From bffba916465a5162a11fa42892c32b8519f8dd68 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 28 Aug 2024 08:03:16 +0000 Subject: [PATCH] Auto-Update: 2024-08-28T08:00:17.672522+00:00 --- CVE-2021/CVE-2021-225xx/CVE-2021-22509.json | 56 ++++++++++++++++++ CVE-2021/CVE-2021-225xx/CVE-2021-22529.json | 56 ++++++++++++++++++ CVE-2021/CVE-2021-225xx/CVE-2021-22530.json | 56 ++++++++++++++++++ CVE-2021/CVE-2021-381xx/CVE-2021-38120.json | 56 ++++++++++++++++++ CVE-2021/CVE-2021-381xx/CVE-2021-38121.json | 56 ++++++++++++++++++ CVE-2021/CVE-2021-381xx/CVE-2021-38122.json | 56 ++++++++++++++++++ CVE-2023/CVE-2023-430xx/CVE-2023-43078.json | 56 ++++++++++++++++++ CVE-2024/CVE-2024-395xx/CVE-2024-39584.json | 56 ++++++++++++++++++ CVE-2024/CVE-2024-397xx/CVE-2024-39771.json | 25 ++++++++ CVE-2024/CVE-2024-453xx/CVE-2024-45346.json | 44 ++++++++++++++ CVE-2024/CVE-2024-45xx/CVE-2024-4554.json | 60 +++++++++++++++++++ CVE-2024/CVE-2024-45xx/CVE-2024-4555.json | 60 +++++++++++++++++++ CVE-2024/CVE-2024-45xx/CVE-2024-4556.json | 60 +++++++++++++++++++ CVE-2024/CVE-2024-63xx/CVE-2024-6311.json | 64 +++++++++++++++++++++ CVE-2024/CVE-2024-63xx/CVE-2024-6312.json | 64 +++++++++++++++++++++ CVE-2024/CVE-2024-74xx/CVE-2024-7401.json | 10 +++- README.md | 28 ++++++--- _state.csv | 21 ++++++- 18 files changed, 871 insertions(+), 13 deletions(-) create mode 100644 CVE-2021/CVE-2021-225xx/CVE-2021-22509.json create mode 100644 CVE-2021/CVE-2021-225xx/CVE-2021-22529.json create mode 100644 CVE-2021/CVE-2021-225xx/CVE-2021-22530.json create mode 100644 CVE-2021/CVE-2021-381xx/CVE-2021-38120.json create mode 100644 CVE-2021/CVE-2021-381xx/CVE-2021-38121.json create mode 100644 CVE-2021/CVE-2021-381xx/CVE-2021-38122.json create mode 100644 CVE-2023/CVE-2023-430xx/CVE-2023-43078.json create mode 100644 CVE-2024/CVE-2024-395xx/CVE-2024-39584.json create mode 100644 CVE-2024/CVE-2024-397xx/CVE-2024-39771.json create mode 100644 CVE-2024/CVE-2024-453xx/CVE-2024-45346.json create mode 100644 CVE-2024/CVE-2024-45xx/CVE-2024-4554.json create mode 100644 CVE-2024/CVE-2024-45xx/CVE-2024-4555.json create mode 100644 CVE-2024/CVE-2024-45xx/CVE-2024-4556.json create mode 100644 CVE-2024/CVE-2024-63xx/CVE-2024-6311.json create mode 100644 CVE-2024/CVE-2024-63xx/CVE-2024-6312.json diff --git a/CVE-2021/CVE-2021-225xx/CVE-2021-22509.json b/CVE-2021/CVE-2021-225xx/CVE-2021-22509.json new file mode 100644 index 00000000000..249d00a3334 --- /dev/null +++ b/CVE-2021/CVE-2021-225xx/CVE-2021-22509.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2021-22509", + "sourceIdentifier": "security@opentext.com", + "published": "2024-08-28T07:15:04.753", + "lastModified": "2024-08-28T07:15:04.753", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability identified in storing and reusing information in Advance Authentication. This issue can lead to leakage of sensitive data to unauthorized user. The issue affects NetIQ Advance Authentication before 6.3.5.1" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.5, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-312" + } + ] + } + ], + "references": [ + { + "url": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html", + "source": "security@opentext.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-225xx/CVE-2021-22529.json b/CVE-2021/CVE-2021-225xx/CVE-2021-22529.json new file mode 100644 index 00000000000..b63ea609d2e --- /dev/null +++ b/CVE-2021/CVE-2021-225xx/CVE-2021-22529.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2021-22529", + "sourceIdentifier": "security@opentext.com", + "published": "2024-08-28T07:15:06.223", + "lastModified": "2024-08-28T07:15:06.223", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server information. This issue affects NetIQ Advance Authentication version before 6.3.5.1" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.3, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html", + "source": "security@opentext.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-225xx/CVE-2021-22530.json b/CVE-2021/CVE-2021-225xx/CVE-2021-22530.json new file mode 100644 index 00000000000..81cd02a73e6 --- /dev/null +++ b/CVE-2021/CVE-2021-225xx/CVE-2021-22530.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2021-22530", + "sourceIdentifier": "security@opentext.com", + "published": "2024-08-28T07:15:06.750", + "lastModified": "2024-08-28T07:15:06.750", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.3, + "impactScore": 5.3 + } + ] + }, + "weaknesses": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "references": [ + { + "url": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html", + "source": "security@opentext.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-381xx/CVE-2021-38120.json b/CVE-2021/CVE-2021-381xx/CVE-2021-38120.json new file mode 100644 index 00000000000..e3a053347f5 --- /dev/null +++ b/CVE-2021/CVE-2021-381xx/CVE-2021-38120.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2021-38120", + "sourceIdentifier": "security@opentext.com", + "published": "2024-08-28T07:15:07.303", + "lastModified": "2024-08-28T07:15:07.303", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper\nhandling in provided\u00a0command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:L", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "references": [ + { + "url": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html", + "source": "security@opentext.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-381xx/CVE-2021-38121.json b/CVE-2021/CVE-2021-381xx/CVE-2021-38121.json new file mode 100644 index 00000000000..624248b608a --- /dev/null +++ b/CVE-2021/CVE-2021-381xx/CVE-2021-38121.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2021-38121", + "sourceIdentifier": "security@opentext.com", + "published": "2024-08-28T07:15:07.807", + "lastModified": "2024-08-28T07:15:07.807", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices.\u00a0 This issue affects NetIQ Advance Authentication versions before 6.3.5.1" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 8.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.7, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-326" + } + ] + } + ], + "references": [ + { + "url": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html", + "source": "security@opentext.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-381xx/CVE-2021-38122.json b/CVE-2021/CVE-2021-381xx/CVE-2021-38122.json new file mode 100644 index 00000000000..23e8cf89f8a --- /dev/null +++ b/CVE-2021/CVE-2021-381xx/CVE-2021-38122.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2021-38122", + "sourceIdentifier": "security@opentext.com", + "published": "2024-08-28T07:15:08.300", + "lastModified": "2024-08-28T07:15:08.300", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication that impacts the server functionality and disclose sensitive information.\nThis issue affects NetIQ Advance Authentication before 6.3.5.1" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.2, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html", + "source": "security@opentext.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-430xx/CVE-2023-43078.json b/CVE-2023/CVE-2023-430xx/CVE-2023-43078.json new file mode 100644 index 00000000000..6fc7b976e6f --- /dev/null +++ b/CVE-2023/CVE-2023-430xx/CVE-2023-43078.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-43078", + "sourceIdentifier": "security_alert@emc.com", + "published": "2024-08-28T06:15:03.930", + "lastModified": "2024-08-28T06:15:03.930", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security_alert@emc.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security_alert@emc.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-59" + } + ] + } + ], + "references": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000217981/dsa-2023-362-security-update-for-dell-dock-firmware-and-dell-client-platform-for-an-improper-link-resolution-vulnerability", + "source": "security_alert@emc.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-395xx/CVE-2024-39584.json b/CVE-2024/CVE-2024-395xx/CVE-2024-39584.json new file mode 100644 index 00000000000..c0423b60204 --- /dev/null +++ b/CVE-2024/CVE-2024-395xx/CVE-2024-39584.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39584", + "sourceIdentifier": "security_alert@emc.com", + "published": "2024-08-28T06:15:05.607", + "lastModified": "2024-08-28T06:15:05.607", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security_alert@emc.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.5, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security_alert@emc.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1392" + } + ] + } + ], + "references": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000227594/dsa-2024-354", + "source": "security_alert@emc.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-397xx/CVE-2024-39771.json b/CVE-2024/CVE-2024-397xx/CVE-2024-39771.json new file mode 100644 index 00000000000..94fda4a4083 --- /dev/null +++ b/CVE-2024/CVE-2024-397xx/CVE-2024-39771.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-39771", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2024-08-28T06:15:06.233", + "lastModified": "2024-08-28T06:15:06.233", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "QBiC CLOUD CC-2L v1.1.30 and earlier and Safie One v1.8.2 and earlier do not properly validate certificates, which may allow a network-adjacent unauthenticated attacker to obtain and/or alter communications of the affected product via a man-in-the-middle attack." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://jvn.jp/en/jp/JVN83440451/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://safie.jp/information/post_6933/", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-453xx/CVE-2024-45346.json b/CVE-2024/CVE-2024-453xx/CVE-2024-45346.json new file mode 100644 index 00000000000..31ab841c845 --- /dev/null +++ b/CVE-2024/CVE-2024-453xx/CVE-2024-45346.json @@ -0,0 +1,44 @@ +{ + "id": "CVE-2024-45346", + "sourceIdentifier": "security@xiaomi.com", + "published": "2024-08-28T07:15:08.823", + "lastModified": "2024-08-28T07:15:08.823", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Xiaomi Security Center expresses heartfelt thanks to Ken Gannon and Ilyes Beghdadi of NCC Group working with Trend Micro Zero Day Initiative! At the same time, we also welcome more outstanding and professional security experts and security teams to join the Mi Security Center (MiSRC) to jointly ensure the safe access of millions of Xiaomi users worldwide Life." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@xiaomi.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://trust.mi.com/misrc/bulletins/advisory?cveId=545", + "source": "security@xiaomi.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-45xx/CVE-2024-4554.json b/CVE-2024/CVE-2024-45xx/CVE-2024-4554.json new file mode 100644 index 00000000000..015a963e387 --- /dev/null +++ b/CVE-2024/CVE-2024-45xx/CVE-2024-4554.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-4554", + "sourceIdentifier": "security@opentext.com", + "published": "2024-08-28T07:15:09.330", + "lastModified": "2024-08-28T07:15:09.330", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack.\u00a0This issue affects NetIQ Access Manager before 5.0.4.1 and 5.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://www.microfocus.com/documentation/access-manager/5.0/accessmanager504-p1-release-notes/accessmanager504-p1-release-notes.html", + "source": "security@opentext.com" + }, + { + "url": "https://www.microfocus.com/documentation/access-manager/5.1/accessmanager51-release-notes/accessmanager51-release-notes.html", + "source": "security@opentext.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-45xx/CVE-2024-4555.json b/CVE-2024/CVE-2024-45xx/CVE-2024-4555.json new file mode 100644 index 00000000000..7f66da18669 --- /dev/null +++ b/CVE-2024/CVE-2024-45xx/CVE-2024-4555.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-4555", + "sourceIdentifier": "security@opentext.com", + "published": "2024-08-28T07:15:09.830", + "lastModified": "2024-08-28T07:15:09.830", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario.\u00a0This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.7, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.3, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "references": [ + { + "url": "https://www.microfocus.com/documentation/access-manager/5.0/accessmanager504-p1-release-notes/accessmanager504-p1-release-notes.html", + "source": "security@opentext.com" + }, + { + "url": "https://www.microfocus.com/documentation/access-manager/5.1/accessmanager51-release-notes/accessmanager51-release-notes.html", + "source": "security@opentext.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-45xx/CVE-2024-4556.json b/CVE-2024/CVE-2024-45xx/CVE-2024-4556.json new file mode 100644 index 00000000000..cf40bac4ea4 --- /dev/null +++ b/CVE-2024/CVE-2024-45xx/CVE-2024-4556.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-4556", + "sourceIdentifier": "security@opentext.com", + "published": "2024-08-28T07:15:10.320", + "lastModified": "2024-08-28T07:15:10.320", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText NetIQ Access Manager allows access the sensitive information.\u00a0This issue affects NetIQ Access Manager before 5.0.4 and before 5.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.5, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://www.microfocus.com/documentation/access-manager/5.0/accessmanager504-p1-release-notes/accessmanager504-p1-release-notes.html", + "source": "security@opentext.com" + }, + { + "url": "https://www.microfocus.com/documentation/access-manager/5.1/accessmanager51-release-notes/accessmanager51-release-notes.html", + "source": "security@opentext.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-63xx/CVE-2024-6311.json b/CVE-2024/CVE-2024-63xx/CVE-2024-6311.json new file mode 100644 index 00000000000..9d2749ae0a4 --- /dev/null +++ b/CVE-2024/CVE-2024-63xx/CVE-2024-6311.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-6311", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-08-28T07:15:10.800", + "lastModified": "2024-08-28T07:15:10.800", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'af2_add_font' function in all versions up to, and including, 3.7.3.2. This makes it possible for authenticated attackers, with administrator-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/funnelforms-free/tags/3.7.3.2/admin/menu_ajax_functions/formularbuilder_fonts.php#L47", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/funnelforms-free/tags/3.7.4.1/admin/menu_ajax_functions/formularbuilder_fonts.php?rev=3141470#L50", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cbd42fc4-ab4a-4053-b765-18272eacd2bc?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-63xx/CVE-2024-6312.json b/CVE-2024/CVE-2024-63xx/CVE-2024-6312.json new file mode 100644 index 00000000000..81d3b8794fc --- /dev/null +++ b/CVE-2024/CVE-2024-63xx/CVE-2024-6312.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-6312", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-08-28T07:15:11.413", + "lastModified": "2024-08-28T07:15:11.413", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 3.7.3.2 via the 'af2DeleteFontFile' function. This is due to the plugin not properly validating a file or its path prior to deleting it. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/funnelforms-free/tags/3.7.3.2/admin/menu_ajax_functions/formularbuilder_fonts.php#L59", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/funnelforms-free/tags/3.7.4.1/admin/menu_ajax_functions/formularbuilder_fonts.php?rev=3141470#L17", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3e815531-f966-44a1-a037-8077a40c83b0?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-74xx/CVE-2024-7401.json b/CVE-2024/CVE-2024-74xx/CVE-2024-7401.json index 99d95689379..4abef46abe8 100644 --- a/CVE-2024/CVE-2024-74xx/CVE-2024-7401.json +++ b/CVE-2024/CVE-2024-74xx/CVE-2024-7401.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7401", "sourceIdentifier": "psirt@netskope.com", "published": "2024-08-26T17:15:06.987", - "lastModified": "2024-08-26T19:10:09.607", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-28T06:15:06.320", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Netskope was notified about a security gap in Netskope Client enrollment process where NSClient is using a static token \u201cOrgkey\u201d as authentication parameter. Since this a static token, if leaked, cannot be rotated or revoked. A malicious actor can use this token to enroll NSClient from a customer\u2019s tenant and impersonate a user." + "value": "Netskope was notified about a security gap in Netskope Client enrollment process where NSClient is using a static token \u201cOrgkey\u201d as authentication parameter. Since this is a static token, if leaked, cannot be rotated or revoked. A malicious actor can use this token to enroll NSClient from a customer\u2019s tenant and impersonate a user." + }, + { + "lang": "es", + "value": "Netskope fue notificado sobre una brecha de seguridad en el proceso de inscripci\u00f3n del Cliente Netskope donde NSClient utiliza un token est\u00e1tico \"Orgkey\" como par\u00e1metro de autenticaci\u00f3n. Dado que este token est\u00e1tico, si se filtra, no se puede rotar ni revocar. Un actor malintencionado puede utilizar este token para inscribir NSClient desde el inquilino de un cliente y hacerse pasar por un usuario." } ], "metrics": { diff --git a/README.md b/README.md index 3bcd2775b21..a89645f7ab6 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-08-28T06:00:18.112106+00:00 +2024-08-28T08:00:17.672522+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-08-28T05:15:13.657000+00:00 +2024-08-28T07:15:11.413000+00:00 ``` ### Last Data Feed Release @@ -33,21 +33,35 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -261344 +261359 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `15` -- [CVE-2023-45896](CVE-2023/CVE-2023-458xx/CVE-2023-45896.json) (`2024-08-28T05:15:13.657`) -- [CVE-2024-6448](CVE-2024/CVE-2024-64xx/CVE-2024-6448.json) (`2024-08-28T04:15:11.320`) +- [CVE-2021-22509](CVE-2021/CVE-2021-225xx/CVE-2021-22509.json) (`2024-08-28T07:15:04.753`) +- [CVE-2021-22529](CVE-2021/CVE-2021-225xx/CVE-2021-22529.json) (`2024-08-28T07:15:06.223`) +- [CVE-2021-22530](CVE-2021/CVE-2021-225xx/CVE-2021-22530.json) (`2024-08-28T07:15:06.750`) +- [CVE-2021-38120](CVE-2021/CVE-2021-381xx/CVE-2021-38120.json) (`2024-08-28T07:15:07.303`) +- [CVE-2021-38121](CVE-2021/CVE-2021-381xx/CVE-2021-38121.json) (`2024-08-28T07:15:07.807`) +- [CVE-2021-38122](CVE-2021/CVE-2021-381xx/CVE-2021-38122.json) (`2024-08-28T07:15:08.300`) +- [CVE-2023-43078](CVE-2023/CVE-2023-430xx/CVE-2023-43078.json) (`2024-08-28T06:15:03.930`) +- [CVE-2024-39584](CVE-2024/CVE-2024-395xx/CVE-2024-39584.json) (`2024-08-28T06:15:05.607`) +- [CVE-2024-39771](CVE-2024/CVE-2024-397xx/CVE-2024-39771.json) (`2024-08-28T06:15:06.233`) +- [CVE-2024-45346](CVE-2024/CVE-2024-453xx/CVE-2024-45346.json) (`2024-08-28T07:15:08.823`) +- [CVE-2024-4554](CVE-2024/CVE-2024-45xx/CVE-2024-4554.json) (`2024-08-28T07:15:09.330`) +- [CVE-2024-4555](CVE-2024/CVE-2024-45xx/CVE-2024-4555.json) (`2024-08-28T07:15:09.830`) +- [CVE-2024-4556](CVE-2024/CVE-2024-45xx/CVE-2024-4556.json) (`2024-08-28T07:15:10.320`) +- [CVE-2024-6311](CVE-2024/CVE-2024-63xx/CVE-2024-6311.json) (`2024-08-28T07:15:10.800`) +- [CVE-2024-6312](CVE-2024/CVE-2024-63xx/CVE-2024-6312.json) (`2024-08-28T07:15:11.413`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `1` +- [CVE-2024-7401](CVE-2024/CVE-2024-74xx/CVE-2024-7401.json) (`2024-08-28T06:15:06.320`) ## Download and Usage diff --git a/_state.csv b/_state.csv index a930fd714b8..dee52af0049 100644 --- a/_state.csv +++ b/_state.csv @@ -168726,6 +168726,7 @@ CVE-2021-22505,0,0,675e854cabcaeacf3b78a58593a856837df3f64f635c2f4dd4c947fa88d2f CVE-2021-22506,0,0,7377ec998ae060ed34b511d8dd7b1645447b5531a985bd6c0ecd5db299ab8c1d,2024-07-26T20:01:47.710000 CVE-2021-22507,0,0,49a8df4354221c1d979c5377b3f9b1248fa19b8c379d04eb8b6a4dc3660b49f5,2023-11-07T03:30:15.790000 CVE-2021-22508,0,0,67652588d6598b9dba62407096c17326f8c4c524d1709ce1b654eeddc41e3e93,2024-05-20T13:00:24.667000 +CVE-2021-22509,1,1,777915d5bf9c3d8b17915f4435269c585118b2eea06d476fc5d7084cb8adc323,2024-08-28T07:15:04.753000 CVE-2021-2251,0,0,4286961cf0137de4568c5f4c5b69bb31850c9f2bab612da4f72c39c76dba0177,2021-04-29T12:58:39.193000 CVE-2021-22510,0,0,dcc596e7382beb136aa69c33e161a613333c65851d59175ffc16ad5915f58f7e,2023-11-07T03:30:16.050000 CVE-2021-22511,0,0,f41f49f6ec16503a60944cca593f738d35701c43b2681c82c497e647c5c624c7,2023-11-07T03:30:16.310000 @@ -168745,7 +168746,9 @@ CVE-2021-22525,0,0,296450ca1e1233adcf3143ac5bdea72d2264725eafb87a4c07a15b7b7e801 CVE-2021-22526,0,0,e31e530327ad3bebc011bfe3d7d9a24dcf8f77efdd622cf1af58a96cf7283010,2023-11-07T03:30:19.707000 CVE-2021-22527,0,0,bc0c2ffc8677e4ec8b64c8e43d2a38fc47ca1cbe2713f899b24a62400ab1a12f,2023-11-07T03:30:19.927000 CVE-2021-22528,0,0,5bf59e7d54e0ee9528364054296e2d9a2de193e1d8cb55d017d3177f24ebff26,2023-11-07T03:30:20.143000 +CVE-2021-22529,1,1,6cab5bf3beb2ca32fd45e3def359c700f5fb2b004a2dbf249003d6f5e00f20ac,2024-08-28T07:15:06.223000 CVE-2021-2253,0,0,9e2be9bb813a2e3899ee4a36c9db4012f6aae0eed717889a70a4a84f203004b0,2021-04-29T12:57:58.230000 +CVE-2021-22530,1,1,19208a11142c069b1909035d2300f806fde61fc2c56d5240845b0120b7887461,2024-08-28T07:15:06.750000 CVE-2021-22531,0,0,2ffef1a3095a1f67c14a48602d93f0c886d38c01b7653274771e69e8e9e12dcb,2023-11-07T03:30:20.380000 CVE-2021-22535,0,0,0cff80698ce8ede7035f297b2f9817048e9d9e9718e7dc9eb83b3305cbb47e07,2023-11-07T03:30:20.670000 CVE-2021-22538,0,0,447322567d97db99dd06b56b17c4818a654489f5f18b93925c9e7c6e4f0028d2,2021-04-06T14:11:52.257000 @@ -180315,6 +180318,9 @@ CVE-2021-38113,0,0,a1fa7ef31580e0e2fae651fffb9fa372b4cee32d23a47ce868d9acaf00240 CVE-2021-38114,0,0,f5bbfabbe38c5644e8cd21108a48b05b9d6c1f858bde8c7bb7493de97f4f5d70,2023-11-07T03:37:13.900000 CVE-2021-38115,0,0,0d4529d2dc20d029bb9ee8663c7b78d5bfa9be575f5879ed777d4526582a3d07,2024-04-07T01:17:53.337000 CVE-2021-3812,0,0,afacf08a6926dd761cd14ea7be38b0c773f7d4e31838aabc34b4a238033af577,2021-09-28T02:32:32.737000 +CVE-2021-38120,1,1,fb46e57911359ffb825e1bb21d7107a469d89260da3a3e002cea46b6ab749961,2024-08-28T07:15:07.303000 +CVE-2021-38121,1,1,c59c4e11408d0135367a0aaa83ef297b545c944426935c18f7dd4fda91a89fdc,2024-08-28T07:15:07.807000 +CVE-2021-38122,1,1,274816fd5ce390640f087d529ebf2c4cb9f45ca35436f76153ac7238c2201a0a,2024-08-28T07:15:08.300000 CVE-2021-38123,0,0,733f1d31597cbc536fab4d2ae9084a85932eb1447339cd96f79697cf7ce2cf3d,2023-11-07T03:37:14.523000 CVE-2021-38124,0,0,f2fcd4839f48ca621d12d11b2f6b8169a58cfe9389901fc30c449c923b2bbef3,2023-11-07T03:37:15.587000 CVE-2021-38125,0,0,cca5fea4853ef2eaacee614aaf6f07a8d197ea57c437239ce440cbbd8a6e3f17,2023-11-07T03:37:16.490000 @@ -232455,6 +232461,7 @@ CVE-2023-43072,0,0,219c44680bf759277ea4c69a6bf018846271d7e56f74b36a7fad93b31f540 CVE-2023-43073,0,0,e697c40808ab95fd13c420bd1b78ac70ad6637796f3acc71be4ec7f8b68cb76e,2023-10-06T17:55:26.480000 CVE-2023-43074,0,0,423707a42672f5259f9309c79a9cfc4fe6b155cc57a03b905f2e7fed655682fb,2023-10-28T03:29:38.597000 CVE-2023-43076,0,0,ae235c36f6c55b4555a6ebe6fbeb61abe2e5ed01d2903954b4d265b61046d0d8,2023-11-09T19:05:13.340000 +CVE-2023-43078,1,1,440905ff5993a5658b54a60c6d28d347857dbdf1e89408f25b0426e35daecf4d,2024-08-28T06:15:03.930000 CVE-2023-43079,0,0,045ae66c129d3b00c4efd0ea04f5ab8b9542c8092e4b729f681d90aeef4463ea,2023-10-20T20:01:50.240000 CVE-2023-4308,0,0,2e985217aefe9f54ecaa61ae64a06b347427536f2232a7aed87da4691ebf08e5,2023-11-07T04:22:26.690000 CVE-2023-43081,0,0,f8079c158546141cf0052ea6928190a507a7635d846c884a2289865895045133,2023-11-27T22:08:21.640000 @@ -234267,7 +234274,7 @@ CVE-2023-4589,0,0,5823a1bbdcd3fd3dad6a9d361ad6771c5169f34ce23ef9e39b305d1aaf66a9 CVE-2023-45892,0,0,31ea99a81b63e5dc5404654e4231556ec48f5c4f723835f37c58ea694f43c518,2024-01-08T19:31:03.043000 CVE-2023-45893,0,0,012ce31fe6e07df7e806e0f22cab292b188d57d4fcd77a1edd037ec55ea25c2a,2024-01-08T19:30:51.917000 CVE-2023-45894,0,0,acbbd0369c677d90271e9d43ae921ffda1b227f19a0c24cf767e01f00c88765f,2023-12-20T16:44:29.960000 -CVE-2023-45896,1,1,5120d4320fcff238bb667d4630420f341125c9428bf28faa9c409e59748c5e45,2024-08-28T05:15:13.657000 +CVE-2023-45896,0,0,5120d4320fcff238bb667d4630420f341125c9428bf28faa9c409e59748c5e45,2024-08-28T05:15:13.657000 CVE-2023-45897,0,0,734daadcbcf83a77d0375bea2b59862190723c5d109c64b97c90f46f832ac6a4,2023-11-21T16:33:02.183000 CVE-2023-45898,0,0,f3261a8736c0c34cdaa65c9211bd18854b9e3c8fbb8c9c8e0fd98bdbf7fab3eb,2024-08-26T16:07:21.753000 CVE-2023-45899,0,0,8ea5b9ddd2874024b78e9d2dcda12439e81d1dbfe77d0f8413dab38e7cc66b6f,2023-11-08T16:54:12.307000 @@ -256276,6 +256283,7 @@ CVE-2024-39571,0,0,5f5a00a374a36754f81b606fe5b7617af673280667e3ded939b747c7e23ff CVE-2024-39573,0,0,66fc7feceb0e35a8b2e536fb0fe145ff47c70fa679791c05a2dafe67c9ad9e6e,2024-07-12T14:15:16.400000 CVE-2024-39576,0,0,b954c37b27403600557da0d261dd953de929a61b04f025c8697cd0d77090d715,2024-08-22T12:48:02.790000 CVE-2024-3958,0,0,6a863b448c805f7bc2ecb55496071d989e4d5758f7f91c3bce9d94ca75a26261,2024-08-08T13:04:18.753000 +CVE-2024-39584,1,1,8f97db95ed53bf483dabe0e820d0e0a89fb14f2e16826832ee95065d16e3f24a,2024-08-28T06:15:05.607000 CVE-2024-3959,0,0,1ce1302f5c536ae0ba1596a30e53c3274b88d91eb780326b1103788329e8cf86,2024-06-28T13:21:52.223000 CVE-2024-39591,0,0,6df5bfa73938e4812212735bad6342100faddf79ce461f960eaa31dba3eab077,2024-08-13T12:58:25.437000 CVE-2024-39592,0,0,092a544949de7319ae89291bc739a96163c6c0d37a46e6cc9f12df6e56b452d2,2024-07-09T18:19:14.047000 @@ -256399,6 +256407,7 @@ CVE-2024-39746,0,0,6375fbb4b5bb9c905c41c7f4d0b9ebb7e249deb4532114f1d7954e0a6335a CVE-2024-39751,0,0,ca850876f5c8fc4ecaaca63a8428279a2bd033ba704cbd228180dbe8f0c1635b,2024-08-06T16:30:24.547000 CVE-2024-39767,0,0,3e2d929a0dec960247b2d08752313be7fe5d03de12cbd71addbfff64b71f8489,2024-07-16T18:04:02.993000 CVE-2024-3977,0,0,e9ddc667440c6dcbe059212d85a4e046d10d5ad7b4b151b497bb4963c631de68,2024-08-01T13:56:47.833000 +CVE-2024-39771,1,1,b9279717c8e3d7954bec96b205b1303b94db6ba1ee3ba2e0b940dafd589e5915,2024-08-28T06:15:06.233000 CVE-2024-39776,0,0,8b39df47cbc8ffd8596fdbf74b3d83a860b8891919acced573331707234996bf,2024-08-23T16:18:28.547000 CVE-2024-39777,0,0,4bc122687c91590f9c335b41e6e79e33e521fd532335f92edd7cb7db8b08fa07,2024-08-23T14:36:48.817000 CVE-2024-39778,0,0,bb2539eb59e56cbeaf6e7ed7999fae0d5792d390eb9e1100733cc6f4b019e4fc,2024-08-19T16:20:52.980000 @@ -258671,6 +258680,7 @@ CVE-2024-4532,0,0,4fd2f02f0358f1c611846b77f1b0e80bcb1985e07f23fa6a21a71cc2559350 CVE-2024-45321,0,0,37b6c3801843cd19376dfc008024087eb46b0d9a726e5ad21af320498cf91f40,2024-08-27T14:35:13.357000 CVE-2024-4533,0,0,aca3a412ead1ce1343d6f498450801be5e059db6302d74881039b5fe75fb6c09,2024-05-28T12:39:28.377000 CVE-2024-4534,0,0,527a3127a7586bdf18d80cd2b5b17fe74ac5ed6a2aa4ee562148173cc1d9d3e9,2024-08-09T19:35:09.923000 +CVE-2024-45346,1,1,b3a45126f654743257f5e476db153013f6edabbcfa0530ecd652a66c2a4258a2,2024-08-28T07:15:08.823000 CVE-2024-4535,0,0,87b4b5e0787ea182ddd9c6fa8e26c59b6c616e4e57e592ee0d6f169678ff9b64,2024-05-28T12:39:28.377000 CVE-2024-4536,0,0,7a5702ddadcf7f48c7c82ca09978f30e343a6d4f259e12cc6fa88068d1723500,2024-05-07T13:39:32.710000 CVE-2024-4537,0,0,2e530ca2c49a8373646367a8e0c1771a783669d0151f9600cf6b8a99b12e73b9,2024-05-07T13:39:32.710000 @@ -258689,6 +258699,9 @@ CVE-2024-4549,0,0,e09f9cdaebb6118867e13a9d3ab643eb98c9f9e356cd137ad04d5c4afde157 CVE-2024-4551,0,0,5eadeaa2a7f21f0b3297f45277617c137a52e984170b931f9145e745d378c040,2024-06-17T12:42:04.623000 CVE-2024-4552,0,0,a910e848f992d4848b5a9057809234cfe8833a167abb01396097dc34db4ca3d3,2024-06-04T16:57:41.053000 CVE-2024-4553,0,0,a1e8f5bd1acd4a97b93bbbe85c146f94099965137fad1ebd49acd106c4b8e00a,2024-05-21T12:37:59.687000 +CVE-2024-4554,1,1,a456aa83770f277b1f62639d7447bd934e4f6dfb0c2914902209d3300336f42b,2024-08-28T07:15:09.330000 +CVE-2024-4555,1,1,e6dbe2379b6d277d6fbf731472b085d23c4b108518dc4257d0755369af3039f3,2024-08-28T07:15:09.830000 +CVE-2024-4556,1,1,ee9b6ec6271de2b8c648e6daa441e734f3c9fc2ef7e871468996350b71b1d33c,2024-08-28T07:15:10.320000 CVE-2024-4557,0,0,66c84ceab02c8adff7c7e309e3c388a17800860cf81ce53b59e1c60dda9ffb15,2024-06-28T13:19:24.767000 CVE-2024-4558,0,0,f33120bad100499bf0c3c5e20b119cff8d6ade1c8324fe8cac904ff1ff2e147b,2024-07-30T02:15:08.293000 CVE-2024-4559,0,0,bf46d9d7302afe42ee4323175537eeb1eb701f6d945f2b96b5e6acc4bfa04589,2024-07-03T02:07:46.003000 @@ -260167,6 +260180,8 @@ CVE-2024-6307,0,0,a6037df0fa8617c9aaeffdc703000fa7423e885d439338f30eb38eb0279e87 CVE-2024-6308,0,0,12cda7fc9db6b7d83d3e1c89cfc2efc823dbf7a87e765e6ea66a01700b6fc7c7,2024-08-23T16:44:39.510000 CVE-2024-6309,0,0,81d9ed106c3d88c28590c6ed22c5b32147121a952907a1333c0b11de5b47c5b3,2024-07-09T18:19:14.047000 CVE-2024-6310,0,0,c979f814f3e48b96dc9635b552e8c56621ee7c90068be27a9e484f3e9730aa89,2024-07-09T18:19:14.047000 +CVE-2024-6311,1,1,0067df69d254449f382b61817ebd77abbfc04f0e536c00de163a29295a3f8707,2024-08-28T07:15:10.800000 +CVE-2024-6312,1,1,1aee5ca145183f23da3395a672d1354aff55ab25ea9e4f756bc7e0368ae6e03c,2024-08-28T07:15:11.413000 CVE-2024-6313,0,0,3f3a1eb3f6568b25e7e4a0a5a221dc14475a69801be2f42305fb08dd6e12247b,2024-07-09T18:19:14.047000 CVE-2024-6314,0,0,d18fb3c15bbc48d64598d0e894895cc32debae6dd1aff2381c9e4370989d88ec,2024-07-09T18:19:14.047000 CVE-2024-6315,0,0,fab08e85f8b8e3173e728e58aba1b4c74bfe4a8ce767294e3e8e784d2124e746,2024-08-06T16:30:24.547000 @@ -260269,7 +260284,7 @@ CVE-2024-6439,0,0,17c8c0dedf84f798cc0f5ae1eb12bcfee8d03a9530b75eee07a6ecb983f8a0 CVE-2024-6440,0,0,2c5be04f311531a7679fd469afc24458b735968d4c5b698cdcf03804f39d3eef,2024-07-02T17:58:15.410000 CVE-2024-6441,0,0,15383e1684ea64dc1d374e71fe60467b8bfc18bde94b0e73415ebe68688c2118,2024-07-02T17:44:45.700000 CVE-2024-6447,0,0,45fe1e3b45bb9052a54143ac6931092e1b37ff897cd56aa11e3df59780bc06cb,2024-07-11T13:05:54.930000 -CVE-2024-6448,1,1,ab80189f89a1d6fd27932b4b105aa1c2dc711489862970e9723405c05b0a5264,2024-08-28T04:15:11.320000 +CVE-2024-6448,0,0,ab80189f89a1d6fd27932b4b105aa1c2dc711489862970e9723405c05b0a5264,2024-08-28T04:15:11.320000 CVE-2024-6451,0,0,6a9c0fb65fad3a5f99e557f5250ddd026fdc81cb51b281650e16075ca1a8cd9e,2024-08-19T17:35:23.417000 CVE-2024-6452,0,0,c694c1bdf54902e69172121aae2a54d0747cfc16750499c01d3cf3c9c6ef3263,2024-07-03T12:53:24.977000 CVE-2024-6453,0,0,997e33861988fe67139dbc94cb45099acca0539b377b12d39324c5c718a66e9d,2024-08-21T14:37:10.103000 @@ -260892,7 +260907,7 @@ CVE-2024-7395,0,0,6b93b6db07480e26c0ae715f45aa50cef676fc9c19ea641f155805eb4429ff CVE-2024-7396,0,0,4ebde91c8a3429e260812e0a142900e161f2137833db297002231fa5cfafb30a,2024-08-06T16:31:05.780000 CVE-2024-7397,0,0,6d2f711820d3e2f3c7573fc7d4d971b3f755ab6406b8b6440f8e39ce24e2f3e7,2024-08-06T16:31:05.780000 CVE-2024-7399,0,0,94de8cab81b119f815fa73c008811f38562f3609d3da13634aecbd720ea861e6,2024-08-13T15:30:52.337000 -CVE-2024-7401,0,0,43172b65113511385038531540e4f5681ab4e7d6c1bacc50995fff42276650a7,2024-08-26T19:10:09.607000 +CVE-2024-7401,0,1,9083ffa03061518a1df9bde16741130e36a2134311b43b7dec2fcdc770c95021,2024-08-28T06:15:06.320000 CVE-2024-7408,0,0,a5191010d29cd8fd3daea07e74870b9bf130ede8610ab518fb24ce3a11a386f4,2024-08-13T16:06:08.213000 CVE-2024-7409,0,0,fe0e27b90db802bc9518336b034685fa4c799cf8d0788ebbf26f89b44bf0ec6f,2024-08-06T16:31:05.780000 CVE-2024-7410,0,0,d4e8b81d7bab3d90baf0746a6fdf1d2e1dd63b1bd2599e20b73bae4467a0729b,2024-08-12T13:41:36.517000