From d55b78d9aca17b43045178310321193c1cdb2083 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 14 Oct 2024 10:03:18 +0000 Subject: [PATCH] Auto-Update: 2024-10-14T10:00:17.875460+00:00 --- CVE-2023/CVE-2023-458xx/CVE-2023-45802.json | 50 ++-------- CVE-2024/CVE-2024-362xx/CVE-2024-36264.json | 14 +-- CVE-2024/CVE-2024-388xx/CVE-2024-38862.json | 78 +++++++++++++++ CVE-2024/CVE-2024-388xx/CVE-2024-38863.json | 78 +++++++++++++++ CVE-2024/CVE-2024-437xx/CVE-2024-43701.json | 37 ++++++++ CVE-2024/CVE-2024-469xx/CVE-2024-46911.json | 33 +++++++ CVE-2024/CVE-2024-91xx/CVE-2024-9137.json | 100 ++++++++++++++++++++ CVE-2024/CVE-2024-91xx/CVE-2024-9139.json | 100 ++++++++++++++++++++ CVE-2024/CVE-2024-95xx/CVE-2024-9575.json | 6 +- README.md | 27 +++--- _state.csv | 28 +++--- 11 files changed, 472 insertions(+), 79 deletions(-) create mode 100644 CVE-2024/CVE-2024-388xx/CVE-2024-38862.json create mode 100644 CVE-2024/CVE-2024-388xx/CVE-2024-38863.json create mode 100644 CVE-2024/CVE-2024-437xx/CVE-2024-43701.json create mode 100644 CVE-2024/CVE-2024-469xx/CVE-2024-46911.json create mode 100644 CVE-2024/CVE-2024-91xx/CVE-2024-9137.json create mode 100644 CVE-2024/CVE-2024-91xx/CVE-2024-9139.json diff --git a/CVE-2023/CVE-2023-458xx/CVE-2023-45802.json b/CVE-2023/CVE-2023-458xx/CVE-2023-45802.json index 8bb4032af01..5d201f42cd4 100644 --- a/CVE-2023/CVE-2023-458xx/CVE-2023-45802.json +++ b/CVE-2023/CVE-2023-458xx/CVE-2023-45802.json @@ -2,13 +2,13 @@ "id": "CVE-2023-45802", "sourceIdentifier": "security@apache.org", "published": "2023-10-23T07:15:11.330", - "lastModified": "2024-10-09T14:30:34.180", - "vulnStatus": "Analyzed", + "lastModified": "2024-10-14T09:15:02.967", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.\n\nThis was found by the reporter during testing of\u00a0CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During \"normal\" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.\n\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue.\n" + "value": "When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.\n\nThis was found by the reporter during testing of\u00a0CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During \"normal\" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.\n\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue." }, { "lang": "es", @@ -41,22 +41,22 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "security@apache.org", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-770" + "value": "CWE-404" } ] }, { - "source": "security@apache.org", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-400" + "value": "CWE-770" } ] } @@ -127,42 +127,6 @@ "tags": [ "Vendor Advisory" ] - }, - { - "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html", - "source": "security@apache.org", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/", - "source": "security@apache.org", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/", - "source": "security@apache.org", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/", - "source": "security@apache.org", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https://security.netapp.com/advisory/ntap-20231027-0011/", - "source": "security@apache.org", - "tags": [ - "Third Party Advisory" - ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-362xx/CVE-2024-36264.json b/CVE-2024/CVE-2024-362xx/CVE-2024-36264.json index bc0b3cbcac4..4e267a49a4f 100644 --- a/CVE-2024/CVE-2024-362xx/CVE-2024-36264.json +++ b/CVE-2024/CVE-2024-362xx/CVE-2024-36264.json @@ -2,8 +2,8 @@ "id": "CVE-2024-36264", "sourceIdentifier": "security@apache.org", "published": "2024-06-12T14:15:11.983", - "lastModified": "2024-09-26T14:32:51.617", - "vulnStatus": "Analyzed", + "lastModified": "2024-10-14T09:15:04.000", + "vulnStatus": "Modified", "cveTags": [ { "sourceIdentifier": "security@apache.org", @@ -15,7 +15,7 @@ "descriptions": [ { "lang": "en", - "value": "** UNSUPPORTED WHEN ASSIGNED ** Improper Authentication vulnerability in Apache Submarine Commons Utils.\n\nThis issue affects Apache Submarine Commons Utils: from 0.8.0.\n\nAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.\n\nNOTE: This vulnerability only affects products that are no longer supported by the maintainer.\n\n" + "value": "** UNSUPPORTED WHEN ASSIGNED ** Improper Authentication vulnerability in Apache Submarine Commons Utils.\n\nIf the user doesn't explicitly set `submarine.auth.default.secret`, a default value will be used.\n\n\nThis issue affects Apache Submarine Commons Utils: from 0.8.0.\n\nAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.\n\nNOTE: This vulnerability only affects products that are no longer supported by the maintainer." }, { "lang": "es", @@ -87,14 +87,6 @@ } ], "references": [ - { - "url": "http://www.openwall.com/lists/oss-security/2024/06/12/2", - "source": "security@apache.org", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, { "url": "https://github.com/apache/submarine/pull/1125", "source": "security@apache.org", diff --git a/CVE-2024/CVE-2024-388xx/CVE-2024-38862.json b/CVE-2024/CVE-2024-388xx/CVE-2024-38862.json new file mode 100644 index 00000000000..87084c3e91e --- /dev/null +++ b/CVE-2024/CVE-2024-388xx/CVE-2024-38862.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-38862", + "sourceIdentifier": "security@checkmk.com", + "published": "2024-10-14T08:15:02.563", + "lastModified": "2024-10-14T08:15:02.563", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35, <2.1.0p48 and <=2.0.0p39 (EOL) causes SNMP and IMPI secrets of host and folder properties to be written to audit log files accessible to administrators." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@checkmk.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "LOW", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@checkmk.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "references": [ + { + "url": "https://checkmk.com/werk/17095", + "source": "security@checkmk.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-388xx/CVE-2024-38863.json b/CVE-2024/CVE-2024-388xx/CVE-2024-38863.json new file mode 100644 index 00000000000..e18ca2a755f --- /dev/null +++ b/CVE-2024/CVE-2024-388xx/CVE-2024-38863.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-38863", + "sourceIdentifier": "security@checkmk.com", + "published": "2024-10-14T08:15:02.823", + "lastModified": "2024-10-14T08:15:02.823", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35 and <2.1.0p48 could lead to a leak of the token to facilitate targeted phishing attacks." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@checkmk.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "LOW", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 2.0, + "baseSeverity": "LOW" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@checkmk.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-598" + } + ] + } + ], + "references": [ + { + "url": "https://checkmk.com/werk/17096", + "source": "security@checkmk.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43701.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43701.json new file mode 100644 index 00000000000..291c57971da --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43701.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2024-43701", + "sourceIdentifier": "367425dc-4d06-4041-9650-c2dc6aaa27ce", + "published": "2024-10-14T09:15:04.157", + "lastModified": "2024-10-14T09:15:04.157", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "367425dc-4d06-4041-9650-c2dc6aaa27ce", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-362" + }, + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities", + "source": "367425dc-4d06-4041-9650-c2dc6aaa27ce" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-469xx/CVE-2024-46911.json b/CVE-2024/CVE-2024-469xx/CVE-2024-46911.json new file mode 100644 index 00000000000..abf38d6a59c --- /dev/null +++ b/CVE-2024/CVE-2024-469xx/CVE-2024-46911.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-46911", + "sourceIdentifier": "security@apache.org", + "published": "2024-10-14T09:15:04.297", + "lastModified": "2024-10-14T09:15:04.297", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-site Resource Forgery (CSRF), Privilege escalation vulnerability in Apache Roller. On multi-blog/user Roller websites, by default weblog owners are trusted to publish arbitrary weblog content and this combined with a deficiency in Roller's CSRF protections allowed an escalation of privileges attack. This issue affects Apache Roller before 6.1.4.\n\nRoller users who run multi-blog/user Roller websites are recommended to upgrade to version 6.1.4, which fixes the issue.\n\nRoller 6.1.4 release announcement:\u00a0 https://lists.apache.org/thread/3c3f6rwqptyw6wdc95654fq5vlosqdpw" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/6m0ghjo9j92qty00t2qb6qf2spds0p5t", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9137.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9137.json new file mode 100644 index 00000000000..50106649842 --- /dev/null +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9137.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2024-9137", + "sourceIdentifier": "psirt@moxa.com", + "published": "2024-10-14T09:15:04.403", + "lastModified": "2024-10-14T09:15:04.403", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The affected product lacks an authentication check when sending commands to the server via the Moxa service. This vulnerability allows an attacker to execute specified commands, potentially leading to unauthorized downloads or uploads of configuration files and system compromise." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "psirt@moxa.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.8, + "baseSeverity": "HIGH" + } + } + ], + "cvssMetricV31": [ + { + "source": "psirt@moxa.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.4, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.5 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@moxa.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "references": [ + { + "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241154-missing-authentication-and-os-command-injection-vulnerabilities-in-routers-and-network-security-appliances", + "source": "psirt@moxa.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9139.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9139.json new file mode 100644 index 00000000000..4c84d4a6998 --- /dev/null +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9139.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2024-9139", + "sourceIdentifier": "psirt@moxa.com", + "published": "2024-10-14T09:15:04.693", + "lastModified": "2024-10-14T09:15:04.693", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The affected product permits OS command injection through improperly restricted commands, potentially allowing attackers to execute arbitrary code." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "psirt@moxa.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.6, + "baseSeverity": "HIGH" + } + } + ], + "cvssMetricV31": [ + { + "source": "psirt@moxa.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@moxa.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241154-missing-authentication-and-os-command-injection-vulnerabilities-in-routers-and-network-security-appliances", + "source": "psirt@moxa.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-95xx/CVE-2024-9575.json b/CVE-2024/CVE-2024-95xx/CVE-2024-9575.json index 9f6878b9c8a..f523a9d2e03 100644 --- a/CVE-2024/CVE-2024-95xx/CVE-2024-9575.json +++ b/CVE-2024/CVE-2024-95xx/CVE-2024-9575.json @@ -2,7 +2,7 @@ "id": "CVE-2024-9575", "sourceIdentifier": "655498c3-6ec5-4f0b-aea6-853b334d05a6", "published": "2024-10-09T10:15:06.853", - "lastModified": "2024-10-10T12:51:56.987", + "lastModified": "2024-10-14T08:15:02.970", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -100,6 +100,10 @@ } ], "references": [ + { + "url": "https://patchstack.com/database/vulnerability/pretix-widget/wordpress-pretix-widget-plugin-1-0-5-local-file-inclusion-vulnerability?_s_id=cve", + "source": "655498c3-6ec5-4f0b-aea6-853b334d05a6" + }, { "url": "https://pretix.eu/about/en/blog/20241009-wordpress-plugin-1-0-6/", "source": "655498c3-6ec5-4f0b-aea6-853b334d05a6" diff --git a/README.md b/README.md index b035483bc79..aed14c2e998 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-10-14T08:00:21.039528+00:00 +2024-10-14T10:00:17.875460+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-10-14T07:15:03.103000+00:00 +2024-10-14T09:15:04.693000+00:00 ``` ### Last Data Feed Release @@ -33,27 +33,28 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -265465 +265471 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `6` +- [CVE-2024-38862](CVE-2024/CVE-2024-388xx/CVE-2024-38862.json) (`2024-10-14T08:15:02.563`) +- [CVE-2024-38863](CVE-2024/CVE-2024-388xx/CVE-2024-38863.json) (`2024-10-14T08:15:02.823`) +- [CVE-2024-43701](CVE-2024/CVE-2024-437xx/CVE-2024-43701.json) (`2024-10-14T09:15:04.157`) +- [CVE-2024-46911](CVE-2024/CVE-2024-469xx/CVE-2024-46911.json) (`2024-10-14T09:15:04.297`) +- [CVE-2024-9137](CVE-2024/CVE-2024-91xx/CVE-2024-9137.json) (`2024-10-14T09:15:04.403`) +- [CVE-2024-9139](CVE-2024/CVE-2024-91xx/CVE-2024-9139.json) (`2024-10-14T09:15:04.693`) ### CVEs modified in the last Commit -Recently modified CVEs: `8` +Recently modified CVEs: `3` -- [CVE-2023-48387](CVE-2023/CVE-2023-483xx/CVE-2023-48387.json) (`2024-10-14T06:15:02.290`) -- [CVE-2023-5716](CVE-2023/CVE-2023-57xx/CVE-2023-5716.json) (`2024-10-14T06:15:03.267`) -- [CVE-2024-0552](CVE-2024/CVE-2024-05xx/CVE-2024-0552.json) (`2024-10-14T07:15:02.297`) -- [CVE-2024-0794](CVE-2024/CVE-2024-07xx/CVE-2024-0794.json) (`2024-10-14T06:15:03.837`) -- [CVE-2024-2412](CVE-2024/CVE-2024-24xx/CVE-2024-2412.json) (`2024-10-14T07:15:02.793`) -- [CVE-2024-26263](CVE-2024/CVE-2024-262xx/CVE-2024-26263.json) (`2024-10-14T07:15:02.630`) -- [CVE-2024-3774](CVE-2024/CVE-2024-37xx/CVE-2024-3774.json) (`2024-10-14T07:15:02.943`) -- [CVE-2024-3777](CVE-2024/CVE-2024-37xx/CVE-2024-3777.json) (`2024-10-14T07:15:03.103`) +- [CVE-2023-45802](CVE-2023/CVE-2023-458xx/CVE-2023-45802.json) (`2024-10-14T09:15:02.967`) +- [CVE-2024-36264](CVE-2024/CVE-2024-362xx/CVE-2024-36264.json) (`2024-10-14T09:15:04.000`) +- [CVE-2024-9575](CVE-2024/CVE-2024-95xx/CVE-2024-9575.json) (`2024-10-14T08:15:02.970`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 97b6d7caf0e..42606b8e9e3 100644 --- a/_state.csv +++ b/_state.csv @@ -234306,7 +234306,7 @@ CVE-2023-45799,0,0,188b0f83d7878ae47b8098f969f768cf869e50e3dea08b261f247126db8b5 CVE-2023-4580,0,0,a57c3e7664e688b156820bd4b918e3f8486072b2b6add09845f38021feffdaf5,2023-09-14T03:53:15.150000 CVE-2023-45800,0,0,f496ca2530efaf7c1db1169c548eb0572c2c7fa0dc16de92c9d8b65231aa37ad,2023-12-15T18:50:06.017000 CVE-2023-45801,0,0,cf65d978a57bbdd5cf197844da19475d7658c7088a3bc16263e469fcf01449d6,2023-12-15T17:12:58.397000 -CVE-2023-45802,0,0,e4e76add47e3a811876be0dfb2ef021839e6e4b347665987bbaf1a44eff51f31,2024-10-09T14:30:34.180000 +CVE-2023-45802,0,1,8b3cdecaad63513060b2cc217b8caa27800f29debb41e85c772f92c84e24b817,2024-10-14T09:15:02.967000 CVE-2023-45803,0,0,23b8cbd7f626523fc6c08c975e564a6e86c86fc0e31e897720bf93e28c1eefe1,2023-11-03T22:15:11.693000 CVE-2023-45804,0,0,dc3dcadd1fa31289495558cbc9b18ddf506c53bed3ec877dd82065d35e3d6f57,2023-11-07T04:21:48.277000 CVE-2023-45805,0,0,513f366112bde8fc8e42fbdfa66a39be7b5c9845822dfc13910fb1d740f25275,2023-10-28T03:24:28.190000 @@ -236141,7 +236141,7 @@ CVE-2023-48381,0,0,ede26f12925c1821f6f142ebed294bd5e5e50d2f30ab39bd4b6e38b8d0245 CVE-2023-48382,0,0,80efd929370144f7e8414fcc3a10edcd20f6cacf10495678c380c118927b0fe0,2023-12-21T15:43:01.890000 CVE-2023-48383,0,0,81d39da21711251f8dc62ef92fef8fadcb350674ddcddc55f7347bbbcb2515f0,2024-01-22T15:26:02.633000 CVE-2023-48384,0,0,42e909718d7ee33165354fc358390bb313019a583bca3c20bbfddba3aa6201e7,2023-12-22T15:14:12.400000 -CVE-2023-48387,0,1,abfda96774d35092983cb6fcfa8caa3f912be28abb132bd5072b4c1393d79c0e,2024-10-14T06:15:02.290000 +CVE-2023-48387,0,0,abfda96774d35092983cb6fcfa8caa3f912be28abb132bd5072b4c1393d79c0e,2024-10-14T06:15:02.290000 CVE-2023-48388,0,0,86f9a15d7ea987f2e9aed6c57ee9a003ba19fa939c27b8777c12f21112d4078d,2023-12-22T16:07:01.780000 CVE-2023-48389,0,0,77aecf52d894aa4d5c2b0d3566483e81dc13a21d543875d52f6dee865b7db74c,2023-12-22T16:12:50.417000 CVE-2023-4839,0,0,a61ea6d5efde3d401cc22c5db261b2c372e7daa20f78bfc06e0bab3a618aa91b,2024-03-13T12:33:51.697000 @@ -239871,7 +239871,7 @@ CVE-2023-5712,0,0,3040c5423c81c73eca2b5f39124c068b5b0292ee34e4040f293a524f82be09 CVE-2023-5713,0,0,8491d2f03566bf34009b700115c5350ec2e8c0fbf305d7831b16109b099bc5a0,2023-12-11T17:51:32.003000 CVE-2023-5714,0,0,d994fc385dea83a4d77256ab286b12cd202a5b906ab6ab08e4b11e5172f136ca,2023-12-11T17:51:11.777000 CVE-2023-5715,0,0,2d6923fb501964ed5e4428f1dcf142048443a587671a5cd376dd7bf0e3b39b94,2023-11-29T19:50:49.370000 -CVE-2023-5716,0,1,0091e5588dc000557a2f770fc49fb2adde6ef46bac358c9481b7c4aaa551cacc,2024-10-14T06:15:03.267000 +CVE-2023-5716,0,0,0091e5588dc000557a2f770fc49fb2adde6ef46bac358c9481b7c4aaa551cacc,2024-10-14T06:15:03.267000 CVE-2023-5717,0,0,680cef698bb8af0d4a9c3a3eba421018f7b9f14739fbb2a140f6f47022f8894a,2024-08-27T15:21:29.377000 CVE-2023-5718,0,0,ca3a392a6db8689bdf3e820a456b31d961de6828f354ba39cec5f147de927593,2023-10-31T14:20:21.687000 CVE-2023-5719,0,0,971b5890c6534ae28c61415ab2eedf73ebecd2ed1c705f5603af8af0b90f3fec,2023-11-14T19:29:07.007000 @@ -241726,7 +241726,7 @@ CVE-2024-0548,0,0,cc762a29a1c66535e050c3dce59a46d7be653f6ea4693af2cc85c51a9f9821 CVE-2024-0549,0,0,1393f5b8cdc9e327fa6862e01e6396727ca7a0ac5b934bf16bb8c3e769c529f6,2024-04-16T13:24:07.103000 CVE-2024-0550,0,0,abc3547a7838ac73f19a1ebe9a4aa732476b85bf08336b5b46a7a52c09f46cf3,2024-02-28T14:06:45.783000 CVE-2024-0551,0,0,3bcd8ed6668581b560d620774527cfe0f50a7507d208b9889bb8c1c79dda71a1,2024-02-27T14:19:41.650000 -CVE-2024-0552,0,1,3db526843d7159db0ec8c4a84d60afc7c35b04c2944c230f691c3e9bb38ebc39,2024-10-14T07:15:02.297000 +CVE-2024-0552,0,0,3db526843d7159db0ec8c4a84d60afc7c35b04c2944c230f691c3e9bb38ebc39,2024-10-14T07:15:02.297000 CVE-2024-0553,0,0,f5aaab005c6250bd9169db9bffc1b34f92e8a0059e5e79538fe2daa4eac29ff7,2024-09-16T13:15:08.327000 CVE-2024-0554,0,0,be16417315b7a311600e94ec0549779d6adfd1584a8e8952a259fb4e0980804f,2024-01-23T19:37:17.313000 CVE-2024-0555,0,0,c8aacb2fdd19da501c6c82ff909d2c5a12900f2d0093adb7af16737ce17fb806,2024-01-23T19:57:48.237000 @@ -241952,7 +241952,7 @@ CVE-2024-0789,0,0,dd4dfae2cf9c1e14c885c435e4946684b1e28fce4e56958a0b475f730b1ce5 CVE-2024-0790,0,0,faf5037c158d063c7d3783eeaaf8baa8e520d90b8a2f56f0b34167c00c86529b,2024-02-13T19:42:38.757000 CVE-2024-0791,0,0,28d871b810a01f2865479d915af9f02c4315b0a78f02b99ea63400d030e61fc8,2024-02-13T19:42:31.100000 CVE-2024-0792,0,0,3c897030a6440dcf51b98af86df6699fa962819d4910e41908f270c3687602d0,2024-02-29T13:49:29.390000 -CVE-2024-0794,0,1,f274f1048f45d43481444d124e5e16f9d5f294a17d9dde3347ed7bc3b5c129bc,2024-10-14T06:15:03.837000 +CVE-2024-0794,0,0,f274f1048f45d43481444d124e5e16f9d5f294a17d9dde3347ed7bc3b5c129bc,2024-10-14T06:15:03.837000 CVE-2024-0795,0,0,13010a14cfca4ba438be4e16640f7a529befbeebc81d68239fbd69b9ad51ad0d,2024-03-04T13:58:23.447000 CVE-2024-0796,0,0,47bbb6139c910015cde726e99b527ba76bd0402c41cea9a56768d6bf5dbdbf2f,2024-02-13T19:40:50.223000 CVE-2024-0797,0,0,ac52bd8819712b2bf131565a21e96df820da6f5dc8293ddeb68b78d311c20616,2024-02-13T19:40:35.397000 @@ -246051,7 +246051,7 @@ CVE-2024-24113,0,0,f7b5b4db5df224f9c2c197ed33da223fb2b18c71499ac4c36636a1bea8905 CVE-2024-24115,0,0,959ac6be43ec58da6f6ede6694d707dcfda2d4bcc05d8a9e959ca4fb89f11460,2024-02-15T16:01:23.457000 CVE-2024-24116,0,0,5d6d27153b18e38eb00032f23817768e279d10ef41bee1a2219740d5db7f2ffc,2024-10-04T13:50:43.727000 CVE-2024-24117,0,0,2d10b248c1e27793764d33b55451a8b7892073aa7be5781d64ecd822caf24f75,2024-10-04T13:50:43.727000 -CVE-2024-2412,0,1,11fa9d7139e1164e0979e6f0b56eef9171d0f8f5c5255493e6d6a7a6c9fa3ed8,2024-10-14T07:15:02.793000 +CVE-2024-2412,0,0,11fa9d7139e1164e0979e6f0b56eef9171d0f8f5c5255493e6d6a7a6c9fa3ed8,2024-10-14T07:15:02.793000 CVE-2024-24122,0,0,088e2aeb4d3917a1b2e3f1f837b20a38954e4a435f2397d89aae32252b8cb826,2024-10-04T13:50:43.727000 CVE-2024-2413,0,0,bcce963a476349e5182596e9d4a6b2abe57a4b3c6a7908768bff05824ae06fd2,2024-03-13T12:33:51.697000 CVE-2024-24130,0,0,3711a524e7aaabb83e56488f8a369c6a69a909641f1667882c43871af5a9c3a7,2024-07-03T01:48:12.487000 @@ -247511,7 +247511,7 @@ CVE-2024-2626,0,0,5a6c338629bbaaf7065165299ae412c08d9197fb3cad2770c12e07d226bcbe CVE-2024-26260,0,0,65643e0ce4f84c48cec78b438df5085c99da999075d065c3a4c15ac8e9f87e0c,2024-06-28T02:15:03.190000 CVE-2024-26261,0,0,513bda7a092399193b5a95cba8191ef907d5160f5f00ea0bdca470614c45d8a0,2024-06-28T02:15:03.423000 CVE-2024-26262,0,0,477ca5f77e6d6ee11fb6414baf836a33792fc56d3dd35a0da6288b09c184bb21,2024-02-15T06:23:39.303000 -CVE-2024-26263,0,1,01c721ed608ba466b70edf9b59095566404cf1c91b43ac42afcfff0137ff50d9,2024-10-14T07:15:02.630000 +CVE-2024-26263,0,0,01c721ed608ba466b70edf9b59095566404cf1c91b43ac42afcfff0137ff50d9,2024-10-14T07:15:02.630000 CVE-2024-26264,0,0,bf52114dfe3cf3dd2fc7560bc6730e53c624d928ff0554d70b0919142e972a3c,2024-02-15T06:23:39.303000 CVE-2024-26265,0,0,48d2b9174778d4a475c5945869a28953f11cb3bc76a0cba653842a8fa9da595b,2024-10-02T16:15:10.190000 CVE-2024-26266,0,0,cd4c3538fa5abe1895c4c4433d10b2216b10f5bef416f2e6936da725b6d985af,2024-02-22T19:07:37.840000 @@ -254839,7 +254839,7 @@ CVE-2024-3626,0,0,ecad313ba7341fd9bbe18ef0c6d316a3039cc88d660f7ee647b2392d610dec CVE-2024-36260,0,0,eb0574ced86ce4421ec32797bfb96748b51a8c31102b417db4374d946aa9d144,2024-09-09T12:21:53.383000 CVE-2024-36261,0,0,c5e25a6ffc1d9b2b1a542491c796ec9c713e3656e35c75393a1c0c59fce58861,2024-09-23T14:16:44.273000 CVE-2024-36263,0,0,b19ce9bdaf5871a0e8a25ce5c3dd3fadaa21375012330812df4d2d32a979172d,2024-08-21T15:35:09.140000 -CVE-2024-36264,0,0,569fa130341baf06f8f4b2c8d6d8f8720949dafb665e33db1409a6089f84d59e,2024-09-26T14:32:51.617000 +CVE-2024-36264,0,1,902f0e415355048d98f149346eaafb6e286e187db1d5026fa72650af847ceca3,2024-10-14T09:15:04 CVE-2024-36265,0,0,12d738a1b4f63f0028c8f62cfbcac12211bd41f794fc3fcd67344ea579538e2e,2024-09-26T14:35:23.360000 CVE-2024-36266,0,0,9d2961d489b0fce568e04e4c1c269f16c8c57dd6d267e14663bd78f27bc7e154,2024-06-11T13:54:12.057000 CVE-2024-36267,0,0,66b127f77fa5a54e7fcd6fbeddc446c0aeca670a52e22fd99c771e136e0935f8,2024-07-03T02:03:00.383000 @@ -255777,7 +255777,7 @@ CVE-2024-37726,0,0,a5107b068d66c3570343545c901feb79b0c7fc6600c054d9141acb4f14ca7 CVE-2024-37728,0,0,9fdeecb364b87bafb0b693bb4113b35750631f81ebfeac89f6ccfc0bb2fe70dc,2024-09-11T15:15:12.140000 CVE-2024-37732,0,0,8bcaa977ac18e5833de4fd0520da90883ea1f9cf5405317587bb381c54de852f,2024-07-03T02:04:38.513000 CVE-2024-37734,0,0,0e5d8052c40ece19eb47666a762eea5411abf63f936921b36baec3d43e53baa8,2024-07-03T02:04:39.343000 -CVE-2024-3774,0,1,d847dbdeb31661bdc0237a3557023c7e14288e164a1cd1a248bde41e382e8e2d,2024-10-14T07:15:02.943000 +CVE-2024-3774,0,0,d847dbdeb31661bdc0237a3557023c7e14288e164a1cd1a248bde41e382e8e2d,2024-10-14T07:15:02.943000 CVE-2024-37741,0,0,f5ed3254675cb5ce3a67ab08ad08f5443ff303292af76c58fe640715a6de27a4,2024-07-03T14:27:08.057000 CVE-2024-37742,0,0,d5dbae2c1e5299395df558941706d9c9b36228086895b2fc3724f0d65b486081,2024-08-13T01:09:33.383000 CVE-2024-3775,0,0,b7d2a473bac9537035a8d6df6a365ee3b93ba49aa9ce7163db0aba168893a523,2024-04-15T13:15:31.997000 @@ -255790,7 +255790,7 @@ CVE-2024-37765,0,0,746df602d2e258f449976f05b63742f035e40ff54b364ebcd32658a0b67b7 CVE-2024-37767,0,0,7877c2515670214a904346d470123e251242a9f2784362e3de48ee06ec75e5c5,2024-07-08T15:49:22.437000 CVE-2024-37768,0,0,870c2e3ce3bd390df1e2f6d00c0b12856feb7e2e88c5200a479a671bc34243b0,2024-07-08T16:41:23.650000 CVE-2024-37769,0,0,5d562468fe4e62bf5aa053de70325d9517e92227326a41659856d8da2dd29323,2024-08-01T13:54:15.670000 -CVE-2024-3777,0,1,e0440f2946e797118e4ada7698a04ee3805fb04d32040b7b7160eb68c53547a3,2024-10-14T07:15:03.103000 +CVE-2024-3777,0,0,e0440f2946e797118e4ada7698a04ee3805fb04d32040b7b7160eb68c53547a3,2024-10-14T07:15:03.103000 CVE-2024-37770,0,0,4e93402ad3ed64140e35d7a96007b07c29c5c8b6e92be0f25f51076d1a6ceeef,2024-07-11T15:05:53.090000 CVE-2024-37779,0,0,6e59c8529157382fe2940395deacc91d059ba345fa934b0466ef9ccea286d30e,2024-09-27T14:35:03.517000 CVE-2024-3778,0,0,2b5fc9c77ae2f993ef971da35cf3870af6c405ab91c786afef1cf6cf11c368d8,2024-04-15T13:15:31.997000 @@ -256663,6 +256663,8 @@ CVE-2024-38859,0,0,de323bde3647e4f305c3b46157fa86379bf5b570b3bfbebf89dea8495917b CVE-2024-3886,0,0,637917caac7fdeed5913d854d310583d9de4da2bf7f910a461c6efc8f1bacf15,2024-09-03T18:48:14.927000 CVE-2024-38860,0,0,266a5ea7baf50ab92e42d7685db3a6cf2803dcca1365001a34024abb32b3b89e,2024-09-20T12:30:51.220000 CVE-2024-38861,0,0,c849569e1ce9ba1b5e191f651dac8e0341ee6fab90d6f85280ffa2b71faa4392,2024-09-30T12:46:20.237000 +CVE-2024-38862,1,1,21e6e45750161fcbd8074e4c8cd8e28a23245d7b3d28ac0a5b2f458bfe8bde9f,2024-10-14T08:15:02.563000 +CVE-2024-38863,1,1,947416fda2d0a99f106acd269148d3595950b0b341d0cf7a5a9aadd2889371ca,2024-10-14T08:15:02.823000 CVE-2024-38867,0,0,0587553b0e73bb3d7fb83caa644dbd7ff748ca26af84fce237e8ae38fe20168b,2024-08-13T08:15:10.817000 CVE-2024-38868,0,0,f5122b748e151420a9f3845d24af4920bd437f9bfb8619e2cdc643a0cfcffcd9,2024-09-04T19:13:29.983000 CVE-2024-38869,0,0,c0f887639cd5f8290b163362347e9df211e2de0bfae6dfee57ed54004469d16e,2024-08-30T18:15:07.150000 @@ -259617,6 +259619,7 @@ CVE-2024-43697,0,0,cfe52331ac6a90710fe2dc00d201bf0d4a824c6a2a13622442c0a8b269f0e CVE-2024-43699,0,0,78534d33d290678062dddcdfe24e803feecb99e21dbcb3ac97f746608e5c52e4,2024-10-08T15:44:29.183000 CVE-2024-4370,0,0,3c1f5b342c087fc6587c8bc9012541b58d80e50fdee9d14eea44daecdec82901,2024-05-15T16:40:19.330000 CVE-2024-43700,0,0,7d9ad3bdf541499d627305e5fd2f4d5ebf1292f98ea79760d8a63eda3d4aed15,2024-09-06T22:52:41.727000 +CVE-2024-43701,1,1,0b7bfe2ed77e2c251473de6714fa1acab50dcb23fe20e59ca100fb21a202d1d1,2024-10-14T09:15:04.157000 CVE-2024-4371,0,0,a0b0e0fb8c98057b2328743d7da5c32e9a585001a67e08f1632ceab0df487dfa,2024-07-15T16:42:39.107000 CVE-2024-4372,0,0,9ae4f43bf2d0d90214ce2e4715e0031799e31627a4319bb26ad2a73cf60988cf,2024-05-21T12:37:59.687000 CVE-2024-4373,0,0,95ffe3cd6afce20664a5281c9740358c7cd9b7c7a4c9be8031ba5b0e36cac33d,2024-05-15T16:40:19.330000 @@ -261245,6 +261248,7 @@ CVE-2024-4688,0,0,52289ed8c0286442cd44c00a18386eec964a66f3ff263d13f6b3a47ad78257 CVE-2024-46886,0,0,a928062ae00bc94e4a7abf511f66b23a1126250ea4d99006bdee4b18a22b92db,2024-10-10T12:56:30.817000 CVE-2024-46887,0,0,b7a0812e4d4a8d09f6eb4da630d645c25b0d554f80d4c4a4c7b07d79f22299bd,2024-10-10T12:56:30.817000 CVE-2024-4689,0,0,a13cc88d2e9b12d452cf9b42ce57cc1735d851f3f551a07c40e7bb0f2ee113b8,2024-05-14T16:11:39.510000 +CVE-2024-46911,1,1,c13f8d0102a83918280aa942c5da64550069a7b55c4abc0be81f9b5adedd122a,2024-10-14T09:15:04.297000 CVE-2024-46918,0,0,bb2eeb1c2eb1e1757cf1750044772f91012857866544e10c0b718da276cf0057,2024-09-20T18:14:23.897000 CVE-2024-4693,0,0,e3d9266511ed640ea0a2750bbbe8d9b8b25eda5f77b693324e75ee95f4a7a307,2024-05-14T16:11:39.510000 CVE-2024-46934,0,0,39cd5d62e62d306b30cc42f4b07a71f98f69814db0958da38caca7a2aa0c372d,2024-09-26T17:41:09.580000 @@ -265162,6 +265166,8 @@ CVE-2024-9125,0,0,178fee32dc964661b9c65fa72adfd723833bc712092eacf5141ac942799ac5 CVE-2024-9127,0,0,2a57398f5cef1966c50482248e5fdb86e0eae0bed7d0a3c554fbb9c182ab0a8a,2024-10-01T14:09:26.017000 CVE-2024-9130,0,0,c55ec493e0918bdc6346df7de1c7b50119b1912e830881716d5b60020f91e1cd,2024-10-04T17:18:59.130000 CVE-2024-9136,0,0,9b9746749b73403d8dc2b7a33b5935315a467feb0aa3698e70e44d08c2289a1f,2024-10-01T14:28:31.027000 +CVE-2024-9137,1,1,9065b9986e350cb1955cfbec462f81d3d3a9a0cca2dc3d030de4540532f9abca,2024-10-14T09:15:04.403000 +CVE-2024-9139,1,1,8abd4701bbbadf886f46b97a16411b209a6f799c5338d854df2af850e783fe81,2024-10-14T09:15:04.693000 CVE-2024-9141,0,0,1186d93c71ba2b76e7029b0455d3828535e51a6f22b721a65c3963a052cae512,2024-09-26T13:32:02.803000 CVE-2024-9142,0,0,f41ad411b11065ca581c6c09a7cdbabb7231f7d077f84444580389a46c43e76b,2024-09-26T13:32:02.803000 CVE-2024-9145,0,0,666aa1000539c0391187e882757d18372cd0bce4cc6b153bd670793f8325f34a,2024-10-04T13:51:25.567000 @@ -265371,7 +265377,7 @@ CVE-2024-9571,0,0,875a4a44417fabed8eda23f7f9f70cde202fd7e807f9d44c2058c5256366a8 CVE-2024-9572,0,0,6aa8ec5096cffb49c05ffcb187e769f5454844eed5ebf1e91e8e45ef57650b96,2024-10-08T18:45:03.117000 CVE-2024-9573,0,0,58c75dd5695e86f3dd5971604e3d0b5f4fa9518dd900d56e54c2dcc37c5c3326,2024-10-08T18:45:09.057000 CVE-2024-9574,0,0,a60670a65a4470a80e62c618e77fec3e5e5071e32e3c874874eb23f89671df72,2024-10-08T18:45:13.147000 -CVE-2024-9575,0,0,f6b14427489147da51632087d3ce5422a9383e0d7bccf4cb35592eda1a1d7d41,2024-10-10T12:51:56.987000 +CVE-2024-9575,0,1,902a179ba291c73f1ff19f974c0569ed05c8dbb3d8914c4f7409455feb2bd5d7,2024-10-14T08:15:02.970000 CVE-2024-9576,0,0,7a96a155cd09492144b259aa00c523497a7aeb66fdb84ed492d68f7654aa3880,2024-10-07T17:47:48.410000 CVE-2024-9581,0,0,7e794ddfbd39982571ae3eb7a6ed31de2e39b9b68467940cf54765cbd34b4390,2024-10-10T12:51:56.987000 CVE-2024-9586,0,0,4368833d576d2d29a3be207ba4d3db2b319533357ac5aa66b9912c07cc7722e0,2024-10-11T13:15:19.823000