admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 11:07:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-31T21:00:25.887100+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-31 21:00:29 +00:00
parent 8efc4ea2fb
commit b75fef153f
84 changed files with 4415 additions and 268 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2020/CVE-2020-256xx/CVE-2020-25691.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-25691",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-04-01T23:15:08.663",
"lastModified": "2022-12-09T19:36:45.893",
"lastModified": "2024-01-31T19:19:45.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -94,9 +94,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:darkhttpd_project:darkhttpd:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:unix4lyfe:darkhttpd:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.13-1",
"matchCriteriaId": "D467091C-F584-49CD-BD7D-CF8E2037F32A"
"matchCriteriaId": "C5AB4905-2887-4A33-91A3-86820F29FCBB"
}
]
}

6
CVE-2020/CVE-2020-292xx/CVE-2020-29215.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-29215",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-06-15T20:15:11.400",
"lastModified": "2021-06-22T15:08:53.490",
"lastModified": "2024-01-31T19:19:45.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:employee_management_system_project:employee_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F35A050-7DDD-42B4-8C33-387B07453E39"
"criteria": "cpe:2.3:a:razormist:employee_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C87F89-B8F6-412D-8E3F-3C35A1EBAD6F"
}
]
}

69
CVE-2021/CVE-2021-421xx/CVE-2021-42143.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2021-42143",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T18:15:08.080",
"lastModified": "2024-01-24T18:45:30.823",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:05:29.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. An infinite loop bug exists during the handling of a ClientHello handshake message. This bug allows remote attackers to cause a denial of service by sending a malformed ClientHello handshake message with an odd length of cipher suites, which triggers an infinite loop (consuming all resources) and a buffer over-read that can disclose sensitive information."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en Contiki-NG tinyDTLS a trav\u00e9s de la rama maestra 53a0d97. Existe un error de bucle infinito durante el manejo de un mensaje de protocolo de enlace ClientHello. Este error permite a atacantes remotos provocar una denegaci\u00f3n de servicio enviando un mensaje de protocolo de enlace ClientHello mal formado con una longitud impar de conjuntos de cifrado, lo que desencadena un bucle infinito (consumiendo todos los recursos) y una sobrelectura del b\u00fafer que puede revelar informaci\u00f3n confidencial."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:contiki-ng:tinydtls:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2018-08-30",
"matchCriteriaId": "E938DF84-2663-4516-87E3-B7E46789F6A1"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://seclists.org/fulldisclosure/2024/Jan/16",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

69
CVE-2021/CVE-2021-421xx/CVE-2021-42144.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2021-42144",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T18:15:08.150",
"lastModified": "2024-01-24T18:45:30.823",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:27:20.740",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to dtls_ccm_decrypt_message()."
},
{
"lang": "es",
"value": "Vulnerabilidad de lectura excesiva del b\u00fafer en Contiki-NG tinyDTLS a trav\u00e9s de la rama maestra 53a0d97 permite a los atacantes obtener informaci\u00f3n confidencial a trav\u00e9s de entradas manipuladas en dtls_ccm_decrypt_message()."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:contiki-ng:contiki-ng_tinydtls:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2018-08-30",
"matchCriteriaId": "81B489DE-BE80-4481-9DAF-3985C954527E"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://seclists.org/fulldisclosure/2024/Jan/17",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

70
CVE-2021/CVE-2021-435xx/CVE-2021-43584.json
View File

@ -2,19 +2,81 @@
"id": "CVE-2021-43584",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T20:15:53.610",
"lastModified": "2024-01-25T01:59:45.643",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T19:50:34.763",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "DOM-based Cross Site Scripting (XSS vulnerability in 'Tail Event Logs' functionality in Nagios Nagios Cross-Platform Agent (NCPA) before 2.4.0 allows attackers to run arbitrary code via the name element when filtering for a log."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross Site Scripting (XSS) basado en DOM en la funcionalidad 'Tail Event Logs' en Nagios Nagios Cross-Platform Agent (NCPA) anterior a 2.4.0 permite a los atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s del elemento de nombre al filtrar un registro."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nagios:nagios_cross_platform_agent:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.4.0",
"matchCriteriaId": "E69DEC17-2E27-4E85-9728-A0E837ECA3F3"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/NagiosEnterprises/ncpa/issues/830",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-288xx/CVE-2023-28807.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-28807",
"sourceIdentifier": "cve@zscaler.com",
"published": "2024-01-31T20:15:44.903",
"lastModified": "2024-01-31T20:15:44.903",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In Zscaler Internet Access (ZIA) a mismatch between Connect Host and Client Hello's Server Name Indication (SNI) enables attackers to evade network security controls by hiding their communications within legitimate traffic."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@zscaler.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "cve@zscaler.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"references": [
{
"url": "https://help.zscaler.com/zia/configuring-advanced-settings#dns-optimization",
"source": "cve@zscaler.com"
},
{
"url": "https://help.zscaler.com/zia/configuring-advanced-settings#domain-fronting",
"source": "cve@zscaler.com"
}
]
}

93
CVE-2023/CVE-2023-310xx/CVE-2023-31037.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31037",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2024-01-24T03:15:08.100",
"lastModified": "2024-01-24T13:49:03.187",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:11:28.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -50,10 +80,67 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:bluefield_bmc:2.8.2-46:*:*:*:lts:*:*:*",
"matchCriteriaId": "7A4D4343-2910-4C4A-B68D-9AE8FC68F8C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:bluefield_bmc:23.04:*:*:*:-:*:*:*",
"matchCriteriaId": "73DE11D8-3B29-46D0-B111-A06DB49909A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:bluefield_bmc:23.07:*:*:*:-:*:*:*",
"matchCriteriaId": "7D35EB35-A333-4149-A5AB-3CD54A34FDB3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:bluefield_bmc:23.09:*:*:*:-:*:*:*",
"matchCriteriaId": "94EE0617-9D9F-4322-BB57-60868EBA6CA1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:bluefield_2_ga:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC213CA8-C172-4AB5-B66B-A5C71F470F33"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:bluefield_2_lts:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A755B8-4FF4-4209-9E49-580159B9DFC7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:bluefield_3_ga:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1A941D7-49CE-49DA-A730-71C598D11EE9"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5511",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-337xx/CVE-2023-33757.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33757",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-25T08:15:08.420",
"lastModified": "2024-01-25T13:38:33.693",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:38:25.960",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,79 @@
"value": "La falta de validaci\u00f3n del certificado SSL en Splicecom iPCS (iOS App) v1.3.4, iPCS2 (iOS App) v2.8 y anteriores, e iPCS (Android App) v1.8.5 y anteriores permite a los atacantes espiar las comunicaciones a trav\u00e9s de un ataque de man-in-the-middle."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:splicecom:ipcs:*:*:*:*:*:android:*:*",
"versionEndIncluding": "1.8.5",
"matchCriteriaId": "EF0D97E8-4C21-497D-8EE6-413C1228BB11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:splicecom:ipcs:1.3.4:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "5D3B5805-04BF-4561-87E7-71980EEB3596"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:splicecom:ipcs2:*:*:*:*:*:iphone_os:*:*",
"versionEndIncluding": "2.8",
"matchCriteriaId": "51D3CC91-4071-49CD-BCFA-75D519AC0034"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/twignet/splicecom",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-337xx/CVE-2023-33758.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33758",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-25T08:15:08.573",
"lastModified": "2024-01-25T13:38:33.693",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:40:45.133",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,68 @@
"value": "Se descubri\u00f3 que Splicecom Maximiser Soft PBX v1.5 y anteriores conten\u00eda una vulnerabilidad de Cross-Site Scripting (XSS) a trav\u00e9s de los campos CLIENT_NAME y DEVICE_GUID en el componente de inicio de sesi\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:splicecom:maximiser_soft_pbx:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.5",
"matchCriteriaId": "94656EDD-537D-487B-BA78-713C34D9E4A1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/twignet/splicecom",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-471xx/CVE-2023-47116.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47116",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-31T17:15:13.370",
"lastModified": "2024-01-31T17:15:13.370",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-501xx/CVE-2023-50165.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50165",
"sourceIdentifier": "security@pega.com",
"published": "2024-01-31T18:15:46.320",
"lastModified": "2024-01-31T18:15:46.320",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-501xx/CVE-2023-50166.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50166",
"sourceIdentifier": "security@pega.com",
"published": "2024-01-31T18:15:46.513",
"lastModified": "2024-01-31T18:15:46.513",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

123
CVE-2023/CVE-2023-507xx/CVE-2023-50785.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50785",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-25T06:15:50.533",
"lastModified": "2024-01-25T13:38:33.693",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T19:16:46.520",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,126 @@
"value": "Zoho ManageEngine ADAudit Plus anterior a 7270 permite a los usuarios administradores ver nombres de directorios arbitrarios mediante path traversal."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7200:*:*:*:*:*:*",
"matchCriteriaId": "0FAF63F4-AED2-4EA4-BA5B-45961B2E29B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7201:*:*:*:*:*:*",
"matchCriteriaId": "237AA2F5-B9A3-4C40-92AC-61FE47A017BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7202:*:*:*:*:*:*",
"matchCriteriaId": "4C23A64C-65CB-447B-9B5F-4BB22F68FC79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7203:*:*:*:*:*:*",
"matchCriteriaId": "3489D84B-5960-4FA7-A2DD-88AE35C34CE6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7210:*:*:*:*:*:*",
"matchCriteriaId": "D86AB1CC-0FDE-4CC1-BF64-E0C61EAF652F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7211:*:*:*:*:*:*",
"matchCriteriaId": "076FDAE7-9DB2-4A04-B09E-E53858D208C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7212:*:*:*:*:*:*",
"matchCriteriaId": "07C08B57-FA76-4E24-BC10-B837597BC7E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7213:*:*:*:*:*:*",
"matchCriteriaId": "0D734ACB-33E8-4315-8A79-2B97CE1D0509"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7215:*:*:*:*:*:*",
"matchCriteriaId": "9314CA98-7A69-4D2B-9928-40F55888C9FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7220:*:*:*:*:*:*",
"matchCriteriaId": "BCE7999C-D6AE-4406-A563-A520A171381D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7250:*:*:*:*:*:*",
"matchCriteriaId": "D5716895-4553-4613-B774-0964D3E88AA0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7251:*:*:*:*:*:*",
"matchCriteriaId": "C40A093F-C442-4B05-8746-B533DE0683A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7260:*:*:*:*:*:*",
"matchCriteriaId": "562563FC-DBAD-441C-B01A-796AFB67DA0D"
}
]
}
]
}
],
"references": [
{
"url": "https://www.manageengine.com/products/active-directory-audit/cve-2023-50785.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-53xx/CVE-2023-5390.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5390",
"sourceIdentifier": "psirt@honeywell.com",
"published": "2024-01-31T18:15:46.780",
"lastModified": "2024-01-31T18:15:46.780",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

97
CVE-2023/CVE-2023-56xx/CVE-2023-5612.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5612",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-01-26T02:15:07.357",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:07:49.607",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -50,18 +80,75 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionEndExcluding": "16.6.6",
"matchCriteriaId": "E229770B-0BBC-4C62-B8A5-7FF7F7BA60EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding": "16.6.6",
"matchCriteriaId": "E891B4BC-C3CE-4F96-BB11-34BBE0F3A293"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.7.0",
"versionEndExcluding": "16.7.4",
"matchCriteriaId": "0F871342-EDE9-49F2-8081-04651A16CD6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.7.0",
"versionEndExcluding": "16.7.4",
"matchCriteriaId": "9A9ED476-FBE7-4022-AE16-18386E73AA59"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.8.0:*:*:*:community:*:*:*",
"matchCriteriaId": "246D6584-64A7-44AC-A279-ECA58E5ED1FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.8.0:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "E591D495-7397-4DA2-A643-477B2E35A915"
}
]
}
]
}
],
"references": [
{
"url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/428441",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://hackerone.com/reports/2208790",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Permissions Required"
]
}
]
}

99
CVE-2023/CVE-2023-59xx/CVE-2023-5933.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5933",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-01-26T01:15:08.660",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:31:37.367",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -50,18 +80,77 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "13.7.0",
"versionEndExcluding": "16.6.6",
"matchCriteriaId": "CB08E85C-E128-44D4-B9B7-2A58790D72C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "13.7.0",
"versionEndExcluding": "16.6.6",
"matchCriteriaId": "31BFE094-EDFE-447F-AC01-9D18E1375383"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.7.0",
"versionEndExcluding": "16.7.4",
"matchCriteriaId": "0F871342-EDE9-49F2-8081-04651A16CD6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.7.0",
"versionEndExcluding": "16.7.4",
"matchCriteriaId": "9A9ED476-FBE7-4022-AE16-18386E73AA59"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.8.0:*:*:*:community:*:*:*",
"matchCriteriaId": "246D6584-64A7-44AC-A279-ECA58E5ED1FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.8.0:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "E591D495-7397-4DA2-A643-477B2E35A915"
}
]
}
]
}
],
"references": [
{
"url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/430236",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://hackerone.com/reports/2225710",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Permissions Required"
]
}
]
}

99
CVE-2023/CVE-2023-61xx/CVE-2023-6159.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6159",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-01-26T02:15:07.567",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:04:35.980",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -50,18 +80,77 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "12.7.0",
"versionEndExcluding": "16.6.6",
"matchCriteriaId": "A5EBA0AA-A2D8-4F32-B39B-E076027A3F55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "12.7.0",
"versionEndExcluding": "16.6.6",
"matchCriteriaId": "8ACBAE3E-564F-442F-817E-6284FE60F357"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.7.0",
"versionEndExcluding": "16.7.4",
"matchCriteriaId": "0F871342-EDE9-49F2-8081-04651A16CD6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.7.0",
"versionEndExcluding": "16.7.4",
"matchCriteriaId": "9A9ED476-FBE7-4022-AE16-18386E73AA59"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.8.0:*:*:*:community:*:*:*",
"matchCriteriaId": "246D6584-64A7-44AC-A279-ECA58E5ED1FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.8.0:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "E591D495-7397-4DA2-A643-477B2E35A915"
}
]
}
]
}
],
"references": [
{
"url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/431924",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://hackerone.com/reports/2251278",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Permissions Required"
]
}
]
}

58
CVE-2023/CVE-2023-62xx/CVE-2023-6282.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6282",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-01-25T12:15:45.917",
"lastModified": "2024-01-25T13:38:33.693",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T19:11:25.767",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -40,7 +60,7 @@
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -48,12 +68,42 @@
"value": "CWE-79"
}
]
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:icehrm:icehrm:23.0.0.os:*:*:*:*:*:*:*",
"matchCriteriaId": "25791C63-BC8C-477C-828D-7AFA2DFD93AF"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-vulnerability-icehrm",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-72xx/CVE-2023-7237.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7237",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-01-23T22:15:16.587",
"lastModified": "2024-01-24T13:49:03.187",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:37:01.760",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-326"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -50,14 +80,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lantronix:xport_edge_firmware:2.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1AFB61CC-16A0-4476-B449-1C89CE65DEEC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lantronix:xport_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CBD6E79-A280-4AF1-9AE5-17E5F3F7D589"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-05",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.lantronix.com/products/xport-edge/",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Product"
]
}
]
}

4
CVE-2024/CVE-2024-02xx/CVE-2024-0219.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0219",
"sourceIdentifier": "security@progress.com",
"published": "2024-01-31T16:15:45.290",
"lastModified": "2024-01-31T17:15:29.633",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

94
CVE-2024/CVE-2024-04xx/CVE-2024-0456.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0456",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-01-26T01:15:09.110",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:12:00.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -50,14 +80,70 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "14.0.0",
"versionEndExcluding": "16.6.6",
"matchCriteriaId": "0E703ECB-5DF7-42ED-9137-E2C9706FF40F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "14.0.0",
"versionEndExcluding": "16.6.6",
"matchCriteriaId": "8A35C143-4E0C-404A-B878-E49557E08698"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.7.0",
"versionEndExcluding": "16.7.4",
"matchCriteriaId": "0F871342-EDE9-49F2-8081-04651A16CD6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.7.0",
"versionEndExcluding": "16.7.4",
"matchCriteriaId": "9A9ED476-FBE7-4022-AE16-18386E73AA59"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.8.0:*:*:*:community:*:*:*",
"matchCriteriaId": "246D6584-64A7-44AC-A279-ECA58E5ED1FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.8.0:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "E591D495-7397-4DA2-A643-477B2E35A915"
}
]
}
]
}
],
"references": [
{
"url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/430726",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Broken Link"
]
}
]
}

69
CVE-2024/CVE-2024-06xx/CVE-2024-0624.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0624",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-25T02:15:53.243",
"lastModified": "2024-01-25T13:38:33.693",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T19:03:53.193",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,18 +58,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:strangerstudios:paid_memberships_pro:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.12.7",
"matchCriteriaId": "866394BC-8BCA-4D6E-97BC-CF430518C975"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/paid-memberships-pro/trunk/includes/services.php#L139",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3025164/paid-memberships-pro/tags/2.12.8/includes/services.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae68d083-b6e2-409b-8c91-d4eb7e62dba9?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2024/CVE-2024-06xx/CVE-2024-0688.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0688",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-25T02:15:53.417",
"lastModified": "2024-01-25T13:38:33.693",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T19:13:36.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pubsubhubbub:websub:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.2.0",
"matchCriteriaId": "383C2C8B-1B28-482D-93BC-BCDA1A7D09C6"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3024228%40pubsubhubbub&new=3024228%40pubsubhubbub&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f07b166b-3436-4797-a2df-096ff7c27a09?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

76
CVE-2024/CVE-2024-06xx/CVE-2024-0693.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0693",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-18T23:15:08.493",
"lastModified": "2024-01-19T01:51:14.027",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:20:32.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in EFS Easy File Sharing FTP 2.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251479. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en EFS Easy File Sharing FTP 2.0 y clasificada como problem\u00e1tica. Una funcionalidad desconocida es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento nombre de usuario conlleva una denegaci\u00f3n de servicio. El ataque se puede lanzar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-251479. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,26 +95,64 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:easy_file_sharing_ftp_server_project:easy_file_sharing_ftp_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B88D8618-9716-4809-973C-174F39D0FCFC"
}
]
}
]
}
],
"references": [
{
"url": "https://0day.today/exploit/description/39218",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://packetstormsecurity.com/files/176377/Easy-File-Sharing-FTP-Server-2.0-Denial-Of-Service.html",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?ctiid.251479",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.251479",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://www.youtube.com/watch?v=Rcl6VWg_bPY",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

75
CVE-2024/CVE-2024-06xx/CVE-2024-0695.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0695",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-18T23:15:08.720",
"lastModified": "2024-01-19T01:51:14.027",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:20:20.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in EFS Easy Chat Server 3.1. Affected by this issue is some unknown functionality of the component HTTP GET Request Handler. The manipulation of the argument USERNAME leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251480. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en EFS Easy Chat Server 3.1 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del componente HTTP GET Request Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento USERNAME conduce a la denegaci\u00f3n de servicio. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-251480. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,26 +95,63 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:easy_chat_server_project:easy_chat_server:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA8A1B0D-1E87-44C2-958E-742264C49145"
}
]
}
]
}
],
"references": [
{
"url": "https://packetstormsecurity.com/files/176381/Easy-Chat-Server-3.1-Denial-Of-Service.html",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?ctiid.251480",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.251480",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.exploitalert.com/view-details.html?id=40072",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.youtube.com/watch?v=nGyS2Rp5aEo",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-07xx/CVE-2024-0736.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0736",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T21:15:09.370",
"lastModified": "2024-01-19T22:52:48.170",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:19:04.667",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in EFS Easy File Sharing FTP 3.6. This affects an unknown part of the component Login. The manipulation of the argument password leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251559."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en EFS Easy File Sharing FTP 3.6 y clasificada como problem\u00e1tica. Una parte desconocida del componente afecta a Login. La manipulaci\u00f3n del argumento contrase\u00f1a conlleva la denegaci\u00f3n de servicio. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-251559."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:easy_file_sharing_ftp_server_project:easy_file_sharing_ftp_server:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "85BE591D-1381-48CA-A429-1EDB0B061946"
}
]
}
]
}
],
"references": [
{
"url": "https://0day.today/exploit/39249",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.251559",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.251559",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2024/CVE-2024-08xx/CVE-2024-0822.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0822",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-25T16:15:08.743",
"lastModified": "2024-01-25T19:28:53.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T19:06:11.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability was found in overt-engine. This flaw allows the creation of users in the system without authentication due to a flaw in the CreateUserSession command."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en overt-engine. Este fallo permite la creaci\u00f3n de usuarios en el sistema sin autenticaci\u00f3n debido a un fallo en el comando CreateUserSession."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -46,14 +80,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ovirt:ovirt-engine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF146A38-CD7E-4A6D-9343-EB0ACA61D5EC"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-0822",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258509",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-08xx/CVE-2024-0832.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0832",
"sourceIdentifier": "security@progress.com",
"published": "2024-01-31T16:15:46.287",
"lastModified": "2024-01-31T17:15:31.790",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-08xx/CVE-2024-0833.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0833",
"sourceIdentifier": "security@progress.com",
"published": "2024-01-31T16:15:46.600",
"lastModified": "2024-01-31T17:15:32.147",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

57
CVE-2024/CVE-2024-08xx/CVE-2024-0879.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0879",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-01-25T15:15:07.713",
"lastModified": "2024-01-25T19:28:53.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T19:16:07.630",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nAuthentication bypass in vector-admin allows a user to register to a vector-admin server while \u201cdomain restriction\u201d is active, even when not owning an authorized email address.\n\n\n"
},
{
"lang": "es",
"value": "La omisi\u00f3n de autenticaci\u00f3n en vector-admin permite a un usuario registrarse en un servidor de vector-admin mientras \"domain restriction\" est\u00e1 activo, incluso cuando no posee una direcci\u00f3n de correo electr\u00f3nico autorizada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "reefs@jfrog.com",
"type": "Secondary",
@ -46,14 +70,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mintplexlabs:vector_admin:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024-01-23",
"matchCriteriaId": "C0A6EE71-4327-47A1-8965-D1B1644D583D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Mintplex-Labs/vector-admin/pull/128/commits/a581b8177dd6be719a5ef6d3ce4b1e939636bb41",
"source": "reefs@jfrog.com"
"source": "reefs@jfrog.com",
"tags": [
"Patch"
]
},
{
"url": "https://research.jfrog.com/vulnerabilities/vector-admin-filter-bypass/",
"source": "reefs@jfrog.com"
"source": "reefs@jfrog.com",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-11xx/CVE-2024-1103.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1103",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-31T15:15:10.863",
"lastModified": "2024-01-31T15:15:10.863",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

84
CVE-2024/CVE-2024-11xx/CVE-2024-1111.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2024-1111",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-31T19:15:08.187",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched remotely. VDB-252470 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.252470",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.252470",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-11xx/CVE-2024-1113.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-1113",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-31T20:15:45.140",
"lastModified": "2024-01-31T20:15:45.140",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects the function uploadUnity of the file /application/index/controller/Unity.php. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252471."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/hPSx8li8LFfJ",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.252471",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.252471",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-11xx/CVE-2024-1114.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-1114",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-31T20:15:45.367",
"lastModified": "2024-01-31T20:15:45.367",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability affects the function dlfile of the file /application/index/controller/Screen.php. The manipulation of the argument fileUrl leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252472."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/9wv48TygKRxo",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.252472",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.252472",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-11xx/CVE-2024-1115.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-1115",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-31T20:15:45.590",
"lastModified": "2024-01-31T20:15:45.590",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function dlfile of the file /application/websocket/controller/Setting.php. The manipulation of the argument phpPath leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252473 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/81JmiyogcYL7",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.252473",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.252473",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-11xx/CVE-2024-1116.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-1116",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-31T20:15:45.807",
"lastModified": "2024-01-31T20:15:45.807",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in openBI up to 1.0.8. It has been classified as critical. Affected is the function index of the file /application/plugins/controller/Upload.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-252474 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/uCElTQRGWVyw",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.252474",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.252474",
"source": "cna@vuldb.com"
}
]
}

40
CVE-2024/CVE-2024-213xx/CVE-2024-21326.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21326",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-26T01:15:10.010",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:10:24.203",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -38,10 +38,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "121.0.2277.83",
"matchCriteriaId": "00804700-C068-4562-9F64-4D348E1B76F5"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21326",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

52
CVE-2024/CVE-2024-213xx/CVE-2024-21382.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21382",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-26T01:15:10.187",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:10:16.277",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -38,10 +38,56 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "121.0.2277.83",
"matchCriteriaId": "00804700-C068-4562-9F64-4D348E1B76F5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21382",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

40
CVE-2024/CVE-2024-213xx/CVE-2024-21383.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21383",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-26T01:15:10.367",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:09:22.623",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -38,10 +38,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "121.0.2277.83",
"matchCriteriaId": "00804700-C068-4562-9F64-4D348E1B76F5"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21383",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

40
CVE-2024/CVE-2024-213xx/CVE-2024-21385.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21385",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-26T01:15:10.540",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:09:14.593",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -38,10 +38,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "121.0.2277.83",
"matchCriteriaId": "00804700-C068-4562-9F64-4D348E1B76F5"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21385",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

46
CVE-2024/CVE-2024-213xx/CVE-2024-21387.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21387",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-26T01:15:10.703",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:08:28.943",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -38,10 +38,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:extended_stable:*:*:*",
"versionEndExcluding": "120.0.2210.160",
"matchCriteriaId": "8B0EDE1A-E7E7-4FB0-AAD6-561849ED8DF6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "121.0.2277.83",
"matchCriteriaId": "00804700-C068-4562-9F64-4D348E1B76F5"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21387",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

585
CVE-2024/CVE-2024-218xx/CVE-2024-21888.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21888",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-01-31T18:15:47.260",
"lastModified": "2024-01-31T18:23:48.133",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-01-31T19:53:06.303",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "support@hackerone.com",
@ -34,10 +56,567 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3818B543-3415-4E27-8DAD-6BA9D3D9A1A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:*",
"matchCriteriaId": "D47D09A8-4AC4-4CD9-B648-5F26453E2E1D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:*",
"matchCriteriaId": "59331DC5-FF5F-4BB3-905E-5A4A621F86ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "6A708C3F-9050-4475-95B3-4785D3E2CB69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:*",
"matchCriteriaId": "52851AAA-88FB-40BC-B41A-B821F6BA9F79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:*",
"matchCriteriaId": "F05DC11E-7C41-450B-A2BF-603E9252BB40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:*",
"matchCriteriaId": "5DA976D9-A330-475E-B8C0-09EF3E08F18D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.3:*:*:*:*:*:*",
"matchCriteriaId": "59F4A6F7-A6D4-4517-A316-7C7C002A9ED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.5:*:*:*:*:*:*",
"matchCriteriaId": "702094B0-2E5C-4A16-A8B0-F0EAF78E4ECB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r4:*:*:*:*:*:*",
"matchCriteriaId": "A369AE09-17E4-4541-A8E1-A2F4A1398EE7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r4.1:*:*:*:*:*:*",
"matchCriteriaId": "24EF2F1A-8140-4FDB-8AF4-309AFAF998E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r5.0:*:*:*:*:*:*",
"matchCriteriaId": "4755BC2C-A96E-47AF-9D7C-E8D44B31F10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r6.0:*:*:*:*:*:*",
"matchCriteriaId": "BF6E8A0C-192B-4F51-86AA-FC2B85657632"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*",
"matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*",
"matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*",
"matchCriteriaId": "366EF5B8-0233-49B8-806A-E54F60410ADE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*",
"matchCriteriaId": "6F2A7F5C-1D78-4D19-B8ED-5822FDF5DA63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
"matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
"matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*",
"matchCriteriaId": "BBC724E8-195B-4CB4-AC2A-63E184AED4F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
"matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*",
"matchCriteriaId": "3027A9CE-849E-4CAE-A1C4-170DEAF4FE86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*",
"matchCriteriaId": "C132BA26-BCA0-43E6-9511-34ACFFA136A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
"matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*",
"matchCriteriaId": "D7DBCD6B-B7AA-4AB0-852F-563A2EC85DB4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
"matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*",
"matchCriteriaId": "BC391EB5-C457-459C-8EAA-EA0043487C0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*",
"matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*",
"matchCriteriaId": "E238AB9F-99C1-4F0D-B442-D390065D35D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*",
"matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:*",
"matchCriteriaId": "080CD832-3324-4158-A4CD-3A2E49B7BC74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:*",
"matchCriteriaId": "DB2B8165-E9D4-4549-B16E-A62810BDAF8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
"matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
"matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
"matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
"matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
"matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
"matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
"matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
"matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*",
"matchCriteriaId": "BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*",
"matchCriteriaId": "DFE8FA87-9622-4D5B-99C7-D8EE230C0AA9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
"matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*",
"matchCriteriaId": "B2C10C89-1DBC-4E91-BD28-D5097B589CA9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*",
"matchCriteriaId": "BD52B87C-4BED-44AE-A959-A316DAF895EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*",
"matchCriteriaId": "8CA29F12-36DE-4FBF-9EE7-7CE4B75AFA61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "80C56782-273A-4151-BE81-13FEEFE46A6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*",
"matchCriteriaId": "6564FE9E-7D96-4226-8378-DAC25525CDD1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "361FAA47-52FF-4B36-96B0-9C178A4E031B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "BCBF6DD0-2826-4E61-8FB6-DB489EBF8981"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "415219D0-2D9A-4617-ABB7-6FF918421BEE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "E9F55E7B-7B38-4AEC-A015-D8CB9DE5E72C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "D3DF17AC-EC26-4B76-8989-B7880C9EF73E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*",
"matchCriteriaId": "6C383863-1E90-4B72-A500-4326782BC92F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:*",
"matchCriteriaId": "AB9A5868-34FB-446E-817F-6701CC5DE923"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:*",
"matchCriteriaId": "5456F61D-1FD1-4DA6-AFA3-4073889AD22A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "EA574551-14BF-45E1-AC2A-2FB5B265640E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "AFE8DB4A-9891-4647-82E2-EB5D377CAD25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*",
"matchCriteriaId": "26B25B34-7BD0-471B-A396-45CE5420E963"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*",
"matchCriteriaId": "AA514C05-2834-4C7B-B022-02B41C9AAD6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "0929C645-DACB-4341-9032-7C79FFC8BCF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*",
"matchCriteriaId": "0D36CB5A-8389-4F2F-882A-4E8F30028799"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*",
"matchCriteriaId": "517DA74B-9D69-45E1-A707-A08A305A507C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:*",
"matchCriteriaId": "F72C00C7-017C-4C25-99B0-D7D42D969E92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*",
"matchCriteriaId": "BF767F07-2E9F-4099-829D-2F70E85D8A35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*",
"matchCriteriaId": "B994E22B-8FA5-4510-82F6-7820BDA7C307"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*",
"matchCriteriaId": "FE5C4ABC-2BEB-4741-95B3-303903369818"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*",
"matchCriteriaId": "D50C5526-F791-4C76-B5C0-DA2E1281C9E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:*",
"matchCriteriaId": "2CB8240E-7683-4C39-9654-4F8D1F682288"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*",
"matchCriteriaId": "7A53C031-E7A5-47B6-BA4A-DD28432E743F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*",
"matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*",
"matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*",
"matchCriteriaId": "D10A3F2D-6A62-4A48-93FB-274527C821D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*",
"matchCriteriaId": "811C7E7E-89AB-47DF-BACD-ED478DF756BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18.1:*:*:*:*:*:*",
"matchCriteriaId": "98FC67F0-3EEF-4C69-BB94-A15B1FE4D8F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18.2:*:*:*:*:*:*",
"matchCriteriaId": "77AA3823-7B01-423E-BE8E-797AEB567B8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
"matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
"matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
"matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
"matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:*",
"matchCriteriaId": "26AEB02E-D2D0-4D7A-BB00-9E5112696B17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
"matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
"matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
"matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
"matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*",
"matchCriteriaId": "CCE2E1C0-680F-4EFF-ACE6-A1DAFA209D24"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:*",
"matchCriteriaId": "7ED1686B-2D80-4ECF-9F7A-AEA989E17C84"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*",
"matchCriteriaId": "092DA2A3-5CEF-433F-8E5B-4850E4095CC4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "A385F38B-0B03-4B69-B7A1-952F5BAE727C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:*",
"matchCriteriaId": "925DCCBA-9382-4A39-84B8-4DEAFD2BC802"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "34C118FB-7AE0-466C-822A-348A2F6016AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "1536DB45-9A42-4549-A10E-FDBB6693DF17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "51FF66C9-9415-4EAD-8F19-D5E067336885"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "8BBC1E81-0A2A-4166-BFA6-2B866B4F8AE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "D73729EB-C679-4CED-9F36-212B0581EC22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "14B481E8-D887-408F-B892-D2939CD037AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "3EB8380F-D229-4AF0-B27C-47760F843E48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*",
"matchCriteriaId": "CB4B1ED6-38AD-44F8-9B77-2D6924E8A20E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*",
"matchCriteriaId": "56C7542D-3520-4E4D-936C-5295068C4CD7"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
]
}
]
}

590
CVE-2024/CVE-2024-218xx/CVE-2024-21893.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21893",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-01-31T18:15:47.437",
"lastModified": "2024-01-31T18:23:50.397",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-01-31T19:54:04.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
}
],
"cvssMetricV30": [
{
"source": "support@hackerone.com",
@ -34,10 +56,572 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3818B543-3415-4E27-8DAD-6BA9D3D9A1A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:*",
"matchCriteriaId": "D47D09A8-4AC4-4CD9-B648-5F26453E2E1D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:*",
"matchCriteriaId": "59331DC5-FF5F-4BB3-905E-5A4A621F86ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "6A708C3F-9050-4475-95B3-4785D3E2CB69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:*",
"matchCriteriaId": "52851AAA-88FB-40BC-B41A-B821F6BA9F79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:*",
"matchCriteriaId": "F05DC11E-7C41-450B-A2BF-603E9252BB40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:*",
"matchCriteriaId": "5DA976D9-A330-475E-B8C0-09EF3E08F18D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.3:*:*:*:*:*:*",
"matchCriteriaId": "59F4A6F7-A6D4-4517-A316-7C7C002A9ED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.5:*:*:*:*:*:*",
"matchCriteriaId": "702094B0-2E5C-4A16-A8B0-F0EAF78E4ECB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r4:*:*:*:*:*:*",
"matchCriteriaId": "A369AE09-17E4-4541-A8E1-A2F4A1398EE7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r4.1:*:*:*:*:*:*",
"matchCriteriaId": "24EF2F1A-8140-4FDB-8AF4-309AFAF998E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r5.0:*:*:*:*:*:*",
"matchCriteriaId": "4755BC2C-A96E-47AF-9D7C-E8D44B31F10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r6.0:*:*:*:*:*:*",
"matchCriteriaId": "BF6E8A0C-192B-4F51-86AA-FC2B85657632"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*",
"matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*",
"matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*",
"matchCriteriaId": "366EF5B8-0233-49B8-806A-E54F60410ADE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*",
"matchCriteriaId": "6F2A7F5C-1D78-4D19-B8ED-5822FDF5DA63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
"matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
"matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*",
"matchCriteriaId": "BBC724E8-195B-4CB4-AC2A-63E184AED4F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
"matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*",
"matchCriteriaId": "3027A9CE-849E-4CAE-A1C4-170DEAF4FE86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*",
"matchCriteriaId": "C132BA26-BCA0-43E6-9511-34ACFFA136A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
"matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*",
"matchCriteriaId": "D7DBCD6B-B7AA-4AB0-852F-563A2EC85DB4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
"matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*",
"matchCriteriaId": "BC391EB5-C457-459C-8EAA-EA0043487C0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*",
"matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*",
"matchCriteriaId": "E238AB9F-99C1-4F0D-B442-D390065D35D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*",
"matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:*",
"matchCriteriaId": "080CD832-3324-4158-A4CD-3A2E49B7BC74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:*",
"matchCriteriaId": "DB2B8165-E9D4-4549-B16E-A62810BDAF8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
"matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
"matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
"matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
"matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
"matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
"matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
"matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
"matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*",
"matchCriteriaId": "BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*",
"matchCriteriaId": "DFE8FA87-9622-4D5B-99C7-D8EE230C0AA9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
"matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*",
"matchCriteriaId": "B2C10C89-1DBC-4E91-BD28-D5097B589CA9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*",
"matchCriteriaId": "BD52B87C-4BED-44AE-A959-A316DAF895EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*",
"matchCriteriaId": "8CA29F12-36DE-4FBF-9EE7-7CE4B75AFA61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "80C56782-273A-4151-BE81-13FEEFE46A6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*",
"matchCriteriaId": "6564FE9E-7D96-4226-8378-DAC25525CDD1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "361FAA47-52FF-4B36-96B0-9C178A4E031B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "BCBF6DD0-2826-4E61-8FB6-DB489EBF8981"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "415219D0-2D9A-4617-ABB7-6FF918421BEE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "E9F55E7B-7B38-4AEC-A015-D8CB9DE5E72C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "D3DF17AC-EC26-4B76-8989-B7880C9EF73E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*",
"matchCriteriaId": "6C383863-1E90-4B72-A500-4326782BC92F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:*",
"matchCriteriaId": "AB9A5868-34FB-446E-817F-6701CC5DE923"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:*",
"matchCriteriaId": "5456F61D-1FD1-4DA6-AFA3-4073889AD22A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "EA574551-14BF-45E1-AC2A-2FB5B265640E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E4387B4-BC5C-41DE-92DA-84866A649AD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "AFE8DB4A-9891-4647-82E2-EB5D377CAD25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*",
"matchCriteriaId": "26B25B34-7BD0-471B-A396-45CE5420E963"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*",
"matchCriteriaId": "AA514C05-2834-4C7B-B022-02B41C9AAD6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "0929C645-DACB-4341-9032-7C79FFC8BCF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*",
"matchCriteriaId": "0D36CB5A-8389-4F2F-882A-4E8F30028799"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*",
"matchCriteriaId": "517DA74B-9D69-45E1-A707-A08A305A507C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:*",
"matchCriteriaId": "F72C00C7-017C-4C25-99B0-D7D42D969E92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*",
"matchCriteriaId": "BF767F07-2E9F-4099-829D-2F70E85D8A35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*",
"matchCriteriaId": "B994E22B-8FA5-4510-82F6-7820BDA7C307"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*",
"matchCriteriaId": "FE5C4ABC-2BEB-4741-95B3-303903369818"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*",
"matchCriteriaId": "D50C5526-F791-4C76-B5C0-DA2E1281C9E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:*",
"matchCriteriaId": "2CB8240E-7683-4C39-9654-4F8D1F682288"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*",
"matchCriteriaId": "7A53C031-E7A5-47B6-BA4A-DD28432E743F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*",
"matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*",
"matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*",
"matchCriteriaId": "D10A3F2D-6A62-4A48-93FB-274527C821D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*",
"matchCriteriaId": "811C7E7E-89AB-47DF-BACD-ED478DF756BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18.1:*:*:*:*:*:*",
"matchCriteriaId": "98FC67F0-3EEF-4C69-BB94-A15B1FE4D8F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18.2:*:*:*:*:*:*",
"matchCriteriaId": "77AA3823-7B01-423E-BE8E-797AEB567B8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
"matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
"matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
"matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
"matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:*",
"matchCriteriaId": "26AEB02E-D2D0-4D7A-BB00-9E5112696B17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
"matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
"matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
"matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
"matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*",
"matchCriteriaId": "CCE2E1C0-680F-4EFF-ACE6-A1DAFA209D24"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:*",
"matchCriteriaId": "7ED1686B-2D80-4ECF-9F7A-AEA989E17C84"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*",
"matchCriteriaId": "092DA2A3-5CEF-433F-8E5B-4850E4095CC4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "A385F38B-0B03-4B69-B7A1-952F5BAE727C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:*",
"matchCriteriaId": "925DCCBA-9382-4A39-84B8-4DEAFD2BC802"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "34C118FB-7AE0-466C-822A-348A2F6016AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "1536DB45-9A42-4549-A10E-FDBB6693DF17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "51FF66C9-9415-4EAD-8F19-D5E067336885"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "8BBC1E81-0A2A-4166-BFA6-2B866B4F8AE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "D73729EB-C679-4CED-9F36-212B0581EC22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "14B481E8-D887-408F-B892-D2939CD037AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "3EB8380F-D229-4AF0-B27C-47760F843E48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*",
"matchCriteriaId": "CB4B1ED6-38AD-44F8-9B77-2D6924E8A20E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*",
"matchCriteriaId": "56C7542D-3520-4E4D-936C-5295068C4CD7"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
]
}
]
}

55
CVE-2024/CVE-2024-219xx/CVE-2024-21916.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-21916",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-01-31T19:15:08.427",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nA denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault (MNRF). The device will restart itself to recover from the MNRF."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1661.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

55
CVE-2024/CVE-2024-219xx/CVE-2024-21917.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-21917",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-01-31T19:15:08.633",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nA vulnerability exists in Rockwell Automation FactoryTalk\u00ae Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. \u00a0If exploited, a malicious user could potentially retrieve user information and modify settings without any authentication.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1660.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

57
CVE-2024/CVE-2024-220xx/CVE-2024-22099.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22099",
"sourceIdentifier": "security@openanolis.org",
"published": "2024-01-25T07:15:08.697",
"lastModified": "2024-01-25T13:38:33.693",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:32:02.720",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "security@openanolis.org",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "security@openanolis.org",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4F76C298-81DC-43E4-8FC9-DC005A2116EF"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=7956",
"source": "security@openanolis.org"
"source": "security@openanolis.org",
"tags": [
"Issue Tracking",
"Permissions Required"
]
}
]
}

55
CVE-2024/CVE-2024-221xx/CVE-2024-22146.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-22146",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T19:15:08.820",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magazine3 Schema & Structured Data for WP & AMP allows Stored XSS.This issue affects Schema & Structured Data for WP & AMP: from n/a through 1.25.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/schema-and-structured-data-for-wp/wordpress-schema-structured-data-for-wp-amp-plugin-1-25-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-221xx/CVE-2024-22150.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-22150",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T19:15:09.013",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PWR Plugins Portfolio & Image Gallery for WordPress | PowerFolio allows Stored XSS.This issue affects Portfolio & Image Gallery for WordPress | PowerFolio: from n/a through 3.1.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/portfolio-elementor/wordpress-powerfolio-plugin-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-221xx/CVE-2024-22153.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-22153",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T19:15:09.270",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood & Alexandre Faustino Stock Locations for WooCommerce allows Stored XSS.This issue affects Stock Locations for WooCommerce: from n/a through 2.5.9.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/stock-locations-for-woocommerce/wordpress-stock-locations-for-woocommerce-plugin-2-5-9-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

47
CVE-2024/CVE-2024-221xx/CVE-2024-22154.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22154",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-24T13:15:08.260",
"lastModified": "2024-01-24T13:49:03.187",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:20:56.647",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:snpdigital:salesking:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.15",
"matchCriteriaId": "291A34F2-211D-42F2-B0A0-F8AB6C7AB8E8"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/salesking/wordpress-salesking-plugin-1-6-15-unauthenticated-sensitive-data-exposure-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2024/CVE-2024-221xx/CVE-2024-22158.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-22158",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T19:15:09.470",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PeepSo Community by PeepSo \u2013 Social Network, Membership, Registration, User Profiles allows Stored XSS.This issue affects Community by PeepSo \u2013 Social Network, Membership, Registration, User Profiles: from n/a before 6.3.1.0.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/peepso-photos/wordpress-peepso-photos-add-on-plugin-6-3-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-221xx/CVE-2024-22159.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-22159",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T19:15:09.650",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WOLF \u2013 WordPress Posts Bulk Editor and Manager Professional allows Reflected XSS.This issue affects WOLF \u2013 WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/bulk-editor/wordpress-wolf-wordpress-posts-bulk-editor-and-manager-professional-plugin-1-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2024/CVE-2024-221xx/CVE-2024-22160.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22160",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T18:15:47.590",
"lastModified": "2024-01-31T18:15:47.590",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-221xx/CVE-2024-22161.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22161",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T18:15:47.773",
"lastModified": "2024-01-31T18:15:47.773",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-221xx/CVE-2024-22162.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22162",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T18:15:47.953",
"lastModified": "2024-01-31T18:15:47.953",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-221xx/CVE-2024-22163.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22163",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T18:15:48.140",
"lastModified": "2024-01-31T18:15:48.140",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-222xx/CVE-2024-22282.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22282",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T18:15:48.423",
"lastModified": "2024-01-31T18:15:48.423",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-222xx/CVE-2024-22286.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22286",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T18:15:48.663",
"lastModified": "2024-01-31T18:15:48.663",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-222xx/CVE-2024-22289.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22289",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T18:15:48.863",
"lastModified": "2024-01-31T18:15:48.863",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-222xx/CVE-2024-22292.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22292",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T18:15:49.053",
"lastModified": "2024-01-31T18:15:49.053",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-222xx/CVE-2024-22293.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22293",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T18:15:49.250",
"lastModified": "2024-01-31T18:15:49.250",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-222xx/CVE-2024-22295.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22295",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T18:15:49.443",
"lastModified": "2024-01-31T18:15:49.443",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-222xx/CVE-2024-22297.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22297",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T18:15:49.627",
"lastModified": "2024-01-31T18:15:49.627",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-223xx/CVE-2024-22302.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22302",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T17:15:34.247",
"lastModified": "2024-01-31T17:15:34.247",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-223xx/CVE-2024-22306.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22306",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T17:15:35.560",
"lastModified": "2024-01-31T17:15:35.560",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-223xx/CVE-2024-22307.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22307",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T17:15:36.710",
"lastModified": "2024-01-31T17:15:36.710",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-223xx/CVE-2024-22310.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22310",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T17:15:38.113",
"lastModified": "2024-01-31T17:15:38.113",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

12
CVE-2024/CVE-2024-224xx/CVE-2024-22424.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-22424",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-19T01:15:09.317",
"lastModified": "2024-01-29T15:35:13.463",
"lastModified": "2024-01-31T19:51:26.407",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -21,19 +21,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
"baseScore": 8.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"exploitabilityScore": 1.6,
"impactScore": 6.0
},
{

59
CVE-2024/CVE-2024-233xx/CVE-2024-23307.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23307",
"sourceIdentifier": "security@openanolis.org",
"published": "2024-01-25T07:15:09.940",
"lastModified": "2024-01-25T13:38:33.693",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:38:12.743",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security@openanolis.org",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
},
{
"source": "security@openanolis.org",
"type": "Secondary",
@ -50,10 +80,33 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.1",
"versionEndIncluding": "6.7.2",
"matchCriteriaId": "2B220591-C1BF-4079-BC5C-242D64CF8D36"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=7975",
"source": "security@openanolis.org"
"source": "security@openanolis.org",
"tags": [
"Issue Tracking",
"Permissions Required"
]
}
]
}

4
CVE-2024/CVE-2024-235xx/CVE-2024-23502.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23502",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T16:15:46.890",
"lastModified": "2024-01-31T16:15:46.890",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-235xx/CVE-2024-23505.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23505",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T16:15:47.163",
"lastModified": "2024-01-31T16:15:47.163",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-235xx/CVE-2024-23508.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23508",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T16:15:47.407",
"lastModified": "2024-01-31T16:15:47.407",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

56
CVE-2024/CVE-2024-236xx/CVE-2024-23613.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23613",
"sourceIdentifier": "disclosures@exodusintel.com",
"published": "2024-01-26T00:15:08.123",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T19:22:48.627",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -75,10 +105,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:broadcom:symantec_deployment_solutions:7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "17662E74-7FCB-4932-8611-821B0992AFD8"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.exodusintel.com/2024/01/25/symantec-deployment-solution-axengine-exe-buffer-overflow-remote-code-execution",
"source": "disclosures@exodusintel.com"
"source": "disclosures@exodusintel.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-236xx/CVE-2024-23614.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23614",
"sourceIdentifier": "disclosures@exodusintel.com",
"published": "2024-01-26T00:15:08.373",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T19:54:08.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -75,10 +105,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:broadcom:symantec_messaging_gateway:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.5",
"matchCriteriaId": "88C72319-CF43-400F-A6C7-F5E70F5C90FA"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.exodusintel.com/2024/01/25/symantec-messaging-gateway-stack-buffer-overflow-remote-code-execution/",
"source": "disclosures@exodusintel.com"
"source": "disclosures@exodusintel.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-236xx/CVE-2024-23616.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23616",
"sourceIdentifier": "disclosures@exodusintel.com",
"published": "2024-01-26T00:15:08.843",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:28:48.513",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -75,10 +105,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:broadcom:symantec_server_management_suite:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.9",
"matchCriteriaId": "937D8763-6903-4A74-99FF-4DDA99482180"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.exodusintel.com/2024/01/25/symantec-server-management-suite-axengine-exe-buffer-overflow-remote-code-execution/",
"source": "disclosures@exodusintel.com"
"source": "disclosures@exodusintel.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-236xx/CVE-2024-23617.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23617",
"sourceIdentifier": "disclosures@exodusintel.com",
"published": "2024-01-26T00:15:09.060",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:29:19.920",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -75,10 +105,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:broadcom:symantec_data_center_security_server:*:*:*:*:*:*:*:*",
"versionEndIncluding": "14.0.2",
"matchCriteriaId": "544AF3E1-ADEA-44F3-ACB2-F9A1485E2CD0"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.exodusintel.com/2024/01/25/symantec-data-loss-prevention-wp6sr-dll-stack-buffer-overflow-remote-code-execution/",
"source": "disclosures@exodusintel.com"
"source": "disclosures@exodusintel.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-236xx/CVE-2024-23619.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23619",
"sourceIdentifier": "disclosures@exodusintel.com",
"published": "2024-01-26T00:15:09.470",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:29:34.730",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -75,10 +105,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:merge_efilm_workstation:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.2",
"matchCriteriaId": "6BD4D17F-7208-4C0C-8CDA-39EE7FEEE431"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-information-disclosure/",
"source": "disclosures@exodusintel.com"
"source": "disclosures@exodusintel.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-236xx/CVE-2024-23620.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23620",
"sourceIdentifier": "disclosures@exodusintel.com",
"published": "2024-01-26T00:15:09.687",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:29:50.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -75,10 +105,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:merge_efilm_workstation:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.2",
"matchCriteriaId": "6BD4D17F-7208-4C0C-8CDA-39EE7FEEE431"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-system-privilege-escalation/",
"source": "disclosures@exodusintel.com"
"source": "disclosures@exodusintel.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-236xx/CVE-2024-23621.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23621",
"sourceIdentifier": "disclosures@exodusintel.com",
"published": "2024-01-26T00:15:09.957",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:30:17.927",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -75,10 +105,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:merge_efilm_workstation:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.2",
"matchCriteriaId": "6BD4D17F-7208-4C0C-8CDA-39EE7FEEE431"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-license-server-buffer-overflow/",
"source": "disclosures@exodusintel.com"
"source": "disclosures@exodusintel.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-236xx/CVE-2024-23622.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23622",
"sourceIdentifier": "disclosures@exodusintel.com",
"published": "2024-01-26T00:15:10.190",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-31T20:30:40.207",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -75,10 +105,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:merge_efilm_workstation:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.2",
"matchCriteriaId": "6BD4D17F-7208-4C0C-8CDA-39EE7FEEE431"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-license-server-copysls_request3-buffer-overflow/",
"source": "disclosures@exodusintel.com"
"source": "disclosures@exodusintel.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-236xx/CVE-2024-23637.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23637",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-31T18:15:49.810",
"lastModified": "2024-01-31T18:15:49.810",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:43.623",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-245xx/CVE-2024-24566.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24566",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-31T17:15:39.173",
"lastModified": "2024-01-31T17:15:39.173",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-245xx/CVE-2024-24579.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24579",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-31T17:15:40.170",
"lastModified": "2024-01-31T17:15:40.170",
"vulnStatus": "Received",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

97
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-31T19:00:25.051961+00:00
2024-01-31T21:00:25.887100+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-31T18:56:08.913000+00:00
2024-01-31T20:40:45.133000+00:00
```
### Last Data Feed Release
@ -29,68 +29,57 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
237232
237245
```
### CVEs added in the last Commit
Recently added CVEs: `24`
Recently added CVEs: `13`
* [CVE-2023-47116](CVE-2023/CVE-2023-471xx/CVE-2023-47116.json) (`2024-01-31T17:15:13.370`)
* [CVE-2023-50165](CVE-2023/CVE-2023-501xx/CVE-2023-50165.json) (`2024-01-31T18:15:46.320`)
* [CVE-2023-50166](CVE-2023/CVE-2023-501xx/CVE-2023-50166.json) (`2024-01-31T18:15:46.513`)
* [CVE-2023-5390](CVE-2023/CVE-2023-53xx/CVE-2023-5390.json) (`2024-01-31T18:15:46.780`)
* [CVE-2024-22302](CVE-2024/CVE-2024-223xx/CVE-2024-22302.json) (`2024-01-31T17:15:34.247`)
* [CVE-2024-22306](CVE-2024/CVE-2024-223xx/CVE-2024-22306.json) (`2024-01-31T17:15:35.560`)
* [CVE-2024-22307](CVE-2024/CVE-2024-223xx/CVE-2024-22307.json) (`2024-01-31T17:15:36.710`)
* [CVE-2024-22310](CVE-2024/CVE-2024-223xx/CVE-2024-22310.json) (`2024-01-31T17:15:38.113`)
* [CVE-2024-24566](CVE-2024/CVE-2024-245xx/CVE-2024-24566.json) (`2024-01-31T17:15:39.173`)
* [CVE-2024-24579](CVE-2024/CVE-2024-245xx/CVE-2024-24579.json) (`2024-01-31T17:15:40.170`)
* [CVE-2024-22160](CVE-2024/CVE-2024-221xx/CVE-2024-22160.json) (`2024-01-31T18:15:47.590`)
* [CVE-2024-22161](CVE-2024/CVE-2024-221xx/CVE-2024-22161.json) (`2024-01-31T18:15:47.773`)
* [CVE-2024-22162](CVE-2024/CVE-2024-221xx/CVE-2024-22162.json) (`2024-01-31T18:15:47.953`)
* [CVE-2024-22163](CVE-2024/CVE-2024-221xx/CVE-2024-22163.json) (`2024-01-31T18:15:48.140`)
* [CVE-2024-22282](CVE-2024/CVE-2024-222xx/CVE-2024-22282.json) (`2024-01-31T18:15:48.423`)
* [CVE-2024-22286](CVE-2024/CVE-2024-222xx/CVE-2024-22286.json) (`2024-01-31T18:15:48.663`)
* [CVE-2024-22289](CVE-2024/CVE-2024-222xx/CVE-2024-22289.json) (`2024-01-31T18:15:48.863`)
* [CVE-2024-22292](CVE-2024/CVE-2024-222xx/CVE-2024-22292.json) (`2024-01-31T18:15:49.053`)
* [CVE-2024-22293](CVE-2024/CVE-2024-222xx/CVE-2024-22293.json) (`2024-01-31T18:15:49.250`)
* [CVE-2024-22295](CVE-2024/CVE-2024-222xx/CVE-2024-22295.json) (`2024-01-31T18:15:49.443`)
* [CVE-2024-22297](CVE-2024/CVE-2024-222xx/CVE-2024-22297.json) (`2024-01-31T18:15:49.627`)
* [CVE-2024-23637](CVE-2024/CVE-2024-236xx/CVE-2024-23637.json) (`2024-01-31T18:15:49.810`)
* [CVE-2024-21888](CVE-2024/CVE-2024-218xx/CVE-2024-21888.json) (`2024-01-31T18:15:47.260`)
* [CVE-2024-21893](CVE-2024/CVE-2024-218xx/CVE-2024-21893.json) (`2024-01-31T18:15:47.437`)
* [CVE-2023-28807](CVE-2023/CVE-2023-288xx/CVE-2023-28807.json) (`2024-01-31T20:15:44.903`)
* [CVE-2024-1111](CVE-2024/CVE-2024-11xx/CVE-2024-1111.json) (`2024-01-31T19:15:08.187`)
* [CVE-2024-21916](CVE-2024/CVE-2024-219xx/CVE-2024-21916.json) (`2024-01-31T19:15:08.427`)
* [CVE-2024-21917](CVE-2024/CVE-2024-219xx/CVE-2024-21917.json) (`2024-01-31T19:15:08.633`)
* [CVE-2024-22146](CVE-2024/CVE-2024-221xx/CVE-2024-22146.json) (`2024-01-31T19:15:08.820`)
* [CVE-2024-22150](CVE-2024/CVE-2024-221xx/CVE-2024-22150.json) (`2024-01-31T19:15:09.013`)
* [CVE-2024-22153](CVE-2024/CVE-2024-221xx/CVE-2024-22153.json) (`2024-01-31T19:15:09.270`)
* [CVE-2024-22158](CVE-2024/CVE-2024-221xx/CVE-2024-22158.json) (`2024-01-31T19:15:09.470`)
* [CVE-2024-22159](CVE-2024/CVE-2024-221xx/CVE-2024-22159.json) (`2024-01-31T19:15:09.650`)
* [CVE-2024-1113](CVE-2024/CVE-2024-11xx/CVE-2024-1113.json) (`2024-01-31T20:15:45.140`)
* [CVE-2024-1114](CVE-2024/CVE-2024-11xx/CVE-2024-1114.json) (`2024-01-31T20:15:45.367`)
* [CVE-2024-1115](CVE-2024/CVE-2024-11xx/CVE-2024-1115.json) (`2024-01-31T20:15:45.590`)
* [CVE-2024-1116](CVE-2024/CVE-2024-11xx/CVE-2024-1116.json) (`2024-01-31T20:15:45.807`)
### CVEs modified in the last Commit
Recently modified CVEs: `177`
Recently modified CVEs: `70`
* [CVE-2023-35836](CVE-2023/CVE-2023-358xx/CVE-2023-35836.json) (`2024-01-31T18:38:16.887`)
* [CVE-2023-7227](CVE-2023/CVE-2023-72xx/CVE-2023-7227.json) (`2024-01-31T18:46:00.220`)
* [CVE-2023-41474](CVE-2023/CVE-2023-414xx/CVE-2023-41474.json) (`2024-01-31T18:54:51.777`)
* [CVE-2024-0880](CVE-2024/CVE-2024-08xx/CVE-2024-0880.json) (`2024-01-31T17:01:46.297`)
* [CVE-2024-23897](CVE-2024/CVE-2024-238xx/CVE-2024-23897.json) (`2024-01-31T17:13:39.360`)
* [CVE-2024-0219](CVE-2024/CVE-2024-02xx/CVE-2024-0219.json) (`2024-01-31T17:15:29.633`)
* [CVE-2024-0222](CVE-2024/CVE-2024-02xx/CVE-2024-0222.json) (`2024-01-31T17:15:29.990`)
* [CVE-2024-0223](CVE-2024/CVE-2024-02xx/CVE-2024-0223.json) (`2024-01-31T17:15:30.487`)
* [CVE-2024-0224](CVE-2024/CVE-2024-02xx/CVE-2024-0224.json) (`2024-01-31T17:15:30.873`)
* [CVE-2024-0225](CVE-2024/CVE-2024-02xx/CVE-2024-0225.json) (`2024-01-31T17:15:31.230`)
* [CVE-2024-0832](CVE-2024/CVE-2024-08xx/CVE-2024-0832.json) (`2024-01-31T17:15:31.790`)
* [CVE-2024-0833](CVE-2024/CVE-2024-08xx/CVE-2024-0833.json) (`2024-01-31T17:15:32.147`)
* [CVE-2024-20918](CVE-2024/CVE-2024-209xx/CVE-2024-20918.json) (`2024-01-31T17:15:32.580`)
* [CVE-2024-20926](CVE-2024/CVE-2024-209xx/CVE-2024-20926.json) (`2024-01-31T17:15:33.247`)
* [CVE-2024-20952](CVE-2024/CVE-2024-209xx/CVE-2024-20952.json) (`2024-01-31T17:15:33.773`)
* [CVE-2024-23900](CVE-2024/CVE-2024-239xx/CVE-2024-23900.json) (`2024-01-31T17:20:14.777`)
* [CVE-2024-23901](CVE-2024/CVE-2024-239xx/CVE-2024-23901.json) (`2024-01-31T17:21:55.750`)
* [CVE-2024-0882](CVE-2024/CVE-2024-08xx/CVE-2024-0882.json) (`2024-01-31T17:32:28.080`)
* [CVE-2024-22749](CVE-2024/CVE-2024-227xx/CVE-2024-22749.json) (`2024-01-31T18:01:59.017`)
* [CVE-2024-23903](CVE-2024/CVE-2024-239xx/CVE-2024-23903.json) (`2024-01-31T18:13:14.563`)
* [CVE-2024-0402](CVE-2024/CVE-2024-04xx/CVE-2024-0402.json) (`2024-01-31T18:34:47.867`)
* [CVE-2024-23902](CVE-2024/CVE-2024-239xx/CVE-2024-23902.json) (`2024-01-31T18:37:37.253`)
* [CVE-2024-22529](CVE-2024/CVE-2024-225xx/CVE-2024-22529.json) (`2024-01-31T18:42:44.573`)
* [CVE-2024-23899](CVE-2024/CVE-2024-238xx/CVE-2024-23899.json) (`2024-01-31T18:43:39.183`)
* [CVE-2024-0883](CVE-2024/CVE-2024-08xx/CVE-2024-0883.json) (`2024-01-31T18:51:07.787`)
* [CVE-2024-23508](CVE-2024/CVE-2024-235xx/CVE-2024-23508.json) (`2024-01-31T19:54:51.757`)
* [CVE-2024-22302](CVE-2024/CVE-2024-223xx/CVE-2024-22302.json) (`2024-01-31T19:54:51.757`)
* [CVE-2024-22306](CVE-2024/CVE-2024-223xx/CVE-2024-22306.json) (`2024-01-31T19:54:51.757`)
* [CVE-2024-22307](CVE-2024/CVE-2024-223xx/CVE-2024-22307.json) (`2024-01-31T19:54:51.757`)
* [CVE-2024-22310](CVE-2024/CVE-2024-223xx/CVE-2024-22310.json) (`2024-01-31T19:54:51.757`)
* [CVE-2024-24566](CVE-2024/CVE-2024-245xx/CVE-2024-24566.json) (`2024-01-31T19:54:51.757`)
* [CVE-2024-24579](CVE-2024/CVE-2024-245xx/CVE-2024-24579.json) (`2024-01-31T19:54:51.757`)
* [CVE-2024-21387](CVE-2024/CVE-2024-213xx/CVE-2024-21387.json) (`2024-01-31T20:08:28.943`)
* [CVE-2024-21385](CVE-2024/CVE-2024-213xx/CVE-2024-21385.json) (`2024-01-31T20:09:14.593`)
* [CVE-2024-21383](CVE-2024/CVE-2024-213xx/CVE-2024-21383.json) (`2024-01-31T20:09:22.623`)
* [CVE-2024-21382](CVE-2024/CVE-2024-213xx/CVE-2024-21382.json) (`2024-01-31T20:10:16.277`)
* [CVE-2024-21326](CVE-2024/CVE-2024-213xx/CVE-2024-21326.json) (`2024-01-31T20:10:24.203`)
* [CVE-2024-0456](CVE-2024/CVE-2024-04xx/CVE-2024-0456.json) (`2024-01-31T20:12:00.077`)
* [CVE-2024-0736](CVE-2024/CVE-2024-07xx/CVE-2024-0736.json) (`2024-01-31T20:19:04.667`)
* [CVE-2024-0695](CVE-2024/CVE-2024-06xx/CVE-2024-0695.json) (`2024-01-31T20:20:20.147`)
* [CVE-2024-0693](CVE-2024/CVE-2024-06xx/CVE-2024-0693.json) (`2024-01-31T20:20:32.517`)
* [CVE-2024-22154](CVE-2024/CVE-2024-221xx/CVE-2024-22154.json) (`2024-01-31T20:20:56.647`)
* [CVE-2024-23616](CVE-2024/CVE-2024-236xx/CVE-2024-23616.json) (`2024-01-31T20:28:48.513`)
* [CVE-2024-23617](CVE-2024/CVE-2024-236xx/CVE-2024-23617.json) (`2024-01-31T20:29:19.920`)
* [CVE-2024-23619](CVE-2024/CVE-2024-236xx/CVE-2024-23619.json) (`2024-01-31T20:29:34.730`)
* [CVE-2024-23620](CVE-2024/CVE-2024-236xx/CVE-2024-23620.json) (`2024-01-31T20:29:50.697`)
* [CVE-2024-23621](CVE-2024/CVE-2024-236xx/CVE-2024-23621.json) (`2024-01-31T20:30:17.927`)
* [CVE-2024-23622](CVE-2024/CVE-2024-236xx/CVE-2024-23622.json) (`2024-01-31T20:30:40.207`)
* [CVE-2024-22099](CVE-2024/CVE-2024-220xx/CVE-2024-22099.json) (`2024-01-31T20:32:02.720`)
* [CVE-2024-23307](CVE-2024/CVE-2024-233xx/CVE-2024-23307.json) (`2024-01-31T20:38:12.743`)
## Download and Usage