admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-09-04T18:00:19.894122+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-09-04 18:03:19 +00:00
parent 83e7765e05
commit e5fbfa5cc2
123 changed files with 56694 additions and 537 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2018/CVE-2018-192xx/CVE-2018-19277.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-19277",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-11-14T11:29:07.920",
"lastModified": "2022-04-18T17:32:22.960",
"lastModified": "2024-09-04T17:45:31.283",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -85,9 +85,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpspreadsheet_project:phpspreadsheet:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:phpoffice:phpspreadsheet:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.5.0",
"matchCriteriaId": "A3634A01-0214-455A-A1DF-8A5E3101D494"
"matchCriteriaId": "B9D0EE7B-0573-4A6F-B2B9-1AACD41680A3"
}
]
}

6
CVE-2019/CVE-2019-123xx/CVE-2019-12331.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-12331",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-11-07T15:15:10.697",
"lastModified": "2020-02-10T21:49:54.717",
"lastModified": "2024-09-04T17:45:31.283",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -85,9 +85,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpspreadsheet_project:phpspreadsheet:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:phpoffice:phpspreadsheet:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.8.0",
"matchCriteriaId": "3F23AC28-5A4F-419B-99AA-AA355BF0E6C2"
"matchCriteriaId": "9E54FAA6-34F6-46B1-A0B4-D6C68D07754F"
}
]
}

6
CVE-2020/CVE-2020-77xx/CVE-2020-7776.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-7776",
"sourceIdentifier": "report@snyk.io",
"published": "2020-12-09T17:15:31.883",
"lastModified": "2021-01-19T17:27:22.990",
"lastModified": "2024-09-04T17:45:31.283",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -105,9 +105,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpspreadsheet_project:phpspreadsheet:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:phpoffice:phpspreadsheet:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.16.0",
"matchCriteriaId": "DA738A04-48E0-46DF-BE25-5747002F87F2"
"matchCriteriaId": "8D823618-D958-409A-9F60-269B69E130A0"
}
]
}

38
CVE-2021/CVE-2021-36xx/CVE-2021-3600.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-3600",
"sourceIdentifier": "security@ubuntu.com",
"published": "2024-01-08T19:15:08.470",
"lastModified": "2024-08-22T20:29:55.757",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-04T16:35:00.690",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -56,6 +56,26 @@
},
"exploitabilityScore": 1.1,
"impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -73,6 +93,20 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-03xx/CVE-2023-0392.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0392",
"sourceIdentifier": "psirt@okta.com",
"published": "2023-11-08T21:15:08.353",
"lastModified": "2023-11-16T16:15:03.290",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-04T16:35:02.333",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.5,
"impactScore": 3.4
}
]
},
@ -59,6 +79,16 @@
"value": "CWE-428"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-428"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-458xx/CVE-2023-45875.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45875",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-08T21:15:08.587",
"lastModified": "2023-11-16T17:35:03.380",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-04T16:35:03.760",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

39
CVE-2023/CVE-2023-474xx/CVE-2023-47438.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-47438",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-27T22:15:07.607",
"lastModified": "2024-03-28T02:01:13.303",
"lastModified": "2024-09-04T17:35:02.373",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La vulnerabilidad de inyecci\u00f3n SQL en Reportico Till 8.1.0 permite a los atacantes obtener informaci\u00f3n confidencial u otra informaci\u00f3n del sistema a trav\u00e9s del par\u00e1metro del proyecto."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/reportico-web/reportico/issues/52",

24
CVE-2023/CVE-2023-61xx/CVE-2023-6140.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6140",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-01-08T19:15:10.027",
"lastModified": "2024-01-11T19:50:08.143",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-04T16:35:05.610",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

24
CVE-2023/CVE-2023-67xx/CVE-2023-6750.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6750",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-01-08T19:15:10.680",
"lastModified": "2024-01-11T20:01:30.297",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-04T16:35:05.803",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

56
CVE-2024/CVE-2024-204xx/CVE-2024-20439.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-20439",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-04T17:15:13.210",
"lastModified": "2024-09-04T17:15:13.210",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to log in to an affected system by using a static administrative credential.\r\n\r\nThis vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to log in to the affected system. A successful exploit could allow the attacker to log in to the affected system with administrative privileges over the API of the Cisco Smart Licensing Utility application."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-912"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw",
"source": "ykramarz@cisco.com"
}
]
}

56
CVE-2024/CVE-2024-204xx/CVE-2024-20440.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-20440",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-04T17:15:13.517",
"lastModified": "2024-09-04T17:15:13.517",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to access sensitive information.\r\n\r\nThis vulnerability is due to excessive verbosity in a debug log file. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain log files that contain sensitive data, including credentials that can be used to access the API."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw",
"source": "ykramarz@cisco.com"
}
]
}

56
CVE-2024/CVE-2024-204xx/CVE-2024-20469.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-20469",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-04T17:15:13.740",
"lastModified": "2024-09-04T17:15:13.740",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in specific CLI commands in Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have valid Administrator privileges on an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-injection-6kn9tSxm",
"source": "ykramarz@cisco.com"
}
]
}

56
CVE-2024/CVE-2024-204xx/CVE-2024-20497.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-20497",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-04T17:15:13.970",
"lastModified": "2024-09-04T17:15:13.970",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Expressway Edge (Expressway-E) could allow an authenticated, remote attacker to masquerade as another user on an affected system.\r\n\r\nThis vulnerability is due to inadequate authorization checks for Mobile and Remote Access (MRA) users. An attacker could exploit this vulnerability by running a series of crafted commands. A successful exploit could allow the attacker to intercept calls that are destined for a particular phone number or to make phone calls and have that phone number appear on the caller ID. To successfully exploit this vulnerability, the attacker must be an MRA user on an affected system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-auth-kdFrcZ2j",
"source": "ykramarz@cisco.com"
}
]
}

56
CVE-2024/CVE-2024-205xx/CVE-2024-20503.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-20503",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-04T17:15:14.200",
"lastModified": "2024-09-04T17:15:14.200",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Duo Epic for Hyperdrive could allow an authenticated, local attacker to view sensitive information in cleartext on an affected system.\r\n\r\nThis vulnerability is due to improper storage of an unencrypted registry key. A low-privileged attacker could exploit this vulnerability by viewing or querying the registry key on the affected system. A successful exploit could allow the attacker to view sensitive information in cleartext."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-epic-info-sdLv6h8y",
"source": "ykramarz@cisco.com"
}
]
}

39
CVE-2024/CVE-2024-276xx/CVE-2024-27619.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27619",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-29T15:15:11.057",
"lastModified": "2024-04-01T01:12:59.077",
"lastModified": "2024-09-04T17:35:03.770",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La revisi\u00f3n Dlink Dir-3040us A1 1.20b03a es vulnerable al desbordamiento del b\u00fafer. Cualquier usuario que tenga acceso de lectura/escritura al servidor ftp puede escribir directamente en la RAM, provocando un desbordamiento del b\u00fafer si el archivo o los archivos cargados son mayores que la RAM disponible. El servidor Ftp permite cambiar el directorio a la ra\u00edz, que est\u00e1 un nivel por encima de la ra\u00edz del directorio flash USB. Durante la carga, la RAM se llena y provoca que se agoten los recursos del sistema (no hay memoria libre), lo que provoca que el sistema falle y se reinicie."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "http://dir-3040us.com",

62
CVE-2024/CVE-2024-280xx/CVE-2024-28044.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28044",
"sourceIdentifier": "scy@openharmony.io",
"published": "2024-09-02T05:15:15.380",
"lastModified": "2024-09-03T12:59:02.453",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-04T17:12:54.973",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "scy@openharmony.io",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
},
{
"source": "scy@openharmony.io",
"type": "Secondary",
@ -51,10 +81,32 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md",
"source": "scy@openharmony.io"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openatom:openharmony:*:*:*:*:-:*:*:*",
"versionStartIncluding": "4.0",
"versionEndIncluding": "4.1",
"matchCriteriaId": "6304CD6F-CBB6-4B5A-A555-3161F8CDDD35"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md",
"source": "scy@openharmony.io",
"tags": [
"Vendor Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-280xx/CVE-2024-28093.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-28093",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-26T12:15:50.293",
"lastModified": "2024-07-26T21:15:12.400",
"lastModified": "2024-09-04T17:35:04.910",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "El servicio TELNET de los dispositivos AdTran NetVanta 3120 18.01.01.00.E est\u00e1 habilitado de forma predeterminada y tiene credenciales predeterminadas para una cuenta de nivel ra\u00edz."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1392"
}
]
}
],
"references": [
{
"url": "https://github.com/actuator/cve/blob/main/AdTran/CVE-2024-28093",

39
CVE-2024/CVE-2024-294xx/CVE-2024-29433.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-29433",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-01T20:15:14.117",
"lastModified": "2024-04-02T12:50:42.233",
"lastModified": "2024-09-04T16:35:06.867",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de deserializaci\u00f3n en el componente FASTJSON de Alldata v0.4.6 permite a los atacantes ejecutar comandos arbitrarios proporcionando datos manipulados."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/Raybye/496a871c66715a531750d58651d2b5c4",

39
CVE-2024/CVE-2024-308xx/CVE-2024-30806.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-30806",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-02T18:15:12.397",
"lastModified": "2024-04-02T20:31:58.463",
"lastModified": "2024-09-04T16:35:07.870",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 un problema en Bento4 v1.6.0-641-2-g1529b83. Hay un desbordamiento de almacenamiento din\u00e1mico en AP4_Dec3Atom::AP4_Dec3Atom en Ap4Dec3Atom.cpp, lo que provoca una denegaci\u00f3n de servicio (DoS), como lo demuestra mp42aac."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://github.com/axiomatic-systems/Bento4/issues/914",

39
CVE-2024/CVE-2024-309xx/CVE-2024-30965.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-30965",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-02T14:15:08.260",
"lastModified": "2024-04-02T18:12:16.283",
"lastModified": "2024-09-04T16:35:08.693",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a trav\u00e9s de /src/dede/member_scores.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://github.com/Fishkey1/cms/commit/e9d294951ab2dd85709f1d12ad4747f25d326b1b",

1241
CVE-2024/CVE-2024-330xx/CVE-2024-33038.json
View File

File diff suppressed because it is too large Load Diff

5507
CVE-2024/CVE-2024-330xx/CVE-2024-33042.json
View File

File diff suppressed because it is too large Load Diff

4908
CVE-2024/CVE-2024-330xx/CVE-2024-33045.json
View File

File diff suppressed because it is too large Load Diff

693
CVE-2024/CVE-2024-330xx/CVE-2024-33047.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-33047",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2024-09-02T12:15:17.173",
"lastModified": "2024-09-03T12:59:02.453",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T17:07:31.877",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
@ -51,10 +81,663 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html",
"source": "product-security@qualcomm.com"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82B82E87-F3F4-466F-A76B-C8809121FF6F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "419A132E-E42C-4395-B74B-788A39DF1D13"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC5F81B-AA24-4E3C-9FC8-53E010AC977E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qcm5430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5C66DAD-0D85-46B8-92D7-6D68B9429E9A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99AA0291-B822-4CAD-BA17-81B632FC3FEF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qcs5430_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6926498-667C-4866-B3DD-A7E20B8F4D7F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qcs5430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEFEBC7A-80C0-4E4F-B9C7-53EECF86B6B5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "403AE561-6C9E-49F3-A5D6-C48DDD51D663"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FAC140F-FC5E-4C88-B777-7F5EBF49A695"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:video_collaboration_vc3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77397AFD-F4B1-437E-AB50-99EE6F305859"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:video_collaboration_vc3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50FAF626-07C9-42CB-B92B-C263D66CF27D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14E3FE58-7F1C-4F5C-B62D-0CF124E14AB2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFCB0BBA-3F81-4FCA-B3DE-190C46DA50DB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7E52771-4FB7-45DB-A349-4DD911F53752"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72F6CE39-9299-4FC3-BC48-11F79034F2E4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_429_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0C530E-53E7-482B-8522-C632E98E756B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_429:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2942BDD8-5542-430C-B566-245758DC2329"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_7c\\+_gen_3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9749871B-A555-4FAA-82F8-E46B95AC0F25"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_7c\\+_gen_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0318A41-2E92-4C83-BB9D-68BC68E574BC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_gen_3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E15C776-B718-4F26-9C9F-16B373E53C8A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_gen_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F844952-6546-455B-AD55-0D1CD7BB2CF5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D99CA230-0694-4898-A06E-9C522CCB86CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62B00662-139A-4E36-98FA-D4F7D101D4AB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA33DE15-C177-43B3-AD50-FF797753D12E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1A5841-5BCB-4033-ACB9-23F3FCA65309"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B47BF35-3AA0-4667-842E-19B0FE30BF3C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A071672-9405-4418-9141-35CEADBB65AF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7CF473-8B25-4851-91F2-1BD693CCDC85"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91E591F2-8F72-4A5A-9264-2742EB2DABDA"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html",
"source": "product-security@qualcomm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

5129
CVE-2024/CVE-2024-330xx/CVE-2024-33048.json
View File

File diff suppressed because it is too large Load Diff

6965
CVE-2024/CVE-2024-330xx/CVE-2024-33050.json
View File

File diff suppressed because it is too large Load Diff

7936
CVE-2024/CVE-2024-330xx/CVE-2024-33051.json
View File

File diff suppressed because it is too large Load Diff

5507
CVE-2024/CVE-2024-330xx/CVE-2024-33052.json
View File

File diff suppressed because it is too large Load Diff

937
CVE-2024/CVE-2024-330xx/CVE-2024-33054.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-33054",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2024-09-02T12:15:18.280",
"lastModified": "2024-09-03T12:59:02.453",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T17:06:47.337",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
@ -51,10 +81,907 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html",
"source": "product-security@qualcomm.com"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82B82E87-F3F4-466F-A76B-C8809121FF6F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "419A132E-E42C-4395-B74B-788A39DF1D13"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC5F81B-AA24-4E3C-9FC8-53E010AC977E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qcm5430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5C66DAD-0D85-46B8-92D7-6D68B9429E9A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99AA0291-B822-4CAD-BA17-81B632FC3FEF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qcm8550_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "646B241B-2971-4929-9FB6-7A4CBF801CBB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qcm8550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5654FFB5-9A89-4399-AFAB-0A26726DEC81"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qcs5430_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6926498-667C-4866-B3DD-A7E20B8F4D7F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qcs5430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEFEBC7A-80C0-4E4F-B9C7-53EECF86B6B5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "403AE561-6C9E-49F3-A5D6-C48DDD51D663"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FAC140F-FC5E-4C88-B777-7F5EBF49A695"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFF23DDB-98A0-4343-ADD3-5AB9C2383E7E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qcs8550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ACB8AFB-5B91-4AA1-BA3A-1AF0B3503080"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:video_collaboration_vc3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77397AFD-F4B1-437E-AB50-99EE6F305859"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:video_collaboration_vc3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50FAF626-07C9-42CB-B92B-C263D66CF27D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7E52771-4FB7-45DB-A349-4DD911F53752"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72F6CE39-9299-4FC3-BC48-11F79034F2E4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sg8275p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8509F3A3-A1CA-466B-9031-4146C36B9AF8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sg8275p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1813AB7-44F5-476B-9533-536F5B2F26BB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sm8550p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4CDD6A2-5A3C-4572-8CE1-2F102333BB79"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sm8550p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "699E5D17-6144-4F0A-8D52-1E8C83990E52"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sm8635_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65865EE9-59C0-498F-A4C5-EC00D4642603"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sm8635:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE02AB51-6FB6-4727-999B-A7466CEDC534"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_429_mobile_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B29ED8BE-FB30-4E28-B080-7970BBCF67CF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_429_mobile:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1C36217-A66F-445C-8B5C-73E6096308DA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_2_mobile_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "863BA6B8-5F2D-4D97-BBBE-EAD5B35AB3AA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_2_mobile:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0344CF-A15E-4734-852F-9553E780644B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_3_mobile_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA40FA0B-F9F1-48D4-B68A-ECD7241A5F39"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_3_mobile:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B00530E-070B-4832-AFF0-535D4A1A6F85"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_8\\+_gen_2_mobile_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28D14A7F-F116-416B-A359-32D395F706D4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_8\\+_gen_2_mobile:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B67D19B-E1B0-41A2-B122-FBA6D797F3C8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "896F1C04-9957-440F-BF01-C3772CC3B3DF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90555EB-47A7-4717-92D5-35B561825F06"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "699056F6-1517-4F25-AE07-4FFCF6923B9F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9395:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4C023D2-6FF5-4FFC-B9F2-895979166580"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D99CA230-0694-4898-A06E-9C522CCB86CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62B00662-139A-4E36-98FA-D4F7D101D4AB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC386D9-3D2B-40FA-A2D9-199BB138F46A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn6755:-:*:*:*:*:*:*:*",
"matchCriteriaId": "133FFD9F-FA09-4801-939B-AD1D507BE5FE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA33DE15-C177-43B3-AD50-FF797753D12E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1A5841-5BCB-4033-ACB9-23F3FCA65309"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B47BF35-3AA0-4667-842E-19B0FE30BF3C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A071672-9405-4418-9141-35CEADBB65AF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7CF473-8B25-4851-91F2-1BD693CCDC85"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91E591F2-8F72-4A5A-9264-2742EB2DABDA"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html",
"source": "product-security@qualcomm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

4643
CVE-2024/CVE-2024-330xx/CVE-2024-33057.json
View File

File diff suppressed because it is too large Load Diff

6798
CVE-2024/CVE-2024-330xx/CVE-2024-33060.json
View File

File diff suppressed because it is too large Load Diff

75
CVE-2024/CVE-2024-383xx/CVE-2024-38382.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38382",
"sourceIdentifier": "scy@openharmony.io",
"published": "2024-09-02T05:15:15.590",
"lastModified": "2024-09-03T12:59:02.453",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-04T17:10:56.497",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "scy@openharmony.io",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "scy@openharmony.io",
"type": "Secondary",
@ -55,10 +85,45 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md",
"source": "scy@openharmony.io"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openatom:openharmony:4.0:-:*:*:-:*:*:*",
"matchCriteriaId": "0E24BA59-D8E5-438B-A046-3CF5CA940833"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openatom:openharmony:4.0:beta1:*:*:-:*:*:*",
"matchCriteriaId": "393080A6-2550-4D36-8742-9411A5317C44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openatom:openharmony:4.0:beta2:*:*:-:*:*:*",
"matchCriteriaId": "102B818B-D0A3-4156-B33D-08773C198611"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openatom:openharmony:4.0.1:*:*:*:-:*:*:*",
"matchCriteriaId": "5373D25A-1082-4CA4-A874-E71B07DC22EE"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md",
"source": "scy@openharmony.io",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-383xx/CVE-2024-38386.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38386",
"sourceIdentifier": "scy@openharmony.io",
"published": "2024-09-02T05:15:15.783",
"lastModified": "2024-09-03T12:59:02.453",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-04T16:56:41.463",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "scy@openharmony.io",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "scy@openharmony.io",
"type": "Secondary",
@ -51,10 +81,32 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md",
"source": "scy@openharmony.io"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openatom:openharmony:*:*:*:*:-:*:*:*",
"versionStartIncluding": "4.0",
"versionEndIncluding": "4.1",
"matchCriteriaId": "6304CD6F-CBB6-4B5A-A555-3161F8CDDD35"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md",
"source": "scy@openharmony.io",
"tags": [
"Vendor Advisory"
]
}
]
}

1106
CVE-2024/CVE-2024-384xx/CVE-2024-38401.json
View File

File diff suppressed because it is too large Load Diff

75
CVE-2024/CVE-2024-396xx/CVE-2024-39612.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39612",
"sourceIdentifier": "scy@openharmony.io",
"published": "2024-09-02T05:15:15.967",
"lastModified": "2024-09-03T12:59:02.453",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-04T16:38:56.383",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "scy@openharmony.io",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "scy@openharmony.io",
"type": "Secondary",
@ -55,10 +85,45 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md",
"source": "scy@openharmony.io"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openatom:openharmony:4.0:-:*:*:-:*:*:*",
"matchCriteriaId": "0E24BA59-D8E5-438B-A046-3CF5CA940833"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openatom:openharmony:4.0:beta1:*:*:-:*:*:*",
"matchCriteriaId": "393080A6-2550-4D36-8742-9411A5317C44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openatom:openharmony:4.0:beta2:*:*:-:*:*:*",
"matchCriteriaId": "102B818B-D0A3-4156-B33D-08773C198611"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openatom:openharmony:4.0.1:*:*:*:-:*:*:*",
"matchCriteriaId": "5373D25A-1082-4CA4-A874-E71B07DC22EE"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md",
"source": "scy@openharmony.io",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-397xx/CVE-2024-39775.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39775",
"sourceIdentifier": "scy@openharmony.io",
"published": "2024-09-02T05:15:16.160",
"lastModified": "2024-09-03T12:59:02.453",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-04T16:34:51.113",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "scy@openharmony.io",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "scy@openharmony.io",
"type": "Secondary",
@ -55,10 +85,32 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md",
"source": "scy@openharmony.io"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openatom:openharmony:*:*:*:*:-:*:*:*",
"versionStartIncluding": "4.0",
"versionEndIncluding": "4.1",
"matchCriteriaId": "6304CD6F-CBB6-4B5A-A555-3161F8CDDD35"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md",
"source": "scy@openharmony.io",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-398xx/CVE-2024-39816.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39816",
"sourceIdentifier": "scy@openharmony.io",
"published": "2024-09-02T05:15:16.343",
"lastModified": "2024-09-03T12:59:02.453",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-04T16:30:42.197",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "scy@openharmony.io",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "scy@openharmony.io",
"type": "Secondary",
@ -51,10 +81,32 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md",
"source": "scy@openharmony.io"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openatom:openharmony:*:*:*:*:-:*:*:*",
"versionStartIncluding": "4.0",
"versionEndIncluding": "4.1",
"matchCriteriaId": "6304CD6F-CBB6-4B5A-A555-3161F8CDDD35"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md",
"source": "scy@openharmony.io",
"tags": [
"Vendor Advisory"
]
}
]
}

67
CVE-2024/CVE-2024-398xx/CVE-2024-39837.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39837",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2024-08-01T15:15:12.790",
"lastModified": "2024-08-01T16:45:25.400",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-04T17:38:42.297",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -51,10 +81,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.5.0",
"versionEndExcluding": "9.5.7",
"matchCriteriaId": "CBEB8F40-C2DE-4E6F-8772-1BBCA44795A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:9.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE71910-C7C4-4F33-BFD4-40D2EAA56DB1"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

81
CVE-2024/CVE-2024-398xx/CVE-2024-39839.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39839",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2024-08-01T15:15:12.993",
"lastModified": "2024-08-01T16:45:25.400",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-04T17:34:06.817",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -51,10 +81,51 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.5.0",
"versionEndExcluding": "9.5.7",
"matchCriteriaId": "CBEB8F40-C2DE-4E6F-8772-1BBCA44795A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.7.0",
"versionEndExcluding": "9.7.6",
"matchCriteriaId": "B5C9F963-57DF-41E2-AA46-242317D93786"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.8.0",
"versionEndExcluding": "9.8.2",
"matchCriteriaId": "6B4559B7-83E7-41B2-96A8-51F467CCD882"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:9.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE71910-C7C4-4F33-BFD4-40D2EAA56DB1"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

81
CVE-2024/CVE-2024-411xx/CVE-2024-41144.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41144",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2024-08-01T15:15:13.427",
"lastModified": "2024-08-01T16:45:25.400",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-04T17:25:48.123",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -51,10 +81,51 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.5.0",
"versionEndExcluding": "9.5.7",
"matchCriteriaId": "CBEB8F40-C2DE-4E6F-8772-1BBCA44795A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.7.0",
"versionEndExcluding": "9.7.6",
"matchCriteriaId": "B5C9F963-57DF-41E2-AA46-242317D93786"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.8.0",
"versionEndExcluding": "9.8.2",
"matchCriteriaId": "6B4559B7-83E7-41B2-96A8-51F467CCD882"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:9.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE71910-C7C4-4F33-BFD4-40D2EAA56DB1"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-411xx/CVE-2024-41157.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41157",
"sourceIdentifier": "scy@openharmony.io",
"published": "2024-09-02T05:15:16.740",
"lastModified": "2024-09-03T12:59:02.453",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-04T16:30:40.737",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "scy@openharmony.io",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "scy@openharmony.io",
"type": "Secondary",
@ -51,10 +81,32 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md",
"source": "scy@openharmony.io"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openatom:openharmony:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndIncluding": "4.1",
"matchCriteriaId": "DB1039E0-0E86-40F4-96FB-52DC3384E36C"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md",
"source": "scy@openharmony.io",
"tags": [
"Vendor Advisory"
]
}
]
}

81
CVE-2024/CVE-2024-411xx/CVE-2024-41162.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41162",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2024-08-01T15:15:13.627",
"lastModified": "2024-08-01T16:45:25.400",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-04T17:03:53.010",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -51,10 +81,51 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.5.0",
"versionEndExcluding": "9.5.7",
"matchCriteriaId": "CBEB8F40-C2DE-4E6F-8772-1BBCA44795A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.7.0",
"versionEndExcluding": "9.7.6",
"matchCriteriaId": "B5C9F963-57DF-41E2-AA46-242317D93786"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.8.0",
"versionEndExcluding": "9.8.2",
"matchCriteriaId": "6B4559B7-83E7-41B2-96A8-51F467CCD882"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:9.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE71910-C7C4-4F33-BFD4-40D2EAA56DB1"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-413xx/CVE-2024-41346.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41346",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T20:15:08.483",
"lastModified": "2024-08-30T14:35:04.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:05:09.933",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/jpatokal/openflights/issues/1479",
"source": "cve@mitre.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jpatokal:openflights:2024-08-20:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD7A74D-22DA-4AB3-A155-268E6FE10A96"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jpatokal/openflights/issues/1479",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

61
CVE-2024/CVE-2024-413xx/CVE-2024-41347.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41347",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T20:15:08.573",
"lastModified": "2024-08-30T14:35:05.457",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:05:47.790",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/jpatokal/openflights/issues/1477",
"source": "cve@mitre.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jpatokal:openflights:2024-08-20:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD7A74D-22DA-4AB3-A155-268E6FE10A96"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jpatokal/openflights/issues/1477",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

61
CVE-2024/CVE-2024-413xx/CVE-2024-41348.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41348",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T20:15:08.667",
"lastModified": "2024-08-30T14:35:06.393",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:06:11.430",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/jpatokal/openflights/issues/1478",
"source": "cve@mitre.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jpatokal:openflights:2024-08-20:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD7A74D-22DA-4AB3-A155-268E6FE10A96"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jpatokal/openflights/issues/1478",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

68
CVE-2024/CVE-2024-413xx/CVE-2024-41349.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41349",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T21:15:10.433",
"lastModified": "2024-08-30T13:00:05.390",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:08:39.143",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,67 @@
"value": "unmark 1.9.2 es vulnerable a Cross Site Scripting (XSS) a trav\u00e9s de application/views/marks/add_by_url.php."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/cdevroe/unmark/issues/290",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cdevroe:unmark:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "04DDDEEB-EC3D-4E0A-9DD9-C0B078E5B5C5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cdevroe/unmark/issues/290",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

69
CVE-2024/CVE-2024-413xx/CVE-2024-41350.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41350",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T20:15:08.750",
"lastModified": "2024-08-30T13:00:05.390",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:07:09.663",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
@ -24,6 +24,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,6 +67,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -58,14 +88,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/baijunyao/thinkphp-bjyadmin",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://github.com/xjzzzxx/vulFound/blob/main/bjyadmin/xss2.md",
"source": "cve@mitre.org"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:baijunyao:bjyadmin:2017-09-07:*:*:*:*:*:*:*",
"matchCriteriaId": "77143F3C-2074-42DE-83B7-04B3E7A7A9D3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/baijunyao/thinkphp-bjyadmin",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/xjzzzxx/vulFound/blob/main/bjyadmin/xss2.md",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

69
CVE-2024/CVE-2024-413xx/CVE-2024-41351.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41351",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T20:15:08.810",
"lastModified": "2024-08-30T13:00:05.390",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:07:21.413",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
@ -24,6 +24,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,6 +67,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -58,14 +88,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/baijunyao/thinkphp-bjyadmin",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://github.com/xjzzzxx/vulFound/blob/main/bjyadmin/xss1.md",
"source": "cve@mitre.org"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:baijunyao:bjyadmin:2017-09-07:*:*:*:*:*:*:*",
"matchCriteriaId": "77143F3C-2074-42DE-83B7-04B3E7A7A9D3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/baijunyao/thinkphp-bjyadmin",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/xjzzzxx/vulFound/blob/main/bjyadmin/xss1.md",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

68
CVE-2024/CVE-2024-413xx/CVE-2024-41358.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41358",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T20:15:08.873",
"lastModified": "2024-08-30T13:00:05.390",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:07:37.597",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,67 @@
"value": "phpipam 1.6 es vulnerable a Cross Site Scripting (XSS) a trav\u00e9s de app\\admin\\import-export\\import-load-data.php."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/phpipam/phpipam/issues/4148",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpipam:phpipam:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "76AB84E7-3B77-4A35-B047-7DE3D2D77950"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/phpipam/phpipam/issues/4148",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

61
CVE-2024/CVE-2024-413xx/CVE-2024-41361.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41361",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T20:15:08.953",
"lastModified": "2024-08-30T15:35:04.133",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:28:46.823",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2398",
"source": "cve@mitre.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sourcefabric:phoniebox:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D8F3672-D6B8-4655-908F-417A730F8081"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2398",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

61
CVE-2024/CVE-2024-413xx/CVE-2024-41364.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41364",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T20:15:09.033",
"lastModified": "2024-08-30T15:35:05.150",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:29:16.163",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2400",
"source": "cve@mitre.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sourcefabric:phoniebox:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D8F3672-D6B8-4655-908F-417A730F8081"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2400",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

61
CVE-2024/CVE-2024-413xx/CVE-2024-41366.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41366",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T20:15:09.113",
"lastModified": "2024-08-30T15:35:06.153",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:29:10.513",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2399",
"source": "cve@mitre.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sourcefabric:phoniebox:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D8F3672-D6B8-4655-908F-417A730F8081"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2399",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

61
CVE-2024/CVE-2024-413xx/CVE-2024-41367.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41367",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T20:15:09.193",
"lastModified": "2024-08-30T15:35:07.170",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:29:03.610",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2397",
"source": "cve@mitre.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sourcefabric:phoniebox:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D8F3672-D6B8-4655-908F-417A730F8081"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2397",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

61
CVE-2024/CVE-2024-413xx/CVE-2024-41368.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41368",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T20:15:09.277",
"lastModified": "2024-08-30T15:35:08.497",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:28:56.343",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2396",
"source": "cve@mitre.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sourcefabric:phoniebox:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D8F3672-D6B8-4655-908F-417A730F8081"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2396",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

62
CVE-2024/CVE-2024-413xx/CVE-2024-41369.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41369",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T20:15:09.350",
"lastModified": "2024-08-30T15:35:09.570",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-04T16:25:49.537",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,32 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2401",
"source": "cve@mitre.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sourcefabric:phoniebox:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D8F3672-D6B8-4655-908F-417A730F8081"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/2401",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-413xx/CVE-2024-41370.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41370",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T20:15:09.433",
"lastModified": "2024-08-30T14:35:07.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:08:08.497",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
@ -24,6 +24,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,6 +67,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -58,14 +88,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/causefx/Organizr",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://github.com/causefx/Organizr/issues/1998",
"source": "cve@mitre.org"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:organizr:organizr:1.90:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3D3C6A-EA37-41D2-8289-A9EAFCF3CA7F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/causefx/Organizr",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/causefx/Organizr/issues/1998",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

70
CVE-2024/CVE-2024-413xx/CVE-2024-41371.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41371",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T20:15:09.493",
"lastModified": "2024-08-30T15:35:10.803",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:08:15.693",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
@ -24,6 +24,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,6 +67,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -58,14 +88,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/causefx/Organizr",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://github.com/causefx/Organizr/issues/1997",
"source": "cve@mitre.org"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:organizr:organizr:1.90:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3D3C6A-EA37-41D2-8289-A9EAFCF3CA7F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/causefx/Organizr",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/causefx/Organizr/issues/1997",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

70
CVE-2024/CVE-2024-413xx/CVE-2024-41372.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41372",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T20:15:09.553",
"lastModified": "2024-08-30T14:35:08.307",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:08:28.387",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
@ -24,6 +24,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,6 +67,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -58,14 +88,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/causefx/Organizr",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://github.com/causefx/Organizr/issues/1999",
"source": "cve@mitre.org"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:organizr:organizr:1.90:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3D3C6A-EA37-41D2-8289-A9EAFCF3CA7F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/causefx/Organizr",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/causefx/Organizr/issues/1999",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

67
CVE-2024/CVE-2024-419xx/CVE-2024-41926.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41926",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2024-08-01T15:15:13.900",
"lastModified": "2024-08-01T16:45:25.400",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-04T16:55:35.570",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-346"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -51,10 +81,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.5.0",
"versionEndExcluding": "9.5.7",
"matchCriteriaId": "CBEB8F40-C2DE-4E6F-8772-1BBCA44795A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:9.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE71910-C7C4-4F33-BFD4-40D2EAA56DB1"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-434xx/CVE-2024-43402.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-43402",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-04T16:15:06.640",
"lastModified": "2024-09-04T16:15:06.640",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rust is a programming language. The fix for CVE-2024-24576, where `std::process::Command` incorrectly escaped arguments when invoking batch files on Windows, was incomplete. Prior to Rust version 1.81.0, it was possible to bypass the fix when the batch file name had trailing whitespace or periods (which are ignored and stripped by Windows). To determine whether to apply the `cmd.exe` escaping rules, the original fix for the vulnerability checked whether the command name ended with `.bat` or `.cmd`. At the time that seemed enough, as we refuse to invoke batch scripts with no file extension. Windows removes trailing whitespace and periods when parsing file paths. For example, `.bat. .` is interpreted by Windows as `.bat`, but the original fix didn't check for that. Affected users who are using Rust 1.77.2 or greater can remove the trailing whitespace (ASCII 0x20) and trailing periods (ASCII 0x2E) from the batch file name to bypass the incomplete fix and enable the mitigations. Users are affected if their code or one of their dependencies invoke a batch script on Windows with trailing whitespace or trailing periods in the name, and pass untrusted arguments to it. Rust 1.81.0 will update the standard library to apply the CVE-2024-24576 mitigations to all batch files invocations, regardless of the trailing chars in the file name."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.4,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
},
{
"lang": "en",
"value": "CWE-88"
}
]
}
],
"references": [
{
"url": "https://blog.rust-lang.org/2024/04/09/cve-2024-24576.html",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/rust-lang/rust/security/advisories/GHSA-2xg3-7mm6-98jj",
"source": "security-advisories@github.com"
},
{
"url": "https://learn.microsoft.com/en-us/troubleshoot/windows-client/shell-experience/file-folder-name-whitespace-characters",
"source": "security-advisories@github.com"
}
]
}

60
CVE-2024/CVE-2024-434xx/CVE-2024-43405.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-43405",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-04T16:15:06.853",
"lastModified": "2024-09-04T16:15:06.853",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Nuclei is a vulnerability scanner powered by YAML based templates. Starting in version 3.0.0 and prior to version 3.3.2, a vulnerability in Nuclei's template signature verification system could allow an attacker to bypass the signature check and possibly execute malicious code via custom code template. The vulnerability is present in the template signature verification process, specifically in the `signer` package. The vulnerability stems from a discrepancy between how the signature verification process and the YAML parser handle newline characters, combined with the way multiple signatures are processed. This allows an attacker to inject malicious content into a template while maintaining a valid signature for the benign part of the template. CLI users are affected if they execute custom code templates from unverified sources. This includes templates authored by third parties or obtained from unverified repositories. SDK Users are affected if they are developers integrating Nuclei into their platforms, particularly if they permit the execution of custom code templates by end-users. The vulnerability is addressed in Nuclei v3.3.2. Users are strongly recommended to update to this version to mitigate the security risk. As an interim measure, users should refrain from using custom templates if unable to upgrade immediately. Only trusted, verified templates should be executed. Those who are unable to upgrade Nuclei should disable running custom code templates as a workaround."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://github.com/projectdiscovery/nuclei/commit/0da993afe6d41b4b1b814e8fad23a2acba13c60a",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-7h5p-mmpp-hgmm",
"source": "security-advisories@github.com"
}
]
}

51
CVE-2024/CVE-2024-439xx/CVE-2024-43965.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43965",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-29T16:15:09.947",
"lastModified": "2024-08-30T13:00:05.390",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:02:57.427",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/wp-sendgrid-mailer/wordpress-sendgrid-for-wordpress-plugin-1-4-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:smackcoders:sendgrid:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4",
"matchCriteriaId": "B149E172-43A6-4C68-97C2-298C1E978E75"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-sendgrid-mailer/wordpress-sendgrid-for-wordpress-plugin-1-4-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-443xx/CVE-2024-44383.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44383",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-04T13:15:06.753",
"lastModified": "2024-09-04T14:35:11.040",
"vulnStatus": "Received",
"lastModified": "2024-09-04T16:09:24.827",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-444xx/CVE-2024-44400.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44400",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-04T13:15:06.867",
"lastModified": "2024-09-04T14:35:11.890",
"vulnStatus": "Received",
"lastModified": "2024-09-04T16:09:24.827",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

67
CVE-2024/CVE-2024-446xx/CVE-2024-44682.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44682",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-30T22:15:06.703",
"lastModified": "2024-09-03T12:59:02.453",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:38:36.817",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,66 @@
"value": "ShopXO 6.2 es vulnerable a Cross Site Scripting (XSS) en el backend que permite a los atacantes ejecutar c\u00f3digo cambiando los par\u00e1metros POST."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/147536951/Qianyi/blob/main/xss.md",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopxo:shopxo:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E88EF47-59BE-41E7-BD09-1D193677E509"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/147536951/Qianyi/blob/main/xss.md",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

67
CVE-2024/CVE-2024-446xx/CVE-2024-44683.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44683",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-30T22:15:06.793",
"lastModified": "2024-09-03T12:59:02.453",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:41:01.467",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,66 @@
"value": "Seacms v13 es vulnerable a Cross Site Scripting (XSS) a trav\u00e9s de admin-video.php."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/147536951/Qianyi/blob/main/Seacms.md",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:seacms:seacms:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E86E61D7-442D-43D0-845F-B7858A4F2B4E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/147536951/Qianyi/blob/main/Seacms.md",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

67
CVE-2024/CVE-2024-446xx/CVE-2024-44684.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44684",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-30T22:15:06.877",
"lastModified": "2024-09-03T12:59:02.453",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:42:01.137",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,66 @@
"value": "TpMeCMS 1.3.3.2 es vulnerable a Cross Site Scripting (XSS) en /h.php/page?ref=addtabs a trav\u00e9s de los campos \"T\u00edtulo\", \"Im\u00e1genes\" y \"Contenido\"."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/147536951/Qianyi/blob/main/Tp_xss.md",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tpmecms:tpmecms:1.3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B1EBED13-BA86-4678-9C16-65BDAFCD6B42"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/147536951/Qianyi/blob/main/Tp_xss.md",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

25
CVE-2024/CVE-2024-448xx/CVE-2024-44808.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-44808",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-04T16:15:07.050",
"lastModified": "2024-09-04T16:15:07.050",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in Vypor Attack API System v.1.0 allows a remote attacker to execute arbitrary code via the user GET parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Vypor/Vypors-Attack-API-System",
"source": "cve@mitre.org"
},
{
"url": "https://jacobmasse.medium.com/cve-2024-44808-remote-command-execution-in-vypor-ddos-attack-api-1ed073725595",
"source": "cve@mitre.org"
}
]
}

56
CVE-2024/CVE-2024-448xx/CVE-2024-44817.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-44817",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-04T16:15:07.143",
"lastModified": "2024-09-04T17:35:06.313",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sensitive information via the id parameter in the adv2.php component."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/gkdgkd123/codeAudit/blob/main/CVE-2024-44817%20ZZCMS2023SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.md",
"source": "cve@mitre.org"
}
]
}

56
CVE-2024/CVE-2024-448xx/CVE-2024-44818.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-44818",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-04T16:15:07.237",
"lastModified": "2024-09-04T16:35:09.593",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sensitive information via the HTTP_Referer header of the caina.php component."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/gkdgkd123/codeAudit/blob/main/CVE-2024-44818%20ZZCMS2023%E5%8F%8D%E5%B0%84%E5%9E%8BXSS3.md",
"source": "cve@mitre.org"
}
]
}

4
CVE-2024/CVE-2024-448xx/CVE-2024-44819.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44819",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-04T15:15:13.910",
"lastModified": "2024-09-04T15:15:13.910",
"vulnStatus": "Received",
"lastModified": "2024-09-04T16:09:24.827",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-448xx/CVE-2024-44820.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44820",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-04T15:15:13.997",
"lastModified": "2024-09-04T15:15:13.997",
"vulnStatus": "Received",
"lastModified": "2024-09-04T16:09:24.827",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

56
CVE-2024/CVE-2024-448xx/CVE-2024-44821.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-44821",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-04T16:15:07.320",
"lastModified": "2024-09-04T17:35:07.360",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The checkyzm function does not properly refresh the captcha value after a failed validation attempt. As a result, an attacker can exploit this flaw by repeatedly submitting the same incorrect captcha response, allowing them to capture the correct captcha value through error messages."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://github.com/gkdgkd123/codeAudit/blob/main/CVE-2024-44821%20ZZCMS2023%20%E9%AA%8C%E8%AF%81%E7%A0%81%E5%A4%8D%E7%94%A8%E9%80%BB%E8%BE%91%E6%BC%8F%E6%B4%9E.md",
"source": "cve@mitre.org"
}
]
}

56
CVE-2024/CVE-2024-448xx/CVE-2024-44859.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-44859",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-04T16:15:07.400",
"lastModified": "2024-09-04T16:35:10.447",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Tenda FH1201 v1.2.0.14 has a stack buffer overflow vulnerability in `formWrlExtraGet`."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://github.com/Ha0-Y/IoT/blob/main/tenda-F1201/WrlExtraGet.md",
"source": "cve@mitre.org"
}
]
}

88
CVE-2024/CVE-2024-450xx/CVE-2024-45046.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45046",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-28T21:15:06.603",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T17:32:51.960",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,18 +81,54 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/PHPOffice/PhpSpreadsheet/commit/f7cf378faed2e11cf4825bf8bafea4922ae44667",
"source": "security-advisories@github.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpoffice:phpspreadsheet:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.29.1",
"matchCriteriaId": "520A70B7-2C60-4064-B452-538ED7A8D30E"
},
{
"url": "https://github.com/PHPOffice/PhpSpreadsheet/pull/3957",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-wgmf-q9vr-vww6",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:phpoffice:phpspreadsheet:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.1.0",
"matchCriteriaId": "373AEDCC-F178-41C9-8756-573EB2FCF247"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/PHPOffice/PhpSpreadsheet/commit/f7cf378faed2e11cf4825bf8bafea4922ae44667",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/PHPOffice/PhpSpreadsheet/pull/3957",
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-wgmf-q9vr-vww6",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2024/CVE-2024-450xx/CVE-2024-45048.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45048",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-28T21:15:06.817",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T17:27:31.517",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,14 +81,46 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/PHPOffice/PhpSpreadsheet/commit/bea2d4b30f24bcc8a7712e208d1359e603b45dda",
"source": "security-advisories@github.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpoffice:phpspreadsheet:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.29.1",
"matchCriteriaId": "520A70B7-2C60-4064-B452-538ED7A8D30E"
},
{
"url": "https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-ghg6-32f9-2jp7",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:phpoffice:phpspreadsheet:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.2.1",
"matchCriteriaId": "3D7E4C35-4E3A-42DB-884B-73F028D4A6D6"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/PHPOffice/PhpSpreadsheet/commit/bea2d4b30f24bcc8a7712e208d1359e603b45dda",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-ghg6-32f9-2jp7",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-450xx/CVE-2024-45050.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-45050",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-04T16:15:07.480",
"lastModified": "2024-09-04T16:15:07.480",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Ringer server is the server code for the Ringer messaging app. Prior to version 1.3.1, there is an issue with the messages loading route where Ringer Server does not check to ensure that the user loading the conversation is actually a member of that conversation. This allows any user with a Lif Account to load any conversation between two users without permission. This issue had been patched in version 1.3.1. There is no action required for users. Lif Platforms will update their servers with the patch."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://github.com/Lif-Platforms/New-Ringer-Server/commit/ae795ff47b2ac2656ac6a099a0e7954ca7d9ba53",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Lif-Platforms/New-Ringer-Server/security/advisories/GHSA-cpc7-79cg-qv65",
"source": "security-advisories@github.com"
}
]
}

60
CVE-2024/CVE-2024-450xx/CVE-2024-45052.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-45052",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-04T16:15:07.697",
"lastModified": "2024-09-04T16:15:07.697",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Fides is an open-source privacy engineering platform. Prior to version 2.44.0, a timing-based username enumeration vulnerability exists in Fides Webserver authentication. This vulnerability allows an unauthenticated attacker to determine the existence of valid usernames by analyzing the time it takes for the server to respond to login requests. The discrepancy in response times between valid and invalid usernames can be leveraged to enumerate users on the system. This vulnerability enables a timing-based username enumeration attack. An attacker can systematically guess and verify which usernames are valid by measuring the server's response time to authentication requests. This information can be used to conduct further attacks on authentication such as password brute-forcing and credential stuffing. The vulnerability has been patched in Fides version `2.44.0`. Users are advised to upgrade to this version or later to secure their systems against this threat. There are no workarounds."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-208"
}
]
}
],
"references": [
{
"url": "https://github.com/ethyca/fides/commit/457b0e9df9f0d337133d6078bca6ed88bbc745f4",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/ethyca/fides/security/advisories/GHSA-2h46-8gf5-fmxv",
"source": "security-advisories@github.com"
}
]
}

60
CVE-2024/CVE-2024-450xx/CVE-2024-45053.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-45053",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-04T16:15:07.910",
"lastModified": "2024-09-04T16:15:07.910",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Fides is an open-source privacy engineering platform. Starting in version 2.19.0 and prior to version 2.44.0, the Email Templating feature uses Jinja2 without proper input sanitization or rendering environment restrictions, allowing for Server-Side Template Injection that grants Remote Code Execution to privileged users. A privileged user refers to an Admin UI user with the default `Owner` or `Contributor` role, who can escalate their access and execute code on the underlying Fides Webserver container where the Jinja template rendering function is executed. The vulnerability has been patched in Fides version `2.44.0`. Users are advised to upgrade to this version or later to secure their systems against this threat. There are no workarounds."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1336"
}
]
}
],
"references": [
{
"url": "https://github.com/ethyca/fides/commit/829cbd9cb5ef9c814fbac1ed6800e8d939d359c5",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/ethyca/fides/security/advisories/GHSA-c34r-238x-f7qx",
"source": "security-advisories@github.com"
}
]
}

56
CVE-2024/CVE-2024-450xx/CVE-2024-45074.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45074",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-09-04T16:15:08.110",
"lastModified": "2024-09-04T16:15:08.110",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM webMethods Integration 10.15 could allow an authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7167245",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-450xx/CVE-2024-45075.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45075",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-09-04T16:15:08.357",
"lastModified": "2024-09-04T16:15:08.357",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM webMethods Integration 10.15 could allow an authenticated user to create scheduler tasks that would allow them to escalate their privileges to administrator due to missing authentication."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-308"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7167245",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-450xx/CVE-2024-45076.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45076",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-09-04T16:15:08.600",
"lastModified": "2024-09-04T16:15:08.600",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute arbitrary files which could be executed on the underlying operating system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7167245",
"source": "psirt@us.ibm.com"
}
]
}

25
CVE-2024/CVE-2024-451xx/CVE-2024-45170.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-45170",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-04T17:15:14.600",
"lastModified": "2024-09-04T17:15:14.600",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper or missing access control, low privileged users can use administrative functions of the C-MOR web interface. It was found out that different functions are only available to administrative users. However, access those functions is restricted via the web application user interface and not checked on the server side. Thus, by sending corresponding HTTP requests to the web server of the C-MOR web interface, low privileged users can also use administrative functionality, for instance downloading backup files or changing configuration settings."
}
],
"metrics": {},
"references": [
{
"url": "https://www-syss-de.translate.goog/pentest-blog/mehrere-sicherheitsschwachstellen-in-videoueberwachungssoftware-c-mor-syss-2024-020-bis-030?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp",
"source": "cve@mitre.org"
},
{
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-024.txt",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-451xx/CVE-2024-45174.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-45174",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-04T17:15:14.680",
"lastModified": "2024-09-04T17:15:14.680",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to improper validation of user-supplied data, different functionalities of the C-MOR web interface are vulnerable to SQL injection attacks. This kind of attack allows an authenticated user to execute arbitrary SQL commands in the context of the corresponding MySQL database."
}
],
"metrics": {},
"references": [
{
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-023.txt",
"source": "cve@mitre.org"
},
{
"url": "https://www.syss.de/pentest-blog/mehrere-sicherheitsschwachstellen-in-videoueberwachungssoftware-c-mor-syss-2024-020-bis-030",
"source": "cve@mitre.org"
}
]
}

60
CVE-2024/CVE-2024-453xx/CVE-2024-45314.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-45314",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-04T16:15:08.833",
"lastModified": "2024-09-04T16:15:08.833",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Flask-AppBuilder is an application development framework. Prior to version 4.5.1, the auth DB login form default cache directives allows browser to locally store sensitive data. This can be an issue on environments using shared computer resources. Version 4.5.1 contains a patch for this issue. If upgrading is not possible, configure one's web server to send the specific HTTP headers for `/login` per the directions provided in the GitHub Security Advisory."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-525"
}
]
}
],
"references": [
{
"url": "https://github.com/dpgaspar/Flask-AppBuilder/commit/3030e881d2e44f4021764e18e489fe940a9b3636",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-fw5r-6m3x-rh7p",
"source": "security-advisories@github.com"
}
]
}

29
CVE-2024/CVE-2024-455xx/CVE-2024-45506.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45506",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-04T15:15:14.080",
"lastModified": "2024-09-04T15:15:14.080",
"vulnStatus": "Received",
"lastModified": "2024-09-04T16:35:11.333",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,30 @@
"value": "HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "http://git.haproxy.org/?p=haproxy-3.0.git%3Ba=commitdiff%3Bh=c725db17e8416ffb3c1537aea756356228ce5e3c",

27
CVE-2024/CVE-2024-455xx/CVE-2024-45507.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-45507",
"sourceIdentifier": "security@apache.org",
"published": "2024-09-04T09:15:04.520",
"lastModified": "2024-09-04T13:05:36.067",
"lastModified": "2024-09-04T16:35:11.547",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Vulnerabilidad de Server-Side Request Forgery (SSRF) y control inadecuado de la generaci\u00f3n de c\u00f3digo ('inyecci\u00f3n de c\u00f3digo') en Apache OFBiz. Este problema afecta a Apache OFBiz: anterior a la versi\u00f3n 18.12.16. Se recomienda a los usuarios que actualicen a la versi\u00f3n 18.12.16, que soluciona el problema."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@apache.org",

81
CVE-2024/CVE-2024-455xx/CVE-2024-45508.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45508",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-01T22:15:13.987",
"lastModified": "2024-09-03T15:35:11.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:44:08.247",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,18 +81,47 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/michaelrsweet/htmldoc/blob/2d5b2ab9ddbf2aee2209010cebc11efdd1cab6e2/CHANGES.md",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://github.com/michaelrsweet/htmldoc/commit/2d5b2ab9ddbf2aee2209010cebc11efdd1cab6e2",
"source": "cve@mitre.org"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://github.com/michaelrsweet/htmldoc/issues/528",
"source": "cve@mitre.org"
"vulnerable": true,
"criteria": "cpe:2.3:a:htmldoc_project:htmldoc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.9.19",
"matchCriteriaId": "41C36E7A-1413-44D0-B604-E7BD5C6CD652"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/michaelrsweet/htmldoc/blob/2d5b2ab9ddbf2aee2209010cebc11efdd1cab6e2/CHANGES.md",
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/michaelrsweet/htmldoc/commit/2d5b2ab9ddbf2aee2209010cebc11efdd1cab6e2",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/michaelrsweet/htmldoc/issues/528",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

61
CVE-2024/CVE-2024-455xx/CVE-2024-45509.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45509",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-01T22:15:14.053",
"lastModified": "2024-09-03T15:35:12.080",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T16:45:08.597",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/MISP/MISP/commit/3f3b9a574f349182a545636e12efa39267e9db04",
"source": "cve@mitre.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:misp:misp:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.4.197",
"matchCriteriaId": "FBDAEC0F-1178-4AAA-8231-CE88BC459195"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/MISP/MISP/commit/3f3b9a574f349182a545636e12efa39267e9db04",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

26
CVE-2024/CVE-2024-70xx/CVE-2024-7012.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7012",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-09-04T14:15:14.570",
"lastModified": "2024-09-04T15:15:14.237",
"vulnStatus": "Received",
"lastModified": "2024-09-04T17:15:14.793",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -18,19 +18,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
@ -48,6 +48,18 @@
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:6335",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:6336",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:6337",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-7012",
"source": "secalert@redhat.com"

4
CVE-2024/CVE-2024-70xx/CVE-2024-7076.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7076",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-09-04T15:15:14.333",
"lastModified": "2024-09-04T15:15:14.333",
"vulnStatus": "Received",
"lastModified": "2024-09-04T16:09:24.827",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-70xx/CVE-2024-7077.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7077",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-09-04T15:15:14.447",
"lastModified": "2024-09-04T15:15:14.447",
"vulnStatus": "Received",
"lastModified": "2024-09-04T16:09:24.827",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-70xx/CVE-2024-7078.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7078",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-09-04T15:15:14.583",
"lastModified": "2024-09-04T15:15:14.583",
"vulnStatus": "Received",
"lastModified": "2024-09-04T16:09:24.827",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

70
CVE-2024/CVE-2024-77xx/CVE-2024-7744.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7744",
"sourceIdentifier": "security@progress.com",
"published": "2024-08-28T17:15:11.380",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T17:57:51.657",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security@progress.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "security@progress.com",
"type": "Secondary",
@ -55,14 +85,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://community.progress.com/s/article/WS-FTP-Server-Service-Pack-August-2024",
"source": "security@progress.com"
},
"nodes": [
{
"url": "https://www.progress.com/ftp-server",
"source": "security@progress.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:progress:ws_ftp_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.8.8",
"matchCriteriaId": "4C8672E4-5F87-4A71-93F9-914643F56F4F"
}
]
}
]
}
],
"references": [
{
"url": "https://community.progress.com/s/article/WS-FTP-Server-Service-Pack-August-2024",
"source": "security@progress.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.progress.com/ftp-server",
"source": "security@progress.com",
"tags": [
"Product"
]
}
]
}

70
CVE-2024/CVE-2024-77xx/CVE-2024-7745.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7745",
"sourceIdentifier": "security@progress.com",
"published": "2024-08-28T17:15:11.593",
"lastModified": "2024-08-29T13:25:27.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T17:57:57.637",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "security@progress.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "security@progress.com",
"type": "Secondary",
@ -55,14 +85,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://community.progress.com/s/article/WS-FTP-Server-Service-Pack-August-2024",
"source": "security@progress.com"
},
"nodes": [
{
"url": "https://www.progress.com/ftp-server",
"source": "security@progress.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:progress:ws_ftp_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.8.8",
"matchCriteriaId": "4C8672E4-5F87-4A71-93F9-914643F56F4F"
}
]
}
]
}
],
"references": [
{
"url": "https://community.progress.com/s/article/WS-FTP-Server-Service-Pack-August-2024",
"source": "security@progress.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.progress.com/ftp-server",
"source": "security@progress.com",
"tags": [
"Product"
]
}
]
}

4
CVE-2024/CVE-2024-78xx/CVE-2024-7834.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7834",
"sourceIdentifier": "a341c0d1-ebf7-493f-a84e-38cf86618674",
"published": "2024-09-04T13:15:07.030",
"lastModified": "2024-09-04T13:15:07.030",
"vulnStatus": "Received",
"lastModified": "2024-09-04T16:09:24.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

105
CVE-2024/CVE-2024-78xx/CVE-2024-7871.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7871",
"sourceIdentifier": "ART@zuso.ai",
"published": "2024-09-02T05:15:17.733",
"lastModified": "2024-09-03T12:59:02.453",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T17:34:14.630",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,48 @@
],
"metrics": {
"cvssMetricV40": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH"
}
},
{
"source": "ART@zuso.ai",
"type": "Secondary",
@ -59,9 +101,41 @@
"baseSeverity": "HIGH"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "ART@zuso.ai",
"type": "Secondary",
@ -73,10 +147,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://zuso.ai/advisory/za-2024-04",
"source": "ART@zuso.ai"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:easytest_online_test_platform_project:easytest_online_test_platform:*:*:*:*:*:*:*:*",
"versionEndIncluding": "24e01",
"matchCriteriaId": "E4B841F6-05C7-4662-AFD1-E94DB4B03887"
}
]
}
]
}
],
"references": [
{
"url": "https://zuso.ai/advisory/za-2024-04",
"source": "ART@zuso.ai",
"tags": [
"Third Party Advisory"
]
}
]
}

16
CVE-2024/CVE-2024-79xx/CVE-2024-7923.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7923",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-09-04T14:15:14.800",
"lastModified": "2024-09-04T15:15:14.710",
"vulnStatus": "Received",
"lastModified": "2024-09-04T17:15:14.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -48,6 +48,18 @@
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:6335",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:6336",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:6337",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-7923",
"source": "secalert@redhat.com"

40
CVE-2024/CVE-2024-83xx/CVE-2024-8327.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8327",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-08-30T03:15:04.020",
"lastModified": "2024-08-30T13:00:05.390",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T17:11:23.533",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.twcert.org.tw/en/cp-139-8032-a3d5c-2.html",
"source": "twcert@cert.org.tw"
},
"nodes": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-8028-360e1-1.html",
"source": "twcert@cert.org.tw"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:easy_test_online_learning_and_testing_platform_project:easy_test_online_learning_and_testing_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "24a01",
"matchCriteriaId": "B02D8897-AECC-4041-9100-8054E600F91D"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/en/cp-139-8032-a3d5c-2.html",
"source": "twcert@cert.org.tw",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.twcert.org.tw/tw/cp-132-8028-360e1-1.html",
"source": "twcert@cert.org.tw",
"tags": [
"Vendor Advisory"
]
}
]
}

40
CVE-2024/CVE-2024-83xx/CVE-2024-8328.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8328",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-08-30T03:15:04.247",
"lastModified": "2024-08-30T13:00:05.390",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-04T17:11:19.827",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.twcert.org.tw/en/cp-139-8033-0a98f-2.html",
"source": "twcert@cert.org.tw"
},
"nodes": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-8028-360e1-1.html",
"source": "twcert@cert.org.tw"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:easy_test_online_learning_and_testing_platform_project:easy_test_online_learning_and_testing_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "24a01",
"matchCriteriaId": "B02D8897-AECC-4041-9100-8054E600F91D"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/en/cp-139-8033-0a98f-2.html",
"source": "twcert@cert.org.tw",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.twcert.org.tw/tw/cp-132-8028-360e1-1.html",
"source": "twcert@cert.org.tw",
"tags": [
"Vendor Advisory"
]
}
]
}

Some files were not shown because too many files have changed in this diff Show More