admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 11:07:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-06-27T20:00:19.145330+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-06-27 20:03:12 +00:00
parent fb4df7b14b
commit eddeb7d8f0
103 changed files with 6165 additions and 5459 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1942
CVE-2004/CVE-2004-14xx/CVE-2004-1464.json
View File

File diff suppressed because it is too large Load Diff

61
CVE-2010/CVE-2010-02xx/CVE-2010-0298.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-0298",
"sourceIdentifier": "secalert@redhat.com",
"published": "2010-02-12T19:30:00.550",
"lastModified": "2017-09-19T01:30:21.440",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:17:53.207",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -63,7 +63,24 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37"
"versionStartIncluding": "2.6.28",
"versionEndIncluding": "2.6.33",
"matchCriteriaId": "2111620A-0283-4B9F-82C8-35BF471254E4"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639"
}
]
}
@ -73,31 +90,55 @@
"references": [
{
"url": "http://secunia.com/advisories/38492",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
]
},
{
"url": "http://www.debian.org/security/2010/dsa-1996",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Not Applicable",
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/38158",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=559091",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11335",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2010-0088.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}
]
}

89
CVE-2010/CVE-2010-39xx/CVE-2010-3904.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-3904",
"sourceIdentifier": "security@ubuntu.com",
"published": "2010-12-06T20:13:00.513",
"lastModified": "2023-11-07T02:06:01.623",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:23:03.670",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-05-12",
"cisaActionDue": "2023-06-02",
"cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.",
@ -19,6 +19,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -52,7 +74,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-1284"
}
]
}
@ -148,12 +170,65 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE88D8C-9CC3-46D1-9F26-290BC679F47E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13771B15-CD71-472A-BE56-718B87D5825D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE707D-A1F4-4829-843E-F6633BB84D6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2331236-2E9B-4B52-81EE-B52DEB41ACE5"
}
]
}
]
}
],
"references": [
{
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=799c10559d60f159ab2232203f222f18fa3c4a5f",
"source": "security@ubuntu.com"
"source": "security@ubuntu.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00008.html",
@ -192,6 +267,7 @@
"url": "http://secunia.com/advisories/46397",
"source": "security@ubuntu.com",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
@ -199,6 +275,7 @@
"url": "http://securitytracker.com/id?1024613",
"source": "security@ubuntu.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
@ -222,6 +299,7 @@
"url": "http://www.redhat.com/support/errata/RHSA-2010-0792.html",
"source": "security@ubuntu.com",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
@ -229,6 +307,7 @@
"url": "http://www.redhat.com/support/errata/RHSA-2010-0842.html",
"source": "security@ubuntu.com",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
@ -236,6 +315,7 @@
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded",
"source": "security@ubuntu.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
@ -272,6 +352,7 @@
"url": "http://www.vupen.com/english/advisories/2011/0298",
"source": "security@ubuntu.com",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},

774
CVE-2014/CVE-2014-83xx/CVE-2014-8361.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-8361",
"sourceIdentifier": "cve@mitre.org",
"published": "2015-05-01T15:59:01.287",
"lastModified": "2023-09-05T22:15:07.477",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T18:35:21.117",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-09-18",
"cisaActionDue": "2023-10-09",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -19,6 +19,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -52,7 +74,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}
@ -69,6 +91,11 @@
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-905l:a1:*:*:*:*:*:*:*",
"matchCriteriaId": "F50CC55A-1EA1-4096-8489-1CE1E991B305"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-905l:b1:*:*:*:*:*:*:*",
"matchCriteriaId": "21EDEA1E-6F3C-4E92-A732-270D1E086576"
}
]
},
@ -79,8 +106,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-905l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.02",
"matchCriteriaId": "724D0F80-B486-45E7-813D-69435ABC7872"
"versionEndIncluding": "2.05b01",
"matchCriteriaId": "05CB91FD-6322-48FB-8CCE-3E7DDB622063"
}
]
}
@ -97,11 +124,6 @@
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-605l:a1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA9038E9-8519-4DC7-8843-74ADB3527A3F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-605l:b1:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1FC91F-1B77-406F-ADB5-98B07866601E"
}
]
},
@ -112,16 +134,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-605l_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.00",
"versionEndIncluding": "1.13",
"matchCriteriaId": "C3D430AC-50CF-4A9B-9D38-68E8787EA560"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-605l_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.00",
"versionEndIncluding": "2.04",
"matchCriteriaId": "9DAC501B-2BCD-416F-9129-8E919FECCAA7"
"versionEndIncluding": "1.14b06",
"matchCriteriaId": "01D15D52-C442-4ABE-917C-A50908082089"
}
]
}
@ -138,11 +152,6 @@
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-600l:a1:*:*:*:*:*:*:*",
"matchCriteriaId": "F75E7D9C-03BE-4301-AF9E-9929C33F4EEA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-600l:b1:*:*:*:*:*:*:*",
"matchCriteriaId": "6966FB89-8C98-4FA3-B4CA-21CAD495A830"
}
]
},
@ -153,16 +162,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-600l_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.00",
"versionEndIncluding": "1.15",
"matchCriteriaId": "D68A3CF3-55BA-47F5-9BE9-A47808E350E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-600l_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.00",
"versionEndIncluding": "2.05",
"matchCriteriaId": "06A45859-04FD-4279-A11E-6A5219A4C7BA"
"matchCriteriaId": "90962768-A07F-4A1E-9500-F743FD1ECA96"
}
]
}
@ -194,11 +195,6 @@
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-619l:a1:*:*:*:*:*:*:*",
"matchCriteriaId": "3271958C-23CD-4937-A21A-905A18ECA736"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-619l:b1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F28B093-482C-4105-A89D-8B1F1FFD59E9"
}
]
},
@ -209,16 +205,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-619l_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.00",
"versionEndIncluding": "1.15",
"matchCriteriaId": "E0D793EA-3515-47AE-8C2C-5019CB7E98D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-619l_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.00",
"versionEndIncluding": "2.03",
"matchCriteriaId": "FB1FDE8D-3AA2-432D-8A69-A079F03A0CBB"
"matchCriteriaId": "22544CBE-CE28-4E13-99CD-9855A76F8EDF"
}
]
}
@ -250,9 +238,677 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-809_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.00",
"versionEndIncluding": "1.02",
"matchCriteriaId": "0437BBF6-2F2C-4FEF-9FD0-1C4DE3E9156F"
"versionEndIncluding": "1.04b02",
"matchCriteriaId": "4CCC25F5-5E8A-4164-84D8-DDC0D3519E2B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-605l:b1:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1FC91F-1B77-406F-ADB5-98B07866601E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-605l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.07b02",
"matchCriteriaId": "89CE2A47-DC82-49A7-874E-C9533E153ECF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-605l:c1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD38B14-B291-423A-912C-B1BB2070A9C9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-605l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.03b07",
"matchCriteriaId": "7B8247C1-8A71-4004-8ECE-1984335D697D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-619l:b1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F28B093-482C-4105-A89D-8B1F1FFD59E9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-619l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.07b02",
"matchCriteriaId": "2FCD4837-81DE-4C00-AC6C-0E7D6036E1D6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-600l:b1:*:*:*:*:*:*:*",
"matchCriteriaId": "6966FB89-8C98-4FA3-B4CA-21CAD495A830"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-600l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.056b06",
"matchCriteriaId": "C66EAA7D-A420-4CBF-AD01-754983012129"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-501_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.01b04",
"matchCriteriaId": "1C1339C5-FD81-4885-AF24-A05BC1A3B02A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-501:a1:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8C6464-A044-4C0B-8ADB-C2F61C3009E5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-515_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.01b04",
"matchCriteriaId": "5FA66695-A646-4AB9-B128-A3D87C4C8284"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-515:a1:*:*:*:*:*:*:*",
"matchCriteriaId": "037A3A92-EC1C-41AC-A93A-7319E8E98240"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-615_firmware:10.01b02:*:*:*:*:*:*:*",
"matchCriteriaId": "17FD57FF-A596-4151-860C-3F0486CD85F4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-615:j1:*:*:*:*:*:*:*",
"matchCriteriaId": "30B14CF6-4239-4BAB-ABA0-284AFDA2C9E8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-615_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.06b03",
"matchCriteriaId": "F41E73AD-5615-4084-AC4E-516A934303CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-615_firmware:10.01b02:*:*:*:*:*:*:*",
"matchCriteriaId": "17FD57FF-A596-4151-860C-3F0486CD85F4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-615:fx:*:*:*:*:*:*:*",
"matchCriteriaId": "63134C26-FEA9-4EF5-97D9-FEDA14B34516"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:aterm:wg1900hp2_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.3.1",
"matchCriteriaId": "A05F11D3-7701-4152-9937-04D7134B4FE6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:aterm:wg1900hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E007A9B5-74FE-4230-9E3E-ACEA89FCABA8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:aterm:wg1900hp_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.5.1",
"matchCriteriaId": "D0DD2168-9BE3-49E8-952D-4775911C04D6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:aterm:wg1900hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70FC2B64-D47F-42DF-B9B4-7FB07F98A150"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:aterm:wg1800hp4_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.3.1",
"matchCriteriaId": "BCE7372C-DB92-419F-877C-CCE0DC3EBD6C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:aterm:wg1800hp4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9BB5205-0D2E-43AF-B228-9C728B404EA3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:aterm:wg1800hp3_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.5.1",
"matchCriteriaId": "DBDC178B-2033-47EA-B6CC-99880D5772A2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:aterm:wg1800hp3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD47CE10-EBD2-49A9-9F1A-B77A502AC196"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:aterm:wg1200hs2_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.5.0",
"matchCriteriaId": "424AB1C2-6C52-4416-8983-53D4BCAA0F80"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:aterm:wg1200hs2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC88BDE5-19B4-4EF4-8C14-2DEB8EAD3D91"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:aterm:wg1200hp3_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.3.1",
"matchCriteriaId": "7ED15E56-530C-42A3-B3D3-9F1090C524D5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:aterm:wg1200hp3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F13C13D3-FB31-4E20-A5D4-992D4CF6BBCC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:aterm:wg1200hp2_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.5.0",
"matchCriteriaId": "F7FDD550-9FDE-4001-933E-51FF4FBDC5AA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:aterm:wg1200hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "347DFD5E-56E0-473F-A2B1-E3FD2E99573A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:aterm:w1200ex_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.3.1",
"matchCriteriaId": "88A2A125-9991-459A-99D2-5158B72372BD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:aterm:w1200ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D0D008-E851-4756-87E4-5FA60EE65040"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:aterm:w1200ex-ms_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.3.1",
"matchCriteriaId": "C69CCDC3-BB41-45F2-987D-674FAD937F40"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:aterm:w1200ex-ms:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD0A960-9FA2-4838-A867-7AC688749771"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:aterm:wg1200hs_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5C80AB-4775-4D46-9FC7-C341CEAB08A0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:aterm:wg1200hs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05C494FC-4284-4325-A05C-DDAAF86857F7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:aterm:wg1200hp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC81201F-93A7-4B54-A7FE-51E4FD12AE54"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:aterm:wg1200hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E80DDB01-BA42-40E1-91A3-EBFCEC3F8A49"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:aterm:wf800hp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D83ABC6-AB7F-494C-B386-EB4212F50C55"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:aterm:wf800hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "141077D2-4439-44AA-9BD1-C60E253B4C6F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:aterm:wf300hp2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EF09945-D1B9-45FF-87DF-1573DB5F51BC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:aterm:wf300hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "514DD5D5-E44F-432E-AE87-25DDA62636AB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:aterm:wr8165n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08699FDC-5E04-4CF3-9C9A-9231795A6420"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:aterm:wr8165n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90FC20CF-70E5-4E50-A383-E24CB0987280"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:aterm:w500p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54E372D5-C699-4ED4-9AB3-326ADC9834BB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:aterm:w500p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9CC1968-0B25-4324-AB07-688B32770220"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:aterm:w300p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B02F690-7098-4C8C-B453-3EC8C01F0343"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:aterm:w300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A810B81E-8EE7-4F63-9380-7C68CB33B404"
}
]
}
@ -269,7 +925,10 @@
},
{
"url": "http://jvn.jp/en/jp/JVN67456944/index.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://packetstormsecurity.com/files/132090/Realtek-SDK-Miniigd-UPnP-SOAP-Command-Execution.html",
@ -290,6 +949,7 @@
"url": "http://www.securityfocus.com/bid/74330",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
@ -304,11 +964,17 @@
},
{
"url": "https://sensorstechforum.com/hinatabot-cve-2014-8361-ddos/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://web.archive.org/web/20150909230440/http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.exploit-db.com/exploits/37169/",

52
CVE-2016/CVE-2016-01xx/CVE-2016-0165.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-0165",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-04-12T23:59:28.303",
"lastModified": "2018-10-12T22:11:23.287",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:16:56.003",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-06-22",
"cisaActionDue": "2023-07-13",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -19,17 +19,17 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
@ -74,7 +74,7 @@
"description": [
{
"lang": "en",
"value": "CWE-264"
"value": "NVD-CWE-noinfo"
}
]
}
@ -98,8 +98,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "7519928D-0FF2-4584-8058-4C7764CD5671"
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
},
{
"vulnerable": true,
@ -113,8 +113,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0C28897B-044A-447B-AD76-6397F8190177"
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
@ -133,8 +133,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914"
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"
}
]
}
@ -144,22 +144,38 @@
"references": [
{
"url": "http://www.securitytracker.com/id/1035529",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1035532",
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-039",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.exploit-db.com/exploits/44480/",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Product",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

791
CVE-2016/CVE-2016-34xx/CVE-2016-3427.json
View File

File diff suppressed because it is too large Load Diff

1313
CVE-2016/CVE-2016-87xx/CVE-2016-8735.json
View File

File diff suppressed because it is too large Load Diff

520
CVE-2017/CVE-2017-67xx/CVE-2017-6742.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-6742",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2017-07-17T21:29:00.447",
"lastModified": "2019-10-09T23:29:00.840",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:31:05.937",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-04-19",
"cisaActionDue": "2023-05-10",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -19,13 +19,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
@ -98,508 +98,24 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA80102-6194-4157-91FC-13EE64F4B0C1"
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndIncluding": "12.4",
"matchCriteriaId": "63ACD7DB-DCFE-4CDB-A3F0-4E413E178315"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "87B35652-621F-48DB-84FF-E214D42AA799"
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndIncluding": "15.6",
"matchCriteriaId": "650EB42C-D85F-482B-972D-7DCAC210DC48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E216416-E3ED-437D-A725-2297DD86EF3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8F3444-17E3-48A5-BEC1-97967F7E4EA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "539E369A-299B-4CDE-940F-C853E08439B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39120E68-F456-4035-8B28-64943CDDCFD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:2.3.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "57F6EF3B-2F31-4449-9B2A-9114D41BBC6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E6D907-4B38-4046-BF4F-C7DFA36F55E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D0B52CA-3834-4435-A3E1-9684A41E6405"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5976253B-339F-49C3-A538-653901E85EFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "838C42B4-6D72-4EE5-A0F0-87E60D73A44A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EB06F1BF-E186-48EA-BAE2-1B76DB16BC3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23AD1406-D2E4-4517-BF3E-A87C1FA8AC7E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D203439-1A4B-4805-8A15-5A33C612A5B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71A41531-FBC0-41DD-9965-8CAFA30488AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "310BA9E3-8175-4220-9FC3-48390C994174"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.1.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A13401-2660-483E-89A5-6420B5866BB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.1.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "77FC74E2-2510-40F5-BB2B-11608B844E28"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.1.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "3C69E845-700C-4250-B528-9482A5362F61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.1.3as:*:*:*:*:*:*:*",
"matchCriteriaId": "3DE45DBE-1CE2-4CAC-81E6-1BA07F0D90EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.1.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "1A40EA0A-1642-4950-9943-20C1888C18D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "621845E0-E885-46E4-929D-55DBE43DC97F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "429F3E17-5C65-4C91-8881-AAEAA00BCD44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "F47E76FF-DE36-463D-B610-A99C90AF7B91"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF8A6EC-3C45-4CDB-81B5-4D50CD5C4087"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.0se:*:*:*:*:*:*:*",
"matchCriteriaId": "AEC52EC4-6658-40AB-A357-F9B538F21ED2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "737D7668-872C-4246-9AB9-12FF059E231A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.3.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "D4CBDA4F-DBB3-4426-8C16-2B2314ACF21D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.0as:*:*:*:*:*:*:*",
"matchCriteriaId": "B45225F2-C9EB-493D-B845-64BFB8DBB89B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "252377A3-7F15-45F2-A169-BBC37858D4DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "02E8F96A-EA9C-4E66-8491-9B2A3A4023F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "85908754-8426-49D3-BCC2-AF174B5D0EF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "7F5BA973-D59A-4CB9-BC35-089F88737425"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "5E6E83FC-CFAE-45EA-9F20-830FC5E97399"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.5s:*:*:*:*:*:*:*",
"matchCriteriaId": "D1B3BCAC-8317-41C4-9A60-85B693818044"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.6s:*:*:*:*:*:*:*",
"matchCriteriaId": "1FBC4A31-F564-4F5F-86C9-08964EFB3AA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "5872A42F-745E-4EC6-8679-C28F79F6621C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "86947E54-A1B9-4ECE-92A6-417462249612"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "C910BE7C-517F-4E41-8433-1858F700AA22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB5A06F-59B5-43A1-8D06-1B6BA08630A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F6C44-DB9D-41FD-AD8D-AF45258772DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9E07C9-4C98-48A3-ACF9-1C6FE834D19C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "E979597C-E614-45E9-9AC4-66DE323221BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "55E908D0-7327-42B7-81C0-FA25BF45929C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "5420E152-A00C-406C-8E27-6B7ADE4ABF5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "036DAA45-B363-47BB-ADBA-992F381572EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.4as:*:*:*:*:*:*:*",
"matchCriteriaId": "86176257-7075-476E-BE09-B0E469392BD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB1EA1E-D995-4732-9685-75AC9042D484"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.5s:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA68978-C42E-4A5E-A0D6-7887FA0318B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.6s:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF06D7B-A239-4046-A704-01C54D534F35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.7s:*:*:*:*:*:*:*",
"matchCriteriaId": "4622910B-5459-4FA4-A8D0-239AF2EFFE06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.0ex:*:*:*:*:*:*:*",
"matchCriteriaId": "DC33B0BB-BB47-42AD-9EA4-6B4D63C34E71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "2835C64E-808F-4A6C-B245-7A9996FAFE3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "8E1040AF-A087-4791-BFC3-36CA3F3208E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "7F95B900-12A3-4488-BB50-20C972BEE169"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "94227B25-5C86-453C-9DC8-A8201C1D1FEE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "10F278DC-5102-4A18-9C72-E8FEEDCC5729"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "513675B5-D62C-442D-8754-DC4F221942B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D9F45C-E71F-4425-A0C7-DFFEEC93C152"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "26FB3B1A-FB8C-4371-A6D2-AB83ECF17F96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "2A005E0C-A744-4AFA-A1D1-2E3228E093FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "86B7EC67-B431-4284-8781-9090D134B781"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "3598539F-0EEB-45D6-8BA5-A2A3F69D556C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.5s:*:*:*:*:*:*:*",
"matchCriteriaId": "4CF349D4-BF1C-4127-B6FA-7AD379F62A3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.6s:*:*:*:*:*:*:*",
"matchCriteriaId": "B6ABE123-BBA5-46CD-8578-4A1F3CB8BA08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.7s:*:*:*:*:*:*:*",
"matchCriteriaId": "CD674BF9-16F6-4817-9ADE-564A402A5F06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.8as:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4142E2-B8A8-4E78-B4ED-52F63C43C6F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.8s:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DA3731-E719-4DB7-9783-1C00481141EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "6DAC081C-9A22-4CBC-A9D0-DD9995801791"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "C80F59A9-C1EF-4E9B-B204-1EEC7FDF65BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "09A930B7-7B9B-426E-A296-9F29F4A03F5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "309952D7-B220-4678-A16D-AA5FF005F782"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.12.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "503EFE9E-C238-46BA-8CA3-DE8D5DDB9A2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.12.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "B6EC8B17-6EC2-47AF-818D-1DFBDA612FB0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.12.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "278ACF0A-949B-486D-8F6C-ADC2AF25FC17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.12.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "37A30BA4-D760-4321-AAC8-04093AAAEA3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.12.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "42616EA2-DDCF-4B57-BF2A-37968C82DDC6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.13.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "09F35F75-75E8-4A20-94C4-5908E404C8CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.13.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "9C01C1D8-A191-45B7-A6C5-EE225F05A49E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.13.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "7E50FF89-8E71-4EA0-9AEC-2F800ED9D995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.13.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "7E70C455-E41C-4B17-847A-5F4281139252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.13.5s:*:*:*:*:*:*:*",
"matchCriteriaId": "64A07329-3A7D-4483-AE69-4786FEB23D92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.13.6as:*:*:*:*:*:*:*",
"matchCriteriaId": "F84E4463-DB0F-4B06-B403-B3606B386F02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.13.6s:*:*:*:*:*:*:*",
"matchCriteriaId": "665ACEAC-AE81-40F7-8A01-E8DB9DD7DD7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "FD803F59-1CD2-4CA9-9EB1-3CC4ABCD9547"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "B9247665-BBE7-4DEF-B97B-4981A0EA5CE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "E61E0102-B9B6-41F4-9041-0A5F144D849A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "579C9E7F-6AE4-4DF5-ABCF-DB390E4669E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "2A076E1F-3457-410A-8AB6-64416ECB20A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD93CD1-4188-40B7-A20E-9C3FE8344A27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "2972E680-5A19-4858-9B35-0B959ED319A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BFE916-916F-4936-A331-21A0E8193920"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "D0EC9A19-26E6-4E69-B4E7-852CB6327EAD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "5C5484A4-D116-4B79-8369-47979E20AACA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E5BB91-B5E7-4961-87DC-26596E5EDED7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "970FD986-6D0E-441C-9BF3-C66A25763A7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "1826C997-6D5D-480E-A12E-3048B6C61216"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBEF4B2-EA12-445A-823E-E0E5343A405E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.5s:*:*:*:*:*:*:*",
"matchCriteriaId": "844E7CEC-5CB6-47AE-95F7-75693347C08E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "12793F39-13C4-4DBC-9B78-FE361BDDF89D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "876767C7-0196-4226-92B1-DDE851B53655"
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.2.0",
"versionEndIncluding": "3.17",
"matchCriteriaId": "61E68EDC-8A69-446C-922A-57A6186786A8"
}
]
}
@ -611,6 +127,7 @@
"url": "http://www.securityfocus.com/bid/99345",
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
@ -619,6 +136,7 @@
"url": "http://www.securitytracker.com/id/1038808",
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]

15
CVE-2019/CVE-2019-176xx/CVE-2019-17621.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-17621",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-12-30T17:15:19.857",
"lastModified": "2023-11-07T03:06:23.510",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:16:32.357",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-06-29",
"cisaActionDue": "2023-07-20",
"cisaRequiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.",
@ -565,11 +565,18 @@
},
{
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146",

14
CVE-2020/CVE-2020-139xx/CVE-2020-13965.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-13965",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-06-09T03:15:11.250",
"lastModified": "2024-06-27T01:00:01.260",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T18:06:30.240",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2024-06-26",
"cisaActionDue": "2024-07-17",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -187,11 +187,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLESQ4LPJGMSWHQ4TBRTVQRDG7IXAZCW/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ODPJXBHZ32QSP4MYT2OBCALYXSUJ47SK/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://roundcube.net/news/2020/06/02/security-updates-1.4.5-and-1.3.12",

33
CVE-2020/CVE-2020-357xx/CVE-2020-35730.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-35730",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-12-28T20:15:13.150",
"lastModified": "2023-11-07T03:22:02.753",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:16:14.907",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-06-22",
"cisaActionDue": "2023-07-13",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -152,55 +152,58 @@
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
"Mailing List"
]
},
{
"url": "https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
"Patch"
]
},
{
"url": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.13",
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
"Release Notes"
]
},
{
"url": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.16",
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
"Release Notes"
]
},
{
"url": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.10",
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://roundcube.net/download/",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
"Product"
]
},
{

16
CVE-2021/CVE-2021-35xx/CVE-2021-3560.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-3560",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-02-16T19:15:08.450",
"lastModified": "2023-11-07T03:38:06.980",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:23:50.913",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-05-12",
"cisaActionDue": "2023-06-02",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -204,11 +204,19 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/172836/polkit-Authentication-Bypass.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://packetstormsecurity.com/files/172846/Facebook-Fizz-Denial-Of-Service.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961710",

24
CVE-2021/CVE-2021-440xx/CVE-2021-44026.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-44026",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-11-19T04:15:07.197",
"lastModified": "2023-11-07T03:39:32.503",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:15:57.447",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-06-22",
"cisaActionDue": "2023-07-13",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -155,23 +155,21 @@
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
"Patch"
]
},
{
"url": "https://github.com/roundcube/roundcubemail/commit/c8947ecb762d9e89c2091bda28d49002817263f1",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
"Patch"
]
},
{
"url": "https://github.com/roundcube/roundcubemail/commit/ee809bde2dcaa04857a919397808a7296681dcfa",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
"Patch"
]
},
{
@ -184,11 +182,19 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDVGIZMQJ5IOM47Y3SAAJRN5VPANKTKO/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TP3Y5RXTUUOUODNG7HFEKWYNIPIT2NL4/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://www.debian.org/security/2021/dsa-5013",

33
CVE-2021/CVE-2021-450xx/CVE-2021-45046.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-45046",
"sourceIdentifier": "security@apache.org",
"published": "2021-12-14T19:15:07.733",
"lastModified": "2023-10-26T07:15:36.677",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:24:09.027",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-05-01",
"cisaActionDue": "2023-05-22",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -197,9 +197,9 @@
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:sppa-t3000_ses3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "755BA221-33DD-40A2-A517-8574D042C261"
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8320869-CBF4-4C92-885C-560C09855BFA"
}
]
},
@ -208,9 +208,9 @@
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8320869-CBF4-4C92-885C-560C09855BFA"
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:sppa-t3000_ses3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "755BA221-33DD-40A2-A517-8574D042C261"
}
]
}
@ -812,11 +812,19 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://logging.apache.org/log4j/2.x/security.html",
@ -836,7 +844,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202310-16",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd",

8
CVE-2022/CVE-2022-398xx/CVE-2022-39836.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-39836",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-10-25T17:15:56.677",
"lastModified": "2022-10-27T14:29:37.543",
"vulnStatus": "Analyzed",
"lastModified": "2024-06-27T18:15:12.317",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -69,6 +69,10 @@
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00021.html",
"source": "cve@mitre.org"
},
{
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-memory-corruption-vulnerabilities-in-covesa-dlt-daemon/",
"source": "cve@mitre.org",

8
CVE-2022/CVE-2022-398xx/CVE-2022-39837.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-39837",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-10-25T17:15:56.720",
"lastModified": "2022-10-27T13:54:25.257",
"vulnStatus": "Analyzed",
"lastModified": "2024-06-27T18:15:12.463",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -69,6 +69,10 @@
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00021.html",
"source": "cve@mitre.org"
},
{
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-memory-corruption-vulnerabilities-in-covesa-dlt-daemon/",
"source": "cve@mitre.org",

25
CVE-2023/CVE-2023-13xx/CVE-2023-1389.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1389",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2023-03-15T23:15:09.403",
"lastModified": "2023-08-11T15:15:09.760",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:30:19.467",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-05-01",
"cisaActionDue": "2023-05-22",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -59,9 +59,10 @@
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF5A235-4531-4F03-882C-C2A6B6D07A5D"
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax21_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.4",
"matchCriteriaId": "E2DBA0CE-1871-4B4E-BCBD-3693E61DF23E"
}
]
},
@ -70,10 +71,9 @@
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax21_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.4",
"matchCriteriaId": "E2DBA0CE-1871-4B4E-BCBD-3693E61DF23E"
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF5A235-4531-4F03-882C-C2A6B6D07A5D"
}
]
}
@ -83,7 +83,12 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/174131/TP-Link-Archer-AX21-Command-Injection.html",
"source": "vulnreport@tenable.com"
"source": "vulnreport@tenable.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.tenable.com/security/research/tra-2023-11",

102
CVE-2023/CVE-2023-208xx/CVE-2023-20867.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20867",
"sourceIdentifier": "security@vmware.com",
"published": "2023-06-13T17:15:14.070",
"lastModified": "2023-10-16T18:15:15.577",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:05:20.020",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-06-23",
"cisaActionDue": "2023-07-14",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -101,45 +101,127 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/16/11",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/16/2",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00020.html",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NVKQ6Y2JFJRWPFOZUOTFO3H27BK5GGOG/",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJNJMD67QIT6LXLKWSHFM47DCLRSMT6W/",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZJM6HDRQYS74JA7YNKQBFH2XSZ52HEWH/",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230725-0001/",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5493",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0013.html",
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}

15
CVE-2023/CVE-2023-208xx/CVE-2023-20887.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20887",
"sourceIdentifier": "security@vmware.com",
"published": "2023-06-07T15:15:09.190",
"lastModified": "2023-07-26T17:15:10.050",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:14:35.207",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-06-22",
"cisaActionDue": "2023-07-13",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -59,10 +59,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_network_insight:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:vmware:aria_operations_for_networks:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0",
"versionEndIncluding": "6.10.0",
"matchCriteriaId": "6D313849-EA07-4CB9-9F94-AE78D290D0AE"
"matchCriteriaId": "839275D4-29CB-4D41-A78F-1F7755B297FA"
}
]
}
@ -72,7 +72,12 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/173761/VMWare-Aria-Operations-For-Networks-Remote-Command-Execution.html",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0012.html",

30
CVE-2023/CVE-2023-20xx/CVE-2023-2033.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2033",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-04-14T19:15:09.453",
"lastModified": "2023-11-08T22:15:08.880",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:31:27.163",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-04-17",
"cisaActionDue": "2023-05-08",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -106,6 +106,27 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:couchbase:couchbase_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.5",
"matchCriteriaId": "8D5763B2-C023-4C29-A30E-71B087A967DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:couchbase:couchbase_server:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF7BB41-6DE4-45D5-81FE-A3CC055853F1"
}
]
}
]
}
],
"references": [
@ -175,7 +196,10 @@
},
{
"url": "https://www.couchbase.com/alerts/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5390",

11
CVE-2023/CVE-2023-218xx/CVE-2023-21839.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21839",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-01-18T00:15:13.450",
"lastModified": "2023-06-12T07:16:53.787",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:24:19.397",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-05-01",
"cisaActionDue": "2023-05-22",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -80,7 +80,12 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/172882/Oracle-Weblogic-PreAuth-Remote-Command-Execution.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2023.html",

8
CVE-2023/CVE-2023-262xx/CVE-2023-26257.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26257",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-27T05:15:12.757",
"lastModified": "2023-03-07T22:53:47.927",
"vulnStatus": "Analyzed",
"lastModified": "2024-06-27T18:15:12.610",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -78,6 +78,10 @@
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00021.html",
"source": "cve@mitre.org"
}
]
}

18
CVE-2023/CVE-2023-273xx/CVE-2023-27350.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27350",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2023-04-20T16:15:07.653",
"lastModified": "2023-06-07T18:15:09.540",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:30:37.747",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-04-21",
"cisaActionDue": "2023-05-12",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -156,11 +156,21 @@
},
{
"url": "http://packetstormsecurity.com/files/172512/PaperCut-NG-MG-22.0.4-Remote-Code-Execution.html",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://packetstormsecurity.com/files/172780/PaperCut-PaperCutNG-Authentication-Bypass.html",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://news.sophos.com/en-us/2023/04/27/increased-exploitation-of-papercut-drawing-blood-around-the-internet/",

192
CVE-2023/CVE-2023-279xx/CVE-2023-27997.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27997",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2023-06-13T09:15:16.613",
"lastModified": "2023-11-07T04:10:22.127",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:12:51.177",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-06-13",
"cisaActionDue": "2023-07-04",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -87,98 +87,6 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.10",
"versionEndIncluding": "6.2.13",
"matchCriteriaId": "ED3A999C-9184-4D27-A62E-3D8A3F0D4F27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5B5BEBC4-DA5B-47AA-98AA-2D0874BB1CDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FE267DF4-A924-485D-B583-15F45AB2A4AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "22F19B6C-4239-4E52-A155-D7A5C62038FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "0A89B468-03F2-4EE4-A529-62BDD90DA443"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3D628C32-BB83-4B02-9B95-52F09F35142C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD4A64B-5F13-4DE6-99B4-87F3D91523C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C2EC1BE7-3651-4262-A66C-2F92F2F1F5F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA4E74C-A426-41D2-BDD3-37C1AA726FBB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AE7D64-14C0-4DC8-B1AC-EA55EADFBB92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "285C4AD0-4BAC-418C-A631-0DDAF72D0349"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "59BD8EE9-6F94-4EA5-B22B-1B446A15F2A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50BDB150-8E02-427D-A9FC-C7C3C90F0584"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C8D27E55-D099-4A62-9683-AFD4B8B9A739"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "12CB6078-7BA2-4841-9BB8-A7214154C031"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "991F4477-FCB1-4203-A5C5-67C2741F026E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "66265BCF-0AA4-4CE2-A096-6F3432EB834E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:7.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "534B291D-12F9-4DC0-979B-4A536A0485D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
@ -252,6 +160,102 @@
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.12",
"versionEndIncluding": "6.0.16",
"matchCriteriaId": "6D997493-24C2-4A78-9DF0-6438E9415A3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.9",
"versionEndIncluding": "6.2.13",
"matchCriteriaId": "0A0D0D55-1A51-454D-A8B1-D7100D453102"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6AF1FA-A034-439A-876B-BFA1BE7DE15E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9694FC0C-408A-4892-ADD1-F36F4BBBD9EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8A132F-601F-4129-BFCA-3A976A711D5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "90600B14-07C4-455D-9FC1-17034D91B987"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B28478DA-8D10-4A8E-81EA-D3DF421E5089"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F935F9-5B6A-47C2-8F65-7A1E8BB061FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "751D2FC7-482F-4C6B-95DB-244004A2738E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE44B20-6F00-4962-9929-5A5054BBA94C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EB2FF1DA-001B-4CA1-9F46-427D9C92CBC6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "48D0E8CC-3815-4697-86D0-DC7F66E70520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6C937-4477-438D-A252-E4102D758120"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:fortinet:fortigate_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB410C9-CDD4-4068-97E0-6D83AE62B7F1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:fortinet:fortigate_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CBA773-10C1-410D-BB01-771F454ABEBA"
}
]
}
]
}
],
"references": [

25
CVE-2023/CVE-2023-282xx/CVE-2023-28204.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28204",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.333",
"lastModified": "2024-01-05T14:15:46.340",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:05:08.367",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-05-22",
"cisaActionDue": "2023-06-12",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -111,12 +111,31 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webkitgtk:webkitgtk\\+:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.42.3",
"matchCriteriaId": "8C7F88F0-0092-4338-A52F-1A2ED27460B5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213757",

4
CVE-2023/CVE-2023-282xx/CVE-2023-28205.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28205",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-04-10T19:15:07.237",
"lastModified": "2023-07-27T04:15:23.007",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:31:48.657",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-04-10",
"cisaActionDue": "2023-05-01",
"cisaRequiredAction": "Apply updates per vendor instructions.",

4
CVE-2023/CVE-2023-282xx/CVE-2023-28206.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28206",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-04-10T19:15:07.273",
"lastModified": "2023-07-27T04:15:23.103",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:29:39.747",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-04-10",
"cisaActionDue": "2023-05-01",
"cisaRequiredAction": "Apply updates per vendor instructions.",

13
CVE-2023/CVE-2023-282xx/CVE-2023-28252.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28252",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-04-11T21:15:25.137",
"lastModified": "2024-05-29T02:15:30.930",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:31:41.460",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-04-11",
"cisaActionDue": "2023-05-02",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -49,7 +49,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-787"
}
]
},
@ -162,7 +162,12 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/174668/Windows-Common-Log-File-System-Driver-clfs.sys-Privilege-Escalation.html",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28252",

5
CVE-2023/CVE-2023-284xx/CVE-2023-28432.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28432",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-03-22T21:15:18.257",
"lastModified": "2023-11-07T04:10:35.500",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:30:51.627",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-04-21",
"cisaActionDue": "2023-05-12",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -111,6 +111,7 @@
"url": "https://github.com/minio/minio/security/advisories/GHSA-6xvq-wj2x-3h3q",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
},

59
CVE-2023/CVE-2023-309xx/CVE-2023-30997.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-30997",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-06-27T19:15:10.800",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254638."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-250"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254638",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7158790",
"source": "psirt@us.ibm.com"
}
]
}

59
CVE-2023/CVE-2023-309xx/CVE-2023-30998.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-30998",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-06-27T19:15:11.187",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254649."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-250"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254649",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7158790",
"source": "psirt@us.ibm.com"
}
]
}

64
CVE-2023/CVE-2023-30xx/CVE-2023-3079.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3079",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-06-05T22:15:12.383",
"lastModified": "2024-01-31T17:15:11.930",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:15:04.197",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-06-07",
"cisaActionDue": "2023-06-28",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -52,6 +52,7 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -64,6 +65,17 @@
"matchCriteriaId": "EB69CD96-74B6-49C5-8589-99136EE565C6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
},
@ -73,6 +85,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
@ -101,29 +118,40 @@
]
}
]
}
},
{},
{}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/176211/Chrome-V8-Type-Confusion.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://packetstormsecurity.com/files/176212/Chrome-V8-Type-Confusion-New-Sandbox-Escape.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
"Vendor Advisory"
]
},
{
"url": "https://crbug.com/1450481",
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
"Exploit",
"Issue Tracking"
]
},
{
@ -136,24 +164,38 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U4OXTNIZY4JYHJT7CVLPAJQILI6BISVM/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202311-11",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202401-34",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.couchbase.com/alerts/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5420",
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}

29
CVE-2023/CVE-2023-323xx/CVE-2023-32373.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32373",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.007",
"lastModified": "2024-01-05T14:15:46.537",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:22:10.753",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-05-22",
"cisaActionDue": "2023-06-12",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -79,9 +79,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0.0",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "377397F0-7A43-442A-BC27-40CE0F04432D"
"matchCriteriaId": "D72C8B93-E6C2-43FA-B2F3-A17D133D0625"
},
{
"vulnerable": true,
@ -141,12 +141,31 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webkitgtk:webkitgtk\\+:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.42.3",
"matchCriteriaId": "8C7F88F0-0092-4338-A52F-1A2ED27460B5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213757",

24
CVE-2023/CVE-2023-324xx/CVE-2023-32409.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32409",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.183",
"lastModified": "2023-07-27T04:15:33.340",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:21:56.703",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-05-22",
"cisaActionDue": "2023-06-12",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -63,6 +63,13 @@
"versionEndExcluding": "16.5",
"matchCriteriaId": "21B2F081-D602-4C84-8343-6327B23176D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.7.8",
"matchCriteriaId": "8D5C62E2-A2A6-49F4-80BD-A46EF28AD14E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
@ -70,6 +77,13 @@
"versionEndExcluding": "16.5",
"matchCriteriaId": "830FA87A-4E89-4E04-A8AF-A1FF08D77B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.7.8",
"matchCriteriaId": "3115F12B-F244-4AAD-8631-F2CD362FFE5F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
@ -144,7 +158,11 @@
},
{
"url": "https://support.apple.com/en-us/HT213842",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

15
CVE-2023/CVE-2023-324xx/CVE-2023-32434.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32434",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.720",
"lastModified": "2023-10-25T23:15:16.097",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:04:56.297",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-06-23",
"cisaActionDue": "2023-07-14",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -125,7 +125,11 @@
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/20",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213808",
@ -185,7 +189,10 @@
},
{
"url": "https://support.apple.com/kb/HT213990",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-324xx/CVE-2023-32435.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32435",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.767",
"lastModified": "2023-07-27T04:15:39.117",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:03:45.027",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-06-23",
"cisaActionDue": "2023-07-14",
"cisaRequiredAction": "Apply updates per vendor instructions.",

28
CVE-2023/CVE-2023-332xx/CVE-2023-33246.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33246",
"sourceIdentifier": "security@apache.org",
"published": "2023-05-24T15:15:09.553",
"lastModified": "2023-07-12T12:15:09.763",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T18:38:20.037",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-09-06",
"cisaActionDue": "2023-09-27",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -60,8 +60,15 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:rocketmq:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.1.1",
"matchCriteriaId": "E8E1210F-3F8C-4365-BEAA-55EDF7FB623C"
"versionEndExcluding": "4.9.7",
"matchCriteriaId": "4DBCE249-91D7-442A-BD1B-4C20F848EB35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:rocketmq:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndExcluding": "5.1.2",
"matchCriteriaId": "68AFCD16-B82F-411E-B3E6-236CA76A1FEE"
}
]
}
@ -71,11 +78,20 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/173339/Apache-RocketMQ-5.1.0-Arbitrary-Code-Injection.html",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/12/1",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread/1s8j2c8kogthtpv3060yddk03zq0pxyp",

20
CVE-2023/CVE-2023-343xx/CVE-2023-34362.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34362",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-02T14:15:09.487",
"lastModified": "2023-06-23T17:15:09.243",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:15:29.160",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-06-02",
"cisaActionDue": "2023-06-23",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -80,15 +80,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2020.1.6",
"matchCriteriaId": "CA53D3A1-CB55-46F2-8A5D-932911266C07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021.0",
"versionEndExcluding": "2021.0.7",
"matchCriteriaId": "FA9FA318-3A93-478D-B0F3-B3469E6EED7D"
"matchCriteriaId": "B1B9DBBF-87E1-4FAF-93C7-6F5D779850C3"
},
{
"vulnerable": true,
@ -134,7 +127,12 @@
},
{
"url": "http://packetstormsecurity.com/files/173110/MOVEit-SQL-Injection.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-31May2023",

4
CVE-2023/CVE-2023-350xx/CVE-2023-35078.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35078",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-07-25T07:15:10.897",
"lastModified": "2023-11-28T20:15:07.530",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T18:52:14.877",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-07-25",
"cisaActionDue": "2023-08-15",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",

11
CVE-2023/CVE-2023-35xx/CVE-2023-3519.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3519",
"sourceIdentifier": "secure@citrix.com",
"published": "2023-07-19T18:15:11.513",
"lastModified": "2023-08-04T18:15:17.077",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T18:53:09.067",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-07-19",
"cisaActionDue": "2023-08-09",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -149,7 +149,12 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/173997/Citrix-ADC-NetScaler-Remote-Code-Execution.html",
"source": "secure@citrix.com"
"source": "secure@citrix.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467",

8
CVE-2023/CVE-2023-363xx/CVE-2023-36321.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36321",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-17T23:15:11.513",
"lastModified": "2023-10-24T23:40:13.823",
"vulnStatus": "Analyzed",
"lastModified": "2024-06-27T18:15:12.750",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -83,6 +83,10 @@
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00021.html",
"source": "cve@mitre.org"
}
]
}

656
CVE-2023/CVE-2023-368xx/CVE-2023-36844.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36844",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-08-17T20:15:10.267",
"lastModified": "2023-10-02T19:15:09.863",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T18:20:24.230",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-11-13",
"cisaActionDue": "2023-11-17",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -64,8 +64,18 @@
},
"weaknesses": [
{
"source": "sirt@juniper.net",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -75,609 +85,6 @@
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E020556B-693F-4963-BA43-3164AB50FA49"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0D31FF-0812-42B8-B25E-03C35EC1B021"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A03463-6B1D-4DBA-9E89-CAD5E899B98B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52F0B735-8C49-4B08-950A-296C9CDE43CA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.4",
"matchCriteriaId": "E3A96966-5060-4139-A124-D4E2C879FD6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*",
"matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "65948ABC-22BB-46D5-8545-0806EDB4B86E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "283E41CB-9A90-4521-96DC-F31AA592CFD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "14EEA504-CBC5-4F6F-889A-D505EC4BB5B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "977DEF80-0DB5-4828-97AC-09BB3111D585"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "A0040FE2-7ECD-4755-96CE-E899BA298E0C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "076AB086-BB79-4583-AAF7-A5233DFB2F95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "72E2DDF6-01DF-4880-AB60-B3DA3281E88D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "54010163-0810-4CF5-95FE-7E62BC6CA4F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "5C1C3B09-3800-493E-A319-57648305FE6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "4BFDCC2B-FAB5-4164-8D70-28E4DFF052AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
"matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "93F324AE-65D3-4CFC-AEAB-898CE1BD05CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "3CCBB2F4-F05B-4CC5-9B1B-ECCB798D0483"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "D49FFB60-BA71-4902-9404-E67162919ADC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "574730B0-56C8-4A03-867B-1737148ED9B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
@ -1082,6 +489,11 @@
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "977DEF80-0DB5-4828-97AC-09BB3111D585"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s8:*:*:*:*:*:*",
"matchCriteriaId": "C445622E-8E57-4990-A71A-E1993BFCB91A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*",
@ -1202,6 +614,11 @@
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "737DDF96-7B1D-44E2-AD0F-E2F50858B2A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
@ -1367,6 +784,11 @@
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "D49FFB60-BA71-4902-9404-E67162919ADC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "EFF72FCA-C440-4D43-9BDB-F712DB413717"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
@ -1432,6 +854,11 @@
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "574730B0-56C8-4A03-867B-1737148ED9B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "FB4C0FBF-8813-44E5-B71A-22CBAA603E2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
@ -1451,6 +878,16 @@
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "4B3B2FE1-C228-46BE-AC76-70C2687050AE"
}
]
}
@ -1460,7 +897,12 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/174865/Juniper-SRX-Firewall-EX-Switch-Remote-Code-Execution.html",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://supportportal.juniper.net/JSA72300",

782
CVE-2023/CVE-2023-368xx/CVE-2023-36846.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36846",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-08-17T20:15:10.457",
"lastModified": "2023-09-27T15:18:54.110",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T18:29:30.343",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-11-13",
"cisaActionDue": "2023-11-17",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -667,784 +667,6 @@
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE3D4F71-8476-4F0D-A976-A308D6483D6D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex2200-c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7BD5636-93D5-4C06-964F-00055DF6B2B8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex2200-vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D066A90D-F7F2-4EA5-8F0C-D0E189DDB05D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B3302CB-457F-4BD2-B80B-F70FB4C4542E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex2300-24mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3A0D9C0-34D3-430F-ABFA-B68010A8825D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex2300-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E04B126-F290-4242-BB80-5F573D623E6E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex2300-24t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "671D9977-7657-48C7-A07C-4AED54380A86"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex2300-48mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E100C3C-070D-4132-927F-756538B91491"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex2300-48p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2032E7DD-96FD-48B7-922C-5FE04675796C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex2300-48t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D907D6A-B7C4-4A10-AA58-0F908575A435"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "979C3597-C53B-4F4B-9EA7-126DA036C86D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex2300m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62A536DA-5A57-4255-AB22-F99F8B7FF62A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7A20FC-A19F-4881-A0E8-C440E9FE60D0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex3300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC326549-217D-4194-8310-AB398D6FF3F0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex3300-vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D32B9B26-8BF0-4C56-A9BF-D9BBAEA50506"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47DAF5E7-E610-4D74-8573-41C16D642837"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53269C69-3D1E-4F05-8EF6-81743D7A699E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4200-vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F54ADF-7C13-4AA6-B61E-627D4DBB1CF3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E594D6DC-87F6-40D2-8268-ED6021462168"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BEA4BC3-093F-4DE6-BED1-2C7D2FC2C8A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-24p-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "592377CC-4044-4FDD-A3DF-CBF25754EE4D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-24t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D12E8275-EF6B-44F9-A7D8-A769CDB5EED5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-24t-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E63215-246E-49F3-A537-8A90D512DAB0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-32f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD1A5E69-928A-41A0-8B9B-91F307D99854"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-32f-dc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B71953D-016D-4E72-B598-55667A507681"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-32f-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CABBC37B-EB93-424D-A1E7-4686039C0955"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-48mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24526B69-E3E3-4249-80A4-A886BED5C07E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-48mp-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2209605-65B6-44B3-9700-9EC543BF2408"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-48p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C348CF-65C1-4A53-8F4F-99B5A4113679"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-48p-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60CB5F91-DC40-4D09-BB93-4539B8581877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-48t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE8EB69-95DD-44E9-80A6-F2B5E34BBD5B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-48t-afi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEEDB14F-E74A-4C48-A969-1D22D7F7C7C8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-48t-dc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE3866E-109E-479F-9FFE-3F6E81C0DE7C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-48t-dc-afi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A17D793-5F01-4818-956D-D6BC5A6C4CEE"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-48t-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF4C3E8E-C8B4-42A5-8DB6-7E8114FCC030"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-48tafi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77AF34EC-A154-4042-BE0B-B2BA9EEDEE93"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-48tdc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9FD3D9F-B49C-48EC-8AE1-FE3B399809DE"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-48tdc-afi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10DC1840-7409-4BD0-9522-B55B1166CF9C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9EECCB3-37B3-4146-8F8C-4BBFF84499E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300-vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303ADB06-5CB5-44DA-8387-39FACC539EF0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4300m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F07B0E0B-D2F2-4CF1-A8EA-A1E8DE83BBB4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B43F6CB-0595-4957-8B3B-ADD4EA84D8C2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDEE8AE4-B393-442C-AD68-4AC43E76A8F3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4500-vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D842407-7A13-47C7-BBC9-FB0E978221CB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7E98077-92AF-4E3E-96F0-2E6F9D6343D9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4550-vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B84C72A-C314-46FB-8DD8-1DF29C6C4B0D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4550\\/vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3612D798-7A5F-4068-A5A2-92173893450E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4600-vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3ECB975-D1A0-4318-9C5E-752A3C98F76F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B425BB1-3C78-42B1-A6C1-216E514191F0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6CC1C89-B37F-4C5F-9F79-12997C79711D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex6210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71FF88C7-89CB-4E04-BADA-AD64F8060C6C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex8200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE829C-325D-4E66-A6A2-A81BE8BCAB72"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex8200-vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B74B12A6-1CE2-4293-ABA5-E3F23E15485C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex8208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72E67A5A-0DFF-42D9-81A7-570E9BCA463D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex8216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B51C5371-51E9-40AE-8619-BC1267DD1D08"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D08A8D94-134A-41E7-8396-70D8B0735E9C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex9204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86E82CE3-F43D-4B29-A64D-B14ADB6CC357"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex9208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13C0199E-B9F0-41D3-B625-083990517CDF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex9214:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8790B456-DFC7-4E82-9A0C-C89787139B79"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CCB1E61-07A1-40B0-B616-F1A6E06D11C4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex9251:-:*:*:*:*:*:*:*",
"matchCriteriaId": "079290E9-DCC5-43F7-9480-64874DBF2696"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:ex9253:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA71434-CCBF-4A55-8B30-D213A43E8641"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.4",
"matchCriteriaId": "E3A96966-5060-4139-A124-D4E2C879FD6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*",
"matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "65948ABC-22BB-46D5-8545-0806EDB4B86E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "283E41CB-9A90-4521-96DC-F31AA592CFD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "14EEA504-CBC5-4F6F-889A-D505EC4BB5B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "977DEF80-0DB5-4828-97AC-09BB3111D585"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "A0040FE2-7ECD-4755-96CE-E899BA298E0C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "076AB086-BB79-4583-AAF7-A5233DFB2F95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "72E2DDF6-01DF-4880-AB60-B3DA3281E88D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "54010163-0810-4CF5-95FE-7E62BC6CA4F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "5C1C3B09-3800-493E-A319-57648305FE6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "4BFDCC2B-FAB5-4164-8D70-28E4DFF052AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
"matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "93F324AE-65D3-4CFC-AEAB-898CE1BD05CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "3CCBB2F4-F05B-4CC5-9B1B-ECCB798D0483"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "D49FFB60-BA71-4902-9404-E67162919ADC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "574730B0-56C8-4A03-867B-1737148ED9B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486"
}
]
}
]
}
],
"references": [

11
CVE-2023/CVE-2023-368xx/CVE-2023-36874.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36874",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:20.733",
"lastModified": "2024-05-29T03:16:04.123",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T19:00:13.920",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-07-11",
"cisaActionDue": "2023-08-01",
"cisaRequiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.",
@ -152,7 +152,12 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/174843/Microsoft-Error-Reporting-Local-Privilege-Elevation.html",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36874",

149
CVE-2023/CVE-2023-368xx/CVE-2023-36884.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36884",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T19:15:09.623",
"lastModified": "2024-05-29T02:16:22.350",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T18:59:51.030",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-07-17",
"cisaActionDue": "2023-08-29",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -41,19 +41,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
@ -65,7 +65,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-362"
}
]
},
@ -89,118 +89,45 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*",
"matchCriteriaId": "CF5DDD09-902E-4881-98D0-CB896333B4AA"
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20107",
"matchCriteriaId": "0B6341EE-9F08-41F4-AAC9-69FCFD57AA29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*",
"matchCriteriaId": "26A3B226-5D7C-4556-9350-5222DC8EFC2C"
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6167",
"matchCriteriaId": "27D3DBDC-310E-41F1-A2B2-F0D3B09E1C25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:x64:*",
"matchCriteriaId": "1AC0C23F-FC55-4DA1-8527-EB4432038FB0"
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4737",
"matchCriteriaId": "2CAFD7E2-955E-4169-8FE4-E4883C22F128"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:x86:*",
"matchCriteriaId": "A719B461-7869-46D0-9300-D0A348DC26A5"
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.3324",
"matchCriteriaId": "B6873B3B-E106-4E56-B8EC-5D5A6EEEA5B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*",
"matchCriteriaId": "32E1400A-836A-4E48-B2CD-2B0A9A8241BA"
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.3324",
"matchCriteriaId": "45A28C82-CFCA-461C-B2E6-D21941256F82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA042D4-B14E-4DDF-8423-DFB255679EFE"
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2295",
"matchCriteriaId": "32AAA0B2-DF17-4CFA-851E-6B31C11DD38C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "A045AC0A-471E-444C-B3B0-4CABC23E8CFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "28A7FEE9-B473-48A0-B0ED-A5CC1E44194C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "73D24713-D897-408D-893B-77A61982597D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "345FCD64-D37B-425B-B64C-8B1640B7E850"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "8FC46499-DB6E-48BF-9334-85EE27AFE7AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "83A79DD6-E74E-419F-93F1-323B68502633"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "61959ACC-B608-4556-92AF-4D94B338907A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "A9D54EE6-30AF-411C-A285-A4DCB6C6EC06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "C230D3BF-7FCE-405C-B62E-B9190C995C3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "1FD62DCB-66D1-4CEA-828E-0BD302AC63CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*",
"matchCriteriaId": "747ED159-1972-4310-AAD1-8E02AFB08826"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*",
"matchCriteriaId": "62B9100B-206D-4FD1-8D23-A355DCA37460"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "F2D718BD-C4B7-48DB-BE78-B9CA22F27DD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "0C3552E0-F793-4CDD-965D-457495475805"
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2134",
"matchCriteriaId": "478EF06F-1EF8-45B5-981F-79159BFD709F"
},
{
"vulnerable": true,
@ -224,18 +151,26 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6167",
"matchCriteriaId": "A6C6551D-670F-4EA1-84B5-70BEE90A0C46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6614:*:*:*:*:*:*:*",
"matchCriteriaId": "85D91B6C-B943-46C3-AA42-6A41A53F152C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4737",
"matchCriteriaId": "812E15CB-8BBE-47D6-9837-E3144A5F5485"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.1903",
"matchCriteriaId": "84379BFC-A147-497B-9B49-FBE0DBA67F4A"
}
]
}

25
CVE-2023/CVE-2023-374xx/CVE-2023-37450.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37450",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T00:15:15.497",
"lastModified": "2024-01-05T14:15:46.917",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T18:51:28.220",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-07-13",
"cisaActionDue": "2023-08-03",
"cisaRequiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.",
@ -97,12 +97,31 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webkitgtk:webkitgtk\\+:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.42.3",
"matchCriteriaId": "8C7F88F0-0092-4338-A52F-1A2ED27460B5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213826",

11
CVE-2023/CVE-2023-380xx/CVE-2023-38035.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38035",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-08-21T17:15:47.457",
"lastModified": "2023-09-13T18:15:08.023",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T18:48:42.510",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-08-22",
"cisaActionDue": "2023-09-12",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -75,7 +75,12 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/174643/Ivanti-Sentry-Authentication-Bypass-Remote-Code-Execution.html",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://forums.ivanti.com/s/article/CVE-2023-38035-API-Authentication-Bypass-on-Sentry-Administrator-Interface",

36
CVE-2023/CVE-2023-381xx/CVE-2023-38180.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38180",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-08-08T19:15:10.367",
"lastModified": "2023-08-20T03:15:14.037",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T18:50:19.393",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-08-09",
"cisaActionDue": "2023-08-30",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -96,16 +96,44 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CL2L4WE5QRT7WEXANYXSKSU43APC5N2V/",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWVZFKTLNMNKPZ755EMRYIA6GHFOWGKY/",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38180",

59
CVE-2023/CVE-2023-383xx/CVE-2023-38368.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-38368",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-06-27T19:15:11.460",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information to a local user to do improper permission controls. IBM X-Force ID: 261195."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/261195",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7158790",
"source": "psirt@us.ibm.com"
}
]
}

59
CVE-2023/CVE-2023-383xx/CVE-2023-38370.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-38370",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-06-27T19:15:11.720",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could allow a user on the network to install malicious packages. IBM X-Force ID: 261197."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/261197",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7158790",
"source": "psirt@us.ibm.com"
}
]
}

59
CVE-2023/CVE-2023-383xx/CVE-2023-38371.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-38371",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-06-27T18:15:12.880",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 261198."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/261198",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7158790",
"source": "psirt@us.ibm.com"
}
]
}

17
CVE-2023/CVE-2023-388xx/CVE-2023-38831.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38831",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-23T17:15:43.863",
"lastModified": "2023-10-23T01:15:07.550",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T18:47:24.473",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-08-24",
"cisaActionDue": "2023-09-14",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -71,11 +71,20 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/174573/WinRAR-Remote-Code-Execution.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://news.ycombinator.com/item?id=37236100",

59
CVE-2023/CVE-2023-420xx/CVE-2023-42011.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-42011",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-06-27T18:15:13.143",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with. IBM X-Force ID: 265508."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/265508",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7158657",
"source": "psirt@us.ibm.com"
}
]
}

59
CVE-2023/CVE-2023-420xx/CVE-2023-42014.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-42014",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-06-27T18:15:13.413",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.2.0.2 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265511."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/265511",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7158654",
"source": "psirt@us.ibm.com"
}
]
}

26
CVE-2023/CVE-2023-444xx/CVE-2023-44487.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44487",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-10T14:15:10.883",
"lastModified": "2024-06-21T19:15:28.320",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T18:34:22.110",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-10-10",
"cisaActionDue": "2023-10-31",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -1831,6 +1831,11 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:astra_control_center:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5EBD2A-32A3-46D5-B155-B44DCB7F6902"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
@ -3018,7 +3023,7 @@
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
"Third Party Advisory"
]
},
{
@ -3888,15 +3893,24 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.paloaltonetworks.com/CVE-2023-44487",

73
CVE-2023/CVE-2023-466xx/CVE-2023-46604.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46604",
"sourceIdentifier": "security@apache.org",
"published": "2023-10-27T15:15:14.017",
"lastModified": "2024-04-11T08:15:49.823",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T18:30:23.517",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-11-02",
"cisaActionDue": "2023-11-23",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -148,12 +148,56 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB695329-036B-447D-BEB0-AA4D89D1D99C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F148EC-6D6D-4C4F-B57C-CFBCD3D32B41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:santricity_storage_plugin:-:*:*:*:*:vcenter:*:*",
"matchCriteriaId": "82E94B87-065E-475F-815C-F49978CE22FC"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Apr/18",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt",
@ -164,19 +208,34 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20231110-0010/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/10/27/5",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
}
]
}

138
CVE-2023/CVE-2023-48xx/CVE-2023-4863.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4863",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-09-12T15:15:24.327",
"lastModified": "2024-01-07T11:15:13.650",
"vulnStatus": "Modified",
"lastModified": "2024-06-27T18:36:33.417",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-09-13",
"cisaActionDue": "2023-10-04",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -194,60 +194,130 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bentley:seequent_leapfrog:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023.2",
"matchCriteriaId": "E50A797C-2C6C-46A5-A9D0-8CD877EBA3CD"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/21/4",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/1",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/3",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/4",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/5",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/6",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/7",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/8",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/26/1",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/26/7",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/1",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/2",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/4",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/",
@ -258,7 +328,11 @@
},
{
"url": "https://blog.isosceles.com/the-webp-0day/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1215231",
@ -349,7 +423,11 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/",
@ -377,7 +455,11 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863",
@ -412,15 +494,24 @@
},
{
"url": "https://security.gentoo.org/glsa/202401-10",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230929-0011/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://sethmlarson.dev/security-developer-in-residence-weekly-report-16",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit"
]
},
{
"url": "https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/",
@ -432,7 +523,10 @@
},
{
"url": "https://www.bentley.com/advisories/be-2023-0001/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/",

28
CVE-2024/CVE-2024-247xx/CVE-2024-24792.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2024-24792",
"sourceIdentifier": "security@golang.org",
"published": "2024-06-27T18:15:13.740",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Parsing a corrupt or malicious image with invalid color indices can cause a panic."
}
],
"metrics": {},
"references": [
{
"url": "https://go.dev/cl/588115",
"source": "security@golang.org"
},
{
"url": "https://go.dev/issue/67624",
"source": "security@golang.org"
},
{
"url": "https://pkg.go.dev/vuln/GO-2024-2937",
"source": "security@golang.org"
}
]
}

2
CVE-2024/CVE-2024-26xx/CVE-2024-2683.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-2683",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-03-20T10:15:10.033",
"lastModified": "2024-05-17T02:38:25.200",
"lastModified": "2024-06-27T19:15:12.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{

187
CVE-2024/CVE-2024-278xx/CVE-2024-27817.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27817",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-06-10T21:15:50.547",
"lastModified": "2024-06-12T04:15:11.430",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-27T18:20:29.193",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,67 +14,218 @@
"value": "El problema se solucion\u00f3 con controles mejorados. Este problema se solucion\u00f3 en macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 y iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 y iPadOS 17.5, macOS Sonoma 14.5. Una aplicaci\u00f3n puede ejecutar c\u00f3digo arbitrario con privilegios del kernel."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.8",
"matchCriteriaId": "732206AE-D798-41FB-8D91-F796820F912D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.5",
"matchCriteriaId": "0C520138-1984-4369-8615-09FF57F0BB70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.8",
"matchCriteriaId": "0EDF6AF0-A238-47E5-9A9D-F6FDB832DD8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.5",
"matchCriteriaId": "DEC0ACF3-F486-4536-8415-A176C68CE183"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.7.5",
"matchCriteriaId": "3121F2A4-6F9C-4E03-837E-2A4C2B65CB09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6.7",
"matchCriteriaId": "2D797210-B0F0-44AE-9028-47C18C22AFA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.5",
"matchCriteriaId": "6AB18623-7D06-4946-99FC-808A4A913ED9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "003383BF-F06C-4300-908D-D1C8498C6BCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2",
"matchCriteriaId": "20FA533E-AA15-4561-AAF1-F8C3F5283C88"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jun/5",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214100",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214101",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214102",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214105",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214106",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214107",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214108",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214100",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214101",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214102",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214105",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214106",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214107",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214108",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

75
CVE-2024/CVE-2024-278xx/CVE-2024-27819.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27819",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-06-10T21:15:50.623",
"lastModified": "2024-06-11T13:54:12.057",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-27T18:20:15.513",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,80 @@
"value": "El problema se solucion\u00f3 restringiendo las opciones ofrecidas en un dispositivo bloqueado. Este problema se solucion\u00f3 en iOS 17.5 y iPadOS 17.5. Un atacante con acceso f\u00edsico puede acceder a los contactos desde la pantalla de bloqueo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "E7F2E11C-4A7D-4E71-BFAA-396B0549F649"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "E9C4B45E-AF58-4D7C-B73A-618B06AED56E"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT214101",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214101",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

151
CVE-2024/CVE-2024-278xx/CVE-2024-27820.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27820",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-06-10T21:15:50.693",
"lastModified": "2024-06-12T04:15:11.543",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-27T18:19:33.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,39 +14,168 @@
"value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en tvOS 17.5, iOS 16.7.8 y iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 y iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. El procesamiento de contenido web puede dar lugar a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "D80D1AA1-D37A-4ABD-87A0-2C3B12EDA955"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.8",
"matchCriteriaId": "732206AE-D798-41FB-8D91-F796820F912D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.5",
"matchCriteriaId": "0C520138-1984-4369-8615-09FF57F0BB70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.8",
"matchCriteriaId": "0EDF6AF0-A238-47E5-9A9D-F6FDB832DD8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.5",
"matchCriteriaId": "DEC0ACF3-F486-4536-8415-A176C68CE183"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.5",
"matchCriteriaId": "6AB18623-7D06-4946-99FC-808A4A913ED9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "003383BF-F06C-4300-908D-D1C8498C6BCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2",
"matchCriteriaId": "20FA533E-AA15-4561-AAF1-F8C3F5283C88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.5",
"matchCriteriaId": "CC4B1E01-BE73-48F8-9BD5-32F7C57EB45A"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jun/5",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214100",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214101",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214102",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214103",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214104",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214106",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214108",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

129
CVE-2024/CVE-2024-278xx/CVE-2024-27828.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27828",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-06-10T21:15:50.773",
"lastModified": "2024-06-12T04:15:11.670",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-27T18:09:56.683",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,43 +14,148 @@
"value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en visionOS 1.2, watchOS 10.5, tvOS 17.5, iOS 17.5 y iPadOS 17.5. Una aplicaci\u00f3n puede ejecutar c\u00f3digo arbitrario con privilegios del kernel."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "E7F2E11C-4A7D-4E71-BFAA-396B0549F649"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "E9C4B45E-AF58-4D7C-B73A-618B06AED56E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "003383BF-F06C-4300-908D-D1C8498C6BCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2",
"matchCriteriaId": "20FA533E-AA15-4561-AAF1-F8C3F5283C88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "0732CA4D-4384-4E48-8E6C-147C65E6ED0B"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jun/5",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214101",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214102",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214104",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214108",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214101",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214102",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214104",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214108",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

132
CVE-2024/CVE-2024-278xx/CVE-2024-27830.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27830",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-06-10T21:15:50.843",
"lastModified": "2024-06-12T04:15:11.747",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-27T18:10:32.247",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,35 +14,147 @@
"value": "Esta cuesti\u00f3n se abord\u00f3 mediante una mejora de gesti\u00f3n de estado. Este problema se solucion\u00f3 en tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 y iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Una p\u00e1gina web creada con fines malintencionados puede tomar huellas digitales del usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "D80D1AA1-D37A-4ABD-87A0-2C3B12EDA955"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "E7F2E11C-4A7D-4E71-BFAA-396B0549F649"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "E9C4B45E-AF58-4D7C-B73A-618B06AED56E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.5",
"matchCriteriaId": "6AB18623-7D06-4946-99FC-808A4A913ED9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "003383BF-F06C-4300-908D-D1C8498C6BCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2",
"matchCriteriaId": "20FA533E-AA15-4561-AAF1-F8C3F5283C88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.5",
"matchCriteriaId": "CC4B1E01-BE73-48F8-9BD5-32F7C57EB45A"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jun/5",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214101",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214102",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214103",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214104",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214106",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214108",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

146
CVE-2024/CVE-2024-278xx/CVE-2024-27832.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27832",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-06-10T21:15:51.007",
"lastModified": "2024-06-12T04:15:11.957",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-27T18:10:53.993",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,51 +14,169 @@
"value": "El problema se solucion\u00f3 con controles mejorados. Este problema se solucion\u00f3 en tvOS 17.5, visionOS 1.2, iOS 17.5 y iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Es posible que una aplicaci\u00f3n pueda elevar los privilegios."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "E7F2E11C-4A7D-4E71-BFAA-396B0549F649"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "E9C4B45E-AF58-4D7C-B73A-618B06AED56E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.5",
"matchCriteriaId": "6AB18623-7D06-4946-99FC-808A4A913ED9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.5",
"matchCriteriaId": "003383BF-F06C-4300-908D-D1C8498C6BCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2",
"matchCriteriaId": "20FA533E-AA15-4561-AAF1-F8C3F5283C88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.5",
"matchCriteriaId": "CC4B1E01-BE73-48F8-9BD5-32F7C57EB45A"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jun/5",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214101",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214102",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214104",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214106",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214108",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214101",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214102",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214104",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214106",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214108",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

2
CVE-2024/CVE-2024-27xx/CVE-2024-2712.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-2712",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-03-21T02:52:43.500",
"lastModified": "2024-05-17T02:38:26.670",
"lastModified": "2024-06-27T19:15:13.167",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{

32
CVE-2024/CVE-2024-28xx/CVE-2024-2882.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2024-2882",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-06-27T19:15:13.667",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "SDG Technologies PnPSCADA allows a remote attacker to attach various entities without requiring system authentication. This breach could potentially lead to unauthorized control, data manipulation, and access to sensitive information within the SCADA system."
}
],
"metrics": {},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-02",
"source": "ics-cert@hq.dhs.gov"
}
]
}

59
CVE-2024/CVE-2024-30xx/CVE-2024-3017.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-3017",
"sourceIdentifier": "product-security@silabs.com",
"published": "2024-06-27T19:15:14.483",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In a \n\nSilicon Labs\u00a0\u00a0multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor (RCP) causes the OpenThread Border Router(OTBR) application task running on the host platform to crash, allowing an attacker to cause a temporary denial-of-service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://community.silabs.com/069Vm000007UEhZIAW",
"source": "product-security@silabs.com"
},
{
"url": "https://github.com/SiliconLabs/simplicity_sdk",
"source": "product-security@silabs.com"
}
]
}

59
CVE-2024/CVE-2024-30xx/CVE-2024-3043.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-3043",
"sourceIdentifier": "product-security@silabs.com",
"published": "2024-06-27T19:15:14.697",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated IEEE 802.15.4 'co-ordinator realignment' packet can be used to force Zigbee nodes to change their network identifier (pan ID), leading to a denial of service. This packet type is not useful in production and should be used only for PHY qualification."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-829"
}
]
}
],
"references": [
{
"url": "https://community.silabs.com/069Vm000005UCH0IAO",
"source": "product-security@silabs.com"
},
{
"url": "https://github.com/SiliconLabs/gecko_sdk",
"source": "product-security@silabs.com"
}
]
}

59
CVE-2024/CVE-2024-319xx/CVE-2024-31916.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-31916",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-06-27T18:15:17.857",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. IBM X-ForceID: 290026."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-288"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/290026",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7158679",
"source": "psirt@us.ibm.com"
}
]
}

43
CVE-2024/CVE-2024-33xx/CVE-2024-3330.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-3330",
"sourceIdentifier": "security@tibco.com",
"published": "2024-06-27T19:15:14.937",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS Marketplace allows In the case of the installed Windows client: Successful execution of this vulnerability will result in an attacker being able to run arbitrary code.This requires human interaction from a person other than the attacker., In the case of the Web player (Business Author): Successful execution of this vulnerability via the Web Player, will result in the attacker being able to run arbitrary code as the account running the Web player process, In the case of Automation Services: Successful execution of this vulnerability will result in an attacker being able to run arbitrary code via Automation Services..This issue affects Spotfire Analyst: from 12.0.9 through 12.5.0, from 14.0 through 14.0.2; Spotfire Server: from 12.0.10 through 12.5.0, from 14.0 through 14.0.3, from 14.2.0 through 14.3.0; Spotfire for AWS Marketplace: from 14.0 before 14.3.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@tibco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"references": [
{
"url": "https://community.spotfire.com/articles/spotfire/spotfire-security-advisory-june-262024-spotfire-cve-2024-3330-r3435/",
"source": "security@tibco.com"
}
]
}

43
CVE-2024/CVE-2024-33xx/CVE-2024-3331.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-3331",
"sourceIdentifier": "security@tibco.com",
"published": "2024-06-27T19:15:15.153",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in Spotfire Spotfire Enterprise Runtime for R - Server Edition, Spotfire Spotfire Statistics Services, Spotfire Spotfire Analyst, Spotfire Spotfire Desktop, Spotfire Spotfire Server allows The impact of this vulnerability depends on the privileges of the user running the affected software..This issue affects Spotfire Enterprise Runtime for R - Server Edition: from 1.12.7 through 1.20.0; Spotfire Statistics Services: from 12.0.7 through 12.3.1, from 14.0.0 through 14.3.0; Spotfire Analyst: from 12.0.9 through 12.5.0, from 14.0.0 through 14.3.0; Spotfire Desktop: from 14.0 through 14.3.0; Spotfire Server: from 12.0.10 through 12.5.0, from 14.0.0 through 14.3.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@tibco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0
}
]
},
"references": [
{
"url": "https://community.spotfire.com/articles/spotfire/spotfire-security-advisory-june-262024-spotfire-cve-2024-3331-r3436/",
"source": "security@tibco.com"
}
]
}

59
CVE-2024/CVE-2024-351xx/CVE-2024-35153.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-35153",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-06-27T18:15:18.137",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 292640."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/292640",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7158662",
"source": "psirt@us.ibm.com"
}
]
}

55
CVE-2024/CVE-2024-352xx/CVE-2024-35260.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-35260",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-27T18:15:18.973",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Dataverse Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-426"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35260",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-45xx/CVE-2024-4578.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-4578",
"sourceIdentifier": "psirt@arista.com",
"published": "2024-06-27T19:15:15.347",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "This Advisory describes an issue that impacts Arista Wireless Access Points. Any entity with the ability to authenticate via SSH to an affected AP as the \u201cconfig\u201d user is able to cause a privilege escalation via spawning a bash shell. The SSH CLI session does not require high permissions to exploit this vulnerability, but the config password is required to establish the session. The spawned shell is able to obtain root privileges."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@arista.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.7,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@arista.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19844-security-advisory-0098",
"source": "psirt@arista.com"
}
]
}

59
CVE-2024/CVE-2024-53xx/CVE-2024-5334.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-5334",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T18:15:20.223",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "External Control of File Name or Path in GitHub repository stitionai/devika prior to -."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-73"
}
]
}
],
"references": [
{
"url": "https://github.com/stitionai/devika/commit/6acce21fb08c3d1123ef05df6a33912bf0ee77c2",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/7eec128b-1bf5-4922-a95c-551ad3695cf6",
"source": "security@huntr.dev"
}
]
}

59
CVE-2024/CVE-2024-55xx/CVE-2024-5547.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-5547",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T18:15:20.493",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Relative Path Traversal in GitHub repository stitionai/devika prior to -."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-23"
}
]
}
],
"references": [
{
"url": "https://github.com/stitionai/devika/commit/6acce21fb08c3d1123ef05df6a33912bf0ee77c2",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/7ea0eb5f-7643-4452-bc93-a225e2090283",
"source": "security@huntr.dev"
}
]
}

59
CVE-2024/CVE-2024-55xx/CVE-2024-5548.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-5548",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T18:15:20.733",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Path Traversal in GitHub repository stitionai/devika prior to -."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/stitionai/devika/commit/6acce21fb08c3d1123ef05df6a33912bf0ee77c2",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/ad7dd135-8839-4042-87c0-105af61d262c",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-57xx/CVE-2024-5710.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-5710",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:15.667",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "berriai/litellm version 1.34.34 is vulnerable to improper access control in its team management functionality. This vulnerability allows attackers to perform unauthorized actions such as creating, updating, viewing, deleting, blocking, and unblocking any teams, as well as adding or deleting any member to or from any teams. The vulnerability stems from insufficient access control checks in various team management endpoints, enabling attackers to exploit these functionalities without proper authorization."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/70897f59-a966-4d93-b71e-745e3da91970",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-57xx/CVE-2024-5714.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-5714",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:15.930",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In lunary-ai/lunary version 1.2.4, an improper access control vulnerability allows members with team management permissions to manipulate project identifiers in requests, enabling them to invite users to projects in other organizations, change members to projects in other organizations with escalated privileges, and change members from other organizations to their own or other projects, also with escalated privileges. This vulnerability is due to the backend's failure to validate project identifiers against the current user's organization ID and projects belonging to it, as well as a misconfiguration in attribute naming (`org_id` should be `orgId`) that prevents proper user organization validation. As a result, attackers can cause inconsistencies on the platform for affected users and organizations, including unauthorized privilege escalation. The issue is present in the backend API endpoints for user invitation and modification, specifically in the handling of project IDs in requests."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/8cff4afa-131b-4a7e-9f0d-8a3c69f3d024",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-57xx/CVE-2024-5751.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-5751",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:16.160",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "BerriAI/litellm version v1.35.8 contains a vulnerability where an attacker can achieve remote code execution. The vulnerability exists in the `add_deployment` function, which decodes and decrypts environment variables from base64 and assigns them to `os.environ`. An attacker can exploit this by sending a malicious payload to the `/config/update` endpoint, which is then processed and executed by the server when the `get_secret` function is triggered. This requires the server to use Google KMS and a database to store a model."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/ae623c2f-b64b-4245-9ed4-f13a0a5824ce",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-57xx/CVE-2024-5755.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-5755",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:16.400",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In lunary-ai/lunary versions <=v1.2.11, an attacker can bypass email validation by using a dot character ('.') in the email address. This allows the creation of multiple accounts with essentially the same email address (e.g., 'attacker123@gmail.com' and 'attacker.123@gmail.com'), leading to incorrect synchronization and potential security issues."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-821"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/cf337d37-e602-482b-aa7a-9e34e7f13e1f",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-58xx/CVE-2024-5820.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-5820",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:16.640",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization in stitionai/devika"
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/2ba757bf-8ede-445b-b143-2de7769758a6",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-58xx/CVE-2024-5822.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-5822",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:16.880",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of gaizhenbiao/ChuanhuChatGPT versions <= ChuanhuChatGPT-20240410-git.zip. This vulnerability allows attackers to send crafted requests from the vulnerable server to internal or external resources, potentially bypassing security controls and accessing sensitive data."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/b24f1b5f-a529-435b-ac4d-5ca71d5d1fb5",
"source": "security@huntr.dev"
}
]
}

59
CVE-2024/CVE-2024-58xx/CVE-2024-5824.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-5824",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:17.117",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability in the `/set_personality_config` endpoint of parisneo/lollms version 9.4.0 allows an attacker to overwrite the `configs/config.yaml` file. This can lead to remote code execution by changing server configuration properties such as `force_accept_remote_access` and `turn_on_code_validation`."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.4,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/parisneo/lollms/commit/eda3af5f5c4ea9b2f3569f72f8d05989e29367fc",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/9ceb7cf9-a7cd-4699-b3f8-d0999d2b49fd",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-58xx/CVE-2024-5826.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-5826",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:17.350",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the latest version of vanna-ai/vanna, the `vanna.ask` function is vulnerable to remote code execution due to prompt injection. The root cause is the lack of a sandbox when executing LLM-generated code, allowing an attacker to manipulate the code executed by the `exec` function in `src/vanna/base/base.py`. This vulnerability can be exploited by an attacker to achieve remote code execution on the app backend server, potentially gaining full control of the server."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/90620087-44ac-4e43-b659-3c5d30889369",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-58xx/CVE-2024-5885.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-5885",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:17.590",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "stangirard/quivr version 0.0.236 contains a Server-Side Request Forgery (SSRF) vulnerability. The application does not provide sufficient controls when crawling a website, allowing an attacker to access applications on the local network. This vulnerability could allow a malicious user to gain access to internal servers, the AWS metadata endpoint, and capture Supabase data."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/c178bf48-1d4a-4743-87ca-4cc8e475d274",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-59xx/CVE-2024-5933.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-5933",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:17.840",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A Cross-site Scripting (XSS) vulnerability exists in the chat functionality of parisneo/lollms-webui in the latest version. This vulnerability allows an attacker to inject malicious scripts via chat messages, which are then executed in the context of the user's browser."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/51a2e370-3b64-45cd-9afc-0e4856ab5517",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-59xx/CVE-2024-5935.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-5935",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:18.073",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Request Forgery (CSRF) vulnerability in version 0.5.0 of imartinez/privategpt allows an attacker to delete all uploaded files on the server. This can lead to data loss and service disruption for the application's users."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/b374f1c9-fa25-4b52-a34d-5153afd5a295",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-59xx/CVE-2024-5936.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-5936",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:18.317",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An open redirect vulnerability exists in imartinez/privategpt version 0.5.0 due to improper handling of the 'file' parameter. This vulnerability allows attackers to redirect users to a URL specified by user-controlled input without proper validation or sanitization. The impact of this vulnerability includes potential phishing attacks, malware distribution, and credential theft."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/43f05c1e-d7b8-45e2-b1fe-48faf1e3a48d",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-59xx/CVE-2024-5979.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-5979",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:18.560",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In h2oai/h2o-3 version 3.46.0, the `run_tool` command in the `rapids` component allows the `main` function of any class under the `water.tools` namespace to be called. One such class, `MojoConvertTool`, crashes the server when invoked with an invalid argument, causing a denial of service."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/d80a2139-fc03-44b7-b739-de41e323b458",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-59xx/CVE-2024-5980.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-5980",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:18.803",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the /v1/runs API endpoint of lightning-ai/pytorch-lightning v2.2.4 allows attackers to exploit path traversal when extracting tar.gz files. When the LightningApp is running with the plugin_server, attackers can deploy malicious tar.gz plugins that embed arbitrary files with path traversal vulnerabilities. This can result in arbitrary files being written to any directory in the victim's local file system, potentially leading to remote code execution."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/55a6ac6f-89c7-42ea-86f3-c6e93a2679f3",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-60xx/CVE-2024-6038.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-6038",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:19.040",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A Regular Expression Denial of Service (ReDoS) vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability is located in the filter_history function within the utils.py module. This function takes a user-provided keyword and attempts to match it against chat history filenames using a regular expression search. Due to the lack of sanitization or validation of the keyword parameter, an attacker can inject a specially crafted regular expression, leading to a denial of service condition. This can cause severe degradation of service performance and potential system unavailability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-625"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/d41cca0a-82bc-4cbf-a52a-928d304fb42d",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-60xx/CVE-2024-6085.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-6085",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:19.287",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in the XTTS server included in the lollms package, version v9.6. This vulnerability arises from the ability to perform an unauthenticated root folder settings change. Although the read file endpoint is protected against path traversals, this protection can be bypassed by changing the root folder to '/'. This allows attackers to read arbitrary files on the system. Additionally, the output folders can be changed to write arbitrary audio files to any location on the system."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/d2fb73d7-4b4f-451a-8763-484c189a27fe",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-60xx/CVE-2024-6086.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-6086",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:19.533",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In version 1.2.7 of lunary-ai/lunary, any authenticated user, regardless of their role, can change the name of an organization due to improper access control. The function checkAccess() is not implemented, allowing users with the lowest privileges, such as the 'Prompt Editor' role, to modify organization attributes without proper authorization."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/9e83f63f-c5c1-422f-8010-95c353f0c643",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-60xx/CVE-2024-6090.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-6090",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:19.777",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410, allowing any user to delete other users' chat histories. This vulnerability can also be exploited to delete any files ending in `.json` on the target system, leading to a denial of service as users are unable to authenticate."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/bd0f8f89-5c8a-4662-89aa-a6861d84cf4c",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-61xx/CVE-2024-6139.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-6139",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:20.023",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in the XTTS server of the parisneo/lollms package version v9.6. This vulnerability allows an attacker to write audio files to arbitrary locations on the system and enumerate file paths. The issue arises from improper validation of user-provided file paths in the `tts_to_file` endpoint."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-29"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/fd00f112-efd0-40a1-8227-d6733716e4c0",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-62xx/CVE-2024-6250.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-6250",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-27T19:15:20.280",
"lastModified": "2024-06-27T19:25:12.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An absolute path traversal vulnerability exists in parisneo/lollms-webui v9.6, specifically in the `open_file` endpoint of `lollms_advanced.py`. The `sanitize_path` function with `allow_absolute_path=True` allows an attacker to access arbitrary files and directories on a Windows system. This vulnerability can be exploited to read any file and list arbitrary directories on the affected system."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-36"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/11a8bf9d-16f3-49b3-b5fc-ad36d8993c73",
"source": "security@huntr.dev"
}
]
}

2
CVE-2024/CVE-2024-63xx/CVE-2024-6368.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6368",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-06-27T12:15:30.240",
"lastModified": "2024-06-27T12:47:19.847",
"lastModified": "2024-06-27T18:15:21.083",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{

2
CVE-2024/CVE-2024-63xx/CVE-2024-6371.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6371",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-06-27T13:16:01.923",
"lastModified": "2024-06-27T17:11:52.390",
"lastModified": "2024-06-27T18:15:21.690",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{

Some files were not shown because too many files have changed in this diff Show More