diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6022.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6022.json index fc398336c2f..5ef9ad771e5 100644 --- a/CVE-2023/CVE-2023-60xx/CVE-2023-6022.json +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6022.json @@ -2,12 +2,12 @@ "id": "CVE-2023-6022", "sourceIdentifier": "security@huntr.dev", "published": "2023-11-16T17:15:09.200", - "lastModified": "2023-11-30T13:15:10.103", + "lastModified": "2024-05-15T11:15:46.040", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An attacker is able to steal secrets and potentially gain remote code execution via CSRF using the open source Prefect web server's API." + "value": "Cross-Site Request Forgery (CSRF) in GitHub repository prefecthq/prefect prior to 2.16.5." }, { "lang": "es", @@ -35,13 +35,15 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 - }, + } + ], + "cvssMetricV30": [ { "source": "security@huntr.dev", "type": "Secondary", "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -88,6 +90,10 @@ } ], "references": [ + { + "url": "https://github.com/prefecthq/prefect/commit/227dfcc7e3374c212a4bcd68b14e090b1c02d9d3", + "source": "security@huntr.dev" + }, { "url": "https://huntr.com/bounties/dab47d99-551c-4355-9ab1-c99cb90235af", "source": "security@huntr.dev", diff --git a/CVE-2024/CVE-2024-302xx/CVE-2024-30284.json b/CVE-2024/CVE-2024-302xx/CVE-2024-30284.json new file mode 100644 index 00000000000..7cf911aef8f --- /dev/null +++ b/CVE-2024/CVE-2024-302xx/CVE-2024-30284.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-30284", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-05-15T10:15:08.313", + "lastModified": "2024-05-15T10:15:08.313", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30310.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30310.json new file mode 100644 index 00000000000..a395ac50165 --- /dev/null +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30310.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-30310", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-05-15T10:15:10.093", + "lastModified": "2024-05-15T10:15:10.093", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30311.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30311.json new file mode 100644 index 00000000000..a4503247715 --- /dev/null +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30311.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-30311", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-05-15T10:15:10.640", + "lastModified": "2024-05-15T10:15:10.640", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-303xx/CVE-2024-30312.json b/CVE-2024/CVE-2024-303xx/CVE-2024-30312.json new file mode 100644 index 00000000000..de916ae7520 --- /dev/null +++ b/CVE-2024/CVE-2024-303xx/CVE-2024-30312.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-30312", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-05-15T10:15:11.087", + "lastModified": "2024-05-15T10:15:11.087", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-340xx/CVE-2024-34094.json b/CVE-2024/CVE-2024-340xx/CVE-2024-34094.json new file mode 100644 index 00000000000..f7e5a14b3e2 --- /dev/null +++ b/CVE-2024/CVE-2024-340xx/CVE-2024-34094.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-34094", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-05-15T10:15:11.433", + "lastModified": "2024-05-15T10:15:11.433", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-340xx/CVE-2024-34095.json b/CVE-2024/CVE-2024-340xx/CVE-2024-34095.json new file mode 100644 index 00000000000..920901bc602 --- /dev/null +++ b/CVE-2024/CVE-2024-340xx/CVE-2024-34095.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-34095", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-05-15T10:15:11.847", + "lastModified": "2024-05-15T10:15:11.847", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-340xx/CVE-2024-34096.json b/CVE-2024/CVE-2024-340xx/CVE-2024-34096.json new file mode 100644 index 00000000000..045da62074a --- /dev/null +++ b/CVE-2024/CVE-2024-340xx/CVE-2024-34096.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-34096", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-05-15T10:15:12.303", + "lastModified": "2024-05-15T10:15:12.303", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-340xx/CVE-2024-34097.json b/CVE-2024/CVE-2024-340xx/CVE-2024-34097.json new file mode 100644 index 00000000000..c1797ff4812 --- /dev/null +++ b/CVE-2024/CVE-2024-340xx/CVE-2024-34097.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-34097", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-05-15T10:15:12.740", + "lastModified": "2024-05-15T10:15:12.740", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-340xx/CVE-2024-34098.json b/CVE-2024/CVE-2024-340xx/CVE-2024-34098.json new file mode 100644 index 00000000000..e69c6556d47 --- /dev/null +++ b/CVE-2024/CVE-2024-340xx/CVE-2024-34098.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-34098", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-05-15T10:15:13.133", + "lastModified": "2024-05-15T10:15:13.133", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-340xx/CVE-2024-34099.json b/CVE-2024/CVE-2024-340xx/CVE-2024-34099.json new file mode 100644 index 00000000000..66af530cffb --- /dev/null +++ b/CVE-2024/CVE-2024-340xx/CVE-2024-34099.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-34099", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-05-15T10:15:13.997", + "lastModified": "2024-05-15T10:15:13.997", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-341xx/CVE-2024-34100.json b/CVE-2024/CVE-2024-341xx/CVE-2024-34100.json new file mode 100644 index 00000000000..2a5a82b2a24 --- /dev/null +++ b/CVE-2024/CVE-2024-341xx/CVE-2024-34100.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-34100", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-05-15T10:15:14.393", + "lastModified": "2024-05-15T10:15:14.393", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-341xx/CVE-2024-34101.json b/CVE-2024/CVE-2024-341xx/CVE-2024-34101.json new file mode 100644 index 00000000000..e2f4f129a5b --- /dev/null +++ b/CVE-2024/CVE-2024-341xx/CVE-2024-34101.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-34101", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-05-15T10:15:14.827", + "lastModified": "2024-05-15T10:15:14.827", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 7ef9c8ee89d..f290e44a1f8 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-05-15T10:01:11.213771+00:00 +2024-05-15T12:00:31.985967+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-05-15T09:15:10.133000+00:00 +2024-05-15T11:15:46.040000+00:00 ``` ### Last Data Feed Release @@ -33,22 +33,32 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -249955 +249967 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `12` -- [CVE-2024-4010](CVE-2024/CVE-2024-40xx/CVE-2024-4010.json) (`2024-05-15T09:15:10.133`) +- [CVE-2024-30284](CVE-2024/CVE-2024-302xx/CVE-2024-30284.json) (`2024-05-15T10:15:08.313`) +- [CVE-2024-30310](CVE-2024/CVE-2024-303xx/CVE-2024-30310.json) (`2024-05-15T10:15:10.093`) +- [CVE-2024-30311](CVE-2024/CVE-2024-303xx/CVE-2024-30311.json) (`2024-05-15T10:15:10.640`) +- [CVE-2024-30312](CVE-2024/CVE-2024-303xx/CVE-2024-30312.json) (`2024-05-15T10:15:11.087`) +- [CVE-2024-34094](CVE-2024/CVE-2024-340xx/CVE-2024-34094.json) (`2024-05-15T10:15:11.433`) +- [CVE-2024-34095](CVE-2024/CVE-2024-340xx/CVE-2024-34095.json) (`2024-05-15T10:15:11.847`) +- [CVE-2024-34096](CVE-2024/CVE-2024-340xx/CVE-2024-34096.json) (`2024-05-15T10:15:12.303`) +- [CVE-2024-34097](CVE-2024/CVE-2024-340xx/CVE-2024-34097.json) (`2024-05-15T10:15:12.740`) +- [CVE-2024-34098](CVE-2024/CVE-2024-340xx/CVE-2024-34098.json) (`2024-05-15T10:15:13.133`) +- [CVE-2024-34099](CVE-2024/CVE-2024-340xx/CVE-2024-34099.json) (`2024-05-15T10:15:13.997`) +- [CVE-2024-34100](CVE-2024/CVE-2024-341xx/CVE-2024-34100.json) (`2024-05-15T10:15:14.393`) +- [CVE-2024-34101](CVE-2024/CVE-2024-341xx/CVE-2024-34101.json) (`2024-05-15T10:15:14.827`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `1` -- [CVE-2023-50236](CVE-2023/CVE-2023-502xx/CVE-2023-50236.json) (`2024-05-15T08:15:08.960`) -- [CVE-2024-23813](CVE-2024/CVE-2024-238xx/CVE-2024-23813.json) (`2024-05-15T08:15:10.587`) +- [CVE-2023-6022](CVE-2023/CVE-2023-60xx/CVE-2023-6022.json) (`2024-05-15T11:15:46.040`) ## Download and Usage diff --git a/_state.csv b/_state.csv index f8711989870..a2095b2dde1 100644 --- a/_state.csv +++ b/_state.csv @@ -236079,7 +236079,7 @@ CVE-2023-50232,0,0,121c747156b828c5fa1b46ca5bc32c90f956dde0e2a58cd605d10f40b3db0 CVE-2023-50233,0,0,b78609742e0f2f28c0d20a9f01a3025a3d74afcc84015bd692a7bd902e47cde7,2024-05-03T12:48:41.067000 CVE-2023-50234,0,0,34879917d77735cb709dd5cf4e2dc1a880a8e42fb2c03ed7e54ab6aee874b96d,2024-05-03T12:48:41.067000 CVE-2023-50235,0,0,2898a8d8b9820b4b30273b2a7b7a493d28a5c0203f1186de63a56bcb89255a23,2024-05-03T12:48:41.067000 -CVE-2023-50236,0,1,edc68c5e15a12b128eacbb1e47de53200421bba3b688b99fca6704aa07a019ca,2024-05-15T08:15:08.960000 +CVE-2023-50236,0,0,edc68c5e15a12b128eacbb1e47de53200421bba3b688b99fca6704aa07a019ca,2024-05-15T08:15:08.960000 CVE-2023-5024,0,0,8e4add8560dfad0fd592936d849b51126fffe866f797b9bf0ff421ee35abccbf,2024-05-14T14:23:39.970000 CVE-2023-50241,0,0,cb6ea0c539af061e121d50db536df839f4f28a81636f344882c80f8398fe2f49,2024-02-14T18:15:46.677000 CVE-2023-50245,0,0,ae70f9a22f5f2e0c6bc03868f1726d51ceccb05493f8fa8af6bb1280d29aa953,2023-12-14T17:57:33.607000 @@ -238363,7 +238363,7 @@ CVE-2023-6018,0,0,1f18b8de61bc6ae06a9f1a70edccee8980a16c3392f0168a647385eede76a7 CVE-2023-6019,0,0,1b0cf3846925e5cc1dbeeb5b2fb545f517a933a30cbe1db23c2d8b7036db5ad9,2023-12-06T21:15:08.467000 CVE-2023-6020,0,0,c5b979db11c96d70f2fb4c728678b447381e9e768003d4c9e2fe065f6a1f455f,2024-02-08T10:15:09.797000 CVE-2023-6021,0,0,16c98d713ada3df3a760fac5f34aab1dd2eb41ffe79f086315cd4d5089d3684a,2023-12-06T21:15:08.647000 -CVE-2023-6022,0,0,aad06cc8de42757f6f26bdb2fbdd1c64c893ea65ad6a1c075e0b418d79f931c7,2023-11-30T13:15:10.103000 +CVE-2023-6022,0,1,76b8ee0a83206d584b1f37ec952aa0be39ecba05e630828c933b88a45d62772a,2024-05-15T11:15:46.040000 CVE-2023-6023,0,0,ddafde48c295d34caeccb353f1308de5837fb4b219cc65dbf4cc6b34fc13534c,2023-11-28T19:15:56.937000 CVE-2023-6026,0,0,99eaefb13eab36b4df5364acf133959a538ec4c8c3188341458cee758e57fee1,2023-12-06T02:36:45.597000 CVE-2023-6027,0,0,1b77c3b0fa7942c8dbbdbd497f07e97a96b6877fec82e9b0e8cc4ac3f836e92e,2023-12-06T02:26:53.783000 @@ -243144,7 +243144,7 @@ CVE-2024-23809,0,0,e4465b9152c477fa0b8b9ba353cffba5c3ae3843ad0f849fa715a6b77d4c4 CVE-2024-23810,0,0,fcc523095813c9aa174bae9d5d18aa598f3c0429a0b756712e53ba2ee896842a,2024-02-13T14:01:00.987000 CVE-2024-23811,0,0,626bc7786e498ad37af14e3917801ad7d39c61c22419a48d031d889eeb5a7ea3,2024-02-13T14:01:00.987000 CVE-2024-23812,0,0,33a1b186208ff08c53ff4ffae26bc7a3ad9f21f666e95388037d51e55c6fc5f0,2024-02-13T14:01:00.987000 -CVE-2024-23813,0,1,f2b3ac8b64ca3747706db7f7f08d02b201350be9151c023cac3b2d7ba926c82a,2024-05-15T08:15:10.587000 +CVE-2024-23813,0,0,f2b3ac8b64ca3747706db7f7f08d02b201350be9151c023cac3b2d7ba926c82a,2024-05-15T08:15:10.587000 CVE-2024-23816,0,0,d90e5d8a8add5ddfd05a35b38827bbf40e25d6527af0702c0c8e1c123914cf80,2024-02-13T14:01:00.987000 CVE-2024-23817,0,0,a70426b20150e0a7b98c4c327bfe7d7342f724a77b354818b56d50a9014ba9a4,2024-05-09T15:23:24.053000 CVE-2024-23818,0,0,ec61f7c15bd208662757981a2767d65d7e7465d4099687f165e151a10e577bad,2024-03-21T12:58:51.093000 @@ -246955,6 +246955,7 @@ CVE-2024-30271,0,0,7934d49c76a773104fea3a055c8dca49939c18c3dc4eab227ecf5b491d166 CVE-2024-30272,0,0,fe18d25a398b5738660bb343d4a7fb499e0a8c129d952f35b1144eb8f7e44fa0,2024-04-12T12:44:04.930000 CVE-2024-30273,0,0,430d9deac2ea84fb25615ee056f7341da6ab62ae3551a67df5079d8156e28185,2024-04-12T12:44:04.930000 CVE-2024-3028,0,0,080bb069f1a2cade59952c14793e39c6c54825fa436573f5b60987254afab568,2024-04-16T13:24:07.103000 +CVE-2024-30284,1,1,35d31a55e7178d0ef66bd390e789056411e7b70252f4123a5a61bc2cb45e7597,2024-05-15T10:15:08.313000 CVE-2024-3029,0,0,54e489ae31021cd62a123b17a985eef09bd69f22c945608ba51d64fcde83450f,2024-04-16T13:24:07.103000 CVE-2024-3030,0,0,88c29228ef56d61e184f00d5d8d99ea5dd9800435eeb42a07f389309c9f00688,2024-04-04T12:48:41.700000 CVE-2024-30301,0,0,34b23729cd9edf28be4c2d988192584b2980a0ec70b16064c51311fdd3e3b57c,2024-05-03T12:50:34.250000 @@ -246963,6 +246964,9 @@ CVE-2024-30303,0,0,6f33b81c4af944bbf96dcd2699ecddcaedfa18b6645e1843afc4e3d8d61b0 CVE-2024-30304,0,0,c008b216bc83741e9c3f86a48d2f036636f57f601f0be3b09d08b9238e3b8d69,2024-05-03T12:50:34.250000 CVE-2024-30305,0,0,f9170aedfcb56d495924dc338c4bff877992c1a111fc2374df14a2f13d9685ae,2024-05-03T12:50:34.250000 CVE-2024-30306,0,0,3d0be5fa22f6a17837661930cea95c4e979049e02e29ef28995e28fef468bf8e,2024-05-03T12:50:34.250000 +CVE-2024-30310,1,1,eb158a7e62595885f5021b7c20ed7f80822507fa2c5d04a302c6a46ab68f36b0,2024-05-15T10:15:10.093000 +CVE-2024-30311,1,1,71b6e2602687d0675addcc55b2431ec9603f4d9b849e4ef1a72de27acf18bf42,2024-05-15T10:15:10.640000 +CVE-2024-30312,1,1,69953fa13d2a91a24a0ff355544a5c1e1389cbf8a2a8a212da6700fe7c342d02,2024-05-15T10:15:11.087000 CVE-2024-30322,0,0,82127178dd2c4390457a625b1b802dc21960ed844c23f33ac3f61e8d8c162a4f,2024-04-03T17:24:18.150000 CVE-2024-30323,0,0,4ba71c995b9c718766f72cb8f425ef56f31d70d4141fb317ff1b84d1d4bea62f,2024-04-03T17:24:18.150000 CVE-2024-30324,0,0,b34850e80ab56aec12159793bc4cf321b46343aaa9dfe2615612dc24168ff93e,2024-04-03T17:24:18.150000 @@ -248893,6 +248897,14 @@ CVE-2024-34090,0,0,73f27f58371a8666265526d07222810acdb885707b1b55123938a5e253903 CVE-2024-34091,0,0,70a30dbd3192646aee95560e088991088bfd360be9272880b76f6d0c49ad6fc3,2024-05-06T19:53:38.797000 CVE-2024-34092,0,0,079ea99bb21d4c1a138d545f7e5e5abbd38b83ad27446c874b351279df34c3ee,2024-05-06T19:53:38.797000 CVE-2024-34093,0,0,a0f074d00436b49ca53556630e0d0ac1028fcb54a8c44a292fda62eb4d8b7b7c,2024-05-06T19:53:38.797000 +CVE-2024-34094,1,1,4ee57a51695ec5fe27e4a9e282d49852d1de480549e3073786dea7de331fca13,2024-05-15T10:15:11.433000 +CVE-2024-34095,1,1,52cceb06bdde3e10cd623c28d10ca65453e48679bfbdd1c5ad1238c896edcc28,2024-05-15T10:15:11.847000 +CVE-2024-34096,1,1,33fb4142e5a446af3fd4a297d4255959412a2dff85b13b74df24a81c395c0a08,2024-05-15T10:15:12.303000 +CVE-2024-34097,1,1,596cb369596a689ab627c9ce08ef2e104aa328d9857c942957bd1fe8809dd575,2024-05-15T10:15:12.740000 +CVE-2024-34098,1,1,528b352141a32d7e2f05cc84d2bf0525b23b5965bd28a7bbbd4a48bd81686df5,2024-05-15T10:15:13.133000 +CVE-2024-34099,1,1,f2ed23b4a077d449fe35c7faf3c0928a6d640184b1b8540d44c1323b076f8aa3,2024-05-15T10:15:13.997000 +CVE-2024-34100,1,1,a5b876a02f40e5b6869ea96db5e4495246697d8f35a6e4e7f0ad20b3e38237ac,2024-05-15T10:15:14.393000 +CVE-2024-34101,1,1,d41a939220b5e33c6a283252c7c85a3892629e2819c87fce820ced3ae07c2448,2024-05-15T10:15:14.827000 CVE-2024-3411,0,0,1527ccef7805d20e12db1e61173246b27470986be341d9b24d7b20f806f94433,2024-04-30T19:35:36.960000 CVE-2024-3413,0,0,8df9edda77a29d759520ec151c1de561865d6f5b033a8805b093f3cff4c018a6,2024-05-14T15:40:52.120000 CVE-2024-3414,0,0,7c1cc48be95711821345a71d160c9c7a41121cec5756203ccdb016b750acef98,2024-05-14T15:40:52.380000 @@ -249528,7 +249540,7 @@ CVE-2024-3994,0,0,292539249e741e7003c555a5d4fa2182b15a01b393fb04fa15e675750c0190 CVE-2024-4000,0,0,63e68b686bb1abbdcd2ddeab613f2e83d1883c904c164f21a1076ada49583fc9,2024-05-02T18:00:37.360000 CVE-2024-4003,0,0,9b9be828f15a04db891b79e7c6ebf75d000360176e249e61f2acbb014741196d,2024-05-02T18:00:37.360000 CVE-2024-4006,0,0,cea97555ee62217aaca46943155964ba917aa17a210befae3806ab46c6606005,2024-04-25T17:25:05.903000 -CVE-2024-4010,1,1,426a390801ded4a48ae460fe4d9fa2bcea442db43b43c1d5ca40350996338849,2024-05-15T09:15:10.133000 +CVE-2024-4010,0,0,426a390801ded4a48ae460fe4d9fa2bcea442db43b43c1d5ca40350996338849,2024-05-15T09:15:10.133000 CVE-2024-4014,0,0,321273114f78ac117c4f7a805b62a62926b23a5461c74b2705504b7b2e21d158,2024-04-22T13:28:43.747000 CVE-2024-4017,0,0,9cc899b07e49c20d1d42511c9c41a533c695fd74b1701843b26490566c6e33e3,2024-04-22T13:28:50.310000 CVE-2024-4018,0,0,b534838241485b84911a40a305fab0f06a9a1281f09d3d1140d27d7f52b1a84d,2024-04-22T13:28:50.310000