admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-13T17:00:24.588427+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-13 17:00:28 +00:00
parent 47d1a6cdf3
commit cb7cb861f2
78 changed files with 2927 additions and 473 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
CVE-2001/CVE-2001-14xx/CVE-2001-1481.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2001-1481",
"sourceIdentifier": "cve@mitre.org",
"published": "2001-12-31T05:00:00.000",
"lastModified": "2017-07-11T01:29:09.587",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:20:07.613",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -44,7 +66,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-312"
}
]
}
@ -58,18 +80,15 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:imatix:xitami:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2DE649DA-2818-4E06-9BD5-EBBD4A6B3861"
"criteria": "cpe:2.3:a:xitami:xitami:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.4",
"versionEndIncluding": "2.5",
"matchCriteriaId": "55683377-9A11-4C09-836A-72C525E9C7C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:imatix:xitami:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DE159E-C488-4354-B571-C1DE0D920819"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:imatix:xitami:2.5_b4:*:*:*:*:*:*:*",
"matchCriteriaId": "65FF9B19-8A3D-4CB6-9AF2-3196AF204E44"
"criteria": "cpe:2.3:a:xitami:xitami:2.5:beta4:*:*:*:*:*:*",
"matchCriteriaId": "D0B58243-45AD-4E73-B790-557648A88D45"
}
]
}
@ -81,21 +100,36 @@
"url": "http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0109.html",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/archive/1/242375",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/bid/3582",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7600",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

47
CVE-2001/CVE-2001-15xx/CVE-2001-1537.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2001-1537",
"sourceIdentifier": "cve@mitre.org",
"published": "2001-12-31T05:00:00.000",
"lastModified": "2008-09-05T20:26:48.387",
"lastModified": "2024-02-13T16:19:41.493",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -44,7 +66,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-312"
}
]
}
@ -58,9 +80,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:twig:webmail:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:symfony:twig:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.7.4",
"matchCriteriaId": "43B84A40-0E2F-428F-AD25-7B8AFD2C7EE0"
"matchCriteriaId": "70F56BAA-E4DF-49D6-950D-073A728B97C6"
}
]
}
@ -70,15 +92,26 @@
"references": [
{
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-11/0245.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.iss.net/security_center/static/7619.php",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/bid/3591",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

21
CVE-2002/CVE-2002-04xx/CVE-2002-0495.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2002-0495",
"sourceIdentifier": "cve@mitre.org",
"published": "2002-08-12T04:00:00.000",
"lastModified": "2008-09-05T20:28:10.570",
"lastModified": "2024-02-13T16:20:12.450",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -44,7 +44,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-94"
}
]
}
@ -58,8 +58,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cgiscript.net:cssearch:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AE0DCE4A-11B8-408B-970C-0E000976C808"
"criteria": "cpe:2.3:a:cgiscript:cssearch_professional:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.3",
"matchCriteriaId": "C278C82B-A954-4468-AA06-D139D03DBE5D"
}
]
}
@ -69,12 +70,16 @@
"references": [
{
"url": "http://www.cgiscript.net/cgi-script/csNews/csNews.cgi?database=cgi.db&command=viewone&id=7",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "http://www.iss.net/security_center/static/8636.php",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
]
@ -83,6 +88,9 @@
"url": "http://www.securityfocus.com/archive/1/264169",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
]
},
@ -90,8 +98,11 @@
"url": "http://www.securityfocus.com/bid/4368",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
]
}

85
CVE-2002/CVE-2002-16xx/CVE-2002-1696.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2002-1696",
"sourceIdentifier": "cve@mitre.org",
"published": "2002-12-31T05:00:00.000",
"lastModified": "2017-07-11T01:29:20.667",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:20:20.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -44,13 +66,14 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-312"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -58,23 +81,29 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pgp:personal_privacy:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0276A24-52AA-423B-8D52-B9D56685198D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pgp:personal_privacy:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "61DDF378-20C8-4502-BE6A-85F3C579DBE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pgp:personal_privacy:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "477D315D-D040-463A-B1B5-43F3FF5CF1F9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:microsoft:outlook:98:*:*:*:*:*:*:*",
"matchCriteriaId": "52970A43-173E-477B-80BF-6FDBB6B0EECD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pgp:pgp:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A50605E3-3955-44C8-883C-B5D7598FF8C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pgp:pgp:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7991F5E4-8302-417A-81B8-BBD5D3B87BB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pgp:pgp:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6276F384-4A11-43C6-9863-87C401295E9F"
}
]
}
@ -82,13 +111,29 @@
}
],
"references": [
{
"url": "http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0201&L=ntbugtraq&F=P&S=&P=528",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/bid/3825",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7900",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

16
CVE-2003/CVE-2003-03xx/CVE-2003-0377.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2003-0377",
"sourceIdentifier": "cve@mitre.org",
"published": "2003-06-16T04:00:00.000",
"lastModified": "2016-10-18T02:33:09.387",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:47:26.647",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -48,7 +48,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-89"
}
]
}
@ -62,8 +62,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:iisprotect:iisprotect:2.2_r4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD53BCD3-10D6-478D-8992-219E9C96383D"
"criteria": "cpe:2.3:a:iisprotect:iisprotect:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.2",
"matchCriteriaId": "E8E46860-7D7D-4020-A163-064C6F8F2BCC"
}
]
}
@ -73,7 +74,10 @@
"references": [
{
"url": "http://marc.info/?l=bugtraq&m=105370528728225&w=2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

20
CVE-2003/CVE-2003-03xx/CVE-2003-0395.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2003-0395",
"sourceIdentifier": "cve@mitre.org",
"published": "2003-07-02T04:00:00.000",
"lastModified": "2016-10-18T02:33:21.310",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:14:50.843",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -48,7 +48,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-94"
}
]
}
@ -62,8 +62,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:php_outburst:ultimate_php_board_upb:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9DBFC874-222F-4434-BAE8-FB8CF1AF82FD"
"criteria": "cpe:2.3:a:myupb:ultimate_php_board:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "17CE89DE-FFD5-41F2-B968-0C5A4A9E19DB"
}
]
}
@ -73,11 +73,17 @@
"references": [
{
"url": "http://f0kp.iplus.ru/bz/024.en.txt",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=105379741528925&w=2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

96
CVE-2004/CVE-2004-23xx/CVE-2004-2397.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2004-2397",
"sourceIdentifier": "cve@mitre.org",
"published": "2004-12-31T05:00:00.000",
"lastModified": "2017-07-11T01:31:51.780",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:17:43.783",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -44,7 +66,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-312"
}
]
}
@ -58,43 +80,15 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bluecoat:security_gateway_os:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "863A9F8D-4A81-45D2-83B9-6847372456E0"
"criteria": "cpe:2.3:o:broadcom:bluecoat_security_gateway:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0",
"versionEndIncluding": "3.1.3.13",
"matchCriteriaId": "9D36D10A-620C-4D8F-A4B4-50BC2C43AEF5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bluecoat:security_gateway_os:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35CB1103-6811-46F7-A461-6AFEEBF70B60"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bluecoat:security_gateway_os:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D50CBFD7-F700-4622-B4B3-6C284AEBBF89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bluecoat:security_gateway_os:3.1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0E415758-A354-4C66-A2F2-4E6CEABB198F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bluecoat:security_gateway_os:3.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "59B74B64-3DA5-48C8-8EAF-FD117F4E715F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bluecoat:security_gateway_os:3.1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "87327EF6-E74E-45B8-8584-25317D3D9E15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bluecoat:security_gateway_os:3.1.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C01296B5-3D2A-4B0F-A345-266C1F70E7CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bluecoat:security_gateway_os:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "350121FE-7A0A-4610-A038-18134C47EB68"
"criteria": "cpe:2.3:o:broadcom:bluecoat_security_gateway:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4750874F-6408-440B-B4A2-D9413CE48CE9"
}
]
}
@ -102,24 +96,48 @@
}
],
"references": [
{
"url": "http://secunia.com/advisories/11627",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.bluecoat.com/support/knowledge/advisory_private_key_compromise.html",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.osvdb.org/6218",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/bid/10371",
"source": "cve@mitre.org",
"tags": [
"Patch"
"Broken Link",
"Patch",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16182",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

67
CVE-2005/CVE-2005-04xx/CVE-2005-0496.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2005-0496",
"sourceIdentifier": "cve@mitre.org",
"published": "2005-02-21T05:00:00.000",
"lastModified": "2017-07-11T01:32:19.687",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:48:37.913",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -44,7 +66,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-798"
}
]
}
@ -58,28 +80,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:knox_software:arkeia:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4C2000A-26CC-4CC6-B2DD-73BD1C57D60C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:knox_software:arkeia:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "89C0FD29-7836-4566-AB30-1EB455F2DB54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:knox_software:arkeia:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D77845A3-D9BF-4C82-9F8A-F6799FBACFB0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:knox_software:arkeia:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B181B69-A3C0-4EEC-BE6B-F084EF4CD762"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:knox_software:arkeia:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA01DFB-FC66-49A9-89C1-4A1772A364D2"
"criteria": "cpe:2.3:a:arkeia:network_backup:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27E68C91-5706-445A-B88C-9F2ECF39D9DC"
}
]
}
@ -89,12 +91,16 @@
"references": [
{
"url": "http://marc.info/?l=bugtraq&m=110900879826004&w=2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "http://metasploit.com/research/arkeia_agent/",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
@ -102,12 +108,19 @@
"url": "http://securitytracker.com/id?1013256",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20667",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

50
CVE-2005/CVE-2005-18xx/CVE-2005-1828.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2005-1828",
"sourceIdentifier": "cve@mitre.org",
"published": "2005-05-26T04:00:00.000",
"lastModified": "2016-10-18T03:22:45.553",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:17:56.640",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -44,13 +66,14 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-312"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -58,8 +81,19 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:d-link:dsl-504t:v1.00b01t16.eu.2004-02-17:*:*:*:*:*:*:*",
"matchCriteriaId": "92ECE3FD-3932-4BB5-B674-797C9BA33DF7"
"criteria": "cpe:2.3:o:dlink:dsl-504t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B3048F-760E-42BF-8C33-D845E0EBA8B2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dsl-504t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "893741B3-B4C4-4BB3-A4FD-764AF8D5DB44"
}
]
}
@ -69,7 +103,11 @@
"references": [
{
"url": "http://marc.info/?l=bugtraq&m=111722515805478&w=2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List"
]
}
]
}

40
CVE-2005/CVE-2005-18xx/CVE-2005-1876.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2005-1876",
"sourceIdentifier": "cve@mitre.org",
"published": "2005-06-09T04:00:00.000",
"lastModified": "2016-10-18T03:23:10.730",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:19:22.183",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,23 +17,23 @@
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6
"baseScore": 4.4
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.9,
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": true,
"userInteractionRequired": false
"userInteractionRequired": true
}
]
},
@ -44,7 +44,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-94"
}
]
}
@ -58,8 +58,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cutephp:cutenews:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7BF20D-34F9-453A-A54A-3A0B39EAAD58"
"criteria": "cpe:2.3:a:cutephp:cutenews:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.3.6",
"matchCriteriaId": "424436A1-A2C9-4B6B-90B1-4A491EED73C5"
}
]
}
@ -69,7 +70,24 @@
"references": [
{
"url": "http://marc.info/?l=bugtraq&m=111773528322711&w=2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/15594",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.osvdb.org/17030",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

29
CVE-2005/CVE-2005-18xx/CVE-2005-1894.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2005-1894",
"sourceIdentifier": "cve@mitre.org",
"published": "2005-06-09T04:00:00.000",
"lastModified": "2011-03-08T02:23:03.360",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:19:12.887",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -44,7 +44,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-94"
}
]
}
@ -71,21 +71,35 @@
"url": "http://flatnuke.sourceforge.net/index.php?mod=read&id=1117979256",
"source": "cve@mitre.org",
"tags": [
"Patch"
"Patch",
"Product"
]
},
{
"url": "http://secunia.com/advisories/15603",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://securitytracker.com/id?1014114",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Patch"
"Patch",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://secwatch.org/advisories/secwatch/20050604_flatnuke.txt",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Patch",
"Vendor Advisory"
@ -93,7 +107,10 @@
},
{
"url": "http://www.vupen.com/english/advisories/2005/0697",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

33
CVE-2005/CVE-2005-21xx/CVE-2005-2160.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2005-2160",
"sourceIdentifier": "cve@mitre.org",
"published": "2005-07-06T04:00:00.000",
"lastModified": "2016-10-18T03:25:19.140",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:19:26.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -44,7 +66,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-312"
}
]
}
@ -69,7 +91,10 @@
"references": [
{
"url": "http://marc.info/?l=bugtraq&m=112060187204457&w=2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
}
]
}

40
CVE-2005/CVE-2005-22xx/CVE-2005-2209.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2005-2209",
"sourceIdentifier": "cve@mitre.org",
"published": "2005-07-11T04:00:00.000",
"lastModified": "2008-09-05T20:51:10.210",
"lastModified": "2024-02-13T16:09:15.073",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -44,7 +66,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-312"
}
]
}
@ -58,8 +80,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:capturix:scanshare:1.06_build_50:*:*:*:*:*:*:*",
"matchCriteriaId": "8654C317-4BDA-44BF-98E2-0815E7004B83"
"criteria": "cpe:2.3:a:capturix:scanshare:1.06:build_50:*:*:*:*:*:*",
"matchCriteriaId": "6FEA346E-C1F4-4CCC-AB84-FB2CEF73AECB"
}
]
}
@ -67,11 +89,21 @@
}
],
"references": [
{
"url": "http://secunia.com/advisories/15995",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://securitytracker.com/id?1014409",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
]
}

65
CVE-2005/CVE-2005-37xx/CVE-2005-3716.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2005-3716",
"sourceIdentifier": "cve@mitre.org",
"published": "2005-11-21T11:03:00.000",
"lastModified": "2011-03-08T02:27:01.687",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:48:43.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -44,13 +66,14 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-798"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -58,8 +81,19 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:utstarcom:f1000_wi-fi_handset:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "601784B2-1DB5-4A38-B3B6-9A1D58AAB437"
"criteria": "cpe:2.3:o:utstarcom:f1000_wi-fi_firmware:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1013A51A-5EAE-4EEA-9058-051B134E02B1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:utstarcom:f1000_wi-fi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8D25BE-2AAF-4046-AA13-E3891A25653C"
}
]
}
@ -71,16 +105,33 @@
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038834.html",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/17629",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/15476",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.vupen.com/english/advisories/2005/2472",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

77
CVE-2005/CVE-2005-38xx/CVE-2005-3803.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2005-3803",
"sourceIdentifier": "cve@mitre.org",
"published": "2005-11-24T11:03:00.000",
"lastModified": "2017-07-11T01:33:19.110",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:48:53.143",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,13 +70,14 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-798"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -62,8 +85,19 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:7920_wireless_ip_phone:1.0\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EC49CD76-8263-4F8A-830E-A96F64B180F3"
"criteria": "cpe:2.3:o:cisco:unified_wireless_ip_phone_7920_firmware:1.0\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "180F4593-7F86-4702-B248-A3D0AB20D675"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:unified_wireless_ip_phone_7920:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDDEF21-AD60-4F0C-9F59-BF34788D026B"
}
]
}
@ -71,10 +105,22 @@
}
],
"references": [
{
"url": "http://secunia.com/advisories/17604/",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://securitytracker.com/id?1015232",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
]
},
@ -82,17 +128,34 @@
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20051116-7920.shtml",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.osvdb.org/20966",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/bid/15454",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23067",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

35
CVE-2006/CVE-2006-71xx/CVE-2006-7142.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-7142",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-03-07T20:19:00.000",
"lastModified": "2022-09-22T15:58:11.480",
"lastModified": "2024-02-13T16:45:26.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -62,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:utimaco_safeware:safeguard_easy:4.30:*:*:*:*:*:*:*",
"matchCriteriaId": "CB115995-67F9-4599-8B34-E06F010C41DD"
"criteria": "cpe:2.3:a:utimaco:safeguard:4.30:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA59D49-45CE-4775-AB77-B69EBEFCC8F5"
}
]
}
@ -97,6 +119,13 @@
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.utimaco.fi/servlets/ActionDispatcher?action:ws3_content_get_binary=true&scope=domain&domain_id=www.utimaco.fi&page_id=/templates/ajankohtaisteksti.jsp?ws3_page_id=tiedoteartikkeli_103&form_id=&component_id=linkin_dokumentti_104",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

2
CVE-2007/CVE-2007-47xx/CVE-2007-4786.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2007-4786",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-09-10T21:17:00.000",
"lastModified": "2024-01-25T20:59:39.773",
"lastModified": "2024-02-13T16:09:38.673",
"vulnStatus": "Analyzed",
"descriptions": [
{

73
CVE-2008/CVE-2008-09xx/CVE-2008-0961.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2008-0961",
"sourceIdentifier": "cve@mitre.org",
"published": "2008-04-14T16:05:00.000",
"lastModified": "2017-08-08T01:29:47.463",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:46:34.827",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "CWE-287"
"value": "CWE-798"
}
]
}
@ -73,23 +95,58 @@
"references": [
{
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=683",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/29778",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "http://www.osvdb.org/44419",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/bid/28727",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id?1019827",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/1198/references",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41772",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

75
CVE-2008/CVE-2008-11xx/CVE-2008-1160.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2008-1160",
"sourceIdentifier": "cve@mitre.org",
"published": "2008-03-25T00:44:00.000",
"lastModified": "2023-11-07T02:01:53.450",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:46:30.653",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,13 +70,14 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-798"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -62,8 +85,19 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zyxel:zywall:1050:*:*:*:*:*:*:*",
"matchCriteriaId": "89413506-1729-4BFB-AAC0-500E96B09D37"
"criteria": "cpe:2.3:o:zyxel:zywall_1050_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12CA66DC-CD33-4EBA-8762-2F0D3591F3D9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:zywall_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51AF5F07-6FE1-4080-817B-55E63D62753A"
}
]
}
@ -73,37 +107,58 @@
"references": [
{
"url": "http://packetstormsecurity.org/0803-exploits/ZyWALL.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/29237",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "http://www.secumania.org/exploits/remote/zyxel-zywall-quagga_zebra-%28default-pass%29-remote-root-vulnerability-2008032143791/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/bid/28184",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/0990/references",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41424",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.exploit-db.com/exploits/5289",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

76
CVE-2008/CVE-2008-14xx/CVE-2008-1440.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2008-1440",
"sourceIdentifier": "secure@microsoft.com",
"published": "2008-06-12T02:32:00.000",
"lastModified": "2018-10-12T21:45:26.023",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:09:43.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -48,7 +48,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-1284"
}
]
}
@ -62,48 +62,23 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows:server_2003:*:*:*:*:*:*:*",
"matchCriteriaId": "34D1E02A-54AF-4B8B-8EA3-F29BE3FD5AFE"
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows:server_2003:*:x64:*:*:*:*:*",
"matchCriteriaId": "46EBD805-C0EB-4F5E-948A-60E5CBB45C04"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows:server_2003:sp1:*:*:*:*:*:*",
"matchCriteriaId": "79F860DB-9616-4B63-A850-F5E950F667B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows:server_2003:sp1:itanium:*:*:*:*:*",
"matchCriteriaId": "C9AF89B4-69D3-4E28-BC05-782266145C96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows:server_2003:sp2:*:*:*:*:*:*",
"matchCriteriaId": "227A166A-39D3-49F5-89E7-0F75C7B5285C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:*",
"matchCriteriaId": "CD6F46BF-46DD-477C-94CF-88DC15BE19B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:*",
"matchCriteriaId": "97F081F6-6E4C-47D6-86E9-4DBA520ECDC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "A74985B6-BCA5-49E3-878B-77D7FA43070C"
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656"
}
]
}
@ -111,10 +86,20 @@
}
],
"references": [
{
"url": "http://secunia.com/advisories/30587",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Permissions Required",
"Vendor Advisory"
]
},
{
"url": "http://securitytracker.com/id?1020230",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
@ -123,13 +108,17 @@
"url": "http://www.securityfocus.com/bid/29508",
"source": "secure@microsoft.com",
"tags": [
"Patch"
"Broken Link",
"Patch",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"US Government Resource"
]
@ -143,11 +132,18 @@
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-036",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5473",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link"
]
}
]
}

33
CVE-2008/CVE-2008-23xx/CVE-2008-2369.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2008-2369",
"sourceIdentifier": "secalert@redhat.com",
"published": "2008-08-14T20:41:00.000",
"lastModified": "2022-02-03T19:57:26.777",
"lastModified": "2024-02-13T16:46:38.403",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -79,10 +101,18 @@
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/31493",
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://securitytracker.com/id?1020694",
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
@ -91,6 +121,7 @@
"url": "http://www.securityfocus.com/bid/30679",
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]

145
CVE-2008/CVE-2008-23xx/CVE-2008-2374.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2008-2374",
"sourceIdentifier": "secalert@redhat.com",
"published": "2008-07-07T23:41:00.000",
"lastModified": "2017-09-29T01:31:08.913",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:09:59.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -48,11 +48,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-1284"
}
]
}
@ -66,15 +62,35 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bluez:bluez_libs:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.30",
"matchCriteriaId": "F4AA090E-32D6-406E-9EF5-DE7DB52DF9F9"
"criteria": "cpe:2.3:a:bluez:bluez-libs:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.34",
"matchCriteriaId": "E07F4288-8279-44F6-A0CA-CBBAB38B9CC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bluez:bluez_utils:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.33",
"matchCriteriaId": "AF1A11DD-7D85-4FAD-9E8C-C2E9D027559D"
"criteria": "cpe:2.3:a:bluez:bluez-utils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.34",
"matchCriteriaId": "1DF2F11E-16A5-40DF-9D61-886FFFD1834D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*",
"matchCriteriaId": "72E4DB7F-07C3-46BB-AAA2-05CD0312C57F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*",
"matchCriteriaId": "743CBBB1-C140-4FEF-B40E-FAE4511B1140"
}
]
}
@ -84,54 +100,135 @@
"references": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/30957",
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/31057",
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/31833",
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/32099",
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/32279",
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/34280",
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://security.gentoo.org/glsa/glsa-200903-29.xml",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://sourceforge.net/mailarchive/message.php?msg_name=b32d44000806161327u680c290au54fd21f2fef1d58e%40mail.gmail.com",
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Exploit"
]
},
{
"url": "http://www.bluez.org/bluez-334/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Product"
]
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:145",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-0581.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/bid/30105",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id?1020479",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/2096/references",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9973",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00396.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00233.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
}
]
}

51
CVE-2009/CVE-2009-22xx/CVE-2009-2272.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2009-2272",
"sourceIdentifier": "cve@mitre.org",
"published": "2009-07-01T13:00:01.530",
"lastModified": "2018-10-10T19:39:31.883",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:10:07.367",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,13 +70,14 @@
"description": [
{
"lang": "en",
"value": "CWE-310"
"value": "CWE-312"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -62,8 +85,19 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:huawei:d100_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBDF7BC-3F37-4876-B97D-98E5A722C758"
"criteria": "cpe:2.3:o:huawei:d100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3888666F-8B81-4535-A654-A9F5A5C3C5CB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:huawei:d100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A83378E-CAC4-4D97-A765-6DA634B1194A"
}
]
}
@ -73,7 +107,12 @@
"references": [
{
"url": "http://www.securityfocus.com/archive/1/504645/100/0/threaded",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

80
CVE-2010/CVE-2010-15xx/CVE-2010-1573.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-1573",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2010-06-10T00:30:07.503",
"lastModified": "2018-10-10T19:57:31.370",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:43:20.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,13 +70,14 @@
"description": [
{
"lang": "en",
"value": "CWE-255"
"value": "CWE-798"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -62,14 +85,20 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:linksys:wap54gv3:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:linksys:wap54g_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.04.03",
"matchCriteriaId": "436C7351-5B61-401C-940A-88036A361525"
},
"matchCriteriaId": "64E0DAFE-EB62-4946-90E9-A217B13BDC17"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:linksys:wap54gv3:3.05.03:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF9E57D-6EFE-46AC-8AC6-BD5D7F9D28C3"
"vulnerable": false,
"criteria": "cpe:2.3:h:linksys:wap54g:3:*:*:*:*:*:*:*",
"matchCriteriaId": "F083058D-4127-46DE-865D-B58BDEA70688"
}
]
}
@ -77,10 +106,18 @@
}
],
"references": [
{
"url": "http://secunia.com/advisories/40103",
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=20682",
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
@ -93,19 +130,36 @@
},
{
"url": "http://www.securityfocus.com/archive/1/511733/100/0/threaded",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/bid/40648",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/1419",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59286",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

56
CVE-2010/CVE-2010-20xx/CVE-2010-2073.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-2073",
"sourceIdentifier": "secalert@redhat.com",
"published": "2010-06-16T20:30:02.577",
"lastModified": "2017-08-17T01:32:36.460",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:44:33.337",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "CWE-255"
"value": "CWE-798"
}
]
}
@ -62,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:radovan_garabik:pyftpd:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7CEFA7-9368-4A15-B395-5FB7ABC37902"
"criteria": "cpe:2.3:a:debian:pyftpd:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A0248E1A-E990-489B-9DCF-1DE6AA22E18F"
}
]
}
@ -73,19 +95,35 @@
"references": [
{
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=585776",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2010/06/13/2",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.securityfocus.com/bid/40839",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59431",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

116
CVE-2010/CVE-2010-27xx/CVE-2010-2772.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-2772",
"sourceIdentifier": "cve@mitre.org",
"published": "2010-07-22T05:43:58.250",
"lastModified": "2017-08-17T01:32:49.383",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:44:42.830",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "CWE-255"
"value": "CWE-798"
}
]
}
@ -60,11 +82,6 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BFCEB87-D585-40D0-8978-7697F3F038E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:simatic_wincc:6.2:*:*:*:*:*:*:*",
@ -85,11 +102,6 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E3BDF0-B691-4A97-A74A-A65EC910480E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:6.0:*:*:*:*:*:*:*",
@ -102,8 +114,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D8524A6A-B9B0-40D8-BF67-3355722194A6"
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "BD419DE7-CB43-42E7-ACCC-82EA4913E8D2"
},
{
"vulnerable": true,
@ -128,58 +140,108 @@
"references": [
{
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-205-01",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "http://infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage"
]
},
{
"url": "http://infoworld.com/d/security-central/siemens-warns-users-dont-change-passwords-after-worm-attack-915?sourcefssr",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage"
]
},
{
"url": "http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage"
]
},
{
"url": "http://secunia.com/advisories/40682",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=viewhttp://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&c",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "http://www.automation.siemens.com/forum/guests/PostShow.aspx?PostID=16127&16127&Language=en&PageIndex=1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.f-secure.com/weblog/archives/00001987.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.sea.siemens.com/us/News/Industrial/Pages/WinCC_Update.aspx",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/41753",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/1893",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.wilderssecurity.com/showpost.php?p=1712134&postcount=22",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "http://www.wired.com/threatlevel/2010/07/siemens-scada/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60587",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

78
CVE-2012/CVE-2012-35xx/CVE-2012-3503.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-3503",
"sourceIdentifier": "secalert@redhat.com",
"published": "2012-08-25T10:29:52.693",
"lastModified": "2013-03-22T03:11:38.613",
"vulnStatus": "Modified",
"lastModified": "2024-02-13T16:44:47.863",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "CWE-264"
"value": "CWE-798"
}
]
}
@ -62,9 +84,24 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:katello:katello:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:theforeman:katello:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0",
"matchCriteriaId": "8B6C3E1B-D83E-44AF-B993-DAB3F510BDA8"
"matchCriteriaId": "F34B126E-E093-4F11-A230-6104EE2457FF"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0"
}
]
}
@ -74,27 +111,48 @@
"references": [
{
"url": "http://rhn.redhat.com/errata/RHSA-2012-1186.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2012-1187.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/50344",
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/bid/55140",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://github.com/Katello/katello/commit/7c256fef9d75029d0ffff58ff1dcda915056d3a3",
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "https://github.com/Katello/katello/pull/499",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
}
]
}

7
CVE-2021/CVE-2021-219xx/CVE-2021-21972.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-21972",
"sourceIdentifier": "security@vmware.com",
"published": "2021-02-24T17:15:15.833",
"lastModified": "2022-07-12T17:42:04.277",
"lastModified": "2024-02-13T16:44:51.980",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2021-11-03",
"cisaActionDue": "2021-11-17",
@ -75,10 +75,6 @@
{
"lang": "en",
"value": "CWE-22"
},
{
"lang": "en",
"value": "CWE-306"
}
]
}
@ -319,6 +315,7 @@
"url": "http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html",
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]

2
CVE-2021/CVE-2021-375xx/CVE-2021-37555.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-37555",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-07-26T21:15:17.047",
"lastModified": "2021-08-09T17:56:01.450",
"lastModified": "2024-02-13T16:47:03.003",
"vulnStatus": "Analyzed",
"descriptions": [
{

2
CVE-2022/CVE-2022-299xx/CVE-2022-29953.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-29953",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-07-26T22:15:10.883",
"lastModified": "2022-08-02T20:50:44.867",
"lastModified": "2024-02-13T15:56:40.490",
"vulnStatus": "Analyzed",
"descriptions": [
{

4
CVE-2022/CVE-2022-299xx/CVE-2022-29959.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-29959",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-08-16T13:15:09.100",
"lastModified": "2022-11-09T06:07:22.397",
"lastModified": "2024-02-13T16:26:08.207",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -45,7 +45,7 @@
"description": [
{
"lang": "en",
"value": "CWE-327"
"value": "CWE-522"
}
]
}

4
CVE-2022/CVE-2022-299xx/CVE-2022-29960.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-29960",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-07-26T22:15:11.007",
"lastModified": "2022-08-16T17:55:16.160",
"lastModified": "2024-02-13T15:57:46.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -45,7 +45,7 @@
"description": [
{
"lang": "en",
"value": "CWE-327"
"value": "CWE-798"
}
]
}

2
CVE-2022/CVE-2022-299xx/CVE-2022-29964.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-29964",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-07-26T22:15:11.140",
"lastModified": "2022-08-04T15:55:34.923",
"lastModified": "2024-02-13T15:57:56.543",
"vulnStatus": "Analyzed",
"descriptions": [
{

2
CVE-2022/CVE-2022-300xx/CVE-2022-30018.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30018",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-05-19T14:15:08.003",
"lastModified": "2022-06-01T19:57:39.043",
"lastModified": "2024-02-13T16:47:14.693",
"vulnStatus": "Analyzed",
"descriptions": [
{

2
CVE-2022/CVE-2022-302xx/CVE-2022-30271.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30271",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-07-26T23:15:08.177",
"lastModified": "2022-08-02T20:46:49.600",
"lastModified": "2024-02-13T16:21:02.103",
"vulnStatus": "Analyzed",
"descriptions": [
{

2
CVE-2022/CVE-2022-302xx/CVE-2022-30276.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30276",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-07-26T23:15:08.293",
"lastModified": "2022-08-09T14:30:13.127",
"lastModified": "2024-02-13T16:25:57.067",
"vulnStatus": "Analyzed",
"descriptions": [
{

2
CVE-2022/CVE-2022-303xx/CVE-2022-30313.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30313",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-07-28T16:15:10.557",
"lastModified": "2022-08-05T22:28:00.043",
"lastModified": "2024-02-13T16:26:03.807",
"vulnStatus": "Analyzed",
"descriptions": [
{

2
CVE-2022/CVE-2022-303xx/CVE-2022-30314.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30314",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-07-28T16:15:10.857",
"lastModified": "2022-08-05T22:29:00.907",
"lastModified": "2024-02-13T15:58:01.707",
"vulnStatus": "Analyzed",
"descriptions": [
{

2
CVE-2022/CVE-2022-303xx/CVE-2022-30317.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30317",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-08-31T16:15:11.580",
"lastModified": "2022-09-09T03:41:53.457",
"lastModified": "2024-02-13T16:43:00.487",
"vulnStatus": "Analyzed",
"descriptions": [
{

2
CVE-2022/CVE-2022-309xx/CVE-2022-30997.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30997",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2022-06-28T13:15:12.607",
"lastModified": "2022-07-08T03:15:18.027",
"lastModified": "2024-02-13T15:56:20.097",
"vulnStatus": "Analyzed",
"descriptions": [
{

2
CVE-2022/CVE-2022-352xx/CVE-2022-35248.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-35248",
"sourceIdentifier": "support@hackerone.com",
"published": "2022-09-23T19:15:14.007",
"lastModified": "2022-09-26T18:20:28.497",
"lastModified": "2024-02-13T15:58:08.510",
"vulnStatus": "Analyzed",
"descriptions": [
{

28
CVE-2023/CVE-2023-265xx/CVE-2023-26562.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-26562",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-13T16:15:08.187",
"lastModified": "2024-02-13T16:15:08.187",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In Zimbra Collaboration (ZCS) 8.8.15 and 9.0, a closed account (with 2FA and generated passwords) can send e-mail messages when configured for Imap/smtp."
}
],
"metrics": {},
"references": [
{
"url": "https://wiki.zimbra.com/wiki/Security_Center",
"source": "cve@mitre.org"
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy",
"source": "cve@mitre.org"
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-44xx/CVE-2023-4408.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4408",
"sourceIdentifier": "security-officer@isc.org",
"published": "2024-02-13T14:15:45.253",
"lastModified": "2024-02-13T14:15:45.253",
"vulnStatus": "Received",
"lastModified": "2024-02-13T16:15:08.450",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
@ -35,6 +35,10 @@
]
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/13/1",
"source": "security-officer@isc.org"
},
{
"url": "https://kb.isc.org/docs/cve-2023-4408",
"source": "security-officer@isc.org"

28
CVE-2023/CVE-2023-452xx/CVE-2023-45206.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-45206",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-13T16:15:08.257",
"lastModified": "2024-02-13T16:15:08.257",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and 10.0. Through the help document endpoint in webmail, an attacker can inject JavaScript or HTML code that leads to cross-site scripting (XSS). (Adding an adequate message to avoid malicious code will mitigate this issue.)"
}
],
"metrics": {},
"references": [
{
"url": "https://wiki.zimbra.com/wiki/Security_Center",
"source": "cve@mitre.org"
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy",
"source": "cve@mitre.org"
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories",
"source": "cve@mitre.org"
}
]
}

28
CVE-2023/CVE-2023-452xx/CVE-2023-45207.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-45207",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-13T16:15:08.313",
"lastModified": "2024-02-13T16:15:08.313",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and 10.0. An attacker can send a PDF document through mail that contains malicious JavaScript. While previewing this file in webmail in the Chrome browser, the stored XSS payload is executed. (This has been mitigated by sanitising the JavaScript code present in a PDF document.)"
}
],
"metrics": {},
"references": [
{
"url": "https://wiki.zimbra.com/wiki/Security_Center",
"source": "cve@mitre.org"
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy",
"source": "cve@mitre.org"
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories",
"source": "cve@mitre.org"
}
]
}

81
CVE-2023/CVE-2023-463xx/CVE-2023-46359.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46359",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-06T01:15:07.877",
"lastModified": "2024-02-06T13:53:38.513",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-13T16:06:48.480",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,86 @@
"value": "Una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en Hardy Barth cPH2 eCharge Ladestation v1.87.0 y anteriores, puede permitir que un atacante remoto no autenticado ejecute comandos arbitrarios en el sistema a trav\u00e9s de argumentos espec\u00edficamente manipulados pasados a la funci\u00f3n de verificaci\u00f3n de conectividad."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hardy-barth:cph2_echarge_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.87.0",
"matchCriteriaId": "F88153BC-C3E4-4BD6-9794-31DC88D09D6D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hardy-barth:cph2_echarge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "317B39E6-9C7C-407B-8968-57923019265A"
}
]
}
]
}
],
"references": [
{
"url": "http://hardy.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://www.offensity.com/en/blog/os-command-injection-in-cph2-charging-station-200-cve-2023-46359-and-cve-2023-46360/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

73
CVE-2023/CVE-2023-473xx/CVE-2023-47355.json
View File

@ -2,23 +2,86 @@
"id": "CVE-2023-47355",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-05T16:15:54.910",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-13T16:43:37.553",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The com.eypcnnapps.quickreboot (aka Eyuep Can Yilmaz {ROOT] Quick Reboot) application 1.0.8 for Android has exposed broadcast receivers for PowerOff, Reboot, and Recovery (e.g., com.eypcnnapps.quickreboot.widget.PowerOff) that are susceptible to unauthorized broadcasts because of missing input validation."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n com.eypcnnapps.quickreboot (tambi\u00e9n conocida como Eyuep Can Yilmaz {ROOT] Quick Reboot) 1.0.8 para Android ha expuesto receptores de transmisi\u00f3n para apagado, reinicio y recuperaci\u00f3n (por ejemplo, com.eypcnnapps.quickreboot.widget.PowerOff) que son susceptibles a transmisiones no autorizadas debido a la falta de validaci\u00f3n de entrada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eyuepcanyilmaz:root_quick_reboot:1.0.8:*:*:*:*:*:android:*",
"matchCriteriaId": "6323C860-5079-437A-AA17-C6B0F66D11B4"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/actuator/com.eypcnnapps.quickreboot/blob/main/CWE-925.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://play.google.com/store/apps/details?id=com.eypcnnapps.quickreboot",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

28
CVE-2023/CVE-2023-484xx/CVE-2023-48432.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-48432",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-13T16:15:08.380",
"lastModified": "2024-02-13T16:15:08.380",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and 10.0. XSS, with resultant session stealing, can occur via JavaScript code in a link (for a webmail redirection endpoint) within en email message, e.g., if a victim clicks on that link within Zimbra webmail."
}
],
"metrics": {},
"references": [
{
"url": "https://wiki.zimbra.com/wiki/Security_Center",
"source": "cve@mitre.org"
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy",
"source": "cve@mitre.org"
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories",
"source": "cve@mitre.org"
}
]
}

6
CVE-2023/CVE-2023-520xx/CVE-2023-52046.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-52046",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-25T21:15:08.730",
"lastModified": "2024-01-29T15:56:54.287",
"lastModified": "2024-02-13T16:05:49.580",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -59,9 +59,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gentoo:webmin:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:webmin:webmin:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.105",
"matchCriteriaId": "EAEA4269-E938-4716-A461-6DA9E6F37243"
"matchCriteriaId": "31EF125F-925E-4A9B-B100-2A9840924559"
}
]
}

8
CVE-2023/CVE-2023-55xx/CVE-2023-5517.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5517",
"sourceIdentifier": "security-officer@isc.org",
"published": "2024-02-13T14:15:45.510",
"lastModified": "2024-02-13T14:15:45.510",
"vulnStatus": "Received",
"lastModified": "2024-02-13T16:15:08.550",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
@ -35,6 +35,10 @@
]
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/13/1",
"source": "security-officer@isc.org"
},
{
"url": "https://kb.isc.org/docs/cve-2023-5517",
"source": "security-officer@isc.org"

8
CVE-2023/CVE-2023-56xx/CVE-2023-5679.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5679",
"sourceIdentifier": "security-officer@isc.org",
"published": "2024-02-13T14:15:45.677",
"lastModified": "2024-02-13T14:15:45.677",
"vulnStatus": "Received",
"lastModified": "2024-02-13T16:15:08.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
@ -35,6 +35,10 @@
]
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/13/1",
"source": "security-officer@isc.org"
},
{
"url": "https://kb.isc.org/docs/cve-2023-5679",
"source": "security-officer@isc.org"

4
CVE-2023/CVE-2023-56xx/CVE-2023-5680.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5680",
"sourceIdentifier": "security-officer@isc.org",
"published": "2024-02-13T14:15:45.850",
"lastModified": "2024-02-13T14:15:45.850",
"vulnStatus": "Received",
"lastModified": "2024-02-13T15:16:05.223",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-65xx/CVE-2023-6516.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6516",
"sourceIdentifier": "security-officer@isc.org",
"published": "2024-02-13T14:15:46.030",
"lastModified": "2024-02-13T14:15:46.030",
"vulnStatus": "Received",
"lastModified": "2024-02-13T16:15:08.743",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
@ -35,6 +35,10 @@
]
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/13/1",
"source": "security-officer@isc.org"
},
{
"url": "https://kb.isc.org/docs/cve-2023-6516",
"source": "security-officer@isc.org"

69
CVE-2023/CVE-2023-69xx/CVE-2023-6982.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6982",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:15:58.093",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-13T15:17:06.363",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Display custom fields in the frontend \u2013 Post and User Profile Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode and postmeta in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Display custom fields in the frontend \u2013 Post and User Profile Fields para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del c\u00f3digo abreviado y postmeta del complemento en todas las versiones hasta la 1.2.1 incluida, debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,14 +58,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vegacorp:display_custom_fields_in_the_frontend_-_post_and_user_profile_fields:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.0",
"matchCriteriaId": "55834056-CF85-412B-B09C-28F57967A11D"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3021133%40shortcode-to-display-post-and-user-data&new=3021133%40shortcode-to-display-post-and-user-data&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3077b84e-87af-4307-83c5-0e4b15d07ff1?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-69xx/CVE-2023-6989.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6989",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:15:58.603",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-13T15:23:09.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Shield Security \u2013 Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the render_action_template parameter. This makes it possible for unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files."
},
{
"lang": "es",
"value": "El complemento Shield Security \u2013 Smart Bot Blocking & Intrusion Prevention Security para WordPress es vulnerable a la inclusi\u00f3n de archivos locales en todas las versiones hasta la 18.5.9 incluida, a trav\u00e9s del par\u00e1metro render_action_template. Esto hace posible que un atacante no autenticado incluya y ejecute archivos PHP en el servidor, permitiendo la ejecuci\u00f3n de cualquier c\u00f3digo PHP en esos archivos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,14 +58,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:getshieldsecurity:shield_security:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "18.5.10",
"matchCriteriaId": "03282E3D-3DAE-4357-AA03-B98C65EEA6B4"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3013699%40wp-simple-firewall&new=3013699%40wp-simple-firewall&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/063826cc-7ff3-4869-9831-f6a4a4bbe74c?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-69xx/CVE-2023-6996.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6996",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:15:58.773",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-13T16:11:03.577",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Display custom fields in the frontend \u2013 Post and User Profile Fields plugin for WordPress is vulnerable to Code Injection via the plugin's vg_display_data shortcode in all versions up to, and including, 1.2.1 due to insufficient input validation and restriction on access to that shortcode. This makes it possible for authenticated attackers with contributor-level and above permissions to call arbitrary functions and execute code."
},
{
"lang": "es",
"value": "El complemento Display custom fields in the frontend \u2013 Post and User Profile Fields para WordPress es vulnerable a la inyecci\u00f3n de c\u00f3digo a trav\u00e9s del c\u00f3digo corto vg_display_data del complemento en todas las versiones hasta la 1.2.1 incluida, debido a una validaci\u00f3n de entrada insuficiente y a la restricci\u00f3n de acceso a ese c\u00f3digo corto. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores llamen a funciones arbitrarias y ejecuten c\u00f3digo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,14 +58,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vegacorp:display_custom_fields_in_the_frontend_-_post_and_user_profile_fields:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.0",
"matchCriteriaId": "55834056-CF85-412B-B09C-28F57967A11D"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3021133%40shortcode-to-display-post-and-user-data&new=3021133%40shortcode-to-display-post-and-user-data&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e0662c3a-5b82-4b9a-aa69-147094930d1f?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-70xx/CVE-2023-7014.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-7014",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:15:58.943",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-13T16:18:27.937",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Author Box, Guest Author and Co-Authors for Your Posts \u2013 Molongui plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.7.4 via the 'ma_debu' parameter. This makes it possible for unauthenticated attackers to extract sensitive data including post author emails and names if applicable."
},
{
"lang": "es",
"value": "El complemento Author Box, Guest Author and Co-Authors for Your Posts \u2013 Molongui para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 4.7.4 incluida, a trav\u00e9s del par\u00e1metro 'ma_debu'. Esto hace posible que atacantes no autenticados extraigan datos confidenciales, incluidos los nombres y los correos electr\u00f3nicos de los autores de las publicaciones, si corresponde."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,14 +58,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:molongui:authorship:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.7.5",
"matchCriteriaId": "F110C079-3E25-4DA9-B768-77342962D2B5"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3019084/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/538e9ce3-2d48-44ad-bd08-8eead3ef15c3?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-03xx/CVE-2024-0323.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0323",
"sourceIdentifier": "cybersecurity@ch.abb.com",
"published": "2024-02-05T16:15:54.980",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-13T15:38:16.320",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Use of a Broken or Risky Cryptographic Algorithm vulnerability in B&R Industrial Automation Automation Runtime (SDM modules).\n\n\n\nThe FTP server used on the B&R\nAutomation Runtime supports unsecure encryption mechanisms, such as SSLv3,\nTLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws to conduct\nman-in-the-middle attacks or to decrypt communications between the affected product\nclients. \u00a0\n\nThis issue affects Automation Runtime: from 14.0 before 14.93.\n\n"
},
{
"lang": "es",
"value": "Uso de una vulnerabilidad de algoritmo criptogr\u00e1fico defectuoso o riesgoso en B&R Industrial Automation Automation Runtime (m\u00f3dulos SDM). El servidor FTP utilizado en B&R Automation Runtime admite mecanismos de cifrado no seguros, como SSLv3, TLSv1.0 y TLS1.1. Un atacante basado en red puede explotar las fallas para realizar ataques de intermediario o para descifrar las comunicaciones entre los clientes del producto afectado. Este problema afecta a Automation Runtime: desde 14.0 antes de 14.93."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cybersecurity@ch.abb.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:br-automation:automation_runtime:*:*:*:*:*:*:*:*",
"versionEndIncluding": "i4.93",
"matchCriteriaId": "B9413C6B-C322-4F68-8CA3-EA167591CED0"
}
]
}
]
}
],
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA23P004_FTP_uses_unsecure_encryption_mechanisms-f57c147c.pdf",
"source": "cybersecurity@ch.abb.com"
"source": "cybersecurity@ch.abb.com",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-04xx/CVE-2024-0428.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0428",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:16:01.710",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-13T16:02:08.357",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Index Now plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.3. This is due to missing or incorrect nonce validation on the 'reset_form' function. This makes it possible for unauthenticated attackers to delete arbitrary site options via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El complemento Index Now para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 2.6.3 incluida. Esto se debe a una validaci\u00f3n nonce faltante o incorrecta en la funci\u00f3n 'reset_form'. Esto hace posible que atacantes no autenticados eliminen opciones arbitrarias del sitio mediante una solicitud falsificada, siempre que puedan enga\u00f1ar al administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kobzarev:index_now:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.6.3",
"matchCriteriaId": "DB8750D6-DF2B-4A4F-8640-BE8B7D1CFA15"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3020958/mihdan-index-now/tags/2.6.4/src/Views/WPOSA.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c7641d52-e930-4143-9180-2903d018da91?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-06xx/CVE-2024-0612.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0612",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:16:03.003",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-13T15:26:17.997",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Content Views \u2013 Post Grid, Slider, Accordion (Gutenberg Blocks and Shortcode) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
},
{
"lang": "es",
"value": "El complemento Content Views \u2013 Post Grid, Slider, Accordion (Gutenberg Blocks and Shortcode) para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de la configuraci\u00f3n de administrador en todas las versiones hasta la 3.6.2 incluida, debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con permisos de nivel de administrador y superiores, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada. Esto solo afecta a las instalaciones multisitio y a las instalaciones en las que se ha deshabilitado unfiltered_html."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:contentviewspro:content_views:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.6.2",
"matchCriteriaId": "3C38497F-0265-44DF-A887-C5FD74327BA5"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3024861/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aa4377a8-bcf4-45ba-824b-3505bd8e8c61?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-06xx/CVE-2024-0630.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0630",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:16:03.170",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-13T15:42:35.563",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The WP RSS Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the RSS feed source in all versions up to, and including, 4.23.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
},
{
"lang": "es",
"value": "El complemento WP RSS Aggregator para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de la fuente de alimentaci\u00f3n RSS en todas las versiones hasta la 4.23.4 incluida, debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso a nivel de administrador, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada. Esto solo afecta a las instalaciones multisitio y a las instalaciones en las que se ha deshabilitado unfiltered_html."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wprssaggregator:wp_rss_aggregator:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.23.4",
"matchCriteriaId": "094F7C34-E577-4F7B-83F1-69B566E4E60A"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3026269/wp-rss-aggregator",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93cb3b29-b1a0-4d40-a057-1b41f3b181f2?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-06xx/CVE-2024-0659.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0659",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:16:03.343",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-13T15:47:35.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Easy Digital Downloads \u2013 Sell Digital Files (eCommerce Store & Payments Made Easy) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the variable pricing option title in all versions up to, and including, 3.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with shop manger-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Easy Digital Downloads \u2013 Sell Digital Files (eCommerce Store & Payments Made Easy) para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del t\u00edtulo de la opci\u00f3n de precio variable en todas las versiones hasta la 3.2.6 incluida, debido a una sanitizaci\u00f3n de entrada insuficiente y la salida se escapa. Esto hace posible que atacantes autenticados, con acceso a nivel de administrador de tienda, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sandhillsdev:easy_digital_downloads:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.2.6",
"matchCriteriaId": "871AA9FA-B774-4439-91C1-C4687A865038"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/easy-digital-downloads/tags/3.2.6&old=3030600&new_path=/easy-digital-downloads/tags/3.2.7&new=3030600&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1ec207cd-cae5-4950-bbc8-d28f108b4ae7?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

78
CVE-2024/CVE-2024-06xx/CVE-2024-0668.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0668",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:16:03.700",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-13T16:24:26.927",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Advanced Database Cleaner plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.3 via deserialization of untrusted input in the 'process_bulk_action' function. This makes it possible for authenticated attacker, with administrator access and above, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code."
},
{
"lang": "es",
"value": "El complemento Advanced Database Cleaner para WordPress es vulnerable a la inyecci\u00f3n de objetos PHP en todas las versiones hasta la 3.1.3 incluida, a trav\u00e9s de la deserializaci\u00f3n de entradas que no son de confianza en la funci\u00f3n 'process_bulk_action'. Esto hace posible que un atacante autenticado, con acceso de administrador y superior, inyecte un objeto PHP. No hay ninguna cadena POP presente en el complemento vulnerable. Si hay una cadena POP presente a trav\u00e9s de un complemento o tema adicional instalado en el sistema de destino, podr\u00eda permitir al atacante eliminar archivos arbitrarios, recuperar datos confidenciales o ejecutar c\u00f3digo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,22 +58,64 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sigmaplugin:advanced_database_cleaner:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.1.3",
"matchCriteriaId": "D744BFB3-4A65-49E2-A503-CEC9617F231F"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-database-cleaner/tags/3.1.3/includes/class_clean_cron.php#L224",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-database-cleaner/tags/3.1.3/includes/class_clean_cron.php#L298",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3025980/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e0b8c24b-3e51-4637-9d8e-da065077d082?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-06xx/CVE-2024-0678.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0678",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:16:03.867",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-13T16:36:49.713",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Order Delivery Date for WP e-Commerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'available-days-tf' parameter in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Order Delivery Date for WP e-Commerce para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del par\u00e1metro 'available-days-tf' en todas las versiones hasta la 1.2 incluida, debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes no autenticados inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tychesoftwares:order_delivery_date_for_wp_e-commerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2",
"matchCriteriaId": "E30D5074-2D42-4B35-A058-7241986B8A05"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/order-delivery-date/trunk/order_delivery_date.php#L221",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/71fb90b6-a484-4a70-a9dc-795cbf2e275e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-06xx/CVE-2024-0691.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0691",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:16:04.037",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-13T16:57:26.083",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The FileBird plugin for WordPress is vulnerable to Stored Cross-Site Scripting via imported folder titles in all versions up to, and including, 5.5.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. It may also be possible to socially engineer an administrator into uploading a malicious folder import."
},
{
"lang": "es",
"value": "El complemento FileBird para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de t\u00edtulos de carpetas importados en todas las versiones hasta la 5.5.8.1 incluida, debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso de administrador, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada. Tambi\u00e9n es posible dise\u00f1ar socialmente a un administrador para que cargue una importaci\u00f3n de carpeta maliciosa."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ninjateam:filebird:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.5.8.1",
"matchCriteriaId": "02AFAB21-063F-4AB7-8034-88DFC58CD16B"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3023924/filebird",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/47f04985-dd9b-449f-8b4c-9811fe7e4a96?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-06xx/CVE-2024-0699.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0699",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:16:04.210",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-13T16:54:27.823",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'add_image_from_url' function in all versions up to, and including, 2.1.4. This makes it possible for authenticated attackers, with Editor access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible."
},
{
"lang": "es",
"value": "El complemento AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! para WordPress es vulnerable a la carga de archivos arbitrarios debido a la falta de validaci\u00f3n del tipo de archivo en la funci\u00f3n 'add_image_from_url' en todas las versiones hasta la 2.1.4 incluida. Esto hace posible que atacantes autenticados, con acceso de editor y superior, carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:meowapps:ai_engine:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1.4",
"matchCriteriaId": "4D3587CA-BA75-400E-958D-28AA4E33C4CA"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3021494/ai-engine/trunk/classes/core.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0a86f6ed-9755-4265-bc0d-2d0e18e9982f?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2024/CVE-2024-10xx/CVE-2024-1096.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-1096",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2024-02-13T15:15:08.217",
"lastModified": "2024-02-13T15:16:05.223",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Twister Antivirus v8.17 allows Elevation of Privileges on the computer where it's installed by triggering the 0x80112067, 0x801120CB and 0x801120CC IOCTL codes of the fildds.sys driver."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "http://www.filseclab.com/en-us/products/twister.htm",
"source": "help@fluidattacks.com"
},
{
"url": "https://fluidattacks.com/advisories/holiday/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2024/CVE-2024-11xx/CVE-2024-1140.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-1140",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2024-02-13T15:15:08.437",
"lastModified": "2024-02-13T15:16:05.223",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Twister Antivirus v8.17 is vulnerable to an Out-of-bounds Read vulnerability by triggering the 0x801120B8 IOCTL code of the filmfd.sys driver."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 5.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "http://www.filseclab.com/en-us/products/twister.htm",
"source": "help@fluidattacks.com"
},
{
"url": "https://fluidattacks.com/advisories/fitzgerald/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2024/CVE-2024-11xx/CVE-2024-1163.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-1163",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-02-13T15:15:08.647",
"lastModified": "2024-02-13T15:16:05.223",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Path Traversal in GitHub repository mbloch/mapshaper prior to 0.6.44."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/mbloch/mapshaper/commit/7437d903c0a87802c3751fc529d2de7098094c72",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/c1cbc18b-e4ab-4332-ad13-0033f0f976f5",
"source": "security@huntr.dev"
}
]
}

4
CVE-2024/CVE-2024-13xx/CVE-2024-1309.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1309",
"sourceIdentifier": "psirt@honeywell.com",
"published": "2024-02-13T14:15:46.463",
"lastModified": "2024-02-13T14:15:46.463",
"vulnStatus": "Received",
"lastModified": "2024-02-13T15:16:05.223",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

115
CVE-2024/CVE-2024-220xx/CVE-2024-22024.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22024",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-02-13T04:15:07.943",
"lastModified": "2024-02-13T14:01:11.297",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-02-13T15:15:32.193",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.7
}
],
"cvssMetricV30": [
{
"source": "support@hackerone.com",
@ -38,10 +60,97 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14.4:*:*:*:*:*:*",
"matchCriteriaId": "06520C75-9326-4C21-8AD6-6DE1ED031959"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17.2:*:*:*:*:*:*",
"matchCriteriaId": "8971445A-D65F-4C0E-906F-7AC4953C5689"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.3:*:*:*:*:*:*",
"matchCriteriaId": "014C7627-F211-48B1-80FA-3A7F608B4F23"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.4:r2.2:*:*:*:*:*:*",
"matchCriteriaId": "C4F6AA81-68BC-40B1-9062-DD678B52AAC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.5:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "5CF1705D-BE88-4B19-BE66-6628D8D8B688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.5:r2.2:*:*:*:*:*:*",
"matchCriteriaId": "49E6C8D1-612D-4C63-B3D4-D4AEE2747770"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.5:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "198A80DF-4BD5-4325-85FE-992324AB2166"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:zero_trust_access:22.6:r1.3:*:*:*:*:*:*",
"matchCriteriaId": "E70E1C11-4209-49F0-952E-636F67187225"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/CVE-2024-22024-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
]
}
]
}

24
CVE-2024/CVE-2024-229xx/CVE-2024-22923.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-22923",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-13T16:15:08.847",
"lastModified": "2024-02-13T16:15:08.847",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in adv radius v.2.2.5 allows a local attacker to execute arbitrary code via a crafted script."
}
],
"metrics": {},
"references": [
{
"url": "http://advradius.com/demo/",
"source": "cve@mitre.org"
},
{
"url": "https://gist.github.com/whiteman007/",
"source": "cve@mitre.org"
}
]
}

59
CVE-2024/CVE-2024-234xx/CVE-2024-23439.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-23439",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2024-02-13T15:15:08.850",
"lastModified": "2024-02-13T15:16:05.223",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Vba32 Antivirus v3.36.0 is vulnerable to an Arbitrary Memory Read vulnerability by triggering the 0x22201B, 0x22201F, 0x222023, 0x222027 ,0x22202B, 0x22202F, 0x22203F, 0x222057 and 0x22205B IOCTL codes of the Vba32m64.sys driver."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/adderley/",
"source": "help@fluidattacks.com"
},
{
"url": "https://www.anti-virus.by/vba32",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2024/CVE-2024-234xx/CVE-2024-23440.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-23440",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2024-02-13T15:15:09.070",
"lastModified": "2024-02-13T15:16:05.223",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Vba32 Antivirus v3.36.0 is vulnerable to an Arbitrary Memory Read vulnerability.\u00a0The 0x22200B IOCTL code of the Vba32m64.sys driver allows to read up to 0x802 of memory from ar arbitrary user-supplied pointer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/adderley/",
"source": "help@fluidattacks.com"
},
{
"url": "https://www.anti-virus.by/vba32",
"source": "help@fluidattacks.com"
}
]
}

79
CVE-2024/CVE-2024-243xx/CVE-2024-24398.json
View File

@ -2,27 +2,94 @@
"id": "CVE-2024-24398",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-06T00:15:08.183",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-13T16:06:17.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function."
},
{
"lang": "es",
"value": "Vulnerabilidad de Directory Traversal en Stimulsoft GmbH Stimulsoft Dashboard.JS anterior a v.2024.1.2 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado en el par\u00e1metro fileName de la funci\u00f3n Guardar."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stimulsoft:dashboards.php:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.1.2",
"matchCriteriaId": "9A6C93C6-FBF3-41DA-83B3-091EA2D53F6D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://stimulsoft.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://cloud-trustit.spp.at/s/Pi78FFazHamJQ5R",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
]
},
{
"url": "https://cves.at/posts/cve-2024-24398/writeup/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-247xx/CVE-2024-24781.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24781",
"sourceIdentifier": "info@cert.vde.com",
"published": "2024-02-13T14:15:46.780",
"lastModified": "2024-02-13T14:15:46.780",
"vulnStatus": "Received",
"lastModified": "2024-02-13T15:16:05.223",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-247xx/CVE-2024-24782.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24782",
"sourceIdentifier": "info@cert.vde.com",
"published": "2024-02-13T14:15:47.053",
"lastModified": "2024-02-13T14:15:47.053",
"vulnStatus": "Received",
"lastModified": "2024-02-13T15:16:05.223",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

79
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-02-13T15:00:24.887578+00:00
2024-02-13T17:00:24.588427+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-02-13T14:50:45.737000+00:00
2024-02-13T16:57:26.083000+00:00
```
### Last Data Feed Release
@ -29,53 +29,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
238284
238294
```
### CVEs added in the last Commit
Recently added CVEs: `9`
Recently added CVEs: `10`
* [CVE-2023-4408](CVE-2023/CVE-2023-44xx/CVE-2023-4408.json) (`2024-02-13T14:15:45.253`)
* [CVE-2023-5517](CVE-2023/CVE-2023-55xx/CVE-2023-5517.json) (`2024-02-13T14:15:45.510`)
* [CVE-2023-5679](CVE-2023/CVE-2023-56xx/CVE-2023-5679.json) (`2024-02-13T14:15:45.677`)
* [CVE-2023-5680](CVE-2023/CVE-2023-56xx/CVE-2023-5680.json) (`2024-02-13T14:15:45.850`)
* [CVE-2023-6516](CVE-2023/CVE-2023-65xx/CVE-2023-6516.json) (`2024-02-13T14:15:46.030`)
* [CVE-2024-0707](CVE-2024/CVE-2024-07xx/CVE-2024-0707.json) (`2024-02-13T14:15:46.257`)
* [CVE-2024-1309](CVE-2024/CVE-2024-13xx/CVE-2024-1309.json) (`2024-02-13T14:15:46.463`)
* [CVE-2024-24781](CVE-2024/CVE-2024-247xx/CVE-2024-24781.json) (`2024-02-13T14:15:46.780`)
* [CVE-2024-24782](CVE-2024/CVE-2024-247xx/CVE-2024-24782.json) (`2024-02-13T14:15:47.053`)
* [CVE-2023-26562](CVE-2023/CVE-2023-265xx/CVE-2023-26562.json) (`2024-02-13T16:15:08.187`)
* [CVE-2023-45206](CVE-2023/CVE-2023-452xx/CVE-2023-45206.json) (`2024-02-13T16:15:08.257`)
* [CVE-2023-45207](CVE-2023/CVE-2023-452xx/CVE-2023-45207.json) (`2024-02-13T16:15:08.313`)
* [CVE-2023-48432](CVE-2023/CVE-2023-484xx/CVE-2023-48432.json) (`2024-02-13T16:15:08.380`)
* [CVE-2024-1096](CVE-2024/CVE-2024-10xx/CVE-2024-1096.json) (`2024-02-13T15:15:08.217`)
* [CVE-2024-1140](CVE-2024/CVE-2024-11xx/CVE-2024-1140.json) (`2024-02-13T15:15:08.437`)
* [CVE-2024-1163](CVE-2024/CVE-2024-11xx/CVE-2024-1163.json) (`2024-02-13T15:15:08.647`)
* [CVE-2024-23439](CVE-2024/CVE-2024-234xx/CVE-2024-23439.json) (`2024-02-13T15:15:08.850`)
* [CVE-2024-23440](CVE-2024/CVE-2024-234xx/CVE-2024-23440.json) (`2024-02-13T15:15:09.070`)
* [CVE-2024-22923](CVE-2024/CVE-2024-229xx/CVE-2024-22923.json) (`2024-02-13T16:15:08.847`)
### CVEs modified in the last Commit
Recently modified CVEs: `87`
Recently modified CVEs: `67`
* [CVE-2024-24740](CVE-2024/CVE-2024-247xx/CVE-2024-24740.json) (`2024-02-13T14:01:40.577`)
* [CVE-2024-24742](CVE-2024/CVE-2024-247xx/CVE-2024-24742.json) (`2024-02-13T14:01:40.577`)
* [CVE-2024-24743](CVE-2024/CVE-2024-247xx/CVE-2024-24743.json) (`2024-02-13T14:01:40.577`)
* [CVE-2024-25642](CVE-2024/CVE-2024-256xx/CVE-2024-25642.json) (`2024-02-13T14:01:40.577`)
* [CVE-2024-22129](CVE-2024/CVE-2024-221xx/CVE-2024-22129.json) (`2024-02-13T14:01:40.577`)
* [CVE-2024-24741](CVE-2024/CVE-2024-247xx/CVE-2024-24741.json) (`2024-02-13T14:01:40.577`)
* [CVE-2024-1250](CVE-2024/CVE-2024-12xx/CVE-2024-1250.json) (`2024-02-13T14:01:49.147`)
* [CVE-2024-1459](CVE-2024/CVE-2024-14xx/CVE-2024-1459.json) (`2024-02-13T14:01:49.147`)
* [CVE-2024-23833](CVE-2024/CVE-2024-238xx/CVE-2024-23833.json) (`2024-02-13T14:01:49.147`)
* [CVE-2024-23759](CVE-2024/CVE-2024-237xx/CVE-2024-23759.json) (`2024-02-13T14:01:49.147`)
* [CVE-2024-23760](CVE-2024/CVE-2024-237xx/CVE-2024-23760.json) (`2024-02-13T14:01:49.147`)
* [CVE-2024-23761](CVE-2024/CVE-2024-237xx/CVE-2024-23761.json) (`2024-02-13T14:01:49.147`)
* [CVE-2024-23762](CVE-2024/CVE-2024-237xx/CVE-2024-23762.json) (`2024-02-13T14:01:49.147`)
* [CVE-2024-23763](CVE-2024/CVE-2024-237xx/CVE-2024-23763.json) (`2024-02-13T14:01:49.147`)
* [CVE-2024-24337](CVE-2024/CVE-2024-243xx/CVE-2024-24337.json) (`2024-02-13T14:01:49.147`)
* [CVE-2024-1454](CVE-2024/CVE-2024-14xx/CVE-2024-1454.json) (`2024-02-13T14:01:49.147`)
* [CVE-2024-24826](CVE-2024/CVE-2024-248xx/CVE-2024-24826.json) (`2024-02-13T14:01:49.147`)
* [CVE-2024-0585](CVE-2024/CVE-2024-05xx/CVE-2024-0585.json) (`2024-02-13T14:04:59.323`)
* [CVE-2024-0586](CVE-2024/CVE-2024-05xx/CVE-2024-0586.json) (`2024-02-13T14:05:10.647`)
* [CVE-2024-0597](CVE-2024/CVE-2024-05xx/CVE-2024-0597.json) (`2024-02-13T14:05:27.427`)
* [CVE-2024-0660](CVE-2024/CVE-2024-06xx/CVE-2024-0660.json) (`2024-02-13T14:05:53.893`)
* [CVE-2024-1177](CVE-2024/CVE-2024-11xx/CVE-2024-1177.json) (`2024-02-13T14:06:04.817`)
* [CVE-2024-1208](CVE-2024/CVE-2024-12xx/CVE-2024-1208.json) (`2024-02-13T14:06:24.090`)
* [CVE-2024-24595](CVE-2024/CVE-2024-245xx/CVE-2024-24595.json) (`2024-02-13T14:08:55.650`)
* [CVE-2024-1432](CVE-2024/CVE-2024-14xx/CVE-2024-1432.json) (`2024-02-13T14:15:46.667`)
* [CVE-2023-6982](CVE-2023/CVE-2023-69xx/CVE-2023-6982.json) (`2024-02-13T15:17:06.363`)
* [CVE-2023-6989](CVE-2023/CVE-2023-69xx/CVE-2023-6989.json) (`2024-02-13T15:23:09.840`)
* [CVE-2023-52046](CVE-2023/CVE-2023-520xx/CVE-2023-52046.json) (`2024-02-13T16:05:49.580`)
* [CVE-2023-46359](CVE-2023/CVE-2023-463xx/CVE-2023-46359.json) (`2024-02-13T16:06:48.480`)
* [CVE-2023-6996](CVE-2023/CVE-2023-69xx/CVE-2023-6996.json) (`2024-02-13T16:11:03.577`)
* [CVE-2023-4408](CVE-2023/CVE-2023-44xx/CVE-2023-4408.json) (`2024-02-13T16:15:08.450`)
* [CVE-2023-5517](CVE-2023/CVE-2023-55xx/CVE-2023-5517.json) (`2024-02-13T16:15:08.550`)
* [CVE-2023-5679](CVE-2023/CVE-2023-56xx/CVE-2023-5679.json) (`2024-02-13T16:15:08.647`)
* [CVE-2023-6516](CVE-2023/CVE-2023-65xx/CVE-2023-6516.json) (`2024-02-13T16:15:08.743`)
* [CVE-2023-7014](CVE-2023/CVE-2023-70xx/CVE-2023-7014.json) (`2024-02-13T16:18:27.937`)
* [CVE-2023-47355](CVE-2023/CVE-2023-473xx/CVE-2023-47355.json) (`2024-02-13T16:43:37.553`)
* [CVE-2024-22024](CVE-2024/CVE-2024-220xx/CVE-2024-22024.json) (`2024-02-13T15:15:32.193`)
* [CVE-2024-1309](CVE-2024/CVE-2024-13xx/CVE-2024-1309.json) (`2024-02-13T15:16:05.223`)
* [CVE-2024-24781](CVE-2024/CVE-2024-247xx/CVE-2024-24781.json) (`2024-02-13T15:16:05.223`)
* [CVE-2024-24782](CVE-2024/CVE-2024-247xx/CVE-2024-24782.json) (`2024-02-13T15:16:05.223`)
* [CVE-2024-0612](CVE-2024/CVE-2024-06xx/CVE-2024-0612.json) (`2024-02-13T15:26:17.997`)
* [CVE-2024-0323](CVE-2024/CVE-2024-03xx/CVE-2024-0323.json) (`2024-02-13T15:38:16.320`)
* [CVE-2024-0630](CVE-2024/CVE-2024-06xx/CVE-2024-0630.json) (`2024-02-13T15:42:35.563`)
* [CVE-2024-0659](CVE-2024/CVE-2024-06xx/CVE-2024-0659.json) (`2024-02-13T15:47:35.880`)
* [CVE-2024-0428](CVE-2024/CVE-2024-04xx/CVE-2024-0428.json) (`2024-02-13T16:02:08.357`)
* [CVE-2024-24398](CVE-2024/CVE-2024-243xx/CVE-2024-24398.json) (`2024-02-13T16:06:17.117`)
* [CVE-2024-0668](CVE-2024/CVE-2024-06xx/CVE-2024-0668.json) (`2024-02-13T16:24:26.927`)
* [CVE-2024-0678](CVE-2024/CVE-2024-06xx/CVE-2024-0678.json) (`2024-02-13T16:36:49.713`)
* [CVE-2024-0699](CVE-2024/CVE-2024-06xx/CVE-2024-0699.json) (`2024-02-13T16:54:27.823`)
* [CVE-2024-0691](CVE-2024/CVE-2024-06xx/CVE-2024-0691.json) (`2024-02-13T16:57:26.083`)
## Download and Usage