diff --git a/CVE-2022/CVE-2022-248xx/CVE-2022-24805.json b/CVE-2022/CVE-2022-248xx/CVE-2022-24805.json new file mode 100644 index 00000000000..e8fd11291a7 --- /dev/null +++ b/CVE-2022/CVE-2022-248xx/CVE-2022-24805.json @@ -0,0 +1,83 @@ +{ + "id": "CVE-2022-24805", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-04-16T20:15:07.600", + "lastModified": "2024-04-16T20:15:07.600", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the `INDEX` of `NET-SNMP-VACM-MIB` can cause an out-of-bounds memory access. A user with read-only credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2103225", + "source": "security-advisories@github.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105238", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775", + "source": "security-advisories@github.com" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html", + "source": "security-advisories@github.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/", + "source": "security-advisories@github.com" + }, + { + "url": "https://security.gentoo.org/glsa/202210-29", + "source": "security-advisories@github.com" + }, + { + "url": "https://www.debian.org/security/2022/dsa-5209", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-248xx/CVE-2022-24806.json b/CVE-2022/CVE-2022-248xx/CVE-2022-24806.json new file mode 100644 index 00000000000..59866506945 --- /dev/null +++ b/CVE-2022/CVE-2022-248xx/CVE-2022-24806.json @@ -0,0 +1,75 @@ +{ + "id": "CVE-2022-24806", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-04-16T20:15:08.413", + "lastModified": "2024-04-16T20:15:08.413", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2103225", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775", + "source": "security-advisories@github.com" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html", + "source": "security-advisories@github.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/", + "source": "security-advisories@github.com" + }, + { + "url": "https://security.gentoo.org/glsa/202210-29", + "source": "security-advisories@github.com" + }, + { + "url": "https://www.debian.org/security/2022/dsa-5209", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-248xx/CVE-2022-24807.json b/CVE-2022/CVE-2022-248xx/CVE-2022-24807.json new file mode 100644 index 00000000000..a4eb26c52e7 --- /dev/null +++ b/CVE-2022/CVE-2022-248xx/CVE-2022-24807.json @@ -0,0 +1,83 @@ +{ + "id": "CVE-2022-24807", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-04-16T20:15:08.647", + "lastModified": "2024-04-16T20:15:08.647", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to `SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable` can cause an out-of-bounds memory access. A user with read-write credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2103225", + "source": "security-advisories@github.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105239", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775", + "source": "security-advisories@github.com" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html", + "source": "security-advisories@github.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/", + "source": "security-advisories@github.com" + }, + { + "url": "https://security.gentoo.org/glsa/202210-29", + "source": "security-advisories@github.com" + }, + { + "url": "https://www.debian.org/security/2022/dsa-5209", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-248xx/CVE-2022-24808.json b/CVE-2022/CVE-2022-248xx/CVE-2022-24808.json new file mode 100644 index 00000000000..7646e6751de --- /dev/null +++ b/CVE-2022/CVE-2022-248xx/CVE-2022-24808.json @@ -0,0 +1,83 @@ +{ + "id": "CVE-2022-24808", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-04-16T20:15:08.840", + "lastModified": "2024-04-16T20:15:08.840", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a `SET` request to `NET-SNMP-AGENT-MIB::nsLogTable` to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2103225", + "source": "security-advisories@github.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105240", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775", + "source": "security-advisories@github.com" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html", + "source": "security-advisories@github.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/", + "source": "security-advisories@github.com" + }, + { + "url": "https://security.gentoo.org/glsa/202210-29", + "source": "security-advisories@github.com" + }, + { + "url": "https://www.debian.org/security/2022/dsa-5209", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-248xx/CVE-2022-24809.json b/CVE-2022/CVE-2022-248xx/CVE-2022-24809.json new file mode 100644 index 00000000000..a4dc16a076b --- /dev/null +++ b/CVE-2022/CVE-2022-248xx/CVE-2022-24809.json @@ -0,0 +1,79 @@ +{ + "id": "CVE-2022-24809", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-04-16T20:15:09.033", + "lastModified": "2024-04-16T20:15:09.033", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a `GET-NEXT` to the `nsVacmAccessTable` to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2103225", + "source": "security-advisories@github.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105242", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775", + "source": "security-advisories@github.com" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html", + "source": "security-advisories@github.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/", + "source": "security-advisories@github.com" + }, + { + "url": "https://security.gentoo.org/glsa/202210-29", + "source": "security-advisories@github.com" + }, + { + "url": "https://www.debian.org/security/2022/dsa-5209", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-248xx/CVE-2022-24810.json b/CVE-2022/CVE-2022-248xx/CVE-2022-24810.json new file mode 100644 index 00000000000..80b10a14157 --- /dev/null +++ b/CVE-2022/CVE-2022-248xx/CVE-2022-24810.json @@ -0,0 +1,79 @@ +{ + "id": "CVE-2022-24810", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-04-16T20:15:09.227", + "lastModified": "2024-04-16T20:15:09.227", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2103225", + "source": "security-advisories@github.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105241", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775", + "source": "security-advisories@github.com" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html", + "source": "security-advisories@github.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/", + "source": "security-advisories@github.com" + }, + { + "url": "https://security.gentoo.org/glsa/202210-29", + "source": "security-advisories@github.com" + }, + { + "url": "https://www.debian.org/security/2022/dsa-5209", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-513xx/CVE-2023-51391.json b/CVE-2023/CVE-2023-513xx/CVE-2023-51391.json new file mode 100644 index 00000000000..342a254ace6 --- /dev/null +++ b/CVE-2023/CVE-2023-513xx/CVE-2023-51391.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-51391", + "sourceIdentifier": "product-security@silabs.com", + "published": "2024-04-16T20:15:09.437", + "lastModified": "2024-04-16T20:15:09.437", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A bug in Micrium OS Network HTTP Server permits an invalid pointer dereference during header processing - potentially allowing a device crash and Denial of Service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "product-security@silabs.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "product-security@silabs.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + }, + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://community.silabs.com/068Vm000004688g", + "source": "product-security@silabs.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30378.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30378.json new file mode 100644 index 00000000000..5342ad53f4c --- /dev/null +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30378.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-30378", + "sourceIdentifier": "sirt@juniper.net", + "published": "2024-04-16T20:15:09.680", + "lastModified": "2024-04-16T20:15:09.680", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A Use After Free vulnerability in command processing of Juniper Networks Junos OS on MX Series allows a local, authenticated attacker to cause the broadband edge service manager daemon (bbe-smgd) to crash upon execution of specific CLI commands, creating a Denial of Service (DoS) condition.\u00a0 The process crashes and restarts automatically.\n\nWhen specific CLI commands are executed, the bbe-smgd daemon attempts to write into an area of memory (mgd socket) that was already closed, causing the process to crash.\u00a0 This process manages and controls the configuration of broadband subscriber sessions and services.\u00a0 While the process is unavailable, additional subscribers will not be able to connect to the device, causing a temporary Denial of Service condition.\n\nThis issue only occurs if\u00a0Graceful Routing Engine Switchover (GRES) and Subscriber Management are enabled.\nThis issue affects Junos OS:\n\n\n * All versions before 20.4R3-S5, \n * from 21.1 before 21.1R3-S4, \n * from 21.2 before 21.2R3-S3, \n * from 21.3 before 21.3R3-S5, \n * from 21.4 before 21.4R3-S5, \n * from 22.1 before 22.1R3, \n * from 22.2 before 22.2R3, \n * from 22.3 before 22.3R2;\n\n\n\n\n\n\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "sirt@juniper.net", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "sirt@juniper.net", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://supportportal.juniper.net/JSA79109", + "source": "sirt@juniper.net" + }, + { + "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", + "source": "sirt@juniper.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30380.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30380.json new file mode 100644 index 00000000000..e32ef83b941 --- /dev/null +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30380.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-30380", + "sourceIdentifier": "sirt@juniper.net", + "published": "2024-04-16T20:15:09.887", + "lastModified": "2024-04-16T20:15:09.887", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS), which causes the l2cpd process to crash by sending a specific TLV.\n\nThe l2cpd process is responsible for layer 2 control protocols, such as STP, RSTP, MSTP, VSTP, ERP, and LLDP.\u00a0 The impact of the l2cpd crash is reinitialization of STP protocols (RSTP, MSTP or VSTP), and MVRP and ERP, leading to a Denial of Service.\u00a0\u00a0Continued receipt and processing of this specific TLV will create a sustained Denial of Service (DoS) condition.\nThis issue affects:\n\nJunos OS: \nall versions before 20.4R3-S9, \nfrom 21.2 before 21.2R3-S7, \nfrom 21.3 before 21.3R3-S5, \nfrom 21.4 before 21.4R3-S4, \nfrom 22.1 before 22.1R3-S4, \nfrom 22.2 before 22.2R3-S2, \nfrom 22.3 before 22.3R2-S2, 22.3R3-S1, \nfrom 22.4 before 22.4R2-S2, 22.4R3, \nfrom 23.2 before 23.2R1-S1, 23.2R2;\n\nJunos OS Evolved: \nall versions before 21.2R3-S7,\n\n \nfrom 21.3 before 21.3R3-S5-EVO, \nfrom 21.4 before 21.4R3-S5-EVO, \nfrom 22.1 before 22.1R3-S4-EVO, \nfrom 22.2 before 22.2R3-S2-EVO, \nfrom 22.3 before 22.3R2-S2-EVO, 22.3R3-S1-EVO, \nfrom 22.4 before 22.4R2-S2-EVO, 22.4R3-EVO, \nfrom 23.2 before 23.2R1-S1-EVO, 23.2R2-EVO.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "sirt@juniper.net", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "sirt@juniper.net", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-755" + } + ] + } + ], + "references": [ + { + "url": "https://supportportal.juniper.net/JSA79171", + "source": "sirt@juniper.net" + }, + { + "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", + "source": "sirt@juniper.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-314xx/CVE-2024-31446.json b/CVE-2024/CVE-2024-314xx/CVE-2024-31446.json new file mode 100644 index 00000000000..d8463fd5238 --- /dev/null +++ b/CVE-2024/CVE-2024-314xx/CVE-2024-31446.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-31446", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-04-16T20:15:10.083", + "lastModified": "2024-04-16T20:15:10.083", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "OpenComputers is a Minecraft mod that adds programmable computers and robots to the game. A user can use OpenComputers to get a Computer thread stuck in the Lua VM, which eventually blocks the Server thread, requiring the server to be forcibly shut down. This can be accomplished using any device in the mod and can be performed by anyone who can execute Lua code on them. This occurs while using the native Lua library. LuaJ appears to not have this issue. This vulnerability is fixed in 1.8.4. The GregTech: New Horizons modpack uses its own modified version of OpenComputers. They have applied the relevant patch in version 1.10.10-GTNH." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.7, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/MightyPirates/OpenComputers/commit/9d4f7ea297953c2fd8ccfd24fe549d5e9576400f", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/MightyPirates/OpenComputers/security/advisories/GHSA-54j4-xpgj-cq4g", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-36xx/CVE-2024-3660.json b/CVE-2024/CVE-2024-36xx/CVE-2024-3660.json new file mode 100644 index 00000000000..4b8741f4256 --- /dev/null +++ b/CVE-2024/CVE-2024-36xx/CVE-2024-3660.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-3660", + "sourceIdentifier": "cret@cert.org", + "published": "2024-04-16T21:15:08.603", + "lastModified": "2024-04-16T21:15:08.603", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A arbitrary code injection vulnerability in TensorFlow's Keras framework (<2.13) allows attackers to execute arbitrary code with the same permissions as the application using a model that allow arbitrary code irrespective of the application." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://kb.cert.org/vuls/id/253266", + "source": "cret@cert.org" + }, + { + "url": "https://www.kb.cert.org/vuls/id/253266", + "source": "cret@cert.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-38xx/CVE-2024-3881.json b/CVE-2024/CVE-2024-38xx/CVE-2024-3881.json new file mode 100644 index 00000000000..b09e698df16 --- /dev/null +++ b/CVE-2024/CVE-2024-38xx/CVE-2024-3881.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-3881", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-04-16T20:15:10.280", + "lastModified": "2024-04-16T20:15:10.280", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Tenda W30E 1.0.1.25(633) and classified as critical. This issue affects the function frmL7PlotForm of the file /goform/frmL7ProtForm. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-260915. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE", + "baseScore": 9.0 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 8.0, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-121" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W30E/frmL7ProtForm.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.260915", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.260915", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.312824", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-38xx/CVE-2024-3882.json b/CVE-2024/CVE-2024-38xx/CVE-2024-3882.json new file mode 100644 index 00000000000..4bf872456d2 --- /dev/null +++ b/CVE-2024/CVE-2024-38xx/CVE-2024-3882.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-3882", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-04-16T20:15:10.523", + "lastModified": "2024-04-16T20:15:10.523", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Tenda W30E 1.0.1.25(633). It has been classified as critical. Affected is the function fromRouteStatic of the file /goform/fromRouteStatic. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260916. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE", + "baseScore": 9.0 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 8.0, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-121" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W30E/fromRouteStatic.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.260916", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.260916", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.312825", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 976f9dfb8af..9d5b14319e6 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-04-16T20:00:37.778903+00:00 +2024-04-16T22:00:38.643659+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-04-16T19:22:42.250000+00:00 +2024-04-16T21:15:08.603000+00:00 ``` ### Last Data Feed Release @@ -33,35 +33,32 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -245734 +245747 ``` ### CVEs added in the last Commit -Recently added CVEs: `10` +Recently added CVEs: `13` -- [CVE-2023-40000](CVE-2023/CVE-2023-400xx/CVE-2023-40000.json) (`2024-04-16T18:15:10.600`) -- [CVE-2023-45000](CVE-2023/CVE-2023-450xx/CVE-2023-45000.json) (`2024-04-16T18:15:10.790`) -- [CVE-2024-25911](CVE-2024/CVE-2024-259xx/CVE-2024-25911.json) (`2024-04-16T19:15:07.267`) -- [CVE-2024-32455](CVE-2024/CVE-2024-324xx/CVE-2024-32455.json) (`2024-04-16T19:15:07.470`) -- [CVE-2024-3875](CVE-2024/CVE-2024-38xx/CVE-2024-3875.json) (`2024-04-16T18:15:14.397`) -- [CVE-2024-3876](CVE-2024/CVE-2024-38xx/CVE-2024-3876.json) (`2024-04-16T18:15:14.623`) -- [CVE-2024-3877](CVE-2024/CVE-2024-38xx/CVE-2024-3877.json) (`2024-04-16T19:15:07.667`) -- [CVE-2024-3878](CVE-2024/CVE-2024-38xx/CVE-2024-3878.json) (`2024-04-16T19:15:07.920`) -- [CVE-2024-3879](CVE-2024/CVE-2024-38xx/CVE-2024-3879.json) (`2024-04-16T19:15:08.133`) -- [CVE-2024-3880](CVE-2024/CVE-2024-38xx/CVE-2024-3880.json) (`2024-04-16T19:15:08.357`) +- [CVE-2022-24805](CVE-2022/CVE-2022-248xx/CVE-2022-24805.json) (`2024-04-16T20:15:07.600`) +- [CVE-2022-24806](CVE-2022/CVE-2022-248xx/CVE-2022-24806.json) (`2024-04-16T20:15:08.413`) +- [CVE-2022-24807](CVE-2022/CVE-2022-248xx/CVE-2022-24807.json) (`2024-04-16T20:15:08.647`) +- [CVE-2022-24808](CVE-2022/CVE-2022-248xx/CVE-2022-24808.json) (`2024-04-16T20:15:08.840`) +- [CVE-2022-24809](CVE-2022/CVE-2022-248xx/CVE-2022-24809.json) (`2024-04-16T20:15:09.033`) +- [CVE-2022-24810](CVE-2022/CVE-2022-248xx/CVE-2022-24810.json) (`2024-04-16T20:15:09.227`) +- [CVE-2023-51391](CVE-2023/CVE-2023-513xx/CVE-2023-51391.json) (`2024-04-16T20:15:09.437`) +- [CVE-2024-30378](CVE-2024/CVE-2024-303xx/CVE-2024-30378.json) (`2024-04-16T20:15:09.680`) +- [CVE-2024-30380](CVE-2024/CVE-2024-303xx/CVE-2024-30380.json) (`2024-04-16T20:15:09.887`) +- [CVE-2024-31446](CVE-2024/CVE-2024-314xx/CVE-2024-31446.json) (`2024-04-16T20:15:10.083`) +- [CVE-2024-3660](CVE-2024/CVE-2024-36xx/CVE-2024-3660.json) (`2024-04-16T21:15:08.603`) +- [CVE-2024-3881](CVE-2024/CVE-2024-38xx/CVE-2024-3881.json) (`2024-04-16T20:15:10.280`) +- [CVE-2024-3882](CVE-2024/CVE-2024-38xx/CVE-2024-3882.json) (`2024-04-16T20:15:10.523`) ### CVEs modified in the last Commit -Recently modified CVEs: `6` +Recently modified CVEs: `0` -- [CVE-2020-0878](CVE-2020/CVE-2020-08xx/CVE-2020-0878.json) (`2024-04-16T19:22:42.250`) -- [CVE-2020-1567](CVE-2020/CVE-2020-15xx/CVE-2020-1567.json) (`2024-04-16T19:22:42.250`) -- [CVE-2020-1570](CVE-2020/CVE-2020-15xx/CVE-2020-1570.json) (`2024-04-16T19:22:42.250`) -- [CVE-2021-26419](CVE-2021/CVE-2021-264xx/CVE-2021-26419.json) (`2024-04-16T19:22:42.250`) -- [CVE-2024-0948](CVE-2024/CVE-2024-09xx/CVE-2024-0948.json) (`2024-04-16T18:15:11.013`) -- [CVE-2024-21598](CVE-2024/CVE-2024-215xx/CVE-2024-21598.json) (`2024-04-16T18:15:12.357`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 4ce7d46109a..d9ecb5edda2 100644 --- a/_state.csv +++ b/_state.csv @@ -144922,7 +144922,7 @@ CVE-2020-0874,0,0,c2fade0606dcb2e9c6eb87976f779476db6037e639a3a9c456a2c05fc2968d CVE-2020-0875,0,0,7d5e612b8c619991b2aa2905c3eee1dcf486e7c52ecf2b852e7e18ac88f292de,2023-12-31T22:15:46.170000 CVE-2020-0876,0,0,1034746515d48d79fab68b7c78b50df2f1a57a4da727845fc40df798a64421c6,2021-07-21T11:39:23.747000 CVE-2020-0877,0,0,9001dd0ed611f4d498dc5796bf4336c5b602f63019d87b3b2fa84d70c2d94d43,2021-07-21T11:39:23.747000 -CVE-2020-0878,0,1,47b4ccbb6e2aee2e0f6eeb59ea794ab2c1e1b40d148f13b0575e5acc68cc5ad1,2024-04-16T19:22:42.250000 +CVE-2020-0878,0,0,47b4ccbb6e2aee2e0f6eeb59ea794ab2c1e1b40d148f13b0575e5acc68cc5ad1,2024-04-16T19:22:42.250000 CVE-2020-0879,0,0,425d3ec3e00b7dd4a42b5cf7c4478aba2b84b335e2d807b7127c70c2ad85c687,2021-07-21T11:39:23.747000 CVE-2020-0880,0,0,2634a69f3ca334f0c8c26e79bca394062d5af4fcbceea830136861013032761e,2021-07-21T11:39:23.747000 CVE-2020-0881,0,0,e83b0bffb8c94a880ae5f5982e07570c1bdae5c1d088ff8bd6a7844e3b82273b,2021-07-21T11:39:23.747000 @@ -150354,7 +150354,7 @@ CVE-2020-15666,0,0,806c77fc438f86f330bc55c879aa960de2885e748df473ced7459962b7b2d CVE-2020-15667,0,0,243a15d4c8a4ba9d467e69a126581e6074bc210dbabb71cf64e9f3a92c9ccc5c,2021-07-21T11:39:23.747000 CVE-2020-15668,0,0,4e698705ffefd020b517fb158a528dcedf7be197f4c0d065fb232fb0be01a198,2020-10-02T19:17:09.183000 CVE-2020-15669,0,0,64eaa070128ae394e37b554c9f7dcfafab0aea8b537c06401fda981532afa503,2020-10-02T19:02:26.757000 -CVE-2020-1567,0,1,6988137d9a01ca126164d2622ab96444b87b9050623a346e3fbff0ba552d0432,2024-04-16T19:22:42.250000 +CVE-2020-1567,0,0,6988137d9a01ca126164d2622ab96444b87b9050623a346e3fbff0ba552d0432,2024-04-16T19:22:42.250000 CVE-2020-15670,0,0,67298c1fe1d638c17c36a656aca282da76a36c165fcad93d0f02fcf233d51021,2021-07-21T11:39:23.747000 CVE-2020-15671,0,0,82807d7bf80b81bb741608191d7efc03e971ecb129585447c3a302327bf9fc61,2021-07-21T11:39:23.747000 CVE-2020-15673,0,0,c4df2a83f9da27ab7a9bf61aad0f08e9147fa5beb7d47185eccff19549e5c4a2,2022-04-28T18:22:40.927000 @@ -150384,7 +150384,7 @@ CVE-2020-15696,0,0,6b01411e07d57eee24498a5baade6df6a092e5e78052c31162fb91aa77a13 CVE-2020-15697,0,0,e1949b3239b40d44a9cf4dbe76e0780b405a1aaad6dcf8b0c86f771e66837c09,2020-07-15T19:27:59.713000 CVE-2020-15698,0,0,96d6895b067626b31ec7929ae0b4b4f698b7f533ac9f91c8f153e3de9adc452b,2021-07-21T11:39:23.747000 CVE-2020-15699,0,0,fddee3db14a5fec94a3b9b792a6a00e1de28f8aa1c4d0c0af73804590af47c7a,2020-07-15T19:44:31.413000 -CVE-2020-1570,0,1,e433d3c23800dd9c650a2695e9332c48d65e323e86479df2e4a50bcdba487d47,2024-04-16T19:22:42.250000 +CVE-2020-1570,0,0,e433d3c23800dd9c650a2695e9332c48d65e323e86479df2e4a50bcdba487d47,2024-04-16T19:22:42.250000 CVE-2020-15700,0,0,4392d5e51f1a617d2a1db6811d21554ab68d3b5bcb968ff3ec815ecba5658de2,2020-07-15T19:46:47.027000 CVE-2020-15701,0,0,0ef4f11d4d5e17c76cc90dbda259bf34c0d91dc397e706325817bacef536d57b,2023-01-24T02:45:18.333000 CVE-2020-15702,0,0,3123c6db9bb9c3781a203dca58b90178703d4558141b29f546636b5174cda6a7,2023-01-27T18:19:56.737000 @@ -171750,7 +171750,7 @@ CVE-2021-26415,0,0,aea8f896c13d4c6095e51ab876f24426b34f537d056e2f1b89b1d9a6cf7f4 CVE-2021-26416,0,0,993fd9894dcf076a84f2ba65d4209911fe03da6b6b85301b271e3a7aaaa28762,2023-12-29T20:15:49.653000 CVE-2021-26417,0,0,131180a6d79030529a6b1b8bb6f6422fb04a2d0161fb18682f4f291505080d9a,2023-12-29T20:15:49.853000 CVE-2021-26418,0,0,4b4eff10905b00f64f66b3d523b8e5b777dc0cf0065f314a88729996b9495a9c,2023-08-02T00:15:10.887000 -CVE-2021-26419,0,1,5aecddeae175ae40ec027488d50b2c173515e7b42824b45a8b12540c9eb80656,2024-04-16T19:22:42.250000 +CVE-2021-26419,0,0,5aecddeae175ae40ec027488d50b2c173515e7b42824b45a8b12540c9eb80656,2024-04-16T19:22:42.250000 CVE-2021-26420,0,0,259a2a921d60b20b6d7a01472a4e9b29ec5dfbff28ac862cf4ddac896e56114f,2023-08-01T23:15:11.517000 CVE-2021-26421,0,0,e59cfaa219509a59895efe167da72eda5665900af0da4e2f54f7d0fea6bc8de4,2023-08-02T00:15:11.110000 CVE-2021-26422,0,0,f06273af2cb75d9c8b35a6b1422b25d00a86e6c2b35e208674cd9fc5c21a9f7b,2023-08-02T00:15:11.207000 @@ -193288,7 +193288,13 @@ CVE-2022-24801,0,0,d1eda5f96b53a68346c98c0a334fd09d53400fc14ce272ea07d03c24d2bce CVE-2022-24802,0,0,7f8f65a402c4d4f58f7b6ee1f4148a40bdb5289eb448dad6237f1438534c0018,2022-04-11T18:38:45.323000 CVE-2022-24803,0,0,d07ca9bc80a2fa79fe798076edfb51852a02922c8ba1c3d35fa6c0bc561de28a,2022-04-11T20:15:58.487000 CVE-2022-24804,0,0,1a06e26ac66e3bb8d9c3fe5e9e5ab5315a3e550401c2c97809d5f9ed13ace9a1,2022-04-18T17:01:16.767000 +CVE-2022-24805,1,1,aec901700406115f041ddef6ec6b81ffe17a4f62e56daf05be2f5ba9e201dc31,2024-04-16T20:15:07.600000 +CVE-2022-24806,1,1,df0ae1ae71dd9d2a14070c84b8770688107ca0c3289236fc2751e69c94fffe72,2024-04-16T20:15:08.413000 +CVE-2022-24807,1,1,f46b1b2944ed75e9db20db2755e06ecfdf720c9a9dac0129c51805cf9c9b57f3,2024-04-16T20:15:08.647000 +CVE-2022-24808,1,1,1c36761c8338297c4c3705c10d7c2dabd15d2b38c3eef5859a7fe789d4897542,2024-04-16T20:15:08.840000 +CVE-2022-24809,1,1,29401ccbdfa2c152276df2fd1bdacd0b5aec2438ab277a8f4d801acf2826e696,2024-04-16T20:15:09.033000 CVE-2022-2481,0,0,5bf20cab6a1da71985566d648ea0a0262dcfc0d6302af9a2089ceb3524d0e9de,2023-11-07T03:46:36.830000 +CVE-2022-24810,1,1,c28f516dfad1d20dae633d79ff073ace3700386aff7303d8731ad51214d85912,2024-04-16T20:15:09.227000 CVE-2022-24811,0,0,b29c6815fdcb7719c945862b9595a9493a2e8eb42072aaaa8fe6a63300fa384c,2022-04-19T15:21:45.163000 CVE-2022-24812,0,0,ce008f94aa10997bc97e737f1581229f965621f271cc46721cdafe11260a13fa,2022-09-09T16:42:59.423000 CVE-2022-24813,0,0,21ba8ed56728391b9f4068642fe209902ce9d4668995613066f13664d2737d7c,2023-06-23T19:01:44.610000 @@ -228495,7 +228501,7 @@ CVE-2023-39991,0,0,0340b8efa37bc605092d9c1759b9c813cca0680f0f84b2ea2bf227d0125a7 CVE-2023-39992,0,0,fcaf02bda213dd1f17ad161f01bd711a5d2c373d3063a8bcb7d8975ad8f37032,2023-09-06T22:32:25.333000 CVE-2023-39999,0,0,7f36dc8514fc357e5e6fee23d3ff01e508ba90292e4f9f40fa57c31fd1bfe82c,2024-02-16T17:16:07.967000 CVE-2023-4000,0,0,1005d71e397cb341faeaa4134970e8dfeabc1e1fe3dee59b82c3690ab56614da,2023-11-07T04:22:02.303000 -CVE-2023-40000,1,1,60763858ab1f538f2ea3445af24c8307d31b29f993af7f85d17e9240b8ec33f5,2024-04-16T18:15:10.600000 +CVE-2023-40000,0,0,60763858ab1f538f2ea3445af24c8307d31b29f993af7f85d17e9240b8ec33f5,2024-04-16T18:15:10.600000 CVE-2023-40002,0,0,df96ef52ab4b7398a777e2a5595f079d9584908dd83efc246d0dcd480e04e895,2023-11-28T20:50:44.160000 CVE-2023-40007,0,0,3d365fc27f53117c77aaf78c7b2029831bb830f090bc89a5ba9063d789b28996,2023-09-08T21:27:24.257000 CVE-2023-40008,0,0,b73dbe806c28edbf5665a2cfc6c564be712f9ba5e3900757e8716b96b2d9cb60,2023-10-10T14:54:19.977000 @@ -231600,7 +231606,7 @@ CVE-2023-44997,0,0,81ee87730db4999076f9ba13b533f7ee822bfab430b5bd9758fdc4dc99b35 CVE-2023-44998,0,0,6cc3050d478119a51a717478faad92a6fd89b774c0150f63b5670fdc0d17544a,2023-10-17T18:19:41.770000 CVE-2023-44999,0,0,6be2de0544b798cbaf35c5bfaf5e9581022382b9d93d6ed3c82f778fbc96fd8d,2024-03-27T15:49:41.437000 CVE-2023-4500,0,0,24f457d0034a3558ae1365157ea6510acba5eafde6781b3a97c0b2fce404f3c4,2023-11-07T04:22:40.307000 -CVE-2023-45000,1,1,fc8dd3f687ba5903863afa7504f139eadd3435478e5fd1132dd20fe79aaf7623,2024-04-16T18:15:10.790000 +CVE-2023-45000,0,0,fc8dd3f687ba5903863afa7504f139eadd3435478e5fd1132dd20fe79aaf7623,2024-04-16T18:15:10.790000 CVE-2023-45001,0,0,7ae6d2a6a50d43f250007cb67a905b12b402783a75b5f34158cdfb57c3adcb31,2023-11-10T04:18:01.923000 CVE-2023-45003,0,0,e4a647054cefc57f163934c624babd072f49088fb353601c09d173ca854ba7b2,2023-10-20T18:08:51.807000 CVE-2023-45004,0,0,da8f78cab1b79c77e19940861ccb67ade7e4c226191b777aa1d2ac852f44063b,2023-10-24T17:13:10.327000 @@ -235664,6 +235670,7 @@ CVE-2023-51388,0,0,23d45ab8268f61b603be601097b6403fe4846d03068822a939edea7f32dfb CVE-2023-51389,0,0,1ab7e7a3a71f66a7621faf47f7e371d4af946a67075635b4b3343083855bb6c4,2024-02-22T19:07:27.197000 CVE-2023-5139,0,0,45ab71d0a08a733e36a646ff7244b4f355dd92a60fbfd4d74553b86425e7d813,2024-01-21T01:44:13.437000 CVE-2023-51390,0,0,aec164d1ba230dc6205a9a23a906268daf85aeab87f80c94d3bcd0e722b52384,2024-01-02T16:25:35.387000 +CVE-2023-51391,1,1,7c9b1151b7a2b54a66a978c4556effb333f0223b956d1e47c1f79844725b63d1,2024-04-16T20:15:09.437000 CVE-2023-51392,0,0,67927e656158c46412ae3bb504118fce54b24cfa01ec58a8655578d96aa8e815,2024-02-23T19:31:25.817000 CVE-2023-51393,0,0,134d5dde596b1c0957ff0f344967668816279a31dc85a1621f6b9d383706e3f6,2024-02-26T13:42:22.567000 CVE-2023-51394,0,0,71b2bd989998d21aa0bbb95271be09edc08ce6d20103c2e6bcee8ea1c20c92b8,2024-02-26T13:42:22.567000 @@ -238961,7 +238968,7 @@ CVE-2024-0943,0,0,8615d13ce678f891600523a8b0ee9c2a28f695a4a2f0e6fae10271d035bbc0 CVE-2024-0944,0,0,6d5b4cc4512d7133beda6486c8a61e389ede985b81d7a45a8ff4bd3e6db7337f,2024-04-11T01:24:14.313000 CVE-2024-0945,0,0,acfa867aef6de5f90cd37defae67cb9b2e19e7990c01567c09ada00086ade703,2024-04-11T01:24:14.407000 CVE-2024-0946,0,0,283089fb3fdca4da451ffc3499cb9fbed55c67e9f31132e716a01132ba7c4775,2024-04-11T01:24:14.490000 -CVE-2024-0948,0,1,7970a48163825a944b9c9fd25266b41fa8bda50c2787e9a44a0f18cf8c1c7f2c,2024-04-16T18:15:11.013000 +CVE-2024-0948,0,0,7970a48163825a944b9c9fd25266b41fa8bda50c2787e9a44a0f18cf8c1c7f2c,2024-04-16T18:15:11.013000 CVE-2024-0951,0,0,943e60a265ecc53992d941a81b6f313c111cfeda921581030b0003b8c39af369,2024-03-18T19:40:00.173000 CVE-2024-0952,0,0,6f32644ab0ef2315b1a9443b0a1a75ad72efcd18f9832ac32457ec11d58a6f70,2024-04-10T13:24:00.070000 CVE-2024-0953,0,0,56fda260ffe976a7ef0af83f343a5276bf8287ea78e25bf62da55b0bd2fa66b4,2024-02-09T16:38:45.380000 @@ -240441,7 +240448,7 @@ CVE-2024-21594,0,0,e78a123747e83bf49352997c96ddda43bd5d099d3d39e44bb746f6f4a8421 CVE-2024-21595,0,0,7e3b4ba0763cdce89df3527c01080d2771397fbe88ccc082e192e7e54ade6128,2024-01-18T20:37:57.160000 CVE-2024-21596,0,0,fdd5f969eb5a163c3b72b647f0662316060804632e52fd460429f04bfbe771b4,2024-01-26T01:15:10.873000 CVE-2024-21597,0,0,0c0be1133340914db6b7c339beb6f79249e7d6c481b234afba13bf552af31fb6,2024-01-19T21:04:30.330000 -CVE-2024-21598,0,1,8a4cc2c7294bdc4c0dc3ac761e2a08b5949bcdfe4871f2ee9915c7a43c700fc6,2024-04-16T18:15:12.357000 +CVE-2024-21598,0,0,8a4cc2c7294bdc4c0dc3ac761e2a08b5949bcdfe4871f2ee9915c7a43c700fc6,2024-04-16T18:15:12.357000 CVE-2024-21599,0,0,b6986e58982b522e42c45d11c584d16703553b99d9cc7ed66d50aec3d341a92f,2024-01-19T21:00:23.387000 CVE-2024-21600,0,0,b035659aec3f1f176588ca55009dd933cd41bad7a1bbf5fc58abacea7c8eac27,2024-01-19T22:57:21.587000 CVE-2024-21601,0,0,7af8a486a0225380a453e7f77af784106bd554df30e6e12f1ee8c22d8e6f7668,2024-01-19T22:57:04.600000 @@ -242607,7 +242614,7 @@ CVE-2024-25908,0,0,7ebe84bbb2a09cb3aa50499f551812833cee11c31a88168ddec35ef018574 CVE-2024-25909,0,0,1729ac59cd735cb9e10bf43959a450c2c5b8d4775b01f1386f05e50cd4f058ed,2024-02-26T16:32:25.577000 CVE-2024-2591,0,0,1c1e64e0f8676b005914356be8e0a1ee9646825adcce807d6ef2b5b382c04da1,2024-03-18T19:40:00.173000 CVE-2024-25910,0,0,46915ce767477cde79dec327c420fb80a93ebb8584c8668c193e9ec22215e12b,2024-02-28T14:06:45.783000 -CVE-2024-25911,1,1,fbc19dd5cda6df633b9ac45349346716b22982abe88c98bc009fef8d2a944de7,2024-04-16T19:15:07.267000 +CVE-2024-25911,0,0,fbc19dd5cda6df633b9ac45349346716b22982abe88c98bc009fef8d2a944de7,2024-04-16T19:15:07.267000 CVE-2024-25912,0,0,7630e8eaf6cc6db6843805ce5039a4d1d03a44c94d0a98600a0ccca227d4708f,2024-04-11T12:47:44.137000 CVE-2024-25913,0,0,f836a846f4079f05601564732cb9a5408cfd48a38708177104907308615f96c6,2024-02-26T16:32:25.577000 CVE-2024-25914,0,0,6c21c235c508fdd4e37939a7918e64e3dd4e50979a576bdc305d842a25f11a05,2024-02-13T14:01:07.747000 @@ -244723,6 +244730,8 @@ CVE-2024-30366,0,0,20837e89d03fae3723d55fae431100502ce2f90ed93f7c89739d7faef9644 CVE-2024-30367,0,0,a902af43f2971ddd47d7eebd60d52a9673dc37a2dcdcf1f5ecafc349085ea3e6,2024-04-03T12:38:04.840000 CVE-2024-30370,0,0,0b843daff5c28582cf7b13f2850b1d8c607c4ae5b045b88facad224f99e19e5b,2024-04-03T12:38:04.840000 CVE-2024-30371,0,0,b1d655f20dce1a124d87b962baf334d2a249a3ceff7f094651f12c5849e1f6ee,2024-04-03T12:38:04.840000 +CVE-2024-30378,1,1,3524e222518250e2428d4a601616c1a2478a9f50b285f388143e41f1e94fcad7,2024-04-16T20:15:09.680000 +CVE-2024-30380,1,1,d22ce8e47f38676cbef0815fbbbfe0517e9ee2ed1b8ecf04e6cae00a7093fbc6,2024-04-16T20:15:09.887000 CVE-2024-30381,0,0,d399a050c85328dc8f474cdf37295241252c38141e69670711e7b5cf47e09e2b,2024-04-15T13:15:51.577000 CVE-2024-30382,0,0,fb7e02a893b9131a8de22f030f44d4a5d589909635089d66bd7baedd2093a3ee,2024-04-15T13:15:51.577000 CVE-2024-30384,0,0,952b4115c6e20730244951f3b96aa60ae433c8d08b67714eb6934e6bf4e2552f,2024-04-15T13:15:51.577000 @@ -245249,6 +245258,7 @@ CVE-2024-31433,0,0,86aab503a2e2db574c389b20f71a0148690ff832973b07c2dccd2632bb765 CVE-2024-31434,0,0,14c74969478ba99d5c0b8c391c656499cd1e539c2ab2bf65f71934bc9488b3e2,2024-04-15T13:15:31.997000 CVE-2024-3144,0,0,7dc72f8f095a7cf1cb25c6f0b93af3672d10959c4dac8ef3a8b7a5ba03525aea,2024-04-11T01:25:55.020000 CVE-2024-31442,0,0,bd0c0777ffd79341352bfaf4bac13513052ca764dc9351410c56fde55ac0fa91,2024-04-08T18:48:40.217000 +CVE-2024-31446,1,1,401b62f3afdfc4cc781dfe99d4a5c6abfe1f46e7322870afe10073c6356a7a65,2024-04-16T20:15:10.083000 CVE-2024-31447,0,0,1686ea065902cff688a9e0e72258f816c60304799af9644c7db6f9ae37572786,2024-04-08T18:48:40.217000 CVE-2024-3145,0,0,30d7039ca4630abed1ac79b5e5068d170488eb4a6c9740ed0209e585b5eb2f84,2024-04-11T01:25:55.100000 CVE-2024-31451,0,0,10ad8ce607c3f80bebbdd47fed59e0fb48d83a52aa634e8a43b74ccc86bdeada,2024-04-16T15:15:36.687000 @@ -245483,7 +245493,7 @@ CVE-2024-32451,0,0,35164b93e74a79e2ff8c5d6e259c68545821f296eca514d79c046cda7b805 CVE-2024-32452,0,0,c0f74da2c06d889a0c923e0bfbeb1f18dc0cdb6eff90b5a8f84b2a2f9a289fe1,2024-04-15T13:15:31.997000 CVE-2024-32453,0,0,e2827bd2fe1a55cbd67f5689db0bfcc1b7a1375e77db28dec81ba12c13346b0a,2024-04-15T13:15:31.997000 CVE-2024-32454,0,0,82612665e825c6121646d06374d65bca8862992c0c337ca5fb468894f9c7a05e,2024-04-15T13:15:31.997000 -CVE-2024-32455,1,1,0e906248413ad5f5775b34e19f6dcf7e2835534bdbd10dc8d027649293326297,2024-04-16T19:15:07.470000 +CVE-2024-32455,0,0,0e906248413ad5f5775b34e19f6dcf7e2835534bdbd10dc8d027649293326297,2024-04-16T19:15:07.470000 CVE-2024-3247,0,0,095afc187e8f976bc1a2eaa79a4c0328aa3c3e2487a10203585d8616775f8a4d,2024-04-03T12:38:04.840000 CVE-2024-3248,0,0,65f6d4ddfc43ae235edf2e59fc9daa1f1d020439a4fa197a41a6ddd58e106004,2024-04-03T12:38:04.840000 CVE-2024-32487,0,0,746d95a6c3889a9e0164763739aef81432a5222f159aa33a064a3132dbd4a7ad,2024-04-15T13:15:31.997000 @@ -245653,6 +245663,7 @@ CVE-2024-3619,0,0,e46a3b263395cb61cb97e22d10d38e54d57de91c1d7f1832b85e56c338bf09 CVE-2024-3620,0,0,a7eeb1bc049879e174341aab349252fb94be8452f8b1f4ee171cd19f6ef0b10d,2024-04-11T12:47:44.137000 CVE-2024-3621,0,0,84afe5bfc8ac11b311e81571bedd8fcb4ae60929cf687215eae135d692582687,2024-04-11T12:47:44.137000 CVE-2024-3652,0,0,a467de8b64f8147acdef48edc35752a89afb7d5856e17302ea9c57335ed0f61c,2024-04-11T12:47:44.137000 +CVE-2024-3660,1,1,b5230d9746395c61395ca8f71f02bc6e1e472baecf724e500b941a8e8d7aa854,2024-04-16T21:15:08.603000 CVE-2024-3662,0,0,aac492e0cb08799a7f888c46af5bedb595fa2e9ad6dc15c21be50e9dae70066e,2024-04-15T13:15:31.997000 CVE-2024-3672,0,0,fc59637194f03e01166014d3ffdbdd60026f81fcc60e1be7e1a44771d8c5fa2c,2024-04-16T13:24:07.103000 CVE-2024-3685,0,0,2d04d41485feb8a52bd1142022b18bc3f24805efb219d419e0508c4773991260,2024-04-15T13:15:51.577000 @@ -245727,9 +245738,11 @@ CVE-2024-3871,0,0,1a2cd663b55080229c1ab7b70d6215741fcbf60f8d0800edd920a4744c6da4 CVE-2024-3872,0,0,1b0df76ddcb9ce5edde75b1c572a6253db6bd37bbe91d1899bdf2bd4ba86a63a,2024-04-16T13:24:07.103000 CVE-2024-3873,0,0,6682e5b7f8878bd45db1a964a23ec844eed00a434365ad9da3173d84f4bd0b19,2024-04-16T16:15:09.010000 CVE-2024-3874,0,0,7d274fefd55c259ca4691ab7d08e98fac32e4f916fb82d1c571be55ee10cbc13,2024-04-16T16:15:09.240000 -CVE-2024-3875,1,1,058a3585a4060a4fa5a1cf3650555c0075ec4feddadabad432314a449baa84f9,2024-04-16T18:15:14.397000 -CVE-2024-3876,1,1,8aae6c9327f3fedb7a3c47383352160bb0d571a0fd38bdab1a9e39af27a7a0c3,2024-04-16T18:15:14.623000 -CVE-2024-3877,1,1,0ec4828f3bcee138aa57dfe6930de16d44acd8b51570995be560e0c92197b451,2024-04-16T19:15:07.667000 -CVE-2024-3878,1,1,c0feda0a9e6b7cfd28066ca3c4cf4edbf43f789103afe6c7f587a912949e766b,2024-04-16T19:15:07.920000 -CVE-2024-3879,1,1,833347e5903011c019d09ee7e95131ee5a00cd17fddad3d8aa11035655b7e6cd,2024-04-16T19:15:08.133000 -CVE-2024-3880,1,1,5a7a6f4db00dff5c3cf944034037ee4055705722295b1f2eab6f80c0af610ff6,2024-04-16T19:15:08.357000 +CVE-2024-3875,0,0,058a3585a4060a4fa5a1cf3650555c0075ec4feddadabad432314a449baa84f9,2024-04-16T18:15:14.397000 +CVE-2024-3876,0,0,8aae6c9327f3fedb7a3c47383352160bb0d571a0fd38bdab1a9e39af27a7a0c3,2024-04-16T18:15:14.623000 +CVE-2024-3877,0,0,0ec4828f3bcee138aa57dfe6930de16d44acd8b51570995be560e0c92197b451,2024-04-16T19:15:07.667000 +CVE-2024-3878,0,0,c0feda0a9e6b7cfd28066ca3c4cf4edbf43f789103afe6c7f587a912949e766b,2024-04-16T19:15:07.920000 +CVE-2024-3879,0,0,833347e5903011c019d09ee7e95131ee5a00cd17fddad3d8aa11035655b7e6cd,2024-04-16T19:15:08.133000 +CVE-2024-3880,0,0,5a7a6f4db00dff5c3cf944034037ee4055705722295b1f2eab6f80c0af610ff6,2024-04-16T19:15:08.357000 +CVE-2024-3881,1,1,4ddc4e3ea561031c6715205c61273ffc8581bbc9232da123e00f9a75f47bd9c7,2024-04-16T20:15:10.280000 +CVE-2024-3882,1,1,5f3efd11563ebcf449f90a820706547ed73895ce6fb3de1d770a154ecf391ff5,2024-04-16T20:15:10.523000