From d3a9047a5f00577c01a97edf436d53dc269922a4 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 4 Apr 2024 20:03:26 +0000 Subject: [PATCH] Auto-Update: 2024-04-04T20:00:37.748304+00:00 --- CVE-2023/CVE-2023-34xx/CVE-2023-3454.json | 4 +- CVE-2024/CVE-2024-16xx/CVE-2024-1635.json | 18 ++++- CVE-2024/CVE-2024-250xx/CVE-2024-25007.json | 55 +++++++++++++ CVE-2024/CVE-2024-256xx/CVE-2024-25690.json | 55 +++++++++++++ CVE-2024/CVE-2024-256xx/CVE-2024-25692.json | 55 +++++++++++++ CVE-2024/CVE-2024-256xx/CVE-2024-25693.json | 55 +++++++++++++ CVE-2024/CVE-2024-256xx/CVE-2024-25695.json | 55 +++++++++++++ CVE-2024/CVE-2024-256xx/CVE-2024-25696.json | 55 +++++++++++++ CVE-2024/CVE-2024-256xx/CVE-2024-25697.json | 55 +++++++++++++ CVE-2024/CVE-2024-256xx/CVE-2024-25698.json | 55 +++++++++++++ CVE-2024/CVE-2024-256xx/CVE-2024-25699.json | 55 +++++++++++++ CVE-2024/CVE-2024-257xx/CVE-2024-25700.json | 55 +++++++++++++ CVE-2024/CVE-2024-257xx/CVE-2024-25703.json | 55 +++++++++++++ CVE-2024/CVE-2024-257xx/CVE-2024-25704.json | 55 +++++++++++++ CVE-2024/CVE-2024-257xx/CVE-2024-25705.json | 55 +++++++++++++ CVE-2024/CVE-2024-257xx/CVE-2024-25706.json | 55 +++++++++++++ CVE-2024/CVE-2024-257xx/CVE-2024-25708.json | 55 +++++++++++++ CVE-2024/CVE-2024-257xx/CVE-2024-25709.json | 55 +++++++++++++ CVE-2024/CVE-2024-26xx/CVE-2024-2660.json | 55 +++++++++++++ CVE-2024/CVE-2024-272xx/CVE-2024-27268.json | 59 ++++++++++++++ CVE-2024/CVE-2024-287xx/CVE-2024-28787.json | 59 ++++++++++++++ CVE-2024/CVE-2024-291xx/CVE-2024-29192.json | 59 ++++++++++++++ CVE-2024/CVE-2024-291xx/CVE-2024-29193.json | 55 +++++++++++++ CVE-2024/CVE-2024-302xx/CVE-2024-30249.json | 55 +++++++++++++ CVE-2024/CVE-2024-302xx/CVE-2024-30252.json | 71 ++++++++++++++++ CVE-2024/CVE-2024-302xx/CVE-2024-30254.json | 59 ++++++++++++++ CVE-2024/CVE-2024-302xx/CVE-2024-30263.json | 4 +- README.md | 69 ++++++++-------- _state.csv | 90 +++++++++++++-------- 29 files changed, 1462 insertions(+), 75 deletions(-) create mode 100644 CVE-2024/CVE-2024-250xx/CVE-2024-25007.json create mode 100644 CVE-2024/CVE-2024-256xx/CVE-2024-25690.json create mode 100644 CVE-2024/CVE-2024-256xx/CVE-2024-25692.json create mode 100644 CVE-2024/CVE-2024-256xx/CVE-2024-25693.json create mode 100644 CVE-2024/CVE-2024-256xx/CVE-2024-25695.json create mode 100644 CVE-2024/CVE-2024-256xx/CVE-2024-25696.json create mode 100644 CVE-2024/CVE-2024-256xx/CVE-2024-25697.json create mode 100644 CVE-2024/CVE-2024-256xx/CVE-2024-25698.json create mode 100644 CVE-2024/CVE-2024-256xx/CVE-2024-25699.json create mode 100644 CVE-2024/CVE-2024-257xx/CVE-2024-25700.json create mode 100644 CVE-2024/CVE-2024-257xx/CVE-2024-25703.json create mode 100644 CVE-2024/CVE-2024-257xx/CVE-2024-25704.json create mode 100644 CVE-2024/CVE-2024-257xx/CVE-2024-25705.json create mode 100644 CVE-2024/CVE-2024-257xx/CVE-2024-25706.json create mode 100644 CVE-2024/CVE-2024-257xx/CVE-2024-25708.json create mode 100644 CVE-2024/CVE-2024-257xx/CVE-2024-25709.json create mode 100644 CVE-2024/CVE-2024-26xx/CVE-2024-2660.json create mode 100644 CVE-2024/CVE-2024-272xx/CVE-2024-27268.json create mode 100644 CVE-2024/CVE-2024-287xx/CVE-2024-28787.json create mode 100644 CVE-2024/CVE-2024-291xx/CVE-2024-29192.json create mode 100644 CVE-2024/CVE-2024-291xx/CVE-2024-29193.json create mode 100644 CVE-2024/CVE-2024-302xx/CVE-2024-30249.json create mode 100644 CVE-2024/CVE-2024-302xx/CVE-2024-30252.json create mode 100644 CVE-2024/CVE-2024-302xx/CVE-2024-30254.json diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3454.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3454.json index 6d62c28081f..2f8155f47fd 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3454.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3454.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3454", "sourceIdentifier": "sirt@brocade.com", "published": "2024-04-04T17:15:09.000", - "lastModified": "2024-04-04T17:15:09.000", - "vulnStatus": "Received", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-16xx/CVE-2024-1635.json b/CVE-2024/CVE-2024-16xx/CVE-2024-1635.json index c171792072c..21ec5b0253b 100644 --- a/CVE-2024/CVE-2024-16xx/CVE-2024-1635.json +++ b/CVE-2024/CVE-2024-16xx/CVE-2024-1635.json @@ -2,7 +2,7 @@ "id": "CVE-2024-1635", "sourceIdentifier": "secalert@redhat.com", "published": "2024-02-19T22:15:48.647", - "lastModified": "2024-03-22T19:15:08.357", + "lastModified": "2024-04-04T18:15:09.393", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -51,6 +51,22 @@ } ], "references": [ + { + "url": "https://access.redhat.com/errata/RHSA-2024:1674", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1675", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1676", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1677", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-1635", "source": "secalert@redhat.com" diff --git a/CVE-2024/CVE-2024-250xx/CVE-2024-25007.json b/CVE-2024/CVE-2024-250xx/CVE-2024-25007.json new file mode 100644 index 00000000000..826ea98a603 --- /dev/null +++ b/CVE-2024/CVE-2024-250xx/CVE-2024-25007.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25007", + "sourceIdentifier": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf", + "published": "2024-04-04T19:15:07.477", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nEricsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export function of application log where Improper Neutralization of Formula Elements in a CSV File can lead to code execution or information disclosure. There is limited impact to integrity and availability. The attacker on the adjacent network with administration access can exploit the vulnerability.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:L", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.3 + } + ] + }, + "weaknesses": [ + { + "source": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-1236" + } + ] + } + ], + "references": [ + { + "url": "https://www.ericsson.com/en/about-us/security/psirt/security-bulletin--ericsson-network-manager-march-2024", + "source": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25690.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25690.json new file mode 100644 index 00000000000..c8ac49d808f --- /dev/null +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25690.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25690", + "sourceIdentifier": "psirt@esri.com", + "published": "2024-04-04T18:15:09.580", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.1 and below that may allow a remote, unauthenticated attacker to create a crafted link which when clicked could render arbitrary HTML in the victim\u2019s browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@esri.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@esri.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-80" + } + ] + } + ], + "references": [ + { + "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/", + "source": "psirt@esri.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25692.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25692.json new file mode 100644 index 00000000000..f66526c3aeb --- /dev/null +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25692.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25692", + "sourceIdentifier": "psirt@esri.com", + "published": "2024-04-04T18:15:09.887", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nThere is a cross-site-request forgery vulnerability in Esri Portal for ArcGIS Versions 11.1 and below that may in some cases allow a remote, unauthenticated attacker to trick an authorized user into executing unwanted actions via a crafted form. The impact to Confidentiality and Integrity vectors is limited and of low severity.\u00a0" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@esri.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@esri.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/", + "source": "psirt@esri.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25693.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25693.json new file mode 100644 index 00000000000..a621338d9b2 --- /dev/null +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25693.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25693", + "sourceIdentifier": "psirt@esri.com", + "published": "2024-04-04T18:15:10.193", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "There is a path traversal in Esri Portal for ArcGIS versions <= 11.2. Successful exploitation may allow a remote, authenticated attacker to traverse the file system to access files or execute code outside of the intended directory.\u00a0" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@esri.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.9, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.1, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@esri.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/", + "source": "psirt@esri.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25695.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25695.json new file mode 100644 index 00000000000..4f1e4312d8c --- /dev/null +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25695.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25695", + "sourceIdentifier": "psirt@esri.com", + "published": "2024-04-04T18:15:10.500", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions <= 11.2 that may allow a remote, authenticated attacker to provide input that is not sanitized properly and is rendered in error messages. The are no privileges required to execute this attack." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@esri.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@esri.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/", + "source": "psirt@esri.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25696.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25696.json new file mode 100644 index 00000000000..9983e504f7b --- /dev/null +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25696.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25696", + "sourceIdentifier": "psirt@esri.com", + "published": "2024-04-04T18:15:10.757", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions <=11.0 that may allow a remote, authenticated attacker to create a crafted link which when accessing the page editor an image will render in the victim\u2019s browser. The privileges required to execute this attack are high." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@esri.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@esri.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/", + "source": "psirt@esri.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25697.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25697.json new file mode 100644 index 00000000000..cbb5c630c52 --- /dev/null +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25697.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25697", + "sourceIdentifier": "psirt@esri.com", + "published": "2024-04-04T18:15:11.027", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nThere is a Cross-site Scripting vulnerability\u00a0in Portal for ArcGIS in versions <=11.1 that may allow a remote, authenticated attacker to create a crafted link which when opening an authenticated users bio page will render an image in the victims browser. \u00a0The privileges required to execute this attack are low.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@esri.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@esri.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/", + "source": "psirt@esri.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25698.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25698.json new file mode 100644 index 00000000000..19a8233a010 --- /dev/null +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25698.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25698", + "sourceIdentifier": "psirt@esri.com", + "published": "2024-04-04T18:15:11.297", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "There is a reflected cross site scripting vulnerability in the home application in Esri Portal for ArcGIS 11.1 and below on Windows and Linux that allows a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@esri.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@esri.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/", + "source": "psirt@esri.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25699.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25699.json new file mode 100644 index 00000000000..3e74d28e6f4 --- /dev/null +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25699.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25699", + "sourceIdentifier": "psirt@esri.com", + "published": "2024-04-04T18:15:11.593", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nThere is a difficult to exploit improper authentication issue in the Home application for Esri Portal for ArcGIS versions 10.8.1 through 11.2 on Windows and Linux, and ArcGIS Enterprise 11.1 and below on Kubernetes which, under unique circumstances, could potentially allow a remote, unauthenticated attacker to compromise the confidentiality, integrity, and availability of the software.\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@esri.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@esri.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "references": [ + { + "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/", + "source": "psirt@esri.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-257xx/CVE-2024-25700.json b/CVE-2024/CVE-2024-257xx/CVE-2024-25700.json new file mode 100644 index 00000000000..d37c2de9f1f --- /dev/null +++ b/CVE-2024/CVE-2024-257xx/CVE-2024-25700.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25700", + "sourceIdentifier": "psirt@esri.com", + "published": "2024-04-04T18:15:11.837", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Web App Builder versions <= 11.1 that may allow a remote, authenticated attacker to create a crafted link that is stored in a web map link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high.\u00a0" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@esri.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@esri.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/", + "source": "psirt@esri.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-257xx/CVE-2024-25703.json b/CVE-2024/CVE-2024-257xx/CVE-2024-25703.json new file mode 100644 index 00000000000..5c01ab9f808 --- /dev/null +++ b/CVE-2024/CVE-2024-257xx/CVE-2024-25703.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25703", + "sourceIdentifier": "psirt@esri.com", + "published": "2024-04-04T18:15:12.090", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "There is a reflected cross site scripting vulnerability in the home application in Esri Portal for ArcGIS 11.1 and below on Windows and Linux that allows a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@esri.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@esri.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/", + "source": "psirt@esri.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-257xx/CVE-2024-25704.json b/CVE-2024/CVE-2024-257xx/CVE-2024-25704.json new file mode 100644 index 00000000000..1ef0f960129 --- /dev/null +++ b/CVE-2024/CVE-2024-257xx/CVE-2024-25704.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25704", + "sourceIdentifier": "psirt@esri.com", + "published": "2024-04-04T18:15:12.343", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Experience Builder versions <= 11.1 that may allow a remote, authenticated attacker to create a crafted link that is stored in the Experience Builder Embed widget which when loaded could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high.\u00a0" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@esri.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@esri.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/", + "source": "psirt@esri.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-257xx/CVE-2024-25705.json b/CVE-2024/CVE-2024-257xx/CVE-2024-25705.json new file mode 100644 index 00000000000..b992b47468b --- /dev/null +++ b/CVE-2024/CVE-2024-257xx/CVE-2024-25705.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25705", + "sourceIdentifier": "psirt@esri.com", + "published": "2024-04-04T18:15:12.603", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "There is a cross site scripting vulnerability in the Esri Portal for ArcGIS Experience Builder 11.1 and below on Windows and Linux that allows a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are low.\u00a0" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@esri.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@esri.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/", + "source": "psirt@esri.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-257xx/CVE-2024-25706.json b/CVE-2024/CVE-2024-257xx/CVE-2024-25706.json new file mode 100644 index 00000000000..4fc1f8eaef5 --- /dev/null +++ b/CVE-2024/CVE-2024-257xx/CVE-2024-25706.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25706", + "sourceIdentifier": "psirt@esri.com", + "published": "2024-04-04T18:15:12.830", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "There is an HTML injection vulnerability in Esri Portal for ArcGIS <=11.0 that may allow a remote, unauthenticated attacker to craft a URL which, when clicked, could potentially generate a message that may entice an unsuspecting victim to visit an arbitrary website. This could simplify phishing attacks. " + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@esri.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@esri.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/", + "source": "psirt@esri.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-257xx/CVE-2024-25708.json b/CVE-2024/CVE-2024-257xx/CVE-2024-25708.json new file mode 100644 index 00000000000..cb9a9aa6bb2 --- /dev/null +++ b/CVE-2024/CVE-2024-257xx/CVE-2024-25708.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25708", + "sourceIdentifier": "psirt@esri.com", + "published": "2024-04-04T18:15:13.070", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Web App Builder versions 10.8.1 \u2013 10.9.1 that may allow a remote, authenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high.\u00a0" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@esri.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@esri.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/", + "source": "psirt@esri.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-257xx/CVE-2024-25709.json b/CVE-2024/CVE-2024-257xx/CVE-2024-25709.json new file mode 100644 index 00000000000..295f050e829 --- /dev/null +++ b/CVE-2024/CVE-2024-257xx/CVE-2024-25709.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25709", + "sourceIdentifier": "psirt@esri.com", + "published": "2024-04-04T18:15:13.340", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS versions 10.8.1 \u2013 1121 that may allow a remote, authenticated attacker to create a crafted link that can be saved as a new location when moving an existing item which will potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high.\u00a0" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@esri.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@esri.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/", + "source": "psirt@esri.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-26xx/CVE-2024-2660.json b/CVE-2024/CVE-2024-26xx/CVE-2024-2660.json new file mode 100644 index 00000000000..f38f53ec359 --- /dev/null +++ b/CVE-2024/CVE-2024-26xx/CVE-2024-2660.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-2660", + "sourceIdentifier": "security@hashicorp.com", + "published": "2024-04-04T18:15:14.783", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. Fixed in Vault 1.16.0 and Vault Enterprise 1.16.1, 1.15.7, and 1.14.11." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@hashicorp.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.5, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@hashicorp.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-703" + } + ] + } + ], + "references": [ + { + "url": "https://discuss.hashicorp.com/t/hcsec-2024-07-vault-tls-cert-auth-method-did-not-correctly-validate-ocsp-responses/64573", + "source": "security@hashicorp.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27268.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27268.json new file mode 100644 index 00000000000..1a76c5c3c55 --- /dev/null +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27268.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-27268", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-04-04T18:15:13.823", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.3 is vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 284574." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/284574", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7145809", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-287xx/CVE-2024-28787.json b/CVE-2024/CVE-2024-287xx/CVE-2024-28787.json new file mode 100644 index 00000000000..efa1059dc65 --- /dev/null +++ b/CVE-2024/CVE-2024-287xx/CVE-2024-28787.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-28787", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-04-04T18:15:14.200", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "IBM Security Verify Access 10.0.0 through 10.0.7 and IBM Application Gateway 20.01 through 24.03 could allow a remote attacker to obtain highly sensitive private information or cause a denial of service using a specially crafted HTTP request. IBM X-Force ID: 286584." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 8.7, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-650" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/286584", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7145828", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-291xx/CVE-2024-29192.json b/CVE-2024/CVE-2024-291xx/CVE-2024-29192.json new file mode 100644 index 00000000000..4a0b7d61523 --- /dev/null +++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29192.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-29192", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-04-04T18:15:14.523", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to Cross-Site Request Forgery. The `/api/config` endpoint allows one to modify the existing configuration with user-supplied values. While the API is only allowing localhost to interact without authentication, an attacker may be able to achieve that depending on how go2rtc is set up on the upstream application, and given that this endpoint is not protected against CSRF, it allows requests from any origin (e.g. a \"drive-by\" attack) . The `exec` handler allows for any stream to execute arbitrary commands. An attacker may add a custom stream through `api/config`, which may lead to arbitrary command execution. In the event of a victim visiting the server in question, their browser will execute the requests against the go2rtc instance. Commit 8793c3636493c5efdda08f3b5ed5c6e1ea594fd9 adds a warning about secure API access." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/AlexxIT/go2rtc/commit/8793c3636493c5efdda08f3b5ed5c6e1ea594fd9", + "source": "security-advisories@github.com" + }, + { + "url": "https://securitylab.github.com/advisories/GHSL-2023-205_GHSL-2023-207_go2rtc/", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-291xx/CVE-2024-29193.json b/CVE-2024/CVE-2024-291xx/CVE-2024-29193.json new file mode 100644 index 00000000000..3cfb8547a7f --- /dev/null +++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29193.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29193", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-04-04T19:15:08.023", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The index page (`index.html`) shows the available streams by fetching the API (`[0]`) in the client side. Then, it uses `Object.entries` to iterate over the result (`[1]`) whose first item (`name`) gets appended using `innerHTML` (`[2]`). In the event of a victim visiting the server in question, their browser will execute the request against the go2rtc instance. After the request, the browser will be redirected to go2rtc, in which the XSS would be executed in the context of go2rtc\u2019s origin. As of time of publication, no patch is available." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://securitylab.github.com/advisories/GHSL-2023-205_GHSL-2023-207_go2rtc/", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-302xx/CVE-2024-30249.json b/CVE-2024/CVE-2024-302xx/CVE-2024-30249.json new file mode 100644 index 00000000000..c64a552ec18 --- /dev/null +++ b/CVE-2024/CVE-2024-302xx/CVE-2024-30249.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-30249", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-04-04T19:15:08.293", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to `1.0.0.CR1-20240330.101522-15` impacts publicly accessible software depending on the affected versions of Network and allows an attacker to use Network as an amplification vector for a UDP denial of service attack against a third party or as an attempt to trigger service suspension of the host. All consumers of the library should upgrade to at least version `1.0.0.CR1-20240330.101522-15` to receive a fix. There are no known workarounds beyond updating the library." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 8.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/CloudburstMC/Network/security/advisories/GHSA-6h3m-c6fv-8hvh", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-302xx/CVE-2024-30252.json b/CVE-2024/CVE-2024-302xx/CVE-2024-30252.json new file mode 100644 index 00000000000..dc2f5390cbd --- /dev/null +++ b/CVE-2024/CVE-2024-302xx/CVE-2024-30252.json @@ -0,0 +1,71 @@ +{ + "id": "CVE-2024-30252", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-04-04T19:15:08.547", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Livemarks is a browser extension that provides RSS feed bookmark folders. Versions of Livemarks prior to 3.7 are vulnerable to cross-site request forgery. A malicious website may be able to coerce the extension to send an authenticated GET request to an arbitrary URL. An authenticated request is a request where the cookies of the browser are sent along with the request. The `subscribe.js` script uses the first parameter from the current URL location as the URL of the RSS feed to subscribe to and checks that the RSS feed is valid XML. `subscribe.js` is accessible by an attacker website due to its use in `subscribe.html`, an HTML page that is declared as a `web_accessible_resource` in `manifest.json`. This issue may lead to `Privilege Escalation`. A CSRF breaks the integrity of servers running on a private network. A user of the browser extension may have a private server with dangerous functionality, which is assumed to be safe due to network segmentation. Upon receiving an authenticated request instantiated from an attacker, this integrity is broken. Version 3.7 fixes this issue by removing subscribe.html from `web_accessible_resources`.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 2.6, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.2, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/nt1m/livemarks/blob/9c5233c82aa2f7c8bac348a08ff52881b00c4f95/manifest.json#L4", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/nt1m/livemarks/blob/9c5233c82aa2f7c8bac348a08ff52881b00c4f95/pages/subscribe/subscribe.js#L52", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/nt1m/livemarks/blob/9c5233c82aa2f7c8bac348a08ff52881b00c4f95/shared/feed-parser.js#L5", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/nt1m/livemarks/commit/1bcf39f6e91f7352301013f8feac6d488719450f", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/nt1m/livemarks/security/advisories/GHSA-3gg9-w4fm-jjcg", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-302xx/CVE-2024-30254.json b/CVE-2024/CVE-2024-302xx/CVE-2024-30254.json new file mode 100644 index 00000000000..709f9759cc2 --- /dev/null +++ b/CVE-2024/CVE-2024-302xx/CVE-2024-30254.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-30254", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-04-04T19:15:08.793", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "MesonLSP is an unofficial, unendorsed language server for meson written in C++. A vulnerability in versions prior to 4.1.4 allows overwriting arbitrary files if the attacker can make the victim either run the language server within a specific crafted project or `mesonlsp --full`. Version 4.1.4 contains a patch for this issue. As a workaround, avoid running `mesonlsp --full` and set the language server option `others.neverDownloadAutomatically` to `true`.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 5.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/JCWasmx86/mesonlsp/commit/594b6334061371911cd59389124ab8af30ce0a3a", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/JCWasmx86/mesonlsp/security/advisories/GHSA-48c5-35fh-846h", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-302xx/CVE-2024-30263.json b/CVE-2024/CVE-2024-302xx/CVE-2024-30263.json index b3bfd201bf1..60e3e5a34ee 100644 --- a/CVE-2024/CVE-2024-302xx/CVE-2024-30263.json +++ b/CVE-2024/CVE-2024-302xx/CVE-2024-30263.json @@ -2,8 +2,8 @@ "id": "CVE-2024-30263", "sourceIdentifier": "security-advisories@github.com", "published": "2024-04-04T17:15:10.320", - "lastModified": "2024-04-04T17:15:10.320", - "vulnStatus": "Received", + "lastModified": "2024-04-04T19:24:50.670", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/README.md b/README.md index e7e6094c141..3bf3eeab56e 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-04-04T18:00:43.296500+00:00 +2024-04-04T20:00:37.748304+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-04-04T17:15:10.320000+00:00 +2024-04-04T19:24:50.670000+00:00 ``` ### Last Data Feed Release @@ -33,51 +33,46 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -244114 +244138 ``` ### CVEs added in the last Commit -Recently added CVEs: `8` +Recently added CVEs: `24` -- [CVE-2023-3454](CVE-2023/CVE-2023-34xx/CVE-2023-3454.json) (`2024-04-04T17:15:09.000`) -- [CVE-2024-2103](CVE-2024/CVE-2024-21xx/CVE-2024-2103.json) (`2024-04-04T16:15:08.650`) -- [CVE-2024-30260](CVE-2024/CVE-2024-302xx/CVE-2024-30260.json) (`2024-04-04T16:15:08.877`) -- [CVE-2024-30263](CVE-2024/CVE-2024-302xx/CVE-2024-30263.json) (`2024-04-04T17:15:10.320`) -- [CVE-2024-30266](CVE-2024/CVE-2024-302xx/CVE-2024-30266.json) (`2024-04-04T16:15:09.107`) -- [CVE-2024-31207](CVE-2024/CVE-2024-312xx/CVE-2024-31207.json) (`2024-04-04T16:15:09.333`) -- [CVE-2024-31209](CVE-2024/CVE-2024-312xx/CVE-2024-31209.json) (`2024-04-04T16:15:09.550`) -- [CVE-2024-31215](CVE-2024/CVE-2024-312xx/CVE-2024-31215.json) (`2024-04-04T16:15:09.787`) +- [CVE-2024-25007](CVE-2024/CVE-2024-250xx/CVE-2024-25007.json) (`2024-04-04T19:15:07.477`) +- [CVE-2024-25690](CVE-2024/CVE-2024-256xx/CVE-2024-25690.json) (`2024-04-04T18:15:09.580`) +- [CVE-2024-25692](CVE-2024/CVE-2024-256xx/CVE-2024-25692.json) (`2024-04-04T18:15:09.887`) +- [CVE-2024-25693](CVE-2024/CVE-2024-256xx/CVE-2024-25693.json) (`2024-04-04T18:15:10.193`) +- [CVE-2024-25695](CVE-2024/CVE-2024-256xx/CVE-2024-25695.json) (`2024-04-04T18:15:10.500`) +- [CVE-2024-25696](CVE-2024/CVE-2024-256xx/CVE-2024-25696.json) (`2024-04-04T18:15:10.757`) +- [CVE-2024-25697](CVE-2024/CVE-2024-256xx/CVE-2024-25697.json) (`2024-04-04T18:15:11.027`) +- [CVE-2024-25698](CVE-2024/CVE-2024-256xx/CVE-2024-25698.json) (`2024-04-04T18:15:11.297`) +- [CVE-2024-25699](CVE-2024/CVE-2024-256xx/CVE-2024-25699.json) (`2024-04-04T18:15:11.593`) +- [CVE-2024-25700](CVE-2024/CVE-2024-257xx/CVE-2024-25700.json) (`2024-04-04T18:15:11.837`) +- [CVE-2024-25703](CVE-2024/CVE-2024-257xx/CVE-2024-25703.json) (`2024-04-04T18:15:12.090`) +- [CVE-2024-25704](CVE-2024/CVE-2024-257xx/CVE-2024-25704.json) (`2024-04-04T18:15:12.343`) +- [CVE-2024-25705](CVE-2024/CVE-2024-257xx/CVE-2024-25705.json) (`2024-04-04T18:15:12.603`) +- [CVE-2024-25706](CVE-2024/CVE-2024-257xx/CVE-2024-25706.json) (`2024-04-04T18:15:12.830`) +- [CVE-2024-25708](CVE-2024/CVE-2024-257xx/CVE-2024-25708.json) (`2024-04-04T18:15:13.070`) +- [CVE-2024-25709](CVE-2024/CVE-2024-257xx/CVE-2024-25709.json) (`2024-04-04T18:15:13.340`) +- [CVE-2024-2660](CVE-2024/CVE-2024-26xx/CVE-2024-2660.json) (`2024-04-04T18:15:14.783`) +- [CVE-2024-27268](CVE-2024/CVE-2024-272xx/CVE-2024-27268.json) (`2024-04-04T18:15:13.823`) +- [CVE-2024-28787](CVE-2024/CVE-2024-287xx/CVE-2024-28787.json) (`2024-04-04T18:15:14.200`) +- [CVE-2024-29192](CVE-2024/CVE-2024-291xx/CVE-2024-29192.json) (`2024-04-04T18:15:14.523`) +- [CVE-2024-29193](CVE-2024/CVE-2024-291xx/CVE-2024-29193.json) (`2024-04-04T19:15:08.023`) +- [CVE-2024-30249](CVE-2024/CVE-2024-302xx/CVE-2024-30249.json) (`2024-04-04T19:15:08.293`) +- [CVE-2024-30252](CVE-2024/CVE-2024-302xx/CVE-2024-30252.json) (`2024-04-04T19:15:08.547`) +- [CVE-2024-30254](CVE-2024/CVE-2024-302xx/CVE-2024-30254.json) (`2024-04-04T19:15:08.793`) ### CVEs modified in the last Commit -Recently modified CVEs: `24` +Recently modified CVEs: `3` -- [CVE-2022-3671](CVE-2022/CVE-2022-36xx/CVE-2022-3671.json) (`2024-04-04T17:15:08.060`) -- [CVE-2023-40548](CVE-2023/CVE-2023-405xx/CVE-2023-40548.json) (`2024-04-04T17:15:09.550`) -- [CVE-2023-4316](CVE-2023/CVE-2023-43xx/CVE-2023-4316.json) (`2024-04-04T16:15:07.953`) -- [CVE-2024-1023](CVE-2024/CVE-2024-10xx/CVE-2024-1023.json) (`2024-04-04T16:15:08.140`) -- [CVE-2024-1300](CVE-2024/CVE-2024-13xx/CVE-2024-1300.json) (`2024-04-04T16:15:08.410`) -- [CVE-2024-22189](CVE-2024/CVE-2024-221xx/CVE-2024-22189.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-2700](CVE-2024/CVE-2024-27xx/CVE-2024-2700.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-27575](CVE-2024/CVE-2024-275xx/CVE-2024-27575.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-2759](CVE-2024/CVE-2024-27xx/CVE-2024-2759.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-27919](CVE-2024/CVE-2024-279xx/CVE-2024-27919.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-28182](CVE-2024/CVE-2024-281xx/CVE-2024-28182.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-28871](CVE-2024/CVE-2024-288xx/CVE-2024-28871.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-29182](CVE-2024/CVE-2024-291xx/CVE-2024-29182.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-29191](CVE-2024/CVE-2024-291xx/CVE-2024-29191.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-30250](CVE-2024/CVE-2024-302xx/CVE-2024-30250.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-30261](CVE-2024/CVE-2024-302xx/CVE-2024-30261.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-31080](CVE-2024/CVE-2024-310xx/CVE-2024-31080.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-31081](CVE-2024/CVE-2024-310xx/CVE-2024-31081.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-31082](CVE-2024/CVE-2024-310xx/CVE-2024-31082.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-3116](CVE-2024/CVE-2024-31xx/CVE-2024-3116.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-3250](CVE-2024/CVE-2024-32xx/CVE-2024-3250.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-3296](CVE-2024/CVE-2024-32xx/CVE-2024-3296.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-3298](CVE-2024/CVE-2024-32xx/CVE-2024-3298.json) (`2024-04-04T16:33:06.610`) -- [CVE-2024-3299](CVE-2024/CVE-2024-32xx/CVE-2024-3299.json) (`2024-04-04T16:33:06.610`) +- [CVE-2023-3454](CVE-2023/CVE-2023-34xx/CVE-2023-3454.json) (`2024-04-04T19:24:50.670`) +- [CVE-2024-1635](CVE-2024/CVE-2024-16xx/CVE-2024-1635.json) (`2024-04-04T18:15:09.393`) +- [CVE-2024-30263](CVE-2024/CVE-2024-302xx/CVE-2024-30263.json) (`2024-04-04T19:24:50.670`) ## Download and Usage diff --git a/_state.csv b/_state.csv index e9bf178df6c..2e96dd6de23 100644 --- a/_state.csv +++ b/_state.csv @@ -202884,7 +202884,7 @@ CVE-2022-36706,0,0,de7477060184c6cff9abe4772c0125bf31cfc87765eb99a20d7df4da001db CVE-2022-36707,0,0,d3eb38d1feaf5dba4f0def739432283a3e2176588db034b2fcc0b995be314951,2023-11-07T03:49:40.277000 CVE-2022-36708,0,0,0ee8d1842750906a7976bf36ebb5bd60789abcd5e1b5240c681d954257433011,2022-09-01T13:18:10.467000 CVE-2022-36709,0,0,92fae72d3c833ddad9e9b7b60e9d4567e2afabc9b49dc9cd4f9748d67689c823,2022-09-01T06:50:41.003000 -CVE-2022-3671,0,1,1097dd73c4003e062a451bb08ad24b3944b5e839cd248e6b956b42ebbe490de4,2024-04-04T17:15:08.060000 +CVE-2022-3671,0,0,1097dd73c4003e062a451bb08ad24b3944b5e839cd248e6b956b42ebbe490de4,2024-04-04T17:15:08.060000 CVE-2022-36711,0,0,dd666c7309d4fb74ddbff83da0478e38903c8c81d015eb898fcb8c722302f377,2022-09-01T06:51:02.083000 CVE-2022-36712,0,0,f6ae50d102134447658290fabc690f8f9247c2bcae392cb109bce6cf6729ba9f,2022-09-01T06:54:01.957000 CVE-2022-36713,0,0,08280a195165695be47d2e8fbcf5379d9ea71cedafc4633a72176ddeec410351,2022-09-01T06:58:32.880000 @@ -224785,7 +224785,7 @@ CVE-2023-3451,0,0,6b7d674a8a9a57e2a59994989b41858758602eb63233e5f98078ef407c897e CVE-2023-3452,0,0,757911d0dc4c8982fad0936ed6a20bf95010dc280b8b5354f53397116dad1824,2023-11-07T04:18:45.397000 CVE-2023-3453,0,0,5f6d89ad2dc502c4886fc6236a9f1b5ab86a5e8e6df69e3cb5afe780a60912e7,2023-12-28T19:26:17.687000 CVE-2023-34537,0,0,d96f13b37afd10558d42862f166b811076443a0473cb6b638f1433a551d3471e,2023-06-20T17:07:59.037000 -CVE-2023-3454,1,1,402292f92ffcaed5add0e7e48e814ceb2dc676f93f64fdc5b7bfc9be883b8b3d,2024-04-04T17:15:09 +CVE-2023-3454,0,1,cdee1ee6e3cf72eab5afc5d002f247d5c06a011ae79ffc0bc86394becefa429e,2024-04-04T19:24:50.670000 CVE-2023-34540,0,0,c089c6f4e6995cd28015d5973bc936595a32fab63106284cced248cd35e13f4b,2024-03-13T22:15:08.097000 CVE-2023-34541,0,0,3f2caa747215e87c844293df45aadb07b29b7c3038d0929a24f5591faa38d3e5,2023-08-29T18:58:03.620000 CVE-2023-34545,0,0,24bfbceb4a02847e0f62b8d880cd17a1942079948e681599b7a3e243267697a7,2023-08-11T16:51:24.023000 @@ -228855,7 +228855,7 @@ CVE-2023-40544,0,0,8edafee03220c010d1be42f0f88433974482550243d48b064788fcb74f868 CVE-2023-40545,0,0,9bca2c73be74af7f189b3862ba8d7799cfe8ca7403c861883fba27fbc72753b2,2024-02-13T21:08:23.400000 CVE-2023-40546,0,0,30f48ea722b0fa0bead0d9f96a45a07ba815b2242da2c9750215b394c4c135dc,2024-02-05T20:06:26.127000 CVE-2023-40547,0,0,567ac9a094835c6d044d61ce859b18d6482ce0c18361ebde96473bcbec4d48a9,2024-03-26T16:15:08.220000 -CVE-2023-40548,0,1,d740a2b8a13e8813735dd2afef30cd8df83a004b64be9266b3a33c9494c9c627,2024-04-04T17:15:09.550000 +CVE-2023-40548,0,0,d740a2b8a13e8813735dd2afef30cd8df83a004b64be9266b3a33c9494c9c627,2024-04-04T17:15:09.550000 CVE-2023-40549,0,0,f3e5db151ee531b27b6ccdd941e8af2105e35d0f53958595d6c0bc80cce5e542,2024-02-05T21:33:24.707000 CVE-2023-4055,0,0,a76fc1fa0e45973f400a49513a2db89a2627bd4fbf5c01947ac1c4f676cd8aeb,2023-08-09T21:15:11.820000 CVE-2023-40550,0,0,9f289352f5b3ef8fe58f1e2bc083f0230602eb136dcc409311dd01025296c62a,2024-02-05T21:38:37.280000 @@ -230523,7 +230523,7 @@ CVE-2023-43148,0,0,bcd732cc1050454e4fa39cb410bf77996df3ea3ea8cfce5b061a502523e02 CVE-2023-43149,0,0,2be95d2375c931679cfabb49c9f9e4d0e571ef805feddee3469668078b2d8cc1,2023-10-16T12:57:49.633000 CVE-2023-4315,0,0,86e986c2f24c20d6052125bbfa19da0ca5713fcc5244dac5569fc586e86bbd7d,2023-11-07T04:22:27.620000 CVE-2023-43154,0,0,61f5e3e4f211bf9ef84e35f2349da56d84187c8d6749f4fdc57054d669972e4e,2023-10-02T16:51:34.027000 -CVE-2023-4316,0,1,a9b4cf8356936118a8822eb197081912ca262cb526733d3da4dde5a86eac48aa,2024-04-04T16:15:07.953000 +CVE-2023-4316,0,0,a9b4cf8356936118a8822eb197081912ca262cb526733d3da4dde5a86eac48aa,2024-04-04T16:15:07.953000 CVE-2023-4317,0,0,53eb9068e56ad5dc8d8959fc559c8a4ac0966edaf929b4380972b6423bd010bf,2023-12-06T19:21:43.160000 CVE-2023-43176,0,0,dc7dcf2518f44c0a74382353e5f54848be5d03ed82af223f895bd59e9f129ccc,2023-10-05T16:47:03.923000 CVE-2023-43177,0,0,e23acbd85fc610f03b9f19778e99534aafd20e9399587730122a8d9d88086ad4,2023-11-29T20:52:51.427000 @@ -238796,7 +238796,7 @@ CVE-2024-1019,0,0,27c6fed97db80e9684966512d657c2ae1b8d86be0f46f2f894fd714e51d0d5 CVE-2024-1020,0,0,4c2c67d1272a1241939200f4f72c9a4b440d9da781cef4eac80461cd259df11b,2024-03-21T02:51:32.967000 CVE-2024-1021,0,0,1eaf33062f30028d852272789fbe1f3c95b6597cfa3d193da2a9c2b146b71925,2024-03-21T02:51:33.050000 CVE-2024-1022,0,0,bf7c09b8fcc7f97c5a24a4c708297fbca74621e9fdb442e444ef6e47ad6eb0de,2024-03-21T02:51:33.147000 -CVE-2024-1023,0,1,9ee92eacbb88b3a332d00d2f435c33ab1fd5765d942fefa4d1a8192f971c38ba,2024-04-04T16:15:08.140000 +CVE-2024-1023,0,0,9ee92eacbb88b3a332d00d2f435c33ab1fd5765d942fefa4d1a8192f971c38ba,2024-04-04T16:15:08.140000 CVE-2024-1024,0,0,7e6c1b50133d41206c0ea240e83269bb1fd6bdba3336e6ba3bdaf2e921f883f4,2024-03-21T02:51:33.253000 CVE-2024-1026,0,0,fa3a6e8906b5c145d772b6778f9660482bd1e1779e8012ee6ee53f0f577f7493,2024-03-21T02:51:33.340000 CVE-2024-1027,0,0,3c9d16741461ee6b8dbdb696da6c985fd26dd1ea5f6d61c74f8e0497827db059,2024-03-21T02:51:33.427000 @@ -239015,7 +239015,7 @@ CVE-2024-1294,0,0,1a6fde55ee17952393d258a28e1938bfe41cafec05fa305cc82057814b7c2b CVE-2024-1296,0,0,ab648d9dba58ca530bb990b50d92c4f5ce9f591faa8fbeeb49385095b8425c33,2024-03-13T18:16:18.563000 CVE-2024-1297,0,0,1fc219bb038ab422185a999365115aff94759fe3e5ff94e3dc4180f1d6bc82d0,2024-02-20T19:50:53.960000 CVE-2024-1299,0,0,165a6e5bf7396c9871edb84a6ce28d3386b33fd34eb9238065e890fa150a178a,2024-03-07T13:52:27.110000 -CVE-2024-1300,0,1,719eaee7c93c572fb19b10a479f15b73430ece34c0a0712bc6a25cc9815e6c2b,2024-04-04T16:15:08.410000 +CVE-2024-1300,0,0,719eaee7c93c572fb19b10a479f15b73430ece34c0a0712bc6a25cc9815e6c2b,2024-04-04T16:15:08.410000 CVE-2024-1301,0,0,68d5e322fab21220735382791ea9287e8104e954fa5bc7b1f8f02021f25e280b,2024-03-12T17:46:17.273000 CVE-2024-1302,0,0,e42b35f7a02693024fada8fec8e812444e0bb721c54c537bf6c1b8db8c60ce66,2024-03-12T17:46:17.273000 CVE-2024-1303,0,0,d6386ac67e1b3bd9c657849a1747229ab86034b9c989d20fb5cde0be8bba0359,2024-03-12T17:46:17.273000 @@ -239231,7 +239231,7 @@ CVE-2024-1624,0,0,8ff2a979e4088239466c1acbb0cfaf042208e053724e13d43a230f06f51b58 CVE-2024-1631,0,0,fc2893d5d84aff0551fae290d2fe3cfb3246f815cc3e85e7be8cb7a443e59ea9,2024-02-22T19:07:37.840000 CVE-2024-1632,0,0,6e1c47780d96ad6fcb59ec0ca790b51a445b7ba6bfe735fc687e801fa4e9fa24,2024-02-28T14:06:45.783000 CVE-2024-1633,0,0,38fdaaa081cb72684e8a3a7c24003a4981094738f4cb62580982692842e12368,2024-02-20T19:50:53.960000 -CVE-2024-1635,0,0,7e65d8ca84ffb40c62a1bd7446f2ac1854a183f40c187e3af538856894a18d62,2024-03-22T19:15:08.357000 +CVE-2024-1635,0,1,e1588f2cd247e15e68626e1a5acb1d2b5be9c85501293daf78f9466841e901e5,2024-04-04T18:15:09.393000 CVE-2024-1636,0,0,110561fc2d8220a09cd098605d5d9c82332c44e2266859d6f751e2ed66576fc3,2024-02-28T14:06:45.783000 CVE-2024-1638,0,0,3d25792f560ad8670a55d542406f093195536acafd656ae4b3cd5fcca03c7380,2024-02-20T19:50:53.960000 CVE-2024-1640,0,0,3de113a5a2a8fc8c6ec04f102502cb7635248dd1f83ad2ae4c7d82063b072cd9,2024-03-13T18:15:58.530000 @@ -239862,7 +239862,7 @@ CVE-2024-20984,0,0,585d056539d5b2a7ec102aa133531262bc58f31d6c087eb30a1c927656ef9 CVE-2024-20985,0,0,1887d4efcd4074083ed6001311349bddeba13ac350578caa9144fb2633e7d1e2,2024-02-02T17:27:12.127000 CVE-2024-20986,0,0,55fd916bbc66a048aba24029df1cdbff6d17cbdc5963bc85efdc3f349c48d99c,2024-02-20T19:50:53.960000 CVE-2024-20987,0,0,e6a4199f934ca8909c51db00ae903048e2b51791ebdf6565c06b10750c7af3ef,2024-01-20T18:30:16.877000 -CVE-2024-2103,1,1,4fbc7759ec04cbd8dcaf90ff3673d883a19d6e5b7f551eb0cdbf90e5382ac9d8,2024-04-04T16:33:06.610000 +CVE-2024-2103,0,0,4fbc7759ec04cbd8dcaf90ff3673d883a19d6e5b7f551eb0cdbf90e5382ac9d8,2024-04-04T16:33:06.610000 CVE-2024-2106,0,0,15de6b929ace188c18cf26b3c461a92f15449ebc8c35903dbddfc1b7b27db756,2024-03-13T18:15:58.530000 CVE-2024-2107,0,0,b116f601239eee1477d732dcdf4bd402d2ca5c711c20a89df0a8e9dd54cd4cd1,2024-03-13T12:33:51.697000 CVE-2024-2108,0,0,c2fa70d90e7c92604d37599b63a68c51b88c7a208a94e63da1f79da8e05cb6df,2024-03-29T12:45:02.937000 @@ -240350,7 +240350,7 @@ CVE-2024-22178,0,0,0704e65ab7c5164ebd76a87fea885127f6bd30204a3abe8ca923967590841 CVE-2024-22180,0,0,19e9318ece70bb0e88968bad696b07798db0b84c54153f426e33acb6b2d89f93,2024-04-02T12:50:42.233000 CVE-2024-22182,0,0,8fb954f2fbefb93ce09c3ae1b2da1867c7de47107fb744c3b547b750263f6217,2024-03-21T02:52:00.913000 CVE-2024-22188,0,0,454846b26f0209c1a43fdf159574f9578934720b1b56e74466fc620d8647279d,2024-03-05T13:41:01.900000 -CVE-2024-22189,0,1,131cbc58bd15765e5db3a464a1a8d8116baf6110fe21ba9d960b5634ca40a07c,2024-04-04T16:33:06.610000 +CVE-2024-22189,0,0,131cbc58bd15765e5db3a464a1a8d8116baf6110fe21ba9d960b5634ca40a07c,2024-04-04T16:33:06.610000 CVE-2024-22190,0,0,b6052bec184e44f4bdb37913f09378ade6ba357d503aeeeace40339b578d1a46,2024-01-18T13:48:07.553000 CVE-2024-22191,0,0,be01210972ad533e56be565fccc94079f011ea86ba8cff7f641dea0bfb25ce97,2024-01-24T18:13:53.947000 CVE-2024-22192,0,0,0a45578662a753528ffcf359d04d978d5ce5bc4a1429fd84d91a14073d480521,2024-01-24T18:13:38.807000 @@ -241634,6 +241634,7 @@ CVE-2024-25002,0,0,5b471b86f2b8e38328babfc3642e60a83c0e02cb964240f5f385287d2af3c CVE-2024-25003,0,0,81fc44567692de3ff8c7fc733c0c0e2d235894df02bbd6e47e58282e052331c4,2024-02-14T20:15:45.910000 CVE-2024-25004,0,0,7a3e97355ce2dbcf95cced55d21b2139e157cf3c2ca72e6e2fce6c561e1f0059,2024-02-14T20:15:45.980000 CVE-2024-25006,0,0,278d69bef7a5b71fea8ac282ea762bfb648a5b4e588b178033e660e47357f487,2024-02-29T13:49:29.390000 +CVE-2024-25007,1,1,ce8b5c01df6f7ec15d37a22b534b628159055f55b7ce7744fbf101ffe9e41ac3,2024-04-04T19:24:50.670000 CVE-2024-25016,0,0,7e9eb7e6fcca7e9c1cce27612a823457d13842f65d70f0e121b2ced7865b5e82,2024-03-04T13:58:23.447000 CVE-2024-25021,0,0,268da4d399cf08337d73768c3fd4fa53ef33e5f2d74019133c16ace4407a10a2,2024-02-22T19:07:27.197000 CVE-2024-25027,0,0,506fa0f038304c2bb065c6aafbb038363984a8c8037945872a1b74013246a31c,2024-04-02T17:57:34.440000 @@ -241953,7 +241954,22 @@ CVE-2024-25678,0,0,9470e3115b8c3f5b60b6b175aa8ef46b05e07e3f194ab4ff036467dbe264b CVE-2024-25679,0,0,224a0956154aafe3a65144732719712897f981c578a083f4eecb3f79135bc5a3,2024-02-15T18:44:40.547000 CVE-2024-2568,0,0,b2b3369590b93110ca505e3e8d295cd8a51da537ad9364e29684db33ac6f04f5,2024-03-21T02:52:38.777000 CVE-2024-2569,0,0,1d362995a5aa17015db888992398a151ed5b3486567ce5d44882a78b4e947bbe,2024-03-21T02:52:38.860000 +CVE-2024-25690,1,1,389cc0412a2eecfe59f0beaf3f9da72a6f75c38e312a0be5cf9ab78c32bfeec6,2024-04-04T19:24:50.670000 +CVE-2024-25692,1,1,0850f39dc262e76757775edc71896e1c0ffc78ca2b0a0107f47c50fe1d686922,2024-04-04T19:24:50.670000 +CVE-2024-25693,1,1,3dd77afe2c3d2ebc54b78cd12c9955bf557cc99f461239f7bbc72829657007af,2024-04-04T19:24:50.670000 +CVE-2024-25695,1,1,a200b8b5b6925daf8c52683286d292984bb884ee0b73011ac5d17f00f01c720e,2024-04-04T19:24:50.670000 +CVE-2024-25696,1,1,fc0369488cf462906b17b86173ef172ce1856090d7f584832f52c55f2749e128,2024-04-04T19:24:50.670000 +CVE-2024-25697,1,1,5aeaddecbf00f26c97b68e41d895951540f137d3fe7edc748e10590d447ad330,2024-04-04T19:24:50.670000 +CVE-2024-25698,1,1,04ce64ca5128eae221fd996b8cb7ca497dad580d40784a3bb64d07ae6da942af,2024-04-04T19:24:50.670000 +CVE-2024-25699,1,1,87d0c54ead858e76ea87400aeb18a6da4df57b81adb628ef89bf51fd19256ada,2024-04-04T19:24:50.670000 CVE-2024-2570,0,0,e1bdb3854d5b0d7fc151f905cd9c2ddca04b53a55da3859518acbf5dad2be699,2024-03-21T02:52:38.943000 +CVE-2024-25700,1,1,185a456e825a290375ee497129e6f21d92220ab7350efa34e5f79dcffa126922,2024-04-04T19:24:50.670000 +CVE-2024-25703,1,1,34c12fcea6ff8b0faf6f0581eb285ffb7e0820dee55d1b9c549bccf16a96e70f,2024-04-04T19:24:50.670000 +CVE-2024-25704,1,1,5342a5d06195cd46ba1dd0aa678630f661c4c94415cf4bd42a15b7d38a93ee13,2024-04-04T19:24:50.670000 +CVE-2024-25705,1,1,b1f1c79fa9f51669ab882870f7d81c5ffa3c8faf68e4ae7eb3f10e55e9f350e1,2024-04-04T19:24:50.670000 +CVE-2024-25706,1,1,d2f5451b47807d6e36340ef9d139fee7a5e141267db31cbac0117c186814a26c,2024-04-04T19:24:50.670000 +CVE-2024-25708,1,1,fbcfb0d8cdc60c01966873fd856275a98cc9621d58def08d8d655758827e9522,2024-04-04T19:24:50.670000 +CVE-2024-25709,1,1,80c9e281a0590d46db783a10d5f5e4a975636c19eaf0c81f037223f6b0271bff,2024-04-04T19:24:50.670000 CVE-2024-2571,0,0,1a7f96357383e6e41a67550f29d5be3cf53e72542ca00dc6be88239d1b6f2b5b,2024-03-21T02:52:39.020000 CVE-2024-25710,0,0,ab520189ef240d987a199d6e814c3161f9be705f75e79c9ab42865a168e0f18f,2024-03-07T17:15:12.940000 CVE-2024-25711,0,0,d3f8257017dbfc5bdd6c4e4b8e295b2d28e0327c4086b62797abd4226251f28d,2024-02-27T14:20:06.637000 @@ -242378,6 +242394,7 @@ CVE-2024-26596,0,0,2803c3b549b44ba7cecd9ac1430162205767f0e9836b1e5ab45cc66dabd39 CVE-2024-26597,0,0,98d17c648d291fbbd48c6391cb97940c9aa01d7e5da83fbaa07dee719ea6e8da,2024-02-23T16:14:43.447000 CVE-2024-26598,0,0,3809f87b73f8670bce7c0d4d9c0ca4b732f8aed5351b5f90e3e61d853947f78c,2024-02-23T16:14:43.447000 CVE-2024-26599,0,0,0641ea7592ee5f956df298df813657f138a609527f250cc998a11d698e0dc2cc,2024-02-23T16:14:43.447000 +CVE-2024-2660,1,1,2c6a37d067625fa4d91fdf5d4fe673cbea8dba989cf7340e195a70a952559f4e,2024-04-04T19:24:50.670000 CVE-2024-26600,0,0,c967e669b8dc1c398c391a67baeb20a028c116e1c9e8995fa190674b2ce453e2,2024-02-26T16:32:25.577000 CVE-2024-26601,0,0,d1f2880c84770148fac928bc914c5e3e1e77054a6615fd508dea9c472726a343,2024-03-01T14:15:54.050000 CVE-2024-26602,0,0,9c5686f95c797b041fd83fdb0374462b98546f1ee93289b9d03b0b6dd08b63f1,2024-02-26T16:32:25.577000 @@ -242612,7 +242629,7 @@ CVE-2024-2688,0,0,4d2ee00fbdc8f698cfa2b48095538092c3008625057bbba0ed83fe0f8586af CVE-2024-2689,0,0,d68b7b531c01d5a09731b87208da9eaed121f0d7bd207947a3e9e0d6d073f7a7,2024-04-04T12:48:41.700000 CVE-2024-2690,0,0,f6a4a686af3b1a0dbb43401fa520f310f97d65bad6a1a622e4cf5a92050e1908,2024-03-21T02:52:42.713000 CVE-2024-2692,0,0,660d169004889e7c431a6c456c160dc20b422f7884af25c1cfc8f41c46614653,2024-04-04T12:48:41.700000 -CVE-2024-2700,0,1,c59653065b8f6005c177dfe1120336c3bfe03f4a9f4e32351d79d4edb52d76c3,2024-04-04T16:33:06.610000 +CVE-2024-2700,0,0,c59653065b8f6005c177dfe1120336c3bfe03f4a9f4e32351d79d4edb52d76c3,2024-04-04T16:33:06.610000 CVE-2024-2702,0,0,d714950951d2438da53d97b453b8470335efdb106b4a3aaafe4c816e98d263df,2024-03-20T13:00:16.367000 CVE-2024-2703,0,0,fd6779f190b7c18473d13c554bb5288a6054f6758f3d10ae2c808243fc33b267,2024-03-21T02:52:42.793000 CVE-2024-2704,0,0,38bb2a044cf63b67539a331392299607bb3a2b2771fa1af46bd272846fa4ca05,2024-03-21T02:52:42.870000 @@ -242712,6 +242729,7 @@ CVE-2024-27255,0,0,1a87ed865e33969bd25e1a85296cce48c9cd6a59a0cfe097079e825c89c05 CVE-2024-2726,0,0,86fe8b0d397a8074a2c940021570750a55036cbee3d4d8f0a542dcc682e4af2c,2024-03-22T15:34:43.663000 CVE-2024-27265,0,0,caf2cbef481f9d0206d06f75a38ca052c5291ba0582e91875cea8f52e6d86a34,2024-03-19T16:52:02.767000 CVE-2024-27266,0,0,f3ab0f27c5fbbc81843b4329fa53134d5b91174cad9bacbbc5dbf01cfacc3864,2024-03-19T16:52:35.400000 +CVE-2024-27268,1,1,ec8ab2b812e2396f0ab0b5a14e21b3c51fdb1ed3a0dfc9397ca454660e8bd59d,2024-04-04T19:24:50.670000 CVE-2024-2727,0,0,958214357d5cfc59c51fd0300fa3ab5e09b0479b417a5156cb98159538007f76,2024-03-22T15:34:43.663000 CVE-2024-27270,0,0,90fac36f214c0b31b291ee9cc7c1398845637888710e65e72962c5636284122e,2024-03-27T15:49:51.300000 CVE-2024-27277,0,0,6c09ef572e665868238fb6d81d7d941702112e8d7fb954bfa230fe4edfeb437e,2024-03-21T19:47:03.943000 @@ -242810,9 +242828,9 @@ CVE-2024-27569,0,0,000ff88e8ff4678a3790d0ee96674581a9a53afd1b5f0d49033b717c5dd65 CVE-2024-27570,0,0,30e1bdadd931878127199d0565523cd94923921178695ba62d569ae38e48386b,2024-03-01T15:23:36.177000 CVE-2024-27571,0,0,2fcce61cb867ec2a650e4bd74e7018e990625a473882c12953648f5c8c2545b3,2024-03-01T15:23:36.177000 CVE-2024-27572,0,0,6169a6a6221da5c6dbb1556f7b45e6b45c4deebae5e21607b1e3cfa478f1fe5b,2024-03-01T15:23:36.177000 -CVE-2024-27575,0,1,afc7b04ef210ac39c15e15ada09e4cc2b69dc28951c307cca8faa1a110761c6a,2024-04-04T16:33:06.610000 +CVE-2024-27575,0,0,afc7b04ef210ac39c15e15ada09e4cc2b69dc28951c307cca8faa1a110761c6a,2024-04-04T16:33:06.610000 CVE-2024-2758,0,0,a3cb437eedb439caebfac4666310f05bccf69de779d818f9f315740c92bee7d8,2024-04-04T12:48:41.700000 -CVE-2024-2759,0,1,214f6949c2befc082f52e41d59ff53b41eff33329f7af55e01f219f99c2a04ee,2024-04-04T16:33:06.610000 +CVE-2024-2759,0,0,214f6949c2befc082f52e41d59ff53b41eff33329f7af55e01f219f99c2a04ee,2024-04-04T16:33:06.610000 CVE-2024-27602,0,0,641d004f193cbc187bf560868353a5607871444565457a2a1f222c57bafe0082,2024-04-03T12:38:04.840000 CVE-2024-27604,0,0,5dd90a20288c95f7805059ddcbf501c6de9e3b933a16f752b43bf101ed5f2058,2024-04-03T12:38:04.840000 CVE-2024-27605,0,0,4f744199930e3e7e9b7f220c4e73a81bb4fe207bf4ecc2f618ea8f6d8437d165,2024-04-03T12:38:04.840000 @@ -242898,7 +242916,7 @@ CVE-2024-27915,0,0,d4924e50464aaf41d040242348770ffaf78a24dc54a27fd2fcc5b39d7ef4b CVE-2024-27916,0,0,30309d15585040a1c780d50028da0fe5d532a005ec1e4063d6e9bd12c08015c3,2024-03-21T12:58:51.093000 CVE-2024-27917,0,0,349e8713d3d51447d52ce46614a2423fd24b4f2ec4e67177c8153367d08f6965,2024-03-06T21:42:48.053000 CVE-2024-27918,0,0,868a3b37587ecdd76b3199c3c20731cf2122d7105cc897cc5b148ffb34fda1e3,2024-03-21T12:58:51.093000 -CVE-2024-27919,0,1,3ca951d1e30e35ecb24ba9d2dbf61fc911393c2b4063f586add9fe01291581e8,2024-04-04T16:33:06.610000 +CVE-2024-27919,0,0,3ca951d1e30e35ecb24ba9d2dbf61fc911393c2b4063f586add9fe01291581e8,2024-04-04T16:33:06.610000 CVE-2024-27920,0,0,6ec71d20fda95aa314ebea84a76f86288fcc504f03e06de62bc6de74b1a250f7,2024-03-17T22:38:29.433000 CVE-2024-27921,0,0,1c81355f605d7298cbc75753b2712a3de8e2ce04eb2251f7609b0efa7c732356,2024-03-22T12:45:36.130000 CVE-2024-27922,0,0,d4151c4624aa3c19b5b11148e00e8a5f65dabdc6cd9b3e028f1e466040d02b72,2024-03-21T12:58:51.093000 @@ -243049,7 +243067,7 @@ CVE-2024-28179,0,0,ef6ae2036e6544bf5151cf60e7ee1d4ce9fa0e57ac3f9b1135a092fce4db6 CVE-2024-2818,0,0,aea687083c16896170a5552b37f956b1670d4afc51a0429ca79d8567da16c99d,2024-03-28T12:42:56.150000 CVE-2024-28180,0,0,70b7e15bae54b0026dbd7121b8d49cac4933c8976161f82f27967c15e8313bd2,2024-03-31T03:15:07.680000 CVE-2024-28181,0,0,6fe6fc40aea923ab45a31104eec21bd5517ea3b5ecb606b759ae10c9ef55df1d,2024-03-14T20:11:36.180000 -CVE-2024-28182,0,1,2798f6534e051bfb08228bfdcecd041d0100f0d02e4d7078f59b7ac2f5e3b0a3,2024-04-04T16:33:06.610000 +CVE-2024-28182,0,0,2798f6534e051bfb08228bfdcecd041d0100f0d02e4d7078f59b7ac2f5e3b0a3,2024-04-04T16:33:06.610000 CVE-2024-28183,0,0,643292dec7e2c62a314435936df2f6b3b26afeacc823e8335f2b17ff913aa8e1,2024-03-25T16:43:06.137000 CVE-2024-28184,0,0,477afbf0dc7ee8d9429045c75878ff2a88abaa5598b6ce7fba2a5f1850b6b613,2024-03-23T03:15:11.827000 CVE-2024-28186,0,0,bd19020fb98c7e49f4ae9534406a8116ce29f7f2cd9253fb5db74e8880c2331b,2024-03-13T12:33:51.697000 @@ -243250,6 +243268,7 @@ CVE-2024-28756,0,0,25c89ab9b64cbd69060fc1b1f68e4f1c76ee574185097dbf9146fc8b2b315 CVE-2024-28757,0,0,6f674e74da8b1d303f1997061736a8f7699c424c20f0aba68e441f140f441071,2024-03-23T03:15:11.920000 CVE-2024-28782,0,0,493e55169735d5727cf0c0e734e42ef2baf23f206bb8e4370c0853d4f8c42678,2024-04-03T12:38:04.840000 CVE-2024-28784,0,0,c979b0334a0081e1847a4bc955e67dbbc0397aed136c4d3aa1b489c4f3f267b2,2024-03-27T15:49:51.300000 +CVE-2024-28787,1,1,457a33de48d84658a723d853d18ee8a73c6b0e22ef35886b79ebbd18d53edcb2,2024-04-04T19:24:50.670000 CVE-2024-2879,0,0,054a6fdcadc9bcaaea40956329fc48dac6cafc8e30cc5dab57e2d3f376caf457,2024-04-03T12:38:04.840000 CVE-2024-28815,0,0,f9ba7e38674697b7d17d51e7b24c9c896d5b8cd72333d8b6833bda1b0cb49c74,2024-03-27T12:29:30.307000 CVE-2024-28816,0,0,4b9f923b99f4095b32672af0003c81bae1f3b3136774827600fae7accfedcfe3,2024-03-11T12:47:42.653000 @@ -243281,7 +243300,7 @@ CVE-2024-28867,0,0,a2663eb7659e9fb153cbffc3c6774d69ca0c4039f52756d8a5671465d9404 CVE-2024-28868,0,0,148f39496eb50fd19cf01404a0af3408bd44ce8d437a837fa99cdad3557f99f1,2024-03-21T12:58:51.093000 CVE-2024-2887,0,0,2797f3580910b2ccb8b3f25b6a77410f5acecf7fa931702ac72d99637f4042cf,2024-03-29T04:15:09.423000 CVE-2024-28870,0,0,0218e17e953f8b975dc3f30c4adbdf5a9fc1b6f636c9abfde4e0fccef897ce50,2024-04-04T12:48:41.700000 -CVE-2024-28871,0,1,58790479b1492fad8d6231ecb0cac6e36ee64f095f2ec4aec492543d2026e733,2024-04-04T16:33:06.610000 +CVE-2024-28871,0,0,58790479b1492fad8d6231ecb0cac6e36ee64f095f2ec4aec492543d2026e733,2024-04-04T16:33:06.610000 CVE-2024-2888,0,0,e48cc71bf8d96ab718c88bf59dd81f25047204b13c0446dd48014e6c60fc42d9,2024-03-26T12:55:05.010000 CVE-2024-2889,0,0,047900621574a9797901d8767443e859750a2765d7b4c1f50c805ec45928b2d3,2024-03-26T12:55:05.010000 CVE-2024-28891,0,0,d3e45bd47b45b967827b685dc5aca79c502a599b4c4b2ae06f1259844016862c,2024-03-22T12:45:36.130000 @@ -243392,7 +243411,7 @@ CVE-2024-29167,0,0,8910806bdade45cef2fce699101812e1f9a03ed00dfae9222ae416da2484d CVE-2024-2917,0,0,cc7c53d7d6aa23ee02922950dbfd98ec950f87014b4781a546614dff66bfbad3,2024-03-27T12:29:30.307000 CVE-2024-29179,0,0,f19d4d0a9f8b6dc85e6e021ab22950c73dd30b1b16e940f3cfc8d8b6deab42d4,2024-03-26T12:55:05.010000 CVE-2024-29180,0,0,41debf5c02b25447b090e1fe17310ae2918a3e33749dbf7033ce058b1311f912,2024-03-21T19:47:03.943000 -CVE-2024-29182,0,1,775bc70eb3d652f8a6a53cb291c4d7c37bb8cc49f6793111351388d7d8264668,2024-04-04T16:33:06.610000 +CVE-2024-29182,0,0,775bc70eb3d652f8a6a53cb291c4d7c37bb8cc49f6793111351388d7d8264668,2024-04-04T16:33:06.610000 CVE-2024-29184,0,0,5d28e98e710e6ef5aa032fbd7c50016a2d314d8a7140355939fc7fee0918ef2b,2024-03-22T19:02:10.300000 CVE-2024-29185,0,0,af76e58a10ef101eddf2c72b8d4ca18e1b3c4eb9c909bcbbf88ec5dc39d99611,2024-03-22T19:02:10.300000 CVE-2024-29186,0,0,9eae16b82ad0960a39bab28b7331d7fbcb06214ff5e685dffe5ebccb6351d6ff,2024-03-22T19:02:10.300000 @@ -243401,7 +243420,9 @@ CVE-2024-29188,0,0,936a9c226ba5e7f9ce4bf09d536924cb3ac611efe865e82a6596de0401a89 CVE-2024-29189,0,0,6878e9b35a058677d2a3fa4fc5bfa3461c367e63050b0e9c52331e170e2ec716,2024-03-26T12:55:05.010000 CVE-2024-2919,0,0,ad29039fe5d98450d154c2c80fbb9aad5b98a74f540bc7db235562b88e4d3a67,2024-04-04T12:48:41.700000 CVE-2024-29190,0,0,dd993808aabbfadd07f226263f194d2c29a65f1d0e197a65068c6fa33a34d2ff,2024-03-25T01:51:01.223000 -CVE-2024-29191,0,1,f81b4407815a42781eae0e07ee3f99d58c861f52d1d90078ab14ec6fb717360f,2024-04-04T16:33:06.610000 +CVE-2024-29191,0,0,f81b4407815a42781eae0e07ee3f99d58c861f52d1d90078ab14ec6fb717360f,2024-04-04T16:33:06.610000 +CVE-2024-29192,1,1,c06967daa6f3a37ee0cf82b273300e88debc3d481f7d083a99a9c63e93c87756,2024-04-04T19:24:50.670000 +CVE-2024-29193,1,1,0334a8a66b551697ea89c2e8fc9d4c96223e5186dadebbe457731ee96f0c9c8d,2024-04-04T19:24:50.670000 CVE-2024-29194,0,0,36d512805bdd559b5aed44ab66b4d59462ade6a55a42ec032a28e1189fcb28c5,2024-03-25T01:51:01.223000 CVE-2024-29195,0,0,12b6fcead703f320c2faaa3dbf933701901e834c51cbd479cd70a3447afc3114,2024-03-26T12:55:05.010000 CVE-2024-29196,0,0,e02aa4919ed0d6b8af5e1fbc5257465a64fdae2f23d9b9aaabfbc3da2c0d39fa,2024-03-26T12:55:05.010000 @@ -243732,12 +243753,15 @@ CVE-2024-30245,0,0,c550f2e08ca2abae6d23c532bde1ac0d011bfebcc7e2006a730d4259ffc3b CVE-2024-30246,0,0,ef2f9cbdf2157375c2b490b3135678cebbe062ec07ef752831bba7a8dadb10ff,2024-04-01T01:12:59.077000 CVE-2024-30247,0,0,b8cd33ca93898e7e11bf9981fcd02901000e5a3bab8027b365fc72e086e8c4a6,2024-04-01T01:12:59.077000 CVE-2024-30248,0,0,4c43963152883a6062a19090720aa1a677dd64ed7e60fa60f75d3204b7ed0a55,2024-04-02T18:12:16.283000 -CVE-2024-30250,0,1,d4c91b52e7ce4c3826ebfe4b0506b29f2a92b911536de8645e4f5c4e45878370,2024-04-04T16:33:06.610000 -CVE-2024-30260,1,1,53a68ae353495c80d5d447e9dd64955bc7cded16cfb5e4994cb366d0b2f97411,2024-04-04T16:33:06.610000 -CVE-2024-30261,0,1,f29558ae55bd6ca47bd5dfae867bb2008a3cd73d7f89b694daf87a66b35a249c,2024-04-04T16:33:06.610000 -CVE-2024-30263,1,1,4c971d82117c1897b9d66d07aa276cd1c0f14e7984016b397bcc8db8425e5240,2024-04-04T17:15:10.320000 +CVE-2024-30249,1,1,b5eba21814438c4e1a3ef97e0a76f9c8e347b440d3e249ce46e1eae5ce64e9fa,2024-04-04T19:24:50.670000 +CVE-2024-30250,0,0,d4c91b52e7ce4c3826ebfe4b0506b29f2a92b911536de8645e4f5c4e45878370,2024-04-04T16:33:06.610000 +CVE-2024-30252,1,1,b6d7c4bd509d9f0774d6943656971e4b68036813cf38ed2db60a8c1944b8cf86,2024-04-04T19:24:50.670000 +CVE-2024-30254,1,1,ad69a53ab45fa2dd08c93eaad54ffdf163154de857f05b80a3b804e09305e630,2024-04-04T19:24:50.670000 +CVE-2024-30260,0,0,53a68ae353495c80d5d447e9dd64955bc7cded16cfb5e4994cb366d0b2f97411,2024-04-04T16:33:06.610000 +CVE-2024-30261,0,0,f29558ae55bd6ca47bd5dfae867bb2008a3cd73d7f89b694daf87a66b35a249c,2024-04-04T16:33:06.610000 +CVE-2024-30263,0,1,6a1f1d03e4b4892044b17a4441df6e18091902fb61c4e9453e9e248247a1e2bf,2024-04-04T19:24:50.670000 CVE-2024-30265,0,0,f6c1bebbf0f1dd21a5d850b0d285e56edc6e352a64c24f325fdadabccdfb42c9,2024-04-04T12:48:41.700000 -CVE-2024-30266,1,1,d54283c3548d40ae157748dc50ebd3d7610cba8a4ef6358f6778ac8bb913f298,2024-04-04T16:33:06.610000 +CVE-2024-30266,0,0,d54283c3548d40ae157748dc50ebd3d7610cba8a4ef6358f6778ac8bb913f298,2024-04-04T16:33:06.610000 CVE-2024-3030,0,0,ed3d394560fc992f2a931197efacab6ed2b55fb06d9f3928dd0d9fc577ffe7d4,2024-04-04T12:48:41.700000 CVE-2024-30322,0,0,64e521cd60b942f55f264dd1b34a0063ca35d4db4eef121c1f7bc208aac4f7ab,2024-04-03T17:24:18.150000 CVE-2024-30323,0,0,e32fdd05c5f30f68cf1412b7e36fda0cb57a7690cef1889aa844a8506beb3ac4,2024-04-03T17:24:18.150000 @@ -243997,9 +244021,9 @@ CVE-2024-31062,0,0,9a85b45f2ef9be7ff3563a8d396c3a8dd45f237219d28fbf343c7fa8953f9 CVE-2024-31063,0,0,8c5e031664c3b218697e91183f663111a47f52e7fd5496cafc4f238d7a0c4ce8,2024-03-28T20:53:20.813000 CVE-2024-31064,0,0,f87fea954d6623f92ad98dc571744769b0a41ba2a8ecac509cf34a5bc1aaafc6,2024-03-28T20:53:20.813000 CVE-2024-31065,0,0,36c2c4ddfef551b3df9316a574430562ba7ec0ea51f9e5ecbfa0af993c7946d3,2024-03-28T20:53:20.813000 -CVE-2024-31080,0,1,2ca401fd0c1bed66d451d429c0a44a80ca91b5d5de868201fe057f3b492cfdf4,2024-04-04T16:33:06.610000 -CVE-2024-31081,0,1,a153eccae067a2f8e03bacbf6acb5a809a5d5fedc66a88773d969612a36b423a,2024-04-04T16:33:06.610000 -CVE-2024-31082,0,1,1a6d789846dce49d3862bee255d972938e0973085f31646705de1076cce206f9,2024-04-04T16:33:06.610000 +CVE-2024-31080,0,0,2ca401fd0c1bed66d451d429c0a44a80ca91b5d5de868201fe057f3b492cfdf4,2024-04-04T16:33:06.610000 +CVE-2024-31081,0,0,a153eccae067a2f8e03bacbf6acb5a809a5d5fedc66a88773d969612a36b423a,2024-04-04T16:33:06.610000 +CVE-2024-31082,0,0,1a6d789846dce49d3862bee255d972938e0973085f31646705de1076cce206f9,2024-04-04T16:33:06.610000 CVE-2024-31084,0,0,7e7f6ad60462c421140a8806edcef098f25e94de0014c2ff06256ca8e21d3894,2024-04-01T01:12:59.077000 CVE-2024-31085,0,0,159d63f28600902a854d5dada2c0b5fba89225c71015785af44f46e211303b47,2024-04-01T01:12:59.077000 CVE-2024-31087,0,0,add2066c1d5f1a4308c5f84501c183a9350a71ec462e958963303b4527a9777f,2024-04-01T01:12:59.077000 @@ -244039,12 +244063,12 @@ CVE-2024-31137,0,0,93ea23ee4690796d32c315978d003f41d7ce02519dd10c8757d1747031b17 CVE-2024-31138,0,0,ec113b29df9e8a0e0a04cdfcd522ad6e6cb96982fa47c7b0f359bd13de60b29b,2024-03-28T16:07:30.893000 CVE-2024-31139,0,0,6254efb24474a93bf19fb224a952376f20b94666e671b313ffb9fb5d6ba4e123,2024-03-28T16:07:30.893000 CVE-2024-31140,0,0,8ac72cdd6b5f7f56e71e87459ff46ad8714fcc8b963def523c845a786f9f62ca,2024-03-28T16:07:30.893000 -CVE-2024-3116,0,1,07e1280cec0acc3241084e2928dc995b883b3c79a61f023bec5928b4f884c12d,2024-04-04T16:33:06.610000 +CVE-2024-3116,0,0,07e1280cec0acc3241084e2928dc995b883b3c79a61f023bec5928b4f884c12d,2024-04-04T16:33:06.610000 CVE-2024-3117,0,0,136fb5551ef6dfa1bf4e08424db43ed91a6bb8dd83f3d6ce39a5378e07bb201b,2024-04-01T01:12:59.077000 CVE-2024-3118,0,0,f6c34b2c6946d5fdb10aa55aa3b524d7a78d6b6fed9a90242c451ed5ef8e29f1,2024-04-01T01:12:59.077000 -CVE-2024-31207,1,1,d3876c49ae6a717d1d96886a61c00def756b07d67a7072af0e0c707139e9cb22,2024-04-04T16:33:06.610000 -CVE-2024-31209,1,1,05d38da92090c630ce652bea70fb74ebd0e72d4aebc34edd452f84719c7d745a,2024-04-04T16:33:06.610000 -CVE-2024-31215,1,1,07f7af48d0999954ee8c150eeba531641360a8fad1af070d9e9675df4d3ed6e9,2024-04-04T16:33:06.610000 +CVE-2024-31207,0,0,d3876c49ae6a717d1d96886a61c00def756b07d67a7072af0e0c707139e9cb22,2024-04-04T16:33:06.610000 +CVE-2024-31209,0,0,05d38da92090c630ce652bea70fb74ebd0e72d4aebc34edd452f84719c7d745a,2024-04-04T16:33:06.610000 +CVE-2024-31215,0,0,07f7af48d0999954ee8c150eeba531641360a8fad1af070d9e9675df4d3ed6e9,2024-04-04T16:33:06.610000 CVE-2024-3124,0,0,0636ee928c0356d73e2effbc159ce59d850c83e7a22c6ba92b3f50b98c28bb80,2024-04-01T15:53:18.060000 CVE-2024-3125,0,0,7c2049f0f2088c1a2b8c1e4ee00a5f848a0ae8a9d91f54f3eb97b0a3f7d4e8d6,2024-04-01T15:53:18.060000 CVE-2024-3128,0,0,99e446b9358b3359d41455e79f935e7a2346ef504383103b90e3f03b87e0b1be,2024-04-01T15:53:18.060000 @@ -244095,7 +244119,7 @@ CVE-2024-3226,0,0,0d9ebebedadf244922f8385228c3d640f57a5f4e2e40a7b8124aa06fa756c4 CVE-2024-3227,0,0,5e86de506c0356caace938eb3ddc76daf74ee07964bebbed2f3824e6fdb4ef31,2024-04-03T12:38:04.840000 CVE-2024-3247,0,0,095afc187e8f976bc1a2eaa79a4c0328aa3c3e2487a10203585d8616775f8a4d,2024-04-03T12:38:04.840000 CVE-2024-3248,0,0,65f6d4ddfc43ae235edf2e59fc9daa1f1d020439a4fa197a41a6ddd58e106004,2024-04-03T12:38:04.840000 -CVE-2024-3250,0,1,a445140aa1591f9bca0d7ad5cee48163a1ac50d24ca9ed51f49beb5167dc6a43,2024-04-04T16:33:06.610000 +CVE-2024-3250,0,0,a445140aa1591f9bca0d7ad5cee48163a1ac50d24ca9ed51f49beb5167dc6a43,2024-04-04T16:33:06.610000 CVE-2024-3251,0,0,612fa2cbd1b7aa381067b911d8824859d86a26753bd39d3ebfa059bfd1d20eac,2024-04-03T12:38:04.840000 CVE-2024-3252,0,0,aa2e5a3beeb53d70ad7f51b4bbc1915ec41533b4a644198bc020755253bede7e,2024-04-03T12:38:04.840000 CVE-2024-3253,0,0,0972236c1835b9f5b2c1ab54b3987e593351bdd4ff986c80c53132587f0059fc,2024-04-03T12:38:04.840000 @@ -244110,6 +244134,6 @@ CVE-2024-3270,0,0,06803f1697053009ed748b01b78c6c9cfb2903b8272aa543347ffd9d7a62c6 CVE-2024-3272,0,0,f5835433047c6a0c2284c0da39d8664773c7fc640a51a26f69a0df8df0141ed9,2024-04-04T12:48:41.700000 CVE-2024-3273,0,0,6c4361eb020cbc89b8e3680431d3975940d415eea637023ddf0a1fa43ba10972,2024-04-04T12:48:41.700000 CVE-2024-3274,0,0,b6fe16ea3476ba5bfff59d78cd515051a8d17caf21476f4663ff5fcf2d000465,2024-04-04T12:48:41.700000 -CVE-2024-3296,0,1,166fd19b54c7f066a468db032b1192efadbbddbd2bd126df3550e4cdc8bb66bf,2024-04-04T16:33:06.610000 -CVE-2024-3298,0,1,56186a0c5d2e3bcaa6b6bd1b394585c42533a8f19e8ba33fa08b025b47b84ed1,2024-04-04T16:33:06.610000 -CVE-2024-3299,0,1,e27ead5ec50888cbdeacdd9f017ce3d5215207dea15a19473541db1dd6d943fd,2024-04-04T16:33:06.610000 +CVE-2024-3296,0,0,166fd19b54c7f066a468db032b1192efadbbddbd2bd126df3550e4cdc8bb66bf,2024-04-04T16:33:06.610000 +CVE-2024-3298,0,0,56186a0c5d2e3bcaa6b6bd1b394585c42533a8f19e8ba33fa08b025b47b84ed1,2024-04-04T16:33:06.610000 +CVE-2024-3299,0,0,e27ead5ec50888cbdeacdd9f017ce3d5215207dea15a19473541db1dd6d943fd,2024-04-04T16:33:06.610000