diff --git a/CVE-2023/CVE-2023-226xx/CVE-2023-22655.json b/CVE-2023/CVE-2023-226xx/CVE-2023-22655.json new file mode 100644 index 00000000000..7a42d883688 --- /dev/null +++ b/CVE-2023/CVE-2023-226xx/CVE-2023-22655.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-22655", + "sourceIdentifier": "secure@intel.com", + "published": "2024-03-14T17:15:49.930", + "lastModified": "2024-03-14T18:11:35.910", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-693" + } + ] + } + ], + "references": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00960.html", + "source": "secure@intel.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-275xx/CVE-2023-27502.json b/CVE-2023/CVE-2023-275xx/CVE-2023-27502.json new file mode 100644 index 00000000000..69a85fb10f7 --- /dev/null +++ b/CVE-2023/CVE-2023-275xx/CVE-2023-27502.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-27502", + "sourceIdentifier": "secure@intel.com", + "published": "2024-03-14T17:15:50.147", + "lastModified": "2024-03-14T18:11:35.910", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Insertion of sensitive information into log file for some Intel(R) Local Manageability Service software before version 2316.5.1.2 may allow an authenticated user to potentially enable information disclosure via local access." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "references": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html", + "source": "secure@intel.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-283xx/CVE-2023-28389.json b/CVE-2023/CVE-2023-283xx/CVE-2023-28389.json new file mode 100644 index 00000000000..e16abdff7a1 --- /dev/null +++ b/CVE-2023/CVE-2023-283xx/CVE-2023-28389.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-28389", + "sourceIdentifier": "secure@intel.com", + "published": "2024-03-14T17:15:50.333", + "lastModified": "2024-03-14T18:11:35.910", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Incorrect default permissions in some Intel(R) CSME installer software before version 2328.5.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + } + ], + "references": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html", + "source": "secure@intel.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-287xx/CVE-2023-28746.json b/CVE-2023/CVE-2023-287xx/CVE-2023-28746.json new file mode 100644 index 00000000000..a8222cd070a --- /dev/null +++ b/CVE-2023/CVE-2023-287xx/CVE-2023-28746.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-28746", + "sourceIdentifier": "secure@intel.com", + "published": "2024-03-14T17:15:50.533", + "lastModified": "2024-03-14T18:11:35.910", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.0, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-1342" + } + ] + } + ], + "references": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00898.html", + "source": "secure@intel.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32282.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32282.json new file mode 100644 index 00000000000..474a1d57585 --- /dev/null +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32282.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32282", + "sourceIdentifier": "secure@intel.com", + "published": "2024-03-14T17:15:50.740", + "lastModified": "2024-03-14T18:11:35.910", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Race condition in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-367" + } + ] + } + ], + "references": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00929.html", + "source": "secure@intel.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-326xx/CVE-2023-32633.json b/CVE-2023/CVE-2023-326xx/CVE-2023-32633.json new file mode 100644 index 00000000000..488265b9a8b --- /dev/null +++ b/CVE-2023/CVE-2023-326xx/CVE-2023-32633.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32633", + "sourceIdentifier": "secure@intel.com", + "published": "2024-03-14T17:15:50.917", + "lastModified": "2024-03-14T18:11:35.910", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper input validation in the Intel(R) CSME installer software before version 2328.5.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html", + "source": "secure@intel.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-326xx/CVE-2023-32666.json b/CVE-2023/CVE-2023-326xx/CVE-2023-32666.json new file mode 100644 index 00000000000..d28bd564ae4 --- /dev/null +++ b/CVE-2023/CVE-2023-326xx/CVE-2023-32666.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32666", + "sourceIdentifier": "secure@intel.com", + "published": "2024-03-14T17:15:51.140", + "lastModified": "2024-03-14T18:11:35.910", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "On-chip debug and test interface with improper access control in some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-1191" + } + ] + } + ], + "references": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html", + "source": "secure@intel.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35191.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35191.json new file mode 100644 index 00000000000..84e0ca90cd1 --- /dev/null +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35191.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-35191", + "sourceIdentifier": "secure@intel.com", + "published": "2024-03-14T17:15:51.333", + "lastModified": "2024-03-14T18:11:35.910", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Uncontrolled resource consumption for some Intel(R) SPS firmware versions may allow a privileged user to potentially enable denial of service via network access." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], + "references": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html", + "source": "secure@intel.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38575.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38575.json new file mode 100644 index 00000000000..f773dab4f07 --- /dev/null +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38575.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-38575", + "sourceIdentifier": "secure@intel.com", + "published": "2024-03-14T17:15:51.527", + "lastModified": "2024-03-14T18:11:35.910", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-1303" + } + ] + } + ], + "references": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00982.html", + "source": "secure@intel.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-393xx/CVE-2023-39368.json b/CVE-2023/CVE-2023-393xx/CVE-2023-39368.json new file mode 100644 index 00000000000..ffbad081054 --- /dev/null +++ b/CVE-2023/CVE-2023-393xx/CVE-2023-39368.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-39368", + "sourceIdentifier": "secure@intel.com", + "published": "2024-03-14T17:15:51.713", + "lastModified": "2024-03-14T18:11:35.910", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network access." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-693" + } + ] + } + ], + "references": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00972.html", + "source": "secure@intel.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-434xx/CVE-2023-43490.json b/CVE-2023/CVE-2023-434xx/CVE-2023-43490.json new file mode 100644 index 00000000000..a927893a4af --- /dev/null +++ b/CVE-2023/CVE-2023-434xx/CVE-2023-43490.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-43490", + "sourceIdentifier": "secure@intel.com", + "published": "2024-03-14T17:15:51.910", + "lastModified": "2024-03-14T18:11:35.910", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "secure@intel.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-682" + } + ] + } + ], + "references": [ + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01045.html", + "source": "secure@intel.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-501xx/CVE-2023-50168.json b/CVE-2023/CVE-2023-501xx/CVE-2023-50168.json index 84af8c69800..6c9be8efad1 100644 --- a/CVE-2023/CVE-2023-501xx/CVE-2023-50168.json +++ b/CVE-2023/CVE-2023-501xx/CVE-2023-50168.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50168", "sourceIdentifier": "security@pega.com", "published": "2024-03-14T16:15:49.863", - "lastModified": "2024-03-14T16:15:49.863", - "vulnStatus": "Received", + "lastModified": "2024-03-14T18:11:35.910", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-19xx/CVE-2024-1998.json b/CVE-2024/CVE-2024-19xx/CVE-2024-1998.json new file mode 100644 index 00000000000..68f766be767 --- /dev/null +++ b/CVE-2024/CVE-2024-19xx/CVE-2024-1998.json @@ -0,0 +1,15 @@ +{ + "id": "CVE-2024-1998", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-03-14T18:15:07.003", + "lastModified": "2024-03-14T18:15:07.003", + "vulnStatus": "Rejected", + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-1795. Reason: This candidate is a reservation duplicate of CVE-2024-1795. Notes: All CVE users should reference CVE-2024-1795 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-251xx/CVE-2024-25139.json b/CVE-2024/CVE-2024-251xx/CVE-2024-25139.json index b04c384e40c..d1e85b48c49 100644 --- a/CVE-2024/CVE-2024-251xx/CVE-2024-25139.json +++ b/CVE-2024/CVE-2024-251xx/CVE-2024-25139.json @@ -2,8 +2,8 @@ "id": "CVE-2024-25139", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-14T16:15:50.077", - "lastModified": "2024-03-14T16:15:50.077", - "vulnStatus": "Received", + "lastModified": "2024-03-14T18:11:35.910", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-281xx/CVE-2024-28181.json b/CVE-2024/CVE-2024-281xx/CVE-2024-28181.json new file mode 100644 index 00000000000..b5a4326e48a --- /dev/null +++ b/CVE-2024/CVE-2024-281xx/CVE-2024-28181.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-28181", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-03-14T18:15:07.107", + "lastModified": "2024-03-14T18:15:07.107", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": " turbo_boost-commands is a set of commands to help you build robust reactive applications with Rails & Hotwire. TurboBoost Commands has existing protections in place to guarantee that only public methods on Command classes can be invoked; however, the existing checks aren't as robust as they should be. It's possible for a sophisticated attacker to invoke more methods than should be permitted depending on the the strictness of authorization checks that individual applications enforce. Being able to call some of these methods can have security implications. Commands verify that the class must be a `Command` and that the method requested is defined as a public method; however, this isn't robust enough to guard against all unwanted code execution. The library should more strictly enforce which methods are considered safe before allowing them to be executed. This issue has been addressed in versions 0.1.3, and 0.2.2. Users are advised to upgrade. Users unable to upgrade should see the repository GHSA for workaround advice." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/hopsoft/turbo_boost-commands/commit/88af4fc0ac39cc1799d16c49fab52f6dfbcec9ba", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/hopsoft/turbo_boost-commands/security/advisories/GHSA-mp76-7w5v-pr75", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28849.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28849.json new file mode 100644 index 00000000000..479b375c92a --- /dev/null +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28849.json @@ -0,0 +1,71 @@ +{ + "id": "CVE-2024-28849", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-03-14T17:15:52.097", + "lastModified": "2024-03-14T18:11:35.910", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "follow-redirects is an open source, drop-in replacement for Node's `http` and `https` modules that automatically follows redirects. In affected versions follow-redirects only clears authorization header during cross-domain redirect, but keep the proxy-authentication header which contains credentials too. This vulnerability may lead to credentials leak, but has been addressed in version 1.15.6. Users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://fetch.spec.whatwg.org/#authentication-entries", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/follow-redirects/follow-redirects/commit/c4f847f85176991f95ab9c88af63b1294de8649b", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/psf/requests/issues/1885", + "source": "security-advisories@github.com" + }, + { + "url": "https://hackerone.com/reports/2390009", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 377869c5441..e2f37cc5f49 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-03-14T17:00:38.754369+00:00 +2024-03-14T19:00:38.502669+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-03-14T16:15:50.077000+00:00 +2024-03-14T18:15:07.107000+00:00 ``` ### Last Data Feed Release @@ -29,29 +29,35 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -241501 +241515 ``` ### CVEs added in the last Commit -Recently added CVEs: `8` +Recently added CVEs: `14` -* [CVE-2023-50168](CVE-2023/CVE-2023-501xx/CVE-2023-50168.json) (`2024-03-14T16:15:49.863`) -* [CVE-2024-1623](CVE-2024/CVE-2024-16xx/CVE-2024-1623.json) (`2024-03-14T13:15:53.397`) -* [CVE-2024-25139](CVE-2024/CVE-2024-251xx/CVE-2024-25139.json) (`2024-03-14T16:15:50.077`) -* [CVE-2024-25156](CVE-2024/CVE-2024-251xx/CVE-2024-25156.json) (`2024-03-14T14:15:07.857`) -* [CVE-2024-28323](CVE-2024/CVE-2024-283xx/CVE-2024-28323.json) (`2024-03-14T14:15:08.123`) -* [CVE-2024-28383](CVE-2024/CVE-2024-283xx/CVE-2024-28383.json) (`2024-03-14T13:15:53.740`) -* [CVE-2024-28417](CVE-2024/CVE-2024-284xx/CVE-2024-28417.json) (`2024-03-14T13:15:53.790`) -* [CVE-2024-28418](CVE-2024/CVE-2024-284xx/CVE-2024-28418.json) (`2024-03-14T13:15:53.833`) +* [CVE-2023-22655](CVE-2023/CVE-2023-226xx/CVE-2023-22655.json) (`2024-03-14T17:15:49.930`) +* [CVE-2023-27502](CVE-2023/CVE-2023-275xx/CVE-2023-27502.json) (`2024-03-14T17:15:50.147`) +* [CVE-2023-28389](CVE-2023/CVE-2023-283xx/CVE-2023-28389.json) (`2024-03-14T17:15:50.333`) +* [CVE-2023-28746](CVE-2023/CVE-2023-287xx/CVE-2023-28746.json) (`2024-03-14T17:15:50.533`) +* [CVE-2023-32282](CVE-2023/CVE-2023-322xx/CVE-2023-32282.json) (`2024-03-14T17:15:50.740`) +* [CVE-2023-32633](CVE-2023/CVE-2023-326xx/CVE-2023-32633.json) (`2024-03-14T17:15:50.917`) +* [CVE-2023-32666](CVE-2023/CVE-2023-326xx/CVE-2023-32666.json) (`2024-03-14T17:15:51.140`) +* [CVE-2023-35191](CVE-2023/CVE-2023-351xx/CVE-2023-35191.json) (`2024-03-14T17:15:51.333`) +* [CVE-2023-38575](CVE-2023/CVE-2023-385xx/CVE-2023-38575.json) (`2024-03-14T17:15:51.527`) +* [CVE-2023-39368](CVE-2023/CVE-2023-393xx/CVE-2023-39368.json) (`2024-03-14T17:15:51.713`) +* [CVE-2023-43490](CVE-2023/CVE-2023-434xx/CVE-2023-43490.json) (`2024-03-14T17:15:51.910`) +* [CVE-2024-1998](CVE-2024/CVE-2024-19xx/CVE-2024-1998.json) (`2024-03-14T18:15:07.003`) +* [CVE-2024-28181](CVE-2024/CVE-2024-281xx/CVE-2024-28181.json) (`2024-03-14T18:15:07.107`) +* [CVE-2024-28849](CVE-2024/CVE-2024-288xx/CVE-2024-28849.json) (`2024-03-14T17:15:52.097`) ### CVEs modified in the last Commit Recently modified CVEs: `2` -* [CVE-2022-36781](CVE-2022/CVE-2022-367xx/CVE-2022-36781.json) (`2024-03-14T14:15:07.263`) -* [CVE-2023-32783](CVE-2023/CVE-2023-327xx/CVE-2023-32783.json) (`2024-03-14T16:15:49.707`) +* [CVE-2023-50168](CVE-2023/CVE-2023-501xx/CVE-2023-50168.json) (`2024-03-14T18:11:35.910`) +* [CVE-2024-25139](CVE-2024/CVE-2024-251xx/CVE-2024-25139.json) (`2024-03-14T18:11:35.910`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 69d116d72f9..0cf7a80992d 100644 --- a/_state.csv +++ b/_state.csv @@ -202845,7 +202845,7 @@ CVE-2022-36778,0,0,2808d29015b5289e3b647f3b1b255257ea330cee5df0fa694c31f94f8ac2c CVE-2022-36779,0,0,96c28bd066ae17627d3b18480d8acb20ad968de1840ea21ef1f3dc3ffc8f62a9,2022-09-16T02:32:30.730000 CVE-2022-3678,0,0,d845c9706164b866aad6a9e3b09245d354cc8f734e59fec3b713a16cf083e02c,2023-11-07T03:51:37.990000 CVE-2022-36780,0,0,a957faa90e8594a80893ee64901626bb76a5b1700d179ed79d9548c1543a175d,2022-09-16T02:34:22.840000 -CVE-2022-36781,0,1,2409fbc48542117433bbafc5000fdcbd6aa660a79ccb01ed6bffbbda66dd8eb8,2024-03-14T14:15:07.263000 +CVE-2022-36781,0,0,2409fbc48542117433bbafc5000fdcbd6aa660a79ccb01ed6bffbbda66dd8eb8,2024-03-14T14:15:07.263000 CVE-2022-36782,0,0,7fb57b2ac5d1432ef90e63b1809ef4b4795601f5326f52029a89a20fac1a0dc5,2022-09-15T14:48:41.537000 CVE-2022-36783,0,0,2176a2d94b115d1dd00155d8f24e3aced2ad532e423d8153dea264b75d496751,2022-10-27T13:32:08.133000 CVE-2022-36784,0,0,ca9b8696648202ff4c64448113eac0d6115d8322efbec6dc15e02ef9a9fce2d9,2023-10-25T18:17:11.587000 @@ -215618,6 +215618,7 @@ CVE-2023-22651,0,0,71c4ad22d720a14f556cbdbb0dfeae4cea5ba5bc7c522362e29fd79de49a8 CVE-2023-22652,0,0,f9dae7477af266a4991ad7fcc2726fab2cccec9452bb34792392a945c73e6b19,2023-09-13T03:15:07.693000 CVE-2023-22653,0,0,a51dcac8d7628283af317fae95110ee2fc893a6c8b2b6ebf1624613b419371fc,2023-08-02T15:34:59.683000 CVE-2023-22654,0,0,5b1a8feee98010e65bed848785e61db9d7b8c5ab9fbbb79f8736b9741ba8db64,2023-05-30T22:22:43.403000 +CVE-2023-22655,1,1,51900ded8832eb2324f2d36086f3237daae14112befcbe2bab2ea19a2c2fd734,2024-03-14T18:11:35.910000 CVE-2023-22657,0,0,cfce11b504d6ee95538294305b0036182e95fb71bc119a8cd123783becc63ea7,2023-11-07T04:07:12.750000 CVE-2023-22659,0,0,71d1f10cbb6b53df610f190613167a6c75fa7f817c0f72a1094380595ddd5133,2023-07-13T17:17:26.230000 CVE-2023-2266,0,0,21c36958639008dc9b075634492f4955ca2430a255612c0db16c56bae462bdf1,2023-12-06T00:35:24.197000 @@ -219278,6 +219279,7 @@ CVE-2023-27499,0,0,ce3ef12308c64982399e023f649a859285e20cb1b38943d05a735c64ab7a3 CVE-2023-2750,0,0,ead2b79aafb115882b74edc1fe401c5df2c2f93772e52be543bfb3417b082d26,2023-05-31T20:29:42.987000 CVE-2023-27500,0,0,e761be0897c6f128c5d22bdd519d5df5ecbb799975b0b2a56857eb5e1fafa36b,2024-02-01T02:32:09.317000 CVE-2023-27501,0,0,3a48b7718293713515650d58f8bc503e08b5e0af5cdc2bcacc0d2cec24892060,2023-04-11T04:16:06.350000 +CVE-2023-27502,1,1,8e2343a1d7e814d13f786554b3331085de16def8b6f905080017205088f86576,2024-03-14T18:11:35.910000 CVE-2023-27505,0,0,84b7757529ffe0786cc24a50b318ee901867e4e6864f02da12a6e54cc6972fc7,2023-11-07T04:09:58.190000 CVE-2023-27506,0,0,1f012013e1966bce73ebafa99cafd6aacbb0cff3da16432bdf425c6a6a56d0fb,2023-11-07T04:09:58.323000 CVE-2023-27507,0,0,eb5451b311d5ea75dd7125a53961aa13d4ef228bed1c763182fec1f0a812744d,2023-05-30T15:33:26.400000 @@ -220045,6 +220047,7 @@ CVE-2023-28385,0,0,06b2e0ed9ede3db06b155ff85bcef2657f623d70b80aedda427ba62490112 CVE-2023-28386,0,0,5f6dd7d724610b77ac2c1bcfd50d247a5413c4a4eb8d84b38afbc90ddc6f9114,2023-05-27T01:59:16.440000 CVE-2023-28387,0,0,2bb0ab4d4fc306402b016f1f9cdb4868b82a9f603438a8259bb608ec5bf5a3d1,2023-07-07T18:24:25.427000 CVE-2023-28388,0,0,36db410ef1b32b01aabe7d4cd5466d250ac7f27fc8ac045564d2c4c24772a286,2024-01-10T16:30:56.260000 +CVE-2023-28389,1,1,121ae92f8226b4a2957bcb34922a4b942c822aa30192d48d08322bd8190fdfaa,2024-03-14T18:11:35.910000 CVE-2023-2839,0,0,edb09150a8f34d1ed306bf6c484b1a2f2590f2f7df7d63e75a4345c934ac771a,2023-05-27T04:15:25.153000 CVE-2023-28390,0,0,985499e8e05f7b59e3cd4ad36c6e14dc24bad969df6840cdf739006b8a2ce2f8,2023-05-30T16:19:29.097000 CVE-2023-28391,0,0,4283b9ee39c0cb9acc5d9d46f0edd1835c7a124adc48e4b44d9e30ae2799bbd5,2023-11-17T18:25:39.223000 @@ -220385,6 +220388,7 @@ CVE-2023-28742,0,0,11bf10eb7cf86a06a042574721f5b6b130e4648b501c7e1966972cd6beeab CVE-2023-28743,0,0,238bbf9b259df274ba81e67424dffbab46ab9aec9c8d0c6dbba6388c5f5f6634,2024-01-30T15:17:58.250000 CVE-2023-28744,0,0,cb5a4f36306b79a47f1780cb5ccb2cf8f4e1e731e30b27b9339b4dd6e9981cdb,2023-07-26T21:02:26.780000 CVE-2023-28745,0,0,970767670fa87165626793d9cdf3e3c257da5465b4124ca532ef944e6986d546,2024-02-14T15:01:55.963000 +CVE-2023-28746,1,1,f459a789ceb18cd484af4a8be5172c81e61d9c6b9fb7e172e7d41a60dd0f382c,2024-03-14T18:11:35.910000 CVE-2023-28747,0,0,1f8971e91a3c69479baefed61244adab58b4c71337fe087d2b833da8d172bfc7,2023-12-01T03:48:15.443000 CVE-2023-28748,0,0,ed7c6de8a0ffdbec666abde636114e42d7ebd13e048af0d6b7d4fa35920756d2,2023-11-10T04:19:54.407000 CVE-2023-28749,0,0,8c1e27a9f22ac0dd71acbfe984f8107e6c3bc84444315708a6750aea99ae8044,2023-11-27T22:08:00.970000 @@ -222840,6 +222844,7 @@ CVE-2023-32279,0,0,7ca0f3be69d291418a8e235f559e48bffb0eacc8d1adce9490c3d8820b7ed CVE-2023-3228,0,0,eb6409b67a53e6a87ee3b35c6c86c79edf79e7841421507b46731053f0d8a0a3,2023-06-17T03:10:15.150000 CVE-2023-32280,0,0,65c23c31d13fc48d967995bf477468e1d79f1adf33f38fa31fe17e9068c09e69,2024-02-14T15:01:51.137000 CVE-2023-32281,0,0,d199469e0e07df63722d1b0fb9deb26825694a89b7bc3c926712eb33cbe10ec8,2023-06-12T16:38:00.760000 +CVE-2023-32282,1,1,524660a7db415417731b26f40e37e3f473ae132e7d10dd93cba1dd5d340e09c3,2024-03-14T18:11:35.910000 CVE-2023-32283,0,0,616c5b9249425e5481eafd04e1620c9a4a544ecf6b3da0a6220674a9ae5aea3b,2023-11-21T17:54:43.380000 CVE-2023-32284,0,0,88cadcb4c44564a55805cbeda51567e56117f0699d0ad57db2507ae2d4d8a3a7,2023-09-25T18:41:26.133000 CVE-2023-32285,0,0,54094f56f801494f82e889d7f6490e7a0d2bb29d4a710d2f2b203433cfb010a9,2023-11-07T04:14:31.603000 @@ -223183,6 +223188,7 @@ CVE-2023-32628,0,0,541f7cd8854cddced3fbf215ecde920e34f99635d7ae971eebdbb67d9ace0 CVE-2023-32629,0,0,2a9b510613e59b1d0791e7609094d808f41803441654414571345279bd8a52e6,2023-09-11T19:15:42.233000 CVE-2023-3263,0,0,40d9b2be8196618e8ffd2b2daf5e1f9188a2528f6d7a25328a1138e173242c04,2023-08-22T16:24:14.497000 CVE-2023-32632,0,0,e34c3571eff0bd407d8dae7bc7261de893a3ad6909c84ad2b1a0971d12c7b797,2023-10-12T22:26:55.673000 +CVE-2023-32633,1,1,208eb22652d0f65f67e012a88d84b0d0f6310e0295f24f5f835a9d94bd6c7d36,2024-03-14T18:11:35.910000 CVE-2023-32634,0,0,ae13f2ab6f823c11364e754ebc00ed530b5755084b143d030cf791a0dc2ec76a,2023-10-18T18:56:33.150000 CVE-2023-32635,0,0,c8cb8d692af3d56e6e0b096944f9dd2b1b44e20fd09b760641a7283ac2335c77,2023-07-28T13:52:39.963000 CVE-2023-32636,0,0,768a214bce0e4727a42083040ca54f6417ad330660d18a0cc1ad5894f3ee206b,2024-01-12T22:09:56.247000 @@ -223216,6 +223222,7 @@ CVE-2023-32662,0,0,e6ecfd432d8093b5086df379db0b57cdf40d1685dba2c7fabe307bec0ed72 CVE-2023-32663,0,0,3e7ef52ee8898923e5c75493bfae74a9e09e3258bba72eb62046ef7118b9edb7,2023-08-21T17:15:47.183000 CVE-2023-32664,0,0,618bdb4ac369fcb1a95b33a61563548a0e7093584a2b9e9c5666fd90ad48ae60,2023-09-15T19:15:07.340000 CVE-2023-32665,0,0,31f6fbb04d38e24ef8a8bd7c7b632bd8e055665c900cbecbc4c539e406f2b02a,2023-11-27T14:15:07.820000 +CVE-2023-32666,1,1,0b00f08660e37d78e602a5ee0eb683b0ea819394514718b2b63339bddd6e407b,2024-03-14T18:11:35.910000 CVE-2023-32668,0,0,6870504f63fd451347fe0c331096f1e45ff8f6811229f296b8ba61f0b4142f10,2023-05-23T17:31:45.217000 CVE-2023-32669,0,0,0f9d4ef16e2f26deb90011f7c395852feb44144b8263c413043ff4187727c7dd,2023-10-04T21:07:05.703000 CVE-2023-3267,0,0,2d4c8daf423de31384ed6303e8fbed7365844c7d43ecaa98d82b4375b3aba328,2023-08-22T16:15:46.067000 @@ -223315,7 +223322,7 @@ CVE-2023-32767,0,0,2e8304d6fa0a874755ae946980a471108c5436835bd4c3f01791a9fabbd75 CVE-2023-3277,0,0,ab176e8392742b5d2c6e2b3d4545ac4a14419efd20fb4e3e617ff5463b886182,2023-11-13T18:30:53.790000 CVE-2023-32781,0,0,8a9a898934da3c35f75bda97f37c0609a007c36d34109e509a491adbe0d7e555,2024-01-23T17:15:09.217000 CVE-2023-32782,0,0,f816f8eb75a087d10e2d2b07562d3dacea6f28a3c679690c0e2bccf2fdffa927,2023-08-16T12:15:13.717000 -CVE-2023-32783,0,1,4f0005414f692f99d0f8c916c29ef7dba79b8d34f70c7819b8c347dfe48a624f,2024-03-14T16:15:49.707000 +CVE-2023-32783,0,0,4f0005414f692f99d0f8c916c29ef7dba79b8d34f70c7819b8c347dfe48a624f,2024-03-14T16:15:49.707000 CVE-2023-32784,0,0,188df81383c961e5943140e88d45278273c5195ed44ac7e6964466362cd4c11f,2023-05-26T16:25:21.913000 CVE-2023-32785,0,0,25180afa6afc55aa5d906acbb1fce2b7be5af314b10e06d612533979c59e06f0,2023-12-26T18:15:07.743000 CVE-2023-32786,0,0,7dd5757eb1d749e595bdf6c85be6ed5e2da3846f2b48e0d25c7b268c52e953c4,2023-10-27T21:44:28.833000 @@ -224997,6 +225004,7 @@ CVE-2023-35187,0,0,726f3d269c3fc4ab0e4f8bf02f0782a65d9f79c8f65fbe320311a563e2133 CVE-2023-35188,0,0,dc2d51582b0c40a1a991431e82dc96ea83b69d4b6cd75cf2797291ed1d48e8fe,2024-02-13T20:36:01.653000 CVE-2023-35189,0,0,727918a3b8004e51f12292fde6090cd74f994ad6d97365addee6dbdc84715391,2023-07-27T17:43:17.170000 CVE-2023-3519,0,0,7329bec3703bdc39aea3e59a1cc85b2341feb74f79ed91f9be508e94879784da,2023-08-04T18:15:17.077000 +CVE-2023-35191,1,1,ce7a7d62bc18b70f4784dbfb0c011ac6715fdb189d5d45cdfda013568cb7d661,2024-03-14T18:11:35.910000 CVE-2023-35193,0,0,35d999215ee0714de627ba46454d683b144c8672ad7068fc25e9877364a0d4d5,2023-10-18T14:59:29.847000 CVE-2023-35194,0,0,f1422d8c09e7347a9549c0a032c4e17cf30f4016d4503b676ff325c6bb8df1e1,2023-10-18T14:59:10.533000 CVE-2023-3520,0,0,03168a3d34c4551d3f89d5576703d3fa9269c779a40ea50d5fa229233446f0fa,2023-07-12T15:34:13.653000 @@ -227285,6 +227293,7 @@ CVE-2023-38571,0,0,59422f4a140d130cd11989d6215360f540ea5ce2d1940f49a1884661bcc08 CVE-2023-38572,0,0,d548f53924cef1c9fed50ca54f02dd79c795d64a5950d4afb21f0974051e6ecc,2024-01-05T14:15:47.123000 CVE-2023-38573,0,0,473858576dcb468ddb455cbd057d8489cb45e9be3d5a82dde3da1329775f6312,2023-12-01T20:52:57.627000 CVE-2023-38574,0,0,08bf6c6c13d11939e1673419af7685695e023a5a2347b1f23980f2505f1fbcc4,2023-09-11T12:50:00.413000 +CVE-2023-38575,1,1,347e384cbcd4e05465cd08585ad76ba75cfe3d4e1ec35c66fc6ab0e649301186,2024-03-14T18:11:35.910000 CVE-2023-38576,0,0,e3f65d06ff8b2c2a07fff1f05ff5d589b3e7a54d648a7f31143ebbbf046d0139,2023-08-24T18:26:00.547000 CVE-2023-38579,0,0,d675649c63083678f4f6251f8e7bc0f6b675249c8aaa3432eda8a193ed725f0c,2024-02-13T21:56:17.013000 CVE-2023-3858,0,0,28a65d2dd00f0597640296e7ce5d44a9ad975a92cccd9351bfb9718868369c47,2024-02-29T01:40:48.047000 @@ -227865,6 +227874,7 @@ CVE-2023-39363,0,0,3b5e03600cf70b560e94452186ae68035e14537be8e3ab0775f4768bbd4e3 CVE-2023-39364,0,0,0912e57d5cfd34bc2e4e4e2edced8f0b60dbf7166f76bb8617bbffe7593a5908,2023-11-09T05:15:10.093000 CVE-2023-39365,0,0,21bf6fcb85cd83710c44b53d5ed8758363039f7223266aec94530b96b94dfe4a,2023-11-09T05:15:10.213000 CVE-2023-39366,0,0,ec1d63cbca61e10ab8a85d0a3e36a9a8f98189047df6aef06ced93f8760dd051,2023-11-09T05:15:10.317000 +CVE-2023-39368,1,1,88e669aad606fc4894fa8fa8208aac4d6b14c8e50c133f6104e01d74864a5f22,2024-03-14T18:11:35.910000 CVE-2023-39369,0,0,a7133e0339d6578f18ea90b34029606305e458b6c370c69d1e80c0cf5ea43285,2023-09-07T17:44:36.470000 CVE-2023-3937,0,0,816a8fecf88ce14e903f0a8518357bc6a8c385564499d1cc21d7a2f9486d6a58,2023-08-18T14:30:09.183000 CVE-2023-39370,0,0,d8edd93cc537210f9236e7c7d5ca490360b74b59fd87a37c3c0b9a154aa65f18,2023-09-08T06:42:31.750000 @@ -230450,6 +230460,7 @@ CVE-2023-43484,0,0,685a1775bdd32f0468af5131678a5a88401ccecf002cd65cdb57f11bcb9b2 CVE-2023-43485,0,0,56e06eecce10771793782bda7486bdc0abaf33406a8b34746335ac307311004e,2023-10-17T20:31:53.560000 CVE-2023-43488,0,0,73963ff8fac3febe7fcf1226608d7faad6241fb5160a15c4381098ef0daabd52,2023-11-06T14:41:18.393000 CVE-2023-4349,0,0,7bcfa9d15cfc992ac2e945aa6e7aec95ce86c568d8f15fb3ba2380084473c42f,2024-01-31T17:15:14.370000 +CVE-2023-43490,1,1,157fabb366a0360ae3ff26ac8640a9f017e124922c63d1ff06d2f1fcbe8a0fb1,2024-03-14T18:11:35.910000 CVE-2023-43492,0,0,42b5f695dc2a37dd6c1424d01d87bfa34fecc8146eed1f8b9a6b38bb9493ae43,2023-10-30T14:33:25.570000 CVE-2023-43493,0,0,8adb4be7e4d00ab6ac29deee1a8eec611490dc7a45bf7c05ab13586f9fcd691a,2023-09-27T20:51:26.677000 CVE-2023-43494,0,0,a5e1abcb0e0cbdd68150bd25ed5f4171fce3829cb775e04ccec60c9f09070438,2023-09-25T13:43:35.503000 @@ -234679,7 +234690,7 @@ CVE-2023-50164,0,0,f92257f6f7f7144caea76bc759c9f4d42a26f019d14d79f88dd6d866326a5 CVE-2023-50165,0,0,6cc3fb981fe1805594dc6dd7b4769ed740a92c180ccf644bd37d3b7be89a8960,2024-02-06T17:41:39.480000 CVE-2023-50166,0,0,091a42fcab764067f28f78762f0621b913a8024c017fb2ab90a0fe7398a45003,2024-02-06T17:42:52.830000 CVE-2023-50167,0,0,0ed26f19ef15eb97b824e70233aef1b1704a97ac05faac1b78c7409b4a2600f7,2024-03-06T21:42:54.697000 -CVE-2023-50168,1,1,b3512bc877b3c9ae967f0493b8f8f56b8458d56f3beb2b7938d3594ed4ddb367,2024-03-14T16:15:49.863000 +CVE-2023-50168,0,1,ba65ddab693eda19a5abb3bc0e23770a38a7541d8258fa2017b26ae8c40dd1a4,2024-03-14T18:11:35.910000 CVE-2023-5017,0,0,780bf04cd6b1b8e13ac917a171328543d714b59c74fb14dbc6719e0425766344,2024-02-29T01:42:09.187000 CVE-2023-50170,0,0,1933563213fc12fd041d8d7f18f883d0e0fb318fa67f3782d779da0456696efa,2024-02-14T18:15:46.610000 CVE-2023-50172,0,0,6289559683bd5bae430bca31e942a947923f7382e49382dd37c6d6a05599756d,2024-01-18T14:28:59.977000 @@ -238702,7 +238713,7 @@ CVE-2024-1608,0,0,9c8b01b69ae5b4c70260d911aff7b2894c96a989ff451b383a0cacb2ffa6ce CVE-2024-1618,0,0,d4ed9a7b03a6bc2af34446a7f8522f650b18bcab5c93148fbff943d48943d202,2024-03-12T16:02:33.900000 CVE-2024-1619,0,0,3bd1c888593742e1605642ab3506d543678d2b012b17cc6ff867249b1db44054,2024-02-29T13:49:29.390000 CVE-2024-1622,0,0,1d222b911973fd9290c478c0e6d945ad0ee78ccc642760873944d3c008edc991,2024-02-26T16:32:25.577000 -CVE-2024-1623,1,1,74336518ba6901cae439374d392edb30e277a62b6b1e25aec45bf5853748bc8f,2024-03-14T14:21:20.217000 +CVE-2024-1623,0,0,74336518ba6901cae439374d392edb30e277a62b6b1e25aec45bf5853748bc8f,2024-03-14T14:21:20.217000 CVE-2024-1624,0,0,67ec40e5c3fa09b35ea998f014823e4639ce179ca19a19b5112abed94e17b4a2,2024-03-01T22:22:25.913000 CVE-2024-1631,0,0,fc2893d5d84aff0551fae290d2fe3cfb3246f815cc3e85e7be8cb7a443e59ea9,2024-02-22T19:07:37.840000 CVE-2024-1632,0,0,6e1c47780d96ad6fcb59ec0ca790b51a445b7ba6bfe735fc687e801fa4e9fa24,2024-02-28T14:06:45.783000 @@ -238890,6 +238901,7 @@ CVE-2024-1987,0,0,51b6353c7487197fcf85dba32dd0017998b1425a36ba707e32269bf4afb531 CVE-2024-1989,0,0,e603d4bdfbac73448a418c09b573178507e96a797a5be54fa1a78504bbf887da,2024-03-06T15:18:08.093000 CVE-2024-1996,0,0,6df66a0fbd4fb73abd5cd4958b38aa148676375056ace1026758f2dd345915e7,2024-03-13T18:15:58.530000 CVE-2024-1997,0,0,0b3dd4d3dab6ddfdd6d8d42f85a94ba3033320511c0452f126442703735f49d4,2024-03-13T18:15:58.530000 +CVE-2024-1998,1,1,a3342ccc0c3061474cbfc167041184af8112bec2c082d20ac42626a5c675b156,2024-03-14T18:15:07.003000 CVE-2024-2000,0,0,152795edb5374bb36090a67fbb4784adea5d8a58ecdfa58a0b08ea6100ccde61,2024-03-13T18:15:58.530000 CVE-2024-20001,0,0,efbe4e49752ddfea997ebdd6c491b74eca19a99884d44def3e33c77345370bb0,2024-02-09T02:02:13.153000 CVE-2024-20002,0,0,46b6afed42316be97368931c2d39434a4c3b4f4412ec2aa11d0d2b3e3bf7e82f,2024-02-09T02:01:37.090000 @@ -240754,7 +240766,7 @@ CVE-2024-25126,0,0,cf0623ed49c8e216f3c8783e084ee8e3db6ece93672a14f8cc0bd9589b91a CVE-2024-25128,0,0,172c5f0d62603832e5d7859a4a8be0b3217ee5b1e8ffd030ff8a010d7f347059,2024-02-29T13:49:29.390000 CVE-2024-25129,0,0,94b297a9d28866e9e3344e76c82b40cabac4f54bd9e83f1602ef019da71f96a9,2024-02-23T02:42:54.547000 CVE-2024-25130,0,0,9ed6bdd2e0b9e9a9c6f507d6c013b142ff6c3cd551628d5ce4a7cec9082ee81a,2024-02-23T02:42:54.547000 -CVE-2024-25139,1,1,128fa1514f2ed15b2b8c1213c36de1818ad4e8863b8e25c91ba99e40fd2b1595,2024-03-14T16:15:50.077000 +CVE-2024-25139,0,1,434a1a8570432b07a345e2d4d94e9a66656e3c23943681acca2835cd987627db,2024-03-14T18:11:35.910000 CVE-2024-25140,0,0,910924059f66fa65d93f5323847e59d03704b67134867a3ac9eb665a02a38fa2,2024-02-14T00:26:27.847000 CVE-2024-25141,0,0,29fa0c24f25cecd1df32a87cb8d97e893df4f50e0ef569f7fd7f97de363aa71b,2024-02-20T22:15:08.670000 CVE-2024-25143,0,0,ed1d5e0e430dd07199fade8c66d12e89ec5dc7886fca4f2d677be809afcc5ced,2024-02-07T17:04:54.407000 @@ -240770,7 +240782,7 @@ CVE-2024-25152,0,0,d2b7fc6b45886d0a5a3f2cc9660183e19b76bf6d358dba96897768fd1b59e CVE-2024-25153,0,0,775282f725a876087acdba53f461f3baa9801462e99742b8c25ffb741aae37f2,2024-03-13T18:16:18.563000 CVE-2024-25154,0,0,b84502ec820db42f28b9f6ea1f0042ed5789d730803624e1c0314ffec301761d,2024-03-13T18:16:18.563000 CVE-2024-25155,0,0,3ad258ed3247163315d2c712fd67a3b733e9a9a45f799b40a6541fa2f73ed094,2024-03-13T18:16:18.563000 -CVE-2024-25156,1,1,d457d3c4a9930008e5561f93ebe5ea05a93c7a21b356ec6a113e616483229ab2,2024-03-14T14:21:20.217000 +CVE-2024-25156,0,0,d457d3c4a9930008e5561f93ebe5ea05a93c7a21b356ec6a113e616483229ab2,2024-03-14T14:21:20.217000 CVE-2024-25164,0,0,cb09965552a1f390f4064031a22c4e145a720dca523f49b901fb7b90f192d036,2024-03-05T13:41:01.900000 CVE-2024-25165,0,0,416a8b518b9c4a5742bbec94408d835314b2b53d43ae0a8909f15e16fbbd1a92,2024-02-15T06:23:39.303000 CVE-2024-25166,0,0,129a95ebe90cc2b383c4fe37f7a5c2e5cdcb882bd64dbe64af9759fbd5ff754c,2024-02-27T14:20:06.637000 @@ -241432,6 +241444,7 @@ CVE-2024-28174,0,0,fa1674b985861bddf4d0ff5ab075ec0e4328a9665c668bfe339f9f0de580d CVE-2024-28175,0,0,c8f25bff8e97476e2963865ef2e9cf777aae8f2ef724b2ba6f372c990cea8179,2024-03-14T12:52:16.723000 CVE-2024-28176,0,0,5bb6d329167995170bd276a45554624691bdda8cbb6c83c2d08f42eba9f617aa,2024-03-11T01:32:39.697000 CVE-2024-28180,0,0,1e73ce45496cde15ab7710e8895a9f7d4caf4d2dcdb0d6de4d94afa753e9a64b,2024-03-11T01:32:39.697000 +CVE-2024-28181,1,1,9eef168e9b9da4aa84a4cba01a79c67dd2a92582426f82c3a5ad14611a744484,2024-03-14T18:15:07.107000 CVE-2024-28184,0,0,043b0bc7533d0fc96bb6df4be7b21b8477ffe807b0ac6ed0c4b06cf7d8241c3c,2024-03-11T01:32:39.697000 CVE-2024-28186,0,0,bd19020fb98c7e49f4ae9534406a8116ce29f7f2cd9253fb5db74e8880c2331b,2024-03-13T12:33:51.697000 CVE-2024-28187,0,0,ac9aee9b90f5e80eaf35f8c7ff9228de1d46fc7e7981b3ae0d130073676ebc09,2024-03-12T12:40:13.500000 @@ -241457,16 +241470,16 @@ CVE-2024-28236,0,0,ea7d34bffb060eb0191757ceb4c446ee8bfa4166cb7d1e0d8e67e75c651ba CVE-2024-28238,0,0,38219e010007b7fe5426826144cd2eabd2e22d36d31c50aa8471901674b524b3,2024-03-13T12:33:51.697000 CVE-2024-28239,0,0,faccbe471f1ae24e1ff85c8426d7d0f8447bb8e496567a24af19b5962ca5e940,2024-03-13T12:33:51.697000 CVE-2024-28251,0,0,19fc23d56f5d00fa3c69d993b0deb280b2d4a1df9b73eb3d828c9ec8b6104ec4,2024-03-14T12:52:16.723000 -CVE-2024-28323,1,1,50ef03c499763d9e671e8f7abe3ff1d91993b3f242ed25d0b2f15c0783d9b2e2,2024-03-14T14:21:20.217000 +CVE-2024-28323,0,0,50ef03c499763d9e671e8f7abe3ff1d91993b3f242ed25d0b2f15c0783d9b2e2,2024-03-14T14:21:20.217000 CVE-2024-28338,0,0,9985a0b99abb928b9c829cb29ecce6039c07964aad6d9841c1477c6680f4f9b5,2024-03-12T17:46:17.273000 CVE-2024-28339,0,0,06a7f15d55f22a965683bef17c82587bc073ddf9fa5edb33c38c4cd82d5f37f7,2024-03-12T17:46:17.273000 CVE-2024-28340,0,0,89775fa07d73d115a7392603111ecb04f65799be74b8d41063e67ed0eb97d0cf,2024-03-12T17:46:17.273000 -CVE-2024-28383,1,1,4ebb5b688ac785b11132be45898bb9d7934c49dcd0ae78bf745a27cbe4cf3c09,2024-03-14T14:21:20.217000 +CVE-2024-28383,0,0,4ebb5b688ac785b11132be45898bb9d7934c49dcd0ae78bf745a27cbe4cf3c09,2024-03-14T14:21:20.217000 CVE-2024-28388,0,0,f20800f07aee245fbf5408ead00cec9bf5c1f6fde0c58ac0833a4f3740a134d7,2024-03-14T12:52:09.877000 CVE-2024-28390,0,0,c59fe44ce5898e034e8253a1c3bd017a5eae7c1708d584b45d3cdcaf6b6ab3d0,2024-03-14T12:52:09.877000 CVE-2024-28391,0,0,b1444c24f7ecf1ab52e2ae0fbb735e6665eab4acbe77c214aa4859db21cb1963,2024-03-14T12:52:09.877000 -CVE-2024-28417,1,1,af00e2b57e718e054f7e08c6b3b0d384a18688d81735bc5de07f53c08e95bb44,2024-03-14T14:21:20.217000 -CVE-2024-28418,1,1,ae238b712a12df26411e78ac0a02714475617bc52923967f2dcd5f99fed7ae88,2024-03-14T14:21:20.217000 +CVE-2024-28417,0,0,af00e2b57e718e054f7e08c6b3b0d384a18688d81735bc5de07f53c08e95bb44,2024-03-14T14:21:20.217000 +CVE-2024-28418,0,0,ae238b712a12df26411e78ac0a02714475617bc52923967f2dcd5f99fed7ae88,2024-03-14T14:21:20.217000 CVE-2024-28429,0,0,caaa64487b84149266e9e941a72e13f93e6070c94b1fe7355fb56db4eb5b2161,2024-03-13T14:28:45.217000 CVE-2024-28430,0,0,bf34fb49e742ebf9176808c1e05b7467ed1662a29a5c18afe29f976454928e37,2024-03-13T14:28:45.217000 CVE-2024-28431,0,0,148c6be422e12f315897bdd57f5208c74e8137e452c7019eafe29f97f527c418,2024-03-13T14:28:45.217000 @@ -241500,3 +241513,4 @@ CVE-2024-28754,0,0,9281349f951cf3fa92b3f484f1e5f3e3b9f20229dcabe6872ba34e9bebaf3 CVE-2024-28757,0,0,2ea8a9bd701b62a4c7d927e860f5361b09b4376e3bc3bbb014ff5d4ca725cec6,2024-03-11T01:32:29.610000 CVE-2024-28816,0,0,4b9f923b99f4095b32672af0003c81bae1f3b3136774827600fae7accfedcfe3,2024-03-11T12:47:42.653000 CVE-2024-28823,0,0,d5aa89b5cdac6c3847ac374cba2a65b191e57c43dc618aabb1da571ab5b5e9dc,2024-03-11T12:47:42.653000 +CVE-2024-28849,1,1,3fd4e14c66f66b904cf6ec0b520762c4afbd3156d6cd6b7fed8cfe38b4a83639,2024-03-14T18:11:35.910000