

39
CVE-2024/CVE-2024-232xx/CVE-2024-23248.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23248", "id": "CVE-2024-23248",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-03-08T02:15:48.433", "published": "2024-03-08T02:15:48.433",
"lastModified": "2024-03-13T21:15:56.690", "lastModified": "2024-10-30T19:35:08.687",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en macOS Sonoma 14.4. El procesamiento de un archivo puede provocar una denegaci\u00f3n de servicio o potencialmente revelar el contenido de la memoria." "value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en macOS Sonoma 14.4. El procesamiento de un archivo puede provocar una denegaci\u00f3n de servicio o potencialmente revelar el contenido de la memoria."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-404"
}
]
}
],
"references": [ "references": [
{ {
"url": "http://seclists.org/fulldisclosure/2024/Mar/21", "url": "http://seclists.org/fulldisclosure/2024/Mar/21",

34
CVE-2024/CVE-2024-232xx/CVE-2024-23273.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23273", "id": "CVE-2024-23273",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-03-08T02:15:49.410", "published": "2024-03-08T02:15:49.410",
"lastModified": "2024-03-14T19:54:26.287", "lastModified": "2024-10-30T20:35:08.977",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-232xx/CVE-2024-23282.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23282", "id": "CVE-2024-23282",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-06-10T21:15:49.503", "published": "2024-06-10T21:15:49.503",
"lastModified": "2024-06-27T14:49:57.547", "lastModified": "2024-10-30T20:35:10.147",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
} }
], ],
"configurations": [ "configurations": [

27
CVE-2024/CVE-2024-24xx/CVE-2024-2464.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-2464", "id": "CVE-2024-2464",
"sourceIdentifier": "cvd@cert.pl", "sourceIdentifier": "cvd@cert.pl",
"published": "2024-03-21T15:16:54.490", "published": "2024-03-21T15:16:54.490",
"lastModified": "2024-03-21T15:24:35.093", "lastModified": "2024-10-30T19:35:10.350",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "Este problema ocurre durante la recuperaci\u00f3n de contrase\u00f1a, donde una diferencia en los mensajes podr\u00eda permitir a un atacante determinar si el usuario es v\u00e1lido o no, permitiendo un ataque de fuerza bruta con usuarios v\u00e1lidos. Este problema afecta las versiones de la aplicaci\u00f3n CDeX hasta la 5.7.1." "value": "Este problema ocurre durante la recuperaci\u00f3n de contrase\u00f1a, donde una diferencia en los mensajes podr\u00eda permitir a un atacante determinar si el usuario es v\u00e1lido o no, permitiendo un ataque de fuerza bruta con usuarios v\u00e1lidos. Este problema afecta las versiones de la aplicaci\u00f3n CDeX hasta la 5.7.1."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "cvd@cert.pl", "source": "cvd@cert.pl",

34
CVE-2024/CVE-2024-253xx/CVE-2024-25360.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25360", "id": "CVE-2024-25360",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-02-12T16:15:08.730", "published": "2024-02-12T16:15:08.730",
"lastModified": "2024-10-10T14:43:01.797", "lastModified": "2024-10-30T20:35:11.017",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-257xx/CVE-2024-25728.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25728", "id": "CVE-2024-25728",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-02-11T22:15:08.360", "published": "2024-02-11T22:15:08.360",
"lastModified": "2024-09-05T13:54:43.833", "lastModified": "2024-10-30T20:35:11.960",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
} }
], ],
"configurations": [ "configurations": [

39
CVE-2024/CVE-2024-264xx/CVE-2024-26466.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26466", "id": "CVE-2024-26466",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-02-26T16:27:59.773", "published": "2024-02-26T16:27:59.773",
"lastModified": "2024-02-26T16:32:25.577", "lastModified": "2024-10-30T20:35:12.827",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de cross-site scripting (XSS) basada en DOM en el componente /dom/ranges/Range-test-iframe.html de web-platform-tests/wpt antes de el commit 938e843 permite a los atacantes ejecutar Javascript arbitrario mediante el env\u00edo de una URL manipulada." "value": "Una vulnerabilidad de cross-site scripting (XSS) basada en DOM en el componente /dom/ranges/Range-test-iframe.html de web-platform-tests/wpt antes de el commit 938e843 permite a los atacantes ejecutar Javascript arbitrario mediante el env\u00edo de una URL manipulada."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://gist.github.com/cd80/8e41a17bc0c2113f6347581cec726d11", "url": "https://gist.github.com/cd80/8e41a17bc0c2113f6347581cec726d11",

32
CVE-2024/CVE-2024-265xx/CVE-2024-26581.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26581", "id": "CVE-2024-26581",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-20T13:15:09.020", "published": "2024-02-20T13:15:09.020",
"lastModified": "2024-06-25T23:15:24.137", "lastModified": "2024-10-30T20:35:13.683",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-265xx/CVE-2024-26588.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26588", "id": "CVE-2024-26588",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-22T17:15:08.980", "published": "2024-02-22T17:15:08.980",
"lastModified": "2024-08-27T14:36:28.117", "lastModified": "2024-10-30T20:35:14.647",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-119" "value": "CWE-119"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2024/CVE-2024-268xx/CVE-2024-26884.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26884", "id": "CVE-2024-26884",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T11:15:10.163", "published": "2024-04-17T11:15:10.163",
"lastModified": "2024-06-27T12:15:22.003", "lastModified": "2024-10-30T20:35:15.583",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-119" "value": "CWE-119"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
} }
], ],
"configurations": [ "configurations": [

27
CVE-2024/CVE-2024-26xx/CVE-2024-2611.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-2611", "id": "CVE-2024-2611",
"sourceIdentifier": "security@mozilla.org", "sourceIdentifier": "security@mozilla.org",
"published": "2024-03-19T12:15:09.007", "published": "2024-03-19T12:15:09.007",
"lastModified": "2024-03-25T17:15:51.880", "lastModified": "2024-10-30T19:35:10.593",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "Una demora faltante en el momento en que se us\u00f3 el bloqueo del puntero podr\u00eda haber permitido que una p\u00e1gina maliciosa enga\u00f1ara a un usuario para que otorgara permisos. Esta vulnerabilidad afecta a Firefox < 124, Firefox ESR < 115.9 y Thunderbird < 115.9." "value": "Una demora faltante en el momento en que se us\u00f3 el bloqueo del puntero podr\u00eda haber permitido que una p\u00e1gina maliciosa enga\u00f1ara a un usuario para que otorgara permisos. Esta vulnerabilidad afecta a Firefox < 124, Firefox ESR < 115.9 y Thunderbird < 115.9."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4
}
]
},
"references": [ "references": [
{ {
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1876675", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1876675",

32
CVE-2024/CVE-2024-270xx/CVE-2024-27020.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27020", "id": "CVE-2024-27020",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-01T06:15:20.840", "published": "2024-05-01T06:15:20.840",
"lastModified": "2024-06-27T12:15:23.853", "lastModified": "2024-10-30T20:35:16.470",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.0, "exploitabilityScore": 1.0,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-362" "value": "CWE-362"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-273xx/CVE-2024-27360.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27360", "id": "CVE-2024-27360",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:09.370", "published": "2024-07-09T18:15:09.370",
"lastModified": "2024-07-12T14:57:53.930", "lastModified": "2024-10-30T20:35:17.373",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -37,6 +37,26 @@
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
}, },
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2
},
{ {
"source": "cve@mitre.org", "source": "cve@mitre.org",
"type": "Secondary", "type": "Secondary",
@ -69,6 +89,16 @@
"value": "CWE-1284" "value": "CWE-1284"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
]
} }
], ],
"configurations": [ "configurations": [

27
CVE-2024/CVE-2024-27xx/CVE-2024-2758.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-2758", "id": "CVE-2024-2758",
"sourceIdentifier": "cret@cert.org", "sourceIdentifier": "cret@cert.org",
"published": "2024-04-03T18:15:07.380", "published": "2024-04-03T18:15:07.380",
"lastModified": "2024-05-01T18:15:19.300", "lastModified": "2024-10-30T19:35:10.840",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "Los l\u00edmites de velocidad de Tempesta FW no est\u00e1n habilitados de forma predeterminada. O est\u00e1n configurados demasiado grandes para capturar ataques de frames de CONTINUACI\u00d3N vac\u00edos o demasiado peque\u00f1os para manejar adecuadamente las solicitudes HTTP normales." "value": "Los l\u00edmites de velocidad de Tempesta FW no est\u00e1n habilitados de forma predeterminada. O est\u00e1n configurados demasiado grandes para capturar ataques de frames de CONTINUACI\u00d3N vac\u00edos o demasiado peque\u00f1os para manejar adecuadamente las solicitudes HTTP normales."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"references": [ "references": [
{ {
"url": "http://www.openwall.com/lists/oss-security/2024/04/03/16", "url": "http://www.openwall.com/lists/oss-security/2024/04/03/16",

24
CVE-2024/CVE-2024-27xx/CVE-2024-2762.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2762", "id": "CVE-2024-2762",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2024-06-13T06:15:11.003", "published": "2024-06-13T06:15:11.003",
"lastModified": "2024-10-09T17:12:42.747", "lastModified": "2024-10-30T19:35:11.070",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
} }
] ]
}, },

14
CVE-2024/CVE-2024-280xx/CVE-2024-28067.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28067", "id": "CVE-2024-28067",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:09.790", "published": "2024-07-09T18:15:09.790",
"lastModified": "2024-07-12T14:57:36.897", "lastModified": "2024-10-30T19:35:09.503",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -69,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
} }
], ],
"configurations": [ "configurations": [

24
CVE-2024/CVE-2024-28xx/CVE-2024-2884.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2884", "id": "CVE-2024-2884",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-07-16T23:15:23.637", "published": "2024-07-16T23:15:23.637",
"lastModified": "2024-07-19T13:35:19.847", "lastModified": "2024-10-30T19:35:11.303",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
} }
] ]
}, },

39
CVE-2024/CVE-2024-308xx/CVE-2024-30863.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-30863", "id": "CVE-2024-30863",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-04-01T16:15:48.983", "published": "2024-04-01T16:15:48.983",
"lastModified": "2024-04-02T12:50:42.233", "lastModified": "2024-10-30T19:35:11.540",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "netentsec NS-ASG 6.3 es vulnerable a la inyecci\u00f3n SQL a trav\u00e9s de /WebPages/history.php." "value": "netentsec NS-ASG 6.3 es vulnerable a la inyecci\u00f3n SQL a trav\u00e9s de /WebPages/history.php."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/hundanchen69/cve/blob/main/NS-ASG-sql-history.md", "url": "https://github.com/hundanchen69/cve/blob/main/NS-ASG-sql-history.md",

34
CVE-2024/CVE-2024-318xx/CVE-2024-31800.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31800", "id": "CVE-2024-31800",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-08-15T17:15:17.220", "published": "2024-08-15T17:15:17.220",
"lastModified": "2024-08-16T13:37:49.083", "lastModified": "2024-10-30T20:35:18.287",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.9, "exploitabilityScore": 0.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-287" "value": "CWE-287"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2024/CVE-2024-324xx/CVE-2024-32498.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32498", "id": "CVE-2024-32498",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-07-05T02:15:09.840", "published": "2024-07-05T02:15:09.840",
"lastModified": "2024-09-23T16:15:04.640", "lastModified": "2024-10-30T20:35:19.110",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
} }
], ],
"configurations": [ "configurations": [

27
CVE-2024/CVE-2024-340xx/CVE-2024-34030.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-34030", "id": "CVE-2024-34030",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-24T14:15:11.977", "published": "2024-06-24T14:15:11.977",
"lastModified": "2024-07-03T01:59:17.300", "lastModified": "2024-10-30T20:35:19.987",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: PCI: of_property: error de devoluci\u00f3n por falla de asignaci\u00f3n de int_map Devuelve -ENOMEM de of_pci_prop_intr_map() si kcalloc() no logra evitar una desreferencia de puntero NULL en este caso. [bhelgaas: registro de confirmaci\u00f3n]" "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: PCI: of_property: error de devoluci\u00f3n por falla de asignaci\u00f3n de int_map Devuelve -ENOMEM de of_pci_prop_intr_map() si kcalloc() no logra evitar una desreferencia de puntero NULL en este caso. [bhelgaas: registro de confirmaci\u00f3n]"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",

27
CVE-2024/CVE-2024-358xx/CVE-2024-35824.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35824", "id": "CVE-2024-35824",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-17T14:15:18.033", "published": "2024-05-17T14:15:18.033",
"lastModified": "2024-05-17T18:35:35.070", "lastModified": "2024-10-30T20:35:20.203",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: misc: lis3lv02d_i2c: corrige que los reguladores se activen/desactiven dos veces al suspender/reanudar Cuando no est\u00e1 configurado para reactivaci\u00f3n, lis3lv02d_i2c_suspend() llamar\u00e1 a lis3lv02d_poweroff() incluso si el dispositivo ya ha sido desactivado por el controlador de suspensi\u00f3n de tiempo de ejecuci\u00f3n y si est\u00e1 configurado para reactivaci\u00f3n y el dispositivo est\u00e1 suspendido en tiempo de ejecuci\u00f3n en este punto, no se vuelve a activar para que sirva como fuente de activaci\u00f3n. Antes de la confirmaci\u00f3n b1b9f7a49440 (\"misc: lis3lv02d_i2c: Agregar configuraci\u00f3n faltante de la devoluci\u00f3n de llamada reg_ctrl\"), lis3lv02d_poweroff() fallaba al deshabilitar los reguladores, lo que como efecto secundario hizo que llamar a poweroff() dos veces fuera correcto. Ahora que poweroff() desactiva correctamente los reguladores, al hacer esto dos veces se activa una ADVERTENCIA() en el n\u00facleo del regulador: desactivaciones desequilibradas para regulador ficticio ADVERTENCIA: CPU: 1 PID: 92 en drivers/regulator/core.c:2999 _regulator_disable .. Corrija lis3lv02d_i2c_suspend() para que no llame a poweroff() una segunda vez si ya est\u00e1 suspendido el tiempo de ejecuci\u00f3n y agregue una llamada a poweron() cuando sea necesario para que la reactivaci\u00f3n funcione. lis3lv02d_i2c_resume() tiene problemas similares, con el inconveniente adicional de que siempre enciende el dispositivo si el tiempo de ejecuci\u00f3n est\u00e1 suspendido, despu\u00e9s de lo cual la primera reanudaci\u00f3n del tiempo de ejecuci\u00f3n llamar\u00e1 a poweron() nuevamente, lo que provocar\u00e1 que el recuento habilitado para el regulador aumente en 1 cada suspender/reanudar. Estas llamadas desequilibradas regulator_enable() hacen que el regulador nunca se apague y activan la siguiente ADVERTENCIA() al desvincular el controlador: ADVERTENCIA: CPU: 1 PID: 1724 en drivers/regulator/core.c:2396 _regulator_put Solucione esto haciendo lis3lv02d_i2c_resume( ) refleja la nueva suspensi\u00f3n()." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: misc: lis3lv02d_i2c: corrige que los reguladores se activen/desactiven dos veces al suspender/reanudar Cuando no est\u00e1 configurado para reactivaci\u00f3n, lis3lv02d_i2c_suspend() llamar\u00e1 a lis3lv02d_poweroff() incluso si el dispositivo ya ha sido desactivado por el controlador de suspensi\u00f3n de tiempo de ejecuci\u00f3n y si est\u00e1 configurado para reactivaci\u00f3n y el dispositivo est\u00e1 suspendido en tiempo de ejecuci\u00f3n en este punto, no se vuelve a activar para que sirva como fuente de activaci\u00f3n. Antes de la confirmaci\u00f3n b1b9f7a49440 (\"misc: lis3lv02d_i2c: Agregar configuraci\u00f3n faltante de la devoluci\u00f3n de llamada reg_ctrl\"), lis3lv02d_poweroff() fallaba al deshabilitar los reguladores, lo que como efecto secundario hizo que llamar a poweroff() dos veces fuera correcto. Ahora que poweroff() desactiva correctamente los reguladores, al hacer esto dos veces se activa una ADVERTENCIA() en el n\u00facleo del regulador: desactivaciones desequilibradas para regulador ficticio ADVERTENCIA: CPU: 1 PID: 92 en drivers/regulator/core.c:2999 _regulator_disable .. Corrija lis3lv02d_i2c_suspend() para que no llame a poweroff() una segunda vez si ya est\u00e1 suspendido el tiempo de ejecuci\u00f3n y agregue una llamada a poweron() cuando sea necesario para que la reactivaci\u00f3n funcione. lis3lv02d_i2c_resume() tiene problemas similares, con el inconveniente adicional de que siempre enciende el dispositivo si el tiempo de ejecuci\u00f3n est\u00e1 suspendido, despu\u00e9s de lo cual la primera reanudaci\u00f3n del tiempo de ejecuci\u00f3n llamar\u00e1 a poweron() nuevamente, lo que provocar\u00e1 que el recuento habilitado para el regulador aumente en 1 cada suspender/reanudar. Estas llamadas desequilibradas regulator_enable() hacen que el regulador nunca se apague y activan la siguiente ADVERTENCIA() al desvincular el controlador: ADVERTENCIA: CPU: 1 PID: 1724 en drivers/regulator/core.c:2396 _regulator_put Solucione esto haciendo lis3lv02d_i2c_resume( ) refleja la nueva suspensi\u00f3n()."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/4154e767354140db7804207117e7238fb337b0e7", "url": "https://git.kernel.org/stable/c/4154e767354140db7804207117e7238fb337b0e7",

39
CVE-2024/CVE-2024-360xx/CVE-2024-36055.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36055", "id": "CVE-2024-36055",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-26T23:15:21.457", "published": "2024-05-26T23:15:21.457",
"lastModified": "2024-05-28T12:39:28.377", "lastModified": "2024-10-30T20:35:20.760",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Hw64.sys en Marvin Test HW.exe anterior a 5.0.5.0 permite que los procesos en modo de usuario sin privilegios mapeen arbitrariamente la memoria f\u00edsica con acceso de lectura/escritura a trav\u00e9s de la API MmMapIoSpace (IOCTL 0x9c40a4f8, 0x9c40a4e8, 0x9c40a4c0, 0x9c40a4c4, 0x9c40a4ec, otros siete), lo que lleva a una denegaci\u00f3n de servicio (BSOD)." "value": "Hw64.sys en Marvin Test HW.exe anterior a 5.0.5.0 permite que los procesos en modo de usuario sin privilegios mapeen arbitrariamente la memoria f\u00edsica con acceso de lectura/escritura a trav\u00e9s de la API MmMapIoSpace (IOCTL 0x9c40a4f8, 0x9c40a4e8, 0x9c40a4c0, 0x9c40a4c4, 0x9c40a4ec, otros siete), lo que lleva a una denegaci\u00f3n de servicio (BSOD)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.marvintest.com/Downloads.aspx?prodId=12&search=package", "url": "https://www.marvintest.com/Downloads.aspx?prodId=12&search=package",

34
CVE-2024/CVE-2024-360xx/CVE-2024-36082.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-36082", "id": "CVE-2024-36082",
"sourceIdentifier": "vultures@jpcert.or.jp", "sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-06-07T04:15:30.357", "published": "2024-06-07T04:15:30.357",
"lastModified": "2024-07-17T17:36:42.157", "lastModified": "2024-10-30T20:35:21.600",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.2, "exploitabilityScore": 1.2,
"impactScore": 5.2 "impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-89" "value": "CWE-89"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-373xx/CVE-2024-37388.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37388", "id": "CVE-2024-37388",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-06-07T19:15:24.103", "published": "2024-06-07T19:15:24.103",
"lastModified": "2024-09-13T18:39:18.030", "lastModified": "2024-10-30T19:35:12.587",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.2 "impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-611" "value": "CWE-611"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-378xx/CVE-2024-37856.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37856", "id": "CVE-2024-37856",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-07-29T19:15:12.177", "published": "2024-07-29T19:15:12.177",
"lastModified": "2024-08-20T14:46:55.027", "lastModified": "2024-10-30T20:35:22.590",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

14
CVE-2024/CVE-2024-383xx/CVE-2024-38312.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38312", "id": "CVE-2024-38312",
"sourceIdentifier": "security@mozilla.org", "sourceIdentifier": "security@mozilla.org",
"published": "2024-06-13T20:15:15.370", "published": "2024-06-13T20:15:15.370",
"lastModified": "2024-08-07T17:47:36.897", "lastModified": "2024-10-30T19:35:13.407",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-384xx/CVE-2024-38461.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38461", "id": "CVE-2024-38461",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-06-16T16:15:09.537", "published": "2024-06-16T16:15:09.537",
"lastModified": "2024-08-07T18:50:36.303", "lastModified": "2024-10-30T19:35:14.167",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-754" "value": "CWE-754"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-385xx/CVE-2024-38562.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38562", "id": "CVE-2024-38562",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-19T14:15:16.393", "published": "2024-06-19T14:15:16.393",
"lastModified": "2024-08-30T12:47:20.287", "lastModified": "2024-10-30T20:35:23.910",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-129" "value": "CWE-129"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-129"
}
]
} }
], ],
"configurations": [ "configurations": [

14
CVE-2024/CVE-2024-388xx/CVE-2024-38808.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-38808", "id": "CVE-2024-38808",
"sourceIdentifier": "security@vmware.com", "sourceIdentifier": "security@vmware.com",
"published": "2024-08-20T08:15:05.023", "published": "2024-08-20T08:15:05.023",
"lastModified": "2024-08-20T15:44:20.567", "lastModified": "2024-10-30T19:35:15.003",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -39,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://spring.io/security/cve-2024-38808", "url": "https://spring.io/security/cve-2024-38808",

34
CVE-2024/CVE-2024-408xx/CVE-2024-40855.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40855", "id": "CVE-2024-40855",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:04.870", "published": "2024-10-28T21:15:04.870",
"lastModified": "2024-10-29T17:42:18.573", "lastModified": "2024-10-30T19:35:15.737",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
} }
], ],
"configurations": [ "configurations": [

39
CVE-2024/CVE-2024-425xx/CVE-2024-42550.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-42550", "id": "CVE-2024-42550",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-08-21T17:15:08.187", "published": "2024-08-21T17:15:08.187",
"lastModified": "2024-08-21T17:24:59.627", "lastModified": "2024-10-30T20:35:25.673",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de cross-site scripting (XSS) en el componente /email/welcome.php del commit 18aa3d del Mini Inventory and Sales Management System permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro T\u00edtulo." "value": "Una vulnerabilidad de cross-site scripting (XSS) en el componente /email/welcome.php del commit 18aa3d del Mini Inventory and Sales Management System permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro T\u00edtulo."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://gist.github.com/topsky979/3332b6ba95f5a95aec4f635d8bb20f7c", "url": "https://gist.github.com/topsky979/3332b6ba95f5a95aec4f635d8bb20f7c",

34
CVE-2024/CVE-2024-426xx/CVE-2024-42677.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42677", "id": "CVE-2024-42677",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-08-15T14:15:10.813", "published": "2024-08-15T14:15:10.813",
"lastModified": "2024-08-19T16:08:17.727", "lastModified": "2024-10-30T20:35:26.493",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-441xx/CVE-2024-44137.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44137", "id": "CVE-2024-44137",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:05.330", "published": "2024-10-28T21:15:05.330",
"lastModified": "2024-10-29T17:35:23.423", "lastModified": "2024-10-30T19:35:16.590",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.9, "exploitabilityScore": 0.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-441xx/CVE-2024-44156.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44156", "id": "CVE-2024-44156",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:05.543", "published": "2024-10-28T21:15:05.543",
"lastModified": "2024-10-29T17:33:51.597", "lastModified": "2024-10-30T19:35:17.447",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.2 "impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-442xx/CVE-2024-44208.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44208", "id": "CVE-2024-44208",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:06.043", "published": "2024-10-28T21:15:06.043",
"lastModified": "2024-10-29T20:47:09.883", "lastModified": "2024-10-30T19:35:18.340",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-442xx/CVE-2024-44213.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44213", "id": "CVE-2024-44213",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:06.110", "published": "2024-10-28T21:15:06.110",
"lastModified": "2024-10-30T17:19:38.887", "lastModified": "2024-10-30T19:35:19.187",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.2, "exploitabilityScore": 2.2,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
} }
], ],
"configurations": [ "configurations": [

14
CVE-2024/CVE-2024-442xx/CVE-2024-44228.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44228", "id": "CVE-2024-44228",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:06.357", "published": "2024-10-28T21:15:06.357",
"lastModified": "2024-10-29T20:42:04.980", "lastModified": "2024-10-30T20:35:27.570",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-442xx/CVE-2024-44253.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44253", "id": "CVE-2024-44253",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:06.870", "published": "2024-10-28T21:15:06.870",
"lastModified": "2024-10-30T18:14:05.540", "lastModified": "2024-10-30T19:35:20.000",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-442xx/CVE-2024-44265.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44265", "id": "CVE-2024-44265",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:07.457", "published": "2024-10-28T21:15:07.457",
"lastModified": "2024-10-30T18:38:43.420", "lastModified": "2024-10-30T19:35:20.800",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.9, "exploitabilityScore": 0.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-442xx/CVE-2024-44287.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44287", "id": "CVE-2024-44287",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:08.600", "published": "2024-10-28T21:15:08.600",
"lastModified": "2024-10-30T18:49:43.793", "lastModified": "2024-10-30T19:35:21.620",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
} }
], ],
"configurations": [ "configurations": [

39
CVE-2024/CVE-2024-443xx/CVE-2024-44301.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44301", "id": "CVE-2024-44301",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:08.977", "published": "2024-10-28T21:15:08.977",
"lastModified": "2024-10-29T14:34:04.427", "lastModified": "2024-10-30T19:35:22.447",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "El problema se solucion\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Una aplicaci\u00f3n malintencionada podr\u00eda modificar partes protegidas del sistema de archivos." "value": "El problema se solucion\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Una aplicaci\u00f3n malintencionada podr\u00eda modificar partes protegidas del sistema de archivos."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/121568", "url": "https://support.apple.com/en-us/121568",

34
CVE-2024/CVE-2024-444xx/CVE-2024-44459.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44459", "id": "CVE-2024-44459",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-09-12T20:15:04.887", "published": "2024-09-12T20:15:04.887",
"lastModified": "2024-09-18T18:53:58.983", "lastModified": "2024-10-30T20:35:29.427",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-770" "value": "CWE-770"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-444xx/CVE-2024-44460.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44460", "id": "CVE-2024-44460",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-09-12T20:15:04.940", "published": "2024-09-12T20:15:04.940",
"lastModified": "2024-09-18T18:53:01.570", "lastModified": "2024-10-30T19:35:23.557",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-452xx/CVE-2024-45244.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45244", "id": "CVE-2024-45244",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-08-25T02:15:03.383", "published": "2024-08-25T02:15:03.383",
"lastModified": "2024-09-12T16:07:49.530", "lastModified": "2024-10-30T19:35:24.600",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-294"
}
]
} }
], ],
"configurations": [ "configurations": [

49
CVE-2024/CVE-2024-457xx/CVE-2024-45714.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45714", "id": "CVE-2024-45714",
"sourceIdentifier": "psirt@solarwinds.com", "sourceIdentifier": "psirt@solarwinds.com",
"published": "2024-10-16T08:15:06.897", "published": "2024-10-16T08:15:06.897",
"lastModified": "2024-10-16T16:38:14.557", "lastModified": "2024-10-30T20:33:59.393",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -18,8 +18,28 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "psirt@solarwinds.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 1.4
},
{
"source": "psirt@solarwinds.com",
"type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
@ -51,10 +71,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*",
"versionEndIncluding": "15.4.2.3",
"matchCriteriaId": "0F76910A-3A75-486A-A2D2-13FAAEE4BDF8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45714", "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45714",
"source": "psirt@solarwinds.com" "source": "psirt@solarwinds.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

59
CVE-2024/CVE-2024-457xx/CVE-2024-45715.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45715", "id": "CVE-2024-45715",
"sourceIdentifier": "psirt@solarwinds.com", "sourceIdentifier": "psirt@solarwinds.com",
"published": "2024-10-16T08:15:07.110", "published": "2024-10-16T08:15:07.110",
"lastModified": "2024-10-16T16:38:14.557", "lastModified": "2024-10-30T20:59:19.737",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -18,8 +18,28 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "psirt@solarwinds.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "psirt@solarwinds.com",
"type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L",
@ -40,6 +60,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{ {
"source": "psirt@solarwinds.com", "source": "psirt@solarwinds.com",
"type": "Secondary", "type": "Secondary",
@ -51,10 +81,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:solarwinds:solarwinds_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.4",
"matchCriteriaId": "DD15A9FD-6D72-462F-A816-7F2F225C0B39"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45715", "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45715",
"source": "psirt@solarwinds.com" "source": "psirt@solarwinds.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

21
CVE-2024/CVE-2024-465xx/CVE-2024-46531.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46531",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T19:15:14.113",
"lastModified": "2024-10-30T19:15:14.113",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "phpgurukul Vehicle Record Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchinputdata parameter at /index.php."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/shouvikdutta1998/Vehicle_Record_Management_System",
"source": "cve@mitre.org"
}
]
}

61
CVE-2024/CVE-2024-465xx/CVE-2024-46538.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46538", "id": "CVE-2024-46538",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-22T17:15:03.950", "published": "2024-10-22T17:15:03.950",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-30T20:45:35.240",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{ {
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary", "type": "Secondary",
@ -40,6 +60,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{ {
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary", "type": "Secondary",
@ -51,14 +81,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netgate:pfsense:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBD3896-7E10-4B29-BCCB-7F3E9F659B7D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/physicszq/web_issue/blob/main/pfsense/interfaces_groups_edit_file.md_xss.md", "url": "https://github.com/physicszq/web_issue/blob/main/pfsense/interfaces_groups_edit_file.md_xss.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit"
]
}, },
{ {
"url": "https://redmine.pfsense.org/issues/15778", "url": "https://redmine.pfsense.org/issues/15778",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

69
CVE-2024/CVE-2024-471xx/CVE-2024-47171.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47171", "id": "CVE-2024-47171",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-26T18:15:10.590", "published": "2024-09-26T18:15:10.590",
"lastModified": "2024-09-30T12:46:20.237", "lastModified": "2024-10-30T20:46:24.610",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -41,8 +61,18 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security-advisories@github.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -51,18 +81,45 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:agnai:agnai:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.330",
"matchCriteriaId": "018F1D62-64B1-4A69-BC8B-37565BF64656"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/agnaistic/agnai/blob/75abbd5b0f5e48ddecc805365cf1574d05ee1ce5/srv/api/character.ts#L140:", "url": "https://github.com/agnaistic/agnai/blob/75abbd5b0f5e48ddecc805365cf1574d05ee1ce5/srv/api/character.ts#L140:",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/agnaistic/agnai/blob/75abbd5b0f5e48ddecc805365cf1574d05ee1ce5/srv/api/upload.ts#L55", "url": "https://github.com/agnaistic/agnai/blob/75abbd5b0f5e48ddecc805365cf1574d05ee1ce5/srv/api/upload.ts#L55",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/agnaistic/agnai/security/advisories/GHSA-g54f-66mw-hv66", "url": "https://github.com/agnaistic/agnai/security/advisories/GHSA-g54f-66mw-hv66",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

21
CVE-2024/CVE-2024-482xx/CVE-2024-48202.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-48202",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T19:15:14.200",
"lastModified": "2024-10-30T19:15:14.200",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "icecms <=3.4.7 has a File Upload vulnerability in FileUtils.java,uploadFile."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Lunax0/LogLunax/blob/main/icecms/CVE-2024-48202.md",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-482xx/CVE-2024-48232.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48232", "id": "CVE-2024-48232",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-25T21:15:04.170", "published": "2024-10-25T21:15:04.170",
"lastModified": "2024-10-28T13:58:09.230", "lastModified": "2024-10-30T19:35:26.257",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Se encontr\u00f3 un problema en mipjz 5.0.5. En el m\u00e9todo mipPost de \\app\\setting\\controller\\ApiAdminTool.php, el valor del par\u00e1metro postAddress no se procesa y se pasa directamente a la ejecuci\u00f3n y salida de curl_exec, lo que genera una vulnerabilidad de Server-side request forgery (SSRF) que puede leer archivos del servidor." "value": "Se encontr\u00f3 un problema en mipjz 5.0.5. En el m\u00e9todo mipPost de \\app\\setting\\controller\\ApiAdminTool.php, el valor del par\u00e1metro postAddress no se procesa y se pasa directamente a la ejecuci\u00f3n y salida de curl_exec, lo que genera una vulnerabilidad de Server-side request forgery (SSRF) que puede leer archivos del servidor."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/sansanyun/mipjz/issues/17", "url": "https://github.com/sansanyun/mipjz/issues/17",

39
CVE-2024/CVE-2024-482xx/CVE-2024-48233.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48233", "id": "CVE-2024-48233",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-25T21:15:04.243", "published": "2024-10-25T21:15:04.243",
"lastModified": "2024-10-28T13:58:09.230", "lastModified": "2024-10-30T19:35:27.360",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "mipjz 5.0.5 es vulnerable a Cross Site Scripting (XSS) en \\app\\setting\\controller\\ApiAdminSetting.php a trav\u00e9s del par\u00e1metro ICP." "value": "mipjz 5.0.5 es vulnerable a Cross Site Scripting (XSS) en \\app\\setting\\controller\\ApiAdminSetting.php a trav\u00e9s del par\u00e1metro ICP."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/sansanyun/mipjz/issues/16", "url": "https://github.com/sansanyun/mipjz/issues/16",

25
CVE-2024/CVE-2024-482xx/CVE-2024-48271.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-48271",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T20:15:04.553",
"lastModified": "2024-10-30T20:15:04.553",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "D-Link DSL6740C v6.TR069.20211230 was discovered to use insecure default credentials for Administrator access, possibly allowing attackers to bypass authentication and escalate privileges on the device via a bruteforce attack."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/stevenyu113228/e264c145d6e6e6b59cf53fddc27409ad#1--predictable-administrator-credentials-in-d-link-dsl6740c-modem",
"source": "cve@mitre.org"
},
{
"url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-482xx/CVE-2024-48272.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-48272",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T20:15:04.620",
"lastModified": "2024-10-30T20:15:04.620",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "D-Link DSL6740C v6.TR069.20211230 was discovered to use an insecure default Wifi password, possibly allowing attackers to connect to the device via a bruteforce attack."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/stevenyu113228/e264c145d6e6e6b59cf53fddc27409ad#2--predictable-wifi-password-in-d-link-dsl6740c-modem",
"source": "cve@mitre.org"
},
{
"url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-483xx/CVE-2024-48396.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48396", "id": "CVE-2024-48396",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-25T21:15:04.300", "published": "2024-10-25T21:15:04.300",
"lastModified": "2024-10-28T13:58:09.230", "lastModified": "2024-10-30T20:35:31.167",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "AIML Chatbot 1.0 (corregido en la versi\u00f3n 2.0) es vulnerable a Cross Site Scripting (XSS). La vulnerabilidad se explota a trav\u00e9s del campo de entrada de mensajes, donde los atacantes pueden inyectar c\u00f3digo HTML o JavaScript malicioso. El chatbot no puede desinfectar estas entradas, lo que lleva a la ejecuci\u00f3n de scripts maliciosos." "value": "AIML Chatbot 1.0 (corregido en la versi\u00f3n 2.0) es vulnerable a Cross Site Scripting (XSS). La vulnerabilidad se explota a trav\u00e9s del campo de entrada de mensajes, donde los atacantes pueden inyectar c\u00f3digo HTML o JavaScript malicioso. El chatbot no puede desinfectar estas entradas, lo que lleva a la ejecuci\u00f3n de scripts maliciosos."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/sohelamin/chatbot", "url": "https://github.com/sohelamin/chatbot",

43
CVE-2024/CVE-2024-484xx/CVE-2024-48461.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-48461", "id": "CVE-2024-48461",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-29T21:15:04.347", "published": "2024-10-29T21:15:04.347",
"lastModified": "2024-10-29T21:15:04.347", "lastModified": "2024-10-30T20:35:32.170",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Cross Site Scripting vulnerability in TeslaLogger Admin Panel before v.1.59.6 allows a remote attacker to execute arbitrary code via the New Journey field." "value": "Cross Site Scripting vulnerability in TeslaLogger Admin Panel before v.1.59.6 allows a remote attacker to execute arbitrary code via the New Journey field."
},
{
"lang": "es",
"value": "La vulnerabilidad de Cross Site Scripting en el panel de administraci\u00f3n de TeslaLogger anterior a la v.1.59.6 permite que un atacante remoto ejecute c\u00f3digo arbitrario a trav\u00e9s del campo New Journey."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"metrics": {},
"references": [ "references": [
{ {
"url": "https://github.com/bassmaster187/TeslaLogger/blob/65f5ff43c7cacf0391ddc21b90f77a2e8c8d860e/TeslaLogger/bin/changelog.md?plain=1#L4", "url": "https://github.com/bassmaster187/TeslaLogger/blob/65f5ff43c7cacf0391ddc21b90f77a2e8c8d860e/TeslaLogger/bin/changelog.md?plain=1#L4",

14
CVE-2024/CVE-2024-492xx/CVE-2024-49210.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49210", "id": "CVE-2024-49210",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-22T17:15:05.970", "published": "2024-10-22T17:15:05.970",
"lastModified": "2024-10-30T16:13:12.307", "lastModified": "2024-10-30T19:35:28.163",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -69,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

14
CVE-2024/CVE-2024-492xx/CVE-2024-49211.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49211", "id": "CVE-2024-49211",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-22T17:15:06.193", "published": "2024-10-22T17:15:06.193",
"lastModified": "2024-10-30T16:08:23.040", "lastModified": "2024-10-30T19:35:29.010",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -69,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

47
CVE-2024/CVE-2024-492xx/CVE-2024-49265.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49265", "id": "CVE-2024-49265",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-16T16:15:04.063", "published": "2024-10-16T16:15:04.063",
"lastModified": "2024-10-16T16:38:14.557", "lastModified": "2024-10-30T20:29:08.667",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -51,10 +71,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:booking:banner_creator:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.6",
"matchCriteriaId": "358A860D-2FCD-46CA-BF77-D21F325817DB"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/bookingcom-banner-creator/wordpress-booking-com-banner-creator-plugin-1-4-6-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/bookingcom-banner-creator/wordpress-booking-com-banner-creator-plugin-1-4-6-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

57
CVE-2024/CVE-2024-492xx/CVE-2024-49268.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49268", "id": "CVE-2024-49268",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-16T15:15:17.567", "published": "2024-10-16T15:15:17.567",
"lastModified": "2024-10-16T16:38:14.557", "lastModified": "2024-10-30T20:30:44.643",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -40,6 +60,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -51,10 +81,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sunburntkamel:disconnected:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3.0",
"matchCriteriaId": "B55D92C2-D810-4959-9374-A7D324A285B0"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/disconnected/wordpress-disconnected-theme-1-3-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/disconnected/wordpress-disconnected-theme-1-3-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

39
CVE-2024/CVE-2024-506xx/CVE-2024-50610.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-50610", "id": "CVE-2024-50610",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-27T22:15:03.473", "published": "2024-10-27T22:15:03.473",
"lastModified": "2024-10-28T13:58:09.230", "lastModified": "2024-10-30T19:35:30.033",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "GSL (GNU Scientific Library) hasta la versi\u00f3n 2.8 tiene un error de signo de entero en gsl_siman_solve_many en siman/siman.c. Cuando params.n_tries es negativo, se produce una asignaci\u00f3n de memoria incorrecta." "value": "GSL (GNU Scientific Library) hasta la versi\u00f3n 2.8 tiene un error de signo de entero en gsl_siman_solve_many en siman/siman.c. Cuando params.n_tries es negativo, se produce una asignaci\u00f3n de memoria incorrecta."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 3.6,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.0,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.savannah.gnu.org/cgit/gsl.git/log/siman/siman.c", "url": "https://git.savannah.gnu.org/cgit/gsl.git/log/siman/siman.c",

39
CVE-2024/CVE-2024-506xx/CVE-2024-50611.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-50611", "id": "CVE-2024-50611",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-27T22:15:03.557", "published": "2024-10-27T22:15:03.557",
"lastModified": "2024-10-28T13:58:09.230", "lastModified": "2024-10-30T19:35:30.853",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Cuando se ejecuta CycloneDX cdxgen hasta la versi\u00f3n 10.10.7 contra una base de c\u00f3digo no confiable, puede ejecutar c\u00f3digo contenido en archivos relacionados con la compilaci\u00f3n, como build.gradle.kts, un problema similar a CVE-2022-24441. Por ejemplo, OWASP dep-scan utiliza cdxgen. NOTA: esto se ha caracterizado como una limitaci\u00f3n de dise\u00f1o, en lugar de un error de implementaci\u00f3n." "value": "Cuando se ejecuta CycloneDX cdxgen hasta la versi\u00f3n 10.10.7 contra una base de c\u00f3digo no confiable, puede ejecutar c\u00f3digo contenido en archivos relacionados con la compilaci\u00f3n, como build.gradle.kts, un problema similar a CVE-2022-24441. Por ejemplo, OWASP dep-scan utiliza cdxgen. NOTA: esto se ha caracterizado como una limitaci\u00f3n de dise\u00f1o, en lugar de un error de implementaci\u00f3n."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/CycloneDX/cdxgen/issues/1328", "url": "https://github.com/CycloneDX/cdxgen/issues/1328",

41
CVE-2024/CVE-2024-506xx/CVE-2024-50612.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50612", "id": "CVE-2024-50612",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-27T22:15:03.613", "published": "2024-10-27T22:15:03.613",
"lastModified": "2024-10-28T13:58:09.230", "lastModified": "2024-10-30T20:35:33.603",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Undergoing Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,7 +15,42 @@
"value": "libsndfile hasta 1.2.2 tiene una lectura fuera de los l\u00edmites de ogg_vorbis.c vorbis_analysis_wrote." "value": "libsndfile hasta 1.2.2 tiene una lectura fuera de los l\u00edmites de ogg_vorbis.c vorbis_analysis_wrote."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/libsndfile/libsndfile/issues/1035", "url": "https://github.com/libsndfile/libsndfile/issues/1035",

41
CVE-2024/CVE-2024-506xx/CVE-2024-50613.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50613", "id": "CVE-2024-50613",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-27T22:15:03.660", "published": "2024-10-27T22:15:03.660",
"lastModified": "2024-10-28T13:58:09.230", "lastModified": "2024-10-30T20:35:34.920",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Undergoing Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,7 +15,42 @@
"value": "libsndfile hasta 1.2.2 tiene una afirmaci\u00f3n alcanzable, que puede llevar a la salida de la aplicaci\u00f3n, en mpeg_l3_encode.c mpeg_l3_encoder_close." "value": "libsndfile hasta 1.2.2 tiene una afirmaci\u00f3n alcanzable, que puede llevar a la salida de la aplicaci\u00f3n, en mpeg_l3_encode.c mpeg_l3_encoder_close."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/libsndfile/libsndfile/issues/1034", "url": "https://github.com/libsndfile/libsndfile/issues/1034",

41
CVE-2024/CVE-2024-506xx/CVE-2024-50614.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50614", "id": "CVE-2024-50614",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-27T22:15:03.713", "published": "2024-10-27T22:15:03.713",
"lastModified": "2024-10-28T13:58:09.230", "lastModified": "2024-10-30T20:35:36.237",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Undergoing Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,7 +15,42 @@
"value": "TinyXML2 a 10.0.0 tiene una afirmaci\u00f3n alcanzable para UINT_MAX/16, que puede provocar la salida de la aplicaci\u00f3n, en tinyxml2.cpp XMLUtil::GetCharacterRef." "value": "TinyXML2 a 10.0.0 tiene una afirmaci\u00f3n alcanzable para UINT_MAX/16, que puede provocar la salida de la aplicaci\u00f3n, en tinyxml2.cpp XMLUtil::GetCharacterRef."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/leethomason/tinyxml2/issues/996", "url": "https://github.com/leethomason/tinyxml2/issues/996",

41
CVE-2024/CVE-2024-506xx/CVE-2024-50615.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50615", "id": "CVE-2024-50615",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-27T22:15:03.760", "published": "2024-10-27T22:15:03.760",
"lastModified": "2024-10-28T13:58:09.230", "lastModified": "2024-10-30T20:35:37.310",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Undergoing Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,7 +15,42 @@
"value": "TinyXML2 a 10.0.0 tiene una afirmaci\u00f3n alcanzable para UINT_MAX/d\u00edgito, que puede provocar la salida de la aplicaci\u00f3n, en tinyxml2.cpp XMLUtil::GetCharacterRef." "value": "TinyXML2 a 10.0.0 tiene una afirmaci\u00f3n alcanzable para UINT_MAX/d\u00edgito, que puede provocar la salida de la aplicaci\u00f3n, en tinyxml2.cpp XMLUtil::GetCharacterRef."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/leethomason/tinyxml2/issues/997", "url": "https://github.com/leethomason/tinyxml2/issues/997",

27
CVE-2024/CVE-2024-506xx/CVE-2024-50616.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-50616", "id": "CVE-2024-50616",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-27T22:15:03.810", "published": "2024-10-27T22:15:03.810",
"lastModified": "2024-10-28T13:58:09.230", "lastModified": "2024-10-30T20:35:38.380",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "Ironman PowerShell Universal 5.x anterior a 5.0.12 permite que un atacante autenticado eleve sus privilegios y vea informaci\u00f3n del trabajo." "value": "Ironman PowerShell Universal 5.x anterior a 5.0.12 permite que un atacante autenticado eleve sus privilegios y vea informaci\u00f3n del trabajo."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [ "references": [
{ {
"url": "https://docs.powershelluniversal.com/changelogs/cves#cve-tbd-10-17-2024-privilege-escalation-and-information-disclosure", "url": "https://docs.powershelluniversal.com/changelogs/cves#cve-tbd-10-17-2024-privilege-escalation-and-information-disclosure",

34
CVE-2024/CVE-2024-56xx/CVE-2024-5695.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5695", "id": "CVE-2024-5695",
"sourceIdentifier": "security@mozilla.org", "sourceIdentifier": "security@mozilla.org",
"published": "2024-06-11T13:15:51.017", "published": "2024-06-11T13:15:51.017",
"lastModified": "2024-09-13T18:31:42.637", "lastModified": "2024-10-30T19:35:31.650",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

39
CVE-2024/CVE-2024-60xx/CVE-2024-6055.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6055", "id": "CVE-2024-6055",
"sourceIdentifier": "security@devolutions.net", "sourceIdentifier": "security@devolutions.net",
"published": "2024-06-17T13:15:53.697", "published": "2024-06-17T13:15:53.697",
"lastModified": "2024-06-20T12:44:22.977", "lastModified": "2024-10-30T20:35:38.777",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "La eliminaci\u00f3n incorrecta de informaci\u00f3n confidencial en la funci\u00f3n de exportaci\u00f3n de fuentes de datos en Devolutions Remote Desktop Manager 2024.1.32.0 y versiones anteriores en Windows permite que un atacante que obtenga la configuraci\u00f3n exportada recupere las credenciales de PowerShell configuradas en la fuente de datos robando el archivo de configuraci\u00f3n." "value": "La eliminaci\u00f3n incorrecta de informaci\u00f3n confidencial en la funci\u00f3n de exportaci\u00f3n de fuentes de datos en Devolutions Remote Desktop Manager 2024.1.32.0 y versiones anteriores en Windows permite que un atacante que obtenga la configuraci\u00f3n exportada recupere las credenciales de PowerShell configuradas en la fuente de datos robando el archivo de configuraci\u00f3n."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-212"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://devolutions.net/security/advisories/DEVO-2024-0008", "url": "https://devolutions.net/security/advisories/DEVO-2024-0008",

27
CVE-2024/CVE-2024-66xx/CVE-2024-6601.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6601", "id": "CVE-2024-6601",
"sourceIdentifier": "security@mozilla.org", "sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:12.410", "published": "2024-07-09T15:15:12.410",
"lastModified": "2024-07-16T18:15:08.830", "lastModified": "2024-10-30T20:35:39.587",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "Una condici\u00f3n de ejecuci\u00f3n podr\u00eda llevar a que un contenedor de origen cruzado obtenga permisos del origen de nivel superior. Esta vulnerabilidad afecta a Firefox &lt; 128 y Firefox ESR &lt; 115.13." "value": "Una condici\u00f3n de ejecuci\u00f3n podr\u00eda llevar a que un contenedor de origen cruzado obtenga permisos del origen de nivel superior. Esta vulnerabilidad afecta a Firefox &lt; 128 y Firefox ESR &lt; 115.13."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
]
},
"references": [ "references": [
{ {
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1890748", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1890748",

24
CVE-2024/CVE-2024-66xx/CVE-2024-6610.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6610", "id": "CVE-2024-6610",
"sourceIdentifier": "security@mozilla.org", "sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:12.983", "published": "2024-07-09T15:15:12.983",
"lastModified": "2024-08-29T18:22:37.277", "lastModified": "2024-10-30T20:35:39.803",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
} }
] ]
}, },

24
CVE-2024/CVE-2024-69xx/CVE-2024-6999.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6999", "id": "CVE-2024-6999",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-08-06T16:15:50.510", "published": "2024-08-06T16:15:50.510",
"lastModified": "2024-08-07T22:05:06.887", "lastModified": "2024-10-30T20:35:40.040",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4
} }
] ]
}, },

24
CVE-2024/CVE-2024-72xx/CVE-2024-7264.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7264", "id": "CVE-2024-7264",
"sourceIdentifier": "2499f714-1537-4658-8207-48ae4bb9eae9", "sourceIdentifier": "2499f714-1537-4658-8207-48ae4bb9eae9",
"published": "2024-07-31T08:15:02.657", "published": "2024-07-31T08:15:02.657",
"lastModified": "2024-08-12T17:30:51.880", "lastModified": "2024-10-30T20:35:40.303",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
} }
] ]
}, },

24
CVE-2024/CVE-2024-75xx/CVE-2024-7523.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7523", "id": "CVE-2024-7523",
"sourceIdentifier": "security@mozilla.org", "sourceIdentifier": "security@mozilla.org",
"published": "2024-08-06T13:15:57.297", "published": "2024-08-06T13:15:57.297",
"lastModified": "2024-08-30T12:59:29.710", "lastModified": "2024-10-30T20:35:40.550",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 5.2 "impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
} }
] ]
}, },

54
CVE-2024/CVE-2024-95xx/CVE-2024-9540.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9540", "id": "CVE-2024-9540",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T08:15:07.547", "published": "2024-10-16T08:15:07.547",
"lastModified": "2024-10-16T16:38:14.557", "lastModified": "2024-10-30T20:56:01.637",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -18,7 +18,7 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sinaextra:sina_extension_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.5.7",
"matchCriteriaId": "1B02C742-1D18-4540-8A90-5D8F53118A57"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3167197/sina-extension-for-elementor", "url": "https://plugins.trac.wordpress.org/changeset/3167197/sina-extension-for-elementor",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ab8659e1-5880-4738-99ed-e671449c6878?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ab8659e1-5880-4738-99ed-e671449c6878?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

81
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2024-10-30T19:00:20.325771+00:00 2024-10-30T21:00:20.417446+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2024-10-30T18:58:53.863000+00:00 2024-10-30T20:59:19.737000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -33,60 +33,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
267678 267683
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `16` Recently added CVEs: `5`
- [CVE-2024-10456](CVE-2024/CVE-2024-104xx/CVE-2024-10456.json) (`2024-10-30T18:15:05.123`) - [CVE-2024-10546](CVE-2024/CVE-2024-105xx/CVE-2024-10546.json) (`2024-10-30T20:15:03.700`)
- [CVE-2024-31972](CVE-2024/CVE-2024-319xx/CVE-2024-31972.json) (`2024-10-30T18:15:06.760`) - [CVE-2024-46531](CVE-2024/CVE-2024-465xx/CVE-2024-46531.json) (`2024-10-30T19:15:14.113`)
- [CVE-2024-31973](CVE-2024/CVE-2024-319xx/CVE-2024-31973.json) (`2024-10-30T18:15:06.893`) - [CVE-2024-48202](CVE-2024/CVE-2024-482xx/CVE-2024-48202.json) (`2024-10-30T19:15:14.200`)
- [CVE-2024-31975](CVE-2024/CVE-2024-319xx/CVE-2024-31975.json) (`2024-10-30T18:15:06.967`) - [CVE-2024-48271](CVE-2024/CVE-2024-482xx/CVE-2024-48271.json) (`2024-10-30T20:15:04.553`)
- [CVE-2024-36060](CVE-2024/CVE-2024-360xx/CVE-2024-36060.json) (`2024-10-30T18:15:07.037`) - [CVE-2024-48272](CVE-2024/CVE-2024-482xx/CVE-2024-48272.json) (`2024-10-30T20:15:04.620`)
- [CVE-2024-37573](CVE-2024/CVE-2024-375xx/CVE-2024-37573.json) (`2024-10-30T18:15:07.107`)
- [CVE-2024-42041](CVE-2024/CVE-2024-420xx/CVE-2024-42041.json) (`2024-10-30T18:15:07.223`)
- [CVE-2024-48214](CVE-2024/CVE-2024-482xx/CVE-2024-48214.json) (`2024-10-30T18:15:07.420`)
- [CVE-2024-48241](CVE-2024/CVE-2024-482xx/CVE-2024-48241.json) (`2024-10-30T18:15:07.490`)
- [CVE-2024-48569](CVE-2024/CVE-2024-485xx/CVE-2024-48569.json) (`2024-10-30T18:15:07.567`)
- [CVE-2024-48646](CVE-2024/CVE-2024-486xx/CVE-2024-48646.json) (`2024-10-30T18:15:07.640`)
- [CVE-2024-48647](CVE-2024/CVE-2024-486xx/CVE-2024-48647.json) (`2024-10-30T18:15:07.743`)
- [CVE-2024-48648](CVE-2024/CVE-2024-486xx/CVE-2024-48648.json) (`2024-10-30T18:15:07.813`)
- [CVE-2024-51258](CVE-2024/CVE-2024-512xx/CVE-2024-51258.json) (`2024-10-30T17:15:14.037`)
- [CVE-2024-9110](CVE-2024/CVE-2024-91xx/CVE-2024-9110.json) (`2024-10-30T17:15:14.177`)
- [CVE-2024-9419](CVE-2024/CVE-2024-94xx/CVE-2024-9419.json) (`2024-10-30T18:15:08.260`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `108` Recently modified CVEs: `88`
- [CVE-2024-48356](CVE-2024/CVE-2024-483xx/CVE-2024-48356.json) (`2024-10-30T17:35:12.420`) - [CVE-2024-46538](CVE-2024/CVE-2024-465xx/CVE-2024-46538.json) (`2024-10-30T20:45:35.240`)
- [CVE-2024-48357](CVE-2024/CVE-2024-483xx/CVE-2024-48357.json) (`2024-10-30T17:35:13.203`) - [CVE-2024-47171](CVE-2024/CVE-2024-471xx/CVE-2024-47171.json) (`2024-10-30T20:46:24.610`)
- [CVE-2024-48465](CVE-2024/CVE-2024-484xx/CVE-2024-48465.json) (`2024-10-30T18:35:15.410`) - [CVE-2024-48232](CVE-2024/CVE-2024-482xx/CVE-2024-48232.json) (`2024-10-30T19:35:26.257`)
- [CVE-2024-48594](CVE-2024/CVE-2024-485xx/CVE-2024-48594.json) (`2024-10-30T17:35:14.010`) - [CVE-2024-48233](CVE-2024/CVE-2024-482xx/CVE-2024-48233.json) (`2024-10-30T19:35:27.360`)
- [CVE-2024-50071](CVE-2024/CVE-2024-500xx/CVE-2024-50071.json) (`2024-10-30T17:02:34.740`) - [CVE-2024-48396](CVE-2024/CVE-2024-483xx/CVE-2024-48396.json) (`2024-10-30T20:35:31.167`)
- [CVE-2024-50079](CVE-2024/CVE-2024-500xx/CVE-2024-50079.json) (`2024-10-30T17:05:40.960`) - [CVE-2024-48461](CVE-2024/CVE-2024-484xx/CVE-2024-48461.json) (`2024-10-30T20:35:32.170`)
- [CVE-2024-50311](CVE-2024/CVE-2024-503xx/CVE-2024-50311.json) (`2024-10-30T18:39:40.617`) - [CVE-2024-49210](CVE-2024/CVE-2024-492xx/CVE-2024-49210.json) (`2024-10-30T19:35:28.163`)
- [CVE-2024-50312](CVE-2024/CVE-2024-503xx/CVE-2024-50312.json) (`2024-10-30T18:35:56.753`) - [CVE-2024-49211](CVE-2024/CVE-2024-492xx/CVE-2024-49211.json) (`2024-10-30T19:35:29.010`)
- [CVE-2024-50602](CVE-2024/CVE-2024-506xx/CVE-2024-50602.json) (`2024-10-30T18:35:16.237`) - [CVE-2024-49265](CVE-2024/CVE-2024-492xx/CVE-2024-49265.json) (`2024-10-30T20:29:08.667`)
- [CVE-2024-51296](CVE-2024/CVE-2024-512xx/CVE-2024-51296.json) (`2024-10-30T18:35:17.830`) - [CVE-2024-49268](CVE-2024/CVE-2024-492xx/CVE-2024-49268.json) (`2024-10-30T20:30:44.643`)
- [CVE-2024-51299](CVE-2024/CVE-2024-512xx/CVE-2024-51299.json) (`2024-10-30T18:35:18.640`) - [CVE-2024-50610](CVE-2024/CVE-2024-506xx/CVE-2024-50610.json) (`2024-10-30T19:35:30.033`)
- [CVE-2024-51300](CVE-2024/CVE-2024-513xx/CVE-2024-51300.json) (`2024-10-30T18:35:19.433`) - [CVE-2024-50611](CVE-2024/CVE-2024-506xx/CVE-2024-50611.json) (`2024-10-30T19:35:30.853`)
- [CVE-2024-51301](CVE-2024/CVE-2024-513xx/CVE-2024-51301.json) (`2024-10-30T18:35:20.227`) - [CVE-2024-50612](CVE-2024/CVE-2024-506xx/CVE-2024-50612.json) (`2024-10-30T20:35:33.603`)
- [CVE-2024-51304](CVE-2024/CVE-2024-513xx/CVE-2024-51304.json) (`2024-10-30T18:35:21.050`) - [CVE-2024-50613](CVE-2024/CVE-2024-506xx/CVE-2024-50613.json) (`2024-10-30T20:35:34.920`)
- [CVE-2024-8036](CVE-2024/CVE-2024-80xx/CVE-2024-8036.json) (`2024-10-30T18:15:07.960`) - [CVE-2024-50614](CVE-2024/CVE-2024-506xx/CVE-2024-50614.json) (`2024-10-30T20:35:36.237`)
- [CVE-2024-8382](CVE-2024/CVE-2024-83xx/CVE-2024-8382.json) (`2024-10-30T17:35:14.793`) - [CVE-2024-50615](CVE-2024/CVE-2024-506xx/CVE-2024-50615.json) (`2024-10-30T20:35:37.310`)
- [CVE-2024-8383](CVE-2024/CVE-2024-83xx/CVE-2024-8383.json) (`2024-10-30T17:35:15.640`) - [CVE-2024-50616](CVE-2024/CVE-2024-506xx/CVE-2024-50616.json) (`2024-10-30T20:35:38.380`)
- [CVE-2024-8386](CVE-2024/CVE-2024-83xx/CVE-2024-8386.json) (`2024-10-30T17:35:16.450`) - [CVE-2024-5695](CVE-2024/CVE-2024-56xx/CVE-2024-5695.json) (`2024-10-30T19:35:31.650`)
- [CVE-2024-8388](CVE-2024/CVE-2024-83xx/CVE-2024-8388.json) (`2024-10-30T17:35:17.283`) - [CVE-2024-6055](CVE-2024/CVE-2024-60xx/CVE-2024-6055.json) (`2024-10-30T20:35:38.777`)
- [CVE-2024-9231](CVE-2024/CVE-2024-92xx/CVE-2024-9231.json) (`2024-10-30T18:56:03.380`) - [CVE-2024-6601](CVE-2024/CVE-2024-66xx/CVE-2024-6601.json) (`2024-10-30T20:35:39.587`)
- [CVE-2024-9393](CVE-2024/CVE-2024-93xx/CVE-2024-9393.json) (`2024-10-30T17:35:18.107`) - [CVE-2024-6610](CVE-2024/CVE-2024-66xx/CVE-2024-6610.json) (`2024-10-30T20:35:39.803`)
- [CVE-2024-9394](CVE-2024/CVE-2024-93xx/CVE-2024-9394.json) (`2024-10-30T18:35:22.020`) - [CVE-2024-6999](CVE-2024/CVE-2024-69xx/CVE-2024-6999.json) (`2024-10-30T20:35:40.040`)
- [CVE-2024-9398](CVE-2024/CVE-2024-93xx/CVE-2024-9398.json) (`2024-10-30T18:35:22.757`) - [CVE-2024-7264](CVE-2024/CVE-2024-72xx/CVE-2024-7264.json) (`2024-10-30T20:35:40.303`)
- [CVE-2024-9399](CVE-2024/CVE-2024-93xx/CVE-2024-9399.json) (`2024-10-30T18:35:23.640`) - [CVE-2024-7523](CVE-2024/CVE-2024-75xx/CVE-2024-7523.json) (`2024-10-30T20:35:40.550`)
- [CVE-2024-9675](CVE-2024/CVE-2024-96xx/CVE-2024-9675.json) (`2024-10-30T17:15:14.397`) - [CVE-2024-9540](CVE-2024/CVE-2024-95xx/CVE-2024-9540.json) (`2024-10-30T20:56:01.637`)
## Download and Usage ## Download and Usage

421
_state.csv
View File

File diff suppressed because it is too large Load Diff