From e0a4129fb12a4dfe2f285f2badbe1064247e9d9a Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 14 Nov 2024 17:03:51 +0000 Subject: [PATCH] Auto-Update: 2024-11-14T17:00:48.589181+00:00 --- CVE-2021/CVE-2021-412xx/CVE-2021-41277.json | 48 ++--- CVE-2022/CVE-2022-22xx/CVE-2022-2232.json | 72 +++++++ CVE-2023/CVE-2023-474xx/CVE-2023-47430.json | 39 +++- CVE-2024/CVE-2024-102xx/CVE-2024-10265.json | 42 +++- CVE-2024/CVE-2024-109xx/CVE-2024-10921.json | 56 +++++ CVE-2024/CVE-2024-110xx/CVE-2024-11055.json | 82 +++++++- CVE-2024/CVE-2024-110xx/CVE-2024-11056.json | 82 +++++++- CVE-2024/CVE-2024-110xx/CVE-2024-11057.json | 76 ++++++- CVE-2024/CVE-2024-110xx/CVE-2024-11097.json | 79 ++++++- CVE-2024/CVE-2024-111xx/CVE-2024-11136.json | 86 ++++++++ CVE-2024/CVE-2024-111xx/CVE-2024-11165.json | 28 ++- CVE-2024/CVE-2024-111xx/CVE-2024-11193.json | 28 ++- CVE-2024/CVE-2024-112xx/CVE-2024-11210.json | 137 +++++++++++++ CVE-2024/CVE-2024-112xx/CVE-2024-11211.json | 141 +++++++++++++ CVE-2024/CVE-2024-112xx/CVE-2024-11212.json | 145 +++++++++++++ CVE-2024/CVE-2024-112xx/CVE-2024-11213.json | 145 +++++++++++++ CVE-2024/CVE-2024-112xx/CVE-2024-11214.json | 145 +++++++++++++ CVE-2024/CVE-2024-247xx/CVE-2024-24762.json | 45 +++- CVE-2024/CVE-2024-385xx/CVE-2024-38538.json | 8 +- CVE-2024/CVE-2024-385xx/CVE-2024-38540.json | 6 +- CVE-2024/CVE-2024-406xx/CVE-2024-40661.json | 43 +++- CVE-2024/CVE-2024-406xx/CVE-2024-40671.json | 43 +++- CVE-2024/CVE-2024-420xx/CVE-2024-42000.json | 97 ++++++++- CVE-2024/CVE-2024-421xx/CVE-2024-42188.json | 56 +++++ CVE-2024/CVE-2024-422xx/CVE-2024-42291.json | 6 +- CVE-2024/CVE-2024-430xx/CVE-2024-43080.json | 43 +++- CVE-2024/CVE-2024-430xx/CVE-2024-43081.json | 43 +++- CVE-2024/CVE-2024-430xx/CVE-2024-43082.json | 43 +++- CVE-2024/CVE-2024-430xx/CVE-2024-43085.json | 43 +++- CVE-2024/CVE-2024-430xx/CVE-2024-43086.json | 43 +++- CVE-2024/CVE-2024-430xx/CVE-2024-43089.json | 43 +++- CVE-2024/CVE-2024-430xx/CVE-2024-43091.json | 43 +++- CVE-2024/CVE-2024-430xx/CVE-2024-43093.json | 8 +- CVE-2024/CVE-2024-434xx/CVE-2024-43451.json | 197 +++++++++++++++++- CVE-2024/CVE-2024-438xx/CVE-2024-43868.json | 10 +- CVE-2024/CVE-2024-443xx/CVE-2024-44337.json | 27 ++- CVE-2024/CVE-2024-475xx/CVE-2024-47594.json | 51 ++++- CVE-2024/CVE-2024-475xx/CVE-2024-47595.json | 63 +++++- CVE-2024/CVE-2024-485xx/CVE-2024-48510.json | 85 +++++++- CVE-2024/CVE-2024-490xx/CVE-2024-49039.json | 172 +++++++++++++++- CVE-2024/CVE-2024-493xx/CVE-2024-49379.json | 28 ++- CVE-2024/CVE-2024-495xx/CVE-2024-49505.json | 55 ++++- CVE-2024/CVE-2024-500xx/CVE-2024-50036.json | 12 +- CVE-2024/CVE-2024-501xx/CVE-2024-50126.json | 8 +- CVE-2024/CVE-2024-502xx/CVE-2024-50236.json | 167 ++++++++++++++- CVE-2024/CVE-2024-502xx/CVE-2024-50237.json | 167 ++++++++++++++- CVE-2024/CVE-2024-502xx/CVE-2024-50238.json | 102 ++++++++- CVE-2024/CVE-2024-502xx/CVE-2024-50239.json | 107 +++++++++- CVE-2024/CVE-2024-502xx/CVE-2024-50240.json | 107 +++++++++- CVE-2024/CVE-2024-502xx/CVE-2024-50241.json | 97 ++++++++- CVE-2024/CVE-2024-502xx/CVE-2024-50242.json | 91 ++++++++- CVE-2024/CVE-2024-502xx/CVE-2024-50263.json | 95 ++++++++- CVE-2024/CVE-2024-508xx/CVE-2024-50837.json | 21 ++ CVE-2024/CVE-2024-508xx/CVE-2024-50838.json | 21 ++ CVE-2024/CVE-2024-50xx/CVE-2024-5082.json | 28 ++- CVE-2024/CVE-2024-50xx/CVE-2024-5083.json | 28 ++- CVE-2024/CVE-2024-514xx/CVE-2024-51489.json | 50 ++++- CVE-2024/CVE-2024-514xx/CVE-2024-51490.json | 48 ++++- CVE-2024/CVE-2024-520xx/CVE-2024-52032.json | 83 +++++++- CVE-2024/CVE-2024-523xx/CVE-2024-52302.json | 82 ++++++++ CVE-2024/CVE-2024-525xx/CVE-2024-52505.json | 60 ++++++ CVE-2024/CVE-2024-525xx/CVE-2024-52551.json | 43 +++- CVE-2024/CVE-2024-525xx/CVE-2024-52552.json | 43 +++- CVE-2024/CVE-2024-71xx/CVE-2024-7124.json | 86 ++++++++ CVE-2024/CVE-2024-80xx/CVE-2024-8068.json | 24 ++- CVE-2024/CVE-2024-94xx/CVE-2024-9476.json | 28 ++- README.md | 91 ++++----- _state.csv | 216 +++++++++++--------- 68 files changed, 4282 insertions(+), 355 deletions(-) create mode 100644 CVE-2022/CVE-2022-22xx/CVE-2022-2232.json create mode 100644 CVE-2024/CVE-2024-109xx/CVE-2024-10921.json create mode 100644 CVE-2024/CVE-2024-111xx/CVE-2024-11136.json create mode 100644 CVE-2024/CVE-2024-112xx/CVE-2024-11210.json create mode 100644 CVE-2024/CVE-2024-112xx/CVE-2024-11211.json create mode 100644 CVE-2024/CVE-2024-112xx/CVE-2024-11212.json create mode 100644 CVE-2024/CVE-2024-112xx/CVE-2024-11213.json create mode 100644 CVE-2024/CVE-2024-112xx/CVE-2024-11214.json create mode 100644 CVE-2024/CVE-2024-421xx/CVE-2024-42188.json create mode 100644 CVE-2024/CVE-2024-508xx/CVE-2024-50837.json create mode 100644 CVE-2024/CVE-2024-508xx/CVE-2024-50838.json create mode 100644 CVE-2024/CVE-2024-523xx/CVE-2024-52302.json create mode 100644 CVE-2024/CVE-2024-525xx/CVE-2024-52505.json create mode 100644 CVE-2024/CVE-2024-71xx/CVE-2024-7124.json diff --git a/CVE-2021/CVE-2021-412xx/CVE-2021-41277.json b/CVE-2021/CVE-2021-412xx/CVE-2021-41277.json index 0cecc727446..d5b5c6f16ef 100644 --- a/CVE-2021/CVE-2021-412xx/CVE-2021-41277.json +++ b/CVE-2021/CVE-2021-412xx/CVE-2021-41277.json @@ -2,8 +2,8 @@ "id": "CVE-2021-41277", "sourceIdentifier": "security-advisories@github.com", "published": "2021-11-17T20:15:10.587", - "lastModified": "2024-11-13T15:35:02.370", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-14T15:26:17.450", + "vulnStatus": "Analyzed", "cveTags": [], "cisaExploitAdd": "2024-11-12", "cisaActionDue": "2024-12-03", @@ -149,53 +149,53 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:metabase:metabase:0.40.0:-:*:*:*:*:*:*", - "matchCriteriaId": "1549F956-E3E4-4868-B6FB-CA07B2E73F03" + "criteria": "cpe:2.3:a:metabase:metabase:0.40.0:-:*:*:-:*:*:*", + "matchCriteriaId": "AF64F422-9B51-4949-A9B3-459C77B37C8B" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:metabase:metabase:0.40.1:*:*:*:*:*:*:*", - "matchCriteriaId": "E86449C9-BFB0-46A1-936E-00463B7DF91B" + "criteria": "cpe:2.3:a:metabase:metabase:0.40.1:*:*:*:-:*:*:*", + "matchCriteriaId": "3F3694D1-A2D8-4451-B4E2-498EDF5B93C6" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:metabase:metabase:0.40.2:*:*:*:*:*:*:*", - "matchCriteriaId": "CA25627C-2B1B-4F65-A887-43F20883CC5D" + "criteria": "cpe:2.3:a:metabase:metabase:0.40.2:*:*:*:-:*:*:*", + "matchCriteriaId": "7BA0D68D-DF27-4726-A893-8D1BCAA39842" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:metabase:metabase:0.40.3:*:*:*:*:*:*:*", - "matchCriteriaId": "69FEE724-5FF7-4B76-9A1E-32874F4B3DB9" + "criteria": "cpe:2.3:a:metabase:metabase:0.40.3:*:*:*:-:*:*:*", + "matchCriteriaId": "B2C59AA8-0BA6-4EB1-9121-D84C805E6A9C" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:metabase:metabase:0.40.4:*:*:*:*:*:*:*", - "matchCriteriaId": "B1BE1760-C696-4F2E-BD5F-92EB7613E2BB" + "criteria": "cpe:2.3:a:metabase:metabase:0.40.4:*:*:*:-:*:*:*", + "matchCriteriaId": "BB23EBC1-F524-416B-99F6-143B97D64B01" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:metabase:metabase:1.40.0:-:*:*:*:*:*:*", - "matchCriteriaId": "61DD04AC-FEF1-490F-B8C3-4588C49AF891" + "criteria": "cpe:2.3:a:metabase:metabase:1.40.0:-:*:*:enterprise:*:*:*", + "matchCriteriaId": "310FB743-2F8A-415C-AF7B-20BCEF0C464E" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:metabase:metabase:1.40.1:*:*:*:*:*:*:*", - "matchCriteriaId": "A083C7A3-B12B-42A2-9246-99E36477A185" + "criteria": "cpe:2.3:a:metabase:metabase:1.40.1:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "511B7873-4908-4B1B-B55B-DC90A3BBE659" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:metabase:metabase:1.40.2:*:*:*:*:*:*:*", - "matchCriteriaId": "3D3F5567-F5D8-4967-A698-1FECCEF20338" + "criteria": "cpe:2.3:a:metabase:metabase:1.40.2:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "5C9DE222-5F6B-42E3-9B5B-DB9EE05C4FD4" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:metabase:metabase:1.40.3:*:*:*:*:*:*:*", - "matchCriteriaId": "75422374-9799-4EFE-B02C-1ADD694B8106" + "criteria": "cpe:2.3:a:metabase:metabase:1.40.3:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "FA1F16C0-63AA-49B5-A28D-D63BA97D07B3" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:metabase:metabase:1.40.4:*:*:*:*:*:*:*", - "matchCriteriaId": "38156036-9D92-4E91-AABD-DD37E12C5E9A" + "criteria": "cpe:2.3:a:metabase:metabase:1.40.4:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "5AA701CB-58B6-4B17-ABCC-B12F2DB9F2A3" } ] } @@ -207,14 +207,14 @@ "url": "https://github.com/metabase/metabase/commit/042a36e49574c749f944e19cf80360fd3dc322f0", "source": "security-advisories@github.com", "tags": [ - "Patch", - "Third Party Advisory" + "Patch" ] }, { "url": "https://github.com/metabase/metabase/security/advisories/GHSA-w73v-6p7p-fpfr", "source": "security-advisories@github.com", "tags": [ + "Mitigation", "Third Party Advisory" ] } diff --git a/CVE-2022/CVE-2022-22xx/CVE-2022-2232.json b/CVE-2022/CVE-2022-22xx/CVE-2022-2232.json new file mode 100644 index 00000000000..9332b78b6d7 --- /dev/null +++ b/CVE-2022/CVE-2022-22xx/CVE-2022-2232.json @@ -0,0 +1,72 @@ +{ + "id": "CVE-2022-2232", + "sourceIdentifier": "secalert@redhat.com", + "published": "2024-11-14T15:15:06.527", + "lastModified": "2024-11-14T15:15:06.527", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in the Keycloak package. This flaw allows an attacker to utilize an LDAP injection to bypass the username lookup or potentially perform other malicious actions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/errata/RHSA-2024:0094", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:0095", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:0096", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/security/cve/CVE-2022-2232", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096994", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-474xx/CVE-2023-47430.json b/CVE-2023/CVE-2023-474xx/CVE-2023-47430.json index 9ac0445ccef..d5ef6f4f29d 100644 --- a/CVE-2023/CVE-2023-474xx/CVE-2023-47430.json +++ b/CVE-2023/CVE-2023-474xx/CVE-2023-47430.json @@ -2,7 +2,7 @@ "id": "CVE-2023-47430", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-25T22:37:19.197", - "lastModified": "2024-03-26T12:55:05.010", + "lastModified": "2024-11-14T16:35:03.027", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en ReadyMedia (MiniDLNA) v1.3.3 permite a atacantes provocar una denegaci\u00f3n de servicio mediante la funci\u00f3n SendContainer() en tivo_commands.c." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], "references": [ { "url": "https://sourceforge.net/p/minidlna/bugs/361/", diff --git a/CVE-2024/CVE-2024-102xx/CVE-2024-10265.json b/CVE-2024/CVE-2024-102xx/CVE-2024-10265.json index fcbb1fc1f79..dabd197bc3a 100644 --- a/CVE-2024/CVE-2024-102xx/CVE-2024-10265.json +++ b/CVE-2024/CVE-2024-102xx/CVE-2024-10265.json @@ -2,8 +2,8 @@ "id": "CVE-2024-10265", "sourceIdentifier": "security@wordfence.com", "published": "2024-11-10T13:15:03.657", - "lastModified": "2024-11-12T13:55:21.227", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-14T15:17:47.947", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,22 +51,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:10web:form_maker:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.15.31", + "matchCriteriaId": "E9CAD42C-E15C-4F36-8E80-1BE80F39B3FE" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/form-maker/trunk/wd/includes/notices.php#L199", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3183170/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://wordpress.org/plugins/form-maker/#developers", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0fb1a2c2-581d-47ed-a180-9f70fdf79066?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-109xx/CVE-2024-10921.json b/CVE-2024/CVE-2024-109xx/CVE-2024-10921.json new file mode 100644 index 00000000000..81eb452ea78 --- /dev/null +++ b/CVE-2024/CVE-2024-109xx/CVE-2024-10921.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-10921", + "sourceIdentifier": "cna@mongodb.com", + "published": "2024-11-14T16:15:18.030", + "lastModified": "2024-11-14T16:15:18.030", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An authorized user may trigger crashes or receive the contents of buffer over-reads of Server memory by issuing specially crafted requests that construct malformed BSON in the MongoDB Server. This issue affects MongoDB Server v5.0 versions prior to 5.0.30 , MongoDB Server v6.0 versions prior to 6.0.19, MongoDB Server v7.0 versions prior to 7.0.15 and MongoDB Server v8.0 versions prior to and including 8.0.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@mongodb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "cna@mongodb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-158" + } + ] + } + ], + "references": [ + { + "url": "https://jira.mongodb.org/browse/SERVER-96419", + "source": "cna@mongodb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-110xx/CVE-2024-11055.json b/CVE-2024/CVE-2024-110xx/CVE-2024-11055.json index 1023f1b0471..874247d69d9 100644 --- a/CVE-2024/CVE-2024-110xx/CVE-2024-11055.json +++ b/CVE-2024/CVE-2024-110xx/CVE-2024-11055.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11055", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-10T15:15:13.970", - "lastModified": "2024-11-12T13:55:21.227", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-14T15:18:45.933", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -110,8 +130,18 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -124,26 +154,62 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:1000projects:beauty_parlour_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "4CC5BB9B-86BF-4DDC-9A70-B48A4707A48E" + } + ] + } + ] + } + ], "references": [ { "url": "https://1000projects.org/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/Hacker0xone/CVE/issues/3", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.283799", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.283799", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.439322", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-110xx/CVE-2024-11056.json b/CVE-2024/CVE-2024-110xx/CVE-2024-11056.json index 0f23d0b72eb..649402036df 100644 --- a/CVE-2024/CVE-2024-110xx/CVE-2024-11056.json +++ b/CVE-2024/CVE-2024-110xx/CVE-2024-11056.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11056", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-10T17:15:15.697", - "lastModified": "2024-11-12T13:55:21.227", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-14T15:21:09.907", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -124,26 +144,74 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:ac10_firmware:16.03.10.13:*:*:*:*:*:*:*", + "matchCriteriaId": "6F1C8715-D7B4-4D1A-9E90-079C72049332" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:ac10:4.0:*:*:*:*:*:*:*", + "matchCriteriaId": "970AEBF4-2B32-4633-A75B-2D2C598C048D" + } + ] + } + ] + } + ], "references": [ { "url": "https://tasty-foxtrot-3a8.notion.site/Tenda-AC10v4-stack-overflow-1380448e619580409bb1e1ac85f45570", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.283800", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.283800", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.439358", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.tenda.com.cn/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-110xx/CVE-2024-11057.json b/CVE-2024/CVE-2024-110xx/CVE-2024-11057.json index f70e742e2fb..0dfe9f4e6cd 100644 --- a/CVE-2024/CVE-2024-110xx/CVE-2024-11057.json +++ b/CVE-2024/CVE-2024-110xx/CVE-2024-11057.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11057", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-10T18:15:16.517", - "lastModified": "2024-11-12T13:55:21.227", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-14T15:23:35.427", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -110,8 +130,18 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -124,22 +154,54 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codezips:hospital_appointment_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "433A683B-ACF7-4D3C-8078-D70615147B08" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Hacker0xone/CVE/issues/4", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.283801", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.283801", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.439363", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-110xx/CVE-2024-11097.json b/CVE-2024/CVE-2024-110xx/CVE-2024-11097.json index 657baa96083..f838715ea63 100644 --- a/CVE-2024/CVE-2024-110xx/CVE-2024-11097.json +++ b/CVE-2024/CVE-2024-110xx/CVE-2024-11097.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11097", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-12T02:15:17.817", - "lastModified": "2024-11-12T13:55:21.227", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-14T15:14:40.767", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -110,8 +130,18 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-835" + } + ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -124,26 +154,59 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:razormist:student_record_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "1524C11E-2F0E-4041-B60B-EA839BE0F991" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Hacker0xone/CVE/issues/5", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.283918", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.283918", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?submit.441237", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.sourcecodester.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-111xx/CVE-2024-11136.json b/CVE-2024/CVE-2024-111xx/CVE-2024-11136.json new file mode 100644 index 00000000000..08fa7fb85d4 --- /dev/null +++ b/CVE-2024/CVE-2024-111xx/CVE-2024-11136.json @@ -0,0 +1,86 @@ +{ + "id": "CVE-2024-11136", + "sourceIdentifier": "cvd@cert.pl", + "published": "2024-11-14T16:15:18.273", + "lastModified": "2024-11-14T16:15:18.273", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The default TCL Camera application exposes a provider vulnerable to path traversal vulnerability. Malicious application can supply malicious URI path and delete arbitrary files from user\u2019s external storage." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cvd@cert.pl", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "HIGH", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.2, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "cvd@cert.pl", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-35" + } + ] + } + ], + "references": [ + { + "url": "https://blog.oversecured.com/Content-Providers-and-the-potential-weak-spots-they-can-have/#path-traversal-when-using-data-from-uri", + "source": "cvd@cert.pl" + }, + { + "url": "https://cert.pl/en/posts/2024/11/CVE-2024-11136/", + "source": "cvd@cert.pl" + }, + { + "url": "https://cert.pl/posts/2024/11/CVE-2024-11136/", + "source": "cvd@cert.pl" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-111xx/CVE-2024-11165.json b/CVE-2024/CVE-2024-111xx/CVE-2024-11165.json index 88eb49b496c..56fdccb78e2 100644 --- a/CVE-2024/CVE-2024-111xx/CVE-2024-11165.json +++ b/CVE-2024/CVE-2024-111xx/CVE-2024-11165.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11165", "sourceIdentifier": "security@yugabyte.com", "published": "2024-11-13T15:15:06.877", - "lastModified": "2024-11-13T17:01:16.850", + "lastModified": "2024-11-14T16:35:05.493", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability exists in the backup configuration process where the SAS token is not masked in the configuration response. This oversight results in sensitive information leakage within the yb_backup log files, exposing the SAS token in plaintext. The leakage occurs during the backup procedure, leading to potential unauthorized access to resources associated with the SAS token.\u00a0This issue affects YugabyteDB Anywhere: from 2.20.0.0 before 2.20.7.0, from 2.23.0.0 before 2.23.1.0, from 2024.1.0.0 before 2024.1.3.0." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en el proceso de configuraci\u00f3n de la copia de seguridad, donde el token SAS no est\u00e1 enmascarado en la respuesta de configuraci\u00f3n. Este descuido da como resultado una fuga de informaci\u00f3n confidencial dentro de los archivos de registro yb_backup, lo que expone el token SAS en texto plano. La fuga se produce durante el procedimiento de copia de seguridad, lo que conduce a un posible acceso no autorizado a los recursos asociados con el token SAS. Este problema afecta a YugabyteDB Anywhere: desde 2.20.0.0 hasta 2.20.7.0, desde 2.23.0.0 hasta 2.23.1.0, desde 2024.1.0.0 hasta 2024.1.3.0." } ], "metrics": { @@ -55,6 +59,28 @@ "baseSeverity": "MEDIUM" } } + ], + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 3.9, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 0.5, + "impactScore": 3.4 + } ] }, "weaknesses": [ diff --git a/CVE-2024/CVE-2024-111xx/CVE-2024-11193.json b/CVE-2024/CVE-2024-111xx/CVE-2024-11193.json index 16599a22aed..54d801093bd 100644 --- a/CVE-2024/CVE-2024-111xx/CVE-2024-11193.json +++ b/CVE-2024/CVE-2024-111xx/CVE-2024-11193.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11193", "sourceIdentifier": "security@yugabyte.com", "published": "2024-11-13T21:15:08.730", - "lastModified": "2024-11-13T21:15:08.730", + "lastModified": "2024-11-14T15:35:06.770", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability exists in Yugabyte Anywhere, where the LDAP bind password is logged in plaintext within application logs. This flaw results in the unintentional exposure of sensitive information in Yugabyte Anywhere logs, potentially allowing unauthorized users with access to these logs to view the LDAP bind password.\u00a0An attacker with log access could exploit this vulnerability to gain unauthorized access to the LDAP server, leading to potential exposure or compromise of LDAP-managed resources\nThis issue affects YugabyteDB Anywhere: from 2.20.0.0 before 2.20.7.0, from 2.23.0.0 before 2.23.1.0, from 2024.1.0.0 before 2024.1.3.0." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Yugabyte Anywhere, donde la contrase\u00f1a de enlace LDAP se registra en texto plano dentro de los registros de la aplicaci\u00f3n. Esta falla da como resultado la exposici\u00f3n involuntaria de informaci\u00f3n confidencial en los registros de Yugabyte Anywhere, lo que potencialmente permite que usuarios no autorizados con acceso a estos registros vean la contrase\u00f1a de enlace LDAP. Un atacante con acceso a los registros podr\u00eda explotar esta vulnerabilidad para obtener acceso no autorizado al servidor LDAP, lo que lleva a una posible exposici\u00f3n o compromiso de los recursos administrados por LDAP. Este problema afecta a YugabyteDB Anywhere: desde 2.20.0.0 antes de 2.20.7.0, desde 2.23.0.0 antes de 2.23.1.0, desde 2024.1.0.0 antes de 2024.1.3.0." } ], "metrics": { @@ -55,6 +59,28 @@ "baseSeverity": "MEDIUM" } } + ], + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } ] }, "weaknesses": [ diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11210.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11210.json new file mode 100644 index 00000000000..5d851b3c018 --- /dev/null +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11210.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-11210", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-14T15:15:07.800", + "lastModified": "2024-11-14T15:15:07.800", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in EyouCMS 1.51. It has been rated as critical. This issue affects the function editFile of the file application/admin/logic/FilemanagerLogic.php. The manipulation of the argument activepath leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 5.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 4.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/nn0nkey/nn0nkey/blob/main/eyoucms/mlcy.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.284525", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.284525", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.437451", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11211.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11211.json new file mode 100644 index 00000000000..52b234c8d88 --- /dev/null +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11211.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-11211", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-14T15:15:08.077", + "lastModified": "2024-11-14T15:15:08.077", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical has been found in EyouCMS 1.5.6. Affected is an unknown function of the component Website Logo Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 5.8 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.4, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + }, + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/falling-snow1/cve/blob/main/EyouCMS_RCE.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.284526", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.284526", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.437600", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11212.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11212.json new file mode 100644 index 00000000000..cadaa37c170 --- /dev/null +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11212.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2024-11212", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-14T15:15:08.360", + "lastModified": "2024-11-14T15:15:08.360", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, has been found in SourceCodester Best Employee Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/fetch_product_details.php. The manipulation of the argument barcode leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/physicszq/web_issue/blob/main/Management/sql_injection01.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.284528", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.284528", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.442035", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.sourcecodester.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11213.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11213.json new file mode 100644 index 00000000000..0f5c2ee4304 --- /dev/null +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11213.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2024-11213", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-14T16:15:18.450", + "lastModified": "2024-11-14T16:15:18.450", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /admin/edit_role.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 5.8 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.4, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/sh3rl0ckpggp/0day/blob/main/authenticated_sqli_Employee_management_system.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.284529", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.284529", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.443298", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.sourcecodester.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11214.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11214.json new file mode 100644 index 00000000000..2c9ac7dc898 --- /dev/null +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11214.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2024-11214", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-14T16:15:18.707", + "lastModified": "2024-11-14T16:15:18.707", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument website_image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher disclosure contains confusing vulnerability classes." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 5.8 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.4, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + }, + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/sh3rl0ckpggp/0day/blob/main/Employee_management%20_system_RCE.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.284530", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.284530", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.443304", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.sourcecodester.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-247xx/CVE-2024-24762.json b/CVE-2024/CVE-2024-247xx/CVE-2024-24762.json index 7232448db46..239046cd281 100644 --- a/CVE-2024/CVE-2024-247xx/CVE-2024-24762.json +++ b/CVE-2024/CVE-2024-247xx/CVE-2024-24762.json @@ -2,8 +2,8 @@ "id": "CVE-2024-24762", "sourceIdentifier": "security-advisories@github.com", "published": "2024-02-05T15:15:09.260", - "lastModified": "2024-02-17T02:15:52.700", - "vulnStatus": "Modified", + "lastModified": "2024-11-14T16:25:58.967", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -88,6 +88,18 @@ "operator": "OR", "negate": false, "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:encode:starlette:*:*:*:*:*:*:*:*", + "versionEndExcluding": "0.36.2", + "matchCriteriaId": "88D6BDB2-BBC6-44E0-9FB2-C4166833D3D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fastapiexpert:python-multipart:*:*:*:*:*:*:*:*", + "versionEndExcluding": "0.0.7", + "matchCriteriaId": "45618F8D-003D-4C96-AAD6-659FEE2034E1" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:tiangolo:fastapi:*:*:*:*:*:*:*:*", @@ -102,23 +114,39 @@ "references": [ { "url": "https://github.com/Kludex/python-multipart/commit/20f0ef6b4e4caf7d69a667c54dff57fe467109a4", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/Kludex/python-multipart/security/advisories/GHSA-2jv5-9r88-3w3p", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://github.com/andrew-d/python-multipart/blob/d3d16dae4b061c34fe9d3c9081d9800c49fc1f7a/multipart/multipart.py#L72-L74", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/encode/starlette/commit/13e5c26a27f4903924624736abd6131b2da80cc5", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/encode/starlette/security/advisories/GHSA-93gm-qmq6-w238", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://github.com/tiangolo/fastapi/commit/9d34ad0ee8a0dfbbcce06f76c2d5d851085024fc", @@ -138,8 +166,7 @@ "url": "https://github.com/tiangolo/fastapi/security/advisories/GHSA-qf9m-vfgh-m389", "source": "security-advisories@github.com", "tags": [ - "Exploit", - "Vendor Advisory" + "Broken Link" ] } ] diff --git a/CVE-2024/CVE-2024-385xx/CVE-2024-38538.json b/CVE-2024/CVE-2024-385xx/CVE-2024-38538.json index a2df8b247eb..019e4d0ed5b 100644 --- a/CVE-2024/CVE-2024-385xx/CVE-2024-38538.json +++ b/CVE-2024/CVE-2024-385xx/CVE-2024-38538.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38538", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-19T14:15:14.107", - "lastModified": "2024-08-29T02:26:05.030", - "vulnStatus": "Analyzed", + "lastModified": "2024-11-14T16:15:19.033", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -120,6 +120,10 @@ "Patch" ] }, + { + "url": "https://git.kernel.org/stable/c/c964429ef53f42098a6545a5dabeb1441c1e821d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/f482fd4ce919836a49012b2d31b00fc36e2488f2", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", diff --git a/CVE-2024/CVE-2024-385xx/CVE-2024-38540.json b/CVE-2024/CVE-2024-385xx/CVE-2024-38540.json index 9ed82b69fbe..50a3ed25bcd 100644 --- a/CVE-2024/CVE-2024-385xx/CVE-2024-38540.json +++ b/CVE-2024/CVE-2024-385xx/CVE-2024-38540.json @@ -2,7 +2,7 @@ "id": "CVE-2024-38540", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-19T14:15:14.290", - "lastModified": "2024-11-01T15:35:15.297", + "lastModified": "2024-11-14T16:15:19.170", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -48,6 +48,10 @@ "url": "https://git.kernel.org/stable/c/78cfd17142ef70599d6409cbd709d94b3da58659", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, + { + "url": "https://git.kernel.org/stable/c/84d2f29152184f0d72ed7c9648c4ee6927df4e59", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/8b799c00cea6fcfe5b501bbaeb228c8821acb753", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" diff --git a/CVE-2024/CVE-2024-406xx/CVE-2024-40661.json b/CVE-2024/CVE-2024-406xx/CVE-2024-40661.json index 022c1b8c99b..4382d17b89a 100644 --- a/CVE-2024/CVE-2024-406xx/CVE-2024-40661.json +++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40661.json @@ -2,16 +2,55 @@ "id": "CVE-2024-40661", "sourceIdentifier": "security@android.com", "published": "2024-11-13T18:15:20.650", - "lastModified": "2024-11-13T18:15:20.650", + "lastModified": "2024-11-14T16:35:06.610", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In mayAdminGrantPermission of AdminRestrictedPermissionsUtils.java, there is a possible way to access the microphone due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En mayAdminGrantPermission de AdminRestrictedPermissionsUtils.java, existe una forma posible de acceder al micr\u00f3fono debido a una verificaci\u00f3n de permisos faltante. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://android.googlesource.com/platform/packages/modules/Permission/+/ffd81f212b5594b498f0ba07645c7a181540e494", diff --git a/CVE-2024/CVE-2024-406xx/CVE-2024-40671.json b/CVE-2024/CVE-2024-406xx/CVE-2024-40671.json index fefb3ae4e0d..792e4523ddd 100644 --- a/CVE-2024/CVE-2024-406xx/CVE-2024-40671.json +++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40671.json @@ -2,16 +2,55 @@ "id": "CVE-2024-40671", "sourceIdentifier": "security@android.com", "published": "2024-11-13T18:15:20.723", - "lastModified": "2024-11-13T18:15:20.723", + "lastModified": "2024-11-14T16:35:07.450", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible way to achieve arbitrary code execution due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En DevmemIntChangeSparse2 de devicemem_server.c, existe una forma posible de lograr la ejecuci\u00f3n de c\u00f3digo arbitrario debido a la falta de una verificaci\u00f3n de permisos. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/security/bulletin/2024-11-01", diff --git a/CVE-2024/CVE-2024-420xx/CVE-2024-42000.json b/CVE-2024/CVE-2024-420xx/CVE-2024-42000.json index 2dcc8b13620..bdebe3748cc 100644 --- a/CVE-2024/CVE-2024-420xx/CVE-2024-42000.json +++ b/CVE-2024/CVE-2024-420xx/CVE-2024-42000.json @@ -2,8 +2,8 @@ "id": "CVE-2024-42000", "sourceIdentifier": "responsibledisclosure@mattermost.com", "published": "2024-11-09T18:15:14.993", - "lastModified": "2024-11-12T13:56:24.513", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-14T16:48:30.013", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -51,10 +81,71 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.5.0", + "versionEndExcluding": "9.5.10", + "matchCriteriaId": "E022FB98-95D6-4F82-9A9F-0C320633E64D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.10.0", + "versionEndExcluding": "9.10.3", + "matchCriteriaId": "6E2037E9-B6B2-4764-A5C9-5006DCF34E94" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.11.0", + "versionEndExcluding": "9.11.2", + "matchCriteriaId": "5F0D9909-E2B9-41B3-93F7-6C666434FE7B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:10.0.0:-:*:*:*:*:*:*", + "matchCriteriaId": "D08969BB-2AE8-4583-8205-F39C44039955" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:10.0.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "07AF48D9-3CA9-4D3F-9F2E-975858205BA3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:10.0.0:rc2:*:*:*:*:*:*", + "matchCriteriaId": "23737B5A-A878-46FA-9261-CF87246DF759" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:10.0.0:rc3:*:*:*:*:*:*", + "matchCriteriaId": "CF95680E-B893-42E4-A639-D9753E1C85E0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:10.0.0:rc4:*:*:*:*:*:*", + "matchCriteriaId": "594BC592-4333-4BC4-8868-091001AB5E36" + } + ] + } + ] + } + ], "references": [ { "url": "https://mattermost.com/security-updates", - "source": "responsibledisclosure@mattermost.com" + "source": "responsibledisclosure@mattermost.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-421xx/CVE-2024-42188.json b/CVE-2024/CVE-2024-421xx/CVE-2024-42188.json new file mode 100644 index 00000000000..1acbf743a04 --- /dev/null +++ b/CVE-2024/CVE-2024-421xx/CVE-2024-42188.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-42188", + "sourceIdentifier": "psirt@hcl.com", + "published": "2024-11-14T16:15:19.283", + "lastModified": "2024-11-14T16:35:08.270", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "HCL Connections is vulnerable to a broken access control vulnerability that may allow an unauthorized user to update data in certain scenarios." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@hcl.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.2, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + } + ], + "references": [ + { + "url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0117387", + "source": "psirt@hcl.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-422xx/CVE-2024-42291.json b/CVE-2024/CVE-2024-422xx/CVE-2024-42291.json index 0a1330f804d..82a14eddde7 100644 --- a/CVE-2024/CVE-2024-422xx/CVE-2024-42291.json +++ b/CVE-2024/CVE-2024-422xx/CVE-2024-42291.json @@ -2,7 +2,7 @@ "id": "CVE-2024-42291", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-08-17T09:15:09.730", - "lastModified": "2024-08-19T12:59:59.177", + "lastModified": "2024-11-14T16:15:19.550", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -32,6 +32,10 @@ { "url": "https://git.kernel.org/stable/c/d62389073a5b937413e2d1bc1da06ccff5103c0c", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e81b674ead8e2172b2a69e7b45e079239ace4dbc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-430xx/CVE-2024-43080.json b/CVE-2024/CVE-2024-430xx/CVE-2024-43080.json index a76759cad59..91f54a4eba7 100644 --- a/CVE-2024/CVE-2024-430xx/CVE-2024-43080.json +++ b/CVE-2024/CVE-2024-430xx/CVE-2024-43080.json @@ -2,16 +2,55 @@ "id": "CVE-2024-43080", "sourceIdentifier": "security@android.com", "published": "2024-11-13T18:15:20.783", - "lastModified": "2024-11-13T18:15:20.783", + "lastModified": "2024-11-14T16:35:09.127", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In onReceive of AppRestrictionsFragment.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation." + }, + { + "lang": "es", + "value": "En onReceive de AppRestrictionsFragment.java, existe una posible escalada de privilegios debido a una deserializaci\u00f3n insegura. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. Se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://android.googlesource.com/platform/packages/apps/Settings/+/26ce013dfd7e59a451acc66e7f05564e0884d46b", diff --git a/CVE-2024/CVE-2024-430xx/CVE-2024-43081.json b/CVE-2024/CVE-2024-430xx/CVE-2024-43081.json index ff5528d4384..8ae96058ce0 100644 --- a/CVE-2024/CVE-2024-430xx/CVE-2024-43081.json +++ b/CVE-2024/CVE-2024-430xx/CVE-2024-43081.json @@ -2,16 +2,55 @@ "id": "CVE-2024-43081", "sourceIdentifier": "security@android.com", "published": "2024-11-13T18:15:20.863", - "lastModified": "2024-11-13T18:15:20.863", + "lastModified": "2024-11-14T16:35:09.987", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En installExistingPackageAsUser de InstallPackageHelper.java, existe una posible omisi\u00f3n de la restricci\u00f3n del operador debido a un error l\u00f3gico en el c\u00f3digo. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://android.googlesource.com/platform/frameworks/base/+/31c098c4271ad4fdfb3809e05017ead8d9f6580f", diff --git a/CVE-2024/CVE-2024-430xx/CVE-2024-43082.json b/CVE-2024/CVE-2024-430xx/CVE-2024-43082.json index 1dfbfcd0d1b..b3bcece146a 100644 --- a/CVE-2024/CVE-2024-430xx/CVE-2024-43082.json +++ b/CVE-2024/CVE-2024-430xx/CVE-2024-43082.json @@ -2,16 +2,55 @@ "id": "CVE-2024-43082", "sourceIdentifier": "security@android.com", "published": "2024-11-13T18:15:20.927", - "lastModified": "2024-11-13T18:15:20.927", + "lastModified": "2024-11-14T16:35:10.857", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In onActivityResult of EditUserPhotoController.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En onActivityResult de EditUserPhotoController.java, existe una posible lectura de medios entre usuarios debido a un subordinado confundido. Esto podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://android.googlesource.com/platform/frameworks/base/+/6aa1b4fbf5936a1ff5bdbb79397c94910a6ed8f5", diff --git a/CVE-2024/CVE-2024-430xx/CVE-2024-43085.json b/CVE-2024/CVE-2024-430xx/CVE-2024-43085.json index 2e99087f20d..88e2761014c 100644 --- a/CVE-2024/CVE-2024-430xx/CVE-2024-43085.json +++ b/CVE-2024/CVE-2024-430xx/CVE-2024-43085.json @@ -2,16 +2,55 @@ "id": "CVE-2024-43085", "sourceIdentifier": "security@android.com", "published": "2024-11-13T18:15:21.173", - "lastModified": "2024-11-13T18:15:21.173", + "lastModified": "2024-11-14T16:35:11.720", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In handleMessage of UsbDeviceManager.java, there is a possible method to access device contents over USB without unlocking the device due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En handleMessage de UsbDeviceManager.java, existe un m\u00e9todo posible para acceder al contenido del dispositivo a trav\u00e9s de USB sin desbloquear el dispositivo debido a un error l\u00f3gico en el c\u00f3digo. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://android.googlesource.com/platform/frameworks/base/+/2457d4e459ee6ffd099b9ff7cce9c83119c3ce66", diff --git a/CVE-2024/CVE-2024-430xx/CVE-2024-43086.json b/CVE-2024/CVE-2024-430xx/CVE-2024-43086.json index 61096562920..5e59e989b58 100644 --- a/CVE-2024/CVE-2024-430xx/CVE-2024-43086.json +++ b/CVE-2024/CVE-2024-430xx/CVE-2024-43086.json @@ -2,16 +2,55 @@ "id": "CVE-2024-43086", "sourceIdentifier": "security@android.com", "published": "2024-11-13T18:15:21.240", - "lastModified": "2024-11-13T18:15:21.240", + "lastModified": "2024-11-14T16:35:12.570", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In validateAccountsInternal of AccountManagerService.java, there is a possible way to leak account credentials to a third party app due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En el archivo validationAccountsInternal de AccountManagerService.java, existe una forma posible de filtrar las credenciales de la cuenta a una aplicaci\u00f3n de terceros debido a un subordinado confundido. Esto podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://android.googlesource.com/platform/frameworks/base/+/55a3d36701bb874358f685d3ac3381eda10fcff0", diff --git a/CVE-2024/CVE-2024-430xx/CVE-2024-43089.json b/CVE-2024/CVE-2024-430xx/CVE-2024-43089.json index fd64376742d..9df297a0431 100644 --- a/CVE-2024/CVE-2024-430xx/CVE-2024-43089.json +++ b/CVE-2024/CVE-2024-430xx/CVE-2024-43089.json @@ -2,16 +2,55 @@ "id": "CVE-2024-43089", "sourceIdentifier": "security@android.com", "published": "2024-11-13T18:15:21.450", - "lastModified": "2024-11-13T18:15:21.450", + "lastModified": "2024-11-14T16:35:13.417", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In updateInternal of MediaProvider.java , there is a possible access of another app's files due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En updateInternal de MediaProvider.java, existe un posible acceso a los archivos de otra aplicaci\u00f3n debido a una verificaci\u00f3n de permisos faltante. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. No se necesita interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/33ff6a663eea1fcdd2b422b98722c1dee48a7f6a", diff --git a/CVE-2024/CVE-2024-430xx/CVE-2024-43091.json b/CVE-2024/CVE-2024-430xx/CVE-2024-43091.json index efb6452e7fc..eda01935e87 100644 --- a/CVE-2024/CVE-2024-430xx/CVE-2024-43091.json +++ b/CVE-2024/CVE-2024-430xx/CVE-2024-43091.json @@ -2,16 +2,55 @@ "id": "CVE-2024-43091", "sourceIdentifier": "security@android.com", "published": "2024-11-13T18:15:21.590", - "lastModified": "2024-11-13T18:15:21.590", + "lastModified": "2024-11-14T15:35:08.470", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In filterMask of SkEmbossMaskFilter.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En filterMask de SkEmbossMaskFilter.cpp, existe una posible escritura fuera de los l\u00edmites debido a un desbordamiento de n\u00fameros enteros. Esto podr\u00eda provocar la ejecuci\u00f3n remota de c\u00f3digo sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://android.googlesource.com/platform/external/skia/+/0b628a960e74197ace9831ef0727f5ba7ab6ac10", diff --git a/CVE-2024/CVE-2024-430xx/CVE-2024-43093.json b/CVE-2024/CVE-2024-430xx/CVE-2024-43093.json index 303fef1c2d7..3f266b8c4a3 100644 --- a/CVE-2024/CVE-2024-430xx/CVE-2024-43093.json +++ b/CVE-2024/CVE-2024-430xx/CVE-2024-43093.json @@ -2,8 +2,8 @@ "id": "CVE-2024-43093", "sourceIdentifier": "security@android.com", "published": "2024-11-13T18:15:21.713", - "lastModified": "2024-11-14T02:00:02.740", - "vulnStatus": "Received", + "lastModified": "2024-11-14T15:15:17.020", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "cisaExploitAdd": "2024-11-07", "cisaActionDue": "2024-11-28", @@ -13,6 +13,10 @@ { "lang": "en", "value": "In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation." + }, + { + "lang": "es", + "value": "En shouldHideDocument de ExternalStorageProvider.java, existe una posible omisi\u00f3n de un filtro de ruta de archivo dise\u00f1ado para evitar el acceso a directorios confidenciales debido a una normalizaci\u00f3n incorrecta de Unicode. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. Se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-434xx/CVE-2024-43451.json b/CVE-2024/CVE-2024-434xx/CVE-2024-43451.json index 565747f1b2e..0641188d088 100644 --- a/CVE-2024/CVE-2024-434xx/CVE-2024-43451.json +++ b/CVE-2024/CVE-2024-434xx/CVE-2024-43451.json @@ -2,8 +2,8 @@ "id": "CVE-2024-43451", "sourceIdentifier": "secure@microsoft.com", "published": "2024-11-12T18:15:22.483", - "lastModified": "2024-11-13T11:55:08.677", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-14T15:24:33.317", + "vulnStatus": "Analyzed", "cveTags": [], "cisaExploitAdd": "2024-11-12", "cisaActionDue": "2024-12-03", @@ -45,8 +45,18 @@ }, "weaknesses": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -55,10 +65,189 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.10240.20826", + "matchCriteriaId": "94D57126-EC8D-4898-A5FE-D7EB6463B634" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.10240.20826", + "matchCriteriaId": "54AA8A1F-0EAD-406A-A4AF-B86C316D1089" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.14393.7515", + "matchCriteriaId": "86F8F1B2-C206-4CD6-83C6-C450329CEE10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.14393.7515", + "matchCriteriaId": "FCBE6103-075E-4841-836D-4E0D630E99FF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.17763.6532", + "matchCriteriaId": "81C732A1-CC0F-4633-B00D-473869E77DB9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.17763.6532", + "matchCriteriaId": "AF9C20B8-CB5E-46C9-B041-D6A42C26703B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.19044.5131", + "matchCriteriaId": "71AD0B79-C3EF-4E13-AB04-D5FAEABA6954" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19044.5131", + "matchCriteriaId": "B35413A3-DE3B-4E35-AB48-C6D5D138AC07" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19044.5131", + "matchCriteriaId": "D0558F5F-A561-41E9-9242-7F4A5D924479" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.19045.5131", + "matchCriteriaId": "EA243DE7-EDB1-43DA-AD7E-541843DECB58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19045.5131", + "matchCriteriaId": "5D428E06-FC7C-4151-9582-D66D05D7AFE6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19045.5131", + "matchCriteriaId": "FB49C811-F4D7-46EB-9ED6-50CB3EAAAD90" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22621.4460", + "matchCriteriaId": "04BC0915-6F14-4D7A-951F-83CBAB47C3C4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22621.4460", + "matchCriteriaId": "8A16CFCB-D002-4F63-B568-9D14ACE88E94" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22631.4460", + "matchCriteriaId": "B8FE14E5-7226-43CA-A57E-A81636185AD4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22631.4460", + "matchCriteriaId": "97507261-3969-4EBF-BCED-93FBADCBB6DC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.26100.2314", + "matchCriteriaId": "D32C04CA-E5BE-47CA-AF79-B39859288531" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.26100.2314", + "matchCriteriaId": "40A6B92E-21C6-4BDD-BA57-DC227FF0F998" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", + "matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", + "matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.7515", + "matchCriteriaId": "82E3AC46-9D0D-4381-93EE-FE87C212040A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.6532", + "matchCriteriaId": "A43E1F6C-B2A7-4DEC-B4EC-04153746C42B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.2849", + "matchCriteriaId": "38D9CE84-B85F-42B0-959D-A390427A1641" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.1251", + "matchCriteriaId": "A549BD98-3DE2-4EF3-A579-12AFCB764975" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.26100.2314", + "matchCriteriaId": "4F17FD7F-254D-4EE6-9D22-468E76D9B054" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43451", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-438xx/CVE-2024-43868.json b/CVE-2024/CVE-2024-438xx/CVE-2024-43868.json index 658071917c7..734a9f3beba 100644 --- a/CVE-2024/CVE-2024-438xx/CVE-2024-43868.json +++ b/CVE-2024/CVE-2024-438xx/CVE-2024-43868.json @@ -2,7 +2,7 @@ "id": "CVE-2024-43868", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-08-21T00:15:05.150", - "lastModified": "2024-08-21T12:30:33.697", + "lastModified": "2024-11-14T16:15:19.803", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -17,10 +17,18 @@ ], "metrics": {}, "references": [ + { + "url": "https://git.kernel.org/stable/c/10ffafb456f293976c42f700578ef740467cb569", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/5d4aaf16a8255f7c71790e211724ba029609c5ff", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, + { + "url": "https://git.kernel.org/stable/c/6e62dab357eea12db0fc62dea94c7a892888e6e8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/fb197c5d2fd24b9af3d4697d0cf778645846d6d5", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" diff --git a/CVE-2024/CVE-2024-443xx/CVE-2024-44337.json b/CVE-2024/CVE-2024-443xx/CVE-2024-44337.json index cd485f221e5..e24903525e8 100644 --- a/CVE-2024/CVE-2024-443xx/CVE-2024-44337.json +++ b/CVE-2024/CVE-2024-443xx/CVE-2024-44337.json @@ -2,7 +2,7 @@ "id": "CVE-2024-44337", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-15T20:15:21.850", - "lastModified": "2024-10-16T16:38:14.557", + "lastModified": "2024-11-14T16:35:14.613", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,30 @@ "value": "El paquete `github.com/gomarkdown/markdown` es una librer\u00eda Go para analizar texto Markdown y representarlo como HTML. Antes de la pseudoversi\u00f3n `v0.0.0-20240729232818-a2a9c4f`, que corresponde con el commit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252`, hab\u00eda un problema l\u00f3gico en la funci\u00f3n de p\u00e1rrafo del archivo parser/block.go, que permit\u00eda a un atacante remoto provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) al proporcionar una entrada personalizada que causaba un bucle infinito, lo que hac\u00eda que el programa se colgara y consumiera recursos indefinidamente. La publicaci\u00f3n `a2a9c4f76ef5a5c32108e36f7c47f8d310322252` contiene correcciones a este problema." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.5, + "impactScore": 2.5 + } + ] + }, "references": [ { "url": "https://github.com/Brinmon/CVE-2024-44337", diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47594.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47594.json index 24584825188..3e1cf5b45a6 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47594.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47594.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47594", "sourceIdentifier": "cna@sap.com", "published": "2024-10-08T04:15:09.087", - "lastModified": "2024-10-10T12:57:21.987", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-14T16:12:13.877", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "cna@sap.com", "type": "Secondary", @@ -51,14 +71,37 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_enterprise_portal:7.50:*:*:*:*:*:*:*", + "matchCriteriaId": "D91F9D76-39D6-4D5E-BFAE-892CB8C30A79" + } + ] + } + ] + } + ], "references": [ { "url": "https://me.sap.com/notes/3503462", - "source": "cna@sap.com" + "source": "cna@sap.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://url.sap/sapsecuritypatchday", - "source": "cna@sap.com" + "source": "cna@sap.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47595.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47595.json index 2df7ca49220..b66d4020888 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47595.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47595.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47595", "sourceIdentifier": "cna@sap.com", "published": "2024-11-12T01:15:05.677", - "lastModified": "2024-11-12T13:55:21.227", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-14T15:21:32.080", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + }, { "source": "cna@sap.com", "type": "Secondary", @@ -41,8 +61,18 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,14 +81,37 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:host_agent:7.22:*:*:*:*:*:*:*", + "matchCriteriaId": "1E135017-1492-49F5-B3ED-F69D5476FB46" + } + ] + } + ] + } + ], "references": [ { "url": "https://me.sap.com/notes/3509619", - "source": "cna@sap.com" + "source": "cna@sap.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://url.sap/sapsecuritypatchday", - "source": "cna@sap.com" + "source": "cna@sap.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-485xx/CVE-2024-48510.json b/CVE-2024/CVE-2024-485xx/CVE-2024-48510.json index 6fb49cb35e4..cc18d478610 100644 --- a/CVE-2024/CVE-2024-485xx/CVE-2024-48510.json +++ b/CVE-2024/CVE-2024-485xx/CVE-2024-48510.json @@ -2,8 +2,8 @@ "id": "CVE-2024-48510", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-13T15:15:07.463", - "lastModified": "2024-11-13T17:01:16.850", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-14T15:04:49.847", + "vulnStatus": "Analyzed", "cveTags": [ { "sourceIdentifier": "cve@mitre.org", @@ -16,25 +16,96 @@ { "lang": "en", "value": "Directory Traversal vulnerability in DotNetZip v.1.16.0 and before allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component NOTE: This vulnerability only affects products that are no longer supported by the maintainer." + }, + { + "lang": "es", + "value": "La vulnerabilidad de Directory Traversal en DotNetZip v.1.16.0 y anteriores permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del componente src/Zip.Shared/ZipEntry.Extract.cs NOTA: Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dotnetzip.semverd_project:dotnetzip.semverd:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.10.1", + "versionEndIncluding": "1.16.0", + "matchCriteriaId": "2C05576C-0984-413A-8C23-F0DBA77B76DB" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://gist.github.com/thomas-chauchefoin-bentley-systems/855218959116f870f08857cce2aec731", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Third Party Advisory" + ] }, { "url": "https://github.com/haf/DotNetZip.Semverd", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/haf/DotNetZip.Semverd/blob/e487179b33a9a0f2631eed5fb04d2c952ea5377a/src/Zip.Shared/ZipEntry.Extract.cs#L1365-L1410", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://www.nuget.org/packages/DotNetZip/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-490xx/CVE-2024-49039.json b/CVE-2024/CVE-2024-490xx/CVE-2024-49039.json index 827b9049e84..fdd768afe5c 100644 --- a/CVE-2024/CVE-2024-490xx/CVE-2024-49039.json +++ b/CVE-2024/CVE-2024-490xx/CVE-2024-49039.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49039", "sourceIdentifier": "secure@microsoft.com", "published": "2024-11-12T18:15:44.160", - "lastModified": "2024-11-13T11:42:33.350", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-14T15:20:51.670", + "vulnStatus": "Analyzed", "cveTags": [], "cisaExploitAdd": "2024-11-12", "cisaActionDue": "2024-12-03", @@ -45,8 +45,18 @@ }, "weaknesses": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -55,10 +65,164 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.10240.20826", + "matchCriteriaId": "94D57126-EC8D-4898-A5FE-D7EB6463B634" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.10240.20826", + "matchCriteriaId": "54AA8A1F-0EAD-406A-A4AF-B86C316D1089" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.14393.7515", + "matchCriteriaId": "86F8F1B2-C206-4CD6-83C6-C450329CEE10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.14393.7515", + "matchCriteriaId": "FCBE6103-075E-4841-836D-4E0D630E99FF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.17763.6532", + "matchCriteriaId": "81C732A1-CC0F-4633-B00D-473869E77DB9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.17763.6532", + "matchCriteriaId": "AF9C20B8-CB5E-46C9-B041-D6A42C26703B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.19044.5131", + "matchCriteriaId": "71AD0B79-C3EF-4E13-AB04-D5FAEABA6954" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19044.5131", + "matchCriteriaId": "B35413A3-DE3B-4E35-AB48-C6D5D138AC07" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19044.5131", + "matchCriteriaId": "D0558F5F-A561-41E9-9242-7F4A5D924479" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.19045.5131", + "matchCriteriaId": "EA243DE7-EDB1-43DA-AD7E-541843DECB58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19045.5131", + "matchCriteriaId": "5D428E06-FC7C-4151-9582-D66D05D7AFE6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19045.5131", + "matchCriteriaId": "FB49C811-F4D7-46EB-9ED6-50CB3EAAAD90" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22621.4460", + "matchCriteriaId": "04BC0915-6F14-4D7A-951F-83CBAB47C3C4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22621.4460", + "matchCriteriaId": "8A16CFCB-D002-4F63-B568-9D14ACE88E94" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22631.4460", + "matchCriteriaId": "B8FE14E5-7226-43CA-A57E-A81636185AD4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22631.4460", + "matchCriteriaId": "97507261-3969-4EBF-BCED-93FBADCBB6DC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.26100.2314", + "matchCriteriaId": "D32C04CA-E5BE-47CA-AF79-B39859288531" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.26100.2314", + "matchCriteriaId": "40A6B92E-21C6-4BDD-BA57-DC227FF0F998" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.7515", + "matchCriteriaId": "82E3AC46-9D0D-4381-93EE-FE87C212040A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.6532", + "matchCriteriaId": "A43E1F6C-B2A7-4DEC-B4EC-04153746C42B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.2849", + "matchCriteriaId": "38D9CE84-B85F-42B0-959D-A390427A1641" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.1251", + "matchCriteriaId": "A549BD98-3DE2-4EF3-A579-12AFCB764975" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.26100.2314", + "matchCriteriaId": "4F17FD7F-254D-4EE6-9D22-468E76D9B054" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49039", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49379.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49379.json index 66e9b908bb1..53afce9ca90 100644 --- a/CVE-2024/CVE-2024-493xx/CVE-2024-49379.json +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49379.json @@ -2,13 +2,17 @@ "id": "CVE-2024-49379", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-13T18:15:22.153", - "lastModified": "2024-11-13T18:15:22.153", + "lastModified": "2024-11-14T16:35:15.103", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Umbrel is a home server OS for self-hosting. The login functionality of Umbrel before version 1.2.2 contains a reflected cross-site scripting (XSS) vulnerability in use-auth.tsx. An attacker can specify a malicious redirect query parameter to trigger the vulnerability. If a JavaScript URL is passed to the redirect parameter the attacker provided JavaScript will be executed after the user entered their password and clicked on login. This vulnerability is fixed in 1.2.2." + }, + { + "lang": "es", + "value": "Umbrel es un sistema operativo para servidores dom\u00e9sticos que se alojan en servidores propios. La funcionalidad de inicio de sesi\u00f3n de Umbrel anterior a la versi\u00f3n 1.2.2 contiene una vulnerabilidad de Cross-Site Scripting (XSS) reflejado en use-auth.tsx. Un atacante puede especificar un par\u00e1metro de consulta de redireccionamiento malicioso para activar la vulnerabilidad. Si se pasa una URL de JavaScript al par\u00e1metro de redireccionamiento, el JavaScript proporcionado por el atacante se ejecutar\u00e1 despu\u00e9s de que el usuario ingrese su contrase\u00f1a y haga clic en iniciar sesi\u00f3n. Esta vulnerabilidad se solucion\u00f3 en la versi\u00f3n 1.2.2." } ], "metrics": { @@ -55,6 +59,28 @@ "baseSeverity": "MEDIUM" } } + ], + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } ] }, "weaknesses": [ diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49505.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49505.json index 630691ee23a..6dc593bd5e2 100644 --- a/CVE-2024/CVE-2024-495xx/CVE-2024-49505.json +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49505.json @@ -2,13 +2,17 @@ "id": "CVE-2024-49505", "sourceIdentifier": "meissner@suse.de", "published": "2024-11-13T15:15:07.860", - "lastModified": "2024-11-13T17:01:16.850", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-11-14T15:13:09.100", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in openSUSE Tumbleweed MirrorCache allows the execution of arbitrary JS via reflected XSS in the\u00a0 REGEX and P parameters.\nThis issue affects MirrorCache before 1.083." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en openSUSE Tumbleweed MirrorCache permite la ejecuci\u00f3n de c\u00f3digo JS arbitrario a trav\u00e9s de XSS reflejado en los par\u00e1metros REGEX y P. Este problema afecta a MirrorCache antes de la versi\u00f3n 1.083." } ], "metrics": { @@ -55,6 +59,28 @@ "baseSeverity": "MEDIUM" } } + ], + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } ] }, "weaknesses": [ @@ -69,10 +95,33 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:opensuse:mirrorcache:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.083", + "matchCriteriaId": "FD6107A6-362A-4CC1-8627-95C2A936FC0D" + } + ] + } + ] + } + ], "references": [ { "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-49505", - "source": "meissner@suse.de" + "source": "meissner@suse.de", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-500xx/CVE-2024-50036.json b/CVE-2024/CVE-2024-500xx/CVE-2024-50036.json index 74f29d5625c..7aa9f1e5f6e 100644 --- a/CVE-2024/CVE-2024-500xx/CVE-2024-50036.json +++ b/CVE-2024/CVE-2024-500xx/CVE-2024-50036.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50036", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-10-21T20:15:16.717", - "lastModified": "2024-11-04T18:34:21.040", - "vulnStatus": "Analyzed", + "lastModified": "2024-11-14T16:15:19.890", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -123,6 +123,10 @@ "Patch" ] }, + { + "url": "https://git.kernel.org/stable/c/a60db84f772fc3a906c6c4072f9207579c41166f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/ac888d58869bb99753e7652be19a151df9ecb35d", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", @@ -130,6 +134,10 @@ "Patch" ] }, + { + "url": "https://git.kernel.org/stable/c/e3915f028b1f1c37e87542e5aadd33728c259d96", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/eae7435b48ffc8e9be0ff9cfeae40af479a609dd", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", diff --git a/CVE-2024/CVE-2024-501xx/CVE-2024-50126.json b/CVE-2024/CVE-2024-501xx/CVE-2024-50126.json index e570b3937f5..c170b53efdf 100644 --- a/CVE-2024/CVE-2024-501xx/CVE-2024-50126.json +++ b/CVE-2024/CVE-2024-501xx/CVE-2024-50126.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50126", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-11-05T18:15:15.607", - "lastModified": "2024-11-08T20:03:02.093", - "vulnStatus": "Analyzed", + "lastModified": "2024-11-14T16:15:19.990", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -112,6 +112,10 @@ "Patch" ] }, + { + "url": "https://git.kernel.org/stable/c/b911fa9e92ee586e36479ad57b88f20471acaca1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/e4369cb6acf6b895ac2453cc1cdf2f4326122c6d", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", diff --git a/CVE-2024/CVE-2024-502xx/CVE-2024-50236.json b/CVE-2024/CVE-2024-502xx/CVE-2024-50236.json index 35c105e097f..c6b9c85b5e4 100644 --- a/CVE-2024/CVE-2024-502xx/CVE-2024-50236.json +++ b/CVE-2024/CVE-2024-502xx/CVE-2024-50236.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50236", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-11-09T11:15:09.447", - "lastModified": "2024-11-12T13:56:24.513", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-14T16:29:11.667", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,184 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: ath10k: Se corrige una p\u00e9rdida de memoria en la transmisi\u00f3n de administraci\u00f3n. En la l\u00f3gica actual, se asigna memoria para almacenar el contexto MSDU durante la transmisi\u00f3n del paquete de administraci\u00f3n, pero esta memoria no se libera durante la finalizaci\u00f3n de la transmisi\u00f3n de administraci\u00f3n. Se observan p\u00e9rdidas similares en la l\u00f3gica de limpieza de la transmisi\u00f3n de administraci\u00f3n. Kmemleak informa este problema de la siguiente manera: objeto sin referencia 0xffffff80b64ed250 (tama\u00f1o 16): comm \"kworker/u16:7\", pid 148, jiffies 4294687130 (edad 714.199s) volcado hexadecimal (primeros 16 bytes): 00 2b d8 d8 80 ff ff ff c4 74 e9 fd 07 00 00 00 .+.......t...... backtrace: [] __kmem_cache_alloc_node+0x1e4/0x2d8 [] kmalloc_trace+0x48/0x110 [] Libere la memoria durante la finalizaci\u00f3n y la limpieza para reparar la p\u00e9rdida. Proteja la operaci\u00f3n mgmt_pending_tx idr_remove() en ath10k_wmi_tlv_op_cleanup_mgmt_tx_send() mediante ar->data_lock de forma similar a otras instancias. Probado en: WCN3990 hw1.0 SNOC WLAN.HL.2.0-01387-QCAHLSWMTPLZ-1" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.19", + "versionEndExcluding": "4.19.323", + "matchCriteriaId": "6B3438F1-9C53-4842-B664-2FD0F4BA34C6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.285", + "matchCriteriaId": "B5A89369-320F-47FC-8695-56F61F87E4C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.229", + "matchCriteriaId": "1A03CABE-9B43-4E7F-951F-10DEEADAA426" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.171", + "matchCriteriaId": "2BE18665-48ED-417A-90AA-41F3AC0B4E9A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.116", + "matchCriteriaId": "43EFDC15-E4D4-4F1E-B70D-62F0854BFDF3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.60", + "matchCriteriaId": "75088E5E-2400-4D20-915F-7A65C55D9CCD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.7", + "matchCriteriaId": "E96F53A4-5E87-4A70-BD9A-BC327828D57F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*", + "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*", + "matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/2f6f1e26ac6d2b38e2198a71f81f0ade14d6b07b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4112450da7d67b59ccedc2208bae622db17dbcb8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5f5a939759c79e7385946c85e62feca51a18d816", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6cc23898e6ba47e976050d3c080b4d2c1add3748", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6fc9af3df6ca7f3c94774d20f62dc7b49616026d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/705be2dc45c7f852e211e16bc41a916fab741983", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e15d84b3bba187aa372dff7c58ce1fd5cb48a076", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/eff818238bedb9c2484c251ec46f9f160911cdc0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-502xx/CVE-2024-50237.json b/CVE-2024/CVE-2024-502xx/CVE-2024-50237.json index aa5d0061de8..6c59ec33e1a 100644 --- a/CVE-2024/CVE-2024-502xx/CVE-2024-50237.json +++ b/CVE-2024/CVE-2024-502xx/CVE-2024-50237.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50237", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-11-09T11:15:09.530", - "lastModified": "2024-11-12T13:56:24.513", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-14T16:42:26.457", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,184 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: mac80211: no pasar un vif detenido al controlador en .get_txpower Evitar posibles fallos en el controlador debido a datos privados no inicializados" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-908" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.19", + "versionEndExcluding": "4.19.323", + "matchCriteriaId": "3EE60519-09E3-40C8-A98A-558586AD240E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.285", + "matchCriteriaId": "B5A89369-320F-47FC-8695-56F61F87E4C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.229", + "matchCriteriaId": "1A03CABE-9B43-4E7F-951F-10DEEADAA426" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.171", + "matchCriteriaId": "2BE18665-48ED-417A-90AA-41F3AC0B4E9A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.116", + "matchCriteriaId": "43EFDC15-E4D4-4F1E-B70D-62F0854BFDF3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.60", + "matchCriteriaId": "75088E5E-2400-4D20-915F-7A65C55D9CCD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.7", + "matchCriteriaId": "E96F53A4-5E87-4A70-BD9A-BC327828D57F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*", + "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*", + "matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/393b6bc174b0dd21bb2a36c13b36e62fc3474a23", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3ccf525a73d48e814634847f6d4a6150c6f0dffc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/78b698fbf37208ee921ee4cedea75b5d33d6ea9f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8f6cd4d5bb7406656835a90e4f1a2192607f0c21", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b0b862aa3dbcd16b3c4715259a825f48ca540088", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b2bcbe5450b20641f512d6b26c6b256a5a4f847f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c21efba8b5a86537ccdf43f77536bad02f82776c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ee35c423042c9e04079fdee3db545135d609d6ea", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-502xx/CVE-2024-50238.json b/CVE-2024/CVE-2024-502xx/CVE-2024-50238.json index 7936df88d9a..76fde1bb147 100644 --- a/CVE-2024/CVE-2024-502xx/CVE-2024-50238.json +++ b/CVE-2024/CVE-2024-502xx/CVE-2024-50238.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50238", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-11-09T11:15:09.613", - "lastModified": "2024-11-12T13:56:24.513", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-14T16:58:55.087", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,107 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: phy: qcom: qmp-usbc: fix NULL-deref on runtime suspend Commit 413db06c05e7 (\"phy: qcom-qmp-usb: clean up probe initialisation\") elimin\u00f3 la mayor\u00eda de los usuarios de los datos del controlador de dispositivo de la plataforma del controlador qcom-qmp-usb, pero tambi\u00e9n elimin\u00f3 por error la inicializaci\u00f3n a pesar de que los datos a\u00fan se usaban en las devoluciones de llamadas de PM en tiempo de ejecuci\u00f3n. Este error se reprodujo m\u00e1s tarde cuando se copi\u00f3 el controlador para crear el controlador qmp-usbc. Restaure la inicializaci\u00f3n de los datos del controlador en la sonda para evitar una desreferencia de puntero NULL en la suspensi\u00f3n en tiempo de ejecuci\u00f3n. Aparentemente, nadie usa PM en tiempo de ejecuci\u00f3n, que actualmente debe habilitarse manualmente a trav\u00e9s de sysfs, con estos controladores." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8.2", + "versionEndExcluding": "6.9", + "matchCriteriaId": "E9076253-5796-4E04-9AB4-42087B5524F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.9", + "versionEndExcluding": "6.11.7", + "matchCriteriaId": "93C3A2E5-CBDE-4F88-87FD-E3DA03E7DC9A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*", + "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*", + "matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/34c21f94fa1e147a19b54b6adf0c93a623b70dd8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c7086dc0539b1b2b61c8c735186698bca4858246", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-502xx/CVE-2024-50239.json b/CVE-2024/CVE-2024-502xx/CVE-2024-50239.json index a3571654dec..09683f99d5d 100644 --- a/CVE-2024/CVE-2024-502xx/CVE-2024-50239.json +++ b/CVE-2024/CVE-2024-502xx/CVE-2024-50239.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50239", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-11-09T11:15:09.680", - "lastModified": "2024-11-12T13:56:24.513", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-14T16:59:29.413", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,114 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: phy: qcom: qmp-usb-legacy: fix NULL-deref on runtime suspend Commit 413db06c05e7 (\"phy: qcom-qmp-usb: clean up probe initialisation\") elimin\u00f3 la mayor\u00eda de los usuarios de los datos del controlador de dispositivo de la plataforma del controlador qcom-qmp-usb, pero tambi\u00e9n elimin\u00f3 por error la inicializaci\u00f3n a pesar de que los datos a\u00fan se usaban en las devoluciones de llamadas de PM en tiempo de ejecuci\u00f3n. Este error se reprodujo m\u00e1s tarde cuando se copi\u00f3 el controlador para crear el controlador qmp-usb-legacy. Restaure la inicializaci\u00f3n de los datos del controlador en la sonda para evitar una desreferencia de puntero NULL en la suspensi\u00f3n en tiempo de ejecuci\u00f3n. Aparentemente, nadie usa PM en tiempo de ejecuci\u00f3n, que actualmente debe habilitarse manualmente a trav\u00e9s de sysfs, con estos controladores." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6", + "versionEndExcluding": "6.6.60", + "matchCriteriaId": "D65DC921-1258-459B-AC56-13B03E48CA9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.7", + "matchCriteriaId": "E96F53A4-5E87-4A70-BD9A-BC327828D57F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*", + "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*", + "matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/29240130ab77c80bea1464317ae2a5fd29c16a0c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7e8066811a2c43fbb5f53c2c26d389e4bab9da34", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b1cffd00daa9cf499b49a0da698eff5032914f6e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-502xx/CVE-2024-50240.json b/CVE-2024/CVE-2024-502xx/CVE-2024-50240.json index 07750c222fc..49c16b40319 100644 --- a/CVE-2024/CVE-2024-502xx/CVE-2024-50240.json +++ b/CVE-2024/CVE-2024-502xx/CVE-2024-50240.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50240", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-11-09T11:15:09.753", - "lastModified": "2024-11-12T13:56:24.513", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-14T15:57:23.960", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,114 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: phy: qcom: qmp-usb: fix NULL-deref on runtime suspend Commit 413db06c05e7 (\"phy: qcom-qmp-usb: clean up probe initialisation\") elimin\u00f3 la mayor\u00eda de los usuarios de los datos del controlador del dispositivo de la plataforma, pero tambi\u00e9n elimin\u00f3 por error la inicializaci\u00f3n a pesar de que los datos a\u00fan se utilizan en las devoluciones de llamadas de PM en tiempo de ejecuci\u00f3n. Restaure la inicializaci\u00f3n de los datos del controlador en la sonda para evitar una desreferencia de puntero NULL en la suspensi\u00f3n en tiempo de ejecuci\u00f3n. Aparentemente, nadie usa PM en tiempo de ejecuci\u00f3n, que actualmente debe habilitarse manualmente a trav\u00e9s de sysfs, con este controlador." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.60", + "matchCriteriaId": "75088E5E-2400-4D20-915F-7A65C55D9CCD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.7", + "matchCriteriaId": "E96F53A4-5E87-4A70-BD9A-BC327828D57F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*", + "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*", + "matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/370814e9d512ba289612c3780890b80bf2605046", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5ebde521fbb9a813b993d4436329a3ca0eeb6574", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bd9e4d4a3b127686efc60096271b0a44c3100061", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-502xx/CVE-2024-50241.json b/CVE-2024/CVE-2024-502xx/CVE-2024-50241.json index 67e657f6195..df52bfc13ba 100644 --- a/CVE-2024/CVE-2024-502xx/CVE-2024-50241.json +++ b/CVE-2024/CVE-2024-502xx/CVE-2024-50241.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50241", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-11-09T11:15:09.823", - "lastModified": "2024-11-12T13:56:24.513", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-14T16:45:31.893", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,102 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: NFSD: inicializar struct nfsd4_copy antes Aseg\u00farese de que los campos refcount y async_copies se inicialicen antes. cleanup_async_copy() har\u00e1 referencia a estos campos si se produce un error en nfsd4_copy(). Si no se inicializan correctamente, como m\u00ednimo, se produce un desbordamiento de refcount." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-908" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.10.14", + "versionEndExcluding": "6.11.7", + "matchCriteriaId": "A3DF55BE-3AB2-4FEF-9C96-158917FB1E4C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*", + "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*", + "matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/63fab04cbd0f96191b6e5beedc3b643b01c15889", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e30a9a2f69c34a00a3cb4fd45c5d231929e66fb1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-502xx/CVE-2024-50242.json b/CVE-2024/CVE-2024-502xx/CVE-2024-50242.json index 41434a7ba4f..4ba669a543a 100644 --- a/CVE-2024/CVE-2024-502xx/CVE-2024-50242.json +++ b/CVE-2024/CVE-2024-502xx/CVE-2024-50242.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50242", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-11-09T11:15:09.920", - "lastModified": "2024-11-12T13:56:24.513", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-14T16:12:21.383", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,98 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fs/ntfs3: Comprobaci\u00f3n adicional en ntfs_file_release" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.6.60", + "matchCriteriaId": "27D07D27-3005-48AD-A03A-D0198125989E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.7", + "matchCriteriaId": "E96F53A4-5E87-4A70-BD9A-BC327828D57F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/031d6f608290c847ba6378322d0986d08d1a645a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/550ef40fa6366d5d11b122e5f36b1f9aa20c087e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/82685eb6ca1db2bd11190451085bcb86ed03aa24", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-502xx/CVE-2024-50263.json b/CVE-2024/CVE-2024-502xx/CVE-2024-50263.json index e912aedd04e..6c58228ec8d 100644 --- a/CVE-2024/CVE-2024-502xx/CVE-2024-50263.json +++ b/CVE-2024/CVE-2024-502xx/CVE-2024-50263.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50263", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-11-11T14:15:15.473", - "lastModified": "2024-11-12T13:55:21.227", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-14T16:23:08.347", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,100 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fork: solo invocar ganchos khugepaged, ksm si no hay error No hay raz\u00f3n para invocar estos ganchos de manera temprana contra un mm que est\u00e1 en un estado incompleto. El cambio en el commit d24062914837 (\"fork: usar __mt_dup() para duplicar el \u00e1rbol de maple en dup_mmap()\") hace que esto sea m\u00e1s pertinente ya que podemos estar en un estado donde las entradas en el \u00e1rbol de maple a\u00fan no son consistentes. Su ubicaci\u00f3n temprana en dup_mmap() solo parece haber sido significativa para la comprobaci\u00f3n temprana de errores, y dado que funcionalmente requerir\u00eda una asignaci\u00f3n muy peque\u00f1a para fallar (en la pr\u00e1ctica 'demasiado peque\u00f1a para fallar') eso solo ocurrir\u00eda en las circunstancias m\u00e1s extremas, lo que significa que la bifurcaci\u00f3n fallar\u00eda o quedar\u00eda OOM en cualquier caso. Dado que tanto el seguimiento de khugepaged como el de KSM est\u00e1n ah\u00ed para proporcionar optimizaciones al rendimiento de la memoria en lugar de una funcionalidad cr\u00edtica, en realidad no importa tanto si, bajo una presi\u00f3n de memoria tan extrema, no logramos registrar un mm con estos. Como resultado, seguimos el ejemplo de el commit d2081b2bf819 (\"mm: khugepaged: make khugepaged_enter() void function\") y tambi\u00e9n hacemos que ksm_fork() sea una funci\u00f3n void. Solo exponemos el mm a estas funciones una vez que terminamos con ellas y solo si no ocurri\u00f3 ning\u00fan error en la operaci\u00f3n de bifurcaci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.11.7", + "matchCriteriaId": "40C0D9F3-9632-46FE-AA28-8CD73B52DEE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*", + "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*", + "matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/3b85aa0da8cd01173b9afd1f70080fbb9576c4b0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/985da552a98e27096444508ce5d853244019111f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-508xx/CVE-2024-50837.json b/CVE-2024/CVE-2024-508xx/CVE-2024-50837.json new file mode 100644 index 00000000000..c2f35a5f3aa --- /dev/null +++ b/CVE-2024/CVE-2024-508xx/CVE-2024-50837.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-50837", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-14T15:15:08.990", + "lastModified": "2024-11-14T15:15:08.990", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A Stored Cross-Site Scripting (XSS) vulnerability was found in /lms/admin/admin_user.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the firstname and username parameters in a POST HTTP request." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/m14r41/Writeups/blob/main/CVE/Kashipara/E-learning%20Management%20System%20project/Stored%20XSS%20-%20admin%20user.pdf", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-508xx/CVE-2024-50838.json b/CVE-2024/CVE-2024-508xx/CVE-2024-50838.json new file mode 100644 index 00000000000..c5dcfff54cb --- /dev/null +++ b/CVE-2024/CVE-2024-508xx/CVE-2024-50838.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-50838", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-14T15:15:09.073", + "lastModified": "2024-11-14T15:15:09.073", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A Stored Cross-Site Scripting (XSS) vulnerability was found in /lms/admin/department.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the d and pi parameters in a POST HTTP request." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/m14r41/Writeups/blob/main/CVE/Kashipara/E-learning%20Management%20System%20project/Stored%20XSS%20-%20Department.pdf", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-50xx/CVE-2024-5082.json b/CVE-2024/CVE-2024-50xx/CVE-2024-5082.json index d0d5c7d78fc..db5c433f392 100644 --- a/CVE-2024/CVE-2024-50xx/CVE-2024-5082.json +++ b/CVE-2024/CVE-2024-50xx/CVE-2024-5082.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5082", "sourceIdentifier": "103e4ec9-0a87-450b-af77-479448ddef11", "published": "2024-11-14T03:15:03.533", - "lastModified": "2024-11-14T03:15:03.533", + "lastModified": "2024-11-14T16:35:15.960", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A Remote Code Execution vulnerability has been discovered in Sonatype Nexus Repository 2.\u00a0\n\nThis issue affects Nexus Repository 2 OSS/Pro versions up to and including 2.15.1." + }, + { + "lang": "es", + "value": "Se ha descubierto una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Sonatype Nexus Repository 2. Este problema afecta a las versiones OSS/Pro de Nexus Repository 2 hasta la 2.15.1 incluida." } ], "metrics": { @@ -55,6 +59,28 @@ "baseSeverity": "HIGH" } } + ], + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } ] }, "weaknesses": [ diff --git a/CVE-2024/CVE-2024-50xx/CVE-2024-5083.json b/CVE-2024/CVE-2024-50xx/CVE-2024-5083.json index 5732c4976ec..52aa3131c56 100644 --- a/CVE-2024/CVE-2024-50xx/CVE-2024-5083.json +++ b/CVE-2024/CVE-2024-50xx/CVE-2024-5083.json @@ -2,13 +2,17 @@ "id": "CVE-2024-5083", "sourceIdentifier": "103e4ec9-0a87-450b-af77-479448ddef11", "published": "2024-11-14T02:15:17.257", - "lastModified": "2024-11-14T02:15:17.257", + "lastModified": "2024-11-14T16:35:16.267", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A stored\u00a0Cross-site Scripting vulnerability has been discovered in Sonatype Nexus Repository 2\n\nThis issue affects Nexus Repository 2 OSS/Pro versions up to and including 2.15.1." + }, + { + "lang": "es", + "value": "Se ha descubierto una vulnerabilidad de Cross-Site Scripting almacenado en Sonatype Nexus Repository 2. Este problema afecta a las versiones OSS/Pro de Nexus Repository 2 hasta la 2.15.1 incluida." } ], "metrics": { @@ -55,6 +59,28 @@ "baseSeverity": "MEDIUM" } } + ], + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 2.5 + } ] }, "weaknesses": [ diff --git a/CVE-2024/CVE-2024-514xx/CVE-2024-51489.json b/CVE-2024/CVE-2024-514xx/CVE-2024-51489.json index bf97db40fe1..9e237a7a585 100644 --- a/CVE-2024/CVE-2024-514xx/CVE-2024-51489.json +++ b/CVE-2024/CVE-2024-514xx/CVE-2024-51489.json @@ -2,8 +2,8 @@ "id": "CVE-2024-51489", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-11T20:15:18.877", - "lastModified": "2024-11-12T13:55:21.227", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-14T15:46:50.553", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -59,6 +59,28 @@ "baseSeverity": "MEDIUM" } } + ], + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } ] }, "weaknesses": [ @@ -73,10 +95,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.0.1", + "matchCriteriaId": "7DC140BB-7D16-4B97-A24E-7D0E9D83C57F" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ampache/ampache/security/advisories/GHSA-4q69-983r-mwwr", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-514xx/CVE-2024-51490.json b/CVE-2024/CVE-2024-514xx/CVE-2024-51490.json index b9aff8180f6..9bf34d79170 100644 --- a/CVE-2024/CVE-2024-514xx/CVE-2024-51490.json +++ b/CVE-2024/CVE-2024-514xx/CVE-2024-51490.json @@ -2,8 +2,8 @@ "id": "CVE-2024-51490", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-11T20:15:18.987", - "lastModified": "2024-11-12T13:55:21.227", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-14T15:30:15.643", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -51,10 +71,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.0.1", + "matchCriteriaId": "7DC140BB-7D16-4B97-A24E-7D0E9D83C57F" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ampache/ampache/security/advisories/GHSA-x979-f6px-7j2w", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-520xx/CVE-2024-52032.json b/CVE-2024/CVE-2024-520xx/CVE-2024-52032.json index 2e1cdaa08dd..aa4ae4903c6 100644 --- a/CVE-2024/CVE-2024-520xx/CVE-2024-52032.json +++ b/CVE-2024/CVE-2024-520xx/CVE-2024-52032.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52032", "sourceIdentifier": "responsibledisclosure@mattermost.com", "published": "2024-11-09T18:15:15.203", - "lastModified": "2024-11-12T13:56:24.513", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-14T16:47:21.583", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -51,10 +81,57 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.11.0", + "versionEndExcluding": "9.11.3", + "matchCriteriaId": "8E0D68CA-544B-4031-AEAA-D6DD19F0424D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:10.0.0:-:*:*:*:*:*:*", + "matchCriteriaId": "D08969BB-2AE8-4583-8205-F39C44039955" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:10.0.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "07AF48D9-3CA9-4D3F-9F2E-975858205BA3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:10.0.0:rc2:*:*:*:*:*:*", + "matchCriteriaId": "23737B5A-A878-46FA-9261-CF87246DF759" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:10.0.0:rc3:*:*:*:*:*:*", + "matchCriteriaId": "CF95680E-B893-42E4-A639-D9753E1C85E0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:10.0.0:rc4:*:*:*:*:*:*", + "matchCriteriaId": "594BC592-4333-4BC4-8868-091001AB5E36" + } + ] + } + ] + } + ], "references": [ { "url": "https://mattermost.com/security-updates", - "source": "responsibledisclosure@mattermost.com" + "source": "responsibledisclosure@mattermost.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-523xx/CVE-2024-52302.json b/CVE-2024/CVE-2024-523xx/CVE-2024-52302.json new file mode 100644 index 00000000000..153eb796390 --- /dev/null +++ b/CVE-2024/CVE-2024-523xx/CVE-2024-52302.json @@ -0,0 +1,82 @@ +{ + "id": "CVE-2024-52302", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-14T16:15:20.087", + "lastModified": "2024-11-14T16:15:20.087", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "common-user-management is a robust Spring Boot application featuring user management services designed to control user access dynamically. There is a critical security vulnerability in the application endpoint /api/v1/customer/profile-picture. This endpoint allows file uploads without proper validation or restrictions, enabling attackers to upload malicious files that can lead to Remote Code Execution (RCE)." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.7, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/OsamaTaher/Java-springboot-codebase/commit/204402bb8b68030c14911379ddc82cfff00b8538", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/OsamaTaher/Java-springboot-codebase/security/advisories/GHSA-rhcq-44g3-5xcx", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52505.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52505.json new file mode 100644 index 00000000000..e1f00b39cc8 --- /dev/null +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52505.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-52505", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-14T16:15:20.220", + "lastModified": "2024-11-14T16:15:20.220", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "matrix-appservice-irc is a Node.js IRC bridge for the Matrix messaging protocol. The provisioning API of the matrix-appservice-irc bridge up to version 3.0.2 contains a vulnerability which can lead to arbitrary IRC command execution as the bridge IRC bot. The vulnerability has been patched in matrix-appservice-irc version 3.0.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-147" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/matrix-org/matrix-appservice-irc/commit/4a024eae1a992b1ea67e71a998e0b833b54221e2", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/matrix-org/matrix-appservice-irc/security/advisories/GHSA-c3hj-hg7p-rrq5", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52551.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52551.json index 00ffdff66ad..c13133cf758 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52551.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52551.json @@ -2,16 +2,55 @@ "id": "CVE-2024-52551", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2024-11-13T21:15:29.350", - "lastModified": "2024-11-13T21:15:29.350", + "lastModified": "2024-11-14T15:35:10.030", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Jenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 and earlier does not check whether the main (Jenkinsfile) script used to restart a build from a specific stage is approved, allowing attackers with Item/Build permission to restart a previous build whose (Jenkinsfile) script is no longer approved." + }, + { + "lang": "es", + "value": "Jenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 y anteriores no verifica si el script principal (Jenkinsfile) utilizado para reiniciar una compilaci\u00f3n desde una etapa espec\u00edfica est\u00e1 aprobado, lo que permite a los atacantes con permiso de Elemento/Compilaci\u00f3n reiniciar una compilaci\u00f3n anterior cuyo script (Jenkinsfile) ya no est\u00e1 aprobado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3361", diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52552.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52552.json index 0366d463b97..9072a227e5d 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52552.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52552.json @@ -2,16 +2,55 @@ "id": "CVE-2024-52552", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2024-11-13T21:15:29.410", - "lastModified": "2024-11-13T21:15:29.410", + "lastModified": "2024-11-14T15:35:10.847", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Jenkins Authorize Project Plugin 1.7.2 and earlier evaluates a string containing the job name with JavaScript on the Authorization view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission." + }, + { + "lang": "es", + "value": "El complemento Jenkins Authorize Project Plugin 1.7.2 y versiones anteriores eval\u00faa una cadena que contiene el nombre del trabajo con JavaScript en la vista Autorizaci\u00f3n, lo que genera una vulnerabilidad de cross-site scripting (XSS) almacenado que pueden explotar atacantes con permiso Elemento/Configurar." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3010", diff --git a/CVE-2024/CVE-2024-71xx/CVE-2024-7124.json b/CVE-2024/CVE-2024-71xx/CVE-2024-7124.json new file mode 100644 index 00000000000..2f89a7cdfd4 --- /dev/null +++ b/CVE-2024/CVE-2024-71xx/CVE-2024-7124.json @@ -0,0 +1,86 @@ +{ + "id": "CVE-2024-7124", + "sourceIdentifier": "cvd@cert.pl", + "published": "2024-11-14T15:15:09.177", + "lastModified": "2024-11-14T15:15:09.177", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation vulnerability in DInGO dLibra software\u00a0in the parameter 'filter' in the endpoint 'indexsearch' allows a Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects DInGO dLibra software in versions from 6.0 before 6.3.20." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cvd@cert.pl", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:X/U:Green", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "LOW", + "subsequentSystemIntegrity": "LOW", + "subsequentSystemAvailability": "LOW", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "YES", + "recovery": "AUTOMATIC", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "GREEN", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "cvd@cert.pl", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://cert.pl/en/posts/2024/11/CVE-2024-7124/", + "source": "cvd@cert.pl" + }, + { + "url": "https://cert.pl/posts/2024/11/CVE-2024-7124/", + "source": "cvd@cert.pl" + }, + { + "url": "https://dingo.psnc.pl/dlibra/", + "source": "cvd@cert.pl" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-80xx/CVE-2024-8068.json b/CVE-2024/CVE-2024-80xx/CVE-2024-8068.json index cc0284b7a20..0d0298191b0 100644 --- a/CVE-2024/CVE-2024-80xx/CVE-2024-8068.json +++ b/CVE-2024/CVE-2024-80xx/CVE-2024-8068.json @@ -2,7 +2,7 @@ "id": "CVE-2024-8068", "sourceIdentifier": "secure@citrix.com", "published": "2024-11-12T18:15:47.450", - "lastModified": "2024-11-13T17:01:16.850", + "lastModified": "2024-11-14T16:35:16.750", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -59,6 +59,28 @@ "baseSeverity": "MEDIUM" } } + ], + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 0.0, + "baseSeverity": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 0.0 + } ] }, "weaknesses": [ diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9476.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9476.json index 6f2e9b09009..f584e3e3402 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9476.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9476.json @@ -2,13 +2,17 @@ "id": "CVE-2024-9476", "sourceIdentifier": "security@grafana.com", "published": "2024-11-13T17:15:12.747", - "lastModified": "2024-11-13T17:15:12.747", + "lastModified": "2024-11-14T16:35:17.013", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana instance." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en Grafana Labs Grafana OSS y Enterprise permite que la escalada de privilegios permita a los usuarios obtener acceso a recursos de otras organizaciones dentro de la misma instancia de Grafana a trav\u00e9s del Asistente de migraci\u00f3n a la nube de Grafana. Esta vulnerabilidad solo afectar\u00e1 a los usuarios que utilicen la funci\u00f3n Organizaciones para aislar recursos en su instancia de Grafana." } ], "metrics": { @@ -55,6 +59,28 @@ "baseSeverity": "MEDIUM" } } + ], + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 0.0, + "baseSeverity": "NONE" + }, + "exploitabilityScore": 0.6, + "impactScore": 0.0 + } ] }, "weaknesses": [ diff --git a/README.md b/README.md index e1c5dd8d291..1f80fad6a9c 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-11-14T15:01:19.827329+00:00 +2024-11-14T17:00:48.589181+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-11-14T14:58:09.900000+00:00 +2024-11-14T16:59:29.413000+00:00 ``` ### Last Data Feed Release @@ -33,61 +33,58 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -269697 +269711 ``` ### CVEs added in the last Commit -Recently added CVEs: `17` +Recently added CVEs: `14` -- [CVE-2024-10962](CVE-2024/CVE-2024-109xx/CVE-2024-10962.json) (`2024-11-14T14:15:17.533`) -- [CVE-2024-10976](CVE-2024/CVE-2024-109xx/CVE-2024-10976.json) (`2024-11-14T13:15:03.793`) -- [CVE-2024-10977](CVE-2024/CVE-2024-109xx/CVE-2024-10977.json) (`2024-11-14T13:15:04.023`) -- [CVE-2024-10978](CVE-2024/CVE-2024-109xx/CVE-2024-10978.json) (`2024-11-14T13:15:04.217`) -- [CVE-2024-10979](CVE-2024/CVE-2024-109xx/CVE-2024-10979.json) (`2024-11-14T13:15:04.407`) -- [CVE-2024-11207](CVE-2024/CVE-2024-112xx/CVE-2024-11207.json) (`2024-11-14T13:15:04.603`) -- [CVE-2024-11208](CVE-2024/CVE-2024-112xx/CVE-2024-11208.json) (`2024-11-14T14:15:17.787`) -- [CVE-2024-11209](CVE-2024/CVE-2024-112xx/CVE-2024-11209.json) (`2024-11-14T14:15:18.090`) -- [CVE-2024-11215](CVE-2024/CVE-2024-112xx/CVE-2024-11215.json) (`2024-11-14T14:15:18.367`) -- [CVE-2024-50839](CVE-2024/CVE-2024-508xx/CVE-2024-50839.json) (`2024-11-14T14:15:18.670`) -- [CVE-2024-50840](CVE-2024/CVE-2024-508xx/CVE-2024-50840.json) (`2024-11-14T14:15:18.793`) -- [CVE-2024-50841](CVE-2024/CVE-2024-508xx/CVE-2024-50841.json) (`2024-11-14T14:15:18.880`) -- [CVE-2024-50842](CVE-2024/CVE-2024-508xx/CVE-2024-50842.json) (`2024-11-14T14:15:18.967`) -- [CVE-2024-50843](CVE-2024/CVE-2024-508xx/CVE-2024-50843.json) (`2024-11-14T14:15:19.050`) -- [CVE-2024-7404](CVE-2024/CVE-2024-74xx/CVE-2024-7404.json) (`2024-11-14T13:15:05.050`) -- [CVE-2024-8648](CVE-2024/CVE-2024-86xx/CVE-2024-8648.json) (`2024-11-14T13:15:05.323`) -- [CVE-2024-9633](CVE-2024/CVE-2024-96xx/CVE-2024-9633.json) (`2024-11-14T14:15:19.660`) +- [CVE-2022-2232](CVE-2022/CVE-2022-22xx/CVE-2022-2232.json) (`2024-11-14T15:15:06.527`) +- [CVE-2024-10921](CVE-2024/CVE-2024-109xx/CVE-2024-10921.json) (`2024-11-14T16:15:18.030`) +- [CVE-2024-11136](CVE-2024/CVE-2024-111xx/CVE-2024-11136.json) (`2024-11-14T16:15:18.273`) +- [CVE-2024-11210](CVE-2024/CVE-2024-112xx/CVE-2024-11210.json) (`2024-11-14T15:15:07.800`) +- [CVE-2024-11211](CVE-2024/CVE-2024-112xx/CVE-2024-11211.json) (`2024-11-14T15:15:08.077`) +- [CVE-2024-11212](CVE-2024/CVE-2024-112xx/CVE-2024-11212.json) (`2024-11-14T15:15:08.360`) +- [CVE-2024-11213](CVE-2024/CVE-2024-112xx/CVE-2024-11213.json) (`2024-11-14T16:15:18.450`) +- [CVE-2024-11214](CVE-2024/CVE-2024-112xx/CVE-2024-11214.json) (`2024-11-14T16:15:18.707`) +- [CVE-2024-42188](CVE-2024/CVE-2024-421xx/CVE-2024-42188.json) (`2024-11-14T16:15:19.283`) +- [CVE-2024-50837](CVE-2024/CVE-2024-508xx/CVE-2024-50837.json) (`2024-11-14T15:15:08.990`) +- [CVE-2024-50838](CVE-2024/CVE-2024-508xx/CVE-2024-50838.json) (`2024-11-14T15:15:09.073`) +- [CVE-2024-52302](CVE-2024/CVE-2024-523xx/CVE-2024-52302.json) (`2024-11-14T16:15:20.087`) +- [CVE-2024-52505](CVE-2024/CVE-2024-525xx/CVE-2024-52505.json) (`2024-11-14T16:15:20.220`) +- [CVE-2024-7124](CVE-2024/CVE-2024-71xx/CVE-2024-7124.json) (`2024-11-14T15:15:09.177`) ### CVEs modified in the last Commit -Recently modified CVEs: `32` +Recently modified CVEs: `52` -- [CVE-2024-47449](CVE-2024/CVE-2024-474xx/CVE-2024-47449.json) (`2024-11-14T14:32:55.163`) -- [CVE-2024-47450](CVE-2024/CVE-2024-474xx/CVE-2024-47450.json) (`2024-11-14T14:26:45.873`) -- [CVE-2024-47451](CVE-2024/CVE-2024-474xx/CVE-2024-47451.json) (`2024-11-14T14:26:38.793`) -- [CVE-2024-47452](CVE-2024/CVE-2024-474xx/CVE-2024-47452.json) (`2024-11-14T14:26:59.757`) -- [CVE-2024-47453](CVE-2024/CVE-2024-474xx/CVE-2024-47453.json) (`2024-11-14T14:26:20.090`) -- [CVE-2024-47454](CVE-2024/CVE-2024-474xx/CVE-2024-47454.json) (`2024-11-14T14:26:11.110`) -- [CVE-2024-47455](CVE-2024/CVE-2024-474xx/CVE-2024-47455.json) (`2024-11-14T14:26:01.207`) -- [CVE-2024-47456](CVE-2024/CVE-2024-474xx/CVE-2024-47456.json) (`2024-11-14T14:25:45.813`) -- [CVE-2024-47457](CVE-2024/CVE-2024-474xx/CVE-2024-47457.json) (`2024-11-14T14:25:06.137`) -- [CVE-2024-47458](CVE-2024/CVE-2024-474xx/CVE-2024-47458.json) (`2024-11-14T14:24:53.283`) -- [CVE-2024-49393](CVE-2024/CVE-2024-493xx/CVE-2024-49393.json) (`2024-11-14T14:31:17.470`) -- [CVE-2024-49394](CVE-2024/CVE-2024-493xx/CVE-2024-49394.json) (`2024-11-14T13:38:04.143`) -- [CVE-2024-49395](CVE-2024/CVE-2024-493xx/CVE-2024-49395.json) (`2024-11-14T13:33:35.787`) -- [CVE-2024-50852](CVE-2024/CVE-2024-508xx/CVE-2024-50852.json) (`2024-11-14T14:38:04.837`) -- [CVE-2024-50853](CVE-2024/CVE-2024-508xx/CVE-2024-50853.json) (`2024-11-14T14:49:16.290`) -- [CVE-2024-50854](CVE-2024/CVE-2024-508xx/CVE-2024-50854.json) (`2024-11-14T14:43:25.770`) -- [CVE-2024-50969](CVE-2024/CVE-2024-509xx/CVE-2024-50969.json) (`2024-11-14T14:47:53.487`) -- [CVE-2024-50970](CVE-2024/CVE-2024-509xx/CVE-2024-50970.json) (`2024-11-14T14:52:08.097`) -- [CVE-2024-50971](CVE-2024/CVE-2024-509xx/CVE-2024-50971.json) (`2024-11-14T14:54:33.787`) -- [CVE-2024-50972](CVE-2024/CVE-2024-509xx/CVE-2024-50972.json) (`2024-11-14T14:55:08.567`) -- [CVE-2024-7010](CVE-2024/CVE-2024-70xx/CVE-2024-7010.json) (`2024-11-14T14:15:19.160`) -- [CVE-2024-7474](CVE-2024/CVE-2024-74xx/CVE-2024-7474.json) (`2024-11-14T14:15:19.373`) -- [CVE-2024-7807](CVE-2024/CVE-2024-78xx/CVE-2024-7807.json) (`2024-11-14T14:15:19.500`) -- [CVE-2024-8881](CVE-2024/CVE-2024-88xx/CVE-2024-8881.json) (`2024-11-14T13:51:11.257`) -- [CVE-2024-8882](CVE-2024/CVE-2024-88xx/CVE-2024-8882.json) (`2024-11-14T13:42:12.347`) +- [CVE-2024-47594](CVE-2024/CVE-2024-475xx/CVE-2024-47594.json) (`2024-11-14T16:12:13.877`) +- [CVE-2024-47595](CVE-2024/CVE-2024-475xx/CVE-2024-47595.json) (`2024-11-14T15:21:32.080`) +- [CVE-2024-48510](CVE-2024/CVE-2024-485xx/CVE-2024-48510.json) (`2024-11-14T15:04:49.847`) +- [CVE-2024-49039](CVE-2024/CVE-2024-490xx/CVE-2024-49039.json) (`2024-11-14T15:20:51.670`) +- [CVE-2024-49379](CVE-2024/CVE-2024-493xx/CVE-2024-49379.json) (`2024-11-14T16:35:15.103`) +- [CVE-2024-49505](CVE-2024/CVE-2024-495xx/CVE-2024-49505.json) (`2024-11-14T15:13:09.100`) +- [CVE-2024-50036](CVE-2024/CVE-2024-500xx/CVE-2024-50036.json) (`2024-11-14T16:15:19.890`) +- [CVE-2024-50126](CVE-2024/CVE-2024-501xx/CVE-2024-50126.json) (`2024-11-14T16:15:19.990`) +- [CVE-2024-50236](CVE-2024/CVE-2024-502xx/CVE-2024-50236.json) (`2024-11-14T16:29:11.667`) +- [CVE-2024-50237](CVE-2024/CVE-2024-502xx/CVE-2024-50237.json) (`2024-11-14T16:42:26.457`) +- [CVE-2024-50238](CVE-2024/CVE-2024-502xx/CVE-2024-50238.json) (`2024-11-14T16:58:55.087`) +- [CVE-2024-50239](CVE-2024/CVE-2024-502xx/CVE-2024-50239.json) (`2024-11-14T16:59:29.413`) +- [CVE-2024-50240](CVE-2024/CVE-2024-502xx/CVE-2024-50240.json) (`2024-11-14T15:57:23.960`) +- [CVE-2024-50241](CVE-2024/CVE-2024-502xx/CVE-2024-50241.json) (`2024-11-14T16:45:31.893`) +- [CVE-2024-50242](CVE-2024/CVE-2024-502xx/CVE-2024-50242.json) (`2024-11-14T16:12:21.383`) +- [CVE-2024-50263](CVE-2024/CVE-2024-502xx/CVE-2024-50263.json) (`2024-11-14T16:23:08.347`) +- [CVE-2024-5082](CVE-2024/CVE-2024-50xx/CVE-2024-5082.json) (`2024-11-14T16:35:15.960`) +- [CVE-2024-5083](CVE-2024/CVE-2024-50xx/CVE-2024-5083.json) (`2024-11-14T16:35:16.267`) +- [CVE-2024-51489](CVE-2024/CVE-2024-514xx/CVE-2024-51489.json) (`2024-11-14T15:46:50.553`) +- [CVE-2024-51490](CVE-2024/CVE-2024-514xx/CVE-2024-51490.json) (`2024-11-14T15:30:15.643`) +- [CVE-2024-52032](CVE-2024/CVE-2024-520xx/CVE-2024-52032.json) (`2024-11-14T16:47:21.583`) +- [CVE-2024-52551](CVE-2024/CVE-2024-525xx/CVE-2024-52551.json) (`2024-11-14T15:35:10.030`) +- [CVE-2024-52552](CVE-2024/CVE-2024-525xx/CVE-2024-52552.json) (`2024-11-14T15:35:10.847`) +- [CVE-2024-8068](CVE-2024/CVE-2024-80xx/CVE-2024-8068.json) (`2024-11-14T16:35:16.750`) +- [CVE-2024-9476](CVE-2024/CVE-2024-94xx/CVE-2024-9476.json) (`2024-11-14T16:35:17.013`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 2ad33fb060e..01860c1a4be 100644 --- a/_state.csv +++ b/_state.csv @@ -182992,7 +182992,7 @@ CVE-2021-41273,0,0,22e981aee79a348369e6e5b3f2497890c0a09379e3ccaa557c238e411f479 CVE-2021-41274,0,0,4801618226ef6fbd844f77722a17f1e42970ce0c91d00a645240ebe68d63b64c,2021-11-24T04:48:51.327000 CVE-2021-41275,0,0,72eb6df0fbcd7b4b48e3b6b2df9cb79483c7c6eff6a80d8a317843eef2fb750e,2023-11-07T03:38:54.657000 CVE-2021-41276,0,0,43f81f5c7bb44a3c557f7a7bb580e9098875eaf18fdc9e9065580d13a87b3821,2022-08-09T13:23:00.167000 -CVE-2021-41277,0,0,8f85c16165f421bbe8959738969c7a5285b426f29a3cc665f32f93e9337df41e,2024-11-13T15:35:02.370000 +CVE-2021-41277,0,1,0fb6f3310d30c1cb76062a0e59183dd0a7a570662640c7409abc0d4a952b38b3,2024-11-14T15:26:17.450000 CVE-2021-41278,0,0,289b80fe51b1c67efe7b1583a091c1f915296c53ddca752bce8dbe149f38e5f0,2021-11-23T01:47:31.917000 CVE-2021-41279,0,0,1f37e7cb41cf65453652600ba5a1a3695ff0082e2d6673cbad05397db69478b0,2021-11-30T17:05:29.827000 CVE-2021-4128,0,0,f5d2c0e7f9c9c0649cd1484b0b14d626395ccd5d19597f1376cbec60506c7e74,2023-01-03T20:07:34.583000 @@ -191713,6 +191713,7 @@ CVE-2022-22316,0,0,68d428ce839b198d4fbca5fc56697c13b0333daf7d04f7ea4a4d7eedfef52 CVE-2022-22317,0,0,46e39f81c954851405d08a7503df6e1365bc23d5623a26f584840a5bb4df9249,2022-06-28T12:23:56.023000 CVE-2022-22318,0,0,8cf7c44a294363867fb36c46abe6bef4d5890a368969107e59ae542d7adc0d7b,2022-06-28T12:22:25.073000 CVE-2022-22319,0,0,73f199cb6097c35bccc1601c95a7d4fe0c341871a75277b1cee33346ff16ee7f,2023-08-08T14:22:24.967000 +CVE-2022-2232,1,1,9354a833a2a78013502e3e8cc69f67572784e16d93674f00c1d07fca96d0910a,2024-11-14T15:15:06.527000 CVE-2022-22320,0,0,d92eba3df93dbb64fe03338baeafdb26b68d25c17a5ee76ae1b40c4769623318,2022-05-19T18:14:30.350000 CVE-2022-22321,0,0,df92e805cdeb1a2d3302178f9c053a0b9b5034408cbfd90722f5c7c323fd9212,2023-08-08T14:22:24.967000 CVE-2022-22322,0,0,2e071a7d1fc94ba4d6a9ab644c15e9e9b1c9bfae24980238701c7fc913dbb02e,2022-05-06T18:16:28.067000 @@ -235735,7 +235736,7 @@ CVE-2023-47418,0,0,ad33a3e3d6872633050e1bad319e2eff8e0973851b9ef103409fc1a559503 CVE-2023-4742,0,0,edffb04df3c669a2459c21c0c7e09c63cb605b05f201a664cc448ca754c6b063,2024-05-17T02:31:45.737000 CVE-2023-47422,0,0,70327bfdce59bab092b8459c4327bebb291c0c188c3aa8f624d50a563024ad36,2024-08-26T16:35:01.260000 CVE-2023-4743,0,0,3698c014372dfe618ca46b86c7eab5e3af317451b81ed27364a099fd09a5326d,2024-05-17T02:31:45.843000 -CVE-2023-47430,0,0,0eb88af1bf0d41a1567849a2792d74c2521f6c38a37e9b97d80b8e9a2c6bdef7,2024-03-26T12:55:05.010000 +CVE-2023-47430,0,1,c60ecbca8129007d055d70119546caf47f8da79039a4afa0bac1886156848712,2024-11-14T16:35:03.027000 CVE-2023-47435,0,0,503cd7afba24087d7278aebbcd258808073035bf713012b8eb8fdd772acdfb43,2024-07-03T01:42:12.810000 CVE-2023-47437,0,0,24c825159367eeae28a851cac576bff9e3bc6ffb31f1e4b0c160565333724bf8,2023-12-01T19:48:29.537000 CVE-2023-47438,0,0,bd6e997b76e06cf5d66d087c6ef199e0dba87173eb0980a5cd9810419bc135ca,2024-09-04T17:35:02.373000 @@ -242586,7 +242587,7 @@ CVE-2024-10250,0,0,8accb693817c35c7e4f9fa710076ead819720d8653e5052fbeeec31b3a5b4 CVE-2024-1026,0,0,e127bb5d00442b36eed0e6ff6513a3a42c45706876a3a5f2167365447fb898e7,2024-05-17T02:35:11.320000 CVE-2024-10261,0,0,c0bacd51f8c13c6f93273b74702fb7ce7659bc324c7b90c6cfb500b131b8dd02,2024-11-12T13:56:24.513000 CVE-2024-10263,0,0,d8274159492686a2b3c754959bfc4509f9c9201a502006a3dee5515647626798,2024-11-08T15:59:41.633000 -CVE-2024-10265,0,0,ad4b5b30e90a17d26886c85885da0a35f71b763cdca55a0b0e1529b2cdb299ef,2024-11-12T13:55:21.227000 +CVE-2024-10265,0,1,f3110d4f544093035d0a9b2f7bbeb2aefd9a822ae90a8974b8e692b012c9f1eb,2024-11-14T15:17:47.947000 CVE-2024-10266,0,0,c93db2a67de792a64ad3b8f3ae10accf6f21ac600e94cc18aca994ed95268502,2024-10-29T14:34:04.427000 CVE-2024-10269,0,0,bfeaf8d939f903a9745c05ccdf0b7972355de998c5dbb79eabed8a663d484515,2024-11-13T17:59:27.717000 CVE-2024-1027,0,0,7cdd04f65f65ce162dee4b0e860b968e4c1a6b7f21d53e978519c8259363a858,2024-05-17T02:35:11.427000 @@ -242773,7 +242774,7 @@ CVE-2024-1053,0,0,3d9e5b8218feb39348551f4e96f20fbacd04f2b39830165bb00a553a3d3c5c CVE-2024-10530,0,0,44b1f61a9c6f6aa30b3b0d0f98cecd2a1b5d01908b2709a3a311951be1b1552b,2024-11-13T17:01:16.850000 CVE-2024-10531,0,0,5f58651087e63c6b2a12c6f7bdf9268a38a5c1f35ee89b5b7476b1d8409f73e4,2024-11-13T17:01:16.850000 CVE-2024-10535,0,0,14a566633b856f0bcfd07185d246772590c919ba8cb5a244786d38adaffa8830,2024-11-08T21:19:27.540000 -CVE-2024-10538,0,1,4258e87072a64a27fee35a0841a3c5095b5fad35eea820564ce6eaffa01f0137,2024-11-14T13:27:00.400000 +CVE-2024-10538,0,0,4258e87072a64a27fee35a0841a3c5095b5fad35eea820564ce6eaffa01f0137,2024-11-14T13:27:00.400000 CVE-2024-1054,0,0,f8e7e53b5707aaecdfe1ea6fba53413ba04bed5cdf673762252b510775f984b1,2024-02-29T13:49:29.390000 CVE-2024-10540,0,0,d72994b8ce256d6087bbd8c05a3cb9446a5f50c733a3ad70b615c2d8dd4c3c0c,2024-11-04T13:18:27.017000 CVE-2024-10543,0,0,78e6de226aa4ccb5cb5b260268ce156b234621147350989dafddd9817bf9323e,2024-11-08T21:19:02.700000 @@ -242978,6 +242979,7 @@ CVE-2024-10917,0,0,1eea699579f5dcb0f1ea716ba091b6b657cbea6b54620c9aa27bd72862f79 CVE-2024-10919,0,0,e8fbb923eb829e965254205b876d7ef672d5aac59877ea419609aa8d8f6bb3e9,2024-11-08T21:07:58.383000 CVE-2024-1092,0,0,4e514cbeb8cbdb0016fe4cb374f3dffe448e95b35a82b13ed7cb7be1b7fe61c2,2024-02-13T19:43:06.247000 CVE-2024-10920,0,0,2cf9a2b6fa319444c301d4d5e50d2260546d202b9ce9ceed0622f3257443827f,2024-11-06T18:17:17.287000 +CVE-2024-10921,1,1,df49167eb143ff2e23f3731e4ab5404d7de812e4b3599b4fe801797e2459e70e,2024-11-14T16:15:18.030000 CVE-2024-10922,0,0,2e8ad1bbe2c22b2f860e82caba9eca723e865a4e9bffae87682e3cfa53e59e0d,2024-11-08T19:01:25.633000 CVE-2024-10923,0,0,a52ee7279b45f6cbb4af1bcb280dc131fb026565d6c8cec2e60c88cc2adb08c1,2024-11-13T21:35:04.867000 CVE-2024-10926,0,0,d4b8448490b176d20ac7d5dd5d9abfb0445d0f8f33211ac22e460a561e976123,2024-11-08T19:01:25.633000 @@ -242993,9 +242995,9 @@ CVE-2024-10946,0,0,53c127b5d01f3eb86df399cdeeb942bf199714aabfb134ba6a8dac66d645a CVE-2024-10947,0,0,0411e4a4d7c1a87e65d7d83c82156a4ec968e1f848bfec751aba34746b5cca7a,2024-11-08T19:01:03.880000 CVE-2024-1095,0,0,e70da3b629cae08421ac3ff6db71fb525bf872b735f906aa9168a1a3feae7dcb,2024-03-05T13:41:01.900000 CVE-2024-10953,0,0,496fd56d3a163ffff52ed6786827de0c1da0afb8656a03af3cf0cf6c1de87d4a,2024-11-12T13:56:54.483000 -CVE-2024-10958,0,1,5ab671d0f18f16536cdc1e49a5ce9e7bd51980aaa21f74ae418c3b86ac578dbd,2024-11-14T14:57:23.103000 +CVE-2024-10958,0,0,5ab671d0f18f16536cdc1e49a5ce9e7bd51980aaa21f74ae418c3b86ac578dbd,2024-11-14T14:57:23.103000 CVE-2024-1096,0,0,9e6ec92aa91c226f1dce82b660bd82ecda12366a7db0465d5ab79a9947cb0a51,2024-03-21T02:51:34.720000 -CVE-2024-10962,1,1,fc2a3059aeabbd9a555b1076cda4c781298ae5670da3d265d60588b3053f7375,2024-11-14T14:15:17.533000 +CVE-2024-10962,0,0,fc2a3059aeabbd9a555b1076cda4c781298ae5670da3d265d60588b3053f7375,2024-11-14T14:15:17.533000 CVE-2024-10963,0,0,eee86a3aedc7174854dc69b5daad7ddd56acd624730edee3419c240e1ae079c9,2024-11-11T18:15:14.487000 CVE-2024-10964,0,0,59c42738567fc9804ec2d61407344d8d58a5472c34e273ef586a2c76a2aefe85,2024-11-08T19:01:03.880000 CVE-2024-10965,0,0,c66f8f41a86b61772baa3fe053f73c721fa7e86ea505631bf695cb762fd01af0,2024-11-08T19:01:03.880000 @@ -243005,10 +243007,10 @@ CVE-2024-10968,0,0,f600c79ff6183eb1b51f4003b01ba4a417fb853b88c9cd1f3e9f06879ffd3 CVE-2024-10969,0,0,34fb384baf8f9b6070297fa30997eac3a4fc91278070bd97f872695ea721a856,2024-11-08T19:01:03.880000 CVE-2024-10971,0,0,48718e7d6163afe0c28e377c2f658daad2fd70d420b988ed3e01fe2fd9d4a70c,2024-11-13T17:01:58.603000 CVE-2024-10975,0,0,f38693c9a402e208f0de21f91edcefa5c1f789073d3e380787ea5dd138f197fa,2024-11-08T19:01:03.880000 -CVE-2024-10976,1,1,3b148dc4518f7a8e1d6912ce588f9c1895060c7a721621b8fea7a6516e1bc558,2024-11-14T13:15:03.793000 -CVE-2024-10977,1,1,aa3e2e2e2e4638ee56b2d080cc6b88579b65dfa2345af8d2842cfc41a4d760cd,2024-11-14T13:15:04.023000 -CVE-2024-10978,1,1,4a5735a7a7e276ef0f613173360c8e5c241c0de7a97379a047204a5b4bc4f7a9,2024-11-14T13:15:04.217000 -CVE-2024-10979,1,1,e13cabad152efceb8a731ed12a662bfdee80230a27e83e5a0270b5fc18b72f97,2024-11-14T13:15:04.407000 +CVE-2024-10976,0,0,3b148dc4518f7a8e1d6912ce588f9c1895060c7a721621b8fea7a6516e1bc558,2024-11-14T13:15:03.793000 +CVE-2024-10977,0,0,aa3e2e2e2e4638ee56b2d080cc6b88579b65dfa2345af8d2842cfc41a4d760cd,2024-11-14T13:15:04.023000 +CVE-2024-10978,0,0,4a5735a7a7e276ef0f613173360c8e5c241c0de7a97379a047204a5b4bc4f7a9,2024-11-14T13:15:04.217000 +CVE-2024-10979,0,0,e13cabad152efceb8a731ed12a662bfdee80230a27e83e5a0270b5fc18b72f97,2024-11-14T13:15:04.407000 CVE-2024-1098,0,0,7637c79f93f6fef4c2ad0472be16e5b2b85cffeb9436b7defda280fbd3390871,2024-05-17T02:35:14.017000 CVE-2024-10987,0,0,3d92aa33c7cd82b5da2d8627d31a00cc6f3627f00f3b6f252e968a08d3bf860d,2024-11-13T00:58:55.400000 CVE-2024-10988,0,0,6d214b682ab0622d06c1c4f694c05924f3acdece53f5429fbbce41d026ca23b5,2024-11-13T00:59:17.867000 @@ -243047,9 +243049,9 @@ CVE-2024-11049,0,0,b32f7109487bc986f17f8a46eb9cc8cb1f0e96bfe0591fca882d7e5919dd9 CVE-2024-11050,0,0,90ab244978cef45af7f095c82b640f3cf8f2d9477d1dab1199c3f2987aed170e,2024-11-12T13:56:24.513000 CVE-2024-11051,0,0,eb9e15965e4cd0c6f388b6eb1187188afb18b6da215e4b4c9a8311016e9cd0cc,2024-11-12T13:56:24.513000 CVE-2024-11054,0,0,2b10f7eb7e0ea54cbdf2f44e8ccd2401488923bf3e8bbeb3c99a947af182af3e,2024-11-14T02:43:36.197000 -CVE-2024-11055,0,0,8753cb0f9e0c463951b38cd6aa776389b7f8fae7636d2e40ff9d7e2ceabb0dba,2024-11-12T13:55:21.227000 -CVE-2024-11056,0,0,260e6276db037c1b83afa3a84dcfe60a67f837ee8245c0e77eb0e6c4b686db55,2024-11-12T13:55:21.227000 -CVE-2024-11057,0,0,f4d60f6fab1190311646d9264bfdcce59d278fed16386a412e93a051a1fca225,2024-11-12T13:55:21.227000 +CVE-2024-11055,0,1,063f616f81ec8b41ac610800e9641fd71662778ce9165238c4e4d73be7647e35,2024-11-14T15:18:45.933000 +CVE-2024-11056,0,1,6e0160117ff4187f70de2c20437329aad36979ea68e9d50c9569d1405a688157,2024-11-14T15:21:09.907000 +CVE-2024-11057,0,1,efc5199c6bc0cb8887f48f5308b5d149602f2f7a3e252fd59826bbea218fe89a,2024-11-14T15:23:35.427000 CVE-2024-11058,0,0,2513990c583fb1d1dafc7d9e78f2d291075a5e9342bc4395386254abede8ff4d,2024-11-13T23:03:49.027000 CVE-2024-11059,0,0,de7cfb30a6274819a2f3576f81d64b58ec0837ba2b51799f2a317460e7cb2779,2024-11-12T13:55:21.227000 CVE-2024-1106,0,0,20cb4a0a045157ac9e013fd166b9513d5a44a1304cf8a8ccabd3185b4a52ab40,2024-10-27T23:35:01.747000 @@ -243073,8 +243075,8 @@ CVE-2024-11079,0,0,d1a710289b6254268300773c7c9b113893f43edc23893d87d06dbeefe81de CVE-2024-1108,0,0,72e8aa7ee320c630f0cd3020b574b902dcf572a1d2888f0afb29692e74e18247,2024-02-22T19:07:37.840000 CVE-2024-1109,0,0,54a246b33f975a42367e7b2f8f64c59b5c20293302ad365ae743bbdf357522c9,2024-02-10T04:13:21.610000 CVE-2024-11096,0,0,c3ff544a53c1563b81fded1ba3057d9b03d9b4212c24283ee7f8f621c81cae5e,2024-11-12T13:55:21.227000 -CVE-2024-11097,0,0,0f425a00a4219c8aee24d98bfdb80d7664413f5722ae7291836b25044ba023ac,2024-11-12T13:55:21.227000 -CVE-2024-11099,0,1,b02ba7425ae521b4e61975a45bff8e8ecb52a8a9c6c1cb2a6953e7ebe403b20e,2024-11-14T14:37:45.570000 +CVE-2024-11097,0,1,42c24fe7e0f8ce5adf3737634dc818886f4840c68e0d42aa533b9f6a8bbe1a75,2024-11-14T15:14:40.767000 +CVE-2024-11099,0,0,b02ba7425ae521b4e61975a45bff8e8ecb52a8a9c6c1cb2a6953e7ebe403b20e,2024-11-14T14:37:45.570000 CVE-2024-1110,0,0,2a7a998b7b1ccd0c64d40f28b7bfefdfe0681031ac010f23e86b81b22a7f4df6,2024-02-10T04:13:13.260000 CVE-2024-11100,0,0,c492dc436c5e7b0bafe38365cc0f5202d40cfdc5e0c2327c30b822de79afcadd,2024-11-12T13:55:21.227000 CVE-2024-11101,0,0,a2b85a410a212ab95b03a0a6c633679b89052f56b8c74d4fa60b641fe5c20a93,2024-11-12T13:55:21.227000 @@ -243098,6 +243100,7 @@ CVE-2024-11126,0,0,b967d4c9797ae557d5008a2e89e34b56b8ab089540ce69fba53b421e80e1e CVE-2024-11127,0,0,872c91b8fef54d334e58f460ad31540519bfcc5b745ac9da794cfe9b05f34fe8,2024-11-12T15:48:59.103000 CVE-2024-1113,0,0,6955c6c679809523d129efea09ef779c898e264f7e3230a68d2b1fd615c8f410,2024-05-17T02:35:14.663000 CVE-2024-11130,0,0,578a772ca1269be9bdc99bb966d7eb9c39dbd0e02e5dba4d3229d53dfaceb8e4,2024-11-12T15:48:59.103000 +CVE-2024-11136,1,1,2dcc5ef5645ba41b5a60914f16da3e4a37e52f37d02632d7ed31a864697aa09f,2024-11-14T16:15:18.273000 CVE-2024-11138,0,0,7b0edb369e2d9df427aea00759a3991acb4ee32080a1e83cba9502f5a7a362f2,2024-11-13T17:01:58.603000 CVE-2024-1114,0,0,4ba1cd03fbc35862ac6b2ce79da50122dd303ea22f4f4a45a352ffb5be12a8ee,2024-05-17T02:35:14.777000 CVE-2024-11143,0,0,7f1fadde01fb3ddd4517afb19a16094808880468a8f2dcb40cb3d8e84d34f2d7,2024-11-13T17:01:16.850000 @@ -243105,20 +243108,25 @@ CVE-2024-1115,0,0,4dae9d3d8bef65fab3d547368288cc3126446be18b7fc740123f9a96bd6241 CVE-2024-11150,0,0,3e3c713e3eaad09aa014087e1c0cf6ec0a3f52a733d6f796982bf46a36311d42,2024-11-13T17:01:16.850000 CVE-2024-11159,0,0,39f42189952a5a54f176162eafa19e76b61f9d19919387dd6a0f61911ebf5c32,2024-11-13T17:01:16.850000 CVE-2024-1116,0,0,4196b5c71a0d802f4c1e9b3a43ac71c958f929e96b26e1ebb01241c6bd176fa3,2024-05-17T02:35:14.983000 -CVE-2024-11165,0,0,ae5849dccf51440ec10f1f7b79d506e18bb1dec15d828d69c01c4e8285a08586,2024-11-13T17:01:16.850000 +CVE-2024-11165,0,1,95fe2b7c203ba5cc9c6e4fb2522e665475ea40e75b68e18a56b9dddf3a00ff2f,2024-11-14T16:35:05.493000 CVE-2024-11168,0,0,5e610ba56b770f0c45b8e5f1da8a18409af80ecc6fd32d397017d56ba5ace8ac,2024-11-13T17:01:16.850000 CVE-2024-1117,0,0,0eff4d8f06fdd3645727772834638be79e19128758cbe94b2a8e7a297167b8d0,2024-05-17T02:35:15.090000 CVE-2024-11175,0,0,2129c1cdddb364757f82b16fba301982b34bdf0dfeb6c2bb6f48aa85e142eee1,2024-11-13T17:01:16.850000 CVE-2024-1118,0,0,6c399aaded9e96cfac900ecbd30e202d5a6a42d5625667c3de9725b65dc62fc3,2024-02-10T04:13:01.030000 CVE-2024-1119,0,0,5426bc48e63724893c52e881a8535fb7954cf4e6383fc287bdb9896410f7d3a0,2024-03-20T13:00:16.367000 -CVE-2024-11193,0,0,b867d53e8970960d5eb349de78aca7ea0872047575207e3300f9228f9cb682f8,2024-11-13T21:15:08.730000 +CVE-2024-11193,0,1,444d5e431a5f364ce974b83b336c1383f189c8a9ea01d483f54d9727862b851c,2024-11-14T15:35:06.770000 CVE-2024-1120,0,0,4ae965ad3da5f8a3235e6e58dd82dd504b21e474d229ae465351f9f2ed6318d2,2024-03-01T14:04:04.827000 CVE-2024-11206,0,0,8a1d9e5ef2c63e35f4e83f2e82606d66784e8c4f9a87e9cb79b8e5df0bab5819,2024-11-14T07:15:17.203000 -CVE-2024-11207,1,1,024c4797bd1d1d32d9a74f037a4ea043aa8c39cc5149453e07ab16481993cd3e,2024-11-14T13:15:04.603000 -CVE-2024-11208,1,1,7acfc0d5ed23c52da09f59a7646b9c68ba6eb5051d4ac6d41bbd6289d3dca8bb,2024-11-14T14:15:17.787000 -CVE-2024-11209,1,1,c160f1217e298cfc2b4ea4c66bd7fff6bc5de06dc33ddcb58badda8b6cd0450a,2024-11-14T14:15:18.090000 +CVE-2024-11207,0,0,024c4797bd1d1d32d9a74f037a4ea043aa8c39cc5149453e07ab16481993cd3e,2024-11-14T13:15:04.603000 +CVE-2024-11208,0,0,7acfc0d5ed23c52da09f59a7646b9c68ba6eb5051d4ac6d41bbd6289d3dca8bb,2024-11-14T14:15:17.787000 +CVE-2024-11209,0,0,c160f1217e298cfc2b4ea4c66bd7fff6bc5de06dc33ddcb58badda8b6cd0450a,2024-11-14T14:15:18.090000 CVE-2024-1121,0,0,19a454e1b0b19f003a8998da71d81afc60a591ff2c6ec5f42743662bb8a72434,2024-02-13T19:42:57.107000 -CVE-2024-11215,1,1,bbd6ed73a8be7440fbca0415213d736ba6de2cfe8e7fb84b25483d78ebfdebb6,2024-11-14T14:15:18.367000 +CVE-2024-11210,1,1,12da7228515f229535c7fc4b9759273057c94d0101b79ad3990f20080e45a07d,2024-11-14T15:15:07.800000 +CVE-2024-11211,1,1,b9c7fb9662e5721943ba1fc1e4f36e3cfae11a83d8100feb8339d89977889160,2024-11-14T15:15:08.077000 +CVE-2024-11212,1,1,7736079fe4badb5fe2ea2d1c57eef7d38e804fef27e3d434bde972654548323a,2024-11-14T15:15:08.360000 +CVE-2024-11213,1,1,6310690398aef42147c21046e139b47a34bc0077fad5bc3ed389a644e6432516,2024-11-14T16:15:18.450000 +CVE-2024-11214,1,1,ccb4f12fd6859941f79db491e8820bb2f8c1cbacb38f9854647bd5e4e95dace1,2024-11-14T16:15:18.707000 +CVE-2024-11215,0,0,bbd6ed73a8be7440fbca0415213d736ba6de2cfe8e7fb84b25483d78ebfdebb6,2024-11-14T14:15:18.367000 CVE-2024-1122,0,0,0daea6a9b881beb2ea9e563443c7905c114cf68ea1093ef9f6fd6cdf2c48aad7,2024-02-15T19:17:26.630000 CVE-2024-1123,0,0,b973e4c54de6f241a32cf221a70e04068421d86df4d000867b2228a54e55ef35,2024-03-11T01:32:39.697000 CVE-2024-1124,0,0,913ac2351f43d83be68411d873bf568715eb455fa7fe6219a9189bc1238726a9,2024-03-11T01:32:39.697000 @@ -247454,7 +247462,7 @@ CVE-2024-24759,0,0,196dd3d6a390d0f8adf696e748e9652eea5e67c303d007f2b608d7022ae56 CVE-2024-2476,0,0,80675065379b57841f9cc91f89004ea3a59650c216e07d02b5d96eca99c32b3c,2024-03-29T12:45:02.937000 CVE-2024-24760,0,0,712e50ebe0dfd036080457db09cbfac631236bade7f3aab0fefe0bd1d6c7650e,2024-02-10T04:04:55.743000 CVE-2024-24761,0,0,b1f2bf902e5fec122e2292b6e3e60586d417fb53e3af18ffd9589198f195ec1f,2024-03-06T21:42:48.053000 -CVE-2024-24762,0,0,35449d26fd46707c48224f8b5b5217335ce323aca77c6984e1cac20361aac3cc,2024-02-17T02:15:52.700000 +CVE-2024-24762,0,1,582f2f8c6f656bad82b23a3a3b80a2a536d7cbf16665dea44ae4741bd6ae9efb,2024-11-14T16:25:58.967000 CVE-2024-24763,0,0,8aa9488aba8310d408295beec746929572897f70a048552a2d0371466f18f492,2024-02-20T19:50:53.960000 CVE-2024-24764,0,0,51888f40f8d4272aad2d8cb14def9cb3125276a64923f00cc5389ceef9c8c258,2024-09-19T16:57:46.463000 CVE-2024-24765,0,0,2b41e2c8e0486bcdab8814f4f07d873fcc36842f0236f866fd2e1bdc249f0bf6,2024-03-06T21:42:48.053000 @@ -257813,10 +257821,10 @@ CVE-2024-38534,0,0,9251a57b8c9989c9b1c34a9cd9aad721dda5aaf1760c4e38e2206b7d00f57 CVE-2024-38535,0,0,4198e7cd88127e88f16304553c820d077f58a27a3f19dba8bb48d55817c59913,2024-07-12T18:46:12.900000 CVE-2024-38536,0,0,cd930de20eaf680b2a502d3a5a00a9aad5c6fec64621863e397dab83606ecfa0,2024-07-12T18:45:38.410000 CVE-2024-38537,0,0,103402269a270a67bfe215eff7f2c87681abb6bef0d7dc124a63de178d731b3b,2024-07-03T12:53:24.977000 -CVE-2024-38538,0,0,dff649e58e70a97be56e795f902c6df2586e4fc9ed3692eb6ddd68cee585c755,2024-08-29T02:26:05.030000 +CVE-2024-38538,0,1,0f21878d13edcc54c75c760a4a2fbd7aeba7e8bd5d2cbbd0c0922d630329b4a2,2024-11-14T16:15:19.033000 CVE-2024-38539,0,0,9488b6bbb3940f9ac1de867bde9fbcc881411ecb098ca77e384efe77519a18ed,2024-08-26T12:58:23.790000 CVE-2024-3854,0,0,f383320435301230a2dac28bdc7db79c6e74ee12f38932e432ec4f2020fa918e,2024-07-03T02:06:46.110000 -CVE-2024-38540,0,0,e32a7f449ff8ae3014191cf278de61d18b1d635bb56b0abc92a1fbb7af071b4b,2024-11-01T15:35:15.297000 +CVE-2024-38540,0,1,2d29a4a69f1e15cd093fb6cfeb09e1acc8bc6f0b1fe70d1cb827a4e71a4ff7e9,2024-11-14T16:15:19.170000 CVE-2024-38541,0,0,023c6a7426f76d21c921b964034a52048d8ae62a75126b3da24f432830a3ec3b,2024-07-03T02:05:10.090000 CVE-2024-38542,0,0,5b6315d30c24005411464cd6e47e963e0ace5c08db9b1853647af794a6f5b095,2024-11-07T17:35:20.127000 CVE-2024-38543,0,0,9904319b3841ba05d0649764b91a7dcf20e3aad22e44c835db1259658176f833,2024-08-29T02:24:30.617000 @@ -259101,10 +259109,10 @@ CVE-2024-40658,0,0,5f8a6b60ca62d2cfa0f9862e86c619e00e5db037ad87f1558ced4ae7f02d2 CVE-2024-40659,0,0,fabbb4b92a57e596b06e9bd31b045ecca58663666534e05d61759f6961367421,2024-11-04T18:35:10.733000 CVE-2024-4066,0,0,5674d1317b0a03adb324e31f70d35a87031f26ca2ea2869349483359d081bdf7,2024-06-04T19:20:29.323000 CVE-2024-40660,0,0,74c960eea143c0e524b09de261c09c6fc912cc1517e2fa6f798149565937a1e4,2024-11-13T18:15:20.570000 -CVE-2024-40661,0,0,91f9d66e05dccd59fd31943b9b6ab9572b4489300d6ba5cf7811e21a9fefeab4,2024-11-13T18:15:20.650000 +CVE-2024-40661,0,1,ece784732e717dfd5aa9d24e114c7c911766a2da6d3d446f6065a64726338596,2024-11-14T16:35:06.610000 CVE-2024-40662,0,0,158da2f06a1d27615161cee7fe7341ef1e87f2062801f47e3e4f4b1d6a1663ec,2024-09-11T16:26:11.920000 CVE-2024-4067,0,0,cb2492818fe81f39be6108b3726f1fbc34af211b5be3405ee7a17904cdbd58f2,2024-08-28T00:15:04.130000 -CVE-2024-40671,0,0,5a170b8947e0cf3c928a22a81830651b1a9a4714b15641f041e9c3bca03b89df,2024-11-13T18:15:20.723000 +CVE-2024-40671,0,1,7f55caf3fa639a1aa5f0a6d9761614e698a0cf2585c8682232f6ccfdf6934d1e,2024-11-14T16:35:07.450000 CVE-2024-4068,0,0,bb45b0f3c24ec800e9c86d4119a908807b555886bbc03073bf2175c668679f63,2024-07-03T02:07:03.943000 CVE-2024-40680,0,0,6a7d82455fef21e03a575dce9fc7ae88a549fdf8ecdf4b4bb72b8cebe35b53d9,2024-10-31T17:15:12.990000 CVE-2024-40681,0,0,fac9532bdd8d5b6d1b1f49e08b67a17d3abcf6f9f6c80d971ff62d66179abc1a,2024-10-31T17:15:13.143000 @@ -260016,7 +260024,7 @@ CVE-2024-41996,0,0,29b8c50df43b1c66bff4b5734acbca34adccc097a107dedf36398e589357d CVE-2024-41997,0,0,84a3f0ea395077fa02b4a334ab8509ff391bef43bdcea38ddd875b5794f83bfd,2024-10-16T20:35:12.430000 CVE-2024-41999,0,0,a370380ae5e595c1d409f5d8d8f92b14e0e23ae9708051ce0a7058f9d91625a3,2024-09-30T17:35:09.340000 CVE-2024-4200,0,0,4cd240b08c44457e11ab7d0e46f05e7d4edddbc268bf54e61982ff7b6b50f3a4,2024-05-15T18:35:11.453000 -CVE-2024-42000,0,0,2a6ef489e8022f0e5c1eba30d0b9bf961a756a0bdcd143f6001b190791ee9e4b,2024-11-12T13:56:24.513000 +CVE-2024-42000,0,1,7d3d4b36e2c38daf7c15f728054166cd6cf270bf4b91faabaecddddf2e936a40,2024-11-14T16:48:30.013000 CVE-2024-42001,0,0,fcbbb9fe256b159250061e78a0e74ebb6632e1ed1a0fdada8381ebf9439eb017,2024-08-20T16:37:05.447000 CVE-2024-42005,0,0,6e7acd676fdd0820d0ef383abbd9c31b747692d4d747e9756762f959c9b515e9,2024-10-23T18:22:48.937000 CVE-2024-42006,0,0,cac16dcebbdfd7db60164c8c9c083b31913f86e474f6e93c1530c3119039cdca,2024-08-21T13:26:54.577000 @@ -260186,6 +260194,7 @@ CVE-2024-42166,0,0,18df6e3d78544dc8ad38e19fe493f73a53f7ef17f4a96d8246b9654224a5c CVE-2024-42167,0,0,cd8646272ac8e058d6c4cd2f9a697cfc1c8ee88730b877963e6d060dbe9c7f9a,2024-08-29T15:24:12.060000 CVE-2024-4217,0,0,b697d32a81a44314e31fbbbd491d72bf1d83730c215f0b4ac0b5c272bbd60693,2024-08-01T13:59:28.453000 CVE-2024-4218,0,0,dff7b6ef5b1eda10e25547a7c58ff59e7141627798ff1eb390bbb04c101af4a9,2024-05-30T13:15:41.297000 +CVE-2024-42188,1,1,7ff6efac9c403ab0f844ed338ca6070c8b8f7fc3297fe30ed747f767493b6288,2024-11-14T16:35:08.270000 CVE-2024-4219,0,0,e67747b1814e30f9a57aa2d5fada7a64c70b8e2f4229bf1bd72194f6b14072cc,2024-06-11T17:06:50.963000 CVE-2024-4220,0,0,046e30c2acea51afb217826bab01d9bc8062f3ae27d0f03889e044f9dcbfad10,2024-06-11T17:05:35.203000 CVE-2024-42218,0,0,331226ea49af1a2f92292f364b4fd8bc3c26a90f49d1b9421ad0db0c509189fd,2024-08-12T18:27:54.660000 @@ -260265,7 +260274,7 @@ CVE-2024-42287,0,0,f6dca4eca0188685008daf12866ccd252af4d1c3fba55ba49482c64afdec8 CVE-2024-42288,0,0,3bca3bb153b051d1e9a150826b5840d5f5c16eca31e67293c4ec7eba9cd334b4,2024-09-05T17:38:38.383000 CVE-2024-42289,0,0,04c815d082050729894440e6e2a5f87ed59b488996e57849be0708360c5605bb,2024-09-05T17:37:49.057000 CVE-2024-42290,0,0,d27aca27562195d04490643fa18705d7b7ed22675306a86b123d07597c93e3ce,2024-08-19T12:59:59.177000 -CVE-2024-42291,0,0,72aa73e566f0b3c5cb157f1659781e489a73109e53174d8bea3ddc4964e85fe8,2024-08-19T12:59:59.177000 +CVE-2024-42291,0,1,cae7e14d3bf2a910bf5be2341289caed2571c15b89bb59bb6f1bec8a1ae818f1,2024-11-14T16:15:19.550000 CVE-2024-42292,0,0,8310aa9a5630623a5a144ae735b237b95b640aed6f25022423101f353e6f84b0,2024-08-19T12:59:59.177000 CVE-2024-42293,0,0,7cf92cea47cf0aeade81c478f71bad3f09bbe1b4ba14510e43dd89a0a6440ef3,2024-08-19T12:59:59.177000 CVE-2024-42294,0,0,1014993f483faff29cfdc56b3a6e1108bbfa3c0b5440094cc7d24f2d59b3641b,2024-08-19T19:43:22.460000 @@ -260735,20 +260744,20 @@ CVE-2024-4305,0,0,3d3b1d1c5c813e5fa60e1eff1163926298ea6a7612f6966e2cad8be591d140 CVE-2024-4306,0,0,a2edc9b105cc4a694942681b57dff61f9e5285cc8aec37eba8bdc15814541dcc,2024-04-29T12:42:03.667000 CVE-2024-4307,0,0,9af1fe76e1dfb80a8368bbb3fc69b1f2cbb4fca53c0870243e2c9aa4c3d8390b,2024-04-30T13:11:16.690000 CVE-2024-4308,0,0,63b73a2fc8e8d5be636a84f19daeea12c1e2d5b3b652e500f77934bf4e894f3b,2024-07-03T02:07:22.320000 -CVE-2024-43080,0,0,859938f8bfdd9373f5c11a261a5ea214e206985ce3d1f8158f39d06759bfd3c8,2024-11-13T18:15:20.783000 -CVE-2024-43081,0,0,c1b1c18d912e36f6715c8c89c30539133fe18a066844da48aa9ecbcbf00bc3a1,2024-11-13T18:15:20.863000 -CVE-2024-43082,0,0,2728bb13cc3a03c6d2959becaf04a13288fd75912a6a6c3cee28d4e833e92792,2024-11-13T18:15:20.927000 +CVE-2024-43080,0,1,730e0bfbb0e0f92fa1e95f9b258bfe2a1ab85fec5621ab92e84698ca9224cbe3,2024-11-14T16:35:09.127000 +CVE-2024-43081,0,1,6e20886638c94eff3709d5e5abac04922fe4ce24b538dfc592826e5cfcccd33c,2024-11-14T16:35:09.987000 +CVE-2024-43082,0,1,56f178a344750a698deaed3b020a59b38ac850196a812abf9ded49cf0eb7e50e,2024-11-14T16:35:10.857000 CVE-2024-43083,0,0,9e09a78fc09963141a3fc02fd9ed1ad21971def8b416ce9fb9ce24f8d729df12,2024-11-13T22:35:06.987000 CVE-2024-43084,0,0,437d5cc042837f1bfc9cfa8d8d836f0c2f4c7883f5fb73f66819713dd173d647,2024-11-13T22:35:07.777000 -CVE-2024-43085,0,0,bc49bc9230a98112bafc1d2a58c506439d2fa4105d90c8b70de8e7271fc19dab,2024-11-13T18:15:21.173000 -CVE-2024-43086,0,0,c790fbe2622765ad270ed8651ff1f74a01feac8f4cf11eb70212ca535801d034,2024-11-13T18:15:21.240000 +CVE-2024-43085,0,1,c715c7e31f1af16a494792b8c4a654750dfcfcb152116fd578bca383daa762e5,2024-11-14T16:35:11.720000 +CVE-2024-43086,0,1,b35a9c0f4b81e475922d197d48e538ace9956732719607be7dbe8800d97916ab,2024-11-14T16:35:12.570000 CVE-2024-43087,0,0,1127c4ae24000cbc474cb9ae6b80fcd28ac633a09b7c536b905800937c9d183e,2024-11-13T18:15:21.307000 CVE-2024-43088,0,0,f856fb27d9849b9e2892c2985299e11fb1bace58e4df7f885384836d602d3a8a,2024-11-13T18:15:21.387000 -CVE-2024-43089,0,0,13469b4fb5d5057210e2d84a0df39be9bbb6bf6657cef86b55bf9a4c28aa41c5,2024-11-13T18:15:21.450000 +CVE-2024-43089,0,1,b277ca7768b3e4b4b0f60e1bf47b20ac676f3753e8cd1ebaabaa7be31aea80a8,2024-11-14T16:35:13.417000 CVE-2024-4309,0,0,5b40a8fbb2137dd0d77fe6c4c1c586190f4489f813d005ab45d5553c299b0b73,2024-04-30T13:11:16.690000 CVE-2024-43090,0,0,28e87613d5722ac4d9a0be826e296e6e3ad7500c170880234254815d7f83e6be,2024-11-13T22:35:07.990000 -CVE-2024-43091,0,0,e84648f12fbc8caf742a7f4758d316932bef09a56fbe89dfee9fd1cca5528b2d,2024-11-13T18:15:21.590000 -CVE-2024-43093,0,0,0a0cf79846709702a5728e0776697c8a2023ee649a8dac1fb95fbb8da2ff9a36,2024-11-14T02:00:02.740000 +CVE-2024-43091,0,1,720dddedca98cc00358c0c207a42957b58527a650ba575507da86ca94d698e87,2024-11-14T15:35:08.470000 +CVE-2024-43093,0,1,c8d697c7de043e479109703ad96e3d7c26625a9c9645c9a220bc282f106d3add,2024-11-14T15:15:17.020000 CVE-2024-43099,0,0,1e8651c725576df83054b4b74436ff5087c13bad1e13244cb0e6a25df0f7bb09,2024-09-14T11:47:14.677000 CVE-2024-4310,0,0,08f5e8e76073c3640785934b5dbc198d89dde47497c02b1ac3fc670d20c22fd2,2024-04-30T13:11:16.690000 CVE-2024-43102,0,0,08e196b4c8739548226238903033d07bdd98395e1a6fb3461533ef08cfa70faf,2024-09-05T21:23:40.503000 @@ -261073,7 +261082,7 @@ CVE-2024-43447,0,0,64519d939af836941207a1ee1c139a46019f5f6e535d2dd8d3441654fc85b CVE-2024-43449,0,0,0d544abc4f60a7b2bbb5854c6b95ddcfd08340af5264a273b7b1064b011b4a30,2024-11-13T17:01:58.603000 CVE-2024-4345,0,0,991a52fb88968c952c460a76f59f283c0ad80fedc25d9533338fbc3b0d515f60,2024-05-07T13:39:32.710000 CVE-2024-43450,0,0,4130355e8050fdef04c36d68e58c926853f3f0f86c3a11bcccbbf538e509441b,2024-11-13T17:01:58.603000 -CVE-2024-43451,0,0,7f698441b08135f2d924dcba5dca444d014d423bed0ab62fba4f9c29b0457ca3,2024-11-13T11:55:08.677000 +CVE-2024-43451,0,1,ef135d2466be9d8cc66d1c328101aa5ac13cea718d4b54432b89ee081363d95b,2024-11-14T15:24:33.317000 CVE-2024-43452,0,0,d3febe78969731e5e1427824174f48965f9419fd572e6c752a4f259919f0ce4e,2024-11-13T17:01:58.603000 CVE-2024-43453,0,0,987e6c8ce7e8f2e1d3f9232b14d73438f55ce61f84bbe67fdf49d3284ca0d7f9,2024-10-22T19:29:44.997000 CVE-2024-43454,0,0,f0995c64c71167afbbf899e7ce1038e4a80441f5a273809866a5c3103af339c0,2024-09-13T14:52:28.570000 @@ -261397,7 +261406,7 @@ CVE-2024-43864,0,0,21d16c6aaddff6921ea6961f03c4534862e785bec53c822be6ee212eb279e CVE-2024-43865,0,0,3ea6e9c4ca349deed15ed0ff69ac86878978452d8ff75eb76c40f26fbd6827b8,2024-08-21T12:30:33.697000 CVE-2024-43866,0,0,8d8720671d9d952ce1e3e8d6f6ae86d2eb2c95fbc5c8e78195c42875d55ab79f,2024-10-17T14:15:07.297000 CVE-2024-43867,0,0,019b477a9c2ec97cd466b2e65bc244b10d61671d0bdbb2dd9346d03b97543e1b,2024-08-21T12:30:33.697000 -CVE-2024-43868,0,0,88be01dd732ff6da5baef81c9b1056645a9df6256d9302c340c20b075158ebbc,2024-08-21T12:30:33.697000 +CVE-2024-43868,0,1,da6e317cff02aa2aa0e37fd8506af756ab8378d9eea26e06ee3fface0f4fbcc0,2024-11-14T16:15:19.803000 CVE-2024-43869,0,0,5f88e5ad59f3470d3abee67e401ae58d414a0501c24f0ca9ce1eb4fef318a9bd,2024-08-21T12:30:33.697000 CVE-2024-4387,0,0,e174205a853415a731f22788a3c678b3fe9a7067078ee3c331ab7c9e4e787abd,2024-06-11T10:15:13.637000 CVE-2024-43870,0,0,eea96fb7d85fb9f698cc357463068952170218510d11d133e32f1c1c6d3cf75d,2024-08-21T12:30:33.697000 @@ -261786,7 +261795,7 @@ CVE-2024-44289,0,0,39f2c304e535f897d30f0fda10654e4d803aee074158bd870b6d7fbf5cd0a CVE-2024-4429,0,0,f3c6ad6c7fc3529e6805efa10bcecee8b01db9336bcb1f88fdc476ffd1173766,2024-05-28T17:11:55.903000 CVE-2024-44294,0,0,59fc3334cee0c3e9631e7e6a5312e3c47084303bd875a30b037f9e38f2893ed1,2024-10-29T21:35:21.347000 CVE-2024-44295,0,0,fb98babf34b319b0a2af419c6d70bf7de5dce9049e181af2638c884d22361b7b,2024-10-29T21:35:21.523000 -CVE-2024-44296,0,1,ce190bc6ecab48c9648d12ed82ec9ef15eb86a0c5bf224e9ce5cc6a37626ff6d,2024-11-14T14:58:09.900000 +CVE-2024-44296,0,0,ce190bc6ecab48c9648d12ed82ec9ef15eb86a0c5bf224e9ce5cc6a37626ff6d,2024-11-14T14:58:09.900000 CVE-2024-44297,0,0,79b1a7724e5e5ef3ea1a90918f341220daf2a3cd7bb65b3a989c955fd834b7c9,2024-10-30T15:35:17.777000 CVE-2024-4430,0,0,137066e4356a4d04e3ad731fb42c3579f278eca0ad3e41ea882926334c71093f,2024-05-14T16:11:39.510000 CVE-2024-44301,0,0,e57f1a12cf8c57ae2bf8a0deda4abbc44e17e7c3ec00ae41ee84335bdf9af805,2024-10-30T19:35:22.447000 @@ -261798,7 +261807,7 @@ CVE-2024-44331,0,0,73262ef7340ef820af39aead30aed03cb4a68bd84c03029c20d228a5fd738 CVE-2024-44333,0,0,d4fac21295587aa2979fd79e1578e51567e5183cd9197e256154e36309cd2381,2024-09-09T21:35:11.347000 CVE-2024-44334,0,0,27220524666d063359048a7f3de8a9bf531c5b74b035bcd3d68284cc277b9a46,2024-09-09T20:35:12.473000 CVE-2024-44335,0,0,bea255eb7004ca14c44e24d39ca0678896b2d706dfe75c727ca75c52a4a40bff,2024-09-09T20:35:17.330000 -CVE-2024-44337,0,0,1cf6516c2687226bc2ce622aba6bb3b6f4bfc46a46e0fe7ad50a25393cc6496f,2024-10-16T16:38:14.557000 +CVE-2024-44337,0,1,10b1b3889f5584eb97af34e1e63182f915bf3b1de7b94ca13de8ec109ea9c894,2024-11-14T16:35:14.613000 CVE-2024-4434,0,0,20236f1809b1e5babc738bee4dccd8edc7c4530b36b3cb8640798a5fece3dc01,2024-05-14T16:11:39.510000 CVE-2024-44340,0,0,d9735b689087fe69bacf9d01f51df4eff217f92bad40f97e93a199106e1c72ba,2024-08-30T14:56:38.207000 CVE-2024-44341,0,0,6f1abe8a37dcd02ea1515f2f8b8a8861a5b44588bacc4edb6b1f9eb0f68ae2d0,2024-08-30T14:57:07.260000 @@ -262155,7 +262164,7 @@ CVE-2024-4511,0,0,4d9dcedc762dab13753e2b0a6fba06d0880c8f0afe543668ff587ed1c4cea3 CVE-2024-45111,0,0,9fb0acaa2cfe1365ae260bae686a5d90e02d1dda50ec2516e7d6462b0987e021,2024-09-13T17:20:53.993000 CVE-2024-45112,0,0,fe220e89b9c90418cf9256ec0d1a61e1fb615761854b12c59226a9746bbe3106,2024-09-19T14:56:53.697000 CVE-2024-45113,0,0,9a4e89176a7b5c7d3845f7aafd6d39f3276ba5c23e86960f62b502204f186b6b,2024-09-13T16:56:53.673000 -CVE-2024-45114,0,1,befa6f504e3da0bfaf5fd66a3a777f2281db208049503e7ef12b409a5cb184f8,2024-11-14T14:26:53.867000 +CVE-2024-45114,0,0,befa6f504e3da0bfaf5fd66a3a777f2281db208049503e7ef12b409a5cb184f8,2024-11-14T14:26:53.867000 CVE-2024-45115,0,0,44f3d3d7e6cbfb9716d2aeed4c6872f67380791fa0673db900d919e23d985787,2024-10-10T21:51:56.040000 CVE-2024-45116,0,0,ba10c288fa12238b6e33057da35cf808f94ca4309d8804acd55bde0bef485b3d,2024-10-10T21:47:27.763000 CVE-2024-45117,0,0,63140a3dbb3f93a46a50aeaca1736c76d20d9a07045b8eb34614ba33b13e95d9,2024-10-10T21:47:11.257000 @@ -262190,7 +262199,7 @@ CVE-2024-45143,0,0,b7c913115514a2c2f5aae9cdeb64ec1457c94d908c1b9475a3d586b79d76c CVE-2024-45144,0,0,3d483b46971de80e33f27e9a69ef1aff9c95949bf9f7528efc12dc9a0282cb88,2024-10-18T14:42:45.377000 CVE-2024-45145,0,0,156066466313240ebda80ab859dcbc1ed184f5b9ec3fb8fddbdd07c70d4185e9,2024-10-18T14:26:54.053000 CVE-2024-45146,0,0,44126b8c652d70a444824785bf8fbde83205909d2793e4dabd8e2b0b32e4a035,2024-10-18T14:35:50.380000 -CVE-2024-45147,0,1,ddf8c75f896500de58f4471886d3a69695017c1c6bd153b0b0c73577a4b38aa1,2024-11-14T13:58:10.447000 +CVE-2024-45147,0,0,ddf8c75f896500de58f4471886d3a69695017c1c6bd153b0b0c73577a4b38aa1,2024-11-14T13:58:10.447000 CVE-2024-45148,0,0,0e90a71edeeb1f6c08cc4e8f74179b58bc7185e9e9129d62d43635e1d8f74649,2024-10-16T13:27:46.397000 CVE-2024-45149,0,0,daf87a7836b76bd56fac2770e905e7b6c1fea6089c2a616c772a21c525fb4727,2024-10-11T22:12:25.263000 CVE-2024-4515,0,0,745b5001aba1f09f57fb481d2a3d2000635a4a96793fd9115da6678f1f7fddb3,2024-06-04T19:20:40.830000 @@ -262898,7 +262907,7 @@ CVE-2024-46609,0,0,867378c24ca26a245e4713a4ba27c2af9d0d9faadf75c6778954203857675 CVE-2024-4661,0,0,c3df946503e9b828d76c6d82332cda3e4be930bda3f80537afbf8f2ae2d7bc25,2024-10-31T18:21:43.683000 CVE-2024-46610,0,0,dfd11b66ad880194d4e8759fea756317b6075d327e3519259cd11f18ae0f4b82,2024-09-30T16:30:50.833000 CVE-2024-46612,0,0,a589f709811c7445ac7df28a3a7782b0e1ab03ae28a72339e484d8d02cc7d048,2024-09-26T13:32:02.803000 -CVE-2024-46613,0,1,828ea2953c8808bd4c1aeeaf1277921cb0033156f867191308fa544d6d43c701,2024-11-14T14:55:29.753000 +CVE-2024-46613,0,0,828ea2953c8808bd4c1aeeaf1277921cb0033156f867191308fa544d6d43c701,2024-11-14T14:55:29.753000 CVE-2024-4662,0,0,42d3ec88d759fc9bf88fc92972e0c9891830916b90a0cdbb0331ad5486f420dd,2024-05-24T01:15:30.977000 CVE-2024-46626,0,0,b2dbe1e3c2ee97096cbfddcd538250ce5664f2528c19dd2dc51892ffc471844d,2024-10-04T13:50:43.727000 CVE-2024-46627,0,0,4cc8890cea4e8322a4c476b42c8fefe2b4b66b62a78446cc66eb2d1a373670f4,2024-09-30T12:46:20.237000 @@ -263545,17 +263554,17 @@ CVE-2024-47443,0,0,c7ebbaf071cf97fd15363efb3c4bd4e1dc07d445eda0326b1fed701bb4576 CVE-2024-47444,0,0,3c50a4520e405f3f41f0090609f649e84bb504d4a6472763c67225f747ab18fe,2024-11-13T17:01:16.850000 CVE-2024-47445,0,0,ca1dd8bb79ee4af2eeebbf79d117955d6fc93c61063dc6d9daefeb8e2749c043,2024-11-13T17:01:16.850000 CVE-2024-47446,0,0,c032a93b3fb4c35b6697f3f50bccffa735973c8ecd23346bcfedb7e37c027b69,2024-11-13T17:01:16.850000 -CVE-2024-47449,0,1,41f61b13e3dd2f4f5b46d75ab8d7ff84aae16e2e4e96b480eec29b17a142cd2c,2024-11-14T14:32:55.163000 +CVE-2024-47449,0,0,41f61b13e3dd2f4f5b46d75ab8d7ff84aae16e2e4e96b480eec29b17a142cd2c,2024-11-14T14:32:55.163000 CVE-2024-4745,0,0,54a19ac018881ab94cc09206a38557755449249c459a354d473ddea48bafd7eb,2024-06-12T16:23:34.197000 -CVE-2024-47450,0,1,e59fcc3accbe89009d4278a792d4807261153ec8178fc8038a63474d199284a3,2024-11-14T14:26:45.873000 -CVE-2024-47451,0,1,490bc6833ae16377b42f8048af4b317862dad301bcc343474ffaaefb9ce0d209,2024-11-14T14:26:38.793000 -CVE-2024-47452,0,1,b5396e6a49795825bedd34c4e2590b3d4a3c5296d4f5ef2c99a9192d3deeb744,2024-11-14T14:26:59.757000 -CVE-2024-47453,0,1,ad41f1a0346ba9308d8afa63fe99ed1b522f407256affb442397675976282665,2024-11-14T14:26:20.090000 -CVE-2024-47454,0,1,7a12332e0a2b5b3f82cefc17faf6d007ff26cd3e65da7428f3e8ccd1d12d5170,2024-11-14T14:26:11.110000 -CVE-2024-47455,0,1,98f68bcf09af7cfcd51b2d0392ab45432b8f6cf20c65529a25e63384d970e804,2024-11-14T14:26:01.207000 -CVE-2024-47456,0,1,ab044d53e4917ab374ab99548a614cc1eed1b072cd3b4991d21ec63e065e82f3,2024-11-14T14:25:45.813000 -CVE-2024-47457,0,1,41beba03fc88fe3e6018a7681e579ad54b0ed185b29b58bd00fa5554f0601a6e,2024-11-14T14:25:06.137000 -CVE-2024-47458,0,1,a8eb816dad002d4fb452905ee18f7adf9409af6ca9e45a9c712695fa98330f20,2024-11-14T14:24:53.283000 +CVE-2024-47450,0,0,e59fcc3accbe89009d4278a792d4807261153ec8178fc8038a63474d199284a3,2024-11-14T14:26:45.873000 +CVE-2024-47451,0,0,490bc6833ae16377b42f8048af4b317862dad301bcc343474ffaaefb9ce0d209,2024-11-14T14:26:38.793000 +CVE-2024-47452,0,0,b5396e6a49795825bedd34c4e2590b3d4a3c5296d4f5ef2c99a9192d3deeb744,2024-11-14T14:26:59.757000 +CVE-2024-47453,0,0,ad41f1a0346ba9308d8afa63fe99ed1b522f407256affb442397675976282665,2024-11-14T14:26:20.090000 +CVE-2024-47454,0,0,7a12332e0a2b5b3f82cefc17faf6d007ff26cd3e65da7428f3e8ccd1d12d5170,2024-11-14T14:26:11.110000 +CVE-2024-47455,0,0,98f68bcf09af7cfcd51b2d0392ab45432b8f6cf20c65529a25e63384d970e804,2024-11-14T14:26:01.207000 +CVE-2024-47456,0,0,ab044d53e4917ab374ab99548a614cc1eed1b072cd3b4991d21ec63e065e82f3,2024-11-14T14:25:45.813000 +CVE-2024-47457,0,0,41beba03fc88fe3e6018a7681e579ad54b0ed185b29b58bd00fa5554f0601a6e,2024-11-14T14:25:06.137000 +CVE-2024-47458,0,0,a8eb816dad002d4fb452905ee18f7adf9409af6ca9e45a9c712695fa98330f20,2024-11-14T14:24:53.283000 CVE-2024-47459,0,0,dc476e38be60b6a1efda7726261f4c9f051d293bb6f4f7193aea3c1108a67e3c,2024-10-23T14:17:23.557000 CVE-2024-4746,0,0,764da2d2faf52d5d8b005efc01764a8e4bfb42f0a65f0b328618a43b312322fb,2024-06-12T16:17:42.223000 CVE-2024-47460,0,0,946f764f812f97a57e8d995c98f9d8feee9df1e1204facd7e314537096c19b1b,2024-11-06T18:17:17.287000 @@ -263635,8 +263644,8 @@ CVE-2024-4759,0,0,88e594c7c898a4e82a1a8532a1f049d1a9fe25baf60278988c21dabe64f289 CVE-2024-47590,0,0,c753d8c8fff8996c1d065cd36652a978ed4f5524609cd99b50669bc05bf4ecb8,2024-11-12T13:55:21.227000 CVE-2024-47592,0,0,d50f90a32b1d664dd933a768f3eed2f3a853946f4a68bc9410b951adb6fc8f95,2024-11-12T13:55:21.227000 CVE-2024-47593,0,0,5719cca65cf0b6dd229ca6ab81d4395c74dda132bf396e7340283b24564be6f3,2024-11-12T15:35:13.233000 -CVE-2024-47594,0,0,1ae534f7a3c1c97ead2076790a49a30a6aebae2067756e88afe36b9237831ffa,2024-10-10T12:57:21.987000 -CVE-2024-47595,0,0,ba21651773888aa8d2743ba8a0a71f7f213256467724b419ffc59a50270127b5,2024-11-12T13:55:21.227000 +CVE-2024-47594,0,1,e92eb91869077d61e9079ba58307dc44b27f9146d981311f9790f04f6a99a57c,2024-11-14T16:12:13.877000 +CVE-2024-47595,0,1,7e3154456ac3ffec3083fc9f976dcc58a2c880188bbfb26e03bcf31c6d6eb5ba,2024-11-14T15:21:32.080000 CVE-2024-4760,0,0,b4849d754e19ff5b62ce1dfa55ef4652903c511172eef769e0d0e48dc2803d03,2024-05-16T15:44:44.683000 CVE-2024-47604,0,0,80d572b434bfccecbe5c80f8781631ff6586195ee102813ea66f572777e54ad4,2024-11-13T23:17:14.437000 CVE-2024-47608,0,0,6780a5cb01bdd639af89827da283834e6f19c572d8e127e2ec22fed13c61e1be,2024-10-07T18:51:05.650000 @@ -264134,7 +264143,7 @@ CVE-2024-4848,0,0,e9a992014a82f7f25ea8b020a59a54821debcc21ba29ea30b909eb2d249ee2 CVE-2024-4849,0,0,ea1119b37dea5602dfce7972c7449fed4caaba21295f1145a8612489a3c2fd07,2024-05-20T13:00:34.807000 CVE-2024-48509,0,0,284c4916946b05559ac72d79c6f8c0c88af2de3a287de63c88a681a518cf7360,2024-10-29T13:38:16.893000 CVE-2024-4851,0,0,444f4e959fbd50fab42bb9cd6f5b1019a6d50ea56a5371bcf4f4fa6566e3e360,2024-10-17T18:45:13.093000 -CVE-2024-48510,0,0,a8aa95fb9ab72661a8fe46d21427df552fad24d073a946842dc27ef14352acc9,2024-11-13T17:01:16.850000 +CVE-2024-48510,0,1,c0bda71a75c56137f5ca1653aef745d4cc18cf4bfb1f9d0f6b08426e5356f89d,2024-11-14T15:04:49.847000 CVE-2024-48514,0,0,772c22a7c82f7a2ba09c35b523755c3d2e15343c5a23d7fb25f81b1d3b219920,2024-10-25T12:56:07.750000 CVE-2024-4853,0,0,7e943be0a2434f6362f67f453fe22910f05fecde26076344b21d97f20b2d6efa,2024-08-29T15:15:31.687000 CVE-2024-48538,0,0,d00c6ae109958170edcc3a2c583c2ac0637abae567969e57f7b9a648e6c8cb40,2024-10-25T12:56:07.750000 @@ -264364,7 +264373,7 @@ CVE-2024-49030,0,0,c9a7899b731e7e21ab15d78ffa4829db8359d9664870da3d60526ba2b64a1 CVE-2024-49031,0,0,76e589007d176d255cc155e9dff94d0e944bbbe890e73fdcfe1aa9822eaf746a,2024-11-13T17:01:58.603000 CVE-2024-49032,0,0,dc0fe3f987adf6f5fba158b18eed0f6b69507da147d7eb044895c59cb102a012,2024-11-13T17:01:58.603000 CVE-2024-49033,0,0,e47ee622ccf21627eb20c3d53761336b4b0e91fa6ecbc58821b466ceec00b1d4,2024-11-13T17:01:58.603000 -CVE-2024-49039,0,0,425d1fd205fdc6ea8ea74b140e446e689d2310f1ae1b7fdac7fddc8000b2e615,2024-11-13T11:42:33.350000 +CVE-2024-49039,0,1,35081b6450a24914db672b1bfea30c0edc233e94d1f078f8c664cf196464b147,2024-11-14T15:20:51.670000 CVE-2024-4904,0,0,e08155723dc24ff1bcb5adf9d2f839d33f4e022ac557667a35564764380e5202,2024-06-04T19:20:52.380000 CVE-2024-49040,0,0,be49458de740c9721130038142e1187759fb23950dfc8c806ecf7b0472546f4b,2024-11-13T17:01:58.603000 CVE-2024-49042,0,0,8550e6f45d8ccfb522aabce24120e04e03609dbaf334f8e26399de3cabfb4b51,2024-11-13T17:01:16.850000 @@ -264542,7 +264551,7 @@ CVE-2024-49373,0,0,4aa9cfdbe744fd3ae046ca1eeb4ecc11fd5a7b167271bdbcafbe01dffbbbe CVE-2024-49376,0,0,190dbce5bcb7aada06f0c8b342eac2772846cf5d2a5dcc8eecc468a0b9c5d5e3,2024-10-28T13:58:09.230000 CVE-2024-49377,0,0,f0a66be903c1ae0848c0330b2ecd5bcb10926f277636c57c6f6f956b317ea158,2024-11-06T18:17:17.287000 CVE-2024-49378,0,0,09a13f2bc12578e659c5acb1c73f93e5796dca0b69672708f3a85d0256e97128,2024-10-28T13:58:09.230000 -CVE-2024-49379,0,0,b1568379d0d2289bd4e38934ba0faccc5dbd561f31c3409f3329eea3c22c6237,2024-11-13T18:15:22.153000 +CVE-2024-49379,0,1,3d849c956546825875132535f54762320e63df7b50f3a78cf46a30babea614e8,2024-11-14T16:35:15.103000 CVE-2024-49380,0,0,f56d412280c28c68a65e58c4bcb66239a0fd300a5ecc1079da487338d842284a,2024-10-28T13:58:09.230000 CVE-2024-49381,0,0,71a4e67e3ddb71af567e4cb5c0191b43844be30550e97b50591f623ef518effd,2024-10-28T13:58:09.230000 CVE-2024-49382,0,0,cd14c2989a948ff9829f4d119b31d603af2c2c459b5f5d9afd11a73e5c1e5fec,2024-10-16T13:53:45.860000 @@ -264556,9 +264565,9 @@ CVE-2024-4939,0,0,02ebdbdecbb04fb797cb0e62af7790a7212959b717e5fa68d9d371341b4150 CVE-2024-49390,0,0,bf8e2af7ccbb4b660c65e9bd08fe703dbfad2824c259f85985bd9875cc0e074f,2024-10-18T20:11:32.270000 CVE-2024-49391,0,0,7f95620910cf80d65ac312e14b00de0efd9f4bd72d46b29596e3846aec7b2c93,2024-10-18T20:10:38.790000 CVE-2024-49392,0,0,56ddd6b8f3dc25b477998ea94d765b7032f9ba1bc48f4ba6c67a16ed201e6e0b,2024-10-18T20:10:05.850000 -CVE-2024-49393,0,1,dd07e6002cd518ba746a2331ed1f338fb87b4a866a217aee2235c1514e3f4aa8,2024-11-14T14:31:17.470000 -CVE-2024-49394,0,1,d5f97eae6c0873ce8b9e1122e9a7e28411f8c17f166de4fa1249ef4579b02727,2024-11-14T13:38:04.143000 -CVE-2024-49395,0,1,ae7e35fe5ce34b09f62e3ac9b355c2e649fc23aa54abaa5921a7c81e6c195238,2024-11-14T13:33:35.787000 +CVE-2024-49393,0,0,dd07e6002cd518ba746a2331ed1f338fb87b4a866a217aee2235c1514e3f4aa8,2024-11-14T14:31:17.470000 +CVE-2024-49394,0,0,d5f97eae6c0873ce8b9e1122e9a7e28411f8c17f166de4fa1249ef4579b02727,2024-11-14T13:38:04.143000 +CVE-2024-49395,0,0,ae7e35fe5ce34b09f62e3ac9b355c2e649fc23aa54abaa5921a7c81e6c195238,2024-11-14T13:33:35.787000 CVE-2024-49396,0,0,dbaa3d388154985d86e8594d731b97904294f985dcd6b939c9b3040fa96316c2,2024-10-18T12:52:33.507000 CVE-2024-49397,0,0,958762caa5006a67fc74324331d920e22a8fe3617537f208fec92361877cfad4,2024-10-18T12:52:33.507000 CVE-2024-49398,0,0,1964f2918f2b62a12a26449777ec3d512771c9e0a90e6a92142f1221cf2a6f15,2024-10-18T12:52:33.507000 @@ -264586,7 +264595,7 @@ CVE-2024-4949,0,0,5c7ef1902f4beea866d1c7d9373440674707dc0a06c9e278c0f4652ccc170a CVE-2024-4950,0,0,e5fcb740f07c681c8eb3b4901aae32c365007c0ebdd7c7b0ee473dbffae68af1,2024-07-03T02:08:22.150000 CVE-2024-49501,0,0,b68f4d3131dd45c8240c685b13eebbf7042a3a95ee975ccc7d0b4e65e2269371,2024-11-01T12:57:03.417000 CVE-2024-49504,0,0,86c9b472052f0ea4a4bd6bdef1488d39ee144855e46d737a4797f2cc0539660e,2024-11-13T19:35:15.447000 -CVE-2024-49505,0,0,2e27d5bb7294cc538af1b06645a5a1b078d342897d623edcda872cb110f5bd3e,2024-11-13T17:01:16.850000 +CVE-2024-49505,0,1,9043ef27c37e59f459aeeab47ae7eba861f2336e99a41d3f55a370c360aa9647,2024-11-14T15:13:09.100000 CVE-2024-49506,0,0,b958d01a56bb53caf295e6b4283602e27694e05157e13b4fb9e3d58305d6e40b,2024-11-13T17:01:16.850000 CVE-2024-49507,0,0,60dbfba8797a04bb019b083462c0085f2555bb205f2f0bb9ce59c1eb0735d427,2024-11-13T17:15:11.667000 CVE-2024-49508,0,0,86ca2fb7b44bf3062ad36f70f6aa990de21a791f28f49222bfe753b49c315e82,2024-11-13T17:15:11.757000 @@ -264941,7 +264950,7 @@ CVE-2024-50032,0,0,637e150873829d1b7c3d3a118914d460721e34274ed685e063d54b031f3cb CVE-2024-50033,0,0,f5caec4f8c04db605d20117383bc458ca6e65ec95084b7fde0016122238acad5,2024-11-08T16:15:42.627000 CVE-2024-50034,0,0,ef0ee6c054fa6d95d82a1cc5e3a063aef10790efa19e561bb55f1a0df403b297,2024-10-24T19:56:29.170000 CVE-2024-50035,0,0,ffc04d199357a173d4223fe29c689eaf70e8d47e984e2c606898838a62c06bf4,2024-11-08T16:15:42.777000 -CVE-2024-50036,0,0,1d0df25807361a32d6b4d5f2b739fdb90a97c7801e06c67c2be03fc4ff1ca693,2024-11-04T18:34:21.040000 +CVE-2024-50036,0,1,0f6ab4d536ba4e84ee01c73a49c2a5c34cecd3c847ad919721628a0e458d745a,2024-11-14T16:15:19.890000 CVE-2024-50037,0,0,7b8bd0ced0d5a92e759859fc7f266b7f65512be91ea2b7830f75e01b13b64dae,2024-10-25T15:43:07.520000 CVE-2024-50038,0,0,5139188422bfac2a9578e368c33cca37aad41d76348b8b556e0dc9e15f35e6c4,2024-10-25T15:45:51.340000 CVE-2024-50039,0,0,ab3167d870cfc2e77f035ccab5e667f22c8d43cfb6a2a8e44bb6fae263ecada3,2024-11-08T16:15:43.850000 @@ -265036,7 +265045,7 @@ CVE-2024-50122,0,0,8fa5ecc8441fce39eacd047e1d8038dbb0133b8b5961545a6f40b34b693be CVE-2024-50123,0,0,47c50f926b815dddbd61627f3fd9f8fef8c8286dd5ab3c1e24f64c53dbadadc8,2024-11-08T20:03:49.163000 CVE-2024-50124,0,0,e0909d43069998015b15f2c2be1ecc325d5e7a282d97ea9e2301837a24362cf7,2024-11-08T20:04:05.847000 CVE-2024-50125,0,0,bc2ac1b7c523093f36f85867236818ba62e375028e47aa90f5c1f2b06727a050,2024-11-08T20:04:33.913000 -CVE-2024-50126,0,0,dbfa47698305a8999c2e2944df4ad8ac6f14000e7d729b9441150329d31a0e31,2024-11-08T20:03:02.093000 +CVE-2024-50126,0,1,e37f50c45f56bf9bc1503fcca3f1f5849808fcc05b4ed9e2695c177a8508c926,2024-11-14T16:15:19.990000 CVE-2024-50127,0,0,64da90787d2f46c1ab1a4928d01423a4b336781c327e5a269481015e6f90ad2c,2024-11-08T19:42:39.257000 CVE-2024-50128,0,0,b7dbb6a9a49d8e9414d7a901da420e1fe03b94f9cd0e0e6e7de0a18e1a53832f,2024-11-08T19:39:38.027000 CVE-2024-50129,0,0,d3ce45a272bbec319b8b74e0a3827589b78def498ef425d8fffb168db51be376,2024-11-07T21:49:14.723000 @@ -265156,14 +265165,14 @@ CVE-2024-50232,0,0,0c6baca26f996524128b09d605f0b3bf0d95fd238c93e0907dda664f554d9 CVE-2024-50233,0,0,473d154cb761240d3add769c4ee6ddd837c866821ef4a25766b10a7305f7e3bf,2024-11-13T18:25:06.407000 CVE-2024-50234,0,0,ac0f63d8d4d09780f2db08ff9fa546b233daa65e6e514b9dab7b69607dfd0b49,2024-11-14T02:25:47.490000 CVE-2024-50235,0,0,95dc5b12f943bb2e1000df581757d710e67730439209e7996d9f00ca97d8d3a4,2024-11-14T02:26:09.317000 -CVE-2024-50236,0,0,7352035a14d78c01622a750806b9a10ecbd80f9f5d7dd4c54d0b496023c976a1,2024-11-12T13:56:24.513000 -CVE-2024-50237,0,0,153554820f4f1f6877db56eb08bf1ff52c5580c63136198cf80fa5593b6b43d8,2024-11-12T13:56:24.513000 -CVE-2024-50238,0,0,21164d1932c9aa271a33a6621964cad7de0c843345a5007873ea26ed595a6df8,2024-11-12T13:56:24.513000 -CVE-2024-50239,0,0,ae9533a10286a9391938836e3faebe0216113e3227b3f19609bb2d2ea3609aeb,2024-11-12T13:56:24.513000 +CVE-2024-50236,0,1,6c02e6eb78cbd6f0d963dc2b5d2f29709d450333287f94f0409bf9c7c56145d8,2024-11-14T16:29:11.667000 +CVE-2024-50237,0,1,5571e487d92cb7f6aa8d977342e9e73915e39d2a60152feab9a6894d3f1b9cbf,2024-11-14T16:42:26.457000 +CVE-2024-50238,0,1,d0b842a8a561a82d832a3544122b19a3a7fd4fd116c6a22e550dbf5764eaa56e,2024-11-14T16:58:55.087000 +CVE-2024-50239,0,1,38decce5686c80657a1df5b76ecd0116b7780960ce0fd4ba1742692d8739f376,2024-11-14T16:59:29.413000 CVE-2024-5024,0,0,9dd3417f324a3df55f488e05c68d1854a15dd73bd49fdda06475c54e037a76e5,2024-09-04T14:33:57.200000 -CVE-2024-50240,0,0,2f077ad4fd5ccdf3b5ba2ce44e85364d2e13615cffc06674304da8dd186b1324,2024-11-12T13:56:24.513000 -CVE-2024-50241,0,0,a5bf76cb61364c8fcd93873dc49a757de39dd690c5891f004aa15d752ba3c201,2024-11-12T13:56:24.513000 -CVE-2024-50242,0,0,bdafe50a7ca91d1a9ac9fdfd320305af1da5c21b6c2e9faf44e9b3ca97eb393e,2024-11-12T13:56:24.513000 +CVE-2024-50240,0,1,6ee8ef36a13b944c3c825ebcb23b81c7f8d3a7575ddde9dcf5c4abd9449709c2,2024-11-14T15:57:23.960000 +CVE-2024-50241,0,1,34a0f850e49f153d1d75fd11cfdee7896b248f41995796d4454df1f15faa4bf5,2024-11-14T16:45:31.893000 +CVE-2024-50242,0,1,d4f799edec8868ee85f0f8ea9f5adcd678aecb38c6f0bc10eeebfb4d594fce99,2024-11-14T16:12:21.383000 CVE-2024-50243,0,0,76cb10239f532303013979a09eb72c14c8b2c7c888587a7474c2c87fbba4e4e8,2024-11-13T18:16:34.250000 CVE-2024-50244,0,0,3c4f601882f348ed9b2cca9cba37d26ef67900fe54be2aa344a34eb7b5e0db9d,2024-11-13T17:28:16.807000 CVE-2024-50245,0,0,05e7417907eec0d344f4f019d335736318867717f881e8b6a4faef9e6a31bbaf,2024-11-13T17:29:40.597000 @@ -265185,7 +265194,7 @@ CVE-2024-50259,0,0,f925a4db4dcd122437f9a6e8927ab90813121431650d14e88a53671417de5 CVE-2024-50260,0,0,05a63ba87ad199ac12bf4ea248cb7aed5d0afcea08fb2e43e5b32d282eebbf3f,2024-11-13T18:47:43.830000 CVE-2024-50261,0,0,b4e106f44d4a2eb815d0dd8f540fce25308f032b907e878b88914bfdb4dcb64c,2024-11-12T13:56:24.513000 CVE-2024-50262,0,0,491da488ea3f6be70bbe09eed55bf84625143c296910fe98f090fd0f0e85c13c,2024-11-13T21:10:44.267000 -CVE-2024-50263,0,0,2e071cb68f4a0777e46edaa767663e26ff7c76ecb6dc8a74b30d3bdec9f4ef8b,2024-11-12T13:55:21.227000 +CVE-2024-50263,0,1,031640c798eb6a3a8aeb817df2908ddb318a337ddb803a116f07c15a4af2eba6,2024-11-14T16:23:08.347000 CVE-2024-5028,0,0,6e4747168a055d3478d0389157f1378a0e5efd7245fc9814fa65e0cf7f805db7,2024-08-01T13:59:38.360000 CVE-2024-50305,0,0,32cba8395bb8f36501f7e711a4f56600fb80cd2e3ef145d3ce8fad1597b52437,2024-11-14T10:15:08.013000 CVE-2024-50306,0,0,727b7f8b36ac152cbb0b1c517b3517041fae26c484de46eade41a6fc95da4194,2024-11-14T10:15:08.230000 @@ -265433,18 +265442,20 @@ CVE-2024-50809,0,0,0543ed682b74f6a15eb703e6e2e2cbff22bee156f875bd21c519fc7274b92 CVE-2024-5081,0,0,0bebffdc717b25462ccb5a198cb29076c0fa0475011c795b0df7ab25d1acf197,2024-08-05T15:35:16.180000 CVE-2024-50810,0,0,7da23b2ab88a2657cb76543548549613aa1f561df30582c648f7520bf514f0d4,2024-11-12T13:56:54.483000 CVE-2024-50811,0,0,d8ef1ac40dcb898d28bb949cb8cb9a8ce73f83d8e224524d33d6a2ba92df335a,2024-11-12T13:56:54.483000 -CVE-2024-5082,0,0,88d35d1f63348d7d5073812c2929addf217861521e7371c84faac3ce9d6635ba,2024-11-14T03:15:03.533000 -CVE-2024-5083,0,0,28231bc1dc7fd1698d4099c899be955dc9eaf735ad397658c272181fd96fa897,2024-11-14T02:15:17.257000 -CVE-2024-50839,1,1,01a4cb840b0535726c185edefaa86436f619e3d4e1a2167ab900aeb8a5376a3e,2024-11-14T14:15:18.670000 +CVE-2024-5082,0,1,cb3e951bda46c1109919ca7a678dadb9606afdd347c29db218b2212393edae45,2024-11-14T16:35:15.960000 +CVE-2024-5083,0,1,354c3da34b8f763f544f0a11d2fd1368a94de7e7d66991c980b19b9a84dcb883,2024-11-14T16:35:16.267000 +CVE-2024-50837,1,1,405b4cc136eb171bf34357092c3a0a63361ace389b0942298f89a8ed106fa930,2024-11-14T15:15:08.990000 +CVE-2024-50838,1,1,f4369d3c55b4d044e3d2dd0a73a2206f4492d8056d13cb5effca1bbed6be19f8,2024-11-14T15:15:09.073000 +CVE-2024-50839,0,0,01a4cb840b0535726c185edefaa86436f619e3d4e1a2167ab900aeb8a5376a3e,2024-11-14T14:15:18.670000 CVE-2024-5084,0,0,79705ce3d53f6e7c72da00fccc935c6da44be9bf4354c31cd8528afb5e0a643e,2024-05-24T01:15:30.977000 -CVE-2024-50840,1,1,3d813cb211934508835bc9d301fcfabfa55b5a9894dad15799137f1cb81c064b,2024-11-14T14:15:18.793000 -CVE-2024-50841,1,1,516651e6c4b86a411991b1f2b4d432ac1cc362703e72635118b82d8f88d09f23,2024-11-14T14:15:18.880000 -CVE-2024-50842,1,1,2b4dabfeabf88b4c59124492811e940e22f038a63b22a4f1d64001c2d21b6369,2024-11-14T14:15:18.967000 -CVE-2024-50843,1,1,2e5763784084abfb6b2aa938fe6a9d65acf0f9a9701fbcbc297a0a7fb9b2cb2a,2024-11-14T14:15:19.050000 +CVE-2024-50840,0,0,3d813cb211934508835bc9d301fcfabfa55b5a9894dad15799137f1cb81c064b,2024-11-14T14:15:18.793000 +CVE-2024-50841,0,0,516651e6c4b86a411991b1f2b4d432ac1cc362703e72635118b82d8f88d09f23,2024-11-14T14:15:18.880000 +CVE-2024-50842,0,0,2b4dabfeabf88b4c59124492811e940e22f038a63b22a4f1d64001c2d21b6369,2024-11-14T14:15:18.967000 +CVE-2024-50843,0,0,2e5763784084abfb6b2aa938fe6a9d65acf0f9a9701fbcbc297a0a7fb9b2cb2a,2024-11-14T14:15:19.050000 CVE-2024-5085,0,0,6942e3068671e85a9578eddbb7240c8706dd53cd6ec5670c5d4ddd91c950a30a,2024-05-24T01:15:30.977000 -CVE-2024-50852,0,1,64b96a730bbab5fdeb50ea2ef9d8c753a3ee332a2ced5e6155c4d6262476cb74,2024-11-14T14:38:04.837000 -CVE-2024-50853,0,1,1baed05583acd81f33e173c1b1cff8a1aa290b815790fbe2c0ede1914c1b3840,2024-11-14T14:49:16.290000 -CVE-2024-50854,0,1,67bfda77d6c5c645b0417b0c2c4227fe4cc439883058a7354d1db3afaa98eb92,2024-11-14T14:43:25.770000 +CVE-2024-50852,0,0,64b96a730bbab5fdeb50ea2ef9d8c753a3ee332a2ced5e6155c4d6262476cb74,2024-11-14T14:38:04.837000 +CVE-2024-50853,0,0,1baed05583acd81f33e173c1b1cff8a1aa290b815790fbe2c0ede1914c1b3840,2024-11-14T14:49:16.290000 +CVE-2024-50854,0,0,67bfda77d6c5c645b0417b0c2c4227fe4cc439883058a7354d1db3afaa98eb92,2024-11-14T14:43:25.770000 CVE-2024-5086,0,0,cace1182cf9be3136b0c613ecdabc086a9a0b40661f04ebd6e230acc3565cbb0,2024-05-29T13:02:09.280000 CVE-2024-5087,0,0,1746857b68833d8900979ac8a67f81e6079dce1463e5a3122487cb2b7b074692,2024-10-31T18:26:54.500000 CVE-2024-5088,0,0,cba5e9039c2295e22c8cb155a75af3aef347c6e9813c2bf0c73f71f25ef00106,2024-05-20T13:00:34.807000 @@ -265459,11 +265470,11 @@ CVE-2024-50955,0,0,ec1df4774ced3ee8e08b0e6dc33a1298def9632e674148ec98ebb3b55df15 CVE-2024-50956,0,0,aa07eba7d8457d8deebcae0bdda9a793e5e68b4579e4144dcb9e44a634484de5,2024-11-13T22:15:15.773000 CVE-2024-5096,0,0,5ed717834c38883681c6d180e391a0fccee5714f6ff3215bd896b6366e61be87,2024-06-04T19:20:58.687000 CVE-2024-50966,0,0,17999db3c119b65097d64bae028974d0e6d4cf5d6910c7a7a211536c5ff5b48a,2024-11-08T19:01:03.880000 -CVE-2024-50969,0,1,f82f81fef8a82d72e4053f9ec8030a8d4d20833c5d6be0f5bb0e03f29d0491f9,2024-11-14T14:47:53.487000 +CVE-2024-50969,0,0,f82f81fef8a82d72e4053f9ec8030a8d4d20833c5d6be0f5bb0e03f29d0491f9,2024-11-14T14:47:53.487000 CVE-2024-5097,0,0,f8c17c92eeab06c631c7e3bccbcd56a5be798bb0ae3554a5ecf4b2a49f948336,2024-06-04T19:20:58.787000 -CVE-2024-50970,0,1,2e7889cd3277e474e337527bd160fa64940d7885ad18ecb1fd92dbeebea4ffd5,2024-11-14T14:52:08.097000 -CVE-2024-50971,0,1,848df10022c9f75f1c9b9af05147f0923c3bc4a87738961451f1396fe9fbaab2,2024-11-14T14:54:33.787000 -CVE-2024-50972,0,1,4e8fb2dd82bb709cf8c210bd21d32873aff8eb306d7b228bf00eb024671ceb3b,2024-11-14T14:55:08.567000 +CVE-2024-50970,0,0,2e7889cd3277e474e337527bd160fa64940d7885ad18ecb1fd92dbeebea4ffd5,2024-11-14T14:52:08.097000 +CVE-2024-50971,0,0,848df10022c9f75f1c9b9af05147f0923c3bc4a87738961451f1396fe9fbaab2,2024-11-14T14:54:33.787000 +CVE-2024-50972,0,0,4e8fb2dd82bb709cf8c210bd21d32873aff8eb306d7b228bf00eb024671ceb3b,2024-11-14T14:55:08.567000 CVE-2024-5098,0,0,51bb68a404444dbad57c4444d3880f6dd34c8b10fc09ab7783a9da02fb8f5608,2024-06-04T19:20:58.887000 CVE-2024-50989,0,0,539ed9c0a64887e69fa9cae96035a115db3a8a96afe0045140278b0fb7737495,2024-11-12T18:35:31.437000 CVE-2024-5099,0,0,c449033239abbf7fd2bba4f64694ff77374623f364f0fa141d0a92a151a3ab2c,2024-06-04T19:20:58.993000 @@ -265641,9 +265652,9 @@ CVE-2024-51485,0,0,31fff43947b857d031a4fdbb88a07c40af7e2b11b292e3abc7f2012e09de9 CVE-2024-51486,0,0,cfb832dac4d0cbf401700dcb55c0c7132e9df371a60e5f7ffc5aa427e996f6c8,2024-11-12T13:55:21.227000 CVE-2024-51487,0,0,9d095d095278ad4a0dff54fce8de4e672ea8d9b24e1c51cb430743545d0db5d0,2024-11-12T13:55:21.227000 CVE-2024-51488,0,0,ddbc9992d74d320bfbf1c9bd238e20d40adcec2b3d076a6778151cca6b5c7323,2024-11-12T13:55:21.227000 -CVE-2024-51489,0,0,0cefbe4dbcaaa0866187eb099ea8321597437d0d4248404acf8187700f80279a,2024-11-12T13:55:21.227000 +CVE-2024-51489,0,1,efa91bf89407165e94622b83e98374536f35ce2357c1330a17e23418c17b6aac,2024-11-14T15:46:50.553000 CVE-2024-5149,0,0,35aba13432990695b4ab26ada33d31578be519ff456b8edf807a15027d0b18f5,2024-06-06T14:15:01.960000 -CVE-2024-51490,0,0,e5bdf7d95e72c9b23f7eecc13cbbb80b5cece600f0fbe7e15102dd77e088e5e6,2024-11-12T13:55:21.227000 +CVE-2024-51490,0,1,d4714e4f1de2d271a9b1753a60e073ec7ec6d263502b222cf774a3e40303ce12,2024-11-14T15:30:15.643000 CVE-2024-51492,0,0,0a58c7013d2cd1abea36461b62b0843b3a8fe747b96ce2f6ac388e3c542b0b6c,2024-11-01T21:15:15.080000 CVE-2024-51493,0,0,905ca061a7e2249944cb0aec37c9054b75e237343bc05a733cf47492ea8f9f1d,2024-11-06T18:17:17.287000 CVE-2024-51498,0,0,a215c64a461c357224f24d4e16a3f3f3214ac081278e197bc9556945ad303f5e,2024-11-05T16:04:26.053000 @@ -265928,7 +265939,7 @@ CVE-2024-52028,0,0,4d053166f6459b35dbc5abb28e4fc3b18b596ce5d1996232d90ecaad96322 CVE-2024-52029,0,0,45a0bf857ef5def84cf99a7ced23782d689f019eff53b1ace413b47c193dc284,2024-11-05T16:35:57.397000 CVE-2024-5203,0,0,e867d44b31fa735ecaef1844aba382841138e742c9b7e957e6089969316cab00,2024-09-13T11:15:10.197000 CVE-2024-52030,0,0,dbd783f66b9834ef61aedd9eab2874c798fdd9f590b76fb0f940976162a98a15,2024-11-05T16:35:58.320000 -CVE-2024-52032,0,0,6b65d090166c2e680411be7c97febaa4916648a3bf79bfc6a7587651c62b78e2,2024-11-12T13:56:24.513000 +CVE-2024-52032,0,1,da112202e6072c5a1a7e2129bd4436f282e51f9a3ec6c9d1de2c9375ce190177,2024-11-14T16:47:21.583000 CVE-2024-5204,0,0,87eb5b753d379a1bd1ef79b260f2b73c84b7ff9a4b79082cf351323e04c98a6d,2024-05-29T13:02:09.280000 CVE-2024-52043,0,0,f628a95ee6f27b518880b39a2d7b1dea019d91185e307729da648217b18fdef9,2024-11-08T20:39:36.233000 CVE-2024-5205,0,0,4921ed356d4f56252ffbf3c608cb3301846a77ee8cc9c08ec7f0a543467e385d,2024-05-24T13:03:11.993000 @@ -265970,6 +265981,7 @@ CVE-2024-52299,0,0,b25255ab4f1b29c4028976bec468c74e39d28d9197a16d9d7dc41d1fe898e CVE-2024-5230,0,0,f45c8274ba28e0dc58bed98870ed092580a9c18662584e7c3debbd7f7cd359f4,2024-06-04T19:21:02.540000 CVE-2024-52300,0,0,f4e4e536b3ce93b4bea9ba04caa74bba8b78b20ed3e702dcbb1c83ad51694c69,2024-11-13T17:01:16.850000 CVE-2024-52301,0,0,091c40845cee35a6db54cae490564bdae10317d21b9b1b70a65b6fc3311911d8,2024-11-13T17:01:16.850000 +CVE-2024-52302,1,1,bec456bb6d847ca2f982f444c73f49a605fb31e8a54bf47ab023a23471898db3,2024-11-14T16:15:20.087000 CVE-2024-52305,0,0,dc609877fc9dfb62c6c6bc68486e8898c1a92ac08e89f322ce436991076d7cdb,2024-11-13T19:15:08.853000 CVE-2024-52306,0,0,59f18663771ceab92cba47c3e31ee5dd3eed1ee3c6f7144187a60ded4a98f970,2024-11-13T17:01:16.850000 CVE-2024-5231,0,0,255bed42ab2a064a39e6f8c88880296d2f7a7d154f3db6dc7f4df2fa244d299f,2024-06-04T19:21:02.640000 @@ -266005,6 +266017,7 @@ CVE-2024-5247,0,0,fdfe6c1388c42f602cdcb0ffda38b56b5f1ed960e60bfada435f42d294b295 CVE-2024-5248,0,0,6cfa5cec6de457c13d7096887dc7c2d8bd99f0e898238886822e69d1ee66037e,2024-11-03T17:15:14.860000 CVE-2024-5249,0,0,7881e207dd06fe76500d559735f87b1084a494789351514ee988debe74e79673,2024-10-01T14:26:17.410000 CVE-2024-5250,0,0,b4b370273f1fe30d94b715ad219dda570a7dcb84192abd50c3cb746299bdbb93,2024-10-01T14:33:47.727000 +CVE-2024-52505,1,1,57ccd65234ca26ee122006fc2fd297cd6476ffcbc3e000ccfd260aa2e522cc64,2024-11-14T16:15:20.220000 CVE-2024-5251,0,0,7d84d2df7bf6674f7d634954defb2f38b0363c19ae19f78012df0aa633abf27a,2024-07-19T15:25:30.980000 CVE-2024-5252,0,0,1b28d536afc88eae5088fe06ff49428bbad5ffcb2aa7139fe40c4c06d2601422,2024-07-19T15:29:35.447000 CVE-2024-5253,0,0,73f9562f224a9a11b8b8279a7bf00d920003fa046cb7c88a3a55caf281adabe4,2024-07-19T15:30:34.717000 @@ -266016,8 +266029,8 @@ CVE-2024-5254,0,0,78882d871be0a19bc95888168cf12372f503de77ac359f287536c8f062c385 CVE-2024-52549,0,0,3c79f42de089400023832f2a700dadf63bd2b4467e19d3aa8d7949f383760707,2024-11-13T22:35:09.080000 CVE-2024-5255,0,0,a9d47c22e8985fc8d8b40f4bef3272595484bdbc8485e44830cb58ee997ab90f,2024-07-19T15:32:18.850000 CVE-2024-52550,0,0,ad35d846143676674f55bb39e6439a9aa1d1c39a085e8380205c3f9c7636b1e0,2024-11-13T21:15:29.293000 -CVE-2024-52551,0,0,2266dc96224bc91ae4c226d7ffd9e26bf25cf8a0106b8870f21d0d1b91586ac0,2024-11-13T21:15:29.350000 -CVE-2024-52552,0,0,451e49a6b670795b49c6af2a764a9f62a28bffa6cb71ca6f9b6e6a49949d17d0,2024-11-13T21:15:29.410000 +CVE-2024-52551,0,1,7ee16d2302efffc22faf9ec686be6c4a45304f424ee88d43bce465c18138ce1f,2024-11-14T15:35:10.030000 +CVE-2024-52552,0,1,bdb4f02fc3d28749ea47fb312bc85b815498f8ace92224d78ef1aa7a8d2bc842,2024-11-14T15:35:10.847000 CVE-2024-52553,0,0,5602c295c7578b126a9c46f9cdfcc2e7851420bc881f6e4c49d092d872bff3dd,2024-11-13T22:35:09.903000 CVE-2024-52554,0,0,3f7ed4dee0fd87788192b6e6774565b96dc8c5231e31c40c962e78bcb5935f64,2024-11-13T22:35:10.700000 CVE-2024-5256,0,0,c0c79be075ef53b66bd4c726b840e366d70c6f0c56013178c0440e2e2bf91c1e,2024-09-24T18:41:40.007000 @@ -267546,7 +267559,7 @@ CVE-2024-7006,0,0,e9b22d94c1d987f14202223e075626537518a066054d4c98d0331f98649e69 CVE-2024-7007,0,0,6c2603aae32d52f56620cb62e82bb337e026d3d4a4716b72dab9674c5cf4b216,2024-08-26T16:40:44.500000 CVE-2024-7008,0,0,e9008eac80639f6b75fc8244a6b0baab3d6a7fa095b7e9aa58d7626a117a490a,2024-08-19T17:19:25.390000 CVE-2024-7009,0,0,63b067a161bbf9c0630f63b1d51ac801565652e58cd58fdd4516392106a400e2,2024-08-19T17:18:50.290000 -CVE-2024-7010,0,1,63d0359f1335f98eeb3ad936ec8c6dfacb71c64bfb5970a382e3e7b19e31c8a7,2024-11-14T14:15:19.160000 +CVE-2024-7010,0,0,63d0359f1335f98eeb3ad936ec8c6dfacb71c64bfb5970a382e3e7b19e31c8a7,2024-11-14T14:15:19.160000 CVE-2024-7011,0,0,99ce7f2b3659c5d531a27a1468b259c3a2cc0e8369192e731629993addf70828,2024-11-05T20:35:26.370000 CVE-2024-7012,0,0,a44bf28aa4086113e2305dbe5b19c7911be8e5988385565b873f36daf3fb0872,2024-11-06T09:15:04.187000 CVE-2024-7013,0,0,b2d18f592f803beaaf02ae1066b68bd9f1fd65046672577949ac6ff9d71880f4,2024-08-21T12:30:33.697000 @@ -267622,6 +267635,7 @@ CVE-2024-7120,0,0,dd88c4d4f5099fe6bbb2fa59d0942931f85db230d235608307fdbb069312e6 CVE-2024-7121,0,0,fdae6687b65374b6aec5500198958517002acfa86b757e82c1fe85c4c568e879,2024-08-08T17:15:19.820000 CVE-2024-7122,0,0,348ac43c4b3841d8ea6bf4cc4c8ca071e08de7e4a4af578e88c361afae480157,2024-09-03T14:41:02.420000 CVE-2024-7123,0,0,9cd56c5d21be01850838f11a2df252558cd6c9b176bc2485ad2b1b549f072ade,2024-08-08T17:15:19.970000 +CVE-2024-7124,1,1,72459d434c06551bc3a4110fda6383a68bf60af42d29b0530243092ffc7b8244,2024-11-14T15:15:09.177000 CVE-2024-7125,0,0,eeabb5486a5ad2f2094206d4f0142bb635fc7a57bcd2279354b026b1e44628c1,2024-08-27T13:01:37.913000 CVE-2024-7127,0,0,2842be40cd41bba2687b1d2d238a3a521369bfe05553f868496bd1f3f7f4951f,2024-08-23T14:00:59.740000 CVE-2024-7128,0,0,22b40e3236f05da8de2b73f629340b5796a3b45429dedc50864bf862ccb583f9,2024-07-29T14:12:08.783000 @@ -267856,7 +267870,7 @@ CVE-2024-7398,0,0,4bceec8e4e1ae5d86e69945d7f8f61d9ec5b7ac80a4cf5b22e0ebbed499850 CVE-2024-7399,0,0,94de8cab81b119f815fa73c008811f38562f3609d3da13634aecbd720ea861e6,2024-08-13T15:30:52.337000 CVE-2024-7400,0,0,880bea0e2ff4ceadacbe376968f4ebe20bb468fa58e2ed97aa47316bc459f45c,2024-09-30T12:46:20.237000 CVE-2024-7401,0,0,43ffed7b6ca165f2a0da7944b4e4cef6faa3da0b6dbd419986732fe262f21587,2024-09-05T18:34:17.433000 -CVE-2024-7404,1,1,e2b94883a3e96458c9c97bac0c6868ccb3a61249960a651bd90de0fc72d255de,2024-11-14T13:15:05.050000 +CVE-2024-7404,0,0,e2b94883a3e96458c9c97bac0c6868ccb3a61249960a651bd90de0fc72d255de,2024-11-14T13:15:05.050000 CVE-2024-7408,0,0,a5191010d29cd8fd3daea07e74870b9bf130ede8610ab518fb24ce3a11a386f4,2024-08-13T16:06:08.213000 CVE-2024-7409,0,0,a0a6addbe3c2f0cc1db031d3b6ccbc76b45c7e3857a91ea8908f269e71f57171,2024-11-12T17:15:10.833000 CVE-2024-7410,0,0,d4e8b81d7bab3d90baf0746a6fdf1d2e1dd63b1bd2599e20b73bae4467a0729b,2024-08-12T13:41:36.517000 @@ -267917,7 +267931,7 @@ CVE-2024-7469,0,0,9480167bec5dcea6298d57f7311e33d09ca16fde559c0d2101bf57fd073ab0 CVE-2024-7470,0,0,c378df60a1369914caa48d0c9b95c12c12b8030c63ff1d7f88f18ec0798c6329,2024-08-06T17:37:07.923000 CVE-2024-7472,0,0,cfb9d72479737a220f88555f5248b8b3adcebcdf0dd499def604c090ee01833e,2024-10-31T18:46:32.497000 CVE-2024-7473,0,0,a4deb407d29d0405a1b70884b0161d6daf251d658f354fc540ccc3d279e77039,2024-11-03T17:15:15.493000 -CVE-2024-7474,0,1,55d7fc22f849105c14e0a594281e94efedbedcaf152bd5662a95f62d70d28c9f,2024-11-14T14:15:19.373000 +CVE-2024-7474,0,0,55d7fc22f849105c14e0a594281e94efedbedcaf152bd5662a95f62d70d28c9f,2024-11-14T14:15:19.373000 CVE-2024-7475,0,0,98a79c043782f8a9df2ab4b96aa1123a6ffa4730e6f842b890ad4df43a8b8e4f,2024-11-04T13:55:37.233000 CVE-2024-7477,0,0,b965ae55657c73e31f78218a320569adb7f93e50d4b13da2aa9ac96583a28b42,2024-09-11T15:03:06.637000 CVE-2024-7479,0,0,a6b359841d759122cd71cb2a661ca0e606e049ff6b266c86e006d82fc6844772,2024-09-26T13:32:02.803000 @@ -268190,7 +268204,7 @@ CVE-2024-7799,0,0,00b687245dbb834ce768a34773e6d247f116248fb1170e2cff00e71dda4a9f CVE-2024-7800,0,0,648c15c60d543078675ed09d23bcee51c2c4405b9726708dfb6ef04a08b9ac6a,2024-08-19T16:50:39.993000 CVE-2024-7801,0,0,bed682b6222cb0c9f77cc5a0751ff36b1d3476d22f8b98362a2b5472dbe7cc5b,2024-10-17T15:19:27.053000 CVE-2024-7805,0,0,135d6da17dfa4c84aefd569e9d92e16548bde418c54a07f703c8b45a0b8c6cd9,2024-09-11T14:15:13.560000 -CVE-2024-7807,0,1,978d4a2b89b4babcaa0b8674288d04ee1441e76f036e8ad2b9b2d7097bedd949,2024-11-14T14:15:19.500000 +CVE-2024-7807,0,0,978d4a2b89b4babcaa0b8674288d04ee1441e76f036e8ad2b9b2d7097bedd949,2024-11-14T14:15:19.500000 CVE-2024-7808,0,0,969711922c4e0f4c36191148ae8c5b992516373bcf5aef167544cc98dd0f6ef8,2024-08-19T18:07:44.270000 CVE-2024-7809,0,0,60527746c8c58a9337e860dd0533a4fd053da5d7ab44e27861411efc76582427,2024-08-19T18:11:18.537000 CVE-2024-7810,0,0,501ecfcc11cf2cc73802b4d3933bb0470270948711ab4bd8700d22a848dae6e6,2024-08-19T18:12:14.090000 @@ -268397,7 +268411,7 @@ CVE-2024-8056,0,0,7d94e922f5f6064358baece439e000bb5b536e03070693d567d210e7b17a44 CVE-2024-8059,0,0,bdae740e9708e98c12d1deb7f7b4958a4e9e21cc3d70a47ecc6f19d9246061d0,2024-09-14T11:47:14.677000 CVE-2024-8064,0,0,9afbec42e91ccdf5ae5f9527bb691367cd47bbf3ee2caa0cb5423b43e5fdd860,2024-08-30T16:15:11.120000 CVE-2024-8067,0,0,21c0729ad9dc772677b9fbf75bb24db3bcf4512001a88b1eef9d39bf31f69153,2024-09-26T13:32:02.803000 -CVE-2024-8068,0,0,f5b48c895cd1824aec6cb943f916bb5bca81a64dc257ab37895fedfc809c82c8,2024-11-13T17:01:16.850000 +CVE-2024-8068,0,1,92bf492c93bfdf933d88daee82de5a343107eb1d58a2ff620afd3db17bb520ef,2024-11-14T16:35:16.750000 CVE-2024-8069,0,0,9cc484ce45e2ef692951fa94c7892a728fd1a2b63d61cf30849697510352a1fb,2024-11-13T17:01:16.850000 CVE-2024-8070,0,0,fe9b454067f74b13c9d22e1bfea14cc77320169fffe5e56dce182517c870c1a6,2024-10-15T12:57:46.880000 CVE-2024-8071,0,0,ac7c2c7e7df896f6bfe7f17a6e74f8de236e5ec843865384cdf53fde1e533098,2024-08-23T15:34:53.913000 @@ -268845,7 +268859,7 @@ CVE-2024-8643,0,0,65992d3896b37b48df19952ad7033017b9b000296b656714e5a6ab5e9ea7fe CVE-2024-8644,0,0,8daf59c098b2276a29dcd1d73a81642c115f1f83d1a0bcca3d09a68de0fbf0d0,2024-10-04T17:14:20.587000 CVE-2024-8645,0,0,a9ec59eb761dcf7b03b051641e3314ff9102e8e55de30e4e3a512e1bddcece61,2024-09-10T12:09:50.377000 CVE-2024-8646,0,0,80914337a2bd562d2db1f36aec06ad883cb607d6cc039af494590eb0a0b50d8e,2024-09-18T20:20:51.643000 -CVE-2024-8648,1,1,43ab4e0d4e4c0d1da9e2f5bfa98e7e8061916cc15d0b838a453b324dcbda7d27,2024-11-14T13:15:05.323000 +CVE-2024-8648,0,0,43ab4e0d4e4c0d1da9e2f5bfa98e7e8061916cc15d0b838a453b324dcbda7d27,2024-11-14T13:15:05.323000 CVE-2024-8651,0,0,98f15bd48d1c12270cdb328a70de9359f32b42ef85efa713989e765f41ce1150,2024-09-23T17:51:13.050000 CVE-2024-8652,0,0,5d01775755896a4299850c49803f86a9d1b46ea9f2e8832e738f33bf1157fe52,2024-09-23T17:53:49.197000 CVE-2024-8653,0,0,9ff517ad541f0c9badefd1c8205a26f97eafbec49ef5c58c2bc37d53706b328b,2024-09-23T17:55:01.610000 @@ -268984,8 +268998,8 @@ CVE-2024-8876,0,0,adf401fb4b8b2c24f06ac7d28fd2360497bd835317abc655be39e3ccb04a97 CVE-2024-8877,0,0,072c8e486444961bae4945079e8c7eda87a37fe8ff462296a0eff944cb3f1801,2024-09-30T15:31:14.690000 CVE-2024-8878,0,0,d355a1999baf0c8606d16796b1d3b0e1dca83258ab14464d5a94be439e5488d1,2024-09-30T15:21:31.693000 CVE-2024-8880,0,0,4890b5d8ccfd73a7de9d70be358a6aa9c5c8f4db772389c703fb4d83ffb621f1,2024-09-20T16:41:38.030000 -CVE-2024-8881,0,1,2d20e71b96fa8b3ff7e773e40c239e05324f6f9dc9c26aafb144057fa3241e82,2024-11-14T13:51:11.257000 -CVE-2024-8882,0,1,0ecc0d0a24c3fe939832f637ffae4f224e113185d3895ca1cbc077cff072f3c6,2024-11-14T13:42:12.347000 +CVE-2024-8881,0,0,2d20e71b96fa8b3ff7e773e40c239e05324f6f9dc9c26aafb144057fa3241e82,2024-11-14T13:51:11.257000 +CVE-2024-8882,0,0,0ecc0d0a24c3fe939832f637ffae4f224e113185d3895ca1cbc077cff072f3c6,2024-11-14T13:42:12.347000 CVE-2024-8883,0,0,ef867150b75a006b88b657706b5ccab0ed5de191cb19aa041336ee55b15eac37,2024-11-05T04:15:03.467000 CVE-2024-8884,0,0,bbe657acd3b81809e4c38d289d4690d33ce15843f154a38b409847ce2483e4ec,2024-10-10T12:56:30.817000 CVE-2024-8885,0,0,3d17cd6b07f76e6b7b78ee39290572c27afe08953d025655a317633960052841,2024-10-04T13:50:43.727000 @@ -269387,7 +269401,7 @@ CVE-2024-9471,0,0,2517c360d1e41d9c7ea79e15df7f34465e8f98b985f9011876ffa34a1656df CVE-2024-9472,0,0,dc9ffbb1de0e29c95cab92cb460779413a192268196ad2222d33e0638a30bd5d,2024-11-14T10:15:09.423000 CVE-2024-9473,0,0,2610a860a1ec132e11b499793a273ee08374ba46887944874ff47b7b5fdd4588,2024-10-17T06:15:04.983000 CVE-2024-9475,0,0,273622ecfea8dd0cb8d3a034084a5946e50b2bee83443e844bae24857067e968,2024-10-28T13:58:09.230000 -CVE-2024-9476,0,0,c74fb00e254178958964ec01cef72d6ba991350b2ce7f9bcc28af446dec9cb13,2024-11-13T17:15:12.747000 +CVE-2024-9476,0,1,cd14ba23f0939f14e898d7f7298e9013daf249f037aae2844de7db822bf77631,2024-11-14T16:35:17.013000 CVE-2024-9477,0,0,d96fc519f7a9945d386fdd8950ef88a71881f191581b1624fa0de9c4a83d5a52,2024-11-13T17:01:16.850000 CVE-2024-9481,0,0,00fc2967ba19d907f5a39395cc30079db3ef641b613179e4b9951bd38c8d6817,2024-11-08T20:49:03.597000 CVE-2024-9482,0,0,761865a3338cb95ad6952db46fced2e0b200e6722c7208c63ea4447e2930458e,2024-11-08T20:49:58.077000 @@ -269490,7 +269504,7 @@ CVE-2024-9628,0,0,61a27472b9da741357728e2747c61581a42641370f854cfe14defa2dd6861d CVE-2024-9629,0,0,31c72e7d62d8dbf8ba1681676a61a2f04680ade1749c367b775242f4864b6d17,2024-10-29T14:34:50.257000 CVE-2024-9630,0,0,95cf42fc9d833aab63558caaeb38c94fd9570f2d1a1e45300ec7feb07db9cd04,2024-10-25T12:56:07.750000 CVE-2024-9632,0,0,c06a5ac998e148649dc6c5dee5c57116c25a0e87e4991e75c7be58f6925baae3,2024-11-13T20:15:17.487000 -CVE-2024-9633,1,1,0402d9c47d57ccecc722f11847f72044d4ddecdfc221cd0e358bd44639a93f26,2024-11-14T14:15:19.660000 +CVE-2024-9633,0,0,0402d9c47d57ccecc722f11847f72044d4ddecdfc221cd0e358bd44639a93f26,2024-11-14T14:15:19.660000 CVE-2024-9634,0,0,d64c376a2cd176bba19f7a8121026bf8ac88c7cb95243ab4e56bfc5d5fa1c1d3,2024-10-16T16:38:14.557000 CVE-2024-9637,0,0,bfd23401e1c5bf70ae99ee491fd04ce8ab223b8247ed87e78ca84ed9446a1b72,2024-10-28T13:58:09.230000 CVE-2024-9642,0,0,647a46d1d1e49bfca6a77d0bd6bf95c53250c168d1d2756cdcd405ced420913f,2024-10-28T13:58:09.230000