From ba465ed38529c821f1c4ec92523d51bb74b872a7 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 5 Mar 2024 19:00:29 +0000 Subject: [PATCH] Auto-Update: 2024-03-05T19:00:25.615578+00:00 --- CVE-2022/CVE-2022-460xx/CVE-2022-46088.json | 4 +- CVE-2023/CVE-2023-437xx/CVE-2023-43787.json | 6 +- CVE-2024/CVE-2024-13xx/CVE-2024-1369.json | 97 ++++++++++++++- CVE-2024/CVE-2024-13xx/CVE-2024-1372.json | 97 ++++++++++++++- CVE-2024/CVE-2024-213xx/CVE-2024-21352.json | 130 ++++++++++++++++++- CVE-2024/CVE-2024-213xx/CVE-2024-21358.json | 131 +++++++++++++++++++- CVE-2024/CVE-2024-222xx/CVE-2024-22252.json | 43 +++++++ CVE-2024/CVE-2024-222xx/CVE-2024-22253.json | 43 +++++++ CVE-2024/CVE-2024-222xx/CVE-2024-22254.json | 43 +++++++ CVE-2024/CVE-2024-222xx/CVE-2024-22255.json | 43 +++++++ CVE-2024/CVE-2024-225xx/CVE-2024-22545.json | 6 +- CVE-2024/CVE-2024-240xx/CVE-2024-24098.json | 4 +- CVE-2024/CVE-2024-275xx/CVE-2024-27561.json | 20 +++ CVE-2024/CVE-2024-275xx/CVE-2024-27563.json | 20 +++ CVE-2024/CVE-2024-275xx/CVE-2024-27564.json | 20 +++ CVE-2024/CVE-2024-275xx/CVE-2024-27565.json | 20 +++ CVE-2024/CVE-2024-279xx/CVE-2024-27929.json | 55 ++++++++ CVE-2024/CVE-2024-279xx/CVE-2024-27931.json | 55 ++++++++ README.md | 30 +++-- 19 files changed, 834 insertions(+), 33 deletions(-) create mode 100644 CVE-2024/CVE-2024-222xx/CVE-2024-22252.json create mode 100644 CVE-2024/CVE-2024-222xx/CVE-2024-22253.json create mode 100644 CVE-2024/CVE-2024-222xx/CVE-2024-22254.json create mode 100644 CVE-2024/CVE-2024-222xx/CVE-2024-22255.json create mode 100644 CVE-2024/CVE-2024-275xx/CVE-2024-27561.json create mode 100644 CVE-2024/CVE-2024-275xx/CVE-2024-27563.json create mode 100644 CVE-2024/CVE-2024-275xx/CVE-2024-27564.json create mode 100644 CVE-2024/CVE-2024-275xx/CVE-2024-27565.json create mode 100644 CVE-2024/CVE-2024-279xx/CVE-2024-27929.json create mode 100644 CVE-2024/CVE-2024-279xx/CVE-2024-27931.json diff --git a/CVE-2022/CVE-2022-460xx/CVE-2022-46088.json b/CVE-2022/CVE-2022-460xx/CVE-2022-46088.json index 07529419bae..90bc4e13d7a 100644 --- a/CVE-2022/CVE-2022-460xx/CVE-2022-46088.json +++ b/CVE-2022/CVE-2022-460xx/CVE-2022-46088.json @@ -2,8 +2,8 @@ "id": "CVE-2022-46088", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-05T16:15:49.190", - "lastModified": "2024-03-05T16:15:49.190", - "vulnStatus": "Received", + "lastModified": "2024-03-05T18:50:18.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-437xx/CVE-2023-43787.json b/CVE-2023/CVE-2023-437xx/CVE-2023-43787.json index 2f9beaef53e..c93dbedf398 100644 --- a/CVE-2023/CVE-2023-437xx/CVE-2023-43787.json +++ b/CVE-2023/CVE-2023-437xx/CVE-2023-43787.json @@ -2,7 +2,7 @@ "id": "CVE-2023-43787", "sourceIdentifier": "secalert@redhat.com", "published": "2023-10-10T13:15:22.083", - "lastModified": "2024-01-24T21:15:08.493", + "lastModified": "2024-03-05T18:15:47.453", "vulnStatus": "Modified", "descriptions": [ { @@ -153,6 +153,10 @@ "Third Party Advisory" ] }, + { + "url": "https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/", + "source": "secalert@redhat.com" + }, { "url": "https://security.netapp.com/advisory/ntap-20231103-0006/", "source": "secalert@redhat.com" diff --git a/CVE-2024/CVE-2024-13xx/CVE-2024-1369.json b/CVE-2024/CVE-2024-13xx/CVE-2024-1369.json index 5c027560ae9..f2be0b455da 100644 --- a/CVE-2024/CVE-2024-13xx/CVE-2024-1369.json +++ b/CVE-2024/CVE-2024-13xx/CVE-2024-1369.json @@ -2,16 +2,40 @@ "id": "CVE-2024-1369", "sourceIdentifier": "product-cna@github.com", "published": "2024-02-13T19:15:10.023", - "lastModified": "2024-02-13T19:45:42.327", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-05T17:42:45.630", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting the username and password for collectd\u00a0configurations. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported via the GitHub Bug Bounty program https://bounty.github.com .\n" + }, + { + "lang": "es", + "value": "Se identific\u00f3 una vulnerabilidad de inyecci\u00f3n de comandos en GitHub Enterprise Server que permiti\u00f3 a un atacante con una funci\u00f3n de editor en Management Console obtener acceso SSH de administrador al dispositivo al configurar el nombre de usuario y la contrase\u00f1a para las configuraciones recopiladas. La explotaci\u00f3n de esta vulnerabilidad requiri\u00f3 acceso a la instancia de GitHub Enterprise Server y acceso a la Consola de administraci\u00f3n con la funci\u00f3n de editor. Esta vulnerabilidad afect\u00f3 a todas las versiones de GitHub Enterprise Server anteriores a la 3.12 y se solucion\u00f3 en las versiones 3.11.5, 3.10.7, 3.9.10 y 3.8.15. Esta vulnerabilidad se inform\u00f3 a trav\u00e9s del programa GitHub Bug Bounty https://bounty.github.com." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + }, { "source": "product-cna@github.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + }, { "source": "product-cna@github.com", "type": "Secondary", @@ -46,22 +80,73 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.8.15", + "matchCriteriaId": "DC6BA1DD-5194-4738-B23D-07FCEAFFB3DF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.9.0", + "versionEndExcluding": "3.9.10", + "matchCriteriaId": "8C3BDFFD-8A83-4D52-8A6E-B87B8070A046" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.10.0", + "versionEndExcluding": "3.10.7", + "matchCriteriaId": "EB406BB2-7ABF-4A44-830F-7012CDB3D81D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.11.0", + "versionEndExcluding": "3.11.5", + "matchCriteriaId": "0529566C-AC2F-4385-93D7-578230AC453E" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.7", - "source": "product-cna@github.com" + "source": "product-cna@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.5", - "source": "product-cna@github.com" + "source": "product-cna@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.15", - "source": "product-cna@github.com" + "source": "product-cna@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.10", - "source": "product-cna@github.com" + "source": "product-cna@github.com", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-13xx/CVE-2024-1372.json b/CVE-2024/CVE-2024-13xx/CVE-2024-1372.json index 009b70c2bf7..1f0508260c2 100644 --- a/CVE-2024/CVE-2024-13xx/CVE-2024-1372.json +++ b/CVE-2024/CVE-2024-13xx/CVE-2024-1372.json @@ -2,16 +2,40 @@ "id": "CVE-2024-1372", "sourceIdentifier": "product-cna@github.com", "published": "2024-02-13T19:15:10.217", - "lastModified": "2024-02-13T19:45:42.327", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-05T17:12:04.487", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when configuring SAML settings. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported via the GitHub Bug Bounty program https://bounty.github.com .\n" + }, + { + "lang": "es", + "value": "Se identific\u00f3 una vulnerabilidad de inyecci\u00f3n de comandos en GitHub Enterprise Server que permiti\u00f3 a un atacante con una funci\u00f3n de editor en Management Console obtener acceso SSH de administrador al dispositivo al configurar los ajustes de SAML. La explotaci\u00f3n de esta vulnerabilidad requiri\u00f3 acceso a la instancia de GitHub Enterprise Server y acceso a la Consola de administraci\u00f3n con la funci\u00f3n de editor. Esta vulnerabilidad afect\u00f3 a todas las versiones de GitHub Enterprise Server anteriores a la 3.12 y se solucion\u00f3 en las versiones 3.11.5, 3.10.7, 3.9.10 y 3.8.15. Esta vulnerabilidad se inform\u00f3 a trav\u00e9s del programa GitHub Bug Bounty https://bounty.github.com." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + }, { "source": "product-cna@github.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + }, { "source": "product-cna@github.com", "type": "Secondary", @@ -46,22 +80,73 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.8.15", + "matchCriteriaId": "DC6BA1DD-5194-4738-B23D-07FCEAFFB3DF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.9.0", + "versionEndExcluding": "3.9.10", + "matchCriteriaId": "8C3BDFFD-8A83-4D52-8A6E-B87B8070A046" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.10.0", + "versionEndExcluding": "3.10.7", + "matchCriteriaId": "EB406BB2-7ABF-4A44-830F-7012CDB3D81D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.11.0", + "versionEndExcluding": "3.11.5", + "matchCriteriaId": "0529566C-AC2F-4385-93D7-578230AC453E" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.7", - "source": "product-cna@github.com" + "source": "product-cna@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.5", - "source": "product-cna@github.com" + "source": "product-cna@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.15", - "source": "product-cna@github.com" + "source": "product-cna@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.10", - "source": "product-cna@github.com" + "source": "product-cna@github.com", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-213xx/CVE-2024-21352.json b/CVE-2024/CVE-2024-213xx/CVE-2024-21352.json index 05e01e90e30..a51bef69e81 100644 --- a/CVE-2024/CVE-2024-213xx/CVE-2024-21352.json +++ b/CVE-2024/CVE-2024-213xx/CVE-2024-21352.json @@ -2,12 +2,16 @@ "id": "CVE-2024-21352", "sourceIdentifier": "secure@microsoft.com", "published": "2024-02-13T18:15:51.517", - "lastModified": "2024-02-13T18:22:58.333", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-05T18:54:26.843", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability" + }, + { + "lang": "es", + "value": "Proveedor Microsoft WDAC OLE DB para la vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de SQL Server" } ], "metrics": { @@ -34,10 +38,130 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20469", + "matchCriteriaId": "448534CE-1C07-4DF1-8EDD-C43C3492898B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6709", + "matchCriteriaId": "2D282E53-ABBF-4832-9C93-A988586AE96E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5458", + "matchCriteriaId": "A1689DFD-D52D-4121-BFD7-DBF2BE4E7DE8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.4046", + "matchCriteriaId": "C78776CC-3A9C-41A3-8BEB-D71D92F6579D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.4046", + "matchCriteriaId": "806CA6D2-42B2-4244-A5ED-D23E6DD56772" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2777", + "matchCriteriaId": "3F7F8173-9E59-48E4-98C9-4BEB6AE79451" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.3155", + "matchCriteriaId": "84EDBE52-EFE0-4D6D-AA76-698B6F9687D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22631.3155", + "matchCriteriaId": "900D1DA2-6DA7-4681-966A-B9973B1329EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "36559BC0-44D7-48B3-86FF-1BFF0257B5ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6709", + "matchCriteriaId": "14F86494-7001-40DB-A99E-34A9490F5B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5458", + "matchCriteriaId": "A9098F92-79E7-4762-A37C-99B4CFA8CDD1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.2322", + "matchCriteriaId": "5C8F0436-3AFE-48BD-AE92-8F8392DD0A1D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.709", + "matchCriteriaId": "B6FCF1A0-6B8E-457A-AB6A-2DE939B9D18B" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21352", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-213xx/CVE-2024-21358.json b/CVE-2024/CVE-2024-213xx/CVE-2024-21358.json index e6cee6f0e67..0a9fd26c367 100644 --- a/CVE-2024/CVE-2024-213xx/CVE-2024-21358.json +++ b/CVE-2024/CVE-2024-213xx/CVE-2024-21358.json @@ -2,12 +2,16 @@ "id": "CVE-2024-21358", "sourceIdentifier": "secure@microsoft.com", "published": "2024-02-13T18:15:52.533", - "lastModified": "2024-02-13T18:22:58.333", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-05T17:46:08.140", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability" + }, + { + "lang": "es", + "value": "Proveedor Microsoft WDAC OLE DB para la vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de SQL Server" } ], "metrics": { @@ -34,10 +38,131 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20469", + "matchCriteriaId": "448534CE-1C07-4DF1-8EDD-C43C3492898B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6709", + "matchCriteriaId": "2D282E53-ABBF-4832-9C93-A988586AE96E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5458", + "matchCriteriaId": "A1689DFD-D52D-4121-BFD7-DBF2BE4E7DE8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.4046", + "matchCriteriaId": "C78776CC-3A9C-41A3-8BEB-D71D92F6579D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.4046", + "matchCriteriaId": "806CA6D2-42B2-4244-A5ED-D23E6DD56772" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2777", + "matchCriteriaId": "3F7F8173-9E59-48E4-98C9-4BEB6AE79451" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.3155", + "matchCriteriaId": "84EDBE52-EFE0-4D6D-AA76-698B6F9687D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22631.3155", + "matchCriteriaId": "900D1DA2-6DA7-4681-966A-B9973B1329EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "36559BC0-44D7-48B3-86FF-1BFF0257B5ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.2.9200.24710", + "matchCriteriaId": "3B15A766-B6CC-4638-B6E6-BF0F338A059A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6709", + "matchCriteriaId": "14F86494-7001-40DB-A99E-34A9490F5B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5458", + "matchCriteriaId": "A9098F92-79E7-4762-A37C-99B4CFA8CDD1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.2322", + "matchCriteriaId": "5C8F0436-3AFE-48BD-AE92-8F8392DD0A1D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.709", + "matchCriteriaId": "B6FCF1A0-6B8E-457A-AB6A-2DE939B9D18B" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21358", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-222xx/CVE-2024-22252.json b/CVE-2024/CVE-2024-222xx/CVE-2024-22252.json new file mode 100644 index 00000000000..85688fe39b0 --- /dev/null +++ b/CVE-2024/CVE-2024-222xx/CVE-2024-22252.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-22252", + "sourceIdentifier": "security@vmware.com", + "published": "2024-03-05T18:15:47.713", + "lastModified": "2024-03-05T18:50:18.333", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller.\u00a0A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@vmware.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.3, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.5, + "impactScore": 6.0 + } + ] + }, + "references": [ + { + "url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html", + "source": "security@vmware.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-222xx/CVE-2024-22253.json b/CVE-2024/CVE-2024-222xx/CVE-2024-22253.json new file mode 100644 index 00000000000..6254cce4020 --- /dev/null +++ b/CVE-2024/CVE-2024-222xx/CVE-2024-22253.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-22253", + "sourceIdentifier": "security@vmware.com", + "published": "2024-03-05T18:15:47.920", + "lastModified": "2024-03-05T18:50:18.333", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller.\u00a0A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@vmware.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.3, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.5, + "impactScore": 6.0 + } + ] + }, + "references": [ + { + "url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html", + "source": "security@vmware.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-222xx/CVE-2024-22254.json b/CVE-2024/CVE-2024-222xx/CVE-2024-22254.json new file mode 100644 index 00000000000..702f0076066 --- /dev/null +++ b/CVE-2024/CVE-2024-222xx/CVE-2024-22254.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-22254", + "sourceIdentifier": "security@vmware.com", + "published": "2024-03-05T18:15:48.100", + "lastModified": "2024-03-05T18:50:18.333", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "VMware ESXi contains an out-of-bounds write vulnerability.\u00a0A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox.\n\n\n\n\n\n\n\n\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@vmware.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.9, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.5, + "impactScore": 5.8 + } + ] + }, + "references": [ + { + "url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html", + "source": "security@vmware.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-222xx/CVE-2024-22255.json b/CVE-2024/CVE-2024-222xx/CVE-2024-22255.json new file mode 100644 index 00000000000..404c06ef141 --- /dev/null +++ b/CVE-2024/CVE-2024-222xx/CVE-2024-22255.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2024-22255", + "sourceIdentifier": "security@vmware.com", + "published": "2024-03-05T18:15:48.277", + "lastModified": "2024-03-05T18:50:18.333", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller.\u00a0A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.\u00a0\u00a0\n\n\n\n\n\n\n\n\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@vmware.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.5, + "impactScore": 4.0 + } + ] + }, + "references": [ + { + "url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html", + "source": "security@vmware.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-225xx/CVE-2024-22545.json b/CVE-2024/CVE-2024-225xx/CVE-2024-22545.json index 8281c570a7a..242eb538300 100644 --- a/CVE-2024/CVE-2024-225xx/CVE-2024-22545.json +++ b/CVE-2024/CVE-2024-225xx/CVE-2024-22545.json @@ -2,12 +2,12 @@ "id": "CVE-2024-22545", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-26T08:15:42.480", - "lastModified": "2024-02-02T20:38:53.190", - "vulnStatus": "Analyzed", + "lastModified": "2024-03-05T18:15:48.443", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An issue was discovered in TRENDnet TEW-824DRU version 1.04b01, allows local unauthenticated attackers to execute arbitrary code via the system.ntp.server parameter in the sub_420AE0() function." + "value": "An issue was discovered in TRENDnet TEW-824DRU version 1.04b01, allows unauthenticated attackers to execute arbitrary code via the system.ntp.server parameter in the sub_420AE0() function. The attack can be launched remotely." }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-240xx/CVE-2024-24098.json b/CVE-2024/CVE-2024-240xx/CVE-2024-24098.json index 9b0cde03039..ade441f55aa 100644 --- a/CVE-2024/CVE-2024-240xx/CVE-2024-24098.json +++ b/CVE-2024/CVE-2024-240xx/CVE-2024-24098.json @@ -2,8 +2,8 @@ "id": "CVE-2024-24098", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-05T16:15:49.290", - "lastModified": "2024-03-05T16:15:49.290", - "vulnStatus": "Received", + "lastModified": "2024-03-05T18:50:18.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-275xx/CVE-2024-27561.json b/CVE-2024/CVE-2024-275xx/CVE-2024-27561.json new file mode 100644 index 00000000000..fae09a900b9 --- /dev/null +++ b/CVE-2024/CVE-2024-275xx/CVE-2024-27561.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-27561", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-05T17:15:06.887", + "lastModified": "2024-03-05T18:50:18.333", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A Server-Side Request Forgery (SSRF) in the installUpdateThemePluginAction function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the installThemePlugin parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/zer0yu/CVE_Request/blob/master/WonderCMS/wondercms_installUpdateThemePluginAction_plugins.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-275xx/CVE-2024-27563.json b/CVE-2024/CVE-2024-275xx/CVE-2024-27563.json new file mode 100644 index 00000000000..f82785b8c93 --- /dev/null +++ b/CVE-2024/CVE-2024-275xx/CVE-2024-27563.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-27563", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-05T17:15:06.947", + "lastModified": "2024-03-05T18:50:18.333", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A Server-Side Request Forgery (SSRF) in the getFileFromRepo function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the pluginThemeUrl parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/zer0yu/CVE_Request/blob/master/WonderCMS/wondercms_pluginThemeUrl.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-275xx/CVE-2024-27564.json b/CVE-2024/CVE-2024-275xx/CVE-2024-27564.json new file mode 100644 index 00000000000..bca2df64e01 --- /dev/null +++ b/CVE-2024/CVE-2024-275xx/CVE-2024-27564.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-27564", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-05T17:15:06.997", + "lastModified": "2024-03-05T18:50:18.333", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A Server-Side Request Forgery (SSRF) in pictureproxy.php of ChatGPT commit f9f4bbc allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the urlparameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/dirk1983/chatgpt/issues/114", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-275xx/CVE-2024-27565.json b/CVE-2024/CVE-2024-275xx/CVE-2024-27565.json new file mode 100644 index 00000000000..b4e52268fa8 --- /dev/null +++ b/CVE-2024/CVE-2024-275xx/CVE-2024-27565.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-27565", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-05T17:15:07.050", + "lastModified": "2024-03-05T18:50:18.333", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A Server-Side Request Forgery (SSRF) in weixin.php of ChatGPT-wechat-personal commit a0857f6 allows attackers to force the application to make arbitrary requests." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/dirk1983/chatgpt-wechat-personal/issues/4", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27929.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27929.json new file mode 100644 index 00000000000..96d157ab8c1 --- /dev/null +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27929.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-27929", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-03-05T17:15:07.097", + "lastModified": "2024-03-05T18:50:18.333", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "ImageSharp is a managed, cross-platform, 2D graphics library. A heap-use-after-free flaw was found in ImageSharp's InitializeImage() function of PngDecoderCore.cs file. This vulnerability is triggered when an attacker passes a specially crafted PNG image file to ImageSharp for conversion, potentially leading to information disclosure. This issue has been patched in version 3.1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/SixLabors/ImageSharp/security/advisories/GHSA-65x7-c272-7g7r", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27931.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27931.json new file mode 100644 index 00000000000..098d7d6b348 --- /dev/null +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27931.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-27931", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-03-05T17:15:07.310", + "lastModified": "2024-03-05T18:50:18.333", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Insufficient validation of parameters in `Deno.makeTemp*` APIs would allow for creation of files outside of the allowed directories. This may allow the user to overwrite important files on the system that may affect other systems. A user may provide a prefix or suffix to a `Deno.makeTemp*` API containing path traversal characters. This is fixed in Deno 1.41.1.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/denoland/deno/security/advisories/GHSA-hrqr-jv8w-v9jh", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 1661b4bda9f..7ce25425c07 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-03-05T17:00:27.092116+00:00 +2024-03-05T19:00:25.615578+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-03-05T16:15:49.290000+00:00 +2024-03-05T18:54:26.843000+00:00 ``` ### Last Data Feed Release @@ -29,21 +29,37 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -240566 +240576 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `10` -* [CVE-2022-46088](CVE-2022/CVE-2022-460xx/CVE-2022-46088.json) (`2024-03-05T16:15:49.190`) -* [CVE-2024-24098](CVE-2024/CVE-2024-240xx/CVE-2024-24098.json) (`2024-03-05T16:15:49.290`) +* [CVE-2024-27561](CVE-2024/CVE-2024-275xx/CVE-2024-27561.json) (`2024-03-05T17:15:06.887`) +* [CVE-2024-27563](CVE-2024/CVE-2024-275xx/CVE-2024-27563.json) (`2024-03-05T17:15:06.947`) +* [CVE-2024-27564](CVE-2024/CVE-2024-275xx/CVE-2024-27564.json) (`2024-03-05T17:15:06.997`) +* [CVE-2024-27565](CVE-2024/CVE-2024-275xx/CVE-2024-27565.json) (`2024-03-05T17:15:07.050`) +* [CVE-2024-27929](CVE-2024/CVE-2024-279xx/CVE-2024-27929.json) (`2024-03-05T17:15:07.097`) +* [CVE-2024-27931](CVE-2024/CVE-2024-279xx/CVE-2024-27931.json) (`2024-03-05T17:15:07.310`) +* [CVE-2024-22252](CVE-2024/CVE-2024-222xx/CVE-2024-22252.json) (`2024-03-05T18:15:47.713`) +* [CVE-2024-22253](CVE-2024/CVE-2024-222xx/CVE-2024-22253.json) (`2024-03-05T18:15:47.920`) +* [CVE-2024-22254](CVE-2024/CVE-2024-222xx/CVE-2024-22254.json) (`2024-03-05T18:15:48.100`) +* [CVE-2024-22255](CVE-2024/CVE-2024-222xx/CVE-2024-22255.json) (`2024-03-05T18:15:48.277`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `8` +* [CVE-2022-46088](CVE-2022/CVE-2022-460xx/CVE-2022-46088.json) (`2024-03-05T18:50:18.333`) +* [CVE-2023-43787](CVE-2023/CVE-2023-437xx/CVE-2023-43787.json) (`2024-03-05T18:15:47.453`) +* [CVE-2024-1372](CVE-2024/CVE-2024-13xx/CVE-2024-1372.json) (`2024-03-05T17:12:04.487`) +* [CVE-2024-1369](CVE-2024/CVE-2024-13xx/CVE-2024-1369.json) (`2024-03-05T17:42:45.630`) +* [CVE-2024-21358](CVE-2024/CVE-2024-213xx/CVE-2024-21358.json) (`2024-03-05T17:46:08.140`) +* [CVE-2024-22545](CVE-2024/CVE-2024-225xx/CVE-2024-22545.json) (`2024-03-05T18:15:48.443`) +* [CVE-2024-24098](CVE-2024/CVE-2024-240xx/CVE-2024-24098.json) (`2024-03-05T18:50:18.333`) +* [CVE-2024-21352](CVE-2024/CVE-2024-213xx/CVE-2024-21352.json) (`2024-03-05T18:54:26.843`) ## Download and Usage