admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-03-18T21:00:38.781523+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-03-18 21:03:27 +00:00
parent 3799833dd9
commit e633913d2b
138 changed files with 1026 additions and 406 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2023/CVE-2023-393xx/CVE-2023-39357.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-39357",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-05T22:15:08.637",
"lastModified": "2023-11-09T05:15:09.590",
"lastModified": "2024-03-18T20:15:07.207",
"vulnStatus": "Modified",
"descriptions": [
{
@ -130,6 +130,10 @@
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/",
"source": "security-advisories@github.com",

6
CVE-2023/CVE-2023-393xx/CVE-2023-39360.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-39360",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-05T21:15:46.800",
"lastModified": "2023-11-03T21:15:14.497",
"lastModified": "2024-03-18T20:15:07.390",
"vulnStatus": "Modified",
"descriptions": [
{
@ -116,6 +116,10 @@
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/",
"source": "security-advisories@github.com",

10
CVE-2023/CVE-2023-393xx/CVE-2023-39361.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-39361",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-05T21:15:46.880",
"lastModified": "2023-11-09T05:15:09.867",
"lastModified": "2024-03-18T20:15:07.513",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "Cacti es un framework de monitorizaci\u00f3n operativa y gesti\u00f3n de fallos de c\u00f3digo abierto. Las versiones afectadas est\u00e1n sujetas a una inyecci\u00f3n SQL descubierta en graph_view.php. Desde que los usuarios invitados pueden acceder a graph_view.php sin autenticaci\u00f3n por defecto, si los usuarios invitados est\u00e1n siendo utilizados en un estado habilitado, podr\u00edan potencialmente producir da\u00f1os importantes. Los atacantes pueden explotar esta vulnerabilidad, y puede haber posibilidades de acciones tales como la usurpaci\u00f3n de privilegios administrativos o la ejecuci\u00f3n remota de c\u00f3digo. Este problema se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen soluciones para esta vulnerabilidad."
}
],
"metrics": {
@ -112,6 +116,10 @@
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/",
"source": "security-advisories@github.com",

6
CVE-2023/CVE-2023-393xx/CVE-2023-39362.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-39362",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-05T22:15:08.817",
"lastModified": "2023-11-09T05:15:09.970",
"lastModified": "2024-03-18T20:15:07.610",
"vulnStatus": "Modified",
"descriptions": [
{
@ -136,6 +136,10 @@
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/",
"source": "security-advisories@github.com",

6
CVE-2023/CVE-2023-393xx/CVE-2023-39364.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-39364",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-05T22:15:08.910",
"lastModified": "2023-11-09T05:15:10.093",
"lastModified": "2024-03-18T20:15:07.727",
"vulnStatus": "Modified",
"descriptions": [
{
@ -116,6 +116,10 @@
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/",
"source": "security-advisories@github.com",

6
CVE-2023/CVE-2023-393xx/CVE-2023-39365.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-39365",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-05T22:15:09.017",
"lastModified": "2023-11-09T05:15:10.213",
"lastModified": "2024-03-18T20:15:07.827",
"vulnStatus": "Modified",
"descriptions": [
{
@ -127,6 +127,10 @@
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/",
"source": "security-advisories@github.com",

10
CVE-2023/CVE-2023-395xx/CVE-2023-39513.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-39513",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-05T21:15:47.213",
"lastModified": "2023-11-09T05:15:10.640",
"lastModified": "2024-03-18T20:15:07.950",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `host.php` is used to monitor and manage hosts in the _cacti_ app, hence displays useful information such as data queries and verbose logs. _CENSUS_ found that an adversary that is able to configure a data-query template with malicious code appended in the template path, in order to deploy a stored XSS attack against any user with the _General Administration>Sites/Devices/Data_ privileges. A user that possesses the _Template Editor>Data Queries_ permissions can configure the data query template path in _cacti_. Please note that such a user may be a low privileged user. This configuration occurs through `http://<HOST>/cacti/data_queries.php` by editing an existing or adding a new data query template. If a template is linked to a device then the formatted template path will be rendered in the device's management page, when a _verbose data query_ is requested. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output."
},
{
"lang": "es",
"value": "Cacti es un framework de monitorizaci\u00f3n operativa y gesti\u00f3n de fallos de c\u00f3digo abierto. Las versiones afectadas est\u00e1n sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar a los datos almacenados en la base de datos de cacti. Estos datos ser\u00e1n visualizados por las cuentas administrativas de cacti y ejecutar\u00e1n c\u00f3digo JavaScript en el navegador de la v\u00edctima en tiempo de visualizaci\u00f3n. El script bajo `host.php` se utiliza para monitorear y administrar hosts en la aplicaci\u00f3n _cacti_, por lo que muestra informaci\u00f3n \u00fatil, como consultas de datos y registros detallados._CENSUS_ descubri\u00f3 que un adversario es capaz de configurar una plantilla de consulta de datos con c\u00f3digo malicioso a\u00f1adido en la ruta de la plantilla, para implementar un ataque XSS almacenado contra cualquier usuario con privilegios de _Administraci\u00f3n general&gt;Sitios/Dispositivos/Datos_. Un usuario que posee los permisos _Editor de plantillas&gt;Consultas de datos_ puede configurar la ruta de la plantilla de consulta de datos en _cacti_.Tenga en cuenta que dicho usuario puede ser un usuario con pocos privilegios. Esta configuraci\u00f3n se produce a trav\u00e9s de `http:///cacti/data_queries.php` editando una plantilla de consulta de datos existente o agregando una nueva. Si una plantilla est\u00e1 vinculada a un dispositivo, la ruta de la plantilla formateada se mostrar\u00e1 en la p\u00e1gina de administraci\u00f3n del dispositivo, cuando se solicite una _consulta de datos detallada_. Esta vulnerabilidad se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben filtrar manualmente la salida HTML."
}
],
"metrics": {
@ -113,6 +117,10 @@
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/",
"source": "security-advisories@github.com",

10
CVE-2023/CVE-2023-395xx/CVE-2023-39515.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-39515",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-05T21:15:47.387",
"lastModified": "2023-11-09T05:15:10.857",
"lastModified": "2024-03-18T20:15:08.063",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti accounts and execute JavaScript code in the victim's browser at view-time. The script under `data_debug.php` displays data source related debugging information such as _data source paths, polling settings, meta-data on the data source_. _CENSUS_ found that an adversary that is able to configure a malicious data-source path, can deploy a stored XSS attack against any user that has privileges related to viewing the `data_debug.php` information. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the data source path in _cacti_. This configuration occurs through `http://<HOST>/cacti/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output."
},
{
"lang": "es",
"value": "Cacti es un framework de monitorizaci\u00f3n operativa y gesti\u00f3n de fallos de c\u00f3digo abierto. Las versiones afectadas est\u00e1n sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar a los datos almacenados en la base de datos de cacti.Estos datos ser\u00e1n visualizados por las cuentas administrativas de cacti y ejecutar\u00e1n c\u00f3digo JavaScript en el navegador de la v\u00edctima en tiempo de visualizaci\u00f3n. El script bajo `data_debug.php`muestra informaci\u00f3n de depuraci\u00f3n relacionada con la fuente de datos, como _rutas de la fuente de datos, configuraciones de sondeo y metadatos en la fuente de datos_._CENSUS_ descubri\u00f3 que un adversario que es capaz de configurar una ruta de fuente de datos maliciosa, puede implementar un ataque XSS almacenado contra cualquier usuario que tenga privilegios relacionados con la visualizaci\u00f3n de la informaci\u00f3n `data_debug.php`.Un usuario que posee los permisos _Administraci\u00f3n general&gt;Sitios/Dispositivos/Datos_ puede configurar la ruta de la fuente de datos en _cacti_. Esta configuraci\u00f3n se produce a trav\u00e9s de `http:///cacti/data_sources.php`. Esta vulnerabilidad se ha solucionado en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben filtrar manualmente la salida HTML."
}
],
"metrics": {
@ -113,6 +117,10 @@
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/",
"source": "security-advisories@github.com",

10
CVE-2023/CVE-2023-395xx/CVE-2023-39516.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-39516",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-05T22:15:09.180",
"lastModified": "2023-11-09T05:15:10.960",
"lastModified": "2024-03-18T20:15:08.180",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `data_sources.php` displays the data source management information (e.g. data source path, polling configuration etc.) for different data visualizations of the _cacti_ app. CENSUS found that an adversary that is able to configure a malicious data-source path, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the 'General Administration>Sites/Devices/Data' permissions can configure the data source path in Cacti. This configuration occurs through `http://<HOST>/cacti/data_sources.php`. The same page can be used for previewing the data source path. This issue has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should manually escape HTML output.\n"
},
{
"lang": "es",
"value": "Cacti es un framework de monitorizaci\u00f3n operativa y gesti\u00f3n de fallos de c\u00f3digo abierto. Las versiones afectadas est\u00e1n sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar a los datos almacenados en la base de datos de cacti. Estos datos ser\u00e1n visualizados por las cuentas administrativas de cacti y ejecutar\u00e1n c\u00f3digo JavaScript en el navegador de la v\u00edctima en tiempo de visualizaci\u00f3n. El script bajo `data_sources.php` muestra la informaci\u00f3n de gesti\u00f3n de la fuente de datos (por ejemplo, ruta de la fuente de datos, configuraci\u00f3n de sondeo etc) para diferentes visualizaciones de datos de la aplicaci\u00f3n _cacti_. CENSUS descubri\u00f3 que un adversario que es capaz de configurar una ruta de fuente de datos maliciosa, puede implementar un ataque XSS almacenado contra cualquier usuario que tenga los mismos (o m\u00e1s amplios) privilegios. Un usuario que posea los permisos 'General Administration&gt;Sites/Devices/Data', puede configurar la ruta de la fuente de datos en Cacti. Esta configuraci\u00f3n ocurre a trav\u00e9s de `http:///cacti/data_sources.php`. La misma p\u00e1gina se puede utilizar para obtener una vista previa de la ruta de la fuente de datos. Este problema se solucion\u00f3 en la versi\u00f3n 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben escapar manualmente de la salida HTML."
}
],
"metrics": {
@ -113,6 +117,10 @@
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/",
"source": "security-advisories@github.com",

63
CVE-2023/CVE-2023-413xx/CVE-2023-41334.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-41334",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-18T19:15:05.897",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the `TranformGraph().to_dot_graph` function. A malicious user can provide a command or a script file as a value to the `savelayout` argument, which will be placed as the first value in a list of arguments passed to `subprocess.Popen`. Although an error will be raised, the command or script will be executed successfully. Version 5.3.3 fixes this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://github.com/astropy/astropy/blob/9b97d98802ee4f5350a62b681c35d8687ee81d91/astropy/coordinates/transformations.py#L539",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/astropy/astropy/commit/22057d37b1313f5f5a9b5783df0a091d978dccb5",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/astropy/astropy/security/advisories/GHSA-h2x6-5jx5-46hf",
"source": "security-advisories@github.com"
}
]
}

6
CVE-2023/CVE-2023-490xx/CVE-2023-49084.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49084",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-21T23:15:09.337",
"lastModified": "2024-02-05T17:15:08.910",
"lastModified": "2024-03-18T20:15:08.333",
"vulnStatus": "Modified",
"descriptions": [
{
@ -99,6 +99,10 @@
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html",
"source": "security-advisories@github.com"
}
]
}

6
CVE-2023/CVE-2023-490xx/CVE-2023-49085.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49085",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-22T17:15:07.990",
"lastModified": "2024-02-05T17:15:09.060",
"lastModified": "2024-03-18T20:15:08.467",
"vulnStatus": "Modified",
"descriptions": [
{
@ -108,6 +108,10 @@
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html",
"source": "security-advisories@github.com"
}
]
}

8
CVE-2023/CVE-2023-490xx/CVE-2023-49086.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49086",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-22T00:15:34.857",
"lastModified": "2023-12-29T19:08:28.630",
"vulnStatus": "Analyzed",
"lastModified": "2024-03-18T20:15:08.567",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -95,6 +95,10 @@
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html",
"source": "security-advisories@github.com"
}
]
}

8
CVE-2023/CVE-2023-490xx/CVE-2023-49088.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49088",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-22T17:15:08.247",
"lastModified": "2023-12-29T18:33:29.023",
"vulnStatus": "Analyzed",
"lastModified": "2024-03-18T20:15:08.690",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -122,6 +122,10 @@
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html",
"source": "security-advisories@github.com"
}
]
}

20
CVE-2023/CVE-2023-68xx/CVE-2023-6821.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-6821",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-18T19:15:06.097",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Error Log Viewer by BestWebSoft WordPress plugin before 1.1.3 contains a vulnerability that allows you to read and download PHP logs without authorization"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/6b1a998d-c97c-4305-b12a-69e29408ebd9/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2023/CVE-2023-70xx/CVE-2023-7085.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-7085",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-18T19:15:06.160",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Scalable Vector Graphics (SVG) WordPress plugin through 3.4 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/a2ec1308-75a0-49d0-9288-33c6d9ee4328/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2023/CVE-2023-72xx/CVE-2023-7236.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-7236",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-18T19:15:06.207",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Backup Bolt WordPress plugin through 1.3.0 is vulnerable to Information Exposure via the unprotected access of debug logs. This makes it possible for unauthenticated attackers to retrieve the debug log which may contain information like system errors which could contain sensitive information."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/2a4557e2-b764-4678-a6d6-af39dd1ba76b/",
"source": "contact@wpscan.com"
}
]
}

4
CVE-2023/CVE-2023-72xx/CVE-2023-7250.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7250",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-03-18T13:15:06.910",
"lastModified": "2024-03-18T13:15:06.910",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

20
CVE-2024/CVE-2024-03xx/CVE-2024-0365.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-0365",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-18T19:15:06.253",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Fancy Product Designer WordPress plugin before 6.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by adminstrators."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/4b8b9638-d52a-40bc-b298-ae1c74788c18/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-07xx/CVE-2024-0711.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-0711",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-18T19:15:06.297",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Buttons Shortcode and Widget WordPress plugin through 1.16 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/8e286c04-ef32-4af0-be78-d978999b2a90/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-07xx/CVE-2024-0719.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-0719",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-18T19:15:06.343",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Tabs Shortcode and Widget WordPress plugin through 1.17 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/6e67bf7f-07e6-432b-a8f4-aa69299aecaf/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-07xx/CVE-2024-0779.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-0779",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-18T19:15:06.390",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Enjoy Social Feed plugin for WordPress website WordPress plugin through 6.2.2 does not have authorisation and CSRF in various function hooked to admin_init, allowing unauthenticated users to call them and unlink arbitrary users Instagram Account for example"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/ced134cf-82c5-401b-9476-b6456e1924e2/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-07xx/CVE-2024-0780.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-0780",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-18T19:15:06.437",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Enjoy Social Feed plugin for WordPress website WordPress plugin through 6.2.2 does not have authorisation when resetting its database, allowing any authenticated users, such as subscriber to perform such action"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/be3045b1-72e6-450a-8dd2-4702a9328447/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-08xx/CVE-2024-0820.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-0820",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-18T19:15:06.487",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Jobs for WordPress plugin before 2.7.4 does not sanitise and escape some parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/fc091bbd-7338-4bd4-add5-e46502a9a949/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-08xx/CVE-2024-0858.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-0858",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-18T19:15:06.530",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Innovs HR WordPress plugin through 1.0.3.4 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks such as adding them as employees."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/f6627a35-d158-495e-9d56-69405cfca221/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-09xx/CVE-2024-0951.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-0951",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-18T19:15:06.577",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Advanced Social Feeds Widget & Shortcode WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/88b2e479-eb15-4213-9df8-3d353074974e/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-09xx/CVE-2024-0973.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-0973",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-18T19:15:06.620",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Widget for Social Page Feeds WordPress plugin before 6.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/798de421-4814-46a9-a055-ebb95a7218ed/",
"source": "contact@wpscan.com"
}
]
}

4
CVE-2024/CVE-2024-13xx/CVE-2024-1331.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1331",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-18T16:15:07.103",
"lastModified": "2024-03-18T16:15:07.103",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-13xx/CVE-2024-1333.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1333",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-18T16:15:07.170",
"lastModified": "2024-03-18T16:15:07.170",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-16xx/CVE-2024-1658.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1658",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-18T16:15:07.227",
"lastModified": "2024-03-18T16:15:07.227",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-17xx/CVE-2024-1753.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1753",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-03-18T15:15:41.170",
"lastModified": "2024-03-18T17:15:06.223",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-207xx/CVE-2024-20745.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20745",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T15:15:41.380",
"lastModified": "2024-03-18T15:15:41.380",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-207xx/CVE-2024-20746.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20746",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T15:15:41.580",
"lastModified": "2024-03-18T15:15:41.580",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-207xx/CVE-2024-20752.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20752",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T16:15:07.380",
"lastModified": "2024-03-18T16:15:07.380",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-207xx/CVE-2024-20754.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20754",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:07.897",
"lastModified": "2024-03-18T18:15:07.897",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-207xx/CVE-2024-20755.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20755",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T16:15:07.640",
"lastModified": "2024-03-18T16:15:07.640",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-207xx/CVE-2024-20756.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20756",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T16:15:07.933",
"lastModified": "2024-03-18T16:15:07.933",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-207xx/CVE-2024-20757.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20757",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T16:15:08.193",
"lastModified": "2024-03-18T16:15:08.193",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-207xx/CVE-2024-20760.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20760",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:08.197",
"lastModified": "2024-03-18T18:15:08.197",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-207xx/CVE-2024-20761.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20761",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:08.487",
"lastModified": "2024-03-18T18:15:08.487",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-207xx/CVE-2024-20762.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20762",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:08.777",
"lastModified": "2024-03-18T18:15:08.777",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-207xx/CVE-2024-20763.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20763",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:09.017",
"lastModified": "2024-03-18T18:15:09.017",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-207xx/CVE-2024-20764.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20764",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:09.237",
"lastModified": "2024-03-18T18:15:09.237",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-207xx/CVE-2024-20768.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20768",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:09.470",
"lastModified": "2024-03-18T18:15:09.470",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-20xx/CVE-2024-2002.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2002",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-03-18T13:15:07.657",
"lastModified": "2024-03-18T13:15:07.657",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-20xx/CVE-2024-2050.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2050",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2024-03-18T16:15:08.903",
"lastModified": "2024-03-18T16:15:08.903",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-20xx/CVE-2024-2051.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2051",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2024-03-18T16:15:09.130",
"lastModified": "2024-03-18T16:15:09.130",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-20xx/CVE-2024-2052.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2052",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2024-03-18T16:15:09.337",
"lastModified": "2024-03-18T16:15:09.337",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-216xx/CVE-2024-21652.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21652",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-18T18:15:09.697",
"lastModified": "2024-03-18T18:15:09.697",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

71
CVE-2024/CVE-2024-216xx/CVE-2024-21661.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2024-21661",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-18T19:15:06.687",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can exploit a critical flaw in the application to initiate a Denial of Service (DoS) attack, rendering the application inoperable and affecting all users. The issue arises from unsafe manipulation of an array in a multi-threaded environment. The vulnerability is rooted in the application's code, where an array is being modified while it is being iterated over. This is a classic programming error but becomes critically unsafe when executed in a multi-threaded environment. When two threads interact with the same array simultaneously, the application crashes. This is a Denial of Service (DoS) vulnerability. Any attacker can crash the application continuously, making it impossible for legitimate users to access the service. The issue is exacerbated because it does not require authentication, widening the pool of potential attackers. Versions 2.8.13, 2.9.9, and 2.10.4 contain a patch for this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://github.com/argoproj/argo-cd/blob/54601c8fd30b86a4c4b7eb449956264372c8bde0/util/session/sessionmanager.go#L302-L311",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/argoproj/argo-cd/commit/2a22e19e06aaf6a1e734443043310a66c234e345",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/argoproj/argo-cd/commit/5bbb51ab423f273dda74ab956469843d2db2e208",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/argoproj/argo-cd/commit/ce04dc5c6f6e92033221ec6d96b74403b065ca8b",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-6v85-wr92-q4p7",
"source": "security-advisories@github.com"
}
]
}

71
CVE-2024/CVE-2024-216xx/CVE-2024-21662.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2024-21662",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-18T19:15:06.870",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can effectively bypass the rate limit and brute force protections by exploiting the application's weak cache-based mechanism. This loophole in security can be combined with other vulnerabilities to attack the default admin account. This flaw undermines a patch for CVE-2020-8827 intended to protect against brute-force attacks. The application's brute force protection relies on a cache mechanism that tracks login attempts for each user. This cache is limited to a `defaultMaxCacheSize` of 1000 entries. An attacker can overflow this cache by bombarding it with login attempts for different users, thereby pushing out the admin account's failed attempts and effectively resetting the rate limit for that account. This is a severe vulnerability that enables attackers to perform brute force attacks at an accelerated rate, especially targeting the default admin account. Users should upgrade to version 2.8.13, 2.9.9, or 2.10.4 to receive a patch."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
}
],
"references": [
{
"url": "https://argo-cd.readthedocs.io/en/stable/security_considerations/#cve-2020-8827-insufficient-anti-automationanti-brute-force",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/argoproj/argo-cd/commit/17b0df1168a4c535f6f37e95f25ed7cd81e1fa4d",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/argoproj/argo-cd/commit/6e181d72b31522f886a2afa029d5b26d7912ec7b",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/argoproj/argo-cd/commit/cebb6538f7944c87ca2fecb5d17f8baacc431456",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-2vgg-9h6w-m454",
"source": "security-advisories@github.com"
}
]
}

4
CVE-2024/CVE-2024-222xx/CVE-2024-22257.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22257",
"sourceIdentifier": "security@vmware.com",
"published": "2024-03-18T15:15:41.790",
"lastModified": "2024-03-18T15:15:41.790",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

10
CVE-2024/CVE-2024-229xx/CVE-2024-22988.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-22988",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-23T23:15:09.623",
"lastModified": "2024-02-26T13:42:22.567",
"lastModified": "2024-03-18T20:15:08.793",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue in zkteco zkbio WDMS v.8.0.5 allows an attacker to execute arbitrary code via the /files/backup/ component."
},
{
"lang": "es",
"value": "Un problema en zkteco zkbio WDMS v.8.0.5 permite a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s del componente /files/backup/."
}
],
"metrics": {},
@ -16,6 +20,10 @@
"url": "https://gist.github.com/whiteman007/b50a9b64007a5d7bcb7a8bee61d2cb47",
"source": "cve@mitre.org"
},
{
"url": "https://www.vicarius.io/vsociety/posts/revealing-cve-2024-22988-a-unique-dive-into-exploiting-access-control-gaps-in-zkbio-wdms-uncover-the-untold-crafted-for-beginners-with-a-rare-glimpse-into-pentesting-strategies",
"source": "cve@mitre.org"
},
{
"url": "https://zkteco.com",
"source": "cve@mitre.org"

4
CVE-2024/CVE-2024-22xx/CVE-2024-2229.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2229",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2024-03-18T16:15:09.580",
"lastModified": "2024-03-18T16:15:09.580",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-23xx/CVE-2024-2390.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2390",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2024-03-18T16:15:09.830",
"lastModified": "2024-03-18T16:15:09.830",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-24xx/CVE-2024-2496.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2496",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-03-18T13:15:08.207",
"lastModified": "2024-03-18T13:15:08.207",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

20
CVE-2024/CVE-2024-256xx/CVE-2024-25654.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-25654",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-18T20:15:08.867",
"lastModified": "2024-03-18T20:15:08.867",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Insecure permissions for log files of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allow members (with local access to the UMP application server) to access credentials to authenticate to all services, and to decrypt sensitive data stored in the database."
}
],
"metrics": {},
"references": [
{
"url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25654",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-256xx/CVE-2024-25655.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-25655",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-18T20:15:08.917",
"lastModified": "2024-03-18T20:15:08.917",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allows members (with read access to the application database) to decrypt the LDAP passwords of users who successfully authenticate to web management via LDAP."
}
],
"metrics": {},
"references": [
{
"url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25655",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-256xx/CVE-2024-25656.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-25656",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-18T20:15:08.963",
"lastModified": "2024-03-18T20:15:08.963",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS can result in unauthenticated CPE (Customer Premises Equipment) devices storing arbitrarily large amounts of data during registration. This can potentially lead to DDoS attacks on the application database and, ultimately, affect the entire product."
}
],
"metrics": {},
"references": [
{
"url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25656",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-256xx/CVE-2024-25657.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-25657",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-18T20:15:09.013",
"lastModified": "2024-03-18T20:15:09.013",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An open redirect in the Login/Logout functionality of web management in AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS could allow attackers to redirect authenticated users to malicious websites."
}
],
"metrics": {},
"references": [
{
"url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25657",
"source": "cve@mitre.org"
}
]
}

4
CVE-2024/CVE-2024-25xx/CVE-2024-2584.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2584",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:10.060",
"lastModified": "2024-03-18T14:15:10.060",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-25xx/CVE-2024-2585.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2585",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:10.290",
"lastModified": "2024-03-18T14:15:10.290",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-25xx/CVE-2024-2586.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2586",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:10.540",
"lastModified": "2024-03-18T14:15:10.540",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-25xx/CVE-2024-2587.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2587",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:10.763",
"lastModified": "2024-03-18T14:15:10.763",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-25xx/CVE-2024-2588.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2588",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:10.993",
"lastModified": "2024-03-18T14:15:10.993",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-25xx/CVE-2024-2589.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2589",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:11.230",
"lastModified": "2024-03-18T14:15:11.230",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-25xx/CVE-2024-2590.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2590",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:11.517",
"lastModified": "2024-03-18T14:15:11.517",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-25xx/CVE-2024-2591.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2591",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:11.747",
"lastModified": "2024-03-18T14:15:11.747",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-25xx/CVE-2024-2592.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2592",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:11.987",
"lastModified": "2024-03-18T14:15:11.987",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-25xx/CVE-2024-2593.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2593",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:12.233",
"lastModified": "2024-03-18T14:15:12.233",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-25xx/CVE-2024-2594.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2594",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:12.463",
"lastModified": "2024-03-18T14:15:12.463",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-25xx/CVE-2024-2595.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2595",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:12.673",
"lastModified": "2024-03-18T14:15:12.673",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-25xx/CVE-2024-2596.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2596",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:12.893",
"lastModified": "2024-03-18T14:15:12.893",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-25xx/CVE-2024-2597.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2597",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:13.140",
"lastModified": "2024-03-18T14:15:13.140",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-25xx/CVE-2024-2598.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2598",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:13.383",
"lastModified": "2024-03-18T14:15:13.383",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-25xx/CVE-2024-2599.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2599",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:13.643",
"lastModified": "2024-03-18T14:15:13.643",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26028.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26028",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:09.910",
"lastModified": "2024-03-18T18:15:09.910",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26030.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26030",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:10.130",
"lastModified": "2024-03-18T18:15:10.130",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26031.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26031",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:10.420",
"lastModified": "2024-03-18T18:15:10.420",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26032.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26032",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:10.647",
"lastModified": "2024-03-18T18:15:10.647",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26033.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26033",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:10.867",
"lastModified": "2024-03-18T18:15:10.867",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26034.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26034",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:11.100",
"lastModified": "2024-03-18T18:15:11.100",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26035.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26035",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:11.360",
"lastModified": "2024-03-18T18:15:11.360",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26038.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26038",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:11.570",
"lastModified": "2024-03-18T18:15:11.570",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26040.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26040",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:11.790",
"lastModified": "2024-03-18T18:15:11.790",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26041.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26041",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:12.023",
"lastModified": "2024-03-18T18:15:12.023",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26042.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26042",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:12.273",
"lastModified": "2024-03-18T18:15:12.273",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26043.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26043",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:12.510",
"lastModified": "2024-03-18T18:15:12.510",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26044.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26044",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:12.767",
"lastModified": "2024-03-18T18:15:12.767",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26045.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26045",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:13.007",
"lastModified": "2024-03-18T18:15:13.007",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26050.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26050",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:13.263",
"lastModified": "2024-03-18T18:15:13.263",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26051.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26051",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:13.547",
"lastModified": "2024-03-18T18:15:13.547",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26052.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26052",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:13.780",
"lastModified": "2024-03-18T18:15:13.780",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26056.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26056",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:14.097",
"lastModified": "2024-03-18T18:15:14.097",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26059.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26059",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:14.313",
"lastModified": "2024-03-18T18:15:14.313",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26061.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26061",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:14.533",
"lastModified": "2024-03-18T18:15:14.533",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26062.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26062",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:14.760",
"lastModified": "2024-03-18T18:15:14.760",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26063.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26063",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:14.973",
"lastModified": "2024-03-18T18:15:14.973",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26064.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26064",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:15.197",
"lastModified": "2024-03-18T18:15:15.197",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-260xx/CVE-2024-26065.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26065",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-03-18T18:15:15.440",
"lastModified": "2024-03-18T18:15:15.440",
"vulnStatus": "Received",
"lastModified": "2024-03-18T19:40:00.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

Some files were not shown because too many files have changed in this diff Show More