admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-07-11T04:00:18.744636+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-07-11 04:03:12 +00:00
parent ee952659d6
commit e1e0f1202e
32 changed files with 2066 additions and 131 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

133
CVE-2016/CVE-2016-150xx/CVE-2016-15039.json Normal file
View File

@ -0,0 +1,133 @@
{
"id": "CVE-2016-15039",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-11T03:15:02.270",
"lastModified": "2024-07-11T03:15:02.270",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in mhuertos phpLDAPadmin up to 665dbc2690ebeb5392d38f1fece0a654225a0b38. Affected by this vulnerability is the function makeHttpRequest of the file htdocs/js/ajax_functions.js. The manipulation leads to http request smuggling. The attack can be launched remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The patch is named dd6e9583a2eb2ca085583765e8a63df5904cb036. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-270523."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-444"
}
]
}
],
"references": [
{
"url": "https://github.com/mhuertos/phpLDAPadmin/commit/dd6e9583a2eb2ca085583765e8a63df5904cb036",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.270523",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.270523",
"source": "cna@vuldb.com"
}
]
}

67
CVE-2024/CVE-2024-11xx/CVE-2024-1168.json
View File

@ -2,8 +2,9 @@
"id": "CVE-2024-1168",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-20T02:15:09.420",
"lastModified": "2024-06-20T12:43:25.663",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-11T02:52:36.687",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
@ -17,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -38,14 +59,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:seopress:seopress:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "7.9",
"matchCriteriaId": "53BE2D45-A1F2-485E-A036-2DA2422F7822"
}
]
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/wp-seopress/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c446f429-1981-4d6d-a5ec-a5837428d212?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-223xx/CVE-2024-22387.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-22387",
"sourceIdentifier": "disclosures@gallagher.com",
"published": "2024-07-11T03:15:02.660",
"lastModified": "2024-07-11T03:15:02.660",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "External Control of Critical State Data (CWE-642) in the Controller 6000 and Controller 7000 diagnostic web interface allows an authenticated user to modify device I/O connections leading to unexpected behavior that in some circumstances could compromise site physical security controls. Gallagher recommend the diagnostic web page is not enabled (default is off) unless advised by Gallagher Technical support. This interface is intended only for diagnostic purposes.\n\n\n\nThis issue affects:\u00a0Gallagher Controller 6000 and 7000 \n\n9.10 prior to vCR9.10.240520a (distributed in 9.10.1268(MR1)), 9.00 prior to vCR9.00.240521a (distributed in 9.00.1990(MR3)), 8.90 prior to vCR8.90.240520a (distributed in 8.90.1947 (MR4)),\u00a08.80 prior to vCR8.80.240520a (distributed in 8.80.1726 (MR5)), 8.70 prior to vCR8.70.240520a (distributed in 8.70.2824 (MR7)), all versions of 8.60 and prior."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "disclosures@gallagher.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "disclosures@gallagher.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-642"
}
]
}
],
"references": [
{
"url": "https://security.gallagher.com/Security-Advisories/CVE-2024-22387",
"source": "disclosures@gallagher.com"
}
]
}

56
CVE-2024/CVE-2024-231xx/CVE-2024-23194.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-23194",
"sourceIdentifier": "disclosures@gallagher.com",
"published": "2024-07-11T03:15:02.903",
"lastModified": "2024-07-11T03:15:02.903",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper output Neutralization for Logs (CWE-117) in the Command Centre API\u00a0Diagnostics Endpoint could allow an attacker limited ability to modify Command Centre log files. \n\nThis issue affects:\u00a0Gallagher Command Centre v9.10 prior to vEL9.10.1268 (MR1)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "disclosures@gallagher.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "disclosures@gallagher.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-117"
}
]
}
],
"references": [
{
"url": "https://security.gallagher.com/Security-Advisories/CVE-2024-23194",
"source": "disclosures@gallagher.com"
}
]
}

56
CVE-2024/CVE-2024-233xx/CVE-2024-23317.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-23317",
"sourceIdentifier": "disclosures@gallagher.com",
"published": "2024-07-11T03:15:03.130",
"lastModified": "2024-07-11T03:15:03.130",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "External Control of File Name or Path (CWE-73) in the Controller 6000 and Controller 7000 allows an attacker with local access to the Controller to perform arbitrary code execution. \n\nThis issue affects:\u00a09.10 prior to vCR9.10.240520a (distributed in 9.10.1268(MR1)), 9.00 prior to vCR9.00.240521a (distributed in 9.00.1990(MR3)), 8.90 prior to vCR8.90.240520a (distributed in 8.90.1947 (MR4)), 8.80 prior to vCR8.80.240520a (distributed in 8.80.1726 (MR5)), 8.70 prior to vCR8.70.240520a (distributed in 8.70.2824 (MR7)), all versions of 8.60 and prior."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "disclosures@gallagher.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "disclosures@gallagher.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-73"
}
]
}
],
"references": [
{
"url": "https://security.gallagher.com/Security-Advisories/CVE-2024-23317",
"source": "disclosures@gallagher.com"
}
]
}

56
CVE-2024/CVE-2024-234xx/CVE-2024-23485.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-23485",
"sourceIdentifier": "disclosures@gallagher.com",
"published": "2024-07-11T03:15:03.327",
"lastModified": "2024-07-11T03:15:03.327",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation (CWE-1304) in the Controller 6000 and 7000 can lead to secured door locks connected via Aperio Communication Hubs to momentarily allow free access.\u00a0\n\nThis issue affects:\u00a0Gallagher Controller 6000 and 7000\u00a09.10 prior to vCR9.10.240520a (distributed in 9.10.1268(MR1)), 9.00 prior to vCR9.00.240521a (distributed in 9.00.1990(MR3)), \u00a08.90 prior to vCR8.90.240520a (distributed in 8.90.1947 (MR4)),\u00a08.80 prior to vCR8.80.240520a (distributed in 8.80.1726 (MR5)), 8.70 prior to vCR8.70.240520a (distributed in 8.70.2824 (MR7)), all versions of 8.60 and prior."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "disclosures@gallagher.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "disclosures@gallagher.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1304"
}
]
}
],
"references": [
{
"url": "https://security.gallagher.com/Security-Advisories/CVE-2024-23485",
"source": "disclosures@gallagher.com"
}
]
}

97
CVE-2024/CVE-2024-35xx/CVE-2024-3558.json
View File

@ -2,8 +2,9 @@
"id": "CVE-2024-3558",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-20T02:15:09.663",
"lastModified": "2024-06-20T12:43:25.663",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-11T02:52:17.780",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
@ -17,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -38,38 +59,92 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:custom_field_suite_project:custom_field_suite:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.6.7",
"matchCriteriaId": "C0358603-4EBD-4D4F-A16B-2DE473CC4B16"
}
]
}
]
}
],
"references": [
{
"url": "https://core.trac.wordpress.org/ticket/56655",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://en-gb.wordpress.org/plugins/custom-field-suite/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/WordPress/WordPress/blob/22d95abc55824e83904dc0fef290464b6bec7708/wp-admin/includes/template.php#L1384",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/mgibbs189/custom-field-suite/blob/963dfcede18ff4ad697498556d9058db07d74fa3/includes/api.php#L282",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/mgibbs189/custom-field-suite/blob/963dfcede18ff4ad697498556d9058db07d74fa3/includes/field_group.php#L20",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/mgibbs189/custom-field-suite/blob/963dfcede18ff4ad697498556d9058db07d74fa3/includes/form.php#L64",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://mgibbs189.github.io/custom-field-suite/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8e4dc6fd-4bd5-4ed1-ade0-cf2f8831fac3?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-383xx/CVE-2024-38347.json
View File

@ -2,8 +2,9 @@
"id": "CVE-2024-38347",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-18T17:15:52.583",
"lastModified": "2024-06-20T12:44:01.637",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-07-11T02:51:11.043",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
@ -14,15 +15,74 @@
"value": "Se descubri\u00f3 que CodeProjects Health Care hospital Management System v1.0 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL en el m\u00f3dulo de informaci\u00f3n de la habitaci\u00f3n a trav\u00e9s del par\u00e1metro id."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:health_care_hospital_management_system_project:health_care_hospital_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BD74EE23-7D08-4E89-B9C8-32ABE39D428F"
}
]
}
]
}
],
"references": [
{
"url": "https://code-projects.org/health-care-hospital-in-php-css-js-and-mysql-free-download/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/SandeepRajauriya/CVEs/blob/main/CVE-2024-38347",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-383xx/CVE-2024-38348.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-38348",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-18T17:15:52.677",
"lastModified": "2024-07-03T02:04:55.710",
"lastModified": "2024-07-11T02:50:33.110",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,14 +81,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:health_care_hospital_management_system_project:health_care_hospital_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BD74EE23-7D08-4E89-B9C8-32ABE39D428F"
}
]
}
]
}
],
"references": [
{
"url": "https://code-projects.org/health-care-hospital-in-php-css-js-and-mysql-free-download/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/SandeepRajauriya/CVEs/blob/main/CVE-2024-38348",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-389xx/CVE-2024-38972.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-38972",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:10.703",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T03:00:24.250",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-ports/add/."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web o HTML de su elecci\u00f3n a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Name en /dcim/power-ports/add/."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

33
CVE-2024/CVE-2024-406xx/CVE-2024-40618.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-40618",
"sourceIdentifier": "cve@navercorp.com",
"published": "2024-07-11T02:15:01.680",
"lastModified": "2024-07-11T02:15:01.680",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Whale browser before 3.26.244.21 allows an attacker to execute malicious JavaScript due to improper sanitization when processing a built-in extension."
}
],
"metrics": {},
"weaknesses": [
{
"source": "cve@navercorp.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://cve.naver.com/detail/cve-2024-40618.html",
"source": "cve@navercorp.com"
}
]
}

68
CVE-2024/CVE-2024-407xx/CVE-2024-40726.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-40726",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:11.110",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T02:58:57.177",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-ports/{id}/edit/."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web arbitrarios o HTML a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Name en /dcim/power-ports/{id}/edit/."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-407xx/CVE-2024-40727.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-40727",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:11.187",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T02:59:07.627",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/add/."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web o HTML de su elecci\u00f3n a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Name en /dcim/console-server-ports/add/."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-407xx/CVE-2024-40728.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-40728",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:11.270",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T02:59:17.007",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/{id}/edit/."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web arbitrarios o HTML a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Name en /dcim/console-server-ports/{id}/edit/."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-407xx/CVE-2024-40729.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-40729",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:11.353",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T02:59:25.527",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/interfaces/add/."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web o HTML de su elecci\u00f3n a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Name en /dcim/interfaces/add/."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-407xx/CVE-2024-40730.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-40730",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:11.440",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T02:59:34.663",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/interfaces/{id}/edit/."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web arbitrarios o HTML a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Name en /dcim/interfaces/{id}/edit/."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-407xx/CVE-2024-40731.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-40731",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:11.520",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T02:57:45.750",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/rear-ports/{id}/edit/."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web o HTML de su elecci\u00f3n a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Name en /dcim/rear-ports/{id}/edit/."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-407xx/CVE-2024-40732.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-40732",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:11.610",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T02:57:54.827",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/rear-ports/add/."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web o HTML de su elecci\u00f3n a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Name en /dcim/rear-ports/add/."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-407xx/CVE-2024-40733.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-40733",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:11.700",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T02:58:05.973",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/front-ports/{id}/edit/."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web arbitrarios o HTML a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Name en /dcim/front-ports/{id}/edit/."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-407xx/CVE-2024-40734.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-40734",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:11.787",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T02:58:16.737",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/front-ports/add/."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web o HTML de su elecci\u00f3n a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Name en /dcim/front-ports/add/."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-407xx/CVE-2024-40735.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-40735",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:11.867",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T02:58:27.747",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-outlets/{id}/edit/."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web o HTML de su elecci\u00f3n a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Name en /dcim/power-outlets/{id}/edit/."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-407xx/CVE-2024-40736.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-40736",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:11.947",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T02:58:38.027",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-outlets/add."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web o HTML de su elecci\u00f3n a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Name en /dcim/power-outlets/add."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-407xx/CVE-2024-40737.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-40737",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:12.030",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T02:56:03.807",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-ports/add."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web arbitrarios o HTML a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Name en /dcim/console-ports/add."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-407xx/CVE-2024-40738.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-40738",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:12.107",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T02:57:13.407",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-ports/{id}/edit/."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web o HTML de su elecci\u00f3n a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Name en /dcim/console-ports/{id}/edit/."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-407xx/CVE-2024-40739.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-40739",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:12.187",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T02:57:27.580",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-feeds/add."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web o HTML de su elecci\u00f3n a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Name en /dcim/power-feeds/add."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-407xx/CVE-2024-40740.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-40740",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:12.267",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T02:54:42.557",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-feeds/{id}/edit/."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web o HTML de su elecci\u00f3n a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Name en /dcim/power-feeds/{id}/edit/."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-407xx/CVE-2024-40741.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-40741",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:12.350",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T02:54:30.653",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the circuit ID parameter at /circuits/circuits/{id}/edit/."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web arbitrarios o HTML a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro circuit ID en /circuits/circuits/{id}/edit/."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-407xx/CVE-2024-40742.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-40742",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:12.430",
"lastModified": "2024-07-09T18:18:38.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-07-11T02:54:19.547",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the circuit ID parameter at /circuits/circuits/add."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en netbox v4.0.3 permite a los atacantes ejecutar scripts web o HTML de su elecci\u00f3n a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro circuit ID en /circuits/circuits/add."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox:netbox:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86DA3CBB-5536-4F0F-B9EF-92FFF2DB1D8D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/minhquan202/Vuln-Netbox",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

52
CVE-2024/CVE-2024-62xx/CVE-2024-6210.json Normal file
View File

@ -0,0 +1,52 @@
{
"id": "CVE-2024-6210",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-07-11T03:15:03.550",
"lastModified": "2024-07-11T03:15:03.550",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Duplicator plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 1.5.9. This makes it possible for unauthenticated attackers to obtain the full path to instances, which they may be able to use in combination with other vulnerabilities or to simplify reconnaissance work. On its own, this information is of very limited use."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/duplicator/trunk/installer/dup-installer/main.installer.php#L51",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3108563/duplicator/trunk/installer/dup-installer/main.installer.php?old=3073248&old_path=duplicator%2Ftrunk%2Finstaller%2Fdup-installer%2Fmain.installer.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d47d582d-7c90-4f49-aee1-03a8775b850d?source=cve",
"source": "security@wordfence.com"
}
]
}

133
CVE-2024/CVE-2024-66xx/CVE-2024-6676.json Normal file
View File

@ -0,0 +1,133 @@
{
"id": "CVE-2024-6676",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-11T03:15:03.787",
"lastModified": "2024-07-11T03:15:03.787",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in witmy my-springsecurity-plus up to 2024-07-03 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/user. The manipulation of the argument params.dataScope leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The associated identifier of this vulnerability is VDB-271111."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://gitee.com/witmy/my-springsecurity-plus/issues/IAAE8U",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.271111",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.271111",
"source": "cna@vuldb.com"
}
]
}

44
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-07-11T02:00:18.121291+00:00
2024-07-11T04:00:18.744636+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-07-11T01:15:09.660000+00:00
2024-07-11T03:15:03.787000+00:00
```
### Last Data Feed Release
@ -33,23 +33,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
256642
256650
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `8`
- [CVE-2024-6447](CVE-2024/CVE-2024-64xx/CVE-2024-6447.json) (`2024-07-11T00:15:02.113`)
- [CVE-2024-6653](CVE-2024/CVE-2024-66xx/CVE-2024-6653.json) (`2024-07-11T00:15:02.313`)
- [CVE-2016-15039](CVE-2016/CVE-2016-150xx/CVE-2016-15039.json) (`2024-07-11T03:15:02.270`)
- [CVE-2024-22387](CVE-2024/CVE-2024-223xx/CVE-2024-22387.json) (`2024-07-11T03:15:02.660`)
- [CVE-2024-23194](CVE-2024/CVE-2024-231xx/CVE-2024-23194.json) (`2024-07-11T03:15:02.903`)
- [CVE-2024-23317](CVE-2024/CVE-2024-233xx/CVE-2024-23317.json) (`2024-07-11T03:15:03.130`)
- [CVE-2024-23485](CVE-2024/CVE-2024-234xx/CVE-2024-23485.json) (`2024-07-11T03:15:03.327`)
- [CVE-2024-40618](CVE-2024/CVE-2024-406xx/CVE-2024-40618.json) (`2024-07-11T02:15:01.680`)
- [CVE-2024-6210](CVE-2024/CVE-2024-62xx/CVE-2024-6210.json) (`2024-07-11T03:15:03.550`)
- [CVE-2024-6676](CVE-2024/CVE-2024-66xx/CVE-2024-6676.json) (`2024-07-11T03:15:03.787`)
### CVEs modified in the last Commit
Recently modified CVEs: `2`
Recently modified CVEs: `22`
- [CVE-2024-39554](CVE-2024/CVE-2024-395xx/CVE-2024-39554.json) (`2024-07-11T00:15:01.990`)
- [CVE-2024-6387](CVE-2024/CVE-2024-63xx/CVE-2024-6387.json) (`2024-07-11T01:15:09.660`)
- [CVE-2024-1168](CVE-2024/CVE-2024-11xx/CVE-2024-1168.json) (`2024-07-11T02:52:36.687`)
- [CVE-2024-3558](CVE-2024/CVE-2024-35xx/CVE-2024-3558.json) (`2024-07-11T02:52:17.780`)
- [CVE-2024-38347](CVE-2024/CVE-2024-383xx/CVE-2024-38347.json) (`2024-07-11T02:51:11.043`)
- [CVE-2024-38348](CVE-2024/CVE-2024-383xx/CVE-2024-38348.json) (`2024-07-11T02:50:33.110`)
- [CVE-2024-38972](CVE-2024/CVE-2024-389xx/CVE-2024-38972.json) (`2024-07-11T03:00:24.250`)
- [CVE-2024-40726](CVE-2024/CVE-2024-407xx/CVE-2024-40726.json) (`2024-07-11T02:58:57.177`)
- [CVE-2024-40727](CVE-2024/CVE-2024-407xx/CVE-2024-40727.json) (`2024-07-11T02:59:07.627`)
- [CVE-2024-40728](CVE-2024/CVE-2024-407xx/CVE-2024-40728.json) (`2024-07-11T02:59:17.007`)
- [CVE-2024-40729](CVE-2024/CVE-2024-407xx/CVE-2024-40729.json) (`2024-07-11T02:59:25.527`)
- [CVE-2024-40730](CVE-2024/CVE-2024-407xx/CVE-2024-40730.json) (`2024-07-11T02:59:34.663`)
- [CVE-2024-40731](CVE-2024/CVE-2024-407xx/CVE-2024-40731.json) (`2024-07-11T02:57:45.750`)
- [CVE-2024-40732](CVE-2024/CVE-2024-407xx/CVE-2024-40732.json) (`2024-07-11T02:57:54.827`)
- [CVE-2024-40733](CVE-2024/CVE-2024-407xx/CVE-2024-40733.json) (`2024-07-11T02:58:05.973`)
- [CVE-2024-40734](CVE-2024/CVE-2024-407xx/CVE-2024-40734.json) (`2024-07-11T02:58:16.737`)
- [CVE-2024-40735](CVE-2024/CVE-2024-407xx/CVE-2024-40735.json) (`2024-07-11T02:58:27.747`)
- [CVE-2024-40736](CVE-2024/CVE-2024-407xx/CVE-2024-40736.json) (`2024-07-11T02:58:38.027`)
- [CVE-2024-40737](CVE-2024/CVE-2024-407xx/CVE-2024-40737.json) (`2024-07-11T02:56:03.807`)
- [CVE-2024-40738](CVE-2024/CVE-2024-407xx/CVE-2024-40738.json) (`2024-07-11T02:57:13.407`)
- [CVE-2024-40739](CVE-2024/CVE-2024-407xx/CVE-2024-40739.json) (`2024-07-11T02:57:27.580`)
- [CVE-2024-40740](CVE-2024/CVE-2024-407xx/CVE-2024-40740.json) (`2024-07-11T02:54:42.557`)
- [CVE-2024-40741](CVE-2024/CVE-2024-407xx/CVE-2024-40741.json) (`2024-07-11T02:54:30.653`)
- [CVE-2024-40742](CVE-2024/CVE-2024-407xx/CVE-2024-40742.json) (`2024-07-11T02:54:19.547`)
## Download and Usage

60
_state.csv
View File

@ -84902,6 +84902,7 @@ CVE-2016-15035,0,0,5f6755d7b8954f99c8a59408f8f16acc9729e5934625607c92e47840a2d0d
CVE-2016-15036,0,0,07076d7b6b10f11ba8defba36693bfe2d329aebd04146af9943b1b990af8b465,2024-05-17T01:08:11.543000
CVE-2016-15037,0,0,e0996f3d56e274837426785f5955d0b2f7859ba2600e75ebae6c454114cc0a21,2024-05-17T01:08:11.653000
CVE-2016-15038,0,0,2c93ba0fce36fab919c92b8d09cb4236abbe9a996dbd0e62367874b5ee0f8d0b,2024-05-17T01:08:11.777000
CVE-2016-15039,1,1,9604cf9c3941b34b36c99fe95e25c2dda5e41eed40c9990b4f05e29740965d89,2024-07-11T03:15:02.270000
CVE-2016-1504,0,0,e4a5917b190636ab893bfc336d7dce867e27774f351fdae2d20038ff8cc1cac6,2017-09-10T01:29:11.687000
CVE-2016-1505,0,0,603189ae235a59230e4b76c2a9840be41f6129fa2273d823a3008d11b5c9719c,2016-11-28T19:59:55.070000
CVE-2016-1513,0,0,d5c8130dd11ed8123fd26cdd3a19657509909f00f1eaa4a6cfd6e8ec49e54760,2017-09-01T01:29:04.507000
@ -241710,7 +241711,7 @@ CVE-2024-1164,0,0,8ceb95fcba553c0447a63d8e5e80c1481416a7a28be670b34d68b7bc77538c
CVE-2024-1165,0,0,09d0c48437e50305f6b70b9aab3bb8805a9bc240d0fb341de398e33a6ad98f02,2024-02-26T16:32:25.577000
CVE-2024-1166,0,0,cbc50c0645991c69523344b23f8a84819598bdfdeb24c5f4ba7570f86b9c6398,2024-05-14T16:13:02.773000
CVE-2024-1167,0,0,646f860ad24a5198d530bba39bcdba3b9fb385431091cfa90a0190891cfad025,2024-02-09T20:20:51.900000
CVE-2024-1168,0,0,d18ecbe4ee5e6ae3c4099f948aaa0721b128f082b8c3c3b9f401f76315dbe9be,2024-06-20T12:43:25.663000
CVE-2024-1168,0,1,b74b0b0c267c02c66f0f474186eac7335d29517290a9638a292d9de8edcd7c5d,2024-07-11T02:52:36.687000
CVE-2024-1169,0,0,f519c7f99749582bebe013a87c95bdf3b84f2eaee24ddc4513116c225a8401a2,2024-03-07T13:52:27.110000
CVE-2024-1170,0,0,8c5173edd657df97640022e14408ad562874ba7f628f780dfa1960fdbf90e9a7,2024-03-07T13:52:27.110000
CVE-2024-1171,0,0,6b87cc518b4ec22739c7ae66eda5d8c3cdf1db30d4dec8967ce2f3257f9601bb,2024-02-29T13:49:29.390000
@ -244028,6 +244029,7 @@ CVE-2024-22383,0,0,810a6e86f28ef493260b232f9a886a5828bc2cb5687e22ad7a4e8bfc9a376
CVE-2024-22384,0,0,22d927b3eda23e776929f3eee7e12761fd0a5866a79fd2edf20febc4242f7c70,2024-05-17T18:36:05.263000
CVE-2024-22385,0,0,83fe63d5df6ef3c9cc40e2c081e8f947a095c2af1ce72eddf83967c3653b9c45,2024-06-25T12:24:17.873000
CVE-2024-22386,0,0,9bb868760c88683007f1f54485a980666afe5aeeb8bc008d8d811fea3dbfe22d,2024-02-10T04:05:26.383000
CVE-2024-22387,1,1,bf21f80cb80b4c0091372cafb487fe2a01fe7cd239110f85e412b3e8d7b72752,2024-07-11T03:15:02.660000
CVE-2024-22388,0,0,c4d155a1650cf8d6f3af35aa33a3624b01d880288d632870cec483f12be1e88c,2024-02-14T20:59:09.660000
CVE-2024-22389,0,0,96781b551653662b24bed6c6167841567f0e5e4776b3fb44064036280367773a,2024-02-14T18:04:45.380000
CVE-2024-2239,0,0,39e7f275af33a75dc9ccc5324d6f8398d75467c16638ade753370c3004c45df2,2024-03-13T18:15:58.530000
@ -244425,6 +244427,7 @@ CVE-2024-23190,0,0,add17161c7c8505b6ba715b4898e70540bf15ecced41ee84c2b2e0388a683
CVE-2024-23191,0,0,459948535d54516570f8d837aea6f84683ce700a59124af1293fdc8518256e81,2024-04-11T11:15:48.497000
CVE-2024-23192,0,0,ddfbef4409196a7a3eeb03bbc2422d0e54ca57b797a5b47e231d14cc76bbe3c5,2024-04-11T11:15:48.570000
CVE-2024-23193,0,0,9ed5265a66f9c70d7ccff4abeefe790c7cf0947a268e6262d972b6cd9f8a8bce,2024-05-07T01:15:06.497000
CVE-2024-23194,1,1,88cab5f7387bdcc0a330bccdccea9c479a430a477483182a883d92979bb37a33,2024-07-11T03:15:02.903000
CVE-2024-23196,0,0,916695e8de6ad88a7eb739e09a11651ad9458fb3044e054e85a4e9fe2ce054c9,2024-02-10T04:06:14.577000
CVE-2024-23201,0,0,0f8fb4c7d86a834d8d9bd84c59d7ac097591ba1ab57e91c147b21ce025d3951c,2024-03-13T23:15:45.840000
CVE-2024-23203,0,0,a7d3b9c842d401a26cd60b5363d9fd931ec7b6ace08dfe359efc5de9e4d5324f,2024-03-13T22:15:09.117000
@ -244543,6 +244546,7 @@ CVE-2024-23313,0,0,13245e21fab07d527abf4d414da9107709ee7261ac0f2eced3f2c2d5a62b3
CVE-2024-23314,0,0,dd6112b5494f5f3b553193d89c0ec5a0dd61b4aa5a1d51fde0a6bbf84929e386,2024-02-14T18:04:45.380000
CVE-2024-23315,0,0,489df2a8d3fe3bcb88b79c0636401c3a2725b9dd3103a02a30360cc9ee690d08,2024-06-10T18:15:26.180000
CVE-2024-23316,0,0,3812af16e295e83e786aa1aab37645db678f576659c563c821a5d9097cdb6f6f,2024-06-03T14:46:24.250000
CVE-2024-23317,1,1,5be1f0fab5aa129c04d6293d11e81a3bd9e0d4c3d78ff4aa215975f76a3b29f1,2024-07-11T03:15:03.130000
CVE-2024-23319,0,0,6250a98d8fb4de9dc7adf992ef419352b4c640948bb204f9b6b1a6a1e471f523,2024-02-15T18:44:04.737000
CVE-2024-2332,0,0,bad3de665e7a6fe09fc285529837f450dd66b631476d3cb654444ad8c9c674ae,2024-05-17T02:38:10.740000
CVE-2024-23320,0,0,ee2624eedcd0c08c0309a46e353f298bafcc0ebbc7e5a02fe31e837cfcf5accf,2024-02-23T19:31:25.817000
@ -244622,6 +244626,7 @@ CVE-2024-23479,0,0,347fa1fab90846375f3cbda9f21578cf079b96a3697a975655102d71cb94c
CVE-2024-2348,0,0,1b2471f8551c69b217b1850b52d1bf1e7f9aea8e8dfc43b59c7bf2992281c35f,2024-04-10T13:23:38.787000
CVE-2024-23480,0,0,746423a9c0519d4cd61a53767c7c801bf960cd35765efe9e634ac2b6a706568b,2024-05-01T19:50:25.633000
CVE-2024-23482,0,0,9bbfaddb28c8d4f40fa7310b24a63cdb6abbe6ffffa800b3d9da686c071e8fa5,2024-03-26T17:09:53.043000
CVE-2024-23485,1,1,34144001b47478af22c792174230259bd0548200a4d268d25037269340d803d1,2024-07-11T03:15:03.327000
CVE-2024-23486,0,0,19778667fd58f188ebd5dce67e80ee87824728dd11d9e77fe76b5575568144f6,2024-07-08T14:17:34.250000
CVE-2024-23487,0,0,a175e3c04cbc36aafa8849dd45382b7985448c7b7394b27b709a0973fe2c1d2f,2024-05-17T18:36:05.263000
CVE-2024-23488,0,0,57450458303c48f58f7accf28de637666e8c4b38b2ec58f4dc15eb09b92be21a,2024-02-29T13:49:29.390000
@ -252553,7 +252558,7 @@ CVE-2024-35571,0,0,737c2a7f64c2812d810288ac20005c00d1a957dbded3b4f543f336361b86f
CVE-2024-35576,0,0,4cf028a111dcdddf7b60054ad17a0fe8aad691fef93220823224c4163d503b71,2024-07-03T02:01:54.333000
CVE-2024-35578,0,0,11eb62338421587fed66b0ca7ef3560bcd4370552307bc4119662b3c0deaaac8,2024-05-20T19:34:58.277000
CVE-2024-35579,0,0,271374c19e13bccc58e82fc2a49bd5a4d9e26c3bbc49d82078ba3c56ef3686b3,2024-05-20T19:34:58.277000
CVE-2024-3558,0,0,f9fa8295ef1bb8e06bc2bd8d49a335a6d7c8b402023b1332ede6212c7f0d5778,2024-06-20T12:43:25.663000
CVE-2024-3558,0,1,f9fa909e69165819ae496c8acd1ccdd67c7ef5aa9a5c6af8d01fcec23b3946f3,2024-07-11T02:52:17.780000
CVE-2024-35580,0,0,0345a89b9d1b0b2bc3648b28bbf695e495afdf532600f33365cca04a56d5d3d5,2024-05-20T19:34:58.277000
CVE-2024-35581,0,0,f44263214f42e721dd7c3dc00efbb15dd18e867b1fcd80955bdfd7a6cc44bd29,2024-07-03T02:01:55.113000
CVE-2024-35582,0,0,e476c64ba51d10b24dcb30010c383cdc2c74fb3a3a57489cdf68eb2dbeda37c9,2024-05-29T13:02:09.280000
@ -254159,8 +254164,8 @@ CVE-2024-3834,0,0,a26b5bbbf7ca8a185b9797b4c7859f6535301f1ab4b8908e1c720ae8be2c46
CVE-2024-38344,0,0,9ab5a9367a4478293ac2379112f78ca200a2cb316c550e5b0a6b06a397872c02,2024-07-05T12:55:51.367000
CVE-2024-38345,0,0,52f2293d17b88d6e356144e0e15c86a25194f7d79ea68829ed7fb7a553e8b4d2,2024-07-09T16:22:44.523000
CVE-2024-38346,0,0,689d401df5aa75c70def7483ddda9de7aa5563e129adce9d2b51b58b0f05d227,2024-07-08T15:48:17.710000
CVE-2024-38347,0,0,4d613454dc1780690a10a13a7c4d0d38fa70bfa9e6afa8cdcbdd33d7a9b439c3,2024-06-20T12:44:01.637000
CVE-2024-38348,0,0,6e5ce391b6cb124e038ae8273d56ab90f89cf43a2075c68d341d5350c665dadb,2024-07-03T02:04:55.710000
CVE-2024-38347,0,1,5765bd81529938cb4f4fd2014b4f526c5c45b5ac2280b7f219f3c1913944d905,2024-07-11T02:51:11.043000
CVE-2024-38348,0,1,d76ac40595953765ae6aa7072c9f7b614003a66a456cd40d15acbc09f7e58829,2024-07-11T02:50:33.110000
CVE-2024-38351,0,0,fc316049b1243ceecf4f16bb932622b3d32a9ec242887e0258f3f20fe77446f1,2024-06-20T12:44:01.637000
CVE-2024-38352,0,0,13a6e81e4d4d40a0591843c161ee638c75aac348990bf4d2603a4c2fb8cf2a30,2024-06-19T18:15:11.507000
CVE-2024-38353,0,0,eb08852e451b97fe5122a1a9fd19cf3f0fa69e538523a9e0cadf1b54c38e5960,2024-07-10T20:15:04.053000
@ -254429,7 +254434,7 @@ CVE-2024-38963,0,0,8b0c85a17cd8d9027d81981fdd8575e5d63c8ffc2eb7eaf14f6dbe60cbda4
CVE-2024-3897,0,0,2e6547d98bffe49274878683fd846b0dea4d063f5cc123163d759ecec392b068,2024-05-02T18:00:37.360000
CVE-2024-38970,0,0,91e8208e5384541de7bb386d755fd4eb6bf4f61a3ae0e0940aabeee93bae88f6,2024-07-09T18:18:38.713000
CVE-2024-38971,0,0,dbcb37d6e160e35ce881158758f6ae2e24bc77c4d53fd897245319338a4ba293,2024-07-09T18:18:38.713000
CVE-2024-38972,0,0,36d7649ab8af3f70e037fbbf9397c3d88cdd83d7675f951c67bc606ac71cdef0,2024-07-09T18:18:38.713000
CVE-2024-38972,0,1,3e32669dc1d64afb6b809bbef8a21f9c499736eb989ba959932684d681ec7ea1,2024-07-11T03:00:24.250000
CVE-2024-38987,0,0,8e5543bc013d5021cfb12250ec622bf33ff663f5974b5e9efe103d174baf7a3b,2024-07-01T16:37:39.040000
CVE-2024-38990,0,0,501931c40b72ca4a3b10df5757210e9290217859750e859ab66984c960fc5bf4,2024-07-03T02:05:27.837000
CVE-2024-38991,0,0,94e3c94b29575f02c48116cf5f4eea434bedd332518d74450337fdc7b51e049b,2024-07-03T02:05:28.670000
@ -254636,7 +254641,7 @@ CVE-2024-39518,0,0,eaa635a80528e7483e3e9921835314962ff00c79b39e854d1340c3887ad34
CVE-2024-3952,0,0,92f1da274771947c3cb4a43546670c1af8a997980dc361a71cd2fb07f162ad15,2024-05-14T16:11:39.510000
CVE-2024-3954,0,0,45f1b348fcace6f84e3157e2d0f8a54fc4228bb396d26e03c9556cd235947f43,2024-05-14T16:11:39.510000
CVE-2024-3955,0,0,1980afc805b9b5d168ea6a08c34d1a9d581fd505fecdd9c097016e585c054b35,2024-07-03T02:06:56.087000
CVE-2024-39554,0,1,a896a71603d37ee05ce02ddcfcb6fd749048c8ad447822593b7a83b509192a64,2024-07-11T00:15:01.990000
CVE-2024-39554,0,0,a896a71603d37ee05ce02ddcfcb6fd749048c8ad447822593b7a83b509192a64,2024-07-11T00:15:01.990000
CVE-2024-39555,0,0,305803290d325fbcf3904271dce4385739256bb1824a023c6217ab8fbc632707,2024-07-10T23:15:11.863000
CVE-2024-39556,0,0,03c8f7c9137bec821e13e27aa521c7a86a0f92820ddbfc1911cc0b6f362d4839,2024-07-10T23:15:12.133000
CVE-2024-39557,0,0,8b6aefdeffc4849a2ec6d1dcca3a3eb4cba066b045df25dbe36ee6b0b93937c8,2024-07-10T23:15:12.370000
@ -254834,6 +254839,7 @@ CVE-2024-40604,0,0,96707551e8fc94b334085d5bf2926e369955211afc96673efa337699ead3d
CVE-2024-40605,0,0,3b7d08be38342ed975d3a802af7734eccce4b6fa70dd407ef7f8c6cca68429e4,2024-07-09T16:09:30.277000
CVE-2024-4061,0,0,731822e6f24cd811e7f06812f39ade81c9a66c6b1046f4d45903066a1f181f99,2024-05-21T12:37:59.687000
CVE-2024-40614,0,0,5a8c90c94f1b0dc56355424420ebae65c618d536c580acb4e248f7802de2136c,2024-07-10T13:15:10.833000
CVE-2024-40618,1,1,dee18d7f503dd740f50c66a452f86566310b7b581c71c2f27ebd005be84bf650,2024-07-11T02:15:01.680000
CVE-2024-4062,0,0,7fcbe6e50148b9b5e05d3025a893191a4aca3bb309243ec182c3df8f6e2a0587,2024-06-04T19:20:29.007000
CVE-2024-4063,0,0,10c24a204d439c4cd3340a486d9bc67fc982c548c71c2d3a385738d7e6499dc1,2024-06-04T19:20:29.120000
CVE-2024-4064,0,0,0a357968458dd966b7a4969f86556627b0af0220edbb91249e767e6972ab2a17,2024-05-17T02:40:14.223000
@ -254845,25 +254851,25 @@ CVE-2024-4069,0,0,f8d2f2628e60be749b9734b09218105a0396eae1a8a4c94b50114640615c82
CVE-2024-4070,0,0,611b2353a344eebf4d3d821b72a7661978c51598fabebbafad7cb3b8eb92ba73,2024-06-04T19:20:29.567000
CVE-2024-4071,0,0,1e5173381da62898dd2d89e779aa47e534c3be7a31fd5b5ef289e0ef19550704,2024-05-17T02:40:14.747000
CVE-2024-4072,0,0,784007d6b97ec8386adb736eb517146413a15dc1e1dcfd437022813999836276,2024-05-17T02:40:14.847000
CVE-2024-40726,0,0,7b8d9ad14b826eee97f145cc79dee6a9a9d3a21064dc0cc4b77be29e5a981941,2024-07-09T18:18:38.713000
CVE-2024-40727,0,0,818d2f51660885bd18aff29ca21157f2219d8b7b9085f7f52a3bf402931ae009,2024-07-09T18:18:38.713000
CVE-2024-40728,0,0,94180007f72aa82b9c1c5c0af4ecd49d1e13cd3724963bec581fbda8e85677d0,2024-07-09T18:18:38.713000
CVE-2024-40729,0,0,063c5817d63e0834b48fe3caaac0dbf79284745cf02586e9728d1979d495c3ed,2024-07-09T18:18:38.713000
CVE-2024-40726,0,1,bdd27d3d99f7c0ae6dc0e785e4745e87f17ba47f532cc22502cdd21c9f5264d1,2024-07-11T02:58:57.177000
CVE-2024-40727,0,1,eef1b0d8f556e2683be219b6ad201971b4b59fb77f2d2e3790c87a8f5a60cbd9,2024-07-11T02:59:07.627000
CVE-2024-40728,0,1,d97174880a17752231869c0d95676d772e9b6b0c723f3642cbcef679b7e80f73,2024-07-11T02:59:17.007000
CVE-2024-40729,0,1,ab9a5f69d2218c381a3d8eb0951f2534776cc72de1841bef50510a4cdbfd408e,2024-07-11T02:59:25.527000
CVE-2024-4073,0,0,5460f6bdc865d431bd727de7949389de11def3a1309fd53b91c80f09825c0c03,2024-06-20T16:15:14.530000
CVE-2024-40730,0,0,74c161a7fc27e8c857ebc65680de46534b5505713e3b6c653daa63e2357a27bc,2024-07-09T18:18:38.713000
CVE-2024-40731,0,0,fcc2c1d921cf19ce74a1a3602475129958aef3b3ed73168b13b1a9abc71e12c2,2024-07-09T18:18:38.713000
CVE-2024-40732,0,0,47f72568d80b19033996205a11ed5c2fea3d0cef1a548bc65585fc03ac0eb3de,2024-07-09T18:18:38.713000
CVE-2024-40733,0,0,f96c5356bfff8bd72b53a7113913063c4463abd3853eb585eca95dda0317266d,2024-07-09T18:18:38.713000
CVE-2024-40734,0,0,d21a5537d229ad91b7c48b55df1bc28be01fb583263cf195a7b3b441c7404c1b,2024-07-09T18:18:38.713000
CVE-2024-40735,0,0,7cc8cdb1f3f697e27ae02a0eb6bb715fd7081c4699c178e63859c6ec0095b3b5,2024-07-09T18:18:38.713000
CVE-2024-40736,0,0,9375b139d0da8860e5c35c233ddae6610b6eb9225dd9af6ac5da79e89de58c70,2024-07-09T18:18:38.713000
CVE-2024-40737,0,0,fad79c4fa746bf78feb9c70300935a60e40ffbf4385f0aa28542e6b38d823343,2024-07-09T18:18:38.713000
CVE-2024-40738,0,0,05c7005a606a60a18125d88ea20a2a1e52136cb4319c74922b6bccbc7c18b172,2024-07-09T18:18:38.713000
CVE-2024-40739,0,0,c9b66976a87ce06993012ac3ed6817d81e267957abbf42687a0d7fed5e230ede,2024-07-09T18:18:38.713000
CVE-2024-40730,0,1,0151b360494bc38f284351ca546950e35b93e513c739ca471f007293fc9c90cb,2024-07-11T02:59:34.663000
CVE-2024-40731,0,1,3c2e3cb468055dc1ae6f5343bf9e475a86b0c20f9c8169f40be68e60c2ed447e,2024-07-11T02:57:45.750000
CVE-2024-40732,0,1,aaac9956c124a2027f493d570ac5f5afb108a8f4e40df7a87b1b5a06d59072c2,2024-07-11T02:57:54.827000
CVE-2024-40733,0,1,1d1ef568d0570292be66c38cd2ec06c0c84643812e8670e45581c98f79f3b349,2024-07-11T02:58:05.973000
CVE-2024-40734,0,1,199c57c98319dbb45d333dc97143efbd0f7ccd11eb6c3f6193a56f28acbecc40,2024-07-11T02:58:16.737000
CVE-2024-40735,0,1,7b1089f48c252c4c47084b7da58fd7bd934e1455b863043848b3bbf40fcab656,2024-07-11T02:58:27.747000
CVE-2024-40736,0,1,7aabba5fc66dcc73edb663ffc8ce640ee27b35d2210626bb71f78d41a1f1c9f3,2024-07-11T02:58:38.027000
CVE-2024-40737,0,1,5c25c9eed7ed75db9fdc73701f207d2b594740be8aaddbb777a3a080641bcac9,2024-07-11T02:56:03.807000
CVE-2024-40738,0,1,258771ceb39ad9b08ba5b176b0c2d1e36f1197008ad4f753eaeb7b39c3a5688e,2024-07-11T02:57:13.407000
CVE-2024-40739,0,1,0db9134de1314997fab600ef08f3ed513c405ab8dcf66958c1c799c397e1cf6e,2024-07-11T02:57:27.580000
CVE-2024-4074,0,0,0eb3d84ea134f52e33abc34cb068e49511715452b56aeac28482d1d153123edb,2024-05-17T02:40:15.077000
CVE-2024-40740,0,0,8171d0eb76b9366f12d936b1b1e59b64736c9a498bee2b9da5ff79c1d1f0e1cf,2024-07-09T18:18:38.713000
CVE-2024-40741,0,0,1603e2048920d150de22029e89f2635a052428b429299ebf224cdfdd53ddfe11,2024-07-09T18:18:38.713000
CVE-2024-40742,0,0,a8b8d5c33b2c998a7feb9c65f1249eb373025d409533e4038dd2e3c95966b52b,2024-07-09T18:18:38.713000
CVE-2024-40740,0,1,ee2ab6b2d7e1edae21ac57ec7c719455baac814ba7f21c1ea74f0831ad78d95d,2024-07-11T02:54:42.557000
CVE-2024-40741,0,1,ddd0ff9476ed1ff47a6c6ea90383139e3fceeb76685fa77b077d9f9786ebe979,2024-07-11T02:54:30.653000
CVE-2024-40742,0,1,6a3bedaa848e5df96fdcf8c837c015f053f6eb9a57ab6613e692a76a4dfad1cb,2024-07-11T02:54:19.547000
CVE-2024-4075,0,0,61cfb92eb2dc2fb6e0ff8370e47bd10bfd7f8ca1c4517b0742f92f6865b710f5,2024-05-17T02:40:15.170000
CVE-2024-40750,0,0,f8266e014cc3ac656ad6d049fe09df90666738b7d18014f81d88c3e5ca036e47,2024-07-09T20:15:12.357000
CVE-2024-4077,0,0,88c9fb35aec8dbee15c3169eb34c083d7cc8d7a290cdea9208a3041187ada836,2024-04-25T13:18:02.660000
@ -256461,6 +256467,7 @@ CVE-2024-6195,0,0,880630f7e59fe96c68db9446cad414c3056228167cb15e9eb7f8a5b897e968
CVE-2024-6196,0,0,8d29dbc22f191f0a2e6f5022705b8c2127b1c89230e4a1900a70835df0ab8ad4,2024-06-21T17:15:11.350000
CVE-2024-6206,0,0,a239648c07eb93ed8775dc2c6fd68864bae94b397314d858106207781c570047,2024-06-26T12:44:29.693000
CVE-2024-6209,0,0,dde817e69ddab612402867a39af366fc36713e43c4758f0a34432256fd885f93,2024-07-08T15:35:25.837000
CVE-2024-6210,1,1,72464d377e6378636c5beea1bd25256937eedf4cccfcfaeaf46234764d20371f,2024-07-11T03:15:03.550000
CVE-2024-6212,0,0,c1e9ad93b654311e54f23eb8816b7040c4009f7be4b90d449446bdaf277f7228,2024-06-21T15:15:16.313000
CVE-2024-6213,0,0,875f788502e9039ff5cde644917f38d937eec3d1fa9cda735bda62057b13f974,2024-06-21T11:22:01.687000
CVE-2024-6214,0,0,f04922fee1928885a13a6b9135dd29d8f0bc0dcf3373a5ce58e6bf8d17734328,2024-06-21T15:15:16.430000
@ -256557,7 +256564,7 @@ CVE-2024-6376,0,0,2eceea6553f0e47a0e34ab01650b7781a20682f6799be39f9cd1e64f3f1985
CVE-2024-6381,0,0,2822fb12d769fe1cca32125b45cae52ba3e5807419213b6087c6db8de8d2b326,2024-07-03T12:53:24.977000
CVE-2024-6382,0,0,9f140af24f460b4413fa844f95383cc153754360a136939b8743c2d8327ebf99,2024-07-03T12:53:24.977000
CVE-2024-6383,0,0,4622f4fc90fbde51d6570a14e2ee494e3e71659c68201475e4e4eb659c036ac0,2024-07-05T12:55:51.367000
CVE-2024-6387,0,1,8f894f5a06ec1ddd50db1e28a3e3f201efc95d9cabecb632b325eababa3c8d37,2024-07-11T01:15:09.660000
CVE-2024-6387,0,0,8f894f5a06ec1ddd50db1e28a3e3f201efc95d9cabecb632b325eababa3c8d37,2024-07-11T01:15:09.660000
CVE-2024-6388,0,0,e641c9d869769d4291da87145b48d15b4f200c046d6b100142bc686375a84738,2024-06-27T17:11:52.390000
CVE-2024-6391,0,0,7ce7aeffa0d0436a5dc8c66236e9fdb421bf2fd0e842089663d3cb7d1491a998,2024-07-09T18:19:14.047000
CVE-2024-6402,0,0,795485c4534407e246daec51c1daaa33b95f6651688fed743a8fb9054cdaedba,2024-07-01T12:37:24.220000
@ -256585,7 +256592,7 @@ CVE-2024-6438,0,0,c89c4e3ccf031fb42672508ffc0236a74fd652409f3f814c1aa7277296a221
CVE-2024-6439,0,0,1bd5e2a149e15b87b2ec1d9e23e870c4f5a97c502c5089c3f0a60fbd028209c7,2024-07-02T17:58:39.773000
CVE-2024-6440,0,0,4db20ef0878ff896f7a92a0fb63819a7fd586b5cd61940caee4cf26cda6cf8f9,2024-07-02T17:58:15.410000
CVE-2024-6441,0,0,fadd9560f894739af460dd107a14c73f394f82b357796461abb110045106f46c,2024-07-02T17:44:45.700000
CVE-2024-6447,1,1,6fc451ee17cd970df275e95e4baee0e179ec2e2771213fb28f1cfe9bee440c86,2024-07-11T00:15:02.113000
CVE-2024-6447,0,0,6fc451ee17cd970df275e95e4baee0e179ec2e2771213fb28f1cfe9bee440c86,2024-07-11T00:15:02.113000
CVE-2024-6452,0,0,c694c1bdf54902e69172121aae2a54d0747cfc16750499c01d3cf3c9c6ef3263,2024-07-03T12:53:24.977000
CVE-2024-6453,0,0,f8f94ef1371b1813320fb500c8f5a2a5c78562059f37a370c24f1cfd03cdaa59,2024-07-03T12:53:24.977000
CVE-2024-6461,0,0,86a214d0c7bd3f57cea37cd567b01f1a0e55f8d4342f6c7c46fd15b8942c8d90,2024-07-03T21:15:04.580000
@ -256638,6 +256645,7 @@ CVE-2024-6647,0,0,d85de7e2a89b23bef0d7c402bdb84b5d7bcecaf5214acb2011ddba0aeacad4
CVE-2024-6649,0,0,ba27e99c640a915a148c2cc576aa13e58beea119b44959dc391310f141dd2bdb,2024-07-10T19:15:12.070000
CVE-2024-6650,0,0,bcdf1da4f730173ec0ef176b961ebc45fd74db5710c1b540fd5342347455e8ad,2024-07-10T23:15:14.930000
CVE-2024-6652,0,0,bb195bcf49fd2fd72b66d8f572cddf80628a2817e7552a8b1e09e5044328f1ca,2024-07-10T23:15:15.250000
CVE-2024-6653,1,1,7705d8b07a5385d3e6216c0be5a58a100c471b6ce2659cc97a5d58ac8c43ef88,2024-07-11T00:15:02.313000
CVE-2024-6653,0,0,7705d8b07a5385d3e6216c0be5a58a100c471b6ce2659cc97a5d58ac8c43ef88,2024-07-11T00:15:02.313000
CVE-2024-6663,0,0,7facb2637e12709d4a455340194f194dba2537cb44d31c2262ed1aa6b9ebcf89,2024-07-10T21:15:11.463000
CVE-2024-6664,0,0,7dcdbd9efac1143da422ef778b0a605b2e75ff3874c65ca5b8e519e1d8523278,2024-07-10T21:15:11.520000
CVE-2024-6676,1,1,e0e595eb4b676327f8f19a66094c02e3519fd63fe68c5d0fb376bddbcdc89b0e,2024-07-11T03:15:03.787000

Can't render this file because it is too large.