admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-08-12T16:00:16.953507+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-08-12 16:03:13 +00:00
parent 7a6efb5c6c
commit e22739b22a
63 changed files with 3957 additions and 535 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
CVE-2023/CVE-2023-380xx/CVE-2023-38043.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-38043",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-11-15T00:15:07.940",
"lastModified": "2023-11-23T00:15:08.033",
"lastModified": "2024-08-12T15:35:01.170",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -71,6 +71,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [

109
CVE-2023/CVE-2023-403xx/CVE-2023-40398.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40398",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T21:15:11.537",
"lastModified": "2024-07-30T13:33:30.653",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:54:26.630",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,118 @@
"value": " Este problema se solucion\u00f3 con controles mejorados. Este problema se solucion\u00f3 en macOS Monterey 12.6.4, macOS Big Sur 11.7.5, macOS Ventura 13.3, iOS 16.4 y iPadOS 16.4. Un proceso en el espacio aislado puede omitir las restricciones del espacio aislado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.4",
"matchCriteriaId": "EE68C5EC-5829-481D-BFF7-0A501018A3CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.4",
"matchCriteriaId": "F02C0CA5-8ABA-48C7-BCAE-5CF25435DF87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.7.5",
"matchCriteriaId": "4895F6FE-9045-4243-BECA-D63037F63516"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.6.4",
"matchCriteriaId": "3C93428C-C9B4-464F-8A4A-0CE8D7BB2BAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213675",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213676",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213677",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-429xx/CVE-2023-42925.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42925",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T21:15:11.670",
"lastModified": "2024-07-30T13:33:30.653",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:45:16.637",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,88 @@
"value": "El problema se solucion\u00f3 mejorando la restricci\u00f3n del acceso a los contenedores de datos. Este problema se solucion\u00f3 en iOS 17 y iPadOS 17, macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda acceder a los archivos adjuntos de Notas."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndIncluding": "14.0",
"matchCriteriaId": "376382BD-FF1A-4D9F-B4B1-76727BD1F8AF"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-429xx/CVE-2023-42943.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42943",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T21:15:11.740",
"lastModified": "2024-07-30T13:33:30.653",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:44:12.630",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,68 @@
"value": " Se solucion\u00f3 un problema de privacidad mejorando la redacci\u00f3n de datos privados para las entradas de registro. Este problema se solucion\u00f3 en macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda leer informaci\u00f3n confidencial de ubicaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-429xx/CVE-2023-42948.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42948",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T21:15:11.803",
"lastModified": "2024-07-30T13:33:30.653",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:43:25.587",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,68 @@
"value": " Esta cuesti\u00f3n se abord\u00f3 mediante una mejor gesti\u00f3n estatal. Este problema se solucion\u00f3 en macOS Sonoma 14. Es posible que no se elimine una contrase\u00f1a de Wi-Fi al activar una Mac en macOS Recovery."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

107
CVE-2023/CVE-2023-429xx/CVE-2023-42949.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42949",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T21:15:11.867",
"lastModified": "2024-07-30T13:33:30.653",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:41:16.120",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,116 @@
"value": " Este problema se solucion\u00f3 mejorando la protecci\u00f3n de datos. Este problema se solucion\u00f3 en iOS 17 y iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17. Es posible que una aplicaci\u00f3n pueda acceder a las fotos editadas guardadas en un directorio temporal."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

95
CVE-2023/CVE-2023-429xx/CVE-2023-42957.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42957",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T21:15:11.930",
"lastModified": "2024-07-30T13:33:30.653",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:39:42.970",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,102 @@
"value": " Se solucion\u00f3 un problema de permisos con restricciones adicionales. Este problema se solucion\u00f3 en iOS 17 y iPadOS 17, macOS Sonoma 14, watchOS 10. Es posible que una aplicaci\u00f3n pueda leer informaci\u00f3n confidencial de ubicaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndIncluding": "14.0",
"matchCriteriaId": "376382BD-FF1A-4D9F-B4B1-76727BD1F8AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

34
CVE-2023/CVE-2023-453xx/CVE-2023-45382.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45382",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-17T02:15:26.387",
"lastModified": "2023-11-25T02:16:09.063",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-12T14:35:01.743",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-456xx/CVE-2023-45622.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45622",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-11-14T23:15:10.660",
"lastModified": "2023-11-22T17:30:32.337",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-12T15:35:02.357",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [

24
CVE-2023/CVE-2023-475xx/CVE-2023-47581.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47581",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-11-15T06:15:28.080",
"lastModified": "2023-11-21T20:17:19.600",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-12T15:35:03.167",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},

27
CVE-2023/CVE-2023-72xx/CVE-2023-7247.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-7247",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-11T18:15:17.683",
"lastModified": "2024-03-12T12:40:13.500",
"lastModified": "2024-08-12T14:35:03.053",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento Login as User or Customer de WordPress hasta la versi\u00f3n 3.8 no impide que los usuarios inicien sesi\u00f3n como cualquier otro usuario en el sitio."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://drive.google.com/file/d/1GCOzJ-ZovYij9GIdmsrZrR9g8mlC22hs/view?usp=sharing",

68
CVE-2024/CVE-2024-215xx/CVE-2024-21550.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-21550",
"sourceIdentifier": "report@snyk.io",
"published": "2024-08-12T15:15:19.903",
"lastModified": "2024-08-12T15:15:19.903",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SteVe is an open platform that implements different version of the OCPP protocol for Electric Vehicle charge points, acting as a central server for management of registered charge points. Attackers can inject arbitrary HTML and Javascript code via WebSockets leading to persistent Cross-Site Scripting in the SteVe management interface."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "report@snyk.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "report@snyk.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/steve-community/steve/blob/steve-3.6.0/src/main/java/de/rwth/idsg/steve/config/WebSocketConfiguration.java#L69",
"source": "report@snyk.io"
},
{
"url": "https://github.com/steve-community/steve/commit/a79983f843c37705182c8f54eba060c1dce3b6d1",
"source": "report@snyk.io"
},
{
"url": "https://github.com/steve-community/steve/issues/1526",
"source": "report@snyk.io"
},
{
"url": "https://github.com/steve-community/steve/pull/1527",
"source": "report@snyk.io"
}
]
}

109
CVE-2024/CVE-2024-232xx/CVE-2024-23261.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23261",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:10.037",
"lastModified": "2024-07-30T13:32:45.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:38:36.130",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,122 @@
"value": " Se abord\u00f3 una cuesti\u00f3n de l\u00f3gica con una mejor gesti\u00f3n estatal. Este problema se solucion\u00f3 en macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventura 13.6.8. Un atacante puede ser capaz de leer informaci\u00f3n que pertenece a otro usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.7.6",
"matchCriteriaId": "3556C7C3-14B6-4846-B3E8-FE07A503155F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6.8",
"matchCriteriaId": "7008225C-B5B9-4F87-9392-DD2080717E9A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.4",
"matchCriteriaId": "73160D1F-755B-46D2-969F-DF8E43BB1099"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/19",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/20",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214084",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214118",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214120",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214084",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

25
CVE-2024/CVE-2024-274xx/CVE-2024-27442.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-27442",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-12T15:15:20.193",
"lastModified": "2024-08-12T15:15:20.193",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The zmmailboxdmgr binary, a component of ZCS, is intended to be executed by the zimbra user with root privileges for specific mailbox operations. However, an attacker can escalate privileges from the zimbra user to root, because of improper handling of input arguments. An attacker can execute arbitrary commands with elevated privileges, leading to local privilege escalation."
}
],
"metrics": {},
"references": [
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.7#Security_Fixes",
"source": "cve@mitre.org"
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P39#Security_Fixes",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-274xx/CVE-2024-27443.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-27443",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-12T15:15:20.283",
"lastModified": "2024-08-12T15:15:20.283",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. A Cross-Site Scripting (XSS) vulnerability exists in the CalendarInvite feature of the Zimbra webmail classic user interface, because of improper input validation in the handling of the calendar header. An attacker can exploit this via an email message containing a crafted calendar header with an embedded XSS payload. When a victim views this message in the Zimbra webmail classic interface, the payload is executed in the context of the victim's session, potentially leading to execution of arbitrary JavaScript code."
}
],
"metrics": {},
"references": [
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.7#Security_Fixes",
"source": "cve@mitre.org"
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P39#Security_Fixes",
"source": "cve@mitre.org"
}
]
}

71
CVE-2024/CVE-2024-278xx/CVE-2024-27809.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27809",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:10.110",
"lastModified": "2024-07-30T13:32:45.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:37:00.110",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,76 @@
"value": "Se solucion\u00f3 un problema de privacidad mejorando la redacci\u00f3n de datos privados para las entradas de registro. Este problema se solucion\u00f3 en macOS Sonoma 14.4. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.4",
"matchCriteriaId": "58227FD1-0619-45F6-AD19-25831899376A"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT214084",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214084",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

213
CVE-2024/CVE-2024-278xx/CVE-2024-27823.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27823",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:10.170",
"lastModified": "2024-07-30T13:32:45.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:33:40.030",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,71 +15,246 @@
"value": " Se solucion\u00f3 una condici\u00f3n de ejecuci\u00f3ncon un bloqueo mejorado. Este problema se solucion\u00f3 en macOS Sonoma 14.5, iOS 16.7.8 y iPadOS 16.7.8, macOS Ventura 13.6.7, watchOS 10.5, visionOS 1.3, tvOS 17.5, iOS 17.5 y iPadOS 17.5, macOS Monterey 12.7.5. Un atacante en una posici\u00f3n privilegiada de la red puede falsificar paquetes de red."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.8",
"matchCriteriaId": "732206AE-D798-41FB-8D91-F796820F912D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.5",
"matchCriteriaId": "0C520138-1984-4369-8615-09FF57F0BB70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.8",
"matchCriteriaId": "0EDF6AF0-A238-47E5-9A9D-F6FDB832DD8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.5",
"matchCriteriaId": "DEC0ACF3-F486-4536-8415-A176C68CE183"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.7.5",
"matchCriteriaId": "3121F2A4-6F9C-4E03-837E-2A4C2B65CB09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6.7",
"matchCriteriaId": "2D797210-B0F0-44AE-9028-47C18C22AFA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.5",
"matchCriteriaId": "6AB18623-7D06-4946-99FC-808A4A913ED9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "003383BF-F06C-4300-908D-D1C8498C6BCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3",
"matchCriteriaId": "CDBCE187-329C-4B1C-89B7-7D45A7946AF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.5",
"matchCriteriaId": "CC4B1E01-BE73-48F8-9BD5-32F7C57EB45A"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/23",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214100",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214101",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214102",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214104",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214105",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214106",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214107",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214123",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214100",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214101",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214102",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214104",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214105",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214106",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214107",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-278xx/CVE-2024-27853.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27853",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:10.297",
"lastModified": "2024-07-30T13:32:45.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:13:14.897",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,76 @@
"value": " Este problema se solucion\u00f3 con controles mejorados. Este problema se solucion\u00f3 en macOS Sonoma 14.4. Un archivo ZIP creado con fines malintencionados puede omitir las comprobaciones de Gatekeeper."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.4",
"matchCriteriaId": "58227FD1-0619-45F6-AD19-25831899376A"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT214084",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214084",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

149
CVE-2024/CVE-2024-278xx/CVE-2024-27863.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27863",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:10.423",
"lastModified": "2024-07-30T13:32:45.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:07:03.157",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,170 @@
"value": "Se solucion\u00f3 un problema de divulgaci\u00f3n de informaci\u00f3n mejorando la redacci\u00f3n de datos privados para las entradas de registro. Este problema se solucion\u00f3 en iOS 17.6 y iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Un atacante local puede determinar la distribuci\u00f3n de la memoria del kernel."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "A8A1B228-89B1-470E-9B6E-8553E561E062"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "1E393815-B3B5-4FF9-9D1D-AA3EA9C5D352"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.6",
"matchCriteriaId": "687902EF-637F-4537-B419-15A1695370B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "9FB1D28B-EF0E-4CA0-90F7-073A85D001E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3",
"matchCriteriaId": "CDBCE187-329C-4B1C-89B7-7D45A7946AF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.6",
"matchCriteriaId": "035D8460-BD6F-4696-9D7B-BA571A994FD0"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/16",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/18",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/21",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/22",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/23",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214117",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214119",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214122",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214123",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214124",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

95
CVE-2024/CVE-2024-278xx/CVE-2024-27871.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27871",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:10.490",
"lastModified": "2024-07-30T13:32:45.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:03:12.533",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,104 @@
"value": " Se solucion\u00f3 un problema de manejo de rutas con una validaci\u00f3n mejorada. Este problema se solucion\u00f3 en macOS Sonoma 14.6, iOS 17.6 y iPadOS 17.6. Es posible que una aplicaci\u00f3n pueda acceder a datos de usuario protegidos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "A8A1B228-89B1-470E-9B6E-8553E561E062"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "1E393815-B3B5-4FF9-9D1D-AA3EA9C5D352"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.6",
"matchCriteriaId": "687902EF-637F-4537-B419-15A1695370B9"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/16",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/18",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214117",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214119",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-278xx/CVE-2024-27872.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27872",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:10.557",
"lastModified": "2024-07-30T13:32:45.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T14:57:41.280",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,76 @@
"value": " Este problema se solucion\u00f3 con una validaci\u00f3n mejorada de los enlaces simb\u00f3licos. Este problema se solucion\u00f3 en macOS Sonoma 14.6. Es posible que una aplicaci\u00f3n pueda acceder a datos de usuario protegidos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.6",
"matchCriteriaId": "687902EF-637F-4537-B419-15A1695370B9"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/18",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214119",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

159
CVE-2024/CVE-2024-278xx/CVE-2024-27873.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27873",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:10.620",
"lastModified": "2024-07-30T13:32:45.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T14:49:15.007",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,180 @@
"value": " Se solucion\u00f3 un problema de escritura fuera de los l\u00edmites con una validaci\u00f3n de entrada mejorada. Este problema se solucion\u00f3 en iOS 16.7.9 y iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 y iPadOS 17.6, macOS Sonoma 14.6. Procesar un archivo de v\u00eddeo creado con fines malintencionados puede provocar la finalizaci\u00f3n inesperada de la aplicaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.9",
"matchCriteriaId": "29A9994D-AE71-45E0-8CC5-E6219420F7E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.6",
"matchCriteriaId": "B191C80F-3801-4AD0-9A63-EB294A029D7C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.9",
"matchCriteriaId": "1ACEA981-1D96-49F1-8048-74D21D71FD39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.6",
"matchCriteriaId": "34E8C966-19C7-4376-A0C3-A242720F62DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.7.6",
"matchCriteriaId": "3556C7C3-14B6-4846-B3E8-FE07A503155F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6.8",
"matchCriteriaId": "7008225C-B5B9-4F87-9392-DD2080717E9A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.6",
"matchCriteriaId": "51E2E93B-C5A3-4C83-B806-2EC555AD45FE"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/16",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/17",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/18",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/19",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/20",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214116",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214117",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214118",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214119",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214120",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

25
CVE-2024/CVE-2024-335xx/CVE-2024-33533.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-33533",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-12T15:15:20.480",
"lastModified": "2024-08-12T15:15:20.480",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0, issue 1 of 2. A reflected cross-site scripting (XSS) vulnerability has been identified in the Zimbra webmail admin interface. This vulnerability occurs due to inadequate input validation of the packages parameter, allowing an authenticated attacker to inject and execute arbitrary JavaScript code within the context of another user's browser session. By uploading a malicious JavaScript file and crafting a URL containing its location in the packages parameter, the attacker can exploit this vulnerability. Subsequently, when another user visits the crafted URL, the malicious JavaScript code is executed."
}
],
"metrics": {},
"references": [
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.8#Security_Fixes",
"source": "cve@mitre.org"
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P40#Security_Fixes",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-335xx/CVE-2024-33535.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-33535",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-12T15:15:20.570",
"lastModified": "2024-08-12T15:15:20.570",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The vulnerability involves unauthenticated local file inclusion (LFI) in a web application, specifically impacting the handling of the packages parameter. Attackers can exploit this flaw to include arbitrary local files without authentication, potentially leading to unauthorized access to sensitive information. The vulnerability is limited to files within a specific directory."
}
],
"metrics": {},
"references": [
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.8#Security_Fixes",
"source": "cve@mitre.org"
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P40#Security_Fixes",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-335xx/CVE-2024-33536.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-33536",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-12T15:15:20.657",
"lastModified": "2024-08-12T15:15:20.657",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The vulnerability occurs due to inadequate input validation of the res parameter, allowing an authenticated attacker to inject and execute arbitrary JavaScript code within the context of another user's browser session. By uploading a malicious JavaScript file, accessible externally, and crafting a URL containing its location in the res parameter, the attacker can exploit this vulnerability. Subsequently, when another user visits the crafted URL, the malicious JavaScript code is executed."
}
],
"metrics": {},
"references": [
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.8#Security_Fixes",
"source": "cve@mitre.org"
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P40#Security_Fixes",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-368xx/CVE-2024-36829.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36829",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-26T21:15:13.387",
"lastModified": "2024-06-27T12:47:19.847",
"lastModified": "2024-08-12T14:35:09.987",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " El control de acceso incorrecto en Teldat M1 v11.00.05.50.01 permite a los atacantes obtener informaci\u00f3n confidencial a trav\u00e9s de una cadena de consulta manipulada."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/MILPDS/96843ccf7369ec1da643b7d6e22d428d",

75
CVE-2024/CVE-2024-36xx/CVE-2024-3659.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3659",
"sourceIdentifier": "cvd@cert.pl",
"published": "2024-08-08T13:15:13.823",
"lastModified": "2024-08-08T18:55:28.493",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:57:06.257",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{
"source": "cvd@cert.pl",
"type": "Secondary",
@ -61,14 +91,51 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kaongroup:ar2140_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.2.46",
"versionEndExcluding": "4.2.16",
"matchCriteriaId": "2B980CBD-BB71-43AA-8784-DEF175E40FBD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kaongroup:ar2140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A811607F-246B-45AF-9B62-4E3BF8F40F01"
}
]
}
]
}
],
"references": [
{
"url": "https://cert.pl/en/posts/2024/08/CVE-2024-3659",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://cert.pl/posts/2024/08/CVE-2024-3659",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-385xx/CVE-2024-38530.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-38530",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-12T15:15:20.743",
"lastModified": "2024-08-12T15:15:20.743",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Open eClass platform (formerly known as GUnet eClass) is a complete Course Management System. An arbitrary file upload vulnerability in the \"save\" functionality of the H5P module enables unauthenticated users to upload arbitrary files on the server's filesystem. This may lead in unrestricted RCE on the backend server, since the upload location is accessible from the internet. This vulnerability is fixed in 3.16."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/gunet/openeclass/commit/4449cf8bed40fd8fc4b267a5726fab9f9fe5a191",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/gunet/openeclass/security/advisories/GHSA-88c3-hp7p-grgg",
"source": "security-advisories@github.com"
}
]
}

39
CVE-2024/CVE-2024-391xx/CVE-2024-39158.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-39158",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-27T14:15:16.210",
"lastModified": "2024-06-27T17:11:52.390",
"lastModified": "2024-08-12T14:35:10.937",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que idccms v1.35 conten\u00eda Cross-Site Request Forgery (CSRF) a trav\u00e9s del componente /admin/userSys_deal.php?mudi=infoSet."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://github.com/Thirtypenny77/cms2/blob/main/58/csrf.md",

62
CVE-2024/CVE-2024-412xx/CVE-2024-41238.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41238",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-08T16:15:09.123",
"lastModified": "2024-08-08T18:55:28.493",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:06:26.557",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,14 +81,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lopalopa:responsive_school_management_system:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02775C53-3AA5-4707-A166-D1FE5B1288EF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/SQL%20Injection%20-%20Student.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.kashipara.com/project/php/12362/responsive-school-management-system-php-project-source-code",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

39
CVE-2024/CVE-2024-414xx/CVE-2024-41476.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-41476",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-12T13:38:30.450",
"lastModified": "2024-08-12T13:41:36.517",
"lastModified": "2024-08-12T14:35:13.627",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "AMTT Hotel Broadband Operation System (HiBOS) V3.0.3.151204 and before is vulnerable to SQL Injection via /manager/card/card_detail.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/lidy4x1/3314fbd82c3d72831c16f9c47a9bfb11",

82
CVE-2024/CVE-2024-419xx/CVE-2024-41942.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41942",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-08T15:15:17.527",
"lastModified": "2024-08-08T18:55:28.493",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:53:27.457",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,18 +81,60 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jupyter:jupyterhub:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.6",
"matchCriteriaId": "002EDC18-1058-456D-B6B2-4AD1D26C6B99"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jupyter:jupyterhub:5.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "EFC74618-2D13-47F3-91EF-11F37A529FC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jupyter:jupyterhub:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "33EB4391-3E1B-45A3-8372-FAA589C2E9FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jupyter:jupyterhub:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "DCF7B9A9-7309-403F-97B7-C195AADA0822"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jupyterhub/jupyterhub/commit/99e2720b0fc626cbeeca3c6337f917fdacfaa428",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/jupyterhub/jupyterhub/commit/ff2db557a85b6980f90c3158634bf924063ab8ba",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/jupyterhub/jupyterhub/security/advisories/GHSA-9x4q-3gxw-849f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-420xx/CVE-2024-42010.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-42010",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-05T19:15:38.273",
"lastModified": "2024-08-06T16:30:24.547",
"lastModified": "2024-08-12T14:15:07.370",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "mod_css_styles in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a insufficiently filters Cascading Style Sheets (CSS) token sequences in rendered e-mail messages, allowing a remote attacker to obtain sensitive information."
"value": "mod_css_styles in Roundcube through 1.5.7 and 1.6.x through 1.6.7 insufficiently filters Cascading Style Sheets (CSS) token sequences in rendered e-mail messages, allowing a remote attacker to obtain sensitive information."
},
{
"lang": "es",

25
CVE-2024/CVE-2024-422xx/CVE-2024-42258.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-42258",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-12T15:15:20.983",
"lastModified": "2024-08-12T15:15:20.983",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines\n\nYves-Alexis Perez reported commit 4ef9ad19e176 (\"mm: huge_memory: don't\nforce huge page alignment on 32 bit\") didn't work for x86_32 [1]. It is\nbecause x86_32 uses CONFIG_X86_32 instead of CONFIG_32BIT.\n\n!CONFIG_64BIT should cover all 32 bit machines.\n\n[1] https://lore.kernel.org/linux-mm/CAHbLzkr1LwH3pcTgM+aGQ31ip2bKqiqEQ8=FQB+t2c3dhNKNHA@mail.gmail.com/"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/7e1f4efb8d6140b2ec79bf760c43e1fc186e8dfc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d9592025000b3cf26c742f3505da7b83aedc26d5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

84
CVE-2024/CVE-2024-423xx/CVE-2024-42354.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42354",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-08T15:15:17.793",
"lastModified": "2024-08-08T18:55:28.493",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:49:58.230",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,26 +81,66 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.5.8.13",
"matchCriteriaId": "753BEB88-95EE-4F3B-8398-4958604B3675"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6.0.0",
"versionEndExcluding": "6.6.5.1",
"matchCriteriaId": "F1229086-0807-43FD-9ADF-478B2C8C0974"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/shopware/core/commit/d35ee2eda5c995faeb08b3dad127eab65c64e2a2",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/shopware/shopware/commit/ad83d38809df457efef21c37ce0996430334bf01",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-hhcq-ph6w-494g",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

84
CVE-2024/CVE-2024-423xx/CVE-2024-42355.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42355",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-08T15:15:18.013",
"lastModified": "2024-08-08T18:55:28.493",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:40:32.777",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,26 +81,66 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.5.8.13",
"matchCriteriaId": "753BEB88-95EE-4F3B-8398-4958604B3675"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6.0.0",
"versionEndExcluding": "6.6.5.1",
"matchCriteriaId": "F1229086-0807-43FD-9ADF-478B2C8C0974"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/shopware/core/commit/d35ee2eda5c995faeb08b3dad127eab65c64e2a2",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/shopware/shopware/commit/445c6763cc093fbd651e0efaa4150deae4ae60da",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-27wp-jvhw-v4xp",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

84
CVE-2024/CVE-2024-423xx/CVE-2024-42356.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42356",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-08T15:15:18.247",
"lastModified": "2024-08-08T18:55:28.493",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:34:08.190",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,26 +81,66 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.5.8.13",
"matchCriteriaId": "753BEB88-95EE-4F3B-8398-4958604B3675"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6.0.0",
"versionEndExcluding": "6.6.5.1",
"matchCriteriaId": "F1229086-0807-43FD-9ADF-478B2C8C0974"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/shopware/core/commit/04183e0c02af3b404eb7d52c683734bfe0595038",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/shopware/shopware/commit/e43423bcc93c618c3036f94c12aa29514da8cf2e",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-35jp-8cgg-p4wj",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

84
CVE-2024/CVE-2024-423xx/CVE-2024-42357.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42357",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-08T15:15:18.460",
"lastModified": "2024-08-08T18:55:28.493",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:26:19.520",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,26 +81,66 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.5.8.13",
"matchCriteriaId": "753BEB88-95EE-4F3B-8398-4958604B3675"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6.0.0",
"versionEndExcluding": "6.6.5.1",
"matchCriteriaId": "F1229086-0807-43FD-9ADF-478B2C8C0974"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/shopware/core/commit/63c05615694790f5790a04ef889f42b764fa53c9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/shopware/shopware/commit/57ea2f3c59483cf7c0f853e7a0d68c23ded1fe5b",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-p6w9-r443-r752",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-424xx/CVE-2024-42477.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-42477",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-12T15:15:21.050",
"lastModified": "2024-08-12T15:15:21.050",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "llama.cpp provides LLM inference in C/C++. The unsafe `type` member in the `rpc_tensor` structure can cause `global-buffer-overflow`. This vulnerability may lead to memory data leakage. The vulnerability is fixed in b3561."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-mqp6-7pv6-fqjf",
"source": "security-advisories@github.com"
}
]
}

60
CVE-2024/CVE-2024-424xx/CVE-2024-42478.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-42478",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-12T15:15:21.277",
"lastModified": "2024-08-12T15:15:21.277",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address reading. This vulnerability is fixed in b3561."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-5vm9-p64x-gqw9",
"source": "security-advisories@github.com"
}
]
}

60
CVE-2024/CVE-2024-424xx/CVE-2024-42479.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-42479",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-12T15:15:21.490",
"lastModified": "2024-08-12T15:15:21.490",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address writing. This vulnerability is fixed in b3561."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-123"
}
]
}
],
"references": [
{
"url": "https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-wcr5-566p-9cwj",
"source": "security-advisories@github.com"
}
]
}

21
CVE-2024/CVE-2024-425xx/CVE-2024-42520.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-42520",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-12T15:15:21.770",
"lastModified": "2024-08-12T15:15:21.770",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer overflow vulnerability in /bin/boa via formParentControl."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/c10uds/totolink_A3002R_stackoverflow",
"source": "cve@mitre.org"
}
]
}

64
CVE-2024/CVE-2024-66xx/CVE-2024-6639.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-6639",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-12T14:15:07.543",
"lastModified": "2024-08-12T14:46:23.463",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The MDx theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mdx_list_item' shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/yrccondor/mdx",
"source": "security@wordfence.com"
},
{
"url": "https://github.com/yrccondor/mdx/commit/0906438824b8fab72715e7d5aec348aef0792721",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/23ae17a6-a745-42c4-8627-ad1c41b66e0e?source=cve",
"source": "security@wordfence.com"
}
]
}

39
CVE-2024/CVE-2024-67xx/CVE-2024-6759.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6759",
"sourceIdentifier": "secteam@freebsd.org",
"published": "2024-08-12T13:38:40.380",
"lastModified": "2024-08-12T13:41:36.517",
"lastModified": "2024-08-12T15:35:05.710",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "When mounting a remote filesystem using NFS, the kernel did not sanitize remotely provided filenames for the path separator character, \"/\". This allows readdir(3) and related functions to return filesystem entries with names containing additional path components.\n\nThe lack of validation described above gives rise to a confused deputy problem. For example, a program copying files from an NFS mount could be tricked into copying from outside the intended source directory, and/or to a location outside the intended destination directory."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://security.freebsd.org/advisories/FreeBSD-SA-24:07.nfsclient.asc",

78
CVE-2024/CVE-2024-69xx/CVE-2024-6917.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-6917",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-08-12T15:15:21.967",
"lastModified": "2024-08-12T15:15:21.967",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Veribilim Software Veribase Order Management allows OS Command Injection.This issue affects Veribase Order Management: before v4.010.2."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "iletisim@usom.gov.tr",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
}
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-1105",
"source": "iletisim@usom.gov.tr"
}
]
}

73
CVE-2024/CVE-2024-71xx/CVE-2024-7164.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7164",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-28T17:15:10.057",
"lastModified": "2024-07-29T14:12:08.783",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T14:36:07.410",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -109,6 +129,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +150,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:school_fees_payment_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7BEB94B-3B7B-455B-9AFB-B4305F25AD65"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/d53eab0322b187bfe151b3f1f31958e2",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.272578",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.272578",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.380174",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-71xx/CVE-2024-7165.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7165",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-28T18:15:02.123",
"lastModified": "2024-07-29T14:12:08.783",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T14:36:08.707",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:school_fees_payment_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7BEB94B-3B7B-455B-9AFB-B4305F25AD65"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/efe8fa56e557bf3244909f348d5874f7",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.272579",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.272579",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.380179",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-71xx/CVE-2024-7166.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7166",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-28T18:15:02.420",
"lastModified": "2024-07-29T14:12:08.783",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T14:36:09.957",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:school_fees_payment_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7BEB94B-3B7B-455B-9AFB-B4305F25AD65"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/8ab4ff5ffb2a555694931d14329f5a5d",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.272580",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.272580",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.380180",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-71xx/CVE-2024-7167.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7167",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-28T19:15:10.697",
"lastModified": "2024-07-29T14:12:08.783",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T14:36:11.257",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:school_fees_payment_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7BEB94B-3B7B-455B-9AFB-B4305F25AD65"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/69a797bc0b33fc19144a727a0be31685",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.272581",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.272581",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.380181",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-71xx/CVE-2024-7168.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7168",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-28T19:15:11.007",
"lastModified": "2024-07-29T14:12:08.783",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T14:36:12.577",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:school_fees_payment_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7BEB94B-3B7B-455B-9AFB-B4305F25AD65"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/14187eec46d6bc04772eadae7ac4e930",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.272582",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.272582",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.380184",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-71xx/CVE-2024-7169.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7169",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-28T20:15:01.903",
"lastModified": "2024-07-29T14:12:08.783",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T14:36:26.120",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:school_fees_payment_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7BEB94B-3B7B-455B-9AFB-B4305F25AD65"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/421c916be6ab09dc990896b07185ec89",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.272583",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.272583",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.380185",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-71xx/CVE-2024-7194.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7194",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-29T10:15:02.933",
"lastModified": "2024-07-29T14:12:08.783",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T14:35:56.040",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:angeljudesuarez:society_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99B926B0-DB28-4E1F-8F49-489C73C35F36"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/DeepMountains/Mirage/blob/main/CVE7-1.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.272615",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.272615",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.380383",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-71xx/CVE-2024-7195.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7195",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-29T11:15:10.197",
"lastModified": "2024-07-29T14:12:08.783",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T14:35:58.443",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:angeljudesuarez:society_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99B926B0-DB28-4E1F-8F49-489C73C35F36"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/DeepMountains/Mirage/blob/main/CVE7-2.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.272616",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.272616",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.380384",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-71xx/CVE-2024-7196.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7196",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-29T11:15:10.503",
"lastModified": "2024-07-29T14:12:08.783",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T14:36:00.460",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -109,6 +129,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +150,51 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:complaints_report_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48D02D27-12F2-4165-9975-1C737052C223"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/7c314add775caa87b4db700e0bef7f35",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.272617",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.272617",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?submit.380408",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-71xx/CVE-2024-7197.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7197",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-29T12:15:02.320",
"lastModified": "2024-07-29T14:12:08.783",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T14:36:01.977",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:complaints_report_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48D02D27-12F2-4165-9975-1C737052C223"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/756e52cd9cd53ddc78801d322c69b5f2",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.272618",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.272618",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.380409",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-71xx/CVE-2024-7198.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7198",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-29T12:15:02.610",
"lastModified": "2024-07-29T14:12:08.783",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T14:36:03.300",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:complaints_report_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48D02D27-12F2-4165-9975-1C737052C223"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/424d2ac58623b0fb4d5232a4ecbe5110",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.272619",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.272619",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.380420",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-71xx/CVE-2024-7199.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7199",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-29T13:15:11.123",
"lastModified": "2024-07-29T14:12:08.783",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T14:36:04.663",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:complaints_report_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48D02D27-12F2-4165-9975-1C737052C223"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/75ba3db98584b13d65d874e4fcac154b",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.272620",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.272620",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.380421",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-72xx/CVE-2024-7200.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7200",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-29T13:15:11.400",
"lastModified": "2024-07-29T14:12:08.783",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T14:36:06.033",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:complaints_report_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48D02D27-12F2-4165-9975-1C737052C223"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/e8b6651dd46922157920c8ed2305efd5",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.272621",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.272621",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.380422",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

86
CVE-2024/CVE-2024-73xx/CVE-2024-7348.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7348",
"sourceIdentifier": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"published": "2024-08-08T13:15:14.007",
"lastModified": "2024-08-08T18:55:28.493",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:54:52.320",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
},
{
"source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
},
{
"source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"type": "Secondary",
@ -51,10 +81,60 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.20",
"matchCriteriaId": "1406C6A7-1C35-4474-ACDB-BA846C24F21B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.16",
"matchCriteriaId": "8FADD5D0-8034-4379-8C8F-2EB545AF97A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.13",
"matchCriteriaId": "5BC17304-2D09-4162-9010-02C4ED82B9EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.8",
"matchCriteriaId": "7A8C15B7-5796-44FA-8A83-01DAF7B226ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.4",
"matchCriteriaId": "7DDD83C9-C0AF-464E-A367-481E5556B970"
}
]
}
]
}
],
"references": [
{
"url": "https://www.postgresql.org/support/security/CVE-2024-7348/",
"source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"
"source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2024/CVE-2024-74xx/CVE-2024-7490.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7490",
"sourceIdentifier": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"published": "2024-08-08T15:15:19.057",
"lastModified": "2024-08-08T18:55:28.493",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-12T15:22:20.267",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
@ -66,9 +66,41 @@
"baseSeverity": "CRITICAL"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"type": "Secondary",
@ -84,10 +116,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microchip:advanced_software_framework:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.52.0.2574",
"matchCriteriaId": "5E481B5A-B7B4-4287-A56D-1361ED52FACC"
}
]
}
]
}
],
"references": [
{
"url": "https://www.microchip.com/en-us/tools-resources/develop/libraries/advanced-software-framework",
"source": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5"
"source": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"tags": [
"Vendor Advisory"
]
}
]
}

41
CVE-2024/CVE-2024-76xx/CVE-2024-7697.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7697",
"sourceIdentifier": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea",
"published": "2024-08-12T13:38:58.913",
"lastModified": "2024-08-12T13:41:36.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-12T15:35:07.293",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user information leakage risks."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://security.tecno.com/SRC/blogdetail/294?lang=en_US",

97
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-08-12T14:00:18.173280+00:00
2024-08-12T16:00:16.953507+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-08-12T13:55:37.307000+00:00
2024-08-12T15:57:06.257000+00:00
```
### Last Data Feed Release
@ -33,67 +33,58 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
259542
259556
```
### CVEs added in the last Commit
Recently added CVEs: `159`
Recently added CVEs: `14`
- [CVE-2024-7658](CVE-2024/CVE-2024-76xx/CVE-2024-7658.json) (`2024-08-12T13:38:49.630`)
- [CVE-2024-7659](CVE-2024/CVE-2024-76xx/CVE-2024-7659.json) (`2024-08-12T13:38:49.920`)
- [CVE-2024-7660](CVE-2024/CVE-2024-76xx/CVE-2024-7660.json) (`2024-08-12T13:38:50.210`)
- [CVE-2024-7661](CVE-2024/CVE-2024-76xx/CVE-2024-7661.json) (`2024-08-12T13:38:50.527`)
- [CVE-2024-7662](CVE-2024/CVE-2024-76xx/CVE-2024-7662.json) (`2024-08-12T13:38:50.820`)
- [CVE-2024-7663](CVE-2024/CVE-2024-76xx/CVE-2024-7663.json) (`2024-08-12T13:38:51.097`)
- [CVE-2024-7664](CVE-2024/CVE-2024-76xx/CVE-2024-7664.json) (`2024-08-12T13:38:51.397`)
- [CVE-2024-7665](CVE-2024/CVE-2024-76xx/CVE-2024-7665.json) (`2024-08-12T13:38:51.707`)
- [CVE-2024-7666](CVE-2024/CVE-2024-76xx/CVE-2024-7666.json) (`2024-08-12T13:38:51.990`)
- [CVE-2024-7667](CVE-2024/CVE-2024-76xx/CVE-2024-7667.json) (`2024-08-12T13:38:52.290`)
- [CVE-2024-7668](CVE-2024/CVE-2024-76xx/CVE-2024-7668.json) (`2024-08-12T13:38:52.580`)
- [CVE-2024-7669](CVE-2024/CVE-2024-76xx/CVE-2024-7669.json) (`2024-08-12T13:38:53.360`)
- [CVE-2024-7676](CVE-2024/CVE-2024-76xx/CVE-2024-7676.json) (`2024-08-12T13:38:53.810`)
- [CVE-2024-7677](CVE-2024/CVE-2024-76xx/CVE-2024-7677.json) (`2024-08-12T13:38:54.240`)
- [CVE-2024-7678](CVE-2024/CVE-2024-76xx/CVE-2024-7678.json) (`2024-08-12T13:38:54.640`)
- [CVE-2024-7680](CVE-2024/CVE-2024-76xx/CVE-2024-7680.json) (`2024-08-12T13:38:55.060`)
- [CVE-2024-7681](CVE-2024/CVE-2024-76xx/CVE-2024-7681.json) (`2024-08-12T13:38:55.480`)
- [CVE-2024-7682](CVE-2024/CVE-2024-76xx/CVE-2024-7682.json) (`2024-08-12T13:38:55.913`)
- [CVE-2024-7683](CVE-2024/CVE-2024-76xx/CVE-2024-7683.json) (`2024-08-12T13:38:56.333`)
- [CVE-2024-7684](CVE-2024/CVE-2024-76xx/CVE-2024-7684.json) (`2024-08-12T13:38:56.783`)
- [CVE-2024-7685](CVE-2024/CVE-2024-76xx/CVE-2024-7685.json) (`2024-08-12T13:38:57.293`)
- [CVE-2024-7686](CVE-2024/CVE-2024-76xx/CVE-2024-7686.json) (`2024-08-12T13:38:57.730`)
- [CVE-2024-7693](CVE-2024/CVE-2024-76xx/CVE-2024-7693.json) (`2024-08-12T13:38:58.150`)
- [CVE-2024-7694](CVE-2024/CVE-2024-76xx/CVE-2024-7694.json) (`2024-08-12T13:38:58.553`)
- [CVE-2024-7697](CVE-2024/CVE-2024-76xx/CVE-2024-7697.json) (`2024-08-12T13:38:58.913`)
- [CVE-2024-21550](CVE-2024/CVE-2024-215xx/CVE-2024-21550.json) (`2024-08-12T15:15:19.903`)
- [CVE-2024-27442](CVE-2024/CVE-2024-274xx/CVE-2024-27442.json) (`2024-08-12T15:15:20.193`)
- [CVE-2024-27443](CVE-2024/CVE-2024-274xx/CVE-2024-27443.json) (`2024-08-12T15:15:20.283`)
- [CVE-2024-33533](CVE-2024/CVE-2024-335xx/CVE-2024-33533.json) (`2024-08-12T15:15:20.480`)
- [CVE-2024-33535](CVE-2024/CVE-2024-335xx/CVE-2024-33535.json) (`2024-08-12T15:15:20.570`)
- [CVE-2024-33536](CVE-2024/CVE-2024-335xx/CVE-2024-33536.json) (`2024-08-12T15:15:20.657`)
- [CVE-2024-38530](CVE-2024/CVE-2024-385xx/CVE-2024-38530.json) (`2024-08-12T15:15:20.743`)
- [CVE-2024-42258](CVE-2024/CVE-2024-422xx/CVE-2024-42258.json) (`2024-08-12T15:15:20.983`)
- [CVE-2024-42477](CVE-2024/CVE-2024-424xx/CVE-2024-42477.json) (`2024-08-12T15:15:21.050`)
- [CVE-2024-42478](CVE-2024/CVE-2024-424xx/CVE-2024-42478.json) (`2024-08-12T15:15:21.277`)
- [CVE-2024-42479](CVE-2024/CVE-2024-424xx/CVE-2024-42479.json) (`2024-08-12T15:15:21.490`)
- [CVE-2024-42520](CVE-2024/CVE-2024-425xx/CVE-2024-42520.json) (`2024-08-12T15:15:21.770`)
- [CVE-2024-6639](CVE-2024/CVE-2024-66xx/CVE-2024-6639.json) (`2024-08-12T14:15:07.543`)
- [CVE-2024-6917](CVE-2024/CVE-2024-69xx/CVE-2024-6917.json) (`2024-08-12T15:15:21.967`)
### CVEs modified in the last Commit
Recently modified CVEs: `23`
Recently modified CVEs: `47`
- [CVE-2017-20190](CVE-2017/CVE-2017-201xx/CVE-2017-20190.json) (`2024-08-12T13:38:08.423`)
- [CVE-2022-31623](CVE-2022/CVE-2022-316xx/CVE-2022-31623.json) (`2024-08-12T13:38:09.363`)
- [CVE-2023-3295](CVE-2023/CVE-2023-32xx/CVE-2023-3295.json) (`2024-08-12T13:38:11.290`)
- [CVE-2023-38522](CVE-2023/CVE-2023-385xx/CVE-2023-38522.json) (`2024-08-12T13:38:32.837`)
- [CVE-2023-5665](CVE-2023/CVE-2023-56xx/CVE-2023-5665.json) (`2024-08-12T13:38:12.337`)
- [CVE-2024-21302](CVE-2024/CVE-2024-213xx/CVE-2024-21302.json) (`2024-08-12T13:38:14.373`)
- [CVE-2024-25400](CVE-2024/CVE-2024-254xx/CVE-2024-25400.json) (`2024-08-12T13:38:17.123`)
- [CVE-2024-3162](CVE-2024/CVE-2024-31xx/CVE-2024-3162.json) (`2024-08-12T13:38:26.607`)
- [CVE-2024-35161](CVE-2024/CVE-2024-351xx/CVE-2024-35161.json) (`2024-08-12T13:39:50.477`)
- [CVE-2024-35296](CVE-2024/CVE-2024-352xx/CVE-2024-35296.json) (`2024-08-12T13:55:37.307`)
- [CVE-2024-35894](CVE-2024/CVE-2024-358xx/CVE-2024-35894.json) (`2024-08-12T13:38:21.393`)
- [CVE-2024-3653](CVE-2024/CVE-2024-36xx/CVE-2024-3653.json) (`2024-08-12T13:38:27.570`)
- [CVE-2024-38166](CVE-2024/CVE-2024-381xx/CVE-2024-38166.json) (`2024-08-12T13:38:23.440`)
- [CVE-2024-38206](CVE-2024/CVE-2024-382xx/CVE-2024-38206.json) (`2024-08-12T13:38:23.820`)
- [CVE-2024-39558](CVE-2024/CVE-2024-395xx/CVE-2024-39558.json) (`2024-08-12T13:38:24.610`)
- [CVE-2024-41021](CVE-2024/CVE-2024-410xx/CVE-2024-41021.json) (`2024-08-12T13:38:29.623`)
- [CVE-2024-42226](CVE-2024/CVE-2024-422xx/CVE-2024-42226.json) (`2024-08-12T13:38:33.853`)
- [CVE-2024-43199](CVE-2024/CVE-2024-431xx/CVE-2024-43199.json) (`2024-08-12T12:59:48.253`)
- [CVE-2024-5953](CVE-2024/CVE-2024-59xx/CVE-2024-5953.json) (`2024-08-12T13:38:38.430`)
- [CVE-2024-5971](CVE-2024/CVE-2024-59xx/CVE-2024-5971.json) (`2024-08-12T13:38:38.567`)
- [CVE-2024-6237](CVE-2024/CVE-2024-62xx/CVE-2024-6237.json) (`2024-08-12T13:38:38.977`)
- [CVE-2024-7437](CVE-2024/CVE-2024-74xx/CVE-2024-7437.json) (`2024-08-12T13:38:43.060`)
- [CVE-2024-7438](CVE-2024/CVE-2024-74xx/CVE-2024-7438.json) (`2024-08-12T13:38:43.203`)
- [CVE-2024-41238](CVE-2024/CVE-2024-412xx/CVE-2024-41238.json) (`2024-08-12T15:06:26.557`)
- [CVE-2024-41476](CVE-2024/CVE-2024-414xx/CVE-2024-41476.json) (`2024-08-12T14:35:13.627`)
- [CVE-2024-41942](CVE-2024/CVE-2024-419xx/CVE-2024-41942.json) (`2024-08-12T15:53:27.457`)
- [CVE-2024-42010](CVE-2024/CVE-2024-420xx/CVE-2024-42010.json) (`2024-08-12T14:15:07.370`)
- [CVE-2024-42354](CVE-2024/CVE-2024-423xx/CVE-2024-42354.json) (`2024-08-12T15:49:58.230`)
- [CVE-2024-42355](CVE-2024/CVE-2024-423xx/CVE-2024-42355.json) (`2024-08-12T15:40:32.777`)
- [CVE-2024-42356](CVE-2024/CVE-2024-423xx/CVE-2024-42356.json) (`2024-08-12T15:34:08.190`)
- [CVE-2024-42357](CVE-2024/CVE-2024-423xx/CVE-2024-42357.json) (`2024-08-12T15:26:19.520`)
- [CVE-2024-6759](CVE-2024/CVE-2024-67xx/CVE-2024-6759.json) (`2024-08-12T15:35:05.710`)
- [CVE-2024-7164](CVE-2024/CVE-2024-71xx/CVE-2024-7164.json) (`2024-08-12T14:36:07.410`)
- [CVE-2024-7165](CVE-2024/CVE-2024-71xx/CVE-2024-7165.json) (`2024-08-12T14:36:08.707`)
- [CVE-2024-7166](CVE-2024/CVE-2024-71xx/CVE-2024-7166.json) (`2024-08-12T14:36:09.957`)
- [CVE-2024-7167](CVE-2024/CVE-2024-71xx/CVE-2024-7167.json) (`2024-08-12T14:36:11.257`)
- [CVE-2024-7168](CVE-2024/CVE-2024-71xx/CVE-2024-7168.json) (`2024-08-12T14:36:12.577`)
- [CVE-2024-7169](CVE-2024/CVE-2024-71xx/CVE-2024-7169.json) (`2024-08-12T14:36:26.120`)
- [CVE-2024-7194](CVE-2024/CVE-2024-71xx/CVE-2024-7194.json) (`2024-08-12T14:35:56.040`)
- [CVE-2024-7195](CVE-2024/CVE-2024-71xx/CVE-2024-7195.json) (`2024-08-12T14:35:58.443`)
- [CVE-2024-7196](CVE-2024/CVE-2024-71xx/CVE-2024-7196.json) (`2024-08-12T14:36:00.460`)
- [CVE-2024-7197](CVE-2024/CVE-2024-71xx/CVE-2024-7197.json) (`2024-08-12T14:36:01.977`)
- [CVE-2024-7198](CVE-2024/CVE-2024-71xx/CVE-2024-7198.json) (`2024-08-12T14:36:03.300`)
- [CVE-2024-7199](CVE-2024/CVE-2024-71xx/CVE-2024-7199.json) (`2024-08-12T14:36:04.663`)
- [CVE-2024-7200](CVE-2024/CVE-2024-72xx/CVE-2024-7200.json) (`2024-08-12T14:36:06.033`)
- [CVE-2024-7348](CVE-2024/CVE-2024-73xx/CVE-2024-7348.json) (`2024-08-12T15:54:52.320`)
- [CVE-2024-7490](CVE-2024/CVE-2024-74xx/CVE-2024-7490.json) (`2024-08-12T15:22:20.267`)
- [CVE-2024-7697](CVE-2024/CVE-2024-76xx/CVE-2024-7697.json) (`2024-08-12T15:35:07.293`)
## Download and Usage

466
_state.csv
View File

File diff suppressed because it is too large Load Diff