admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-09-30T16:00:18.308986+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-09-30 16:03:16 +00:00
parent 36a9e3482b
commit c6a6a3dc44
45 changed files with 5967 additions and 559 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2021/CVE-2021-267xx/CVE-2021-26731.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2021-26731",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2022-10-24T14:15:48.300",
"lastModified": "2023-02-03T15:08:45.870",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-30T15:15:04.407",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserb_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0."
"value": "Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserb_func function of spx_restservice allow an authenticated attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0."
},
{
"lang": "es",

67
CVE-2021/CVE-2021-389xx/CVE-2021-38963.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-38963",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-09-25T01:15:26.607",
"lastModified": "2024-09-26T13:32:55.343",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T15:48:54.707",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,7 +18,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
@ -51,10 +71,49 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.4.0",
"versionEndExcluding": "3.4.5",
"matchCriteriaId": "4A39132E-F4C4-406A-970B-31B9DB9699F7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7169765",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2021/CVE-2021-444xx/CVE-2021-44467.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2021-44467",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2022-10-24T14:15:49.677",
"lastModified": "2023-02-03T15:03:07.933",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-30T15:15:04.563",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A broken access control vulnerability in the KillDupUsr_func function of spx_restservice allows an attacker to arbitrarily terminate active sessions of other users, causing a Denial-of-Service (DoS) condition. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0."
"value": "A broken access control vulnerability in the KillDupUsr_func function of spx_restservice allows an attacker to arbitrarily terminate active sessions of other users, causing a Denial-of-Service (DoS) condition, if an input parameter is correctly guessed. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0."
},
{
"lang": "es",

79
CVE-2022/CVE-2022-438xx/CVE-2022-43845.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43845",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-09-25T01:15:32.757",
"lastModified": "2024-09-26T13:32:55.343",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T15:53:01.643",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
@ -41,8 +61,18 @@
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,10 +81,49 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.4.0",
"versionEndExcluding": "3.4.5",
"matchCriteriaId": "4A39132E-F4C4-406A-970B-31B9DB9699F7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7169766",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

14
CVE-2023/CVE-2023-25xx/CVE-2023-2538.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2538",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2023-07-05T13:15:09.540",
"lastModified": "2023-07-12T14:25:30.003",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-30T15:15:04.730",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -38,19 +38,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseScore": 5.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"exploitabilityScore": 1.6,
"impactScore": 3.7
}
]

71
CVE-2023/CVE-2023-53xx/CVE-2023-5359.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5359",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-25T01:15:39.730",
"lastModified": "2024-09-26T13:32:02.803",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T14:19:15.970",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
@ -41,8 +61,18 @@
},
"weaknesses": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,18 +81,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:boldgrid:w3_total_cache:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.7.6",
"matchCriteriaId": "E67A0E45-1E2E-4ECA-8B03-AB56A64CA1A5"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/w3-total-cache/trunk/PageSpeed_Api.php#L39",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3156426/w3-total-cache/tags/2.7.6/PageSpeed_Api.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2d89a534-978e-4fd8-be3a-5137bdc22dc9?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-239xx/CVE-2024-23922.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23922",
"sourceIdentifier": "cve@asrg.io",
"published": "2024-09-23T15:15:13.010",
"lastModified": "2024-09-26T13:32:55.343",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T15:37:28.453",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
},
{
"source": "cve@asrg.io",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-345"
}
]
},
{
"source": "cve@asrg.io",
"type": "Secondary",
@ -51,14 +81,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sony:xav-ax5500_firmware:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC0D8B1-D9DE-41F5-B90E-F16DE90ADB1C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sony:xav-ax5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "254C0419-B574-4C27-B3C6-F5E8D4955205"
}
]
}
]
}
],
"references": [
{
"url": "https://www.sony.com/electronics/support/mobile-cd-players-digital-media-players-xav-series/xav-ax5500/software/00274156",
"source": "cve@asrg.io"
"source": "cve@asrg.io",
"tags": [
"Patch"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-874/",
"source": "cve@asrg.io"
"source": "cve@asrg.io",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

74
CVE-2024/CVE-2024-239xx/CVE-2024-23972.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23972",
"sourceIdentifier": "cve@asrg.io",
"published": "2024-09-23T15:15:13.703",
"lastModified": "2024-09-26T13:32:55.343",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T15:37:30.903",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
},
{
"source": "cve@asrg.io",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "cve@asrg.io",
"type": "Secondary",
@ -51,14 +81,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sony:xav-ax5500_firmware:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC0D8B1-D9DE-41F5-B90E-F16DE90ADB1C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sony:xav-ax5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "254C0419-B574-4C27-B3C6-F5E8D4955205"
}
]
}
]
}
],
"references": [
{
"url": "https://www.sony.com/electronics/support/mobile-cd-players-digital-media-players-xav-series/xav-ax5500/software/00274156",
"source": "cve@asrg.io"
"source": "cve@asrg.io",
"tags": [
"Patch"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-876/",
"source": "cve@asrg.io"
"source": "cve@asrg.io",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

12
CVE-2024/CVE-2024-270xx/CVE-2024-27017.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27017",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-01T06:15:20.483",
"lastModified": "2024-05-23T19:36:40.587",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-30T15:15:05.080",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -123,12 +123,20 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/52735a010f37580b3a569a996f878fdd87425650",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/721715655c72640567e8742567520c99801148ed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f24d8abc2bb8cbf31ec713336e402eafa8f42f60",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

6
CVE-2024/CVE-2024-30xx/CVE-2024-3082.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-3082",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-07-31T14:15:07.157",
"lastModified": "2024-08-12T18:36:54.220",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-30T15:15:05.573",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A \u201cCWE-256: Plaintext Storage of a Password\u201d affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext."
"value": "A \u201cCWE-256: Plaintext Storage of a Password\u201d affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext unless specific security measures at other layers (e.g., full-disk encryption) have been enabled."
},
{
"lang": "es",

18
CVE-2024/CVE-2024-30xx/CVE-2024-3083.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3083",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-07-31T14:15:07.433",
"lastModified": "2024-08-12T18:35:54.460",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-30T14:15:03.317",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -42,20 +42,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H",
"attackVector": "LOCAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
"baseScore": 8.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 4.7
"exploitabilityScore": 2.8,
"impactScore": 5.5
}
]
},

12
CVE-2024/CVE-2024-311xx/CVE-2024-31199.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31199",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-07-31T14:15:03.420",
"lastModified": "2024-08-12T18:21:54.667",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-30T14:15:03.093",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -42,8 +42,8 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:H",
"attackVector": "LOCAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
@ -51,10 +51,10 @@
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"exploitabilityScore": 2.8,
"impactScore": 5.3
}
]

12
CVE-2024/CVE-2024-312xx/CVE-2024-31202.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31202",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-07-31T14:15:05.127",
"lastModified": "2024-08-12T18:41:35.003",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-30T15:15:05.190",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -42,19 +42,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]

14
CVE-2024/CVE-2024-312xx/CVE-2024-31203.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31203",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-07-31T14:15:05.760",
"lastModified": "2024-08-12T18:39:58.740",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-30T15:15:05.390",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -42,19 +42,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.0,
"baseSeverity": "MEDIUM"
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.5,
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]

1171
CVE-2024/CVE-2024-382xx/CVE-2024-38267.json
View File

File diff suppressed because it is too large Load Diff

1171
CVE-2024/CVE-2024-382xx/CVE-2024-38268.json
View File

File diff suppressed because it is too large Load Diff

1171
CVE-2024/CVE-2024-382xx/CVE-2024-38269.json
View File

File diff suppressed because it is too large Load Diff

62
CVE-2024/CVE-2024-383xx/CVE-2024-38324.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38324",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-09-25T01:15:40.493",
"lastModified": "2024-09-26T13:32:02.803",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T14:10:18.597",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
@ -41,8 +61,18 @@
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,10 +81,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:storage_defender:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.0.8",
"matchCriteriaId": "C8CB2BC3-353A-43AF-83D7-EA9A62CE7A7B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7168640",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

14
CVE-2024/CVE-2024-410xx/CVE-2024-41016.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-41016",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-29T07:15:06.293",
"lastModified": "2024-07-29T14:12:08.783",
"lastModified": "2024-09-30T15:15:05.667",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -20,6 +20,18 @@
{
"url": "https://git.kernel.org/stable/c/af77c4fc1871847b528d58b7fdafb4aa1f6a9262",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c726dea9d0c806d64c26fcef483b1fb9474d8c5e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cfb926051fab19b10d1e65976211f364aa820180",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e4ffea01adf3323c821b6f37e9577d2d400adbaa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

8
CVE-2024/CVE-2024-449xx/CVE-2024-44931.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44931",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-26T11:15:05.447",
"lastModified": "2024-09-05T17:58:45.847",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-30T15:15:05.743",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -84,6 +84,10 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/672c19165fc96dfad531a5458e0b3cdab414aae4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d776c0486b03a5c4afca65b8ff44573592bf93bb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

86
CVE-2024/CVE-2024-457xx/CVE-2024-45792.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2024-45792",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-30T15:15:05.830",
"lastModified": "2024-09-30T15:15:05.830",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mantis Bug Tracker (MantisBT) is an open source issue tracker. Using a crafted POST request, an unprivileged, registered user is able to retrieve information about other users' personal system profiles. This vulnerability is fixed in 2.26.4."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/mantisbt/mantisbt/commit/ef0f820284032350cc20a39ff9cb2010d5463b41",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/mantisbt/mantisbt/security/advisories/GHSA-h5q3-fjp4-2x7r",
"source": "security-advisories@github.com"
},
{
"url": "https://mantisbt.org/bugs/view.php?id=34640",
"source": "security-advisories@github.com"
}
]
}

21
CVE-2024/CVE-2024-462xx/CVE-2024-46280.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46280",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-30T15:15:06.053",
"lastModified": "2024-09-30T15:15:06.053",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The TELNET service is enabled with weak credentials for a root-level account, without the possibility of changing them."
}
],
"metrics": {},
"references": [
{
"url": "https://0xmupa.github.io/pixlink-weak-telnet",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-462xx/CVE-2024-46293.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46293",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-30T15:15:06.123",
"lastModified": "2024-09-30T15:15:06.123",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control. There is a lack of authorization checks for admin operations. Specifically, an attacker can perform admin-level actions without possessing a valid session token. The application does not verify whether the user is logged in as an admin or even check for a session token at all."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/bunyamindemir/vulnerability-disclosures/blob/main/omos-authorization-bypass.md",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-463xx/CVE-2024-46313.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46313",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-30T15:15:06.243",
"lastModified": "2024-09-30T15:15:06.243",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WR941ND V6 has a stack overflow vulnerability in the ssid parameter in /userRpm/popupSiteSurveyRpm.htm."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TP-LINK/WR-941ND/popupSiteSurveyRpm.md",
"source": "cve@mitre.org"
}
]
}

82
CVE-2024/CVE-2024-470xx/CVE-2024-47063.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2024-47063",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-30T15:15:06.293",
"lastModified": "2024-09-30T15:15:06.293",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. If a malicious CVAT user with permissions to either create a task, or edit an existing task can trick another logged-in user into visiting a maliciously-constructed URL, they can initiate any API calls on that user's behalf. This gives the attacker temporary access to all data that the victim user has access to. Upgrade to CVAT 2.19.0 or a later version to fix this issue."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "ACTIVE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/cvat-ai/cvat/commit/75c3d573bc9468b718f53b442c2ef69ad1d5de12",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-2c85-39cc-2px9",
"source": "security-advisories@github.com"
}
]
}

86
CVE-2024/CVE-2024-470xx/CVE-2024-47064.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2024-47064",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-30T15:15:06.413",
"lastModified": "2024-09-30T15:15:06.413",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. If an attacker can trick a logged-in CVAT user into visiting a maliciously-constructed URL, they can initiate any API calls on that user's behalf. This gives the attacker temporary access to all data that the victim user has access to. Upgrade to CVAT 2.19.0 or a later version to fix this issue."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "ACTIVE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-81"
}
]
}
],
"references": [
{
"url": "https://github.com/cvat-ai/cvat/commit/0bf45fd5de08a652dffbfb517318a64c2fdbc5cf",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-hp6c-f34j-qjj7",
"source": "security-advisories@github.com"
}
]
}

60
CVE-2024/CVE-2024-471xx/CVE-2024-47172.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-47172",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-30T15:15:06.523",
"lastModified": "2024-09-30T15:15:06.523",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. An attacker with a CVAT account may retrieve certain information about any project, task, job or membership resource on the CVAT instance. The information exposed in this way is the same as the information returned on a GET request to the resource. In addition, the attacker can also alter the default source and target storage associated with any project or task. Upgrade to CVAT 2.19.1 or any later version to fix the issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://github.com/cvat-ai/cvat/commit/59ce6ca784a0d426b2cfb8cf2850ba1d520c03f5",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-gxhm-hg65-5gh2",
"source": "security-advisories@github.com"
}
]
}

70
CVE-2024/CVE-2024-472xx/CVE-2024-47222.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47222",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-23T20:15:05.493",
"lastModified": "2024-09-26T13:32:55.343",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T14:02:23.007",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,75 @@
"value": "New Cloud MyOffice SDK Collaborative Editing Server 2.2.2 a 2.8 permite SSRF mediante la manipulaci\u00f3n de solicitudes desde el almacenamiento de documentos externo mediante el protocolo MS-WOPI."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:myoffice:my_office_sdk:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.2.2",
"versionEndIncluding": "2.8.0",
"matchCriteriaId": "B586D9AB-14FD-48BE-A585-8885B91D6D6B"
}
]
}
]
}
],
"references": [
{
"url": "https://myoffice.ru/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://support.myoffice.ru/products/myoffice-sdk/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

69
CVE-2024/CVE-2024-65xx/CVE-2024-6590.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6590",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-25T03:15:02.830",
"lastModified": "2024-09-26T13:32:02.803",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T14:31:06.627",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -51,26 +71,59 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:javmah:spreadsheet_integration:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.7.9",
"matchCriteriaId": "D00DB2A9-4D29-43A9-BEDF-C71EA7D22BE2"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wpgsi/trunk/admin/class-wpgsi-admin.php#L1168",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/wpgsi/trunk/admin/class-wpgsi-admin.php#L812",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/wpgsi/trunk/admin/class-wpgsi-admin.php#L863",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/wpgsi/trunk/admin/class-wpgsi-admin.php#L935",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d35ff2cc-9af2-4b72-bc49-e205275daa4d?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

44
CVE-2024/CVE-2024-74xx/CVE-2024-7426.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7426",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-25T03:15:03.230",
"lastModified": "2024-09-26T13:32:02.803",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T14:17:51.317",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -41,8 +41,18 @@
},
"weaknesses": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-209"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,14 +61,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:peepso:peepso:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.4.6.0",
"matchCriteriaId": "AFC63B3E-224E-4106-864F-6FCB8EBB1519"
}
]
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/peepso-core/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2e69d666-50de-4c82-9ad4-9ed40fcc7218?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2024/CVE-2024-78xx/CVE-2024-7862.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7862",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-12T06:15:25.003",
"lastModified": "2024-09-12T14:35:21.530",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T14:15:37.093",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kimhuebel:blogintroduction-wordpress-plugin:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.3.0",
"matchCriteriaId": "F1FC162D-B67F-45AD-B160-1865A360B45A"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/9b54cd05-3bb8-4bb9-a0e4-fb00d97d5cae/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-80xx/CVE-2024-8044.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8044",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-17T06:15:02.550",
"lastModified": "2024-09-20T12:31:20.110",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T14:03:17.587",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -39,10 +59,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubayathasan:infolinks_ad_wrap:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.2",
"matchCriteriaId": "F35498FF-B6CF-4AC8-A9C7-7DDBADFB320A"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/14b42ba8-7a8b-4fbf-86fb-6095879ec05c/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-81xx/CVE-2024-8103.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8103",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-25T01:15:45.793",
"lastModified": "2024-09-26T13:32:02.803",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T14:20:16.063",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -51,30 +71,66 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gcsdesign:wp_category_dropdown:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.8",
"matchCriteriaId": "B2861F86-9B09-4E4D-BBDD-AE3E52228A91"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-category-dropdown/trunk/build/index.js#L270",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-category-dropdown/trunk/category_dropdown_block.php#L8",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-category-dropdown/trunk/src/edit.js#L258",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-category-dropdown/trunk/src/index.js#L24",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://wordpress.org/plugins/wp-category-dropdown/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7c959f9c-8ac4-4f59-9d93-8f96e650b02d?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

106
CVE-2024/CVE-2024-82xx/CVE-2024-8263.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8263",
"sourceIdentifier": "product-cna@github.com",
"published": "2024-09-23T21:15:12.957",
"lastModified": "2024-09-26T13:32:55.343",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T15:57:26.213",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,9 +59,41 @@
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "product-cna@github.com",
"type": "Secondary",
@ -73,26 +105,86 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.10.0",
"versionEndExcluding": "3.10.17",
"matchCriteriaId": "92B7FEDD-264A-4B57-B722-58E8D3F30EA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.11.0",
"versionEndExcluding": "3.11.15",
"matchCriteriaId": "21688373-04C3-4091-A8A9-0158C1744548"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.12.0",
"versionEndExcluding": "3.12.9",
"matchCriteriaId": "597AB8F0-5B47-477F-B27D-A461CD6CFAFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.13.0",
"versionEndExcluding": "3.13.4",
"matchCriteriaId": "163BA2E3-5619-4684-B7C2-0F7103BC849C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:github:enterprise_server:3.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CD20D1-EF3F-422F-81DB-DB53859FF556"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.17",
"source": "product-cna@github.com"
"source": "product-cna@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.15",
"source": "product-cna@github.com"
"source": "product-cna@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.9",
"source": "product-cna@github.com"
"source": "product-cna@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.4",
"source": "product-cna@github.com"
"source": "product-cna@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://docs.github.com/en/enterprise-server@3.14/admin/release-notes#3.14.1",
"source": "product-cna@github.com"
"source": "product-cna@github.com",
"tags": [
"Release Notes"
]
}
]
}

75
CVE-2024/CVE-2024-82xx/CVE-2024-8291.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8291",
"sourceIdentifier": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"published": "2024-09-25T01:15:46.193",
"lastModified": "2024-09-26T13:32:02.803",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T15:59:11.073",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,9 +59,41 @@
"baseSeverity": "LOW"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"type": "Secondary",
@ -73,22 +105,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0.0",
"versionEndExcluding": "9.3.3",
"matchCriteriaId": "22477475-FE69-4804-B73E-B3F268F16FE7"
}
]
}
]
}
],
"references": [
{
"url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/934-release-notes",
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de"
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"tags": [
"Release Notes"
]
},
{
"url": "https://documentation.concretecms.org/developers/introduction/version-history/8519-release-notes",
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de"
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/concretecms/concretecms/commit/dbce253166f6b10ff3e0c09e50fd395370b8b065",
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de"
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/concretecms/concretecms/pull/12183",
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de"
"source": "ff5b8ace-8b95-4078-9743-eac1ca5451de",
"tags": [
"Patch"
]
}
]
}

308
CVE-2024/CVE-2024-86xx/CVE-2024-8606.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8606",
"sourceIdentifier": "security@checkmk.com",
"published": "2024-09-23T07:15:02.233",
"lastModified": "2024-09-26T13:32:55.343",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T15:32:34.647",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,9 +59,41 @@
"baseSeverity": "CRITICAL"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "security@checkmk.com",
"type": "Secondary",
@ -73,10 +105,280 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "83202950-840A-4CB7-AD96-CE62E84FABD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "310A2FA2-633A-48FB-A5C2-9A9A922E72E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p10:*:*:*:*:*:*",
"matchCriteriaId": "3C0F1DC8-D9DF-4A7A-80DC-618FAB091375"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p11:*:*:*:*:*:*",
"matchCriteriaId": "9B0A1E3E-1B5A-4346-95BC-DE6FF6EE14CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p12:*:*:*:*:*:*",
"matchCriteriaId": "EB52B2A7-BDC1-4A4F-ABAF-69C1BA8E83C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p13:*:*:*:*:*:*",
"matchCriteriaId": "9F89225F-6969-4D89-B889-9CB09972825B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p14:*:*:*:*:*:*",
"matchCriteriaId": "2A1B23EA-4571-4E4E-80BC-FD76FFD83FFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p15:*:*:*:*:*:*",
"matchCriteriaId": "625A6998-5DAE-4538-9760-20523CCE501F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "7D1993E3-C4F9-4D78-BD02-A0B22D93BF1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "B28A0C9D-072A-413C-8587-CD57CB918190"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "DF22D0A7-82B1-4598-B8C5-BDFE523D07F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "20035AFB-75B4-4164-9833-A2FCAE24B577"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "8BCBACEB-7130-455D-B4BE-243053C116DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "156384E2-E04B-4153-A91F-3F307C9FEAE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p8:*:*:*:*:*:*",
"matchCriteriaId": "EEC0ED95-F43B-46D7-9AA0-A0FB1C32EF1D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "91C194C1-5292-4E2A-BB71-9C5CD3CE6194"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C66704F1-0B5E-4B43-8748-987022F378F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "3FB7221E-BE9F-4529-8E07-8AD547FA3208"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*",
"matchCriteriaId": "30A074AD-9499-46E3-AB67-D6CEE3AA01C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*",
"matchCriteriaId": "A8BD0240-A22B-4273-BD47-C35A8C12E127"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*",
"matchCriteriaId": "DAA5680F-1DD0-48AA-BB7F-15B27365F0FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*",
"matchCriteriaId": "BC2F31CA-D4EB-44E6-9A09-5255D33F4A88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*",
"matchCriteriaId": "CD80BD69-20C6-4E17-B165-98689179A5A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*",
"matchCriteriaId": "B044D43B-0233-4A0D-A356-B9F9324E2777"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*",
"matchCriteriaId": "7DE79896-EBE5-42F2-A126-2A871BBA1071"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*",
"matchCriteriaId": "51A44E69-EEA1-4B01-B7B3-5BF7B39819E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*",
"matchCriteriaId": "BCB65AEB-CF52-410B-92B1-2DCFB914FFA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*",
"matchCriteriaId": "B7E17FA6-9011-489C-9FA9-368CA2D86FAE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "7BCEB6FF-668F-4313-9264-0BF021AFC45F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*",
"matchCriteriaId": "F8B27218-A4FF-47BE-B578-6DB704478921"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*",
"matchCriteriaId": "8735357F-16A7-4408-9DDD-1C6796BADBE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*",
"matchCriteriaId": "4505098C-0A2B-481E-A3DF-D6DF8EFA4DE7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*",
"matchCriteriaId": "C12AFCCF-014E-4EEB-8F04-F1ACE182BA98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:*",
"matchCriteriaId": "66B85557-D5EC-4AF4-B97A-D2B80A58B3B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:*",
"matchCriteriaId": "233ECD21-FA72-43AF-8E4C-DAC27CC18F3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:*",
"matchCriteriaId": "8B4DB8EE-C10A-4097-8E66-2932BAEB732E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p27:*:*:*:*:*:*",
"matchCriteriaId": "8653402A-C5AA-4CB1-8742-A12CCBE59373"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p28:*:*:*:*:*:*",
"matchCriteriaId": "77047A82-E6D5-4E84-9BEC-ACD2FDA91FAE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p29:*:*:*:*:*:*",
"matchCriteriaId": "2E44AE62-1746-410F-A28E-F8292E1F8D68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "E2342E2D-58B0-43E7-8C01-DF4678520F39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p30:*:*:*:*:*:*",
"matchCriteriaId": "B6C1AC39-5AE0-4FC8-93FF-966400B074F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p31:*:*:*:*:*:*",
"matchCriteriaId": "68455233-52CD-44B8-8B02-D94BA84DA6A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p33:*:*:*:*:*:*",
"matchCriteriaId": "0AEF278D-D782-4A2B-B1B8-19A21D151AA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "1871B646-CA69-477F-B113-B901AC7B3934"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "EEC65A72-CAE1-4E28-83EF-7ECAFE921BB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "D8FDECBC-8213-495F-A932-C4310F7C1F87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "CB49BC95-6AA8-4F53-A3D6-E199BF756AAF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*",
"matchCriteriaId": "050B6617-8FD4-47A6-BE4A-A52503A65812"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "4CA0FEC5-7036-47AF-A341-873B6C324B58"
}
]
}
]
}
],
"references": [
{
"url": "https://checkmk.com/werk/16218",
"source": "security@checkmk.com"
"source": "security@checkmk.com",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2024/CVE-2024-87xx/CVE-2024-8796.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8796",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2024-09-17T18:15:05.443",
"lastModified": "2024-09-20T12:30:51.220",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T14:10:38.937",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
},
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
@ -84,6 +104,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-331"
}
]
},
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
@ -95,10 +125,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tinfoilsecurity:devise-two-factor:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "6.0.0",
"matchCriteriaId": "84888909-8B85-45B8-B57C-A63ABB739A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tinfoilsecurity:devise-two-factor:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7C7CE8-1386-4FF1-81AC-8A9A251122BF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/devise-two-factor/devise-two-factor/security/advisories/GHSA-qjxf-mc72-wjr2",
"source": "disclosure@synopsys.com"
"source": "disclosure@synopsys.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

49
CVE-2024/CVE-2024-88xx/CVE-2024-8801.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8801",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-25T01:15:47.050",
"lastModified": "2024-09-26T13:32:02.803",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T14:23:46.140",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -41,8 +41,18 @@
},
"weaknesses": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,18 +61,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wedevs:happy_addons_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.12.3",
"matchCriteriaId": "33D9F3ED-F9F1-49BF-9314-9CDA5FCC80D5"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/happy-elementor-addons/trunk/widgets/content-switcher/widget.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3154460/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9f1078b8-f458-46a6-9982-e8d2d1d1b73b?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-88xx/CVE-2024-8877.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8877",
"sourceIdentifier": "office@cyberdanube.com",
"published": "2024-09-25T01:15:47.267",
"lastModified": "2024-09-26T13:32:02.803",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T15:31:14.690",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,9 +59,41 @@
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "office@cyberdanube.com",
"type": "Secondary",
@ -73,10 +105,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:riello-ups:netman_204_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.05",
"matchCriteriaId": "52D59156-C7E4-4057-9419-457625A754AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:riello-ups:netman_204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06001306-7B00-453C-9C45-17E5A64DF4C2"
}
]
}
]
}
],
"references": [
{
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-riello-netman-204/index.html",
"source": "office@cyberdanube.com"
"source": "office@cyberdanube.com",
"tags": [
"Vendor Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-88xx/CVE-2024-8878.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8878",
"sourceIdentifier": "office@cyberdanube.com",
"published": "2024-09-25T01:15:47.367",
"lastModified": "2024-09-26T13:32:02.803",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T15:21:31.693",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,9 +59,41 @@
"baseSeverity": "CRITICAL"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-640"
}
]
},
{
"source": "office@cyberdanube.com",
"type": "Secondary",
@ -73,10 +105,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:riello-ups:netman_204_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.05",
"matchCriteriaId": "52D59156-C7E4-4057-9419-457625A754AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:riello-ups:netman_204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06001306-7B00-453C-9C45-17E5A64DF4C2"
}
]
}
]
}
],
"references": [
{
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-riello-netman-204/index.html",
"source": "office@cyberdanube.com"
"source": "office@cyberdanube.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2024/CVE-2024-89xx/CVE-2024-8917.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8917",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-25T01:15:47.687",
"lastModified": "2024-09-26T13:32:02.803",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T14:30:38.687",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -51,26 +71,59 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:anwp:football_leagues:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "0.16.8",
"matchCriteriaId": "054FD85A-45BA-493D-B737-2465A4CF2BA1"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/football-leagues-by-anwppro/trunk/class-anwp-football-leagues.php#L675",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3153845/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3153845/football-leagues-by-anwppro/trunk/class-anwp-football-leagues.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wordpress.org/plugins/football-leagues-by-anwppro/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/29a160ea-5582-4028-8621-7988e3a8cabf?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2024/CVE-2024-89xx/CVE-2024-8919.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8919",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-25T01:15:47.880",
"lastModified": "2024-09-26T13:32:02.803",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T15:08:14.077",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloperr:confetti_fall_animation:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3.0",
"matchCriteriaId": "95EC0618-3CBC-4A8C-B5B0-EC451B334C51"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/confetti-fall-animation/trunk/confetti-fall-animation.php#L242",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5b80fc93-212e-481d-907c-275139782e77?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-90xx/CVE-2024-9075.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9075",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-09-21T23:15:14.493",
"lastModified": "2024-09-26T13:32:55.343",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-30T15:27:39.313",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stirlingpdf:stirling_pdf:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.29.0",
"matchCriteriaId": "51D7016F-5779-4302-8278-4976A69C6814"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1J4TnzgzKOEvMck3kpaFuR6zfSVt7YgKu/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.278242",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.278242",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.406335",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

70
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-09-30T14:00:19.465883+00:00
2024-09-30T16:00:18.308986+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-09-30T13:57:33.400000+00:00
2024-09-30T15:59:11.073000+00:00
```
### Last Data Feed Release
@ -33,47 +33,51 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
264135
264142
```
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `7`
- [CVE-2024-45920](CVE-2024/CVE-2024-459xx/CVE-2024-45920.json) (`2024-09-30T13:15:02.450`)
- [CVE-2024-47641](CVE-2024/CVE-2024-476xx/CVE-2024-47641.json) (`2024-09-30T13:15:02.570`)
- [CVE-2024-6051](CVE-2024/CVE-2024-60xx/CVE-2024-6051.json) (`2024-09-30T13:15:02.800`)
- [CVE-2024-45792](CVE-2024/CVE-2024-457xx/CVE-2024-45792.json) (`2024-09-30T15:15:05.830`)
- [CVE-2024-46280](CVE-2024/CVE-2024-462xx/CVE-2024-46280.json) (`2024-09-30T15:15:06.053`)
- [CVE-2024-46293](CVE-2024/CVE-2024-462xx/CVE-2024-46293.json) (`2024-09-30T15:15:06.123`)
- [CVE-2024-46313](CVE-2024/CVE-2024-463xx/CVE-2024-46313.json) (`2024-09-30T15:15:06.243`)
- [CVE-2024-47063](CVE-2024/CVE-2024-470xx/CVE-2024-47063.json) (`2024-09-30T15:15:06.293`)
- [CVE-2024-47064](CVE-2024/CVE-2024-470xx/CVE-2024-47064.json) (`2024-09-30T15:15:06.413`)
- [CVE-2024-47172](CVE-2024/CVE-2024-471xx/CVE-2024-47172.json) (`2024-09-30T15:15:06.523`)
### CVEs modified in the last Commit
Recently modified CVEs: `315`
Recently modified CVEs: `36`
- [CVE-2024-9291](CVE-2024/CVE-2024-92xx/CVE-2024-9291.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9293](CVE-2024/CVE-2024-92xx/CVE-2024-9293.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9294](CVE-2024/CVE-2024-92xx/CVE-2024-9294.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9295](CVE-2024/CVE-2024-92xx/CVE-2024-9295.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9296](CVE-2024/CVE-2024-92xx/CVE-2024-9296.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9297](CVE-2024/CVE-2024-92xx/CVE-2024-9297.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9298](CVE-2024/CVE-2024-92xx/CVE-2024-9298.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9299](CVE-2024/CVE-2024-92xx/CVE-2024-9299.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9300](CVE-2024/CVE-2024-93xx/CVE-2024-9300.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9301](CVE-2024/CVE-2024-93xx/CVE-2024-9301.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9315](CVE-2024/CVE-2024-93xx/CVE-2024-9315.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9316](CVE-2024/CVE-2024-93xx/CVE-2024-9316.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9317](CVE-2024/CVE-2024-93xx/CVE-2024-9317.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9318](CVE-2024/CVE-2024-93xx/CVE-2024-9318.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9319](CVE-2024/CVE-2024-93xx/CVE-2024-9319.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9320](CVE-2024/CVE-2024-93xx/CVE-2024-9320.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9321](CVE-2024/CVE-2024-93xx/CVE-2024-9321.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9322](CVE-2024/CVE-2024-93xx/CVE-2024-9322.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9323](CVE-2024/CVE-2024-93xx/CVE-2024-9323.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9324](CVE-2024/CVE-2024-93xx/CVE-2024-9324.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9325](CVE-2024/CVE-2024-93xx/CVE-2024-9325.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9326](CVE-2024/CVE-2024-93xx/CVE-2024-9326.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9327](CVE-2024/CVE-2024-93xx/CVE-2024-9327.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9328](CVE-2024/CVE-2024-93xx/CVE-2024-9328.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-9329](CVE-2024/CVE-2024-93xx/CVE-2024-9329.json) (`2024-09-30T12:45:57.823`)
- [CVE-2024-31199](CVE-2024/CVE-2024-311xx/CVE-2024-31199.json) (`2024-09-30T14:15:03.093`)
- [CVE-2024-31202](CVE-2024/CVE-2024-312xx/CVE-2024-31202.json) (`2024-09-30T15:15:05.190`)
- [CVE-2024-31203](CVE-2024/CVE-2024-312xx/CVE-2024-31203.json) (`2024-09-30T15:15:05.390`)
- [CVE-2024-38267](CVE-2024/CVE-2024-382xx/CVE-2024-38267.json) (`2024-09-30T15:52:52.787`)
- [CVE-2024-38268](CVE-2024/CVE-2024-382xx/CVE-2024-38268.json) (`2024-09-30T15:52:29.977`)
- [CVE-2024-38269](CVE-2024/CVE-2024-382xx/CVE-2024-38269.json) (`2024-09-30T15:51:55.567`)
- [CVE-2024-38324](CVE-2024/CVE-2024-383xx/CVE-2024-38324.json) (`2024-09-30T14:10:18.597`)
- [CVE-2024-41016](CVE-2024/CVE-2024-410xx/CVE-2024-41016.json) (`2024-09-30T15:15:05.667`)
- [CVE-2024-44931](CVE-2024/CVE-2024-449xx/CVE-2024-44931.json) (`2024-09-30T15:15:05.743`)
- [CVE-2024-47222](CVE-2024/CVE-2024-472xx/CVE-2024-47222.json) (`2024-09-30T14:02:23.007`)
- [CVE-2024-6590](CVE-2024/CVE-2024-65xx/CVE-2024-6590.json) (`2024-09-30T14:31:06.627`)
- [CVE-2024-7426](CVE-2024/CVE-2024-74xx/CVE-2024-7426.json) (`2024-09-30T14:17:51.317`)
- [CVE-2024-7862](CVE-2024/CVE-2024-78xx/CVE-2024-7862.json) (`2024-09-30T14:15:37.093`)
- [CVE-2024-8044](CVE-2024/CVE-2024-80xx/CVE-2024-8044.json) (`2024-09-30T14:03:17.587`)
- [CVE-2024-8103](CVE-2024/CVE-2024-81xx/CVE-2024-8103.json) (`2024-09-30T14:20:16.063`)
- [CVE-2024-8263](CVE-2024/CVE-2024-82xx/CVE-2024-8263.json) (`2024-09-30T15:57:26.213`)
- [CVE-2024-8291](CVE-2024/CVE-2024-82xx/CVE-2024-8291.json) (`2024-09-30T15:59:11.073`)
- [CVE-2024-8606](CVE-2024/CVE-2024-86xx/CVE-2024-8606.json) (`2024-09-30T15:32:34.647`)
- [CVE-2024-8796](CVE-2024/CVE-2024-87xx/CVE-2024-8796.json) (`2024-09-30T14:10:38.937`)
- [CVE-2024-8801](CVE-2024/CVE-2024-88xx/CVE-2024-8801.json) (`2024-09-30T14:23:46.140`)
- [CVE-2024-8877](CVE-2024/CVE-2024-88xx/CVE-2024-8877.json) (`2024-09-30T15:31:14.690`)
- [CVE-2024-8878](CVE-2024/CVE-2024-88xx/CVE-2024-8878.json) (`2024-09-30T15:21:31.693`)
- [CVE-2024-8917](CVE-2024/CVE-2024-89xx/CVE-2024-8917.json) (`2024-09-30T14:30:38.687`)
- [CVE-2024-8919](CVE-2024/CVE-2024-89xx/CVE-2024-8919.json) (`2024-09-30T15:08:14.077`)
- [CVE-2024-9075](CVE-2024/CVE-2024-90xx/CVE-2024-9075.json) (`2024-09-30T15:27:39.313`)
## Download and Usage

715
_state.csv
View File

File diff suppressed because it is too large Load Diff