admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-09-11T20:00:17.699084+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-09-11 20:03:16 +00:00
parent fe3ed7f991
commit dcc0e33b30
32 changed files with 1543 additions and 396 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2022/CVE-2022-487xx/CVE-2022-48775.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2022-48775",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-16T12:15:02.793",
"lastModified": "2024-08-21T17:47:10.263",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-11T18:15:13.370",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj\n\nkobject_init_and_add() takes reference even when it fails.\nAccording to the doc of kobject_init_and_add()?\n\n If this function returns an error, kobject_put() must be called to\n properly clean up the memory associated with the object.\n\nFix memory leak by calling kobject_put()."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj\n\nkobject_init_and_add() takes reference even when it fails.\nAccording to the doc of kobject_init_and_add()\uff1a\n\n If this function returns an error, kobject_put() must be called to\n properly clean up the memory associated with the object.\n\nFix memory leak by calling kobject_put()."
},
{
"lang": "es",

34
CVE-2023/CVE-2023-388xx/CVE-2023-38849.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38849",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-25T22:15:09.430",
"lastModified": "2023-11-03T17:30:57.887",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-11T19:35:02.600",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-397xx/CVE-2023-39732.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39732",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-25T18:17:29.200",
"lastModified": "2023-10-31T18:35:31.140",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-11T19:35:03.440",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-397xx/CVE-2023-39733.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39733",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-25T18:17:29.247",
"lastModified": "2023-10-31T18:25:38.733",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-11T19:35:04.137",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-397xx/CVE-2023-39734.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39734",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-25T18:17:29.293",
"lastModified": "2023-10-31T18:21:22.830",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-11T19:35:04.820",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-397xx/CVE-2023-39740.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39740",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-25T18:17:29.517",
"lastModified": "2023-10-31T18:46:08.817",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-11T19:35:05.497",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-435xx/CVE-2023-43506.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43506",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-10-25T18:17:31.870",
"lastModified": "2023-11-01T16:22:56.507",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-11T18:35:10.717",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-435xx/CVE-2023-43509.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43509",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-10-25T18:17:32.050",
"lastModified": "2023-11-01T16:21:04.657",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-11T18:35:11.500",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-455xx/CVE-2023-45554.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45554",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-25T18:17:33.257",
"lastModified": "2023-10-27T21:55:06.353",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-11T19:35:06.647",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-434"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-460xx/CVE-2023-46003.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-46003",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-21T01:15:08.093",
"lastModified": "2023-11-07T04:21:50.397",
"lastModified": "2024-09-11T19:35:07.547",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-460xx/CVE-2023-46010.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46010",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-25T18:17:35.657",
"lastModified": "2023-11-01T17:22:21.600",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-11T19:35:08.363",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-463xx/CVE-2023-46369.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46369",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-25T18:17:37.790",
"lastModified": "2023-11-01T20:03:48.360",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-11T18:35:12.640",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

70
CVE-2023/CVE-2023-489xx/CVE-2023-48957.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48957",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-25T17:15:03.553",
"lastModified": "2024-08-26T12:47:20.187",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-11T18:07:49.180",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,75 @@
"value": "El cliente PureVPN Linux 2.0.2-Productions no maneja adecuadamente las consultas DNS, lo que les permite omitir el t\u00fanel VPN y enviarse directamente al ISP o a los servidores DNS predeterminados."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:purevpn:purevpn:2.0.2:*:*:*:*:linux:*:*",
"matchCriteriaId": "7D6E5CC1-C133-4168-89D3-C6907F279ED6"
}
]
}
]
}
],
"references": [
{
"url": "https://latesthackingnews.com/2023/11/13/multiple-vulnerabilities-found-in-purevpn-one-remains-unpatched/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.rafaybaloch.com/2023/11/Multiple%20Critical-Vulnerabilities-in-PureVPN.html?m=1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

34
CVE-2023/CVE-2023-57xx/CVE-2023-5724.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5724",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-10-25T18:17:44.113",
"lastModified": "2023-11-02T20:17:36.167",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-11T19:35:09.810",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-57xx/CVE-2023-5728.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5728",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-10-25T18:17:44.310",
"lastModified": "2023-11-02T20:12:56.233",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-11T19:35:10.813",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

70
CVE-2024/CVE-2024-398xx/CVE-2024-39817.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39817",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-08-06T05:15:41.087",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-11T19:36:18.050",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,75 @@
"value": "Existe un problema de inserci\u00f3n de informaci\u00f3n confidencial en los datos enviados en Cybozu Office 10.0.0 a 10.8.6, lo que puede permitir que un usuario que puede iniciar sesi\u00f3n en el producto vea datos a los que el usuario no tiene acceso realizando una \"b\u00fasqueda\" bajo ciertas condiciones en Aplicaci\u00f3n personalizada."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cybozu:office:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0.0",
"versionEndExcluding": "10.8.7",
"matchCriteriaId": "CF84F6B3-FC38-411E-BFB7-046737172C24"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN29845579/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://kb.cybozu.support/?product=office&v=&fv=10.8.7&t=%E8%84%86%E5%BC%B1%E6%80%A7&s=",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

96
CVE-2024/CVE-2024-420xx/CVE-2024-42034.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42034",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-08-08T10:15:07.223",
"lastModified": "2024-08-08T13:04:18.753",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-11T18:55:25.710",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -51,10 +81,70 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32FBF39A-164F-4F98-AB49-28C50A430C36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01447F1-7F58-4AE3-B403-C01B2575D898"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2401DE15-9DBF-4645-A261-8C24D57C6342"
}
]
}
]
}
],
"references": [
{
"url": "https://https://consumer.huawei.com/en/support/bulletin/2024/8/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Broken Link"
]
}
]
}

66
CVE-2024/CVE-2024-420xx/CVE-2024-42035.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42035",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-08-08T10:15:07.637",
"lastModified": "2024-08-08T13:04:18.753",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-11T18:52:02.823",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -51,10 +81,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32FBF39A-164F-4F98-AB49-28C50A430C36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2401DE15-9DBF-4645-A261-8C24D57C6342"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/8/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

25
CVE-2024/CVE-2024-427xx/CVE-2024-42760.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-42760",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-11T19:15:14.983",
"lastModified": "2024-09-11T19:15:14.983",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in Ellevo v.6.2.0.38160 allows a remote attacker to obtain sensitive information via the /api/mob/instrucao/conta/destinatarios component."
}
],
"metrics": {},
"references": [
{
"url": "https://csflabs.github.io/cve/2024/09/10/cve-2024-42760-sql-injection-in-ellevo-API.html",
"source": "cve@mitre.org"
},
{
"url": "https://ellevo.com/",
"source": "cve@mitre.org"
}
]
}

57
CVE-2024/CVE-2024-431xx/CVE-2024-43114.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43114",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-08-06T13:15:56.130",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-11T19:11:11.257",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "cve@jetbrains.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
},
{
"source": "cve@jetbrains.com",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.07.1",
"matchCriteriaId": "68722EA9-3239-42A3-9A3E-20CFF2E0209F"
}
]
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
"source": "cve@jetbrains.com",
"tags": [
"Vendor Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-444xx/CVE-2024-44466.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44466",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-11T16:15:06.330",
"lastModified": "2024-09-11T16:26:11.920",
"lastModified": "2024-09-11T18:35:30.960",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter iface."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/CurryRaid/iot_vul/tree/main/comfast",

25
CVE-2024/CVE-2024-445xx/CVE-2024-44541.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-44541",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-11T19:15:15.070",
"lastModified": "2024-09-11T19:15:15.070",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "evilnapsis Inventio Lite Versions v4 and before is vulnerable to SQL Injection via the \"username\" parameter in \"/?action=processlogin.\""
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/evilnapsis/inventio-lite",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/pointedsec/CVE-2024-44541/",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-448xx/CVE-2024-44851.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44851",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-11T16:15:06.380",
"lastModified": "2024-09-11T16:26:11.920",
"lastModified": "2024-09-11T18:35:31.703",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "A stored cross-site scripting (XSS) vulnerability in the Discussion section of Perfex CRM v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/0xashfaq/e44a6dece3be498241aebcfaa046e634",

39
CVE-2024/CVE-2024-57xx/CVE-2024-5760.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-5760",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2024-09-11T16:15:08.020",
"lastModified": "2024-09-11T16:26:11.920",
"lastModified": "2024-09-11T18:35:32.460",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_11159589-11159645-16/hpsbpi03970",

66
CVE-2024/CVE-2024-75xx/CVE-2024-7505.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7505",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-08-06T04:16:47.857",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-11T19:53:44.640",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,56 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rainniar:bike_delivery_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD21579-B575-4D3A-BDEB-B936103B4902"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/CveSecLook/cve/issues/56",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.273648",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.273648",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.385932",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

77
CVE-2024/CVE-2024-75xx/CVE-2024-7584.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7584",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-08-07T17:15:52.730",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-11T19:25:04.143",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,67 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:i22_firmware:1.0.0.3\\(4687\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5F879BB6-4F6E-4E81-A24A-3037DBD1A5B2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:i22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52D94207-DFC8-478C-BA6B-F0A64BBB3E67"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/BeaCox/IoT_vuln/tree/main/tenda/i22/ApPortalPhoneAuth",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.273864",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.273864",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.382836",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

77
CVE-2024/CVE-2024-75xx/CVE-2024-7585.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7585",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-08-07T17:15:53.017",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-11T19:32:34.007",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,67 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:i22_firmware:1.0.0.3\\(4687\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5F879BB6-4F6E-4E81-A24A-3037DBD1A5B2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:i22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52D94207-DFC8-478C-BA6B-F0A64BBB3E67"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/BeaCox/IoT_vuln/tree/main/tenda/i22/ApPortalWebAuth",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.273865",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.273865",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.382837",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

59
CVE-2024/CVE-2024-80xx/CVE-2024-8011.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8011",
"sourceIdentifier": "cve-coordination@logitech.com",
"published": "2024-08-25T12:15:03.940",
"lastModified": "2024-08-26T12:47:20.187",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-11T18:15:02.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,9 +59,41 @@
"baseSeverity": "LOW"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "cve-coordination@logitech.com",
"type": "Secondary",
@ -73,10 +105,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:logitech:options\\+:*:*:*:*:*:macos:*:*",
"versionEndExcluding": "1.72",
"matchCriteriaId": "0C180C90-425C-42A7-974A-9938931909B7"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hackerone.com",
"source": "cve-coordination@logitech.com"
"source": "cve-coordination@logitech.com",
"tags": [
"Not Applicable"
]
}
]
}

80
CVE-2024/CVE-2024-81xx/CVE-2024-8147.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8147",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-08-25T09:15:04.243",
"lastModified": "2024-08-26T12:47:20.187",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-11T18:37:20.670",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -109,6 +129,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,26 +150,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pharmacy_management_system_project:pharmacy_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE46D7E-6D10-4440-A61E-1206012679BD"
}
]
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/maqingnan/cve/blob/main/sql2.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.275729",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.275729",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.397418",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

137
CVE-2024/CVE-2024-86xx/CVE-2024-8692.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-8692",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-09-11T19:15:15.410",
"lastModified": "2024-09-11T19:15:15.410",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in TDuckCloud TDuckPro up to 6.3. Affected by this vulnerability is an unknown functionality. The manipulation leads to weak password recovery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 6.9,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-640"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.277165",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.277165",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.401715",
"source": "cna@vuldb.com"
},
{
"url": "https://www.shawroot.cc/2794.html",
"source": "cna@vuldb.com"
}
]
}

88
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-09-11T18:00:17.868597+00:00
2024-09-11T20:00:17.699084+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-09-11T17:52:39.477000+00:00
2024-09-11T19:53:44.640000+00:00
```
### Last Data Feed Release
@ -33,69 +33,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
262587
262590
```
### CVEs added in the last Commit
Recently added CVEs: `52`
Recently added CVEs: `3`
- [CVE-2024-45016](CVE-2024/CVE-2024-450xx/CVE-2024-45016.json) (`2024-09-11T16:15:06.817`)
- [CVE-2024-45017](CVE-2024/CVE-2024-450xx/CVE-2024-45017.json) (`2024-09-11T16:15:06.877`)
- [CVE-2024-45018](CVE-2024/CVE-2024-450xx/CVE-2024-45018.json) (`2024-09-11T16:15:06.933`)
- [CVE-2024-45019](CVE-2024/CVE-2024-450xx/CVE-2024-45019.json) (`2024-09-11T16:15:06.990`)
- [CVE-2024-45020](CVE-2024/CVE-2024-450xx/CVE-2024-45020.json) (`2024-09-11T16:15:07.050`)
- [CVE-2024-45021](CVE-2024/CVE-2024-450xx/CVE-2024-45021.json) (`2024-09-11T16:15:07.103`)
- [CVE-2024-45022](CVE-2024/CVE-2024-450xx/CVE-2024-45022.json) (`2024-09-11T16:15:07.163`)
- [CVE-2024-45023](CVE-2024/CVE-2024-450xx/CVE-2024-45023.json) (`2024-09-11T16:15:07.230`)
- [CVE-2024-45024](CVE-2024/CVE-2024-450xx/CVE-2024-45024.json) (`2024-09-11T16:15:07.290`)
- [CVE-2024-45025](CVE-2024/CVE-2024-450xx/CVE-2024-45025.json) (`2024-09-11T16:15:07.440`)
- [CVE-2024-45026](CVE-2024/CVE-2024-450xx/CVE-2024-45026.json) (`2024-09-11T16:15:07.507`)
- [CVE-2024-45027](CVE-2024/CVE-2024-450xx/CVE-2024-45027.json) (`2024-09-11T16:15:07.570`)
- [CVE-2024-45028](CVE-2024/CVE-2024-450xx/CVE-2024-45028.json) (`2024-09-11T16:15:07.647`)
- [CVE-2024-45029](CVE-2024/CVE-2024-450xx/CVE-2024-45029.json) (`2024-09-11T16:15:07.717`)
- [CVE-2024-45030](CVE-2024/CVE-2024-450xx/CVE-2024-45030.json) (`2024-09-11T16:15:07.770`)
- [CVE-2024-46672](CVE-2024/CVE-2024-466xx/CVE-2024-46672.json) (`2024-09-11T16:15:07.840`)
- [CVE-2024-5760](CVE-2024/CVE-2024-57xx/CVE-2024-5760.json) (`2024-09-11T16:15:08.020`)
- [CVE-2024-7312](CVE-2024/CVE-2024-73xx/CVE-2024-7312.json) (`2024-09-11T16:15:08.080`)
- [CVE-2024-8097](CVE-2024/CVE-2024-80xx/CVE-2024-8097.json) (`2024-09-11T17:15:13.917`)
- [CVE-2024-8686](CVE-2024/CVE-2024-86xx/CVE-2024-8686.json) (`2024-09-11T17:15:14.033`)
- [CVE-2024-8687](CVE-2024/CVE-2024-86xx/CVE-2024-8687.json) (`2024-09-11T17:15:14.157`)
- [CVE-2024-8688](CVE-2024/CVE-2024-86xx/CVE-2024-8688.json) (`2024-09-11T17:15:14.273`)
- [CVE-2024-8689](CVE-2024/CVE-2024-86xx/CVE-2024-8689.json) (`2024-09-11T17:15:14.380`)
- [CVE-2024-8690](CVE-2024/CVE-2024-86xx/CVE-2024-8690.json) (`2024-09-11T17:15:14.487`)
- [CVE-2024-8691](CVE-2024/CVE-2024-86xx/CVE-2024-8691.json) (`2024-09-11T17:15:14.587`)
- [CVE-2024-42760](CVE-2024/CVE-2024-427xx/CVE-2024-42760.json) (`2024-09-11T19:15:14.983`)
- [CVE-2024-44541](CVE-2024/CVE-2024-445xx/CVE-2024-44541.json) (`2024-09-11T19:15:15.070`)
- [CVE-2024-8692](CVE-2024/CVE-2024-86xx/CVE-2024-8692.json) (`2024-09-11T19:15:15.410`)
### CVEs modified in the last Commit
Recently modified CVEs: `184`
Recently modified CVEs: `27`
- [CVE-2024-8191](CVE-2024/CVE-2024-81xx/CVE-2024-8191.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8232](CVE-2024/CVE-2024-82xx/CVE-2024-8232.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8253](CVE-2024/CVE-2024-82xx/CVE-2024-8253.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8277](CVE-2024/CVE-2024-82xx/CVE-2024-8277.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8306](CVE-2024/CVE-2024-83xx/CVE-2024-8306.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8317](CVE-2024/CVE-2024-83xx/CVE-2024-8317.json) (`2024-09-11T17:46:03.753`)
- [CVE-2024-8320](CVE-2024/CVE-2024-83xx/CVE-2024-8320.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8321](CVE-2024/CVE-2024-83xx/CVE-2024-8321.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8322](CVE-2024/CVE-2024-83xx/CVE-2024-8322.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8363](CVE-2024/CVE-2024-83xx/CVE-2024-8363.json) (`2024-09-11T16:35:05.653`)
- [CVE-2024-8394](CVE-2024/CVE-2024-83xx/CVE-2024-8394.json) (`2024-09-11T16:25:44.833`)
- [CVE-2024-8427](CVE-2024/CVE-2024-84xx/CVE-2024-8427.json) (`2024-09-11T17:41:18.733`)
- [CVE-2024-8440](CVE-2024/CVE-2024-84xx/CVE-2024-8440.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8441](CVE-2024/CVE-2024-84xx/CVE-2024-8441.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8503](CVE-2024/CVE-2024-85xx/CVE-2024-8503.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8504](CVE-2024/CVE-2024-85xx/CVE-2024-8504.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8570](CVE-2024/CVE-2024-85xx/CVE-2024-8570.json) (`2024-09-11T16:07:35.400`)
- [CVE-2024-8571](CVE-2024/CVE-2024-85xx/CVE-2024-8571.json) (`2024-09-11T16:05:34.220`)
- [CVE-2024-8636](CVE-2024/CVE-2024-86xx/CVE-2024-8636.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8637](CVE-2024/CVE-2024-86xx/CVE-2024-8637.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8638](CVE-2024/CVE-2024-86xx/CVE-2024-8638.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8639](CVE-2024/CVE-2024-86xx/CVE-2024-8639.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8642](CVE-2024/CVE-2024-86xx/CVE-2024-8642.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8646](CVE-2024/CVE-2024-86xx/CVE-2024-8646.json) (`2024-09-11T16:26:11.920`)
- [CVE-2024-8655](CVE-2024/CVE-2024-86xx/CVE-2024-8655.json) (`2024-09-11T16:26:11.920`)
- [CVE-2023-39732](CVE-2023/CVE-2023-397xx/CVE-2023-39732.json) (`2024-09-11T19:35:03.440`)
- [CVE-2023-39733](CVE-2023/CVE-2023-397xx/CVE-2023-39733.json) (`2024-09-11T19:35:04.137`)
- [CVE-2023-39734](CVE-2023/CVE-2023-397xx/CVE-2023-39734.json) (`2024-09-11T19:35:04.820`)
- [CVE-2023-39740](CVE-2023/CVE-2023-397xx/CVE-2023-39740.json) (`2024-09-11T19:35:05.497`)
- [CVE-2023-43506](CVE-2023/CVE-2023-435xx/CVE-2023-43506.json) (`2024-09-11T18:35:10.717`)
- [CVE-2023-43509](CVE-2023/CVE-2023-435xx/CVE-2023-43509.json) (`2024-09-11T18:35:11.500`)
- [CVE-2023-45554](CVE-2023/CVE-2023-455xx/CVE-2023-45554.json) (`2024-09-11T19:35:06.647`)
- [CVE-2023-46003](CVE-2023/CVE-2023-460xx/CVE-2023-46003.json) (`2024-09-11T19:35:07.547`)
- [CVE-2023-46010](CVE-2023/CVE-2023-460xx/CVE-2023-46010.json) (`2024-09-11T19:35:08.363`)
- [CVE-2023-46369](CVE-2023/CVE-2023-463xx/CVE-2023-46369.json) (`2024-09-11T18:35:12.640`)
- [CVE-2023-48957](CVE-2023/CVE-2023-489xx/CVE-2023-48957.json) (`2024-09-11T18:07:49.180`)
- [CVE-2023-5724](CVE-2023/CVE-2023-57xx/CVE-2023-5724.json) (`2024-09-11T19:35:09.810`)
- [CVE-2023-5728](CVE-2023/CVE-2023-57xx/CVE-2023-5728.json) (`2024-09-11T19:35:10.813`)
- [CVE-2024-39817](CVE-2024/CVE-2024-398xx/CVE-2024-39817.json) (`2024-09-11T19:36:18.050`)
- [CVE-2024-42034](CVE-2024/CVE-2024-420xx/CVE-2024-42034.json) (`2024-09-11T18:55:25.710`)
- [CVE-2024-42035](CVE-2024/CVE-2024-420xx/CVE-2024-42035.json) (`2024-09-11T18:52:02.823`)
- [CVE-2024-43114](CVE-2024/CVE-2024-431xx/CVE-2024-43114.json) (`2024-09-11T19:11:11.257`)
- [CVE-2024-44466](CVE-2024/CVE-2024-444xx/CVE-2024-44466.json) (`2024-09-11T18:35:30.960`)
- [CVE-2024-44851](CVE-2024/CVE-2024-448xx/CVE-2024-44851.json) (`2024-09-11T18:35:31.703`)
- [CVE-2024-5760](CVE-2024/CVE-2024-57xx/CVE-2024-5760.json) (`2024-09-11T18:35:32.460`)
- [CVE-2024-7505](CVE-2024/CVE-2024-75xx/CVE-2024-7505.json) (`2024-09-11T19:53:44.640`)
- [CVE-2024-7584](CVE-2024/CVE-2024-75xx/CVE-2024-7584.json) (`2024-09-11T19:25:04.143`)
- [CVE-2024-7585](CVE-2024/CVE-2024-75xx/CVE-2024-7585.json) (`2024-09-11T19:32:34.007`)
- [CVE-2024-8011](CVE-2024/CVE-2024-80xx/CVE-2024-8011.json) (`2024-09-11T18:15:02.023`)
- [CVE-2024-8147](CVE-2024/CVE-2024-81xx/CVE-2024-8147.json) (`2024-09-11T18:37:20.670`)
## Download and Usage

523
_state.csv
View File

File diff suppressed because it is too large Load Diff