admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-30 10:10:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-10-29T23:00:20.594858+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-10-29 23:03:21 +00:00
parent 4fe20b5371
commit dccce5b8b5
78 changed files with 3301 additions and 269 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
CVE-2022/CVE-2022-202xx/CVE-2022-20264.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-20264",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:47.557",
"lastModified": "2023-11-07T00:40:27.640",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-29T21:35:00.823",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-203"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-233xx/CVE-2022-23397.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23397",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-03-04T15:15:09.227",
"lastModified": "2024-08-03T04:16:07.160",
"lastModified": "2024-10-29T21:35:01.833",
"vulnStatus": "Modified",
"cveTags": [
{
@ -43,6 +43,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV2": [
@ -81,6 +101,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

56
CVE-2024/CVE-2024-102xx/CVE-2024-10228.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-10228",
"sourceIdentifier": "security@hashicorp.com",
"published": "2024-10-29T22:15:03.220",
"lastModified": "2024-10-29T22:15:03.220",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Vagrant VMWare Utility Windows installer targeted a custom location with a non-protected path that could be modified by an unprivileged user, introducing potential for unauthorized file system writes. This vulnerability, CVE-2024-10228, was fixed in Vagrant VMWare Utility 1.0.23"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@hashicorp.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.0,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@hashicorp.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"references": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2024-25-vagrant-vmware-utility-installation-files-vulnerable-to-modification-by-unprivileged-user",
"source": "security@hashicorp.com"
}
]
}

37
CVE-2024/CVE-2024-104xx/CVE-2024-10487.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-10487",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-10-29T22:15:03.430",
"lastModified": "2024-10-29T22:15:03.430",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out of bounds write in Dawn in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)"
}
],
"metrics": {},
"weaknesses": [
{
"source": "chrome-cve-admin@google.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_29.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://issues.chromium.org/issues/375123371",
"source": "chrome-cve-admin@google.com"
}
]
}

37
CVE-2024/CVE-2024-104xx/CVE-2024-10488.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-10488",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-10-29T22:15:03.523",
"lastModified": "2024-10-29T22:15:03.523",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use after free in WebRTC in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"weaknesses": [
{
"source": "chrome-cve-admin@google.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_29.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://issues.chromium.org/issues/374310077",
"source": "chrome-cve-admin@google.com"
}
]
}

27
CVE-2024/CVE-2024-200xx/CVE-2024-20030.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-20030",
"sourceIdentifier": "security@mediatek.com",
"published": "2024-03-04T03:15:07.500",
"lastModified": "2024-03-04T13:58:23.447",
"lastModified": "2024-10-29T21:35:02.733",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En da, existe una posible divulgaci\u00f3n de informaci\u00f3n debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08541632; ID del problema: ALPS08541741."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/March-2024",

27
CVE-2024/CVE-2024-200xx/CVE-2024-20052.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-20052",
"sourceIdentifier": "security@mediatek.com",
"published": "2024-04-01T03:15:08.490",
"lastModified": "2024-04-01T12:49:00.877",
"lastModified": "2024-10-29T21:35:02.937",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En flashc, existe una posible divulgaci\u00f3n de informaci\u00f3n debido a una excepci\u00f3n no detectada. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08541757; ID del problema: ALPS08541761."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/April-2024",

18
CVE-2024/CVE-2024-200xx/CVE-2024-20071.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-20071",
"sourceIdentifier": "security@mediatek.com",
"published": "2024-06-03T02:15:09.220",
"lastModified": "2024-07-03T01:45:58.913",
"lastModified": "2024-10-29T21:35:03.130",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -22,20 +22,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},

39
CVE-2024/CVE-2024-255xx/CVE-2024-25551.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-25551",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-03T08:15:08.223",
"lastModified": "2024-03-04T13:58:23.447",
"lastModified": "2024-10-29T21:35:03.357",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) en el c\u00f3digo fuente Simple Student Attendance System v1.0 permite a los atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de una solicitud GET manipulada a la URL de la aplicaci\u00f3n web."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://medium.com/%40jose.inaciot/my-first-cve-cve-2024-25551-f91787c05ae9",

14
CVE-2024/CVE-2024-256xx/CVE-2024-25614.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-25614",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-03-05T21:15:08.473",
"lastModified": "2024-03-06T15:18:08.093",
"lastModified": "2024-10-29T21:35:04.137",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt",

39
CVE-2024/CVE-2024-257xx/CVE-2024-25768.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-25768",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-26T18:15:07.757",
"lastModified": "2024-02-26T22:10:40.463",
"lastModified": "2024-10-29T21:35:04.857",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "OpenDMARC 1.4.2 contiene una vulnerabilidad de desreferencia de puntero nulo en /OpenDMARC/libopendmarc/opendmarc_policy.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://github.com/LuMingYinDetect/OpenDMARC_defects/blob/main/OpenDMARC_detect_1.md",

14
CVE-2024/CVE-2024-301xx/CVE-2024-30132.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-30132",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-10-01T12:15:03.687",
"lastModified": "2024-10-04T13:51:25.567",
"lastModified": "2024-10-29T21:35:05.643",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0116298",

34
CVE-2024/CVE-2024-318xx/CVE-2024-31842.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31842",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T20:15:08.090",
"lastModified": "2024-09-13T14:05:23.367",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-29T21:35:06.340",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [

14
CVE-2024/CVE-2024-319xx/CVE-2024-31958.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31958",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-07T17:15:50.353",
"lastModified": "2024-06-07T19:24:09.243",
"lastModified": "2024-10-29T21:35:07.203",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-354"
}
]
}
],
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",

39
CVE-2024/CVE-2024-336xx/CVE-2024-33665.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-33665",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-26T01:15:46.100",
"lastModified": "2024-08-02T03:15:30.310",
"lastModified": "2024-10-29T21:35:08.080",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
@ -22,7 +22,42 @@
"value": "angular-translate hasta 2.19.1 permite XSS a trav\u00e9s de una clave manipulada que utiliza la directiva de traducci\u00f3n. NOTA: el proveedor indica que no existe documentaci\u00f3n que indique que una clave deba ser segura contra ataques XSS."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "http://docs.herodevs.com/docs/2024-Angular-Translate-XSS",

34
CVE-2024/CVE-2024-408xx/CVE-2024-40810.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40810",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-24T17:15:16.263",
"lastModified": "2024-10-29T15:21:56.947",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-29T21:35:09.467",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-408xx/CVE-2024-40813.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40813",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:13.397",
"lastModified": "2024-08-15T16:15:52.613",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-29T21:35:10.313",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-408xx/CVE-2024-40832.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40832",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:14.257",
"lastModified": "2024-08-23T14:52:21.567",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-29T21:35:11.120",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-412xx/CVE-2024-41254.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41254",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-31T21:15:17.940",
"lastModified": "2024-08-15T13:15:29.170",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-29T21:35:11.897",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-347"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-415xx/CVE-2024-41519.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-41519",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-02T17:16:39.063",
"lastModified": "2024-09-03T20:15:07.887",
"lastModified": "2024-10-29T21:35:12.703",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

39
CVE-2024/CVE-2024-440xx/CVE-2024-44069.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44069",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-19T02:15:04.437",
"lastModified": "2024-08-19T12:59:59.177",
"lastModified": "2024-10-29T21:35:13.500",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
@ -22,7 +22,42 @@
"value": "Pi-hole anterior a 6 permite llamadas admin/api.php?setTempUnit= no autenticadas para cambiar las unidades de temperatura del panel web. NOTA: seg\u00fan se informa, el proveedor \"no considera el error como un problema de seguridad\", pero la motivaci\u00f3n espec\u00edfica para permitir que personas arbitrarias cambien el valor (Celsius, Fahrenheit o Kelvin), visto por el propietario del dispositivo, no est\u00e1 clara."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://github.com/pi-hole/web/pull/3077",

25
CVE-2024/CVE-2024-440xx/CVE-2024-44080.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-44080",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-29T22:15:03.633",
"lastModified": "2024-10-29T22:15:03.633",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Jitsi Meet before 2.0.9779, the functionality to share an image using giphy was implemented in an insecure way, resulting in clients loading GIFs from any arbitrary URL if a message from another participant contains a URL encoded in the expected format."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/jitsi/jitsi-meet/compare/jitsi-meet_9672...jitsi-meet_9673",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/jitsi/security-advisories/blob/master/advisories/JSA-2024-0002.md",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-440xx/CVE-2024-44081.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-44081",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-29T22:15:03.730",
"lastModified": "2024-10-29T22:15:03.730",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Jitsi Meet before 2.0.9779, the functionality to share a video file was implemented in an insecure way, resulting in clients loading videos from an arbitrary URL if a message from another participant contains a URL encoded in the expected format."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/jitsi/jitsi-meet/compare/jitsi-meet_9672...jitsi-meet_9673",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/jitsi/security-advisories/blob/master/advisories/JSA-2024-0003.md",
"source": "cve@mitre.org"
}
]
}

34
CVE-2024/CVE-2024-441xx/CVE-2024-44144.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44144",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:05.397",
"lastModified": "2024-10-29T17:34:55.923",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-29T21:35:14.290",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

24
CVE-2024/CVE-2024-442xx/CVE-2024-44206.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44206",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-24T17:15:16.620",
"lastModified": "2024-10-29T15:31:02.493",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-29T21:35:15.080",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},

41
CVE-2024/CVE-2024-442xx/CVE-2024-44236.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44236",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:06.520",
"lastModified": "2024-10-29T14:34:50.257",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-29T21:35:15.290",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,42 @@
"value": "Se solucion\u00f3 un problema de acceso fuera de los l\u00edmites con una comprobaci\u00f3n de los l\u00edmites mejorada. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. El procesamiento de un archivo manipulado con fines malintencionados puede provocar la finalizaci\u00f3n inesperada de la aplicaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121568",

39
CVE-2024/CVE-2024-442xx/CVE-2024-44237.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44237",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T22:15:03.037",
"lastModified": "2024-10-29T14:34:04.427",
"lastModified": "2024-10-29T21:35:16.563",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se solucion\u00f3 un problema de acceso fuera de los l\u00edmites con una comprobaci\u00f3n de los l\u00edmites mejorada. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. El procesamiento de un archivo manipulado con fines malintencionados puede provocar la finalizaci\u00f3n inesperada de la aplicaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121568",

27
CVE-2024/CVE-2024-442xx/CVE-2024-44260.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44260",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T22:15:03.313",
"lastModified": "2024-10-29T14:34:04.427",
"lastModified": "2024-10-29T21:35:17.343",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Este problema se solucion\u00f3 eliminando el c\u00f3digo vulnerable. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Una aplicaci\u00f3n maliciosa con privilegios de superusuario puede modificar el contenido de los archivos del sistema."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://support.apple.com/en-us/121568",

29
CVE-2024/CVE-2024-442xx/CVE-2024-44261.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44261",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:07.220",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-29T21:35:17.520",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "Este problema se solucion\u00f3 restringiendo las opciones ofrecidas en un dispositivo bloqueado. Este problema se solucion\u00f3 en iOS 17.7.1 y iPadOS 17.7.1, iOS 18.1 y iPadOS 18.1. Un atacante podr\u00eda ver contenido restringido desde la pantalla de bloqueo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://support.apple.com/en-us/121563",

29
CVE-2024/CVE-2024-442xx/CVE-2024-44277.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44277",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:07.950",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-29T21:35:17.737",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "El problema se solucion\u00f3 con una gesti\u00f3n de memoria mejorada. Este problema se solucion\u00f3 en iOS 18.1 y iPadOS 18.1, visionOS 2.1 y tvOS 18.1. Es posible que una aplicaci\u00f3n pueda provocar la finalizaci\u00f3n inesperada del sistema o da\u00f1ar la memoria del n\u00facleo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://support.apple.com/en-us/121563",

41
CVE-2024/CVE-2024-442xx/CVE-2024-44282.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44282",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:08.340",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-29T21:35:17.953",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,42 @@
"value": "Se solucion\u00f3 un problema de lectura fuera de los l\u00edmites con una validaci\u00f3n de entrada mejorada. Este problema se solucion\u00f3 en tvOS 18.1, iOS 18.1 y iPadOS 18.1, iOS 17.7.1 y iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1 y visionOS 2.1. El an\u00e1lisis de un archivo puede provocar la divulgaci\u00f3n de informaci\u00f3n del usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121563",

39
CVE-2024/CVE-2024-442xx/CVE-2024-44283.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44283",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T22:15:03.380",
"lastModified": "2024-10-29T14:34:04.427",
"lastModified": "2024-10-29T21:35:19.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se solucion\u00f3 un problema de lectura fuera de los l\u00edmites con una comprobaci\u00f3n de los l\u00edmites mejorada. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. El an\u00e1lisis de un archivo manipulado con fines malintencionados puede provocar la finalizaci\u00f3n inesperada de la aplicaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121568",

41
CVE-2024/CVE-2024-442xx/CVE-2024-44284.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44284",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:08.450",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-29T21:35:20.070",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,42 @@
"value": "Se solucion\u00f3 un problema de escritura fuera de los l\u00edmites con una validaci\u00f3n de entrada mejorada. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Analizar un archivo manipulado con fines malintencionados puede provocar el cierre inesperado de la aplicaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121568",

24
CVE-2024/CVE-2024-442xx/CVE-2024-44294.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44294",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:08.757",
"lastModified": "2024-10-29T20:24:24.867",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-29T21:35:21.347",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},

27
CVE-2024/CVE-2024-442xx/CVE-2024-44295.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44295",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T22:15:03.453",
"lastModified": "2024-10-29T14:34:04.427",
"lastModified": "2024-10-29T21:35:21.523",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Este problema se solucion\u00f3 con comprobaciones de derechos adicionales. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Es posible que una aplicaci\u00f3n pueda modificar partes protegidas del sistema de archivos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://support.apple.com/en-us/121568",

34
CVE-2024/CVE-2024-451xx/CVE-2024-45182.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45182",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-12T19:15:03.720",
"lastModified": "2024-09-18T20:26:11.023",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-29T21:35:21.720",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-404"
}
]
}
],
"configurations": [

25
CVE-2024/CVE-2024-480xx/CVE-2024-48063.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-48063",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-29T21:15:04.080",
"lastModified": "2024-10-29T21:15:04.080",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/hexian2001/c046c066895a963ecc0a2cf9e1180065",
"source": "cve@mitre.org"
},
{
"url": "https://rumbling-slice-eb0.notion.site/Distributed-RPC-Framework-RemoteModule-has-Deserialization-RCE-in-pytorch-pytorch-111e3cda9e8c8021a7d3cbc61ee1a20c",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-481xx/CVE-2024-48138.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-48138",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-29T22:15:03.810",
"lastModified": "2024-10-29T22:15:03.810",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution (RCE) vulnerability in the component /PluXml/core/admin/parametres_edittpl.php of PluXml v5.8.16 and lower allows attackers to execute arbitrary code via injecting a crafted payload into a template."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/pluxml/PluXml/issues/829",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-482xx/CVE-2024-48206.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-48206",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-29T21:15:04.190",
"lastModified": "2024-10-29T21:15:04.190",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Deserialization of Untrusted Data vulnerability in chainer v7.8.1.post1 leads to execution of arbitrary code."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/hexian2001/51c6257351098e5b086a12ad247cc6ca",
"source": "cve@mitre.org"
},
{
"url": "https://rumbling-slice-eb0.notion.site/chainer-s-chainermn-has-MPI-Deserialization-vulnerability-in-chainer-chainer-c6a004feb53a447e8fb440968d73d6fd?pvs=4",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-484xx/CVE-2024-48448.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48448",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-25T18:15:04.330",
"lastModified": "2024-10-28T13:58:09.230",
"lastModified": "2024-10-29T21:35:22.540",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de carga de archivos arbitrarios en Huly Platform v0.6.295 permite a los atacantes ejecutar c\u00f3digo arbitrario mediante la carga de un archivo HTML manipulado espec\u00edficamente en la p\u00e1gina de comentarios del rastreador."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/b-hermes/vulnerability-research/tree/main/CVE-2024-48448",

39
CVE-2024/CVE-2024-484xx/CVE-2024-48450.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48450",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-25T19:15:04.373",
"lastModified": "2024-10-28T13:58:09.230",
"lastModified": "2024-10-29T21:35:23.350",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de carga de archivos arbitrarios en Huly Platform v0.6.295 permite a los atacantes ejecutar c\u00f3digo arbitrario mediante la carga de un archivo HTML manipulado en un grupo de chat."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://github.com/b-hermes/vulnerability-research/tree/main/CVE-2024-48450",

25
CVE-2024/CVE-2024-484xx/CVE-2024-48461.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-48461",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-29T21:15:04.347",
"lastModified": "2024-10-29T21:15:04.347",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in TeslaLogger Admin Panel before v.1.59.6 allows a remote attacker to execute arbitrary code via the New Journey field."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/bassmaster187/TeslaLogger/blob/65f5ff43c7cacf0391ddc21b90f77a2e8c8d860e/TeslaLogger/bin/changelog.md?plain=1#L4",
"source": "cve@mitre.org"
},
{
"url": "https://mohammedshine.github.io/CVE-2024-48461.html",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-485xx/CVE-2024-48572.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-48572",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-29T22:15:03.913",
"lastModified": "2024-10-29T22:15:03.913",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A User enumeration vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to obtain email addresses via the \"Add a user\" feature. The vulnerability occurs due to insufficiently validated user input being processed as a regular expression, which is then matched against email addresses to find duplicate entries."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/dos-m0nk3y/CVE/tree/main/CVE-2024-48572",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-485xx/CVE-2024-48573.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-48573",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-29T22:15:04.003",
"lastModified": "2024-10-29T22:15:04.003",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NoSQL injection vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to reset user and administrator account passwords via the \"Reset password\" feature."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/dos-m0nk3y/CVE/tree/main/CVE-2024-48573",
"source": "cve@mitre.org"
}
]
}

56
CVE-2024/CVE-2024-504xx/CVE-2024-50421.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50421",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-29T22:15:04.083",
"lastModified": "2024-10-29T22:15:04.083",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in WP Overnight WooCommerce PDF Invoices & Packing Slips allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce PDF Invoices & Packing Slips: from n/a through 3.8.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woocommerce-pdf-invoices-packing-slips/wordpress-pdf-invoices-packing-slips-for-woocommerce-plugin-3-8-6-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-504xx/CVE-2024-50422.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50422",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-29T22:15:04.290",
"lastModified": "2024-10-29T22:15:04.290",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Cloudways Breeze allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze: from n/a through 2.1.14."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/breeze/wordpress-breeze-plugin-2-1-14-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-504xx/CVE-2024-50423.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50423",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-29T22:15:04.500",
"lastModified": "2024-10-29T22:15:04.500",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Templately allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Templately: from n/a through 3.1.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/templately/wordpress-templately-plugin-3-1-5-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-504xx/CVE-2024-50424.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50424",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-29T22:15:04.703",
"lastModified": "2024-10-29T22:15:04.703",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Templately allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Templately: from n/a through 3.1.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/templately/wordpress-templately-plugin-3-1-5-broken-access-control-vulnerability-2?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-504xx/CVE-2024-50425.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50425",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-29T22:15:04.917",
"lastModified": "2024-10-29T22:15:04.917",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Veribo, Roland Murg WP Booking System.This issue affects WP Booking System: from n/a through 2.0.19.10."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-497"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-booking-system/wordpress-wp-booking-system-plugin-2-0-19-10-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-504xx/CVE-2024-50428.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50428",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-29T22:15:05.133",
"lastModified": "2024-10-29T22:15:05.133",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Mondula GmbH Multi Step Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Multi Step Form: from n/a through 1.7.21."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/multi-step-form/wordpress-multi-step-form-plugin-1-7-21-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-504xx/CVE-2024-50454.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50454",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-29T22:15:05.350",
"lastModified": "2024-10-29T22:15:05.350",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in The SEO Guys at SEOPress SEOPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through 8.1.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-seopress/wordpress-seopress-plugin-8-1-1-unauthenticated-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-504xx/CVE-2024-50455.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50455",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-29T21:15:04.440",
"lastModified": "2024-10-29T21:15:04.440",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in The SEO Guys at SEOPress SEOPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through 8.1.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-seopress/wordpress-seopress-plugin-8-1-1-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-504xx/CVE-2024-50456.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50456",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-29T21:15:04.673",
"lastModified": "2024-10-29T21:15:04.673",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in The SEO Guys at SEOPress SEOPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through 8.1.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-seopress/wordpress-seopress-plugin-8-1-1-broken-access-control-vulnerability-2?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

14
CVE-2024/CVE-2024-61xx/CVE-2024-6149.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6149",
"sourceIdentifier": "secure@citrix.com",
"published": "2024-07-10T21:15:10.830",
"lastModified": "2024-07-11T13:05:54.930",
"lastModified": "2024-10-29T21:35:24.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -61,6 +61,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://support.citrix.com/article/CTX678037",

56
CVE-2024/CVE-2024-79xx/CVE-2024-7991.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-7991",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:05.560",
"lastModified": "2024-10-29T22:15:05.560",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0021",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-79xx/CVE-2024-7992.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-7992",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:05.760",
"lastModified": "2024-10-29T22:15:05.760",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0021",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-85xx/CVE-2024-8587.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-8587",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T21:15:04.990",
"lastModified": "2024-10-29T21:15:04.990",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-85xx/CVE-2024-8588.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-8588",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:05.950",
"lastModified": "2024-10-29T22:15:05.950",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-85xx/CVE-2024-8589.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-8589",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:06.133",
"lastModified": "2024-10-29T22:15:06.133",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-85xx/CVE-2024-8590.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-8590",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:06.340",
"lastModified": "2024-10-29T22:15:06.340",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-85xx/CVE-2024-8591.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-8591",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:06.537",
"lastModified": "2024-10-29T22:15:06.537",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted 3DM file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Heap-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-85xx/CVE-2024-8592.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-8592",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:06.713",
"lastModified": "2024-10-29T22:15:06.713",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted CATPART file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0020",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-85xx/CVE-2024-8593.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-8593",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:06.907",
"lastModified": "2024-10-29T22:15:06.907",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted CATPART file when parsed in ASMKERN230A.dll through Autodesk AutoCAD can force a Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-85xx/CVE-2024-8594.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-8594",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:07.103",
"lastModified": "2024-10-29T22:15:07.103",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-85xx/CVE-2024-8595.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-8595",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:07.300",
"lastModified": "2024-10-29T22:15:07.300",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-85xx/CVE-2024-8596.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-8596",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:07.510",
"lastModified": "2024-10-29T22:15:07.510",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force an Out-of-Bound Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-85xx/CVE-2024-8597.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-8597",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:07.703",
"lastModified": "2024-10-29T22:15:07.703",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted STP file when parsed in ASMDATAX230A.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-85xx/CVE-2024-8598.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-8598",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:07.917",
"lastModified": "2024-10-29T22:15:07.917",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-85xx/CVE-2024-8599.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-8599",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:08.130",
"lastModified": "2024-10-29T22:15:08.130",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-86xx/CVE-2024-8600.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-8600",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:08.330",
"lastModified": "2024-10-29T22:15:08.330",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-88xx/CVE-2024-8896.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-8896",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:08.513",
"lastModified": "2024-10-29T22:15:08.513",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted DXF file when parsed in acdb25.dll\u00a0through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-94xx/CVE-2024-9489.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-9489",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:08.703",
"lastModified": "2024-10-29T22:15:08.703",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-98xx/CVE-2024-9826.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-9826",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:08.900",
"lastModified": "2024-10-29T22:15:08.900",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-98xx/CVE-2024-9827.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-9827",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:09.100",
"lastModified": "2024-10-29T22:15:09.100",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted CATPART file when parsed in CC5Dll.dll through Autodesk AutoCAD can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-99xx/CVE-2024-9996.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-9996",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:09.287",
"lastModified": "2024-10-29T22:15:09.287",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021",
"source": "psirt@autodesk.com"
}
]
}

56
CVE-2024/CVE-2024-99xx/CVE-2024-9997.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-9997",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:09.490",
"lastModified": "2024-10-29T22:15:09.490",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@autodesk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021",
"source": "psirt@autodesk.com"
}
]
}

85
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-10-29T21:00:19.713996+00:00
2024-10-29T23:00:20.594858+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-10-29T20:59:57.227000+00:00
2024-10-29T22:15:09.490000+00:00
```
### Last Data Feed Release
@ -33,44 +33,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
267560
267602
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `42`
- [CVE-2024-50454](CVE-2024/CVE-2024-504xx/CVE-2024-50454.json) (`2024-10-29T22:15:05.350`)
- [CVE-2024-50455](CVE-2024/CVE-2024-504xx/CVE-2024-50455.json) (`2024-10-29T21:15:04.440`)
- [CVE-2024-50456](CVE-2024/CVE-2024-504xx/CVE-2024-50456.json) (`2024-10-29T21:15:04.673`)
- [CVE-2024-7991](CVE-2024/CVE-2024-79xx/CVE-2024-7991.json) (`2024-10-29T22:15:05.560`)
- [CVE-2024-7992](CVE-2024/CVE-2024-79xx/CVE-2024-7992.json) (`2024-10-29T22:15:05.760`)
- [CVE-2024-8587](CVE-2024/CVE-2024-85xx/CVE-2024-8587.json) (`2024-10-29T21:15:04.990`)
- [CVE-2024-8588](CVE-2024/CVE-2024-85xx/CVE-2024-8588.json) (`2024-10-29T22:15:05.950`)
- [CVE-2024-8589](CVE-2024/CVE-2024-85xx/CVE-2024-8589.json) (`2024-10-29T22:15:06.133`)
- [CVE-2024-8590](CVE-2024/CVE-2024-85xx/CVE-2024-8590.json) (`2024-10-29T22:15:06.340`)
- [CVE-2024-8591](CVE-2024/CVE-2024-85xx/CVE-2024-8591.json) (`2024-10-29T22:15:06.537`)
- [CVE-2024-8592](CVE-2024/CVE-2024-85xx/CVE-2024-8592.json) (`2024-10-29T22:15:06.713`)
- [CVE-2024-8593](CVE-2024/CVE-2024-85xx/CVE-2024-8593.json) (`2024-10-29T22:15:06.907`)
- [CVE-2024-8594](CVE-2024/CVE-2024-85xx/CVE-2024-8594.json) (`2024-10-29T22:15:07.103`)
- [CVE-2024-8595](CVE-2024/CVE-2024-85xx/CVE-2024-8595.json) (`2024-10-29T22:15:07.300`)
- [CVE-2024-8596](CVE-2024/CVE-2024-85xx/CVE-2024-8596.json) (`2024-10-29T22:15:07.510`)
- [CVE-2024-8597](CVE-2024/CVE-2024-85xx/CVE-2024-8597.json) (`2024-10-29T22:15:07.703`)
- [CVE-2024-8598](CVE-2024/CVE-2024-85xx/CVE-2024-8598.json) (`2024-10-29T22:15:07.917`)
- [CVE-2024-8599](CVE-2024/CVE-2024-85xx/CVE-2024-8599.json) (`2024-10-29T22:15:08.130`)
- [CVE-2024-8600](CVE-2024/CVE-2024-86xx/CVE-2024-8600.json) (`2024-10-29T22:15:08.330`)
- [CVE-2024-8896](CVE-2024/CVE-2024-88xx/CVE-2024-8896.json) (`2024-10-29T22:15:08.513`)
- [CVE-2024-9489](CVE-2024/CVE-2024-94xx/CVE-2024-9489.json) (`2024-10-29T22:15:08.703`)
- [CVE-2024-9826](CVE-2024/CVE-2024-98xx/CVE-2024-9826.json) (`2024-10-29T22:15:08.900`)
- [CVE-2024-9827](CVE-2024/CVE-2024-98xx/CVE-2024-9827.json) (`2024-10-29T22:15:09.100`)
- [CVE-2024-9996](CVE-2024/CVE-2024-99xx/CVE-2024-9996.json) (`2024-10-29T22:15:09.287`)
- [CVE-2024-9997](CVE-2024/CVE-2024-99xx/CVE-2024-9997.json) (`2024-10-29T22:15:09.490`)
### CVEs modified in the last Commit
Recently modified CVEs: `132`
Recently modified CVEs: `34`
- [CVE-2024-48655](CVE-2024/CVE-2024-486xx/CVE-2024-48655.json) (`2024-10-29T20:35:33.500`)
- [CVE-2024-48700](CVE-2024/CVE-2024-487xx/CVE-2024-48700.json) (`2024-10-29T19:35:24.643`)
- [CVE-2024-48743](CVE-2024/CVE-2024-487xx/CVE-2024-48743.json) (`2024-10-29T19:35:25.777`)
- [CVE-2024-48825](CVE-2024/CVE-2024-488xx/CVE-2024-48825.json) (`2024-10-29T19:35:26.547`)
- [CVE-2024-48826](CVE-2024/CVE-2024-488xx/CVE-2024-48826.json) (`2024-10-29T19:35:27.303`)
- [CVE-2024-4887](CVE-2024/CVE-2024-48xx/CVE-2024-4887.json) (`2024-10-29T19:52:44.863`)
- [CVE-2024-51075](CVE-2024/CVE-2024-510xx/CVE-2024-51075.json) (`2024-10-29T20:35:35.130`)
- [CVE-2024-51076](CVE-2024/CVE-2024-510xx/CVE-2024-51076.json) (`2024-10-29T20:35:35.890`)
- [CVE-2024-51180](CVE-2024/CVE-2024-511xx/CVE-2024-51180.json) (`2024-10-29T20:35:36.680`)
- [CVE-2024-51181](CVE-2024/CVE-2024-511xx/CVE-2024-51181.json) (`2024-10-29T20:35:37.490`)
- [CVE-2024-51506](CVE-2024/CVE-2024-515xx/CVE-2024-51506.json) (`2024-10-29T19:35:28.723`)
- [CVE-2024-51507](CVE-2024/CVE-2024-515xx/CVE-2024-51507.json) (`2024-10-29T19:35:29.513`)
- [CVE-2024-51508](CVE-2024/CVE-2024-515xx/CVE-2024-51508.json) (`2024-10-29T19:35:30.513`)
- [CVE-2024-51509](CVE-2024/CVE-2024-515xx/CVE-2024-51509.json) (`2024-10-29T19:35:31.290`)
- [CVE-2024-5425](CVE-2024/CVE-2024-54xx/CVE-2024-5425.json) (`2024-10-29T19:49:44.357`)
- [CVE-2024-5607](CVE-2024/CVE-2024-56xx/CVE-2024-5607.json) (`2024-10-29T20:08:50.497`)
- [CVE-2024-6150](CVE-2024/CVE-2024-61xx/CVE-2024-6150.json) (`2024-10-29T19:35:32.787`)
- [CVE-2024-6600](CVE-2024/CVE-2024-66xx/CVE-2024-6600.json) (`2024-10-29T20:35:38.603`)
- [CVE-2024-6614](CVE-2024/CVE-2024-66xx/CVE-2024-6614.json) (`2024-10-29T20:35:39.450`)
- [CVE-2024-6760](CVE-2024/CVE-2024-67xx/CVE-2024-6760.json) (`2024-10-29T20:35:40.280`)
- [CVE-2024-7004](CVE-2024/CVE-2024-70xx/CVE-2024-7004.json) (`2024-10-29T20:35:41.127`)
- [CVE-2024-7208](CVE-2024/CVE-2024-72xx/CVE-2024-7208.json) (`2024-10-29T19:35:33.770`)
- [CVE-2024-7255](CVE-2024/CVE-2024-72xx/CVE-2024-7255.json) (`2024-10-29T20:35:42.023`)
- [CVE-2024-7518](CVE-2024/CVE-2024-75xx/CVE-2024-7518.json) (`2024-10-29T20:35:43.097`)
- [CVE-2024-7978](CVE-2024/CVE-2024-79xx/CVE-2024-7978.json) (`2024-10-29T20:35:44.730`)
- [CVE-2024-31842](CVE-2024/CVE-2024-318xx/CVE-2024-31842.json) (`2024-10-29T21:35:06.340`)
- [CVE-2024-31958](CVE-2024/CVE-2024-319xx/CVE-2024-31958.json) (`2024-10-29T21:35:07.203`)
- [CVE-2024-33665](CVE-2024/CVE-2024-336xx/CVE-2024-33665.json) (`2024-10-29T21:35:08.080`)
- [CVE-2024-40810](CVE-2024/CVE-2024-408xx/CVE-2024-40810.json) (`2024-10-29T21:35:09.467`)
- [CVE-2024-40813](CVE-2024/CVE-2024-408xx/CVE-2024-40813.json) (`2024-10-29T21:35:10.313`)
- [CVE-2024-40832](CVE-2024/CVE-2024-408xx/CVE-2024-40832.json) (`2024-10-29T21:35:11.120`)
- [CVE-2024-41254](CVE-2024/CVE-2024-412xx/CVE-2024-41254.json) (`2024-10-29T21:35:11.897`)
- [CVE-2024-41519](CVE-2024/CVE-2024-415xx/CVE-2024-41519.json) (`2024-10-29T21:35:12.703`)
- [CVE-2024-44069](CVE-2024/CVE-2024-440xx/CVE-2024-44069.json) (`2024-10-29T21:35:13.500`)
- [CVE-2024-44144](CVE-2024/CVE-2024-441xx/CVE-2024-44144.json) (`2024-10-29T21:35:14.290`)
- [CVE-2024-44206](CVE-2024/CVE-2024-442xx/CVE-2024-44206.json) (`2024-10-29T21:35:15.080`)
- [CVE-2024-44236](CVE-2024/CVE-2024-442xx/CVE-2024-44236.json) (`2024-10-29T21:35:15.290`)
- [CVE-2024-44237](CVE-2024/CVE-2024-442xx/CVE-2024-44237.json) (`2024-10-29T21:35:16.563`)
- [CVE-2024-44260](CVE-2024/CVE-2024-442xx/CVE-2024-44260.json) (`2024-10-29T21:35:17.343`)
- [CVE-2024-44261](CVE-2024/CVE-2024-442xx/CVE-2024-44261.json) (`2024-10-29T21:35:17.520`)
- [CVE-2024-44277](CVE-2024/CVE-2024-442xx/CVE-2024-44277.json) (`2024-10-29T21:35:17.737`)
- [CVE-2024-44282](CVE-2024/CVE-2024-442xx/CVE-2024-44282.json) (`2024-10-29T21:35:17.953`)
- [CVE-2024-44283](CVE-2024/CVE-2024-442xx/CVE-2024-44283.json) (`2024-10-29T21:35:19.207`)
- [CVE-2024-44284](CVE-2024/CVE-2024-442xx/CVE-2024-44284.json) (`2024-10-29T21:35:20.070`)
- [CVE-2024-44294](CVE-2024/CVE-2024-442xx/CVE-2024-44294.json) (`2024-10-29T21:35:21.347`)
- [CVE-2024-44295](CVE-2024/CVE-2024-442xx/CVE-2024-44295.json) (`2024-10-29T21:35:21.523`)
- [CVE-2024-45182](CVE-2024/CVE-2024-451xx/CVE-2024-45182.json) (`2024-10-29T21:35:21.720`)
- [CVE-2024-48448](CVE-2024/CVE-2024-484xx/CVE-2024-48448.json) (`2024-10-29T21:35:22.540`)
- [CVE-2024-48450](CVE-2024/CVE-2024-484xx/CVE-2024-48450.json) (`2024-10-29T21:35:23.350`)
- [CVE-2024-6149](CVE-2024/CVE-2024-61xx/CVE-2024-6149.json) (`2024-10-29T21:35:24.997`)
## Download and Usage

372
_state.csv
View File

File diff suppressed because it is too large Load Diff