diff --git a/CVE-2024/CVE-2024-287xx/CVE-2024-28794.json b/CVE-2024/CVE-2024-287xx/CVE-2024-28794.json index b0b59737a05..100ad179fb3 100644 --- a/CVE-2024/CVE-2024-287xx/CVE-2024-28794.json +++ b/CVE-2024/CVE-2024-287xx/CVE-2024-28794.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28794", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-06-30T19:15:02.233", - "lastModified": "2024-07-01T12:37:24.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-07-31T16:45:28.247", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -51,14 +81,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*", + "matchCriteriaId": "4CED2F00-89E3-4BA9-A8FB-D43B308A59A8" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/286831", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7158444", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-378xx/CVE-2024-37898.json b/CVE-2024/CVE-2024-378xx/CVE-2024-37898.json new file mode 100644 index 00000000000..3fb1da90e3a --- /dev/null +++ b/CVE-2024/CVE-2024-378xx/CVE-2024-37898.json @@ -0,0 +1,76 @@ +{ + "id": "CVE-2024-37898", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-07-31T16:15:03.197", + "lastModified": "2024-07-31T16:15:03.197", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When a user has view but not edit right on a page in XWiki, that user can delete the page and replace it by a page with new content without having delete right. The previous version of the page is moved into the recycle bin and can be restored from there by an admin. As the user is recorded as deleter, the user would in theory also be able to view the deleted content, but this is not directly possible as rights of the previous version are transferred to the new page and thus the user still doesn't have view right on the page. It therefore doesn't seem to be possible to exploit this to gain any rights. This has been patched in XWiki 14.10.21, 15.5.5 and 15.10.6 by cancelling save operations by users when a new document shall be saved despite the document's existing already." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/xwiki/xwiki-platform/commit/0bc27d6ec63c8a505ff950e2d1792cb4f773c22e", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/56f5d8aab7371d5ba891168f73890806551322c5", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/c5efc1e519e710afdf3c5f40c0fcc300ad77149f", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/e4968fe268e5644ffd9bfa4ef6257d2796446009", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-33gp-gmg3-hfpq", + "source": "security-advisories@github.com" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-21553", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-379xx/CVE-2024-37900.json b/CVE-2024/CVE-2024-379xx/CVE-2024-37900.json new file mode 100644 index 00000000000..fffeff4f054 --- /dev/null +++ b/CVE-2024/CVE-2024-379xx/CVE-2024-37900.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2024-37900", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-07-31T16:15:03.440", + "lastModified": "2024-07-31T16:15:03.440", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When uploading an attachment with a malicious filename, malicious JavaScript code could be executed. This requires a social engineering attack to get the victim into uploading a file with a malicious name. The malicious code is solely executed during the upload and affects only the user uploading the attachment. While this allows performing actions in the name of that user, it seems unlikely that a user wouldn't notice the malicious filename while uploading the attachment. This has been patched in XWiki 14.10.21, 15.5.5, 15.10.6 and 16.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-96" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/xwiki/xwiki-platform/commit/6cdd69d31d6bf3caa7f40ec55eb317e4e528ad28", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/8b8a2d80529b9a9c038014c1eb6c2adc08069dfd", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/910a5018a50039e8b24556573dfe342f143ef949", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/9df46f8e5313af46f93bccd1ebc682e28126573f", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-wf3x-jccf-5g5g", + "source": "security-advisories@github.com" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-19602", + "source": "security-advisories@github.com" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-19611", + "source": "security-advisories@github.com" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-21769", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-379xx/CVE-2024-37901.json b/CVE-2024/CVE-2024-379xx/CVE-2024-37901.json new file mode 100644 index 00000000000..4b7abd1cae8 --- /dev/null +++ b/CVE-2024/CVE-2024-379xx/CVE-2024-37901.json @@ -0,0 +1,80 @@ +{ + "id": "CVE-2024-37901", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-07-31T16:15:03.683", + "lastModified": "2024-07-31T16:15:03.683", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit right on any page can perform arbitrary remote code execution by adding instances of `XWiki.SearchSuggestConfig` and `XWiki.SearchSuggestSourceClass` to their user profile or any other page. This compromises the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.21, 15.5.5 and 15.10.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.9, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.1, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + }, + { + "lang": "en", + "value": "CWE-95" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/xwiki/xwiki-platform/commit/0b135760514fef73db748986a3311f3edd4a553b", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/742cd4591642be4cdcaf68325f17540e0934e64e", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/9ce3e0319869b6d8131fc4e0909736f7041566a4", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/bbde8a4f564e3c28839440076334a9093e2b4834", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-h63h-5c77-77p5", + "source": "security-advisories@github.com" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-21473", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-393xx/CVE-2024-39318.json b/CVE-2024/CVE-2024-393xx/CVE-2024-39318.json new file mode 100644 index 00000000000..aefd3284281 --- /dev/null +++ b/CVE-2024/CVE-2024-393xx/CVE-2024-39318.json @@ -0,0 +1,72 @@ +{ + "id": "CVE-2024-39318", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-07-31T16:15:03.937", + "lastModified": "2024-07-31T16:15:03.937", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Ibexa Admin UI Bundle contains all the necessary parts to run the Ibexa DXP Back Office interface. The file upload widget is vulnerable to XSS payloads in filenames. Access permission to upload files is required. As such, in most cases only authenticated editors and administrators will have the required permission. It is not persistent, i.e. the payload is only executed during the upload. In effect, an attacker will have to trick an editor/administrator into uploading a strangely named file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://developers.ibexa.co/security-advisories/ibexa-sa-2024-004-dom-based-xss-in-file-upload", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/ezsystems/ezplatform-admin-ui/commit/7a9f991b200fa5a03d49cd07f50577c8bc90a30b", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/ezsystems/ezplatform-admin-ui/security/advisories/GHSA-gc5h-6jx9-q2qh", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/ibexa/admin-ui/commit/8dc413fad1045fcfbe65dbcb0bea8516accc4c3e", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/ibexa/admin-ui/security/advisories/GHSA-qm44-wjm2-pr59", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-396xx/CVE-2024-39694.json b/CVE-2024/CVE-2024-396xx/CVE-2024-39694.json new file mode 100644 index 00000000000..11470bd58b5 --- /dev/null +++ b/CVE-2024/CVE-2024-396xx/CVE-2024-39694.json @@ -0,0 +1,76 @@ +{ + "id": "CVE-2024-39694", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-07-31T16:15:04.207", + "lastModified": "2024-07-31T16:15:04.207", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ASP.NET Core. It is possible for an attacker to craft malicious Urls that certain functions in IdentityServer will incorrectly treat as local and trusted. If such a Url is returned as a redirect, some browsers will follow it to a third-party, untrusted site. Note: by itself, this vulnerability does **not** allow an attacker to obtain user credentials, authorization codes, access tokens, refresh tokens, or identity tokens. An attacker could however exploit this vulnerability as part of a phishing attack designed to steal user credentials. This vulnerability is fixed in 7.0.6, 6.3.10, 6.2.5, 6.1.8, and 6.0.5. Duende.IdentityServer 5.1 and earlier and all versions of IdentityServer4 are no longer supported and will not be receiving updates. If upgrading is not possible, use `IUrlHelper.IsLocalUrl` from ASP.NET Core to validate return Urls in user interface code in the IdentityServer host." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/DuendeSoftware/IdentityServer/commit/269ca2171fe1e901c87f2f0797bbc7c230db87c6", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/DuendeSoftware/IdentityServer/commit/765116a2d4fb0671b6eba015e698533900c61c8e", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/DuendeSoftware/IdentityServer/commit/d0d8eab35ad9183b14925496803ed8b36658d0a1", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/DuendeSoftware/IdentityServer/commit/f04cf0be859b93f43563f8f812eb92206ad94011", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/DuendeSoftware/IdentityServer/commit/fe817b499933d6ed6141b153492d7335c28b184a", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/DuendeSoftware/IdentityServer/security/advisories/GHSA-ff4q-64jc-gx98", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41947.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41947.json new file mode 100644 index 00000000000..338f80432bf --- /dev/null +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41947.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-41947", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-07-31T16:15:04.540", + "lastModified": "2024-07-31T16:15:04.540", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. By creating a conflict when another user with more rights is currently editing a page, it is possible to execute JavaScript snippets on the side of the other user, which compromises the confidentiality, integrity and availability of the whole XWiki installation. This has been patched in XWiki 15.10.8 and 16.3.0RC1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-80" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/xwiki/xwiki-platform/commit/821d43ec45e67d45a6735a0717b9b77fffc1cd9f", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/e00e159d3737397eebd1f6ff925c1f5cb7cdec34", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-692v-783f-mg8x", + "source": "security-advisories@github.com" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-21626", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41950.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41950.json new file mode 100644 index 00000000000..1b735fab6b5 --- /dev/null +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41950.json @@ -0,0 +1,76 @@ +{ + "id": "CVE-2024-41950", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-07-31T16:15:04.797", + "lastModified": "2024-07-31T16:15:04.797", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Haystack is an end-to-end LLM framework that allows you to build applications powered by LLMs, Transformer models, vector search and more. Haystack clients that let their users create and run Pipelines from scratch are vulnerable to remote code executions. Certain Components in Haystack use Jinja2 templates, if anyone can create and render that template on the client machine they run any code. The vulnerability has been fixed with Haystack `2.3.1`." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-1336" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/deepset-ai/haystack/commit/3fed1366c448b02189851bf08166c1f6477a02b0", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/deepset-ai/haystack/commit/6c25a5c73e83aa32c3241ba84a5cbb3ac0e8a89e", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/deepset-ai/haystack/pull/8095", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/deepset-ai/haystack/pull/8096", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/deepset-ai/haystack/releases/tag/v2.3.1", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/deepset-ai/haystack/security/advisories/GHSA-hx9v-6r9f-w677", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41952.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41952.json new file mode 100644 index 00000000000..8f5e5b091b9 --- /dev/null +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41952.json @@ -0,0 +1,104 @@ +{ + "id": "CVE-2024-41952", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-07-31T17:15:10.597", + "lastModified": "2024-07-31T17:15:10.597", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Zitadel is an open source identity management system. ZITADEL administrators can enable a setting called \"Ignoring unknown usernames\" which helps mitigate attacks that try to guess/enumerate usernames. If enabled, ZITADEL will show the password prompt even if the user doesn't exist and report \"Username or Password invalid\". Due to a implementation change to prevent deadlocks calling the database, the flag would not be correctly respected in all cases and an attacker would gain information if an account exist within ZITADEL, since the error message shows \"object not found\" instead of the generic error message. This vulnerability is fixed in 2.58.1, 2.57.1, 2.56.2, 2.55.5, 2.54.8, and 2.53.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-203" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/zitadel/zitadel/commit/0ab0c645ef914298c343fa39cccb1290aba48bf6", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/commit/3c7d12834e32426416235b9e3374be0f4b9380b8", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/commit/5c2526c98aafd1ba206be2fa4291b1d24c384f6d", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/commit/8565d24fd8df5bd35294313cfbfcc2e15aea20e9", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/commit/b0e71a81ef39667ce2a149ce037c1ca0edbe059d", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/commit/fc1d415b8db5b8d481bb65206ce3fc944c0eecea", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.53.9", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.54.8", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.55.5", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.56.2", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.57.1", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.58.1", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-567v-6hmg-6qg7", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41953.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41953.json new file mode 100644 index 00000000000..ad53e6dc084 --- /dev/null +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41953.json @@ -0,0 +1,112 @@ +{ + "id": "CVE-2024-41953", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-07-31T17:15:10.850", + "lastModified": "2024-07-31T17:15:10.850", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Zitadel is an open source identity management system. ZITADEL uses HTML for emails and renders certain information such as usernames dynamically. That information can be entered by users or administrators. Due to a missing output sanitization, these emails could include malicious code. This may potentially lead to a threat where an attacker, without privileges, could send out altered notifications that are part of the registration processes. An attacker could create a malicious link, where the injected code would be rendered as part of the email. On the user's detail page, the username was also not sanitized and would also render HTML, giving an attacker the same vulnerability. While it was possible to inject HTML including javascript, the execution of such scripts would be prevented by most email clients and the Content Security Policy in Console UI. This vulnerability is fixed in 2.58.1, 2.57.1, 2.56.2, 2.55.5, 2.54.8 2.53.9, and 2.52.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/zitadel/zitadel/commit/0e1f99e987b5851caec45a72660fe9f67e425747", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/commit/38da602ee1cfc35c0d7918c298fbfc3f3674133b", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/commit/4b59cac67bb89c1f3f84a2041dd273d11151d29f", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/commit/c1a3fc72dde16e987d8a09aa291e7c2edfc928f7", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/commit/c353f82f89c6982c0888c6763363296cf4263cb2", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/commit/d04ac6df8f2f0243e649b802a8bfa6176cef0923", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/commit/f846616a3f022e88e3ea8cea05d3254ad86f1615", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.52.3", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.53.9", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.54.8", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.55.5", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.56.2", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.57.1", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/releases/tag/v2.58.1", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-v333-7h2p-5fhv", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6973.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6973.json new file mode 100644 index 00000000000..44f37f2fa4c --- /dev/null +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6973.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-6973", + "sourceIdentifier": "2505284f-8ffb-486c-bf60-e19c1097a90b", + "published": "2024-07-31T17:15:11.153", + "lastModified": "2024-07-31T17:15:11.153", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Input Validation vulnerability in Cato Networks SDP Client on Windows allows OS Command Injection.This issue affects Windows SDP Client: before 5.10.34." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "2505284f-8ffb-486c-bf60-e19c1097a90b", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "2505284f-8ffb-486c-bf60-e19c1097a90b", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://support.catonetworks.com/hc/en-us/articles/19756987454237-CVE-2024-6973-Windows-SDP-Client-Remote-Code-Execution-via-crafted-URLs", + "source": "2505284f-8ffb-486c-bf60-e19c1097a90b" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6974.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6974.json new file mode 100644 index 00000000000..a57af044056 --- /dev/null +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6974.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-6974", + "sourceIdentifier": "2505284f-8ffb-486c-bf60-e19c1097a90b", + "published": "2024-07-31T17:15:11.413", + "lastModified": "2024-07-31T17:15:11.413", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Untrusted Search Path, Incorrect Default Permissions vulnerability in Cato Networks SDP Client on Windows allows Privilege Escalation.This issue affects SDP Client: before 5.10.34." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "2505284f-8ffb-486c-bf60-e19c1097a90b", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.0, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "2505284f-8ffb-486c-bf60-e19c1097a90b", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + }, + { + "lang": "en", + "value": "CWE-426" + } + ] + } + ], + "references": [ + { + "url": "https://support.catonetworks.com/hc/en-us/articles/19762641007133-CVE-2024-6974-Windows-SDP-Client-Local-Privilege-Escalation-via-self-upgrade", + "source": "2505284f-8ffb-486c-bf60-e19c1097a90b" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6975.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6975.json new file mode 100644 index 00000000000..363ed2ebd36 --- /dev/null +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6975.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-6975", + "sourceIdentifier": "2505284f-8ffb-486c-bf60-e19c1097a90b", + "published": "2024-07-31T17:15:11.640", + "lastModified": "2024-07-31T17:15:11.640", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Untrusted Search Path vulnerability in Cato Networks SDP Client on Windows allows Privilege Escalation.This issue affects SDP Client: before 5.10.34." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "2505284f-8ffb-486c-bf60-e19c1097a90b", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.0, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "2505284f-8ffb-486c-bf60-e19c1097a90b", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-426" + } + ] + } + ], + "references": [ + { + "url": "https://support.catonetworks.com/hc/en-us/articles/19758025406621-CVE-2024-6975-Windows-SDP-Client-Local-Privilege-Escalation-via-openssl-configuration-file", + "source": "2505284f-8ffb-486c-bf60-e19c1097a90b" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6977.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6977.json new file mode 100644 index 00000000000..64a2c919f05 --- /dev/null +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6977.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-6977", + "sourceIdentifier": "2505284f-8ffb-486c-bf60-e19c1097a90b", + "published": "2024-07-31T17:15:11.860", + "lastModified": "2024-07-31T17:15:11.860", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in Cato Networks SDP Client on Windows allows the insertion of sensitive information into the log file, which can lead to an account takeover. However, the attack requires bypassing protections on modifying the tunnel token on a the attacker's system.This issue affects SDP Client: before 5.10.34." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "2505284f-8ffb-486c-bf60-e19c1097a90b", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.0, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "2505284f-8ffb-486c-bf60-e19c1097a90b", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "references": [ + { + "url": "https://support.catonetworks.com/hc/en-us/articles/19766795729437-CVE-2024-6977-Windows-SDP-Client-Sensitive-data-in-trace-logs-can-lead-to-account-takeover", + "source": "2505284f-8ffb-486c-bf60-e19c1097a90b" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6978.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6978.json new file mode 100644 index 00000000000..16d80758c9c --- /dev/null +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6978.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-6978", + "sourceIdentifier": "2505284f-8ffb-486c-bf60-e19c1097a90b", + "published": "2024-07-31T17:15:12.090", + "lastModified": "2024-07-31T17:15:12.090", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Input Validation vulnerability in Cato Networks SDP Client on Windows allows Command Injection.This issue affects SDP Client: before 5.10.28." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "2505284f-8ffb-486c-bf60-e19c1097a90b", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.1, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "2505284f-8ffb-486c-bf60-e19c1097a90b", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://support.catonetworks.com/hc/en-us/articles/19767051500957-CVE-2024-6978-Windows-SDP-Client-Local-root-certificates-can-be-installed-with-low-privileged-users", + "source": "2505284f-8ffb-486c-bf60-e19c1097a90b" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-72xx/CVE-2024-7299.json b/CVE-2024/CVE-2024-72xx/CVE-2024-7299.json index f462531819e..3fc954fcabc 100644 --- a/CVE-2024/CVE-2024-72xx/CVE-2024-7299.json +++ b/CVE-2024/CVE-2024-72xx/CVE-2024-7299.json @@ -2,7 +2,7 @@ "id": "CVE-2024-7299", "sourceIdentifier": "cna@vuldb.com", "published": "2024-07-31T07:15:02.377", - "lastModified": "2024-07-31T12:57:02.300", + "lastModified": "2024-07-31T16:15:05.217", "vulnStatus": "Awaiting Analysis", "cveTags": [ { diff --git a/README.md b/README.md index 9a9b595b32e..ba8c0d38394 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-07-31T16:00:17.498555+00:00 +2024-07-31T18:00:17.300343+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-07-31T15:38:54.880000+00:00 +2024-07-31T17:15:12.090000+00:00 ``` ### Last Data Feed Release @@ -33,38 +33,35 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -258645 +258659 ``` ### CVEs added in the last Commit -Recently added CVEs: `9` +Recently added CVEs: `14` -- [CVE-2024-3082](CVE-2024/CVE-2024-30xx/CVE-2024-3082.json) (`2024-07-31T14:15:07.157`) -- [CVE-2024-3083](CVE-2024/CVE-2024-30xx/CVE-2024-3083.json) (`2024-07-31T14:15:07.433`) -- [CVE-2024-31199](CVE-2024/CVE-2024-311xx/CVE-2024-31199.json) (`2024-07-31T14:15:03.420`) -- [CVE-2024-31200](CVE-2024/CVE-2024-312xx/CVE-2024-31200.json) (`2024-07-31T14:15:03.823`) -- [CVE-2024-31201](CVE-2024/CVE-2024-312xx/CVE-2024-31201.json) (`2024-07-31T14:15:04.430`) -- [CVE-2024-31202](CVE-2024/CVE-2024-312xx/CVE-2024-31202.json) (`2024-07-31T14:15:05.127`) -- [CVE-2024-31203](CVE-2024/CVE-2024-312xx/CVE-2024-31203.json) (`2024-07-31T14:15:05.760`) -- [CVE-2024-37135](CVE-2024/CVE-2024-371xx/CVE-2024-37135.json) (`2024-07-31T14:15:06.373`) -- [CVE-2024-7340](CVE-2024/CVE-2024-73xx/CVE-2024-7340.json) (`2024-07-31T15:15:11.203`) +- [CVE-2024-37898](CVE-2024/CVE-2024-378xx/CVE-2024-37898.json) (`2024-07-31T16:15:03.197`) +- [CVE-2024-37900](CVE-2024/CVE-2024-379xx/CVE-2024-37900.json) (`2024-07-31T16:15:03.440`) +- [CVE-2024-37901](CVE-2024/CVE-2024-379xx/CVE-2024-37901.json) (`2024-07-31T16:15:03.683`) +- [CVE-2024-39318](CVE-2024/CVE-2024-393xx/CVE-2024-39318.json) (`2024-07-31T16:15:03.937`) +- [CVE-2024-39694](CVE-2024/CVE-2024-396xx/CVE-2024-39694.json) (`2024-07-31T16:15:04.207`) +- [CVE-2024-41947](CVE-2024/CVE-2024-419xx/CVE-2024-41947.json) (`2024-07-31T16:15:04.540`) +- [CVE-2024-41950](CVE-2024/CVE-2024-419xx/CVE-2024-41950.json) (`2024-07-31T16:15:04.797`) +- [CVE-2024-41952](CVE-2024/CVE-2024-419xx/CVE-2024-41952.json) (`2024-07-31T17:15:10.597`) +- [CVE-2024-41953](CVE-2024/CVE-2024-419xx/CVE-2024-41953.json) (`2024-07-31T17:15:10.850`) +- [CVE-2024-6973](CVE-2024/CVE-2024-69xx/CVE-2024-6973.json) (`2024-07-31T17:15:11.153`) +- [CVE-2024-6974](CVE-2024/CVE-2024-69xx/CVE-2024-6974.json) (`2024-07-31T17:15:11.413`) +- [CVE-2024-6975](CVE-2024/CVE-2024-69xx/CVE-2024-6975.json) (`2024-07-31T17:15:11.640`) +- [CVE-2024-6977](CVE-2024/CVE-2024-69xx/CVE-2024-6977.json) (`2024-07-31T17:15:11.860`) +- [CVE-2024-6978](CVE-2024/CVE-2024-69xx/CVE-2024-6978.json) (`2024-07-31T17:15:12.090`) ### CVEs modified in the last Commit -Recently modified CVEs: `10` +Recently modified CVEs: `2` -- [CVE-2023-33859](CVE-2023/CVE-2023-338xx/CVE-2023-33859.json) (`2024-07-31T14:35:49.837`) -- [CVE-2024-34443](CVE-2024/CVE-2024-344xx/CVE-2024-34443.json) (`2024-07-31T14:20:21.527`) -- [CVE-2024-36450](CVE-2024/CVE-2024-364xx/CVE-2024-36450.json) (`2024-07-31T14:47:05.423`) -- [CVE-2024-37085](CVE-2024/CVE-2024-370xx/CVE-2024-37085.json) (`2024-07-31T14:46:29.270`) -- [CVE-2024-39489](CVE-2024/CVE-2024-394xx/CVE-2024-39489.json) (`2024-07-31T14:50:26.330`) -- [CVE-2024-39493](CVE-2024/CVE-2024-394xx/CVE-2024-39493.json) (`2024-07-31T15:38:54.880`) -- [CVE-2024-40332](CVE-2024/CVE-2024-403xx/CVE-2024-40332.json) (`2024-07-31T14:13:02.353`) -- [CVE-2024-40334](CVE-2024/CVE-2024-403xx/CVE-2024-40334.json) (`2024-07-31T14:08:39.863`) -- [CVE-2024-7205](CVE-2024/CVE-2024-72xx/CVE-2024-7205.json) (`2024-07-31T15:15:10.993`) -- [CVE-2024-7300](CVE-2024/CVE-2024-73xx/CVE-2024-7300.json) (`2024-07-31T14:15:08.080`) +- [CVE-2024-28794](CVE-2024/CVE-2024-287xx/CVE-2024-28794.json) (`2024-07-31T16:45:28.247`) +- [CVE-2024-7299](CVE-2024/CVE-2024-72xx/CVE-2024-7299.json) (`2024-07-31T16:15:05.217`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 46b61b4c4f1..a2f4a89606c 100644 --- a/_state.csv +++ b/_state.csv @@ -225362,7 +225362,7 @@ CVE-2023-33851,0,0,4ac32a90038a96c4290f8386bc4de44c14e956a2c207f0eac7a85d82111f6 CVE-2023-33852,0,0,bc3c73250f73c64645e886b9ff4fe0ce89bb90d67afa464822661d78d1e66b51,2023-08-29T04:43:06.033000 CVE-2023-33855,0,0,aa3542d64ac11799927f1e76ad33cc287cefdca6570205fddaaa45ff2dc14b58,2024-03-26T17:09:53.043000 CVE-2023-33857,0,0,461ab1216ce071b47e5cf7d0493fd77f1ce437192b2b2462adc03a14c2de1e57,2023-07-26T20:04:15.373000 -CVE-2023-33859,0,1,1b1ade4dc4a295bb1353d60de863e3037764abaad2e2ca93dff328fde71a0e98,2024-07-31T14:35:49.837000 +CVE-2023-33859,0,0,1b1ade4dc4a295bb1353d60de863e3037764abaad2e2ca93dff328fde71a0e98,2024-07-31T14:35:49.837000 CVE-2023-3386,0,0,6fa02141122260967003252410373f6f5b42a09c1fb2ee41780c2469fec010d1,2023-08-11T16:11:22.257000 CVE-2023-33860,0,0,c93725535a9bcd2c5b529956a43c8b730be8a858d9dd2aa0f8db3c7bbd5fe8e2,2024-07-11T13:05:54.930000 CVE-2023-33863,0,0,a359c32067342b6a093f34794b9db0b219bffe510feba9da55648a6426184afd,2023-11-25T11:15:17.060000 @@ -248578,7 +248578,7 @@ CVE-2024-28784,0,0,6938c040ba1b760c7dffbfb4cb6df832fb92ccc125db3fbab809c41581680 CVE-2024-28787,0,0,ae2fe056558612ea54f7786b2749d8c7eb4b79c4855a2500ae63276f0936f4b5,2024-04-04T19:24:50.670000 CVE-2024-2879,0,0,dbdb53723be18fbee30aefddb98b892cc05662454ff0dc284d9d7d7d767dab47,2024-04-08T22:49:41.533000 CVE-2024-28793,0,0,7d414f92d43f30000a62dc37a0c80fadf87a5ffc630bb3c26c9945f0e8b7cdb0,2024-06-10T18:15:29.983000 -CVE-2024-28794,0,0,5c23b350c07f05077487199b0f30cf4c260d9bb180f15dcf8074d12405596155,2024-07-01T12:37:24.220000 +CVE-2024-28794,0,1,c10da1b41da7071b80498b87abd9d687769c0fa94b037b7ebb3faa4084e98fd8,2024-07-31T16:45:28.247000 CVE-2024-28795,0,0,85ca001fb3cb03d4dd36866bdc97c8f8215d3ca21adf9037272467b426417389,2024-07-01T12:37:24.220000 CVE-2024-28796,0,0,9309b95ff28ad61ded45c96b0ce61eb28e84237793000fa8c06bf713a7309924,2024-07-18T12:28:43.707000 CVE-2024-28797,0,0,547032bd87708ea3c38ed72ff1608579c72d8cb562887365c52f23dade3c5df7,2024-07-01T12:37:24.220000 @@ -250050,8 +250050,8 @@ CVE-2024-30807,0,0,4152651982bff689cfa963c375e94b647d4d42e48408c3cb0b93ed4cc183e CVE-2024-30808,0,0,156121cad1cb8b48efeaec8ac2958220fd52aa0ba41912798852a887abc4f701,2024-04-02T20:31:58.463000 CVE-2024-30809,0,0,58fb0b648306f047aba385a4f82344252b50e4fdecb2dc71da8dfe6f60e19038,2024-04-02T20:31:58.463000 CVE-2024-3081,0,0,01dfa9fbad742b3b5c96a84664fd07fad21a9856f0e0dafe766309ca8f119c58,2024-05-17T02:39:42.433000 -CVE-2024-3082,1,1,446c0010a211551a8fc0e9a09bbc18130c8d5e860bd46145e72a42276f26c5f7,2024-07-31T14:15:07.157000 -CVE-2024-3083,1,1,b3007cf9b28e8bf86a8abcf0851cd04e4e6136e293202f75986885c8113e4d2e,2024-07-31T14:15:07.433000 +CVE-2024-3082,0,0,446c0010a211551a8fc0e9a09bbc18130c8d5e860bd46145e72a42276f26c5f7,2024-07-31T14:15:07.157000 +CVE-2024-3083,0,0,b3007cf9b28e8bf86a8abcf0851cd04e4e6136e293202f75986885c8113e4d2e,2024-07-31T14:15:07.433000 CVE-2024-3084,0,0,305df29625577e6dd31738e34631201c5ea39f1d684ffd5f5306069a5e541323,2024-05-17T02:39:42.520000 CVE-2024-30840,0,0,86698626452936acf43a8d936d3a900102fb950ec252f61138428e4da09a69d2,2024-04-16T13:24:07.103000 CVE-2024-30845,0,0,76935f5a808359b33b84594c4799e1bfdd6b3d8771fa4780e8d409785d9dbe54,2024-04-15T13:15:51.577000 @@ -250239,12 +250239,12 @@ CVE-2024-31163,0,0,4c747f1ff7fba8b05c1cafd42ad5f820c8955e2e4c4106c43c9e7bc300a75 CVE-2024-3117,0,0,35e12b7e221f89a241b3455a68aa778ef5d3a027d9a06e657b81a15f70aaf730,2024-05-17T02:39:43.503000 CVE-2024-3118,0,0,b601d08053b91d1b775fc21940190bf1fa2c378ab81a4eb84232fb172e159127,2024-05-17T02:39:43.597000 CVE-2024-3119,0,0,16d9b0b62041b85fa76fcca7b5e07a91c83d46800d8aa92445727479f196ac02,2024-04-10T13:23:38.787000 -CVE-2024-31199,1,1,629ad35b2bf02d8ff9b61930bc57fb82e65ed32c4c93f058add463497ae15dfd,2024-07-31T14:15:03.420000 +CVE-2024-31199,0,0,629ad35b2bf02d8ff9b61930bc57fb82e65ed32c4c93f058add463497ae15dfd,2024-07-31T14:15:03.420000 CVE-2024-3120,0,0,d7f7bfc68dc8954b2db64a2bd8494c9672b3ed1aa5b73de4b1ce504de0f2d9cd,2024-04-10T13:23:38.787000 -CVE-2024-31200,1,1,b49d766c8d13c65865ebc176581ec64c1d00fbeb2fb2da5afdbaae17c3171cc0,2024-07-31T14:15:03.823000 -CVE-2024-31201,1,1,3423dfcf066240faea019c6648494561feb635cb8fa896f18c2a481158c84c6e,2024-07-31T14:15:04.430000 -CVE-2024-31202,1,1,5750f923cc0fd11230ce3bb4e6df579564e1a7712f9232055e03da5dedb6bff9,2024-07-31T14:15:05.127000 -CVE-2024-31203,1,1,242d44ee0c7901f970b76d2afec71ec06cceab9cd4d56ecd71234c6e66a63b06,2024-07-31T14:15:05.760000 +CVE-2024-31200,0,0,b49d766c8d13c65865ebc176581ec64c1d00fbeb2fb2da5afdbaae17c3171cc0,2024-07-31T14:15:03.823000 +CVE-2024-31201,0,0,3423dfcf066240faea019c6648494561feb635cb8fa896f18c2a481158c84c6e,2024-07-31T14:15:04.430000 +CVE-2024-31202,0,0,5750f923cc0fd11230ce3bb4e6df579564e1a7712f9232055e03da5dedb6bff9,2024-07-31T14:15:05.127000 +CVE-2024-31203,0,0,242d44ee0c7901f970b76d2afec71ec06cceab9cd4d56ecd71234c6e66a63b06,2024-07-31T14:15:05.760000 CVE-2024-31204,0,0,0c2a3c505ae0850e947d758b18dc636095933b24d8a064505ce740f4cd47511f,2024-04-05T12:40:52.763000 CVE-2024-31205,0,0,8ee406c15331a2b7fb6924640608e3f9e6bdd36a95bd392fbee6658513096921,2024-04-08T18:48:40.217000 CVE-2024-31206,0,0,41949bb5f0c1bb5a03bd675fb7a934fe92393be2a48c12943c92c5612ae97e2d,2024-04-05T12:40:52.763000 @@ -252385,7 +252385,7 @@ CVE-2024-3444,0,0,bb3f31da20780a766ce6365ed8dfe26ff67e6b85d88b59a77d73aa77bcaf15 CVE-2024-34440,0,0,bda50b1c3ed75a67370d237a25a38594ac34f71c68e0b430863a90af4d5ed0c7,2024-05-14T16:12:23.490000 CVE-2024-34441,0,0,d89a44709be53f244cf5e9b1f106601ee2bbd58659e3c493c408ccaac9ec7876,2024-05-14T16:12:23.490000 CVE-2024-34442,0,0,6264f8491ee5d12e5a5f408e8abeaf7f3129b325a31afb66300d05700c7a7fd6,2024-06-13T18:36:45.417000 -CVE-2024-34443,0,1,c8f11408ade1f322bcf59e1e6ccdfab5f9f2536b164a74975bd7ede92d5e3984,2024-07-31T14:20:21.527000 +CVE-2024-34443,0,0,c8f11408ade1f322bcf59e1e6ccdfab5f9f2536b164a74975bd7ede92d5e3984,2024-07-31T14:20:21.527000 CVE-2024-34444,0,0,3900259df817a7840349ea3d08b1dc7cde0656ab7f041d5d7012c4b07efc2a20,2024-06-20T12:43:25.663000 CVE-2024-34445,0,0,3b07364d9bdbad0e17fe82bd2b8457170020621f36717725efd6e85a1ffc3713,2024-05-14T16:12:23.490000 CVE-2024-34446,0,0,5f8d83ca96b0bb057e12975bf469965ab37fc737acea8dd912eb1a08f5464c53,2024-05-03T15:32:19.637000 @@ -253718,7 +253718,7 @@ CVE-2024-36435,0,0,d5db9c80751c95bdb9d7c8677b360e81635e7c29402d5e581205685bb84d0 CVE-2024-36438,0,0,d225510fd6dfdc84cee32469d19214250c0068c3a01089e37a173b8ba39f6236,2024-07-16T13:43:58.773000 CVE-2024-3644,0,0,e904dffa636a621d1f1644a68a8bb26342dbf717ae684f12b60a37d102e4d87d,2024-05-16T13:03:05.353000 CVE-2024-3645,0,0,ea45063aa3cff8d7bb517959f0685ad339f1e48c249e10e3851af9fbba289420,2024-04-22T19:24:12.920000 -CVE-2024-36450,0,1,700527b7e7e1ebac8a4794e042f6b829b1a1f942eb0939907744fde9a0923a2e,2024-07-31T14:47:05.423000 +CVE-2024-36450,0,0,700527b7e7e1ebac8a4794e042f6b829b1a1f942eb0939907744fde9a0923a2e,2024-07-31T14:47:05.423000 CVE-2024-36451,0,0,0282b5798612593892f8b22f51a38ce8164272f8754ea7af1c514e9b953ab154,2024-07-11T15:05:47.857000 CVE-2024-36452,0,0,de0ddf9ec46c34a45ea45b28170f7953241f05d2c2c229b8d849dbb88c728f2a,2024-07-11T13:05:54.930000 CVE-2024-36453,0,0,4f2b528f0e3096ddd2a4aee4fe033e97d4113146188596ed5c407d648083f582,2024-07-11T15:05:48.797000 @@ -254077,7 +254077,7 @@ CVE-2024-37080,0,0,f0a9bd7effb46ac30e1d20f1d1aa7a7b386c0ee7e62089b4e1cc310e9f341 CVE-2024-37081,0,0,1657c2c6215fa861c8bf708a3b65df9501dd8a14588c6f7d5718007f5ce77c8d,2024-07-03T02:04:05.970000 CVE-2024-37082,0,0,cdf7ab7ec235a04ab3547ac9302ea8fb37a25e6b12903e2e739c3b31068e7382,2024-07-12T17:15:10.220000 CVE-2024-37084,0,0,e9cc68d2ce3ebc0a933179ff99eae650b65ccc7062c7a060f7c4643d495d9122,2024-07-25T12:36:39.947000 -CVE-2024-37085,0,1,df18af66b395bcab893584a274653a151adbc0b7938bf0e30e05392f4ea1ca68,2024-07-31T14:46:29.270000 +CVE-2024-37085,0,0,df18af66b395bcab893584a274653a151adbc0b7938bf0e30e05392f4ea1ca68,2024-07-31T14:46:29.270000 CVE-2024-37086,0,0,9068529bdb3d555265b7f816c31a19ade60e24d8cc46d6bccf0934fca43600dd,2024-06-25T18:50:42.040000 CVE-2024-37087,0,0,cd5f38dea6878f55617a1348143830ab9f44bbdb4a44091efb0c0832c07fcba2,2024-06-25T18:50:42.040000 CVE-2024-37089,0,0,9e292fe1dd11fba75d82973b2e1db6879968f554c93ecd19be42fbc3a656ef4b,2024-06-24T12:57:36.513000 @@ -254113,7 +254113,7 @@ CVE-2024-37131,0,0,1b53fe6698cfc8662ae4f6c0ed3f87f760fe2128440fb0619b7f263375326 CVE-2024-37132,0,0,32a23a7a93e12576e3cef44acbc1e26d96ab3673ab3a48bd46dd4729adbaca95,2024-07-03T18:01:07.500000 CVE-2024-37133,0,0,00b1139f9174975ec5c3de34a64ed678ba7d69bbdd2f853dfe982f25e03c56e7,2024-07-03T18:01:19.487000 CVE-2024-37134,0,0,8ed9324b0e419d00f56c9177e18aa3c394712dc2a31ec456c168c8f73d2e83d7,2024-07-03T18:01:30.463000 -CVE-2024-37135,1,1,b14e718dbd1aaa8dcfb0ab54377c59b4ec4e6ec491f74db1dc3a9dca9ec3f48e,2024-07-31T14:15:06.373000 +CVE-2024-37135,0,0,b14e718dbd1aaa8dcfb0ab54377c59b4ec4e6ec491f74db1dc3a9dca9ec3f48e,2024-07-31T14:15:06.373000 CVE-2024-37137,0,0,015bdbe57b75c18c5c9568a3702d89c1497d9ae0c088b4ae375896212249bae1,2024-06-28T10:27:00.920000 CVE-2024-37138,0,0,0a1a2faf5915443beb4b9b146b70944e6a09572b5304f90b5e8531aa017e41a8,2024-06-26T12:44:29.693000 CVE-2024-37139,0,0,8bcc51f0578107c550f57eda3e8f8169088ed87cca1e5fda916b143e22a12acf,2024-06-26T12:44:29.693000 @@ -254566,8 +254566,11 @@ CVE-2024-37894,0,0,5c3e1c011e44e5c8bcf6a6398118ad2efcba003a19994815d77c769e906a4 CVE-2024-37895,0,0,83fc999b914f31ef5377ea2f4739df1f86727e09c7234e6711ade849e83102e2,2024-06-20T12:44:22.977000 CVE-2024-37896,0,0,accc5cd71320f643f30fd3c58fb4ef952e3edd98e66520b2d1ebf95954392e5e,2024-06-20T12:44:22.977000 CVE-2024-37897,0,0,eb358c8b4bf1d804a542a3de3cc644f3b57f51c972b900353c845858b20c9acf,2024-06-21T11:22:01.687000 +CVE-2024-37898,1,1,df8ee1bb6b8f38bec566205021b717cd3931cf46a7ea3164f933443691ac1951,2024-07-31T16:15:03.197000 CVE-2024-37899,0,0,b15b2f0659684c15abe8d3b9fc90e954532acfe6178361a33640834566aa7b12,2024-06-21T11:22:01.687000 CVE-2024-3790,0,0,54ff85acf33b27347b60794a0d91a04db9e5fdd7b0bb2899aaf68ff18e5328b6,2024-05-14T16:11:39.510000 +CVE-2024-37900,1,1,f5ca223df015165b0c48c89fd3f42aae78fe8d6e486be5ea6df8ba7e27436f71,2024-07-31T16:15:03.440000 +CVE-2024-37901,1,1,f816d9d41260a0e179f7f8535b53a1453a926dc3bdd6077d085153bc07aa1662,2024-07-31T16:15:03.683000 CVE-2024-37902,0,0,914ec46cc1273d7c21c7b2dab73f39d6c3f01e86944529e46279ac98efc57a11,2024-06-20T12:44:22.977000 CVE-2024-37903,0,0,886576036d4d085b682af52548aacb4c341112369e14bf61e8ca80c2c202d58c,2024-07-08T15:49:22.437000 CVE-2024-37904,0,0,4a1838bfa872e93babcec91edc2a58b1f777ff60512a3a43aa04f02c821270dc,2024-06-20T12:44:01.637000 @@ -255288,6 +255291,7 @@ CVE-2024-39314,0,0,f08a68c1585aac53ed3340b30b7ca1fee7f99b287e34df66dd62620bc6eee CVE-2024-39315,0,0,a63beff0a6cc21a12673e8ba65716d45b6c52abc54b22460a729ebfe04cdda63,2024-07-03T12:53:24.977000 CVE-2024-39316,0,0,0330ee1f4f66ad5c4fc8d75b41d6a1a5d4b46137b39514674c0311e081ce6ff7,2024-07-02T17:44:45.700000 CVE-2024-39317,0,0,50f7a469519b62eca16220b475bffdb7e1e0158b2b6611386cb9bf3353e1272e,2024-07-11T18:09:58.777000 +CVE-2024-39318,1,1,041b9fe4c97fe2a4483ab787ec857052185dbfddfdb7cee525f6d72ff96a9375,2024-07-31T16:15:03.937000 CVE-2024-3932,0,0,d78b7c01d3f6b397349c50b0cef81a61649a3d63b8878b7ded7786d99bb82db6,2024-06-06T20:15:14.030000 CVE-2024-39320,0,0,6f7ce6a5bce29c3b54d4c4199d5683e1993d85cda15758fd22b24998859b20cb,2024-07-31T12:57:02.300000 CVE-2024-39321,0,0,25b62962ce26575b135148ce4bc78df297e90148993ee6065a33a42f83d7ebff,2024-07-08T15:49:22.437000 @@ -255368,11 +255372,11 @@ CVE-2024-39485,0,0,eeb489cc81d629e25edf2846d080f2d16c82c1a5d4e00cda1329db4825743 CVE-2024-39486,0,0,f6661e67cb8f63bf2a8706b1b4211e0b90a0a8c4c4943ff1097bf9c1f15dcc5d,2024-07-15T07:15:17.263000 CVE-2024-39487,0,0,822ef2cee7c5469918d9d994b007a5af48169677375d4d4ce0761d3fbfae43ad,2024-07-18T12:15:03.183000 CVE-2024-39488,0,0,23685677cb72fbb43ef99f190181df9d9e8c31ec0d3e18867ab50491586a3910,2024-07-11T13:05:54.930000 -CVE-2024-39489,0,1,c63175d29bd941720feca94efc3f3a1164cbdc8d8d5c1251ffb632e82e90379f,2024-07-31T14:50:26.330000 +CVE-2024-39489,0,0,c63175d29bd941720feca94efc3f3a1164cbdc8d8d5c1251ffb632e82e90379f,2024-07-31T14:50:26.330000 CVE-2024-39490,0,0,3a7cfe69ff3072a0b714a0d11ffcf616850cc2417c5fe88da248bebd02107b67,2024-07-11T13:05:54.930000 CVE-2024-39491,0,0,af25979e19919d2c32f2a4545b8f16aa1b2a079fea20c3993dde8a730fddf96f,2024-07-11T13:05:54.930000 CVE-2024-39492,0,0,625213f757b099ac014e1ec8aa2bfb66b87e041fe2911867f1bfe6984535b4b6,2024-07-11T13:05:54.930000 -CVE-2024-39493,0,1,1e9db7e81ec34cee90fac11925a12057887fa787e4909a68e8233bca0ebf86c1,2024-07-31T15:38:54.880000 +CVE-2024-39493,0,0,1e9db7e81ec34cee90fac11925a12057887fa787e4909a68e8233bca0ebf86c1,2024-07-31T15:38:54.880000 CVE-2024-39494,0,0,cd5b98761898c18d5798c0adfe37b87761d11b3a6881346f26e7cf24a0210e13,2024-07-24T19:17:25.057000 CVE-2024-39495,0,0,5f2b306056792f1d74b23afd1a1654b401fffd98eba66c1e3da089b7156ac6f4,2024-07-24T19:04:38.953000 CVE-2024-39496,0,0,f3e0050f9f6d4172355944986adc84657f7bcf89e594796ec2a4a696594f9b81,2024-07-24T19:02:36.660000 @@ -255491,6 +255495,7 @@ CVE-2024-39689,0,0,86295f6760848f0b510226e65028fed1b62502a931685ba6acf948103d5d2 CVE-2024-3969,0,0,017089a8e0e25cc18c41dde22c453ecf92ec4c4a53bf3304535dbfbcbb40fc3d,2024-05-28T17:11:55.903000 CVE-2024-39691,0,0,5b1b13e200d826d3f40f75a75371b183af197da1146b1c1721e666feddcea9c6,2024-07-08T15:49:22.437000 CVE-2024-39693,0,0,3aed4b78b258f1f000b7104a802f9a4117c3d840404e28cf8e3ca8b4234aedba,2024-07-11T13:05:54.930000 +CVE-2024-39694,1,1,32086b4cca70a0ef4cedf08973c8c937efd407611ccfab6531f938f08ce75052,2024-07-31T16:15:04.207000 CVE-2024-39695,0,0,fbaaa4e185fc8d8718a1bd681584149a106333fea090ef242205e9fceffe21eb,2024-07-09T14:47:19.767000 CVE-2024-39696,0,0,48bfab7e50339e1ca25125b7d36bfdf66ca4035d9f4c1ba7b967c71b544827af,2024-07-08T15:49:22.437000 CVE-2024-39697,0,0,beaa1d3d138b1c8f4d915594365efac05629e956228fed35abbf7934793c82f2,2024-07-09T18:19:14.047000 @@ -255670,9 +255675,9 @@ CVE-2024-40328,0,0,1ecb3aeeb912c43ca654a9972851beb0d9eb6ba5a46f3041ea2c2c60432dd CVE-2024-40329,0,0,26b60d9602f8b52b720fff41651ef4092fad02f73b2a1ba0d8eaca9598e4c3e0,2024-07-12T16:11:58.887000 CVE-2024-4033,0,0,100a78a446daab2b380bdb2306f7e35c115de46018456d74b097346d037da090,2024-05-02T18:00:37.360000 CVE-2024-40331,0,0,a7e1077e622b76fb46adc2ebef3eac8337a90cea4e47e0edde2ba336f3b4112b,2024-07-12T16:11:59.747000 -CVE-2024-40332,0,1,cf9209723491a1ebf78408f8fac075af49c787fcd121a7749269bd25ca56cf22,2024-07-31T14:13:02.353000 +CVE-2024-40332,0,0,cf9209723491a1ebf78408f8fac075af49c787fcd121a7749269bd25ca56cf22,2024-07-31T14:13:02.353000 CVE-2024-40333,0,0,7e3d2c86e913650fda83b9ed457908dd220d08dc6d50420a52a17a80ec44e7fd,2024-07-11T15:06:21.320000 -CVE-2024-40334,0,1,f45304949c88913a7deaa6ae7a2e79d51d08e4eee95f08d36ce7ec4510c1471c,2024-07-31T14:08:39.863000 +CVE-2024-40334,0,0,f45304949c88913a7deaa6ae7a2e79d51d08e4eee95f08d36ce7ec4510c1471c,2024-07-31T14:08:39.863000 CVE-2024-40336,0,0,a5b75245e4db87e4fc3263aabb369a58a472f30d7c4ce491654a7dc1d23a1d6f,2024-07-11T15:06:22.143000 CVE-2024-4034,0,0,b39ca2e444e8e083e595bb1c45cab5e2a41d75405ee52855e2d6dbb02a011da0,2024-05-02T18:00:37.360000 CVE-2024-40347,0,0,a0e1ab7ebd1605317c59e0767be0fc2f9b4038796f9f62de544553567c87cd93,2024-07-22T13:00:53.287000 @@ -256321,7 +256326,11 @@ CVE-2024-4194,0,0,cb2c64b568e3bd7c78c9d4f736651c66722818abe246f3bc5aedd70e3521cb CVE-2024-41943,0,0,e9522f5ef1fc490dfac21cbf940a07ce3841f4fb783f1339fe71b8d4141a64db,2024-07-31T12:57:02.300000 CVE-2024-41944,0,0,135d3dced80bc39762656a548dac91a6dee89920c44affdb521ffafdd868d70c,2024-07-31T12:57:02.300000 CVE-2024-41945,0,0,58045736441484d7b962c82a633dc9fabe3d1461c0f6ea954d229d59ebf06f9d,2024-07-31T12:57:02.300000 +CVE-2024-41947,1,1,6b3eda40d039bee05566ead3c841671ae6812b2990bb83f04bb0897dedd43617,2024-07-31T16:15:04.540000 CVE-2024-4195,0,0,1b874e811f63a88fe0e5040c0bc90d160eaa072aa139296a2fc692655a3d77a9,2024-04-26T12:58:17.720000 +CVE-2024-41950,1,1,b5bdcf1e1bca4821b773ae66dee1550bc42a8780157ecff9615d501851a742a8,2024-07-31T16:15:04.797000 +CVE-2024-41952,1,1,6f7523908481a663b4179f664f52c21eaa97674300e8215372125a23ca967e8d,2024-07-31T17:15:10.597000 +CVE-2024-41953,1,1,4ebafda2210f36bf39d39417db17657a6d3368731c96f25439fa25aace4ae549,2024-07-31T17:15:10.850000 CVE-2024-4196,0,0,2bee927395e72028cfccdf65300c6a2b8979e20b943a96185278ab936245f10e,2024-06-25T12:24:17.873000 CVE-2024-4197,0,0,45da0b07f911473fe59b939894a184bd20b4010bb74cc514ccd6533e9d15c77b,2024-06-25T12:24:17.873000 CVE-2024-4198,0,0,10694c0c68dfe4c7db6b33a26dfbe4eb44c2b4223bfed9be5285208f068f86b9,2024-04-26T12:58:17.720000 @@ -258504,6 +258513,11 @@ CVE-2024-6968,0,0,57675d10d151b515d8654e4a2d23336a097aabe29c179fc0cfbb72272365b2 CVE-2024-6969,0,0,2345a97b06e5d388bdf778f25c67289987f0f6d0622466c7c196f2cd07649113,2024-07-25T15:38:51.787000 CVE-2024-6970,0,0,4194a84f3c5724b9bace97395e0f8e6456cd70a8d0cf3d46afccc165b27983cb,2024-07-25T15:36:44.567000 CVE-2024-6972,0,0,136930c91bb85ebbdb27bc99dae627302f90363fa18ab987405ebabe27d12e99,2024-07-25T12:36:39.947000 +CVE-2024-6973,1,1,2645766c2cb4d8ede1fdb14893d96d390c25a138793150698bdb8f2bd13e6fc9,2024-07-31T17:15:11.153000 +CVE-2024-6974,1,1,53a7a83ca58f4b30a839ca2683dc125589e2c8f1f3b7ba666bb94266abaaca4e,2024-07-31T17:15:11.413000 +CVE-2024-6975,1,1,b2b351bf2be50b8fd658e8234c270520445bfc36e2fba8946c25781abdea8d7e,2024-07-31T17:15:11.640000 +CVE-2024-6977,1,1,3121777bd0a52ccf3540d69bf9a48fe1c1b7f86ef36c5a72b5a200933b1d9fe6,2024-07-31T17:15:11.860000 +CVE-2024-6978,1,1,bfc065920d3818fe93eed937ed76d477aac18dcdc5208b3cc73dff1ab8039ab4,2024-07-31T17:15:12.090000 CVE-2024-6980,0,0,f6625eb84b24e1b38c56cc3bb53a8be195d62bb4e9db2a7b8e6feb6123dc7610,2024-07-31T12:57:02.300000 CVE-2024-6984,0,0,5e471e68c1f9c8af4cd4126a693da97e089cde1a0fe72eca9e017c53446a32dc,2024-07-29T16:21:52.517000 CVE-2024-7007,0,0,d661b80f381c5e5a20762050cd26d7cdbc7442dd5816d04953c75c3bb9a2e0ae,2024-07-26T12:38:41.683000 @@ -258589,7 +258603,7 @@ CVE-2024-7199,0,0,1c38ae71600e9c4c0d209d192fce66196ad6d1d1454dfe95d9b268bf29c6a5 CVE-2024-7200,0,0,d21a4dd541acbc0094d3b150aee5dc57732e3b43b8983d68802bfc40bea446f0,2024-07-29T14:12:08.783000 CVE-2024-7201,0,0,ada84f4b903b0c95dc45be4013db2022612c9fdb66b840b2138f16a8a9061fa8,2024-07-29T14:12:08.783000 CVE-2024-7202,0,0,47ee30ff0ebecde915aadd7cf1bd702d0bebf04cac4786411e427c0fde39b1f2,2024-07-29T14:12:08.783000 -CVE-2024-7205,0,1,f8b1cbec46ea51b223aac866d1ac39ee6fa7b6e832e6e62020df5a45e4b00643,2024-07-31T15:15:10.993000 +CVE-2024-7205,0,0,f8b1cbec46ea51b223aac866d1ac39ee6fa7b6e832e6e62020df5a45e4b00643,2024-07-31T15:15:10.993000 CVE-2024-7208,0,0,7414d84d6e70682aaa7a621fdc07d5a8ba202be12707493cc290c54f59f95359,2024-07-31T12:57:02.300000 CVE-2024-7209,0,0,70d88ede2ff174d67b44db29b9d64c217e00f13cf62689936f75e53f7397ee7a,2024-07-31T12:57:02.300000 CVE-2024-7212,0,0,f6bebad6ae53838fdfc46656ae8fba28c66f127a824bd527778b34c8dcd63e65,2024-07-30T13:32:45.943000 @@ -258632,8 +258646,8 @@ CVE-2024-7288,0,0,9f6044ce185e7e49d04041d682800303d4df5b333cb7e6da85a8dc8b3f0482 CVE-2024-7289,0,0,a709df24f87a0f503a11766c66b03ca94607de4e52c2ab315e56364f32619286,2024-07-31T12:57:02.300000 CVE-2024-7290,0,0,e8c96d989cb70bd87ad54653beaf9542c2c74968268c5634e080d16dd0ba2bdb,2024-07-31T12:57:02.300000 CVE-2024-7297,0,0,cb4ca8684118dc46d1f9724d628f899c3458badae695854f058e1eba8efe7ce6,2024-07-31T12:57:02.300000 -CVE-2024-7299,0,0,d6527091da265b776bdcbc7b323c7ec8a0c88e8d2c80fed2dd530cc0a7ac6375,2024-07-31T12:57:02.300000 -CVE-2024-7300,0,1,a2e066ea38ffd4d283558ac9c550384947d588019ed19b0e0b6c2becc0799ae9,2024-07-31T14:15:08.080000 +CVE-2024-7299,0,1,18b86413af481c73d022a0c4ed8ac3628863652a0dcfb13bf199bbb5e4db4366,2024-07-31T16:15:05.217000 +CVE-2024-7300,0,0,a2e066ea38ffd4d283558ac9c550384947d588019ed19b0e0b6c2becc0799ae9,2024-07-31T14:15:08.080000 CVE-2024-7303,0,0,d7f72dd61499e6619ce7f5b3ddfad21cf84d8b933f5b61aad0d5acbabf0695d7,2024-07-31T12:57:02.300000 CVE-2024-7306,0,0,41d2dc73352be3adbe3da1c5ddee86e5aba159cd2a5da8e89aabb430dec59115,2024-07-31T12:57:02.300000 CVE-2024-7307,0,0,880aa0ea5c84e56fdc3b5eb36854e1998bc80835f78667a7a6ad57104577d4f7,2024-07-31T12:57:02.300000 @@ -258643,4 +258657,4 @@ CVE-2024-7310,0,0,f41dfd90546a9735111808103c67b19c822dfd89b37a542d36f1a7128ca8fa CVE-2024-7311,0,0,992c6b7ceb1c9a4d719c68d0c71706858cdee857ab750e2dc0c4b13c55655029,2024-07-31T12:57:02.300000 CVE-2024-7320,0,0,33e9dcaae6c93434ade67bd8a073d2b7f1fbc81482e595b40c21856a0fa46ae6,2024-07-31T12:57:02.300000 CVE-2024-7321,0,0,7c3abae321c1c206df72b5645aa4b7f08ab908ecabfe1d2acbc6472a1b295bbf,2024-07-31T12:57:02.300000 -CVE-2024-7340,1,1,fce15548fae9b804b40d57548bf30df09df1870e3bdee4ca04fd99c2c05c0232,2024-07-31T15:15:11.203000 +CVE-2024-7340,0,0,fce15548fae9b804b40d57548bf30df09df1870e3bdee4ca04fd99c2c05c0232,2024-07-31T15:15:11.203000