admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-09-12T20:00:17.712319+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-09-12 20:03:17 +00:00
parent a7f6963a39
commit d82260fb81
109 changed files with 3063 additions and 410 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
CVE-2009/CVE-2009-16xx/CVE-2009-1605.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2009-1605",
"sourceIdentifier": "cve@mitre.org",
"published": "2009-05-11T20:00:00.250",
"lastModified": "2020-03-11T14:58:10.977",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T18:15:05.360",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -160,6 +160,14 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=690555",
"source": "cve@mitre.org"
},
{
"url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=451373e028f82fa2f1cc2a6a669df31d85c877bd",
"source": "cve@mitre.org"
}
]
}

12
CVE-2012/CVE-2012-53xx/CVE-2012-5340.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-5340",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-01-23T22:15:09.683",
"lastModified": "2020-01-28T17:42:14.503",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T18:15:05.503",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -122,6 +122,14 @@
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=693371",
"source": "cve@mitre.org"
},
{
"url": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=f919270b6a732ff45c3ba2d0c105e2b39e9c9bc9",
"source": "cve@mitre.org"
}
]
}

60
CVE-2020/CVE-2020-240xx/CVE-2020-24061.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2020-24061",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-12T18:15:05.660",
"lastModified": "2024-09-12T18:35:01.590",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) Vulnerability in Firewall menu in Control Panel in KASDA KW5515 version 4.3.1.0, allows attackers to execute arbitrary code and steal cookies via a crafted script"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/0xadik/CVEs/tree/main/CVE-2020-24061",
"source": "cve@mitre.org"
},
{
"url": "https://medium.com/%40sadikul.islam/kasda-kw5515-cross-site-scripting-html-injection-e6cb9f65ae89?sk=5e1ea8e1cba8dbeaff7f9cd710808354",
"source": "cve@mitre.org"
}
]
}

4
CVE-2021/CVE-2021-225xx/CVE-2021-22503.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-22503",
"sourceIdentifier": "security@opentext.com",
"published": "2024-09-12T13:15:08.203",
"lastModified": "2024-09-12T13:15:08.203",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-225xx/CVE-2021-22518.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-22518",
"sourceIdentifier": "security@opentext.com",
"published": "2024-09-12T13:15:08.553",
"lastModified": "2024-09-12T13:15:08.553",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-225xx/CVE-2021-22532.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-22532",
"sourceIdentifier": "security@opentext.com",
"published": "2024-09-12T13:15:08.837",
"lastModified": "2024-09-12T13:15:08.837",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-225xx/CVE-2021-22533.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-22533",
"sourceIdentifier": "security@opentext.com",
"published": "2024-09-12T13:15:09.137",
"lastModified": "2024-09-12T13:15:09.137",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-381xx/CVE-2021-38131.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-38131",
"sourceIdentifier": "security@opentext.com",
"published": "2024-09-12T13:15:09.700",
"lastModified": "2024-09-12T13:15:09.700",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-381xx/CVE-2021-38132.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-38132",
"sourceIdentifier": "security@opentext.com",
"published": "2024-09-12T13:15:10.050",
"lastModified": "2024-09-12T13:15:10.050",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-381xx/CVE-2021-38133.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-38133",
"sourceIdentifier": "security@opentext.com",
"published": "2024-09-12T13:15:10.327",
"lastModified": "2024-09-12T13:15:10.327",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2022/CVE-2022-263xx/CVE-2022-26322.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26322",
"sourceIdentifier": "security@opentext.com",
"published": "2024-09-12T13:15:10.620",
"lastModified": "2024-09-12T13:15:10.620",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

14
CVE-2023/CVE-2023-458xx/CVE-2023-45883.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45883",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-19T13:15:10.447",
"lastModified": "2023-10-27T21:53:17.253",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T19:35:04.833",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

12
CVE-2023/CVE-2023-460xx/CVE-2023-46033.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-46033",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-19T16:15:09.237",
"lastModified": "2024-08-02T21:15:48.740",
"lastModified": "2024-09-12T19:35:05.850",
"vulnStatus": "Modified",
"cveTags": [
{
@ -56,6 +56,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-460xx/CVE-2023-46042.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46042",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-19T15:15:09.917",
"lastModified": "2023-10-25T15:20:17.570",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T19:35:07.140",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-463xx/CVE-2023-46306.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46306",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-22T21:15:07.930",
"lastModified": "2023-11-02T15:47:02.097",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T19:35:08.270",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-463xx/CVE-2023-46315.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46315",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-22T22:15:08.797",
"lastModified": "2023-10-30T19:09:47.337",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T18:35:10.680",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-464xx/CVE-2023-46424.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46424",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-25T20:15:12.927",
"lastModified": "2023-11-01T16:37:51.027",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T18:35:11.443",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-77"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-469xx/CVE-2023-46927.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46927",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-01T15:15:08.707",
"lastModified": "2023-11-08T19:35:56.783",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T18:35:12.197",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-523xx/CVE-2023-52325.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52325",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:09.383",
"lastModified": "2024-01-30T18:45:29.687",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T19:35:10.730",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-229xx/CVE-2024-22914.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22914",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T18:15:08.807",
"lastModified": "2024-01-25T15:25:00.303",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T18:35:14.880",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

57
CVE-2024/CVE-2024-234xx/CVE-2024-23489.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23489",
"sourceIdentifier": "secure@intel.com",
"published": "2024-08-14T14:15:18.817",
"lastModified": "2024-08-14T17:49:14.177",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T18:11:09.677",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -84,6 +104,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -95,10 +125,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:virtual_raid_on_cpu:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.0.1191",
"matchCriteriaId": "5FC96BAB-B4C8-418F-A0C9-BEA75864A983"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01128.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-234xx/CVE-2024-23497.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23497",
"sourceIdentifier": "secure@intel.com",
"published": "2024-08-14T14:15:19.500",
"lastModified": "2024-08-14T17:49:14.177",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T18:26:15.673",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -84,6 +104,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -95,10 +125,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:ethernet_800_series_controllers_driver:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "28.3",
"matchCriteriaId": "F7AEF475-A75F-4046-B1BF-24FB635BB5A7"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00918.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

14
CVE-2024/CVE-2024-237xx/CVE-2024-23744.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23744",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-21T23:15:44.833",
"lastModified": "2024-02-07T21:02:06.963",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T19:35:12.587",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [

57
CVE-2024/CVE-2024-239xx/CVE-2024-23908.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23908",
"sourceIdentifier": "secure@intel.com",
"published": "2024-08-14T14:15:20.210",
"lastModified": "2024-08-14T17:49:14.177",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T18:43:53.363",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -84,6 +104,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -95,10 +125,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:flexlm_license_daemons_for_intel_fpga:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.19.5.0",
"matchCriteriaId": "5B2DDCEE-5825-4809-8B01-B3B031A210DD"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01107.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-249xx/CVE-2024-24977.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24977",
"sourceIdentifier": "secure@intel.com",
"published": "2024-08-14T14:15:21.887",
"lastModified": "2024-08-14T17:49:14.177",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T18:45:58.803",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -84,6 +104,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -95,10 +125,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:license_manager_for_flexim:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.19.5.0",
"matchCriteriaId": "8DBC9EB7-3978-4E63-9566-23069C476FE2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01126.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

21
CVE-2024/CVE-2024-252xx/CVE-2024-25270.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-25270",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-12T19:15:03.290",
"lastModified": "2024-09-12T19:15:03.290",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in Mirapolis LMS 4.6.XX allows authenticated users to exploit an Insecure Direct Object Reference (IDOR) vulnerability by manipulating the ID parameter and increment STEP parameter, leading to the exposure of sensitive user data."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/fbkcs/CVE-2024-25270",
"source": "cve@mitre.org"
}
]
}

101
CVE-2024/CVE-2024-255xx/CVE-2024-25561.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25561",
"sourceIdentifier": "secure@intel.com",
"published": "2024-08-14T14:15:22.827",
"lastModified": "2024-08-14T17:49:14.177",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T18:50:32.413",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -84,6 +104,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -95,10 +125,75 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:hid_event_filter_driver:2.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B82CBC-D6AE-4232-AC4F-175504C474DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:nuc_m15_laptop_kit_lapbc510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "903F487C-6547-45C2-B6E0-0D78D17A6680"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:nuc_m15_laptop_kit_lapbc710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88F5EFA6-70D4-4806-8533-06CD8163822E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:nuc_m15_laptop_kit_laprc510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF758BA0-1D81-45D2-B29D-2F81B5C0F8D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:nuc_m15_laptop_kit_laprc710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA58273B-9EDD-4415-B39C-99103E6BADA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapac71g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA0DECB-3644-442B-AC63-EE46CF7B07F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapac71h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9504CD-2AE3-4A6C-8C51-5964A7D7978F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapkc51e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D173030A-3731-4146-B717-86B29D5542B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapkc71e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC56D54E-22B5-4900-BF8B-A04B52EAB61C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapkc71f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFCC3439-B37C-46F5-9C11-D4ECBBB8CFB7"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01089.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-273xx/CVE-2024-27320.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27320",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:11.987",
"lastModified": "2024-09-12T13:15:11.987",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-273xx/CVE-2024-27321.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27321",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:12.267",
"lastModified": "2024-09-12T13:15:12.267",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-27xx/CVE-2024-2743.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2743",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-09-12T17:15:04.177",
"lastModified": "2024-09-12T17:15:04.177",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

63
CVE-2024/CVE-2024-288xx/CVE-2024-28887.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28887",
"sourceIdentifier": "secure@intel.com",
"published": "2024-08-14T14:15:25.790",
"lastModified": "2024-08-14T17:49:14.177",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T18:51:49.010",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -84,6 +104,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -95,10 +125,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2021.11",
"matchCriteriaId": "FADEE936-7118-4205-BBBF-8EBF9CD0B272"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.1",
"matchCriteriaId": "EE6CF20E-ABCC-48E3-B4CC-625C383E50EC"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01129.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-289xx/CVE-2024-28947.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28947",
"sourceIdentifier": "secure@intel.com",
"published": "2024-08-14T14:15:26.017",
"lastModified": "2024-08-14T17:49:14.177",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T18:52:38.433",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -84,6 +104,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -95,10 +125,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:intel:server_board_s2600st_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "02.01.0017",
"matchCriteriaId": "BC306BE1-EA41-4821-A88B-8040B70AA8D5"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01121.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-289xx/CVE-2024-28990.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28990",
"sourceIdentifier": "psirt@solarwinds.com",
"published": "2024-09-12T14:16:06.273",
"lastModified": "2024-09-12T14:16:06.273",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-289xx/CVE-2024-28991.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28991",
"sourceIdentifier": "psirt@solarwinds.com",
"published": "2024-09-12T14:16:06.540",
"lastModified": "2024-09-12T14:16:06.540",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

63
CVE-2024/CVE-2024-290xx/CVE-2024-29015.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29015",
"sourceIdentifier": "secure@intel.com",
"published": "2024-08-14T14:15:26.450",
"lastModified": "2024-08-14T17:49:14.177",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T18:53:33.647",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -84,6 +104,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -95,10 +125,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.1",
"matchCriteriaId": "EE6CF20E-ABCC-48E3-B4CC-625C383E50EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:vtune_profiler:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.1",
"matchCriteriaId": "0D6D6BAD-1AF5-46C9-919C-D0D60D5BFE5E"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01122.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-33xx/CVE-2024-3305.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3305",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-09-12T13:15:12.540",
"lastModified": "2024-09-12T13:15:12.540",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-33xx/CVE-2024-3306.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3306",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-09-12T13:15:12.767",
"lastModified": "2024-09-12T13:15:12.767",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

293
CVE-2024/CVE-2024-341xx/CVE-2024-34163.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34163",
"sourceIdentifier": "secure@intel.com",
"published": "2024-08-14T14:15:26.713",
"lastModified": "2024-08-14T17:49:14.177",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T18:59:30.753",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -84,6 +104,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -95,10 +125,267 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:intel:nuc_x15_laptop_kit_lapbc510_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0083",
"matchCriteriaId": "46D7B4F8-D41B-4814-8FE9-B995466D2446"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapbc510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0C51886-FA64-487F-8A83-0A9450B09F20"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:intel:nuc_x15_laptop_kit_lapbc710_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0083",
"matchCriteriaId": "87A01075-3A68-4BB2-A1E1-2D43E9D37BA4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapbc710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3DE25D1-B564-4D30-BE44-A02BFEEE90A9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:intel:nuc_x15_laptop_kit_lapac71g_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0065",
"matchCriteriaId": "2D4CD37A-D26A-49CD-A83A-AC5E9B00EE86"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapac71g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA0DECB-3644-442B-AC63-EE46CF7B07F7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:intel:nuc_x15_laptop_kit_lapac71h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0065",
"matchCriteriaId": "50E01A68-894D-4A63-BF74-E7B089FE13C2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapac71h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9504CD-2AE3-4A6C-8C51-5964A7D7978F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:intel:nuc_x15_laptop_kit_lapkc51e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0048",
"matchCriteriaId": "173E9EA1-574F-40C9-B9F0-1D34EED39115"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapkc51e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D173030A-3731-4146-B717-86B29D5542B9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:intel:nuc_x15_laptop_kit_lapkc71e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0048",
"matchCriteriaId": "5EB26A98-A22A-4C09-8F88-242E6AEBFDA8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapkc71e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC56D54E-22B5-4900-BF8B-A04B52EAB61C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:intel:nuc_x15_laptop_kit_lapkc71f_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0048",
"matchCriteriaId": "16189DAB-8CB5-4A7A-8423-C9D572FA4CA4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapkc71f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFCC3439-B37C-46F5-9C11-D4ECBBB8CFB7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:intel:nuc_x15_laptop_kit_laprc510_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0066",
"matchCriteriaId": "51E1187F-F9F6-40D0-98B4-A733A476C100"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:intel:nuc_x15_laptop_kit_laprc510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F48A1D9E-1352-4540-B8DE-A52C8BAA7C37"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:intel:nuc_x15_laptop_kit_laprc710_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0066",
"matchCriteriaId": "3C736A23-6C96-4126-AB17-3679534B2052"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:intel:nuc_x15_laptop_kit_laprc710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D557E2C-04E4-4155-95EB-C5B3B226C4D8"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01022.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

29
CVE-2024/CVE-2024-343xx/CVE-2024-34334.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-34334",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-12T19:15:03.377",
"lastModified": "2024-09-12T19:15:03.377",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the forgot password function."
}
],
"metrics": {},
"references": [
{
"url": "http://foss-online.com",
"source": "cve@mitre.org"
},
{
"url": "http://ordat.com",
"source": "cve@mitre.org"
},
{
"url": "https://mind-bytes.de/sql-injection-in-foss-online-cve-2024-34334/",
"source": "cve@mitre.org"
}
]
}

29
CVE-2024/CVE-2024-343xx/CVE-2024-34335.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-34335",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-12T19:15:03.447",
"lastModified": "2024-09-12T19:15:03.447",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ORDAT FOSS-Online before version 2.24.01 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the login page."
}
],
"metrics": {},
"references": [
{
"url": "http://foss-online.com",
"source": "cve@mitre.org"
},
{
"url": "http://ordat.com",
"source": "cve@mitre.org"
},
{
"url": "https://mind-bytes.de/cross-site-scripting-in-foss-online-cve-2024-34335/",
"source": "cve@mitre.org"
}
]
}

29
CVE-2024/CVE-2024-343xx/CVE-2024-34336.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-34336",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-12T19:15:03.510",
"lastModified": "2024-09-12T19:15:03.510",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password functionality."
}
],
"metrics": {},
"references": [
{
"url": "http://foss-online.com",
"source": "cve@mitre.org"
},
{
"url": "http://ordat.com",
"source": "cve@mitre.org"
},
{
"url": "https://mind-bytes.de/offenlegung-existierender-benutzerkonten-in-foss-online-cve-2024-34336/",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-360xx/CVE-2024-36066.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-36066",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-12T19:15:03.567",
"lastModified": "2024-09-12T19:15:03.567",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not compliant with the security requirements of RFC 4211, and might make man-in-the-middle attacks easier. CMP includes password-based MAC as one of the options for message integrity and authentication (the other option is certificate-based). RFC 4211 section 4.4 requires that password-based MAC parameters use a salt with a random value of at least 8 octets. This helps to inhibit dictionary attacks. Because the standalone CMP client originally was developed as test code, the salt was instead hardcoded and only 6 octets long."
}
],
"metrics": {},
"references": [
{
"url": "https://datatracker.ietf.org/doc/html/rfc4211#section-4.4",
"source": "cve@mitre.org"
},
{
"url": "https://support.keyfactor.com/hc/en-us/articles/26965687021595-EJBCA-Security-Advisory-EJBCA-standalone-CMP-CLI-client",
"source": "cve@mitre.org"
}
]
}

57
CVE-2024/CVE-2024-392xx/CVE-2024-39283.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39283",
"sourceIdentifier": "secure@intel.com",
"published": "2024-08-14T14:15:27.277",
"lastModified": "2024-08-14T17:49:14.177",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T19:15:46.390",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -84,6 +104,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -95,10 +125,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:tdx_module_software:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.5.01.00.592",
"matchCriteriaId": "4BB53301-A438-4579-BD68-04AD5A5D9216"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01010.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-404xx/CVE-2024-40457.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40457",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-12T14:16:06.780",
"lastModified": "2024-09-12T17:35:00.590",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",

56
CVE-2024/CVE-2024-416xx/CVE-2024-41629.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-41629",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-12T18:15:07.800",
"lastModified": "2024-09-12T19:35:13.927",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in Texas Instruments Fusion Digital Power Designer v.7.10.1 allows a local attacker to obtain sensitive information via the plaintext storage of credentials"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://seclists.org/fulldisclosure/2024/Sep/1",
"source": "cve@mitre.org"
}
]
}

96
CVE-2024/CVE-2024-420xx/CVE-2024-42039.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42039",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-09-04T02:15:03.733",
"lastModified": "2024-09-04T13:05:36.067",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T19:37:01.487",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -51,10 +81,70 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32FBF39A-164F-4F98-AB49-28C50A430C36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01447F1-7F58-4AE3-B403-C01B2575D898"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2401DE15-9DBF-4645-A261-8C24D57C6342"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/9/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-423xx/CVE-2024-42364.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42364",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-23T16:15:06.510",
"lastModified": "2024-08-23T16:18:28.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-12T18:20:20.257",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,10 +81,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gethomepage:homepage:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "006F151B-2614-40B7-A62E-1827067AEF77"
}
]
}
]
}
],
"references": [
{
"url": "https://securitylab.github.com/advisories/GHSL-2024-096_homepage/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-424xx/CVE-2024-42483.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42483",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-12T15:18:22.093",
"lastModified": "2024-09-12T15:18:22.093",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-424xx/CVE-2024-42484.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42484",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-12T15:18:22.320",
"lastModified": "2024-09-12T15:18:22.320",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

72
CVE-2024/CVE-2024-437xx/CVE-2024-43782.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43782",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-23T15:15:16.600",
"lastModified": "2024-08-23T16:18:28.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-12T18:29:50.943",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,18 +81,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openedx:openedx:redwood1:*:*:*:*:*:*:*",
"matchCriteriaId": "0147BA00-D21D-4562-96C9-70F1C5351B3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openedx:openedx:redwood2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E709C02-0F0A-434E-A67C-5A21D453B5D1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openedx/openedx-translations/commit/3c4093705dec99590577c4d8270ce263f7fffc5a",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/openedx/openedx-translations/commit/b2444340e8702c7955310331c1db5fd85b25b92b",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/openedx/openedx-translations/security/advisories/GHSA-fg8c-2pvj-wx3j",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-437xx/CVE-2024-43791.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43791",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-23T15:15:16.830",
"lastModified": "2024-08-23T16:18:28.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-12T18:26:31.783",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,10 +81,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:steveklabnik:request_store:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B3C3B50-C36E-4263-8E50-2CA2F483BD83"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/steveklabnik/request_store/security/advisories/GHSA-frp2-5qfc-7r8m",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-438xx/CVE-2024-43826.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-43826",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-17T10:15:08.593",
"lastModified": "2024-08-19T12:59:59.177",
"lastModified": "2024-09-12T18:15:09.137",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: pass explicit offset/count to trace events\n\nnfs_folio_length is unsafe to use without having the folio locked and a\ncheck for a NULL ->f_mapping that protects against truncations and can\nlead to kernel crashes. E.g. when running xfstests generic/065 with\nall nfs trace points enabled.\n\nFollow the model of the XFS trace points and pass in an expl?cit offset\nand length. This has the additional benefit that these values can\nbe more accurate as some of the users touch partial folio ranges."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: pass explicit offset/count to trace events\n\nnfs_folio_length is unsafe to use without having the folio locked and a\ncheck for a NULL ->f_mapping that protects against truncations and can\nlead to kernel crashes. E.g. when running xfstests generic/065 with\nall nfs trace points enabled.\n\nFollow the model of the XFS trace points and pass in an expl\u0456cit offset\nand length. This has the additional benefit that these values can\nbe more accurate as some of the users touch partial folio ranges."
},
{
"lang": "es",

60
CVE-2024/CVE-2024-44xx/CVE-2024-4472.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-4472",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-09-12T19:15:04.233",
"lastModified": "2024-09-12T19:15:04.233",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3 prior to 17.3.2, where dependency proxy credentials are retained in graphql Logs."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/460289",
"source": "cve@gitlab.com"
},
{
"url": "https://hackerone.com/reports/2477062",
"source": "cve@gitlab.com"
}
]
}

25
CVE-2024/CVE-2024-451xx/CVE-2024-45181.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-45181",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-12T19:15:03.657",
"lastModified": "2024-09-12T19:15:03.657",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70. An improper bounds check allows crafted packets to cause an arbitrary address write, resulting in kernel memory corruption."
}
],
"metrics": {},
"references": [
{
"url": "https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/AdvisoryWIBU-94453.pdf",
"source": "cve@mitre.org"
},
{
"url": "https://wibu.com",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-451xx/CVE-2024-45182.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-45182",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-12T19:15:03.720",
"lastModified": "2024-09-12T19:15:03.720",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70 An improper bounds check allows specially crafted packets to cause an arbitrary address read, resulting in Denial of Service."
}
],
"metrics": {},
"references": [
{
"url": "https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/AdvisoryWIBU-94453.pdf",
"source": "cve@mitre.org"
},
{
"url": "https://wibu.com",
"source": "cve@mitre.org"
}
]
}

60
CVE-2024/CVE-2024-453xx/CVE-2024-45303.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-45303",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-12T19:15:03.793",
"lastModified": "2024-09-12T19:15:03.793",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Discourse Calendar plugin adds the ability to create a dynamic calendar in the first post of a topic to Discourse. Rendering event names can be susceptible to XSS attacks. This vulnerability only affects sites which have modified or disabled Discourse\u2019s default Content Security Policy. The issue is patched in version 0.5 of the Discourse Calendar plugin."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse-calendar/commit/81e1c8e3c4c02276fb890da7e3f684259aeb685c",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/discourse/discourse-calendar/security/advisories/GHSA-rq37-8pf3-4xc8",
"source": "security-advisories@github.com"
}
]
}

56
CVE-2024/CVE-2024-453xx/CVE-2024-45383.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45383",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-09-12T19:15:04.010",
"lastModified": "2024-09-12T19:15:04.010",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A mishandling of IRP requests vulnerability exists in the HDAudBus_DMA interface of Microsoft High Definition Audio Bus Driver 10.0.19041.3636 (WinBuild.160101.0800). A specially crafted application can issue multiple IRP Complete requests which leads to a local denial-of-service. An attacker can execute malicious script/application to trigger this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-664"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2008",
"source": "talos-cna@cisco.com"
}
]
}

96
CVE-2024/CVE-2024-454xx/CVE-2024-45441.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45441",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-09-04T02:15:03.983",
"lastModified": "2024-09-04T13:05:36.067",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T19:35:47.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -51,10 +81,70 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32FBF39A-164F-4F98-AB49-28C50A430C36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01447F1-7F58-4AE3-B403-C01B2575D898"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2401DE15-9DBF-4645-A261-8C24D57C6342"
}
]
}
]
}
],
"references": [
{
"url": "https://https://consumer.huawei.com/en/support/bulletin/2024/9/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

96
CVE-2024/CVE-2024-454xx/CVE-2024-45450.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45450",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-09-04T02:15:04.363",
"lastModified": "2024-09-04T13:05:36.067",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T19:30:22.863",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -51,10 +81,70 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32FBF39A-164F-4F98-AB49-28C50A430C36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01447F1-7F58-4AE3-B403-C01B2575D898"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2401DE15-9DBF-4645-A261-8C24D57C6342"
}
]
}
]
}
],
"references": [
{
"url": "https://https://consumer.huawei.com/en/support/bulletin/2024/9/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-456xx/CVE-2024-45619.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45619",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-09-03T22:15:05.527",
"lastModified": "2024-09-04T13:05:36.067",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T19:38:56.440",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -51,14 +71,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-45619",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309288",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-456xx/CVE-2024-45620.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45620",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-09-03T22:15:05.743",
"lastModified": "2024-09-04T13:05:36.067",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T19:38:16.130",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -51,14 +71,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-45620",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309289",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-458xx/CVE-2024-45823.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45823",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-09-12T15:18:22.547",
"lastModified": "2024-09-12T15:18:22.547",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-458xx/CVE-2024-45824.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45824",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-09-12T14:16:06.953",
"lastModified": "2024-09-12T14:16:06.953",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-458xx/CVE-2024-45825.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45825",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-09-12T15:18:23.387",
"lastModified": "2024-09-12T15:18:23.387",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-458xx/CVE-2024-45826.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45826",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-09-12T15:18:24.287",
"lastModified": "2024-09-12T15:18:24.287",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-458xx/CVE-2024-45846.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45846",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:12.920",
"lastModified": "2024-09-12T13:15:12.920",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-458xx/CVE-2024-45847.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45847",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:13.177",
"lastModified": "2024-09-12T13:15:13.177",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-458xx/CVE-2024-45848.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45848",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:13.437",
"lastModified": "2024-09-12T13:15:13.437",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-458xx/CVE-2024-45849.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45849",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:13.700",
"lastModified": "2024-09-12T13:15:13.700",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-458xx/CVE-2024-45850.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45850",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:13.933",
"lastModified": "2024-09-12T13:15:13.933",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-458xx/CVE-2024-45851.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45851",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:14.170",
"lastModified": "2024-09-12T13:15:14.170",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-458xx/CVE-2024-45852.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45852",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:14.403",
"lastModified": "2024-09-12T13:15:14.403",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-458xx/CVE-2024-45853.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45853",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:14.643",
"lastModified": "2024-09-12T13:15:14.643",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-458xx/CVE-2024-45854.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45854",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:14.900",
"lastModified": "2024-09-12T13:15:14.900",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-458xx/CVE-2024-45855.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45855",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:15.143",
"lastModified": "2024-09-12T13:15:15.143",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-458xx/CVE-2024-45856.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45856",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:15.373",
"lastModified": "2024-09-12T13:15:15.373",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-458xx/CVE-2024-45857.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45857",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:16.227",
"lastModified": "2024-09-12T13:15:16.227",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-46xx/CVE-2024-4612.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4612",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-09-12T17:15:04.740",
"lastModified": "2024-09-12T17:15:04.740",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-46xx/CVE-2024-4660.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4660",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-09-12T17:15:04.937",
"lastModified": "2024-09-12T17:15:04.937",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-54xx/CVE-2024-5435.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5435",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-09-12T17:15:05.147",
"lastModified": "2024-09-12T17:15:05.147",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

27
CVE-2024/CVE-2024-57xx/CVE-2024-5799.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-5799",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-12T06:15:23.777",
"lastModified": "2024-09-12T12:35:54.013",
"lastModified": "2024-09-12T18:35:22.903",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento CM Pop-Up Banners para WordPress anterior a la versi\u00f3n 1.7.3 no desinfecta ni escapa de algunos de sus campos emergentes, lo que podr\u00eda permitir que usuarios con altos privilegios como los colaboradores realicen ataques de cross site scripting."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/3ee3023a-541c-40e6-8d62-24b4b110633c/",

29
CVE-2024/CVE-2024-60xx/CVE-2024-6017.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6017",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-12T06:15:23.850",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-12T18:35:23.097",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "El complemento Music Request Manager de WordPress hasta la versi\u00f3n 1.3 no tiene verificaci\u00f3n CSRF en algunos lugares y le falta desinfecci\u00f3n y escape, lo que podr\u00eda permitir a los atacantes hacer que el administrador que haya iniciado sesi\u00f3n agregue payloads XSS almacenado a trav\u00e9s de un ataque CSRF."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/06d0559e-4389-4280-bbef-d100c0e07903/",

29
CVE-2024/CVE-2024-60xx/CVE-2024-6018.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6018",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-12T06:15:23.920",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-12T19:35:20.327",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "El complemento Music Request Manager de WordPress hasta la versi\u00f3n 1.3 no escapa al par\u00e1metro $_SERVER['REQUEST_URI'] antes de mostrarlo nuevamente en un atributo, lo que podr\u00eda generar cross site scripting reflejado en navegadores web antiguos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/c3f50e30-c7c5-4e7e-988c-ab884d75870b/",

29
CVE-2024/CVE-2024-60xx/CVE-2024-6019.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6019",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-12T06:15:24.000",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-12T19:35:20.560",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "El complemento Music Request Manager de WordPress hasta la versi\u00f3n 1.3 no desinfecta ni evita las solicitudes de m\u00fasica entrantes, lo que podr\u00eda permitir que usuarios no autenticados realicen ataques de cross site scripting contra administradores."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/5899c5c9-a550-4c86-a41d-7fcc1e84a7d3/",

4
CVE-2024/CVE-2024-63xx/CVE-2024-6389.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6389",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-09-12T17:15:05.340",
"lastModified": "2024-09-12T17:15:05.340",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-64xx/CVE-2024-6446.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6446",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-09-12T17:15:05.557",
"lastModified": "2024-09-12T17:15:05.557",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-65xx/CVE-2024-6510.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6510",
"sourceIdentifier": "a341c0d1-ebf7-493f-a84e-38cf86618674",
"published": "2024-09-12T15:18:26.347",
"lastModified": "2024-09-12T15:18:26.347",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

6
CVE-2024/CVE-2024-66xx/CVE-2024-6658.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-6658",
"sourceIdentifier": "security@progress.com",
"published": "2024-09-12T15:18:26.543",
"lastModified": "2024-09-12T15:18:26.543",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows OS Command Injection.This issue affects:\n\n\n\n\u202fProduct \n\n\n\n\n\nAffected Versions \n\n\n\n\n\nLoadMaster \n\n\n\n\n\nFrom 7.2.55.0 to 7.2.60.0 (inclusive) \n\n\n\n\n\n\u202f\u00a0\n\n\n\n\n\nFrom 7.2.49.0 to 7.2.54.11 (inclusive) \n\n\n\n\n\n\u202f\u00a0\n\n\n\n\n\n7.2.48.12 and all prior versions \n\n\n\n\n\n\n\n\nMulti-Tenant Hypervisor \n\n\n\n\n\n7.1.35.11 and all prior versions \n\n\n\n\n\n\n\n\n\n\nECS\n\n\n\n\n\nAll prior versions to 7.2.60.0 (inclusive)"
"value": "Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows OS Command Injection.This issue affects:\n\n\n\n?Product \n\n\n\n\n\nAffected Versions \n\n\n\n\n\nLoadMaster \n\n\n\n\n\nFrom 7.2.55.0 to 7.2.60.0 (inclusive) \n\n\n\n\n\n?\u00a0\n\n\n\n\n\nFrom 7.2.49.0 to 7.2.54.11 (inclusive) \n\n\n\n\n\n?\u00a0\n\n\n\n\n\n7.2.48.12 and all prior versions \n\n\n\n\n\n\n\n\nMulti-Tenant Hypervisor \n\n\n\n\n\n7.1.35.11 and all prior versions \n\n\n\n\n\n\n\n\n\n\nECS\n\n\n\n\n\nAll prior versions to 7.2.60.0 (inclusive)"
}
],
"metrics": {

60
CVE-2024/CVE-2024-66xx/CVE-2024-6678.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-6678",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-09-12T19:15:04.453",
"lastModified": "2024-09-12T19:15:04.453",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3 prior to 17.3.2, which allows an attacker to trigger a pipeline as an arbitrary user under certain circumstances."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/471923",
"source": "cve@gitlab.com"
},
{
"url": "https://hackerone.com/reports/2595495",
"source": "cve@gitlab.com"
}
]
}

4
CVE-2024/CVE-2024-67xx/CVE-2024-6700.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6700",
"sourceIdentifier": "security@pega.com",
"published": "2024-09-12T15:18:26.757",
"lastModified": "2024-09-12T15:18:26.757",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-67xx/CVE-2024-6701.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6701",
"sourceIdentifier": "security@pega.com",
"published": "2024-09-12T15:18:26.953",
"lastModified": "2024-09-12T15:18:26.953",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-67xx/CVE-2024-6702.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6702",
"sourceIdentifier": "security@pega.com",
"published": "2024-09-12T15:18:27.133",
"lastModified": "2024-09-12T15:18:27.133",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-68xx/CVE-2024-6840.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6840",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-09-12T17:15:05.773",
"lastModified": "2024-09-12T17:15:05.773",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

27
CVE-2024/CVE-2024-68xx/CVE-2024-6887.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6887",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-12T06:15:24.293",
"lastModified": "2024-09-12T12:35:54.013",
"lastModified": "2024-09-12T19:35:20.950",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento Giveaways and Contests by RafflePress para WordPress anterior a la versi\u00f3n 1.12.16 no desinfecta ni elude algunas de sus configuraciones de Sorteos, lo que podr\u00eda permitir que usuarios con privilegios elevados, como editores y superiores, realicen ataques de cross site scripting almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n multisitio)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/553806f4-da20-433c-8c19-35e6c87ccade/",

27
CVE-2024/CVE-2024-77xx/CVE-2024-7766.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-7766",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-12T06:15:24.363",
"lastModified": "2024-09-12T12:35:54.013",
"lastModified": "2024-09-12T19:35:21.117",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento Adicon Server de WordPress hasta la versi\u00f3n 1.2 no desinfecta ni escapa un par\u00e1metro antes de usarlo en una declaraci\u00f3n SQL, lo que permite a los administradores realizar ataques de inyecci\u00f3n SQL"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/ca4d629e-ab55-4e5d-80c9-fddbc9c97259/",

58
CVE-2024/CVE-2024-81xx/CVE-2024-8112.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8112",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-08-23T15:15:17.230",
"lastModified": "2024-08-23T16:18:28.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-12T18:23:22.507",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,18 +140,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jeesite:jeesite:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B23E99B7-85C4-4FF9-93C6-1654014F7444"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/thinkgem/jeesite5/issues/IAKGTV",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://vuldb.com/?ctiid.275633",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.275633",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

59
CVE-2024/CVE-2024-81xx/CVE-2024-8113.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8113",
"sourceIdentifier": "655498c3-6ec5-4f0b-aea6-853b334d05a6",
"published": "2024-08-23T15:15:17.593",
"lastModified": "2024-08-23T16:18:28.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-12T18:21:30.677",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,9 +59,41 @@
"baseSeverity": "HIGH"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "655498c3-6ec5-4f0b-aea6-853b334d05a6",
"type": "Secondary",
@ -73,10 +105,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pretix:pretix:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.7.0",
"matchCriteriaId": "E6A18526-A03F-4E05-B43C-28A8CC2352A5"
}
]
}
]
}
],
"references": [
{
"url": "https://pretix.eu/about/en/blog/20240823-release-2024-7-1/",
"source": "655498c3-6ec5-4f0b-aea6-853b334d05a6"
"source": "655498c3-6ec5-4f0b-aea6-853b334d05a6",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-81xx/CVE-2024-8124.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8124",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-09-12T17:15:06.007",
"lastModified": "2024-09-12T17:15:06.007",
"vulnStatus": "Received",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

56
CVE-2024/CVE-2024-83xx/CVE-2024-8311.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-8311",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-09-12T19:15:04.683",
"lastModified": "2024-09-12T19:15:04.683",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered with pipeline execution policies in GitLab EE affecting all versions from 17.2 prior to 17.2.5, 17.3 prior to 17.3.2 which allows authenticated users to bypass variable overwrite protection via inclusion of a CI/CD template."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-424"
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/479315",
"source": "cve@gitlab.com"
}
]
}

69
CVE-2024/CVE-2024-83xx/CVE-2024-8399.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8399",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-09-03T20:15:09.430",
"lastModified": "2024-09-04T13:05:36.067",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T19:45:07.347",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,74 @@
"value": "Los sitios web podr\u00edan utilizar enlaces de Javascript para falsificar direcciones URL en la barra de navegaci\u00f3n de Focus. Esta vulnerabilidad afecta a Focus para iOS < 130."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox_focus:*:*:*:*:*:iphone_os:*:*",
"versionEndExcluding": "130.0",
"matchCriteriaId": "EB3A1EE9-A7ED-4783-8456-22CF69AABE7F"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1863838",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-42/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

Some files were not shown because too many files have changed in this diff Show More