From b75fef153f96810ad65def0a6c0396759533865d Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 31 Jan 2024 21:00:29 +0000 Subject: [PATCH] Auto-Update: 2024-01-31T21:00:25.887100+00:00 --- CVE-2020/CVE-2020-256xx/CVE-2020-25691.json | 6 +- CVE-2020/CVE-2020-292xx/CVE-2020-29215.json | 6 +- CVE-2021/CVE-2021-421xx/CVE-2021-42143.json | 69 ++- CVE-2021/CVE-2021-421xx/CVE-2021-42144.json | 69 ++- CVE-2021/CVE-2021-435xx/CVE-2021-43584.json | 70 ++- CVE-2023/CVE-2023-288xx/CVE-2023-28807.json | 59 ++ CVE-2023/CVE-2023-310xx/CVE-2023-31037.json | 93 ++- CVE-2023/CVE-2023-337xx/CVE-2023-33757.json | 76 ++- CVE-2023/CVE-2023-337xx/CVE-2023-33758.json | 65 ++- CVE-2023/CVE-2023-471xx/CVE-2023-47116.json | 4 +- CVE-2023/CVE-2023-501xx/CVE-2023-50165.json | 4 +- CVE-2023/CVE-2023-501xx/CVE-2023-50166.json | 4 +- CVE-2023/CVE-2023-507xx/CVE-2023-50785.json | 123 +++- CVE-2023/CVE-2023-53xx/CVE-2023-5390.json | 4 +- CVE-2023/CVE-2023-56xx/CVE-2023-5612.json | 97 +++- CVE-2023/CVE-2023-59xx/CVE-2023-5933.json | 99 +++- CVE-2023/CVE-2023-61xx/CVE-2023-6159.json | 99 +++- CVE-2023/CVE-2023-62xx/CVE-2023-6282.json | 58 +- CVE-2023/CVE-2023-72xx/CVE-2023-7237.json | 74 ++- CVE-2024/CVE-2024-02xx/CVE-2024-0219.json | 4 +- CVE-2024/CVE-2024-04xx/CVE-2024-0456.json | 94 +++- CVE-2024/CVE-2024-06xx/CVE-2024-0624.json | 69 ++- CVE-2024/CVE-2024-06xx/CVE-2024-0688.json | 64 ++- CVE-2024/CVE-2024-06xx/CVE-2024-0693.json | 76 ++- CVE-2024/CVE-2024-06xx/CVE-2024-0695.json | 75 ++- CVE-2024/CVE-2024-07xx/CVE-2024-0736.json | 61 +- CVE-2024/CVE-2024-08xx/CVE-2024-0822.json | 67 ++- CVE-2024/CVE-2024-08xx/CVE-2024-0832.json | 4 +- CVE-2024/CVE-2024-08xx/CVE-2024-0833.json | 4 +- CVE-2024/CVE-2024-08xx/CVE-2024-0879.json | 57 +- CVE-2024/CVE-2024-11xx/CVE-2024-1103.json | 4 +- CVE-2024/CVE-2024-11xx/CVE-2024-1111.json | 84 +++ CVE-2024/CVE-2024-11xx/CVE-2024-1113.json | 88 +++ CVE-2024/CVE-2024-11xx/CVE-2024-1114.json | 88 +++ CVE-2024/CVE-2024-11xx/CVE-2024-1115.json | 88 +++ CVE-2024/CVE-2024-11xx/CVE-2024-1116.json | 88 +++ CVE-2024/CVE-2024-213xx/CVE-2024-21326.json | 40 +- CVE-2024/CVE-2024-213xx/CVE-2024-21382.json | 52 +- CVE-2024/CVE-2024-213xx/CVE-2024-21383.json | 40 +- CVE-2024/CVE-2024-213xx/CVE-2024-21385.json | 40 +- CVE-2024/CVE-2024-213xx/CVE-2024-21387.json | 46 +- CVE-2024/CVE-2024-218xx/CVE-2024-21888.json | 585 ++++++++++++++++++- CVE-2024/CVE-2024-218xx/CVE-2024-21893.json | 590 +++++++++++++++++++- CVE-2024/CVE-2024-219xx/CVE-2024-21916.json | 55 ++ CVE-2024/CVE-2024-219xx/CVE-2024-21917.json | 55 ++ CVE-2024/CVE-2024-220xx/CVE-2024-22099.json | 57 +- CVE-2024/CVE-2024-221xx/CVE-2024-22146.json | 55 ++ CVE-2024/CVE-2024-221xx/CVE-2024-22150.json | 55 ++ CVE-2024/CVE-2024-221xx/CVE-2024-22153.json | 55 ++ CVE-2024/CVE-2024-221xx/CVE-2024-22154.json | 47 +- CVE-2024/CVE-2024-221xx/CVE-2024-22158.json | 55 ++ CVE-2024/CVE-2024-221xx/CVE-2024-22159.json | 55 ++ CVE-2024/CVE-2024-221xx/CVE-2024-22160.json | 4 +- CVE-2024/CVE-2024-221xx/CVE-2024-22161.json | 4 +- CVE-2024/CVE-2024-221xx/CVE-2024-22162.json | 4 +- CVE-2024/CVE-2024-221xx/CVE-2024-22163.json | 4 +- CVE-2024/CVE-2024-222xx/CVE-2024-22282.json | 4 +- CVE-2024/CVE-2024-222xx/CVE-2024-22286.json | 4 +- CVE-2024/CVE-2024-222xx/CVE-2024-22289.json | 4 +- CVE-2024/CVE-2024-222xx/CVE-2024-22292.json | 4 +- CVE-2024/CVE-2024-222xx/CVE-2024-22293.json | 4 +- CVE-2024/CVE-2024-222xx/CVE-2024-22295.json | 4 +- CVE-2024/CVE-2024-222xx/CVE-2024-22297.json | 4 +- CVE-2024/CVE-2024-223xx/CVE-2024-22302.json | 4 +- CVE-2024/CVE-2024-223xx/CVE-2024-22306.json | 4 +- CVE-2024/CVE-2024-223xx/CVE-2024-22307.json | 4 +- CVE-2024/CVE-2024-223xx/CVE-2024-22310.json | 4 +- CVE-2024/CVE-2024-224xx/CVE-2024-22424.json | 12 +- CVE-2024/CVE-2024-233xx/CVE-2024-23307.json | 59 +- CVE-2024/CVE-2024-235xx/CVE-2024-23502.json | 4 +- CVE-2024/CVE-2024-235xx/CVE-2024-23505.json | 4 +- CVE-2024/CVE-2024-235xx/CVE-2024-23508.json | 4 +- CVE-2024/CVE-2024-236xx/CVE-2024-23613.json | 56 +- CVE-2024/CVE-2024-236xx/CVE-2024-23614.json | 57 +- CVE-2024/CVE-2024-236xx/CVE-2024-23616.json | 57 +- CVE-2024/CVE-2024-236xx/CVE-2024-23617.json | 57 +- CVE-2024/CVE-2024-236xx/CVE-2024-23619.json | 57 +- CVE-2024/CVE-2024-236xx/CVE-2024-23620.json | 57 +- CVE-2024/CVE-2024-236xx/CVE-2024-23621.json | 57 +- CVE-2024/CVE-2024-236xx/CVE-2024-23622.json | 57 +- CVE-2024/CVE-2024-236xx/CVE-2024-23637.json | 4 +- CVE-2024/CVE-2024-245xx/CVE-2024-24566.json | 4 +- CVE-2024/CVE-2024-245xx/CVE-2024-24579.json | 4 +- README.md | 97 ++-- 84 files changed, 4415 insertions(+), 268 deletions(-) create mode 100644 CVE-2023/CVE-2023-288xx/CVE-2023-28807.json create mode 100644 CVE-2024/CVE-2024-11xx/CVE-2024-1111.json create mode 100644 CVE-2024/CVE-2024-11xx/CVE-2024-1113.json create mode 100644 CVE-2024/CVE-2024-11xx/CVE-2024-1114.json create mode 100644 CVE-2024/CVE-2024-11xx/CVE-2024-1115.json create mode 100644 CVE-2024/CVE-2024-11xx/CVE-2024-1116.json create mode 100644 CVE-2024/CVE-2024-219xx/CVE-2024-21916.json create mode 100644 CVE-2024/CVE-2024-219xx/CVE-2024-21917.json create mode 100644 CVE-2024/CVE-2024-221xx/CVE-2024-22146.json create mode 100644 CVE-2024/CVE-2024-221xx/CVE-2024-22150.json create mode 100644 CVE-2024/CVE-2024-221xx/CVE-2024-22153.json create mode 100644 CVE-2024/CVE-2024-221xx/CVE-2024-22158.json create mode 100644 CVE-2024/CVE-2024-221xx/CVE-2024-22159.json diff --git a/CVE-2020/CVE-2020-256xx/CVE-2020-25691.json b/CVE-2020/CVE-2020-256xx/CVE-2020-25691.json index 843dcc3c618..0e26c187c75 100644 --- a/CVE-2020/CVE-2020-256xx/CVE-2020-25691.json +++ b/CVE-2020/CVE-2020-256xx/CVE-2020-25691.json @@ -2,7 +2,7 @@ "id": "CVE-2020-25691", "sourceIdentifier": "secalert@redhat.com", "published": "2022-04-01T23:15:08.663", - "lastModified": "2022-12-09T19:36:45.893", + "lastModified": "2024-01-31T19:19:45.390", "vulnStatus": "Analyzed", "descriptions": [ { @@ -94,9 +94,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:darkhttpd_project:darkhttpd:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:unix4lyfe:darkhttpd:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.13-1", - "matchCriteriaId": "D467091C-F584-49CD-BD7D-CF8E2037F32A" + "matchCriteriaId": "C5AB4905-2887-4A33-91A3-86820F29FCBB" } ] } diff --git a/CVE-2020/CVE-2020-292xx/CVE-2020-29215.json b/CVE-2020/CVE-2020-292xx/CVE-2020-29215.json index 7b2d159068b..95b37850451 100644 --- a/CVE-2020/CVE-2020-292xx/CVE-2020-29215.json +++ b/CVE-2020/CVE-2020-292xx/CVE-2020-29215.json @@ -2,7 +2,7 @@ "id": "CVE-2020-29215", "sourceIdentifier": "cve@mitre.org", "published": "2021-06-15T20:15:11.400", - "lastModified": "2021-06-22T15:08:53.490", + "lastModified": "2024-01-31T19:19:45.390", "vulnStatus": "Analyzed", "descriptions": [ { @@ -84,8 +84,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:employee_management_system_project:employee_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3F35A050-7DDD-42B4-8C33-387B07453E39" + "criteria": "cpe:2.3:a:razormist:employee_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "C7C87F89-B8F6-412D-8E3F-3C35A1EBAD6F" } ] } diff --git a/CVE-2021/CVE-2021-421xx/CVE-2021-42143.json b/CVE-2021/CVE-2021-421xx/CVE-2021-42143.json index 187730c9638..00a1eeaaefe 100644 --- a/CVE-2021/CVE-2021-421xx/CVE-2021-42143.json +++ b/CVE-2021/CVE-2021-421xx/CVE-2021-42143.json @@ -2,19 +2,80 @@ "id": "CVE-2021-42143", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-24T18:15:08.080", - "lastModified": "2024-01-24T18:45:30.823", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:05:29.880", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. An infinite loop bug exists during the handling of a ClientHello handshake message. This bug allows remote attackers to cause a denial of service by sending a malformed ClientHello handshake message with an odd length of cipher suites, which triggers an infinite loop (consuming all resources) and a buffer over-read that can disclose sensitive information." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Contiki-NG tinyDTLS a trav\u00e9s de la rama maestra 53a0d97. Existe un error de bucle infinito durante el manejo de un mensaje de protocolo de enlace ClientHello. Este error permite a atacantes remotos provocar una denegaci\u00f3n de servicio enviando un mensaje de protocolo de enlace ClientHello mal formado con una longitud impar de conjuntos de cifrado, lo que desencadena un bucle infinito (consumiendo todos los recursos) y una sobrelectura del b\u00fafer que puede revelar informaci\u00f3n confidencial." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-835" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:contiki-ng:tinydtls:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2018-08-30", + "matchCriteriaId": "E938DF84-2663-4516-87E3-B7E46789F6A1" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://seclists.org/fulldisclosure/2024/Jan/16", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-421xx/CVE-2021-42144.json b/CVE-2021/CVE-2021-421xx/CVE-2021-42144.json index bb68c4eb042..c70c4411ba5 100644 --- a/CVE-2021/CVE-2021-421xx/CVE-2021-42144.json +++ b/CVE-2021/CVE-2021-421xx/CVE-2021-42144.json @@ -2,19 +2,80 @@ "id": "CVE-2021-42144", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-24T18:15:08.150", - "lastModified": "2024-01-24T18:45:30.823", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:27:20.740", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to dtls_ccm_decrypt_message()." + }, + { + "lang": "es", + "value": "Vulnerabilidad de lectura excesiva del b\u00fafer en Contiki-NG tinyDTLS a trav\u00e9s de la rama maestra 53a0d97 permite a los atacantes obtener informaci\u00f3n confidencial a trav\u00e9s de entradas manipuladas en dtls_ccm_decrypt_message()." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:contiki-ng:contiki-ng_tinydtls:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2018-08-30", + "matchCriteriaId": "81B489DE-BE80-4481-9DAF-3985C954527E" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://seclists.org/fulldisclosure/2024/Jan/17", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-435xx/CVE-2021-43584.json b/CVE-2021/CVE-2021-435xx/CVE-2021-43584.json index 79a33a8dc53..81e8bc61822 100644 --- a/CVE-2021/CVE-2021-435xx/CVE-2021-43584.json +++ b/CVE-2021/CVE-2021-435xx/CVE-2021-43584.json @@ -2,19 +2,81 @@ "id": "CVE-2021-43584", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-24T20:15:53.610", - "lastModified": "2024-01-25T01:59:45.643", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T19:50:34.763", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "DOM-based Cross Site Scripting (XSS vulnerability in 'Tail Event Logs' functionality in Nagios Nagios Cross-Platform Agent (NCPA) before 2.4.0 allows attackers to run arbitrary code via the name element when filtering for a log." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross Site Scripting (XSS) basado en DOM en la funcionalidad 'Tail Event Logs' en Nagios Nagios Cross-Platform Agent (NCPA) anterior a 2.4.0 permite a los atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s del elemento de nombre al filtrar un registro." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nagios:nagios_cross_platform_agent:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.4.0", + "matchCriteriaId": "E69DEC17-2E27-4E85-9728-A0E837ECA3F3" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/NagiosEnterprises/ncpa/issues/830", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-288xx/CVE-2023-28807.json b/CVE-2023/CVE-2023-288xx/CVE-2023-28807.json new file mode 100644 index 00000000000..290e9c7ed70 --- /dev/null +++ b/CVE-2023/CVE-2023-288xx/CVE-2023-28807.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-28807", + "sourceIdentifier": "cve@zscaler.com", + "published": "2024-01-31T20:15:44.903", + "lastModified": "2024-01-31T20:15:44.903", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In Zscaler Internet Access (ZIA) a mismatch between Connect Host and Client Hello's Server Name Indication (SNI) enables attackers to evade network security controls by hiding their communications within legitimate traffic." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@zscaler.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.5, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "cve@zscaler.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-295" + } + ] + } + ], + "references": [ + { + "url": "https://help.zscaler.com/zia/configuring-advanced-settings#dns-optimization", + "source": "cve@zscaler.com" + }, + { + "url": "https://help.zscaler.com/zia/configuring-advanced-settings#domain-fronting", + "source": "cve@zscaler.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-310xx/CVE-2023-31037.json b/CVE-2023/CVE-2023-310xx/CVE-2023-31037.json index ffada491cf5..24ebc6deafe 100644 --- a/CVE-2023/CVE-2023-310xx/CVE-2023-31037.json +++ b/CVE-2023/CVE-2023-310xx/CVE-2023-31037.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31037", "sourceIdentifier": "psirt@nvidia.com", "published": "2024-01-24T03:15:08.100", - "lastModified": "2024-01-24T13:49:03.187", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:11:28.867", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "psirt@nvidia.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + }, { "source": "psirt@nvidia.com", "type": "Secondary", @@ -50,10 +80,67 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nvidia:bluefield_bmc:2.8.2-46:*:*:*:lts:*:*:*", + "matchCriteriaId": "7A4D4343-2910-4C4A-B68D-9AE8FC68F8C6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nvidia:bluefield_bmc:23.04:*:*:*:-:*:*:*", + "matchCriteriaId": "73DE11D8-3B29-46D0-B111-A06DB49909A2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nvidia:bluefield_bmc:23.07:*:*:*:-:*:*:*", + "matchCriteriaId": "7D35EB35-A333-4149-A5AB-3CD54A34FDB3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nvidia:bluefield_bmc:23.09:*:*:*:-:*:*:*", + "matchCriteriaId": "94EE0617-9D9F-4322-BB57-60868EBA6CA1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nvidia:bluefield_2_ga:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BC213CA8-C172-4AB5-B66B-A5C71F470F33" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nvidia:bluefield_2_lts:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1A755B8-4FF4-4209-9E49-580159B9DFC7" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:nvidia:bluefield_3_ga:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E1A941D7-49CE-49DA-A730-71C598D11EE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5511", - "source": "psirt@nvidia.com" + "source": "psirt@nvidia.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-337xx/CVE-2023-33757.json b/CVE-2023/CVE-2023-337xx/CVE-2023-33757.json index c621604d0db..d025f8eca81 100644 --- a/CVE-2023/CVE-2023-337xx/CVE-2023-33757.json +++ b/CVE-2023/CVE-2023-337xx/CVE-2023-33757.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33757", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-25T08:15:08.420", - "lastModified": "2024-01-25T13:38:33.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:38:25.960", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,79 @@ "value": "La falta de validaci\u00f3n del certificado SSL en Splicecom iPCS (iOS App) v1.3.4, iPCS2 (iOS App) v2.8 y anteriores, e iPCS (Android App) v1.8.5 y anteriores permite a los atacantes espiar las comunicaciones a trav\u00e9s de un ataque de man-in-the-middle." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-295" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:splicecom:ipcs:*:*:*:*:*:android:*:*", + "versionEndIncluding": "1.8.5", + "matchCriteriaId": "EF0D97E8-4C21-497D-8EE6-413C1228BB11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:splicecom:ipcs:1.3.4:*:*:*:*:iphone_os:*:*", + "matchCriteriaId": "5D3B5805-04BF-4561-87E7-71980EEB3596" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:splicecom:ipcs2:*:*:*:*:*:iphone_os:*:*", + "versionEndIncluding": "2.8", + "matchCriteriaId": "51D3CC91-4071-49CD-BCFA-75D519AC0034" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/twignet/splicecom", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-337xx/CVE-2023-33758.json b/CVE-2023/CVE-2023-337xx/CVE-2023-33758.json index c9d7b8adbc9..6ea749300e6 100644 --- a/CVE-2023/CVE-2023-337xx/CVE-2023-33758.json +++ b/CVE-2023/CVE-2023-337xx/CVE-2023-33758.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33758", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-25T08:15:08.573", - "lastModified": "2024-01-25T13:38:33.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:40:45.133", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,68 @@ "value": "Se descubri\u00f3 que Splicecom Maximiser Soft PBX v1.5 y anteriores conten\u00eda una vulnerabilidad de Cross-Site Scripting (XSS) a trav\u00e9s de los campos CLIENT_NAME y DEVICE_GUID en el componente de inicio de sesi\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:splicecom:maximiser_soft_pbx:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.5", + "matchCriteriaId": "94656EDD-537D-487B-BA78-713C34D9E4A1" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/twignet/splicecom", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-471xx/CVE-2023-47116.json b/CVE-2023/CVE-2023-471xx/CVE-2023-47116.json index d94a054fc30..e0bfe4d4535 100644 --- a/CVE-2023/CVE-2023-471xx/CVE-2023-47116.json +++ b/CVE-2023/CVE-2023-471xx/CVE-2023-47116.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47116", "sourceIdentifier": "security-advisories@github.com", "published": "2024-01-31T17:15:13.370", - "lastModified": "2024-01-31T17:15:13.370", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:51.757", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-501xx/CVE-2023-50165.json b/CVE-2023/CVE-2023-501xx/CVE-2023-50165.json index 0de076ecd6f..24b9706473b 100644 --- a/CVE-2023/CVE-2023-501xx/CVE-2023-50165.json +++ b/CVE-2023/CVE-2023-501xx/CVE-2023-50165.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50165", "sourceIdentifier": "security@pega.com", "published": "2024-01-31T18:15:46.320", - "lastModified": "2024-01-31T18:15:46.320", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:51.757", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-501xx/CVE-2023-50166.json b/CVE-2023/CVE-2023-501xx/CVE-2023-50166.json index e33a6e311db..1de6ef49602 100644 --- a/CVE-2023/CVE-2023-501xx/CVE-2023-50166.json +++ b/CVE-2023/CVE-2023-501xx/CVE-2023-50166.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50166", "sourceIdentifier": "security@pega.com", "published": "2024-01-31T18:15:46.513", - "lastModified": "2024-01-31T18:15:46.513", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:51.757", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-507xx/CVE-2023-50785.json b/CVE-2023/CVE-2023-507xx/CVE-2023-50785.json index 7a7c881cfea..040dccaa118 100644 --- a/CVE-2023/CVE-2023-507xx/CVE-2023-50785.json +++ b/CVE-2023/CVE-2023-507xx/CVE-2023-50785.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50785", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-25T06:15:50.533", - "lastModified": "2024-01-25T13:38:33.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T19:16:46.520", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,126 @@ "value": "Zoho ManageEngine ADAudit Plus anterior a 7270 permite a los usuarios administradores ver nombres de directorios arbitrarios mediante path traversal." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.2, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7200:*:*:*:*:*:*", + "matchCriteriaId": "0FAF63F4-AED2-4EA4-BA5B-45961B2E29B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7201:*:*:*:*:*:*", + "matchCriteriaId": "237AA2F5-B9A3-4C40-92AC-61FE47A017BC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7202:*:*:*:*:*:*", + "matchCriteriaId": "4C23A64C-65CB-447B-9B5F-4BB22F68FC79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7203:*:*:*:*:*:*", + "matchCriteriaId": "3489D84B-5960-4FA7-A2DD-88AE35C34CE6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7210:*:*:*:*:*:*", + "matchCriteriaId": "D86AB1CC-0FDE-4CC1-BF64-E0C61EAF652F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7211:*:*:*:*:*:*", + "matchCriteriaId": "076FDAE7-9DB2-4A04-B09E-E53858D208C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7212:*:*:*:*:*:*", + "matchCriteriaId": "07C08B57-FA76-4E24-BC10-B837597BC7E0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7213:*:*:*:*:*:*", + "matchCriteriaId": "0D734ACB-33E8-4315-8A79-2B97CE1D0509" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7215:*:*:*:*:*:*", + "matchCriteriaId": "9314CA98-7A69-4D2B-9928-40F55888C9FF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7220:*:*:*:*:*:*", + "matchCriteriaId": "BCE7999C-D6AE-4406-A563-A520A171381D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7250:*:*:*:*:*:*", + "matchCriteriaId": "D5716895-4553-4613-B774-0964D3E88AA0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7251:*:*:*:*:*:*", + "matchCriteriaId": "C40A093F-C442-4B05-8746-B533DE0683A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7260:*:*:*:*:*:*", + "matchCriteriaId": "562563FC-DBAD-441C-B01A-796AFB67DA0D" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.manageengine.com/products/active-directory-audit/cve-2023-50785.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-53xx/CVE-2023-5390.json b/CVE-2023/CVE-2023-53xx/CVE-2023-5390.json index ad24f4d7cf8..a342ffba9a8 100644 --- a/CVE-2023/CVE-2023-53xx/CVE-2023-5390.json +++ b/CVE-2023/CVE-2023-53xx/CVE-2023-5390.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5390", "sourceIdentifier": "psirt@honeywell.com", "published": "2024-01-31T18:15:46.780", - "lastModified": "2024-01-31T18:15:46.780", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:51.757", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-56xx/CVE-2023-5612.json b/CVE-2023/CVE-2023-56xx/CVE-2023-5612.json index 4b41870182b..280dae8e229 100644 --- a/CVE-2023/CVE-2023-56xx/CVE-2023-5612.json +++ b/CVE-2023/CVE-2023-56xx/CVE-2023-5612.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5612", "sourceIdentifier": "cve@gitlab.com", "published": "2024-01-26T02:15:07.357", - "lastModified": "2024-01-26T13:51:45.267", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:07:49.607", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -50,18 +80,75 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionEndExcluding": "16.6.6", + "matchCriteriaId": "E229770B-0BBC-4C62-B8A5-7FF7F7BA60EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionEndExcluding": "16.6.6", + "matchCriteriaId": "E891B4BC-C3CE-4F96-BB11-34BBE0F3A293" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "16.7.0", + "versionEndExcluding": "16.7.4", + "matchCriteriaId": "0F871342-EDE9-49F2-8081-04651A16CD6E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "16.7.0", + "versionEndExcluding": "16.7.4", + "matchCriteriaId": "9A9ED476-FBE7-4022-AE16-18386E73AA59" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.8.0:*:*:*:community:*:*:*", + "matchCriteriaId": "246D6584-64A7-44AC-A279-ECA58E5ED1FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.8.0:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "E591D495-7397-4DA2-A643-477B2E35A915" + } + ] + } + ] + } + ], "references": [ { "url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/428441", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://hackerone.com/reports/2208790", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-59xx/CVE-2023-5933.json b/CVE-2023/CVE-2023-59xx/CVE-2023-5933.json index 0caca068c01..f268cc9d28e 100644 --- a/CVE-2023/CVE-2023-59xx/CVE-2023-5933.json +++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5933.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5933", "sourceIdentifier": "cve@gitlab.com", "published": "2024-01-26T01:15:08.660", - "lastModified": "2024-01-26T13:51:45.267", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:31:37.367", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -50,18 +80,77 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "13.7.0", + "versionEndExcluding": "16.6.6", + "matchCriteriaId": "CB08E85C-E128-44D4-B9B7-2A58790D72C5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "13.7.0", + "versionEndExcluding": "16.6.6", + "matchCriteriaId": "31BFE094-EDFE-447F-AC01-9D18E1375383" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "16.7.0", + "versionEndExcluding": "16.7.4", + "matchCriteriaId": "0F871342-EDE9-49F2-8081-04651A16CD6E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "16.7.0", + "versionEndExcluding": "16.7.4", + "matchCriteriaId": "9A9ED476-FBE7-4022-AE16-18386E73AA59" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.8.0:*:*:*:community:*:*:*", + "matchCriteriaId": "246D6584-64A7-44AC-A279-ECA58E5ED1FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.8.0:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "E591D495-7397-4DA2-A643-477B2E35A915" + } + ] + } + ] + } + ], "references": [ { "url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/430236", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://hackerone.com/reports/2225710", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-61xx/CVE-2023-6159.json b/CVE-2023/CVE-2023-61xx/CVE-2023-6159.json index 3103fcb04db..03a43eedca3 100644 --- a/CVE-2023/CVE-2023-61xx/CVE-2023-6159.json +++ b/CVE-2023/CVE-2023-61xx/CVE-2023-6159.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6159", "sourceIdentifier": "cve@gitlab.com", "published": "2024-01-26T02:15:07.567", - "lastModified": "2024-01-26T13:51:45.267", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:04:35.980", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1333" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -50,18 +80,77 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "12.7.0", + "versionEndExcluding": "16.6.6", + "matchCriteriaId": "A5EBA0AA-A2D8-4F32-B39B-E076027A3F55" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "12.7.0", + "versionEndExcluding": "16.6.6", + "matchCriteriaId": "8ACBAE3E-564F-442F-817E-6284FE60F357" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "16.7.0", + "versionEndExcluding": "16.7.4", + "matchCriteriaId": "0F871342-EDE9-49F2-8081-04651A16CD6E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "16.7.0", + "versionEndExcluding": "16.7.4", + "matchCriteriaId": "9A9ED476-FBE7-4022-AE16-18386E73AA59" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.8.0:*:*:*:community:*:*:*", + "matchCriteriaId": "246D6584-64A7-44AC-A279-ECA58E5ED1FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.8.0:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "E591D495-7397-4DA2-A643-477B2E35A915" + } + ] + } + ] + } + ], "references": [ { "url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/431924", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://hackerone.com/reports/2251278", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-62xx/CVE-2023-6282.json b/CVE-2023/CVE-2023-62xx/CVE-2023-6282.json index cd210d2d688..2e57477fb2f 100644 --- a/CVE-2023/CVE-2023-62xx/CVE-2023-6282.json +++ b/CVE-2023/CVE-2023-62xx/CVE-2023-6282.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6282", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-01-25T12:15:45.917", - "lastModified": "2024-01-25T13:38:33.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T19:11:25.767", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "cve-coordination@incibe.es", "type": "Secondary", @@ -40,7 +60,7 @@ }, "weaknesses": [ { - "source": "cve-coordination@incibe.es", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -48,12 +68,42 @@ "value": "CWE-79" } ] + }, + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:icehrm:icehrm:23.0.0.os:*:*:*:*:*:*:*", + "matchCriteriaId": "25791C63-BC8C-477C-828D-7AFA2DFD93AF" + } + ] + } + ] } ], "references": [ { "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-vulnerability-icehrm", - "source": "cve-coordination@incibe.es" + "source": "cve-coordination@incibe.es", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-72xx/CVE-2023-7237.json b/CVE-2023/CVE-2023-72xx/CVE-2023-7237.json index e0d08495db7..0ec3d77fea7 100644 --- a/CVE-2023/CVE-2023-72xx/CVE-2023-7237.json +++ b/CVE-2023/CVE-2023-72xx/CVE-2023-7237.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7237", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2024-01-23T22:15:16.587", - "lastModified": "2024-01-24T13:49:03.187", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:37:01.760", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "ics-cert@hq.dhs.gov", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-326" + } + ] + }, { "source": "ics-cert@hq.dhs.gov", "type": "Secondary", @@ -50,14 +80,50 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lantronix:xport_edge_firmware:2.0.0.13:*:*:*:*:*:*:*", + "matchCriteriaId": "1AFB61CC-16A0-4476-B449-1C89CE65DEEC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lantronix:xport_edge:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9CBD6E79-A280-4AF1-9AE5-17E5F3F7D589" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-05", - "source": "ics-cert@hq.dhs.gov" + "source": "ics-cert@hq.dhs.gov", + "tags": [ + "Third Party Advisory", + "US Government Resource" + ] }, { "url": "https://www.lantronix.com/products/xport-edge/", - "source": "ics-cert@hq.dhs.gov" + "source": "ics-cert@hq.dhs.gov", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-02xx/CVE-2024-0219.json b/CVE-2024/CVE-2024-02xx/CVE-2024-0219.json index 5e38392ddde..cb92b60519a 100644 --- a/CVE-2024/CVE-2024-02xx/CVE-2024-0219.json +++ b/CVE-2024/CVE-2024-02xx/CVE-2024-0219.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0219", "sourceIdentifier": "security@progress.com", "published": "2024-01-31T16:15:45.290", - "lastModified": "2024-01-31T17:15:29.633", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:51.757", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-04xx/CVE-2024-0456.json b/CVE-2024/CVE-2024-04xx/CVE-2024-0456.json index 795da5f8534..83d9ad4ed5a 100644 --- a/CVE-2024/CVE-2024-04xx/CVE-2024-0456.json +++ b/CVE-2024/CVE-2024-04xx/CVE-2024-0456.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0456", "sourceIdentifier": "cve@gitlab.com", "published": "2024-01-26T01:15:09.110", - "lastModified": "2024-01-26T13:51:45.267", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:12:00.077", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -50,14 +80,70 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "14.0.0", + "versionEndExcluding": "16.6.6", + "matchCriteriaId": "0E703ECB-5DF7-42ED-9137-E2C9706FF40F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "14.0.0", + "versionEndExcluding": "16.6.6", + "matchCriteriaId": "8A35C143-4E0C-404A-B878-E49557E08698" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "16.7.0", + "versionEndExcluding": "16.7.4", + "matchCriteriaId": "0F871342-EDE9-49F2-8081-04651A16CD6E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "16.7.0", + "versionEndExcluding": "16.7.4", + "matchCriteriaId": "9A9ED476-FBE7-4022-AE16-18386E73AA59" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.8.0:*:*:*:community:*:*:*", + "matchCriteriaId": "246D6584-64A7-44AC-A279-ECA58E5ED1FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.8.0:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "E591D495-7397-4DA2-A643-477B2E35A915" + } + ] + } + ] + } + ], "references": [ { "url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/430726", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0624.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0624.json index 0443a731229..9b7b5bb7646 100644 --- a/CVE-2024/CVE-2024-06xx/CVE-2024-0624.json +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0624.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0624", "sourceIdentifier": "security@wordfence.com", "published": "2024-01-25T02:15:53.243", - "lastModified": "2024-01-25T13:38:33.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T19:03:53.193", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -38,18 +58,57 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:strangerstudios:paid_memberships_pro:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.12.7", + "matchCriteriaId": "866394BC-8BCA-4D6E-97BC-CF430518C975" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/paid-memberships-pro/trunk/includes/services.php#L139", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3025164/paid-memberships-pro/tags/2.12.8/includes/services.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae68d083-b6e2-409b-8c91-d4eb7e62dba9?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0688.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0688.json index 73e64f6bd4e..d532ded4eab 100644 --- a/CVE-2024/CVE-2024-06xx/CVE-2024-0688.json +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0688.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0688", "sourceIdentifier": "security@wordfence.com", "published": "2024-01-25T02:15:53.417", - "lastModified": "2024-01-25T13:38:33.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T19:13:36.847", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -38,14 +58,50 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pubsubhubbub:websub:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.2.0", + "matchCriteriaId": "383C2C8B-1B28-482D-93BC-BCDA1A7D09C6" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3024228%40pubsubhubbub&new=3024228%40pubsubhubbub&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f07b166b-3436-4797-a2df-096ff7c27a09?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0693.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0693.json index db4f1b96d53..bd9b4ff9760 100644 --- a/CVE-2024/CVE-2024-06xx/CVE-2024-0693.json +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0693.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0693", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-18T23:15:08.493", - "lastModified": "2024-01-19T01:51:14.027", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:20:32.517", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability classified as problematic was found in EFS Easy File Sharing FTP 2.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251479. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en EFS Easy File Sharing FTP 2.0 y clasificada como problem\u00e1tica. Una funcionalidad desconocida es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento nombre de usuario conlleva una denegaci\u00f3n de servicio. El ataque se puede lanzar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-251479. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,26 +95,64 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:easy_file_sharing_ftp_server_project:easy_file_sharing_ftp_server:2.0:*:*:*:*:*:*:*", + "matchCriteriaId": "B88D8618-9716-4809-973C-174F39D0FCFC" + } + ] + } + ] + } + ], "references": [ { "url": "https://0day.today/exploit/description/39218", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://packetstormsecurity.com/files/176377/Easy-File-Sharing-FTP-Server-2.0-Denial-Of-Service.html", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?ctiid.251479", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.251479", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://www.youtube.com/watch?v=Rcl6VWg_bPY", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0695.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0695.json index 9c34ac21f56..ad67f42b72a 100644 --- a/CVE-2024/CVE-2024-06xx/CVE-2024-0695.json +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0695.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0695", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-18T23:15:08.720", - "lastModified": "2024-01-19T01:51:14.027", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:20:20.147", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as problematic, has been found in EFS Easy Chat Server 3.1. Affected by this issue is some unknown functionality of the component HTTP GET Request Handler. The manipulation of the argument USERNAME leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251480. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en EFS Easy Chat Server 3.1 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del componente HTTP GET Request Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento USERNAME conduce a la denegaci\u00f3n de servicio. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-251480. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,26 +95,63 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:easy_chat_server_project:easy_chat_server:3.1:*:*:*:*:*:*:*", + "matchCriteriaId": "CA8A1B0D-1E87-44C2-958E-742264C49145" + } + ] + } + ] + } + ], "references": [ { "url": "https://packetstormsecurity.com/files/176381/Easy-Chat-Server-3.1-Denial-Of-Service.html", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?ctiid.251480", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.251480", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.exploitalert.com/view-details.html?id=40072", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.youtube.com/watch?v=nGyS2Rp5aEo", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0736.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0736.json index aac09a9da3b..ef0765a0e3e 100644 --- a/CVE-2024/CVE-2024-07xx/CVE-2024-0736.json +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0736.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0736", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-19T21:15:09.370", - "lastModified": "2024-01-19T22:52:48.170", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:19:04.667", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability classified as problematic has been found in EFS Easy File Sharing FTP 3.6. This affects an unknown part of the component Login. The manipulation of the argument password leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251559." + }, + { + "lang": "es", + "value": "Una vulnerabilidad ha sido encontrada en EFS Easy File Sharing FTP 3.6 y clasificada como problem\u00e1tica. Una parte desconocida del componente afecta a Login. La manipulaci\u00f3n del argumento contrase\u00f1a conlleva la denegaci\u00f3n de servicio. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-251559." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:easy_file_sharing_ftp_server_project:easy_file_sharing_ftp_server:3.6:*:*:*:*:*:*:*", + "matchCriteriaId": "85BE591D-1381-48CA-A429-1EDB0B061946" + } + ] + } + ] + } + ], "references": [ { "url": "https://0day.today/exploit/39249", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.251559", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.251559", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-08xx/CVE-2024-0822.json b/CVE-2024/CVE-2024-08xx/CVE-2024-0822.json index ade64a5141f..844bdc95931 100644 --- a/CVE-2024/CVE-2024-08xx/CVE-2024-0822.json +++ b/CVE-2024/CVE-2024-08xx/CVE-2024-0822.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0822", "sourceIdentifier": "secalert@redhat.com", "published": "2024-01-25T16:15:08.743", - "lastModified": "2024-01-25T19:28:53.800", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T19:06:11.587", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An authentication bypass vulnerability was found in overt-engine. This flaw allows the creation of users in the system without authentication due to a flaw in the CreateUserSession command." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en overt-engine. Este fallo permite la creaci\u00f3n de usuarios en el sistema sin autenticaci\u00f3n debido a un fallo en el comando CreateUserSession." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -46,14 +80,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ovirt:ovirt-engine:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DF146A38-CD7E-4A6D-9343-EB0ACA61D5EC" + } + ] + } + ] + } + ], "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2024-0822", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258509", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-08xx/CVE-2024-0832.json b/CVE-2024/CVE-2024-08xx/CVE-2024-0832.json index 09703c3f15a..1eb46f02cec 100644 --- a/CVE-2024/CVE-2024-08xx/CVE-2024-0832.json +++ b/CVE-2024/CVE-2024-08xx/CVE-2024-0832.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0832", "sourceIdentifier": "security@progress.com", "published": "2024-01-31T16:15:46.287", - "lastModified": "2024-01-31T17:15:31.790", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:51.757", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-08xx/CVE-2024-0833.json b/CVE-2024/CVE-2024-08xx/CVE-2024-0833.json index ba1a26b444c..4bc9b66234c 100644 --- a/CVE-2024/CVE-2024-08xx/CVE-2024-0833.json +++ b/CVE-2024/CVE-2024-08xx/CVE-2024-0833.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0833", "sourceIdentifier": "security@progress.com", "published": "2024-01-31T16:15:46.600", - "lastModified": "2024-01-31T17:15:32.147", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:51.757", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-08xx/CVE-2024-0879.json b/CVE-2024/CVE-2024-08xx/CVE-2024-0879.json index 8af63726f68..c71d42e4a8c 100644 --- a/CVE-2024/CVE-2024-08xx/CVE-2024-0879.json +++ b/CVE-2024/CVE-2024-08xx/CVE-2024-0879.json @@ -2,16 +2,40 @@ "id": "CVE-2024-0879", "sourceIdentifier": "reefs@jfrog.com", "published": "2024-01-25T15:15:07.713", - "lastModified": "2024-01-25T19:28:53.800", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T19:16:07.630", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\nAuthentication bypass in vector-admin allows a user to register to a vector-admin server while \u201cdomain restriction\u201d is active, even when not owning an authorized email address.\n\n\n" + }, + { + "lang": "es", + "value": "La omisi\u00f3n de autenticaci\u00f3n en vector-admin permite a un usuario registrarse en un servidor de vector-admin mientras \"domain restriction\" est\u00e1 activo, incluso cuando no posee una direcci\u00f3n de correo electr\u00f3nico autorizada." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "reefs@jfrog.com", "type": "Secondary", @@ -46,14 +70,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mintplexlabs:vector_admin:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2024-01-23", + "matchCriteriaId": "C0A6EE71-4327-47A1-8965-D1B1644D583D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Mintplex-Labs/vector-admin/pull/128/commits/a581b8177dd6be719a5ef6d3ce4b1e939636bb41", - "source": "reefs@jfrog.com" + "source": "reefs@jfrog.com", + "tags": [ + "Patch" + ] }, { "url": "https://research.jfrog.com/vulnerabilities/vector-admin-filter-bypass/", - "source": "reefs@jfrog.com" + "source": "reefs@jfrog.com", + "tags": [ + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-11xx/CVE-2024-1103.json b/CVE-2024/CVE-2024-11xx/CVE-2024-1103.json index b1a4763685f..2f929561405 100644 --- a/CVE-2024/CVE-2024-11xx/CVE-2024-1103.json +++ b/CVE-2024/CVE-2024-11xx/CVE-2024-1103.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1103", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-31T15:15:10.863", - "lastModified": "2024-01-31T15:15:10.863", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:51.757", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-11xx/CVE-2024-1111.json b/CVE-2024/CVE-2024-11xx/CVE-2024-1111.json new file mode 100644 index 00000000000..6a07393e410 --- /dev/null +++ b/CVE-2024/CVE-2024-11xx/CVE-2024-1111.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2024-1111", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-01-31T19:15:08.187", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched remotely. VDB-252470 is the identifier assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 5.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.252470", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.252470", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-11xx/CVE-2024-1113.json b/CVE-2024/CVE-2024-11xx/CVE-2024-1113.json new file mode 100644 index 00000000000..bc291feb561 --- /dev/null +++ b/CVE-2024/CVE-2024-11xx/CVE-2024-1113.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-1113", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-01-31T20:15:45.140", + "lastModified": "2024-01-31T20:15:45.140", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects the function uploadUnity of the file /application/index/controller/Unity.php. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252471." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://note.zhaoj.in/share/hPSx8li8LFfJ", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.252471", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.252471", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-11xx/CVE-2024-1114.json b/CVE-2024/CVE-2024-11xx/CVE-2024-1114.json new file mode 100644 index 00000000000..50858e673a3 --- /dev/null +++ b/CVE-2024/CVE-2024-11xx/CVE-2024-1114.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-1114", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-01-31T20:15:45.367", + "lastModified": "2024-01-31T20:15:45.367", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability affects the function dlfile of the file /application/index/controller/Screen.php. The manipulation of the argument fileUrl leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252472." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.4 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 4.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://note.zhaoj.in/share/9wv48TygKRxo", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.252472", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.252472", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-11xx/CVE-2024-1115.json b/CVE-2024/CVE-2024-11xx/CVE-2024-1115.json new file mode 100644 index 00000000000..a8176884be6 --- /dev/null +++ b/CVE-2024/CVE-2024-11xx/CVE-2024-1115.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-1115", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-01-31T20:15:45.590", + "lastModified": "2024-01-31T20:15:45.590", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function dlfile of the file /application/websocket/controller/Setting.php. The manipulation of the argument phpPath leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252473 was assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://note.zhaoj.in/share/81JmiyogcYL7", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.252473", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.252473", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-11xx/CVE-2024-1116.json b/CVE-2024/CVE-2024-11xx/CVE-2024-1116.json new file mode 100644 index 00000000000..448aaadbe37 --- /dev/null +++ b/CVE-2024/CVE-2024-11xx/CVE-2024-1116.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-1116", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-01-31T20:15:45.807", + "lastModified": "2024-01-31T20:15:45.807", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in openBI up to 1.0.8. It has been classified as critical. Affected is the function index of the file /application/plugins/controller/Upload.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-252474 is the identifier assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://note.zhaoj.in/share/uCElTQRGWVyw", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.252474", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.252474", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-213xx/CVE-2024-21326.json b/CVE-2024/CVE-2024-213xx/CVE-2024-21326.json index 51ec2ca537f..33e4844d922 100644 --- a/CVE-2024/CVE-2024-213xx/CVE-2024-21326.json +++ b/CVE-2024/CVE-2024-213xx/CVE-2024-21326.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21326", "sourceIdentifier": "secure@microsoft.com", "published": "2024-01-26T01:15:10.010", - "lastModified": "2024-01-26T13:51:45.267", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:10:24.203", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -38,10 +38,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*", + "versionEndExcluding": "121.0.2277.83", + "matchCriteriaId": "00804700-C068-4562-9F64-4D348E1B76F5" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21326", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-213xx/CVE-2024-21382.json b/CVE-2024/CVE-2024-213xx/CVE-2024-21382.json index dae51b4069e..54f400d8f6d 100644 --- a/CVE-2024/CVE-2024-213xx/CVE-2024-21382.json +++ b/CVE-2024/CVE-2024-213xx/CVE-2024-21382.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21382", "sourceIdentifier": "secure@microsoft.com", "published": "2024-01-26T01:15:10.187", - "lastModified": "2024-01-26T13:51:45.267", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:10:16.277", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -38,10 +38,56 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*", + "versionEndExcluding": "121.0.2277.83", + "matchCriteriaId": "00804700-C068-4562-9F64-4D348E1B76F5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21382", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-213xx/CVE-2024-21383.json b/CVE-2024/CVE-2024-213xx/CVE-2024-21383.json index 42c064a4e71..e922a34fd10 100644 --- a/CVE-2024/CVE-2024-213xx/CVE-2024-21383.json +++ b/CVE-2024/CVE-2024-213xx/CVE-2024-21383.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21383", "sourceIdentifier": "secure@microsoft.com", "published": "2024-01-26T01:15:10.367", - "lastModified": "2024-01-26T13:51:45.267", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:09:22.623", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -38,10 +38,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*", + "versionEndExcluding": "121.0.2277.83", + "matchCriteriaId": "00804700-C068-4562-9F64-4D348E1B76F5" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21383", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-213xx/CVE-2024-21385.json b/CVE-2024/CVE-2024-213xx/CVE-2024-21385.json index e3c128eea0f..53be7816370 100644 --- a/CVE-2024/CVE-2024-213xx/CVE-2024-21385.json +++ b/CVE-2024/CVE-2024-213xx/CVE-2024-21385.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21385", "sourceIdentifier": "secure@microsoft.com", "published": "2024-01-26T01:15:10.540", - "lastModified": "2024-01-26T13:51:45.267", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:09:14.593", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -38,10 +38,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*", + "versionEndExcluding": "121.0.2277.83", + "matchCriteriaId": "00804700-C068-4562-9F64-4D348E1B76F5" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21385", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-213xx/CVE-2024-21387.json b/CVE-2024/CVE-2024-213xx/CVE-2024-21387.json index 229222b0648..7454dfad4cc 100644 --- a/CVE-2024/CVE-2024-213xx/CVE-2024-21387.json +++ b/CVE-2024/CVE-2024-213xx/CVE-2024-21387.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21387", "sourceIdentifier": "secure@microsoft.com", "published": "2024-01-26T01:15:10.703", - "lastModified": "2024-01-26T13:51:45.267", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:08:28.943", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -38,10 +38,50 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:extended_stable:*:*:*", + "versionEndExcluding": "120.0.2210.160", + "matchCriteriaId": "8B0EDE1A-E7E7-4FB0-AAD6-561849ED8DF6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*", + "versionEndExcluding": "121.0.2277.83", + "matchCriteriaId": "00804700-C068-4562-9F64-4D348E1B76F5" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21387", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-218xx/CVE-2024-21888.json b/CVE-2024/CVE-2024-218xx/CVE-2024-21888.json index dd2dfae3eee..b7734bf37a7 100644 --- a/CVE-2024/CVE-2024-218xx/CVE-2024-21888.json +++ b/CVE-2024/CVE-2024-218xx/CVE-2024-21888.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21888", "sourceIdentifier": "support@hackerone.com", "published": "2024-01-31T18:15:47.260", - "lastModified": "2024-01-31T18:23:48.133", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-01-31T19:53:06.303", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "support@hackerone.com", @@ -34,10 +56,567 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:*", + "matchCriteriaId": "3818B543-3415-4E27-8DAD-6BA9D3D9A1A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:*", + "matchCriteriaId": "D47D09A8-4AC4-4CD9-B648-5F26453E2E1D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:*", + "matchCriteriaId": "59331DC5-FF5F-4BB3-905E-5A4A621F86ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:*", + "matchCriteriaId": "6A708C3F-9050-4475-95B3-4785D3E2CB69" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:*", + "matchCriteriaId": "52851AAA-88FB-40BC-B41A-B821F6BA9F79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:*", + "matchCriteriaId": "F05DC11E-7C41-450B-A2BF-603E9252BB40" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:*", + "matchCriteriaId": "5DA976D9-A330-475E-B8C0-09EF3E08F18D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.3:*:*:*:*:*:*", + "matchCriteriaId": "59F4A6F7-A6D4-4517-A316-7C7C002A9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.5:*:*:*:*:*:*", + "matchCriteriaId": "702094B0-2E5C-4A16-A8B0-F0EAF78E4ECB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r4:*:*:*:*:*:*", + "matchCriteriaId": "A369AE09-17E4-4541-A8E1-A2F4A1398EE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r4.1:*:*:*:*:*:*", + "matchCriteriaId": "24EF2F1A-8140-4FDB-8AF4-309AFAF998E1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r5.0:*:*:*:*:*:*", + "matchCriteriaId": "4755BC2C-A96E-47AF-9D7C-E8D44B31F10B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r6.0:*:*:*:*:*:*", + "matchCriteriaId": "BF6E8A0C-192B-4F51-86AA-FC2B85657632" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*", + "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*", + "matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*", + "matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*", + "matchCriteriaId": "366EF5B8-0233-49B8-806A-E54F60410ADE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*", + "matchCriteriaId": "6F2A7F5C-1D78-4D19-B8ED-5822FDF5DA63" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*", + "matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*", + "matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*", + "matchCriteriaId": "BBC724E8-195B-4CB4-AC2A-63E184AED4F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*", + "matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*", + "matchCriteriaId": "3027A9CE-849E-4CAE-A1C4-170DEAF4FE86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*", + "matchCriteriaId": "C132BA26-BCA0-43E6-9511-34ACFFA136A9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*", + "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*", + "matchCriteriaId": "D7DBCD6B-B7AA-4AB0-852F-563A2EC85DB4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*", + "matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*", + "matchCriteriaId": "BC391EB5-C457-459C-8EAA-EA0043487C0B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*", + "matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*", + "matchCriteriaId": "E238AB9F-99C1-4F0D-B442-D390065D35D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*", + "matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:*", + "matchCriteriaId": "080CD832-3324-4158-A4CD-3A2E49B7BC74" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:*", + "matchCriteriaId": "DB2B8165-E9D4-4549-B16E-A62810BDAF8D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*", + "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*", + "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*", + "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*", + "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*", + "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*", + "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*", + "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*", + "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*", + "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*", + "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*", + "matchCriteriaId": "BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*", + "matchCriteriaId": "DFE8FA87-9622-4D5B-99C7-D8EE230C0AA9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*", + "matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*", + "matchCriteriaId": "B2C10C89-1DBC-4E91-BD28-D5097B589CA9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*", + "matchCriteriaId": "BD52B87C-4BED-44AE-A959-A316DAF895EC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*", + "matchCriteriaId": "8CA29F12-36DE-4FBF-9EE7-7CE4B75AFA61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*", + "matchCriteriaId": "80C56782-273A-4151-BE81-13FEEFE46A6A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*", + "matchCriteriaId": "6564FE9E-7D96-4226-8378-DAC25525CDD1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*", + "matchCriteriaId": "361FAA47-52FF-4B36-96B0-9C178A4E031B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*", + "matchCriteriaId": "BCBF6DD0-2826-4E61-8FB6-DB489EBF8981" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*", + "matchCriteriaId": "415219D0-2D9A-4617-ABB7-6FF918421BEE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*", + "matchCriteriaId": "E9F55E7B-7B38-4AEC-A015-D8CB9DE5E72C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:*", + "matchCriteriaId": "D3DF17AC-EC26-4B76-8989-B7880C9EF73E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*", + "matchCriteriaId": "6C383863-1E90-4B72-A500-4326782BC92F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:*", + "matchCriteriaId": "AB9A5868-34FB-446E-817F-6701CC5DE923" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:*", + "matchCriteriaId": "5456F61D-1FD1-4DA6-AFA3-4073889AD22A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r2.1:*:*:*:*:*:*", + "matchCriteriaId": "EA574551-14BF-45E1-AC2A-2FB5B265640E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*", + "matchCriteriaId": "AFE8DB4A-9891-4647-82E2-EB5D377CAD25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*", + "matchCriteriaId": "26B25B34-7BD0-471B-A396-45CE5420E963" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*", + "matchCriteriaId": "AA514C05-2834-4C7B-B022-02B41C9AAD6A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*", + "matchCriteriaId": "0929C645-DACB-4341-9032-7C79FFC8BCF0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*", + "matchCriteriaId": "0D36CB5A-8389-4F2F-882A-4E8F30028799" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*", + "matchCriteriaId": "517DA74B-9D69-45E1-A707-A08A305A507C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:*", + "matchCriteriaId": "F72C00C7-017C-4C25-99B0-D7D42D969E92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*", + "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*", + "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*", + "matchCriteriaId": "BF767F07-2E9F-4099-829D-2F70E85D8A35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*", + "matchCriteriaId": "B994E22B-8FA5-4510-82F6-7820BDA7C307" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*", + "matchCriteriaId": "FE5C4ABC-2BEB-4741-95B3-303903369818" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*", + "matchCriteriaId": "D50C5526-F791-4C76-B5C0-DA2E1281C9E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:*", + "matchCriteriaId": "2CB8240E-7683-4C39-9654-4F8D1F682288" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*", + "matchCriteriaId": "7A53C031-E7A5-47B6-BA4A-DD28432E743F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*", + "matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*", + "matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*", + "matchCriteriaId": "D10A3F2D-6A62-4A48-93FB-274527C821D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*", + "matchCriteriaId": "811C7E7E-89AB-47DF-BACD-ED478DF756BC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18.1:*:*:*:*:*:*", + "matchCriteriaId": "98FC67F0-3EEF-4C69-BB94-A15B1FE4D8F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18.2:*:*:*:*:*:*", + "matchCriteriaId": "77AA3823-7B01-423E-BE8E-797AEB567B8F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*", + "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*", + "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*", + "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*", + "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*", + "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*", + "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:*", + "matchCriteriaId": "26AEB02E-D2D0-4D7A-BB00-9E5112696B17" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*", + "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*", + "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*", + "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*", + "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*", + "matchCriteriaId": "CCE2E1C0-680F-4EFF-ACE6-A1DAFA209D24" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:*", + "matchCriteriaId": "7ED1686B-2D80-4ECF-9F7A-AEA989E17C84" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*", + "matchCriteriaId": "092DA2A3-5CEF-433F-8E5B-4850E4095CC4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*", + "matchCriteriaId": "A385F38B-0B03-4B69-B7A1-952F5BAE727C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:*", + "matchCriteriaId": "925DCCBA-9382-4A39-84B8-4DEAFD2BC802" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*", + "matchCriteriaId": "34C118FB-7AE0-466C-822A-348A2F6016AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:*", + "matchCriteriaId": "1536DB45-9A42-4549-A10E-FDBB6693DF17" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*", + "matchCriteriaId": "51FF66C9-9415-4EAD-8F19-D5E067336885" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:*", + "matchCriteriaId": "8BBC1E81-0A2A-4166-BFA6-2B866B4F8AE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*", + "matchCriteriaId": "D73729EB-C679-4CED-9F36-212B0581EC22" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:*", + "matchCriteriaId": "14B481E8-D887-408F-B892-D2939CD037AB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:*", + "matchCriteriaId": "3EB8380F-D229-4AF0-B27C-47760F843E48" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*", + "matchCriteriaId": "CB4B1ED6-38AD-44F8-9B77-2D6924E8A20E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*", + "matchCriteriaId": "56C7542D-3520-4E4D-936C-5295068C4CD7" + } + ] + } + ] + } + ], "references": [ { "url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US", - "source": "support@hackerone.com" + "source": "support@hackerone.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-218xx/CVE-2024-21893.json b/CVE-2024/CVE-2024-218xx/CVE-2024-21893.json index 276e869932d..90b9ebb4a68 100644 --- a/CVE-2024/CVE-2024-218xx/CVE-2024-21893.json +++ b/CVE-2024/CVE-2024-218xx/CVE-2024-21893.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21893", "sourceIdentifier": "support@hackerone.com", "published": "2024-01-31T18:15:47.437", - "lastModified": "2024-01-31T18:23:50.397", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-01-31T19:54:04.487", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.2 + } + ], "cvssMetricV30": [ { "source": "support@hackerone.com", @@ -34,10 +56,572 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:*", + "matchCriteriaId": "3818B543-3415-4E27-8DAD-6BA9D3D9A1A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:*", + "matchCriteriaId": "D47D09A8-4AC4-4CD9-B648-5F26453E2E1D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:*", + "matchCriteriaId": "59331DC5-FF5F-4BB3-905E-5A4A621F86ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:*", + "matchCriteriaId": "6A708C3F-9050-4475-95B3-4785D3E2CB69" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:*", + "matchCriteriaId": "52851AAA-88FB-40BC-B41A-B821F6BA9F79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:*", + "matchCriteriaId": "F05DC11E-7C41-450B-A2BF-603E9252BB40" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:*", + "matchCriteriaId": "5DA976D9-A330-475E-B8C0-09EF3E08F18D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.3:*:*:*:*:*:*", + "matchCriteriaId": "59F4A6F7-A6D4-4517-A316-7C7C002A9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.5:*:*:*:*:*:*", + "matchCriteriaId": "702094B0-2E5C-4A16-A8B0-F0EAF78E4ECB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r4:*:*:*:*:*:*", + "matchCriteriaId": "A369AE09-17E4-4541-A8E1-A2F4A1398EE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r4.1:*:*:*:*:*:*", + "matchCriteriaId": "24EF2F1A-8140-4FDB-8AF4-309AFAF998E1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r5.0:*:*:*:*:*:*", + "matchCriteriaId": "4755BC2C-A96E-47AF-9D7C-E8D44B31F10B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r6.0:*:*:*:*:*:*", + "matchCriteriaId": "BF6E8A0C-192B-4F51-86AA-FC2B85657632" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*", + "matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*", + "matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*", + "matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*", + "matchCriteriaId": "366EF5B8-0233-49B8-806A-E54F60410ADE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*", + "matchCriteriaId": "6F2A7F5C-1D78-4D19-B8ED-5822FDF5DA63" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*", + "matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*", + "matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*", + "matchCriteriaId": "BBC724E8-195B-4CB4-AC2A-63E184AED4F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*", + "matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*", + "matchCriteriaId": "3027A9CE-849E-4CAE-A1C4-170DEAF4FE86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*", + "matchCriteriaId": "C132BA26-BCA0-43E6-9511-34ACFFA136A9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*", + "matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*", + "matchCriteriaId": "D7DBCD6B-B7AA-4AB0-852F-563A2EC85DB4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*", + "matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*", + "matchCriteriaId": "BC391EB5-C457-459C-8EAA-EA0043487C0B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*", + "matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*", + "matchCriteriaId": "E238AB9F-99C1-4F0D-B442-D390065D35D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*", + "matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:*", + "matchCriteriaId": "080CD832-3324-4158-A4CD-3A2E49B7BC74" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:*", + "matchCriteriaId": "DB2B8165-E9D4-4549-B16E-A62810BDAF8D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*", + "matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*", + "matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*", + "matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*", + "matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*", + "matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*", + "matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*", + "matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*", + "matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*", + "matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*", + "matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*", + "matchCriteriaId": "BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*", + "matchCriteriaId": "DFE8FA87-9622-4D5B-99C7-D8EE230C0AA9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*", + "matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*", + "matchCriteriaId": "B2C10C89-1DBC-4E91-BD28-D5097B589CA9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*", + "matchCriteriaId": "BD52B87C-4BED-44AE-A959-A316DAF895EC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*", + "matchCriteriaId": "8CA29F12-36DE-4FBF-9EE7-7CE4B75AFA61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*", + "matchCriteriaId": "80C56782-273A-4151-BE81-13FEEFE46A6A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*", + "matchCriteriaId": "6564FE9E-7D96-4226-8378-DAC25525CDD1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*", + "matchCriteriaId": "361FAA47-52FF-4B36-96B0-9C178A4E031B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*", + "matchCriteriaId": "BCBF6DD0-2826-4E61-8FB6-DB489EBF8981" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*", + "matchCriteriaId": "415219D0-2D9A-4617-ABB7-6FF918421BEE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*", + "matchCriteriaId": "E9F55E7B-7B38-4AEC-A015-D8CB9DE5E72C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:*", + "matchCriteriaId": "D3DF17AC-EC26-4B76-8989-B7880C9EF73E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*", + "matchCriteriaId": "6C383863-1E90-4B72-A500-4326782BC92F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:*", + "matchCriteriaId": "AB9A5868-34FB-446E-817F-6701CC5DE923" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:*", + "matchCriteriaId": "5456F61D-1FD1-4DA6-AFA3-4073889AD22A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:connect_secure:22.6:r2.1:*:*:*:*:*:*", + "matchCriteriaId": "EA574551-14BF-45E1-AC2A-2FB5B265640E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:neurons_for_zero-trust_access:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0E4387B4-BC5C-41DE-92DA-84866A649AD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*", + "matchCriteriaId": "AFE8DB4A-9891-4647-82E2-EB5D377CAD25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*", + "matchCriteriaId": "26B25B34-7BD0-471B-A396-45CE5420E963" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*", + "matchCriteriaId": "AA514C05-2834-4C7B-B022-02B41C9AAD6A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*", + "matchCriteriaId": "0929C645-DACB-4341-9032-7C79FFC8BCF0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*", + "matchCriteriaId": "0D36CB5A-8389-4F2F-882A-4E8F30028799" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*", + "matchCriteriaId": "517DA74B-9D69-45E1-A707-A08A305A507C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:*", + "matchCriteriaId": "F72C00C7-017C-4C25-99B0-D7D42D969E92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*", + "matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*", + "matchCriteriaId": "A07B66E0-A679-4912-8CB1-CD134713EDC7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*", + "matchCriteriaId": "BF767F07-2E9F-4099-829D-2F70E85D8A35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*", + "matchCriteriaId": "B994E22B-8FA5-4510-82F6-7820BDA7C307" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*", + "matchCriteriaId": "FE5C4ABC-2BEB-4741-95B3-303903369818" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*", + "matchCriteriaId": "D50C5526-F791-4C76-B5C0-DA2E1281C9E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:*", + "matchCriteriaId": "2CB8240E-7683-4C39-9654-4F8D1F682288" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*", + "matchCriteriaId": "7A53C031-E7A5-47B6-BA4A-DD28432E743F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*", + "matchCriteriaId": "4BEE355B-1C2D-4BEB-8922-EAEAA5A1FAE8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*", + "matchCriteriaId": "B90687F3-A5C1-4706-AD66-D78EE512E4C9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*", + "matchCriteriaId": "D10A3F2D-6A62-4A48-93FB-274527C821D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*", + "matchCriteriaId": "811C7E7E-89AB-47DF-BACD-ED478DF756BC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18.1:*:*:*:*:*:*", + "matchCriteriaId": "98FC67F0-3EEF-4C69-BB94-A15B1FE4D8F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r18.2:*:*:*:*:*:*", + "matchCriteriaId": "77AA3823-7B01-423E-BE8E-797AEB567B8F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*", + "matchCriteriaId": "6D37A6E4-D58E-444D-AF6A-15461F38E81A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*", + "matchCriteriaId": "FC2B9DA0-E32B-4125-9986-F0D3814C66E9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*", + "matchCriteriaId": "38A0D7CF-7D55-4933-AE8C-36006D6779E1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*", + "matchCriteriaId": "C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*", + "matchCriteriaId": "BAFDA618-D15D-401D-AC68-0020259FEC57" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*", + "matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:*", + "matchCriteriaId": "26AEB02E-D2D0-4D7A-BB00-9E5112696B17" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*", + "matchCriteriaId": "6BE937D2-8BEE-4E64-8738-F550EAD00F50" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*", + "matchCriteriaId": "9C753520-1BC6-4980-AFC9-4C2FDDF2FD18" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*", + "matchCriteriaId": "AC3863BC-3B9A-402B-A74A-149CDF717EC6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*", + "matchCriteriaId": "E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*", + "matchCriteriaId": "CCE2E1C0-680F-4EFF-ACE6-A1DAFA209D24" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:*", + "matchCriteriaId": "7ED1686B-2D80-4ECF-9F7A-AEA989E17C84" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*", + "matchCriteriaId": "092DA2A3-5CEF-433F-8E5B-4850E4095CC4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*", + "matchCriteriaId": "A385F38B-0B03-4B69-B7A1-952F5BAE727C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:*", + "matchCriteriaId": "925DCCBA-9382-4A39-84B8-4DEAFD2BC802" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*", + "matchCriteriaId": "34C118FB-7AE0-466C-822A-348A2F6016AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:*", + "matchCriteriaId": "1536DB45-9A42-4549-A10E-FDBB6693DF17" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*", + "matchCriteriaId": "51FF66C9-9415-4EAD-8F19-D5E067336885" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:*", + "matchCriteriaId": "8BBC1E81-0A2A-4166-BFA6-2B866B4F8AE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*", + "matchCriteriaId": "D73729EB-C679-4CED-9F36-212B0581EC22" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:*", + "matchCriteriaId": "14B481E8-D887-408F-B892-D2939CD037AB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:*", + "matchCriteriaId": "3EB8380F-D229-4AF0-B27C-47760F843E48" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*", + "matchCriteriaId": "CB4B1ED6-38AD-44F8-9B77-2D6924E8A20E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*", + "matchCriteriaId": "56C7542D-3520-4E4D-936C-5295068C4CD7" + } + ] + } + ] + } + ], "references": [ { "url": "https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US", - "source": "support@hackerone.com" + "source": "support@hackerone.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-219xx/CVE-2024-21916.json b/CVE-2024/CVE-2024-219xx/CVE-2024-21916.json new file mode 100644 index 00000000000..759334516af --- /dev/null +++ b/CVE-2024/CVE-2024-219xx/CVE-2024-21916.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-21916", + "sourceIdentifier": "PSIRT@rockwellautomation.com", + "published": "2024-01-31T19:15:08.427", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nA denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault (MNRF). The device will restart itself to recover from the MNRF." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "PSIRT@rockwellautomation.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 8.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "PSIRT@rockwellautomation.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + } + ] + } + ], + "references": [ + { + "url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1661.html", + "source": "PSIRT@rockwellautomation.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-219xx/CVE-2024-21917.json b/CVE-2024/CVE-2024-219xx/CVE-2024-21917.json new file mode 100644 index 00000000000..106e7e1174a --- /dev/null +++ b/CVE-2024/CVE-2024-219xx/CVE-2024-21917.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-21917", + "sourceIdentifier": "PSIRT@rockwellautomation.com", + "published": "2024-01-31T19:15:08.633", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nA vulnerability exists in Rockwell Automation FactoryTalk\u00ae Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. \u00a0If exploited, a malicious user could potentially retrieve user information and modify settings without any authentication.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "PSIRT@rockwellautomation.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "PSIRT@rockwellautomation.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-347" + } + ] + } + ], + "references": [ + { + "url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1660.html", + "source": "PSIRT@rockwellautomation.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-220xx/CVE-2024-22099.json b/CVE-2024/CVE-2024-220xx/CVE-2024-22099.json index 6b2db32d5d4..f85efe1c9c5 100644 --- a/CVE-2024/CVE-2024-220xx/CVE-2024-22099.json +++ b/CVE-2024/CVE-2024-220xx/CVE-2024-22099.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22099", "sourceIdentifier": "security@openanolis.org", "published": "2024-01-25T07:15:08.697", - "lastModified": "2024-01-25T13:38:33.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:32:02.720", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "security@openanolis.org", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + }, { "source": "security@openanolis.org", "type": "Secondary", @@ -50,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "4F76C298-81DC-43E4-8FC9-DC005A2116EF" + } + ] + } + ] + } + ], "references": [ { "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=7956", - "source": "security@openanolis.org" + "source": "security@openanolis.org", + "tags": [ + "Issue Tracking", + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22146.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22146.json new file mode 100644 index 00000000000..47f53908b5d --- /dev/null +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22146.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-22146", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-01-31T19:15:08.820", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magazine3 Schema & Structured Data for WP & AMP allows Stored XSS.This issue affects Schema & Structured Data for WP & AMP: from n/a through 1.25.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/schema-and-structured-data-for-wp/wordpress-schema-structured-data-for-wp-amp-plugin-1-25-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22150.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22150.json new file mode 100644 index 00000000000..a736e21659a --- /dev/null +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22150.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-22150", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-01-31T19:15:09.013", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PWR Plugins Portfolio & Image Gallery for WordPress | PowerFolio allows Stored XSS.This issue affects Portfolio & Image Gallery for WordPress | PowerFolio: from n/a through 3.1.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/portfolio-elementor/wordpress-powerfolio-plugin-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22153.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22153.json new file mode 100644 index 00000000000..d76a63d39cd --- /dev/null +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22153.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-22153", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-01-31T19:15:09.270", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood & Alexandre Faustino Stock Locations for WooCommerce allows Stored XSS.This issue affects Stock Locations for WooCommerce: from n/a through 2.5.9.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/stock-locations-for-woocommerce/wordpress-stock-locations-for-woocommerce-plugin-2-5-9-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22154.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22154.json index 1f5a4dd1c0f..ca3d6f1d627 100644 --- a/CVE-2024/CVE-2024-221xx/CVE-2024-22154.json +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22154.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22154", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-24T13:15:08.260", - "lastModified": "2024-01-24T13:49:03.187", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:20:56.647", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -50,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:snpdigital:salesking:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.6.15", + "matchCriteriaId": "291A34F2-211D-42F2-B0A0-F8AB6C7AB8E8" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/salesking/wordpress-salesking-plugin-1-6-15-unauthenticated-sensitive-data-exposure-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22158.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22158.json new file mode 100644 index 00000000000..791b9817151 --- /dev/null +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22158.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-22158", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-01-31T19:15:09.470", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PeepSo Community by PeepSo \u2013 Social Network, Membership, Registration, User Profiles allows Stored XSS.This issue affects Community by PeepSo \u2013 Social Network, Membership, Registration, User Profiles: from n/a before 6.3.1.0.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/peepso-photos/wordpress-peepso-photos-add-on-plugin-6-3-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22159.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22159.json new file mode 100644 index 00000000000..98a971fe500 --- /dev/null +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22159.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-22159", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-01-31T19:15:09.650", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WOLF \u2013 WordPress Posts Bulk Editor and Manager Professional allows Reflected XSS.This issue affects WOLF \u2013 WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/bulk-editor/wordpress-wolf-wordpress-posts-bulk-editor-and-manager-professional-plugin-1-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22160.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22160.json index 011afafd8ce..d79f2a8236c 100644 --- a/CVE-2024/CVE-2024-221xx/CVE-2024-22160.json +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22160.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22160", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T18:15:47.590", - "lastModified": "2024-01-31T18:15:47.590", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22161.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22161.json index c8bf8c7cc90..a75e9143d8d 100644 --- a/CVE-2024/CVE-2024-221xx/CVE-2024-22161.json +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22161.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22161", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T18:15:47.773", - "lastModified": "2024-01-31T18:15:47.773", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22162.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22162.json index 0ae5a02e432..eae5d10c743 100644 --- a/CVE-2024/CVE-2024-221xx/CVE-2024-22162.json +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22162.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22162", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T18:15:47.953", - "lastModified": "2024-01-31T18:15:47.953", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22163.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22163.json index 777a594d14e..712db625d62 100644 --- a/CVE-2024/CVE-2024-221xx/CVE-2024-22163.json +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22163.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22163", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T18:15:48.140", - "lastModified": "2024-01-31T18:15:48.140", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-222xx/CVE-2024-22282.json b/CVE-2024/CVE-2024-222xx/CVE-2024-22282.json index 807933fb52d..9834b868025 100644 --- a/CVE-2024/CVE-2024-222xx/CVE-2024-22282.json +++ b/CVE-2024/CVE-2024-222xx/CVE-2024-22282.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22282", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T18:15:48.423", - "lastModified": "2024-01-31T18:15:48.423", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-222xx/CVE-2024-22286.json b/CVE-2024/CVE-2024-222xx/CVE-2024-22286.json index 32669f38c74..ce47444fc50 100644 --- a/CVE-2024/CVE-2024-222xx/CVE-2024-22286.json +++ b/CVE-2024/CVE-2024-222xx/CVE-2024-22286.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22286", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T18:15:48.663", - "lastModified": "2024-01-31T18:15:48.663", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-222xx/CVE-2024-22289.json b/CVE-2024/CVE-2024-222xx/CVE-2024-22289.json index e3691e65d9c..0de17389b05 100644 --- a/CVE-2024/CVE-2024-222xx/CVE-2024-22289.json +++ b/CVE-2024/CVE-2024-222xx/CVE-2024-22289.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22289", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T18:15:48.863", - "lastModified": "2024-01-31T18:15:48.863", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-222xx/CVE-2024-22292.json b/CVE-2024/CVE-2024-222xx/CVE-2024-22292.json index 3e45a2d8285..e0b989b18ca 100644 --- a/CVE-2024/CVE-2024-222xx/CVE-2024-22292.json +++ b/CVE-2024/CVE-2024-222xx/CVE-2024-22292.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22292", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T18:15:49.053", - "lastModified": "2024-01-31T18:15:49.053", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-222xx/CVE-2024-22293.json b/CVE-2024/CVE-2024-222xx/CVE-2024-22293.json index cbbd3f86e6d..eb72df8029d 100644 --- a/CVE-2024/CVE-2024-222xx/CVE-2024-22293.json +++ b/CVE-2024/CVE-2024-222xx/CVE-2024-22293.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22293", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T18:15:49.250", - "lastModified": "2024-01-31T18:15:49.250", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-222xx/CVE-2024-22295.json b/CVE-2024/CVE-2024-222xx/CVE-2024-22295.json index f58d325ffcd..97d6a7be0bd 100644 --- a/CVE-2024/CVE-2024-222xx/CVE-2024-22295.json +++ b/CVE-2024/CVE-2024-222xx/CVE-2024-22295.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22295", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T18:15:49.443", - "lastModified": "2024-01-31T18:15:49.443", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-222xx/CVE-2024-22297.json b/CVE-2024/CVE-2024-222xx/CVE-2024-22297.json index 8b0d40bd5ef..2dc745c0b6b 100644 --- a/CVE-2024/CVE-2024-222xx/CVE-2024-22297.json +++ b/CVE-2024/CVE-2024-222xx/CVE-2024-22297.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22297", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T18:15:49.627", - "lastModified": "2024-01-31T18:15:49.627", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-223xx/CVE-2024-22302.json b/CVE-2024/CVE-2024-223xx/CVE-2024-22302.json index f9ed24e7b94..4aac3f3979c 100644 --- a/CVE-2024/CVE-2024-223xx/CVE-2024-22302.json +++ b/CVE-2024/CVE-2024-223xx/CVE-2024-22302.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22302", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T17:15:34.247", - "lastModified": "2024-01-31T17:15:34.247", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:51.757", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-223xx/CVE-2024-22306.json b/CVE-2024/CVE-2024-223xx/CVE-2024-22306.json index f53862129b9..4be81d94170 100644 --- a/CVE-2024/CVE-2024-223xx/CVE-2024-22306.json +++ b/CVE-2024/CVE-2024-223xx/CVE-2024-22306.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22306", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T17:15:35.560", - "lastModified": "2024-01-31T17:15:35.560", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:51.757", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-223xx/CVE-2024-22307.json b/CVE-2024/CVE-2024-223xx/CVE-2024-22307.json index 1b442238a01..c252adf885e 100644 --- a/CVE-2024/CVE-2024-223xx/CVE-2024-22307.json +++ b/CVE-2024/CVE-2024-223xx/CVE-2024-22307.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22307", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T17:15:36.710", - "lastModified": "2024-01-31T17:15:36.710", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:51.757", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-223xx/CVE-2024-22310.json b/CVE-2024/CVE-2024-223xx/CVE-2024-22310.json index 87622a0bd62..1bc60bb95fb 100644 --- a/CVE-2024/CVE-2024-223xx/CVE-2024-22310.json +++ b/CVE-2024/CVE-2024-223xx/CVE-2024-22310.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22310", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T17:15:38.113", - "lastModified": "2024-01-31T17:15:38.113", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:51.757", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22424.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22424.json index fcd55c5adae..13191c30436 100644 --- a/CVE-2024/CVE-2024-224xx/CVE-2024-22424.json +++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22424.json @@ -2,7 +2,7 @@ "id": "CVE-2024-22424", "sourceIdentifier": "security-advisories@github.com", "published": "2024-01-19T01:15:09.317", - "lastModified": "2024-01-29T15:35:13.463", + "lastModified": "2024-01-31T19:51:26.407", "vulnStatus": "Analyzed", "descriptions": [ { @@ -21,19 +21,19 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "attackVector": "NETWORK", - "attackComplexity": "LOW", + "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", - "baseScore": 9.6, - "baseSeverity": "CRITICAL" + "baseScore": 8.3, + "baseSeverity": "HIGH" }, - "exploitabilityScore": 2.8, + "exploitabilityScore": 1.6, "impactScore": 6.0 }, { diff --git a/CVE-2024/CVE-2024-233xx/CVE-2024-23307.json b/CVE-2024/CVE-2024-233xx/CVE-2024-23307.json index 4155b700557..87870ef8ec6 100644 --- a/CVE-2024/CVE-2024-233xx/CVE-2024-23307.json +++ b/CVE-2024/CVE-2024-233xx/CVE-2024-23307.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23307", "sourceIdentifier": "security@openanolis.org", "published": "2024-01-25T07:15:09.940", - "lastModified": "2024-01-25T13:38:33.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:38:12.743", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "security@openanolis.org", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + }, { "source": "security@openanolis.org", "type": "Secondary", @@ -50,10 +80,33 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.1", + "versionEndIncluding": "6.7.2", + "matchCriteriaId": "2B220591-C1BF-4079-BC5C-242D64CF8D36" + } + ] + } + ] + } + ], "references": [ { "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=7975", - "source": "security@openanolis.org" + "source": "security@openanolis.org", + "tags": [ + "Issue Tracking", + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-235xx/CVE-2024-23502.json b/CVE-2024/CVE-2024-235xx/CVE-2024-23502.json index 1d38cbb2d6f..0a56ee4ccaa 100644 --- a/CVE-2024/CVE-2024-235xx/CVE-2024-23502.json +++ b/CVE-2024/CVE-2024-235xx/CVE-2024-23502.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23502", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T16:15:46.890", - "lastModified": "2024-01-31T16:15:46.890", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:51.757", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-235xx/CVE-2024-23505.json b/CVE-2024/CVE-2024-235xx/CVE-2024-23505.json index 8d2953570cc..63d9a896b54 100644 --- a/CVE-2024/CVE-2024-235xx/CVE-2024-23505.json +++ b/CVE-2024/CVE-2024-235xx/CVE-2024-23505.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23505", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T16:15:47.163", - "lastModified": "2024-01-31T16:15:47.163", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:51.757", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-235xx/CVE-2024-23508.json b/CVE-2024/CVE-2024-235xx/CVE-2024-23508.json index a01a31c5243..3519f642f23 100644 --- a/CVE-2024/CVE-2024-235xx/CVE-2024-23508.json +++ b/CVE-2024/CVE-2024-235xx/CVE-2024-23508.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23508", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T16:15:47.407", - "lastModified": "2024-01-31T16:15:47.407", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:51.757", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-236xx/CVE-2024-23613.json b/CVE-2024/CVE-2024-236xx/CVE-2024-23613.json index 940c67477fe..33fe2caacaf 100644 --- a/CVE-2024/CVE-2024-236xx/CVE-2024-23613.json +++ b/CVE-2024/CVE-2024-236xx/CVE-2024-23613.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23613", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-26T00:15:08.123", - "lastModified": "2024-01-26T13:51:45.267", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T19:22:48.627", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "disclosures@exodusintel.com", "type": "Secondary", @@ -64,6 +84,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + }, { "source": "disclosures@exodusintel.com", "type": "Secondary", @@ -75,10 +105,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:broadcom:symantec_deployment_solutions:7.9:*:*:*:*:*:*:*", + "matchCriteriaId": "17662E74-7FCB-4932-8611-821B0992AFD8" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.exodusintel.com/2024/01/25/symantec-deployment-solution-axengine-exe-buffer-overflow-remote-code-execution", - "source": "disclosures@exodusintel.com" + "source": "disclosures@exodusintel.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-236xx/CVE-2024-23614.json b/CVE-2024/CVE-2024-236xx/CVE-2024-23614.json index 4863114d86d..f8bae3d72e2 100644 --- a/CVE-2024/CVE-2024-236xx/CVE-2024-23614.json +++ b/CVE-2024/CVE-2024-236xx/CVE-2024-23614.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23614", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-26T00:15:08.373", - "lastModified": "2024-01-26T13:51:45.267", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T19:54:08.847", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "disclosures@exodusintel.com", "type": "Secondary", @@ -64,6 +84,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + }, { "source": "disclosures@exodusintel.com", "type": "Secondary", @@ -75,10 +105,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:broadcom:symantec_messaging_gateway:*:*:*:*:*:*:*:*", + "versionEndIncluding": "9.5", + "matchCriteriaId": "88C72319-CF43-400F-A6C7-F5E70F5C90FA" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.exodusintel.com/2024/01/25/symantec-messaging-gateway-stack-buffer-overflow-remote-code-execution/", - "source": "disclosures@exodusintel.com" + "source": "disclosures@exodusintel.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-236xx/CVE-2024-23616.json b/CVE-2024/CVE-2024-236xx/CVE-2024-23616.json index ee0fb0d8956..e4524e0b695 100644 --- a/CVE-2024/CVE-2024-236xx/CVE-2024-23616.json +++ b/CVE-2024/CVE-2024-236xx/CVE-2024-23616.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23616", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-26T00:15:08.843", - "lastModified": "2024-01-26T13:51:45.267", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:28:48.513", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "disclosures@exodusintel.com", "type": "Secondary", @@ -64,6 +84,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + }, { "source": "disclosures@exodusintel.com", "type": "Secondary", @@ -75,10 +105,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:broadcom:symantec_server_management_suite:*:*:*:*:*:*:*:*", + "versionEndIncluding": "7.9", + "matchCriteriaId": "937D8763-6903-4A74-99FF-4DDA99482180" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.exodusintel.com/2024/01/25/symantec-server-management-suite-axengine-exe-buffer-overflow-remote-code-execution/", - "source": "disclosures@exodusintel.com" + "source": "disclosures@exodusintel.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-236xx/CVE-2024-23617.json b/CVE-2024/CVE-2024-236xx/CVE-2024-23617.json index a5cfbd5ca74..8f8bce974fb 100644 --- a/CVE-2024/CVE-2024-236xx/CVE-2024-23617.json +++ b/CVE-2024/CVE-2024-236xx/CVE-2024-23617.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23617", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-26T00:15:09.060", - "lastModified": "2024-01-26T13:51:45.267", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:29:19.920", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "disclosures@exodusintel.com", "type": "Secondary", @@ -64,6 +84,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + }, { "source": "disclosures@exodusintel.com", "type": "Secondary", @@ -75,10 +105,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:broadcom:symantec_data_center_security_server:*:*:*:*:*:*:*:*", + "versionEndIncluding": "14.0.2", + "matchCriteriaId": "544AF3E1-ADEA-44F3-ACB2-F9A1485E2CD0" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.exodusintel.com/2024/01/25/symantec-data-loss-prevention-wp6sr-dll-stack-buffer-overflow-remote-code-execution/", - "source": "disclosures@exodusintel.com" + "source": "disclosures@exodusintel.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-236xx/CVE-2024-23619.json b/CVE-2024/CVE-2024-236xx/CVE-2024-23619.json index dd206fcca4a..feec756fff6 100644 --- a/CVE-2024/CVE-2024-236xx/CVE-2024-23619.json +++ b/CVE-2024/CVE-2024-236xx/CVE-2024-23619.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23619", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-26T00:15:09.470", - "lastModified": "2024-01-26T13:51:45.267", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:29:34.730", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "disclosures@exodusintel.com", "type": "Secondary", @@ -64,6 +84,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-798" + } + ] + }, { "source": "disclosures@exodusintel.com", "type": "Secondary", @@ -75,10 +105,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:merge_efilm_workstation:*:*:*:*:*:*:*:*", + "versionEndIncluding": "4.2", + "matchCriteriaId": "6BD4D17F-7208-4C0C-8CDA-39EE7FEEE431" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-information-disclosure/", - "source": "disclosures@exodusintel.com" + "source": "disclosures@exodusintel.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-236xx/CVE-2024-23620.json b/CVE-2024/CVE-2024-236xx/CVE-2024-23620.json index b89ad2c2d79..f0bb2e56efc 100644 --- a/CVE-2024/CVE-2024-236xx/CVE-2024-23620.json +++ b/CVE-2024/CVE-2024-236xx/CVE-2024-23620.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23620", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-26T00:15:09.687", - "lastModified": "2024-01-26T13:51:45.267", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:29:50.697", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "disclosures@exodusintel.com", "type": "Secondary", @@ -64,6 +84,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + }, { "source": "disclosures@exodusintel.com", "type": "Secondary", @@ -75,10 +105,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:merge_efilm_workstation:*:*:*:*:*:*:*:*", + "versionEndIncluding": "4.2", + "matchCriteriaId": "6BD4D17F-7208-4C0C-8CDA-39EE7FEEE431" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-system-privilege-escalation/", - "source": "disclosures@exodusintel.com" + "source": "disclosures@exodusintel.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-236xx/CVE-2024-23621.json b/CVE-2024/CVE-2024-236xx/CVE-2024-23621.json index b512e6e5469..040ef2eede7 100644 --- a/CVE-2024/CVE-2024-236xx/CVE-2024-23621.json +++ b/CVE-2024/CVE-2024-236xx/CVE-2024-23621.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23621", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-26T00:15:09.957", - "lastModified": "2024-01-26T13:51:45.267", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:30:17.927", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "disclosures@exodusintel.com", "type": "Secondary", @@ -64,6 +84,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + }, { "source": "disclosures@exodusintel.com", "type": "Secondary", @@ -75,10 +105,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:merge_efilm_workstation:*:*:*:*:*:*:*:*", + "versionEndIncluding": "4.2", + "matchCriteriaId": "6BD4D17F-7208-4C0C-8CDA-39EE7FEEE431" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-license-server-buffer-overflow/", - "source": "disclosures@exodusintel.com" + "source": "disclosures@exodusintel.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-236xx/CVE-2024-23622.json b/CVE-2024/CVE-2024-236xx/CVE-2024-23622.json index 5cecb66de40..503c3b4d5cc 100644 --- a/CVE-2024/CVE-2024-236xx/CVE-2024-23622.json +++ b/CVE-2024/CVE-2024-236xx/CVE-2024-23622.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23622", "sourceIdentifier": "disclosures@exodusintel.com", "published": "2024-01-26T00:15:10.190", - "lastModified": "2024-01-26T13:51:45.267", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-31T20:30:40.207", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "disclosures@exodusintel.com", "type": "Secondary", @@ -64,6 +84,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, { "source": "disclosures@exodusintel.com", "type": "Secondary", @@ -75,10 +105,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:merge_efilm_workstation:*:*:*:*:*:*:*:*", + "versionEndIncluding": "4.2", + "matchCriteriaId": "6BD4D17F-7208-4C0C-8CDA-39EE7FEEE431" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-license-server-copysls_request3-buffer-overflow/", - "source": "disclosures@exodusintel.com" + "source": "disclosures@exodusintel.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-236xx/CVE-2024-23637.json b/CVE-2024/CVE-2024-236xx/CVE-2024-23637.json index ca4a4cea74d..6bdb4404250 100644 --- a/CVE-2024/CVE-2024-236xx/CVE-2024-23637.json +++ b/CVE-2024/CVE-2024-236xx/CVE-2024-23637.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23637", "sourceIdentifier": "security-advisories@github.com", "published": "2024-01-31T18:15:49.810", - "lastModified": "2024-01-31T18:15:49.810", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:43.623", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-245xx/CVE-2024-24566.json b/CVE-2024/CVE-2024-245xx/CVE-2024-24566.json index cc1a29bd60a..3d9d0667319 100644 --- a/CVE-2024/CVE-2024-245xx/CVE-2024-24566.json +++ b/CVE-2024/CVE-2024-245xx/CVE-2024-24566.json @@ -2,8 +2,8 @@ "id": "CVE-2024-24566", "sourceIdentifier": "security-advisories@github.com", "published": "2024-01-31T17:15:39.173", - "lastModified": "2024-01-31T17:15:39.173", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:51.757", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-245xx/CVE-2024-24579.json b/CVE-2024/CVE-2024-245xx/CVE-2024-24579.json index cfe84c3049b..a6706a47e02 100644 --- a/CVE-2024/CVE-2024-245xx/CVE-2024-24579.json +++ b/CVE-2024/CVE-2024-245xx/CVE-2024-24579.json @@ -2,8 +2,8 @@ "id": "CVE-2024-24579", "sourceIdentifier": "security-advisories@github.com", "published": "2024-01-31T17:15:40.170", - "lastModified": "2024-01-31T17:15:40.170", - "vulnStatus": "Received", + "lastModified": "2024-01-31T19:54:51.757", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/README.md b/README.md index 4695aef8297..4e65deb29c6 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-01-31T19:00:25.051961+00:00 +2024-01-31T21:00:25.887100+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-01-31T18:56:08.913000+00:00 +2024-01-31T20:40:45.133000+00:00 ``` ### Last Data Feed Release @@ -29,68 +29,57 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -237232 +237245 ``` ### CVEs added in the last Commit -Recently added CVEs: `24` +Recently added CVEs: `13` -* [CVE-2023-47116](CVE-2023/CVE-2023-471xx/CVE-2023-47116.json) (`2024-01-31T17:15:13.370`) -* [CVE-2023-50165](CVE-2023/CVE-2023-501xx/CVE-2023-50165.json) (`2024-01-31T18:15:46.320`) -* [CVE-2023-50166](CVE-2023/CVE-2023-501xx/CVE-2023-50166.json) (`2024-01-31T18:15:46.513`) -* [CVE-2023-5390](CVE-2023/CVE-2023-53xx/CVE-2023-5390.json) (`2024-01-31T18:15:46.780`) -* [CVE-2024-22302](CVE-2024/CVE-2024-223xx/CVE-2024-22302.json) (`2024-01-31T17:15:34.247`) -* [CVE-2024-22306](CVE-2024/CVE-2024-223xx/CVE-2024-22306.json) (`2024-01-31T17:15:35.560`) -* [CVE-2024-22307](CVE-2024/CVE-2024-223xx/CVE-2024-22307.json) (`2024-01-31T17:15:36.710`) -* [CVE-2024-22310](CVE-2024/CVE-2024-223xx/CVE-2024-22310.json) (`2024-01-31T17:15:38.113`) -* [CVE-2024-24566](CVE-2024/CVE-2024-245xx/CVE-2024-24566.json) (`2024-01-31T17:15:39.173`) -* [CVE-2024-24579](CVE-2024/CVE-2024-245xx/CVE-2024-24579.json) (`2024-01-31T17:15:40.170`) -* [CVE-2024-22160](CVE-2024/CVE-2024-221xx/CVE-2024-22160.json) (`2024-01-31T18:15:47.590`) -* [CVE-2024-22161](CVE-2024/CVE-2024-221xx/CVE-2024-22161.json) (`2024-01-31T18:15:47.773`) -* [CVE-2024-22162](CVE-2024/CVE-2024-221xx/CVE-2024-22162.json) (`2024-01-31T18:15:47.953`) -* [CVE-2024-22163](CVE-2024/CVE-2024-221xx/CVE-2024-22163.json) (`2024-01-31T18:15:48.140`) -* [CVE-2024-22282](CVE-2024/CVE-2024-222xx/CVE-2024-22282.json) (`2024-01-31T18:15:48.423`) -* [CVE-2024-22286](CVE-2024/CVE-2024-222xx/CVE-2024-22286.json) (`2024-01-31T18:15:48.663`) -* [CVE-2024-22289](CVE-2024/CVE-2024-222xx/CVE-2024-22289.json) (`2024-01-31T18:15:48.863`) -* [CVE-2024-22292](CVE-2024/CVE-2024-222xx/CVE-2024-22292.json) (`2024-01-31T18:15:49.053`) -* [CVE-2024-22293](CVE-2024/CVE-2024-222xx/CVE-2024-22293.json) (`2024-01-31T18:15:49.250`) -* [CVE-2024-22295](CVE-2024/CVE-2024-222xx/CVE-2024-22295.json) (`2024-01-31T18:15:49.443`) -* [CVE-2024-22297](CVE-2024/CVE-2024-222xx/CVE-2024-22297.json) (`2024-01-31T18:15:49.627`) -* [CVE-2024-23637](CVE-2024/CVE-2024-236xx/CVE-2024-23637.json) (`2024-01-31T18:15:49.810`) -* [CVE-2024-21888](CVE-2024/CVE-2024-218xx/CVE-2024-21888.json) (`2024-01-31T18:15:47.260`) -* [CVE-2024-21893](CVE-2024/CVE-2024-218xx/CVE-2024-21893.json) (`2024-01-31T18:15:47.437`) +* [CVE-2023-28807](CVE-2023/CVE-2023-288xx/CVE-2023-28807.json) (`2024-01-31T20:15:44.903`) +* [CVE-2024-1111](CVE-2024/CVE-2024-11xx/CVE-2024-1111.json) (`2024-01-31T19:15:08.187`) +* [CVE-2024-21916](CVE-2024/CVE-2024-219xx/CVE-2024-21916.json) (`2024-01-31T19:15:08.427`) +* [CVE-2024-21917](CVE-2024/CVE-2024-219xx/CVE-2024-21917.json) (`2024-01-31T19:15:08.633`) +* [CVE-2024-22146](CVE-2024/CVE-2024-221xx/CVE-2024-22146.json) (`2024-01-31T19:15:08.820`) +* [CVE-2024-22150](CVE-2024/CVE-2024-221xx/CVE-2024-22150.json) (`2024-01-31T19:15:09.013`) +* [CVE-2024-22153](CVE-2024/CVE-2024-221xx/CVE-2024-22153.json) (`2024-01-31T19:15:09.270`) +* [CVE-2024-22158](CVE-2024/CVE-2024-221xx/CVE-2024-22158.json) (`2024-01-31T19:15:09.470`) +* [CVE-2024-22159](CVE-2024/CVE-2024-221xx/CVE-2024-22159.json) (`2024-01-31T19:15:09.650`) +* [CVE-2024-1113](CVE-2024/CVE-2024-11xx/CVE-2024-1113.json) (`2024-01-31T20:15:45.140`) +* [CVE-2024-1114](CVE-2024/CVE-2024-11xx/CVE-2024-1114.json) (`2024-01-31T20:15:45.367`) +* [CVE-2024-1115](CVE-2024/CVE-2024-11xx/CVE-2024-1115.json) (`2024-01-31T20:15:45.590`) +* [CVE-2024-1116](CVE-2024/CVE-2024-11xx/CVE-2024-1116.json) (`2024-01-31T20:15:45.807`) ### CVEs modified in the last Commit -Recently modified CVEs: `177` +Recently modified CVEs: `70` -* [CVE-2023-35836](CVE-2023/CVE-2023-358xx/CVE-2023-35836.json) (`2024-01-31T18:38:16.887`) -* [CVE-2023-7227](CVE-2023/CVE-2023-72xx/CVE-2023-7227.json) (`2024-01-31T18:46:00.220`) -* [CVE-2023-41474](CVE-2023/CVE-2023-414xx/CVE-2023-41474.json) (`2024-01-31T18:54:51.777`) -* [CVE-2024-0880](CVE-2024/CVE-2024-08xx/CVE-2024-0880.json) (`2024-01-31T17:01:46.297`) -* [CVE-2024-23897](CVE-2024/CVE-2024-238xx/CVE-2024-23897.json) (`2024-01-31T17:13:39.360`) -* [CVE-2024-0219](CVE-2024/CVE-2024-02xx/CVE-2024-0219.json) (`2024-01-31T17:15:29.633`) -* [CVE-2024-0222](CVE-2024/CVE-2024-02xx/CVE-2024-0222.json) (`2024-01-31T17:15:29.990`) -* [CVE-2024-0223](CVE-2024/CVE-2024-02xx/CVE-2024-0223.json) (`2024-01-31T17:15:30.487`) -* [CVE-2024-0224](CVE-2024/CVE-2024-02xx/CVE-2024-0224.json) (`2024-01-31T17:15:30.873`) -* [CVE-2024-0225](CVE-2024/CVE-2024-02xx/CVE-2024-0225.json) (`2024-01-31T17:15:31.230`) -* [CVE-2024-0832](CVE-2024/CVE-2024-08xx/CVE-2024-0832.json) (`2024-01-31T17:15:31.790`) -* [CVE-2024-0833](CVE-2024/CVE-2024-08xx/CVE-2024-0833.json) (`2024-01-31T17:15:32.147`) -* [CVE-2024-20918](CVE-2024/CVE-2024-209xx/CVE-2024-20918.json) (`2024-01-31T17:15:32.580`) -* [CVE-2024-20926](CVE-2024/CVE-2024-209xx/CVE-2024-20926.json) (`2024-01-31T17:15:33.247`) -* [CVE-2024-20952](CVE-2024/CVE-2024-209xx/CVE-2024-20952.json) (`2024-01-31T17:15:33.773`) -* [CVE-2024-23900](CVE-2024/CVE-2024-239xx/CVE-2024-23900.json) (`2024-01-31T17:20:14.777`) -* [CVE-2024-23901](CVE-2024/CVE-2024-239xx/CVE-2024-23901.json) (`2024-01-31T17:21:55.750`) -* [CVE-2024-0882](CVE-2024/CVE-2024-08xx/CVE-2024-0882.json) (`2024-01-31T17:32:28.080`) -* [CVE-2024-22749](CVE-2024/CVE-2024-227xx/CVE-2024-22749.json) (`2024-01-31T18:01:59.017`) -* [CVE-2024-23903](CVE-2024/CVE-2024-239xx/CVE-2024-23903.json) (`2024-01-31T18:13:14.563`) -* [CVE-2024-0402](CVE-2024/CVE-2024-04xx/CVE-2024-0402.json) (`2024-01-31T18:34:47.867`) -* [CVE-2024-23902](CVE-2024/CVE-2024-239xx/CVE-2024-23902.json) (`2024-01-31T18:37:37.253`) -* [CVE-2024-22529](CVE-2024/CVE-2024-225xx/CVE-2024-22529.json) (`2024-01-31T18:42:44.573`) -* [CVE-2024-23899](CVE-2024/CVE-2024-238xx/CVE-2024-23899.json) (`2024-01-31T18:43:39.183`) -* [CVE-2024-0883](CVE-2024/CVE-2024-08xx/CVE-2024-0883.json) (`2024-01-31T18:51:07.787`) +* [CVE-2024-23508](CVE-2024/CVE-2024-235xx/CVE-2024-23508.json) (`2024-01-31T19:54:51.757`) +* [CVE-2024-22302](CVE-2024/CVE-2024-223xx/CVE-2024-22302.json) (`2024-01-31T19:54:51.757`) +* [CVE-2024-22306](CVE-2024/CVE-2024-223xx/CVE-2024-22306.json) (`2024-01-31T19:54:51.757`) +* [CVE-2024-22307](CVE-2024/CVE-2024-223xx/CVE-2024-22307.json) (`2024-01-31T19:54:51.757`) +* [CVE-2024-22310](CVE-2024/CVE-2024-223xx/CVE-2024-22310.json) (`2024-01-31T19:54:51.757`) +* [CVE-2024-24566](CVE-2024/CVE-2024-245xx/CVE-2024-24566.json) (`2024-01-31T19:54:51.757`) +* [CVE-2024-24579](CVE-2024/CVE-2024-245xx/CVE-2024-24579.json) (`2024-01-31T19:54:51.757`) +* [CVE-2024-21387](CVE-2024/CVE-2024-213xx/CVE-2024-21387.json) (`2024-01-31T20:08:28.943`) +* [CVE-2024-21385](CVE-2024/CVE-2024-213xx/CVE-2024-21385.json) (`2024-01-31T20:09:14.593`) +* [CVE-2024-21383](CVE-2024/CVE-2024-213xx/CVE-2024-21383.json) (`2024-01-31T20:09:22.623`) +* [CVE-2024-21382](CVE-2024/CVE-2024-213xx/CVE-2024-21382.json) (`2024-01-31T20:10:16.277`) +* [CVE-2024-21326](CVE-2024/CVE-2024-213xx/CVE-2024-21326.json) (`2024-01-31T20:10:24.203`) +* [CVE-2024-0456](CVE-2024/CVE-2024-04xx/CVE-2024-0456.json) (`2024-01-31T20:12:00.077`) +* [CVE-2024-0736](CVE-2024/CVE-2024-07xx/CVE-2024-0736.json) (`2024-01-31T20:19:04.667`) +* [CVE-2024-0695](CVE-2024/CVE-2024-06xx/CVE-2024-0695.json) (`2024-01-31T20:20:20.147`) +* [CVE-2024-0693](CVE-2024/CVE-2024-06xx/CVE-2024-0693.json) (`2024-01-31T20:20:32.517`) +* [CVE-2024-22154](CVE-2024/CVE-2024-221xx/CVE-2024-22154.json) (`2024-01-31T20:20:56.647`) +* [CVE-2024-23616](CVE-2024/CVE-2024-236xx/CVE-2024-23616.json) (`2024-01-31T20:28:48.513`) +* [CVE-2024-23617](CVE-2024/CVE-2024-236xx/CVE-2024-23617.json) (`2024-01-31T20:29:19.920`) +* [CVE-2024-23619](CVE-2024/CVE-2024-236xx/CVE-2024-23619.json) (`2024-01-31T20:29:34.730`) +* [CVE-2024-23620](CVE-2024/CVE-2024-236xx/CVE-2024-23620.json) (`2024-01-31T20:29:50.697`) +* [CVE-2024-23621](CVE-2024/CVE-2024-236xx/CVE-2024-23621.json) (`2024-01-31T20:30:17.927`) +* [CVE-2024-23622](CVE-2024/CVE-2024-236xx/CVE-2024-23622.json) (`2024-01-31T20:30:40.207`) +* [CVE-2024-22099](CVE-2024/CVE-2024-220xx/CVE-2024-22099.json) (`2024-01-31T20:32:02.720`) +* [CVE-2024-23307](CVE-2024/CVE-2024-233xx/CVE-2024-23307.json) (`2024-01-31T20:38:12.743`) ## Download and Usage