From eeaffae632d74ae4d441a6f78eb5f7bcc557f029 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 20 Jun 2024 10:03:46 +0000 Subject: [PATCH] Auto-Update: 2024-06-20T10:00:55.194049+00:00 --- CVE-2021/CVE-2021-475xx/CVE-2021-47573.json | 41 ++------------- CVE-2021/CVE-2021-475xx/CVE-2021-47574.json | 41 ++------------- CVE-2021/CVE-2021-475xx/CVE-2021-47575.json | 41 ++------------- CVE-2021/CVE-2021-475xx/CVE-2021-47581.json | 41 ++------------- CVE-2024/CVE-2024-266xx/CVE-2024-26639.json | 29 ++--------- CVE-2024/CVE-2024-290xx/CVE-2024-29012.json | 32 ++++++++++++ CVE-2024/CVE-2024-290xx/CVE-2024-29013.json | 32 ++++++++++++ CVE-2024/CVE-2024-346xx/CVE-2024-34693.json | 55 +++++++++++++++++++++ CVE-2024/CVE-2024-352xx/CVE-2024-35241.json | 6 ++- CVE-2024/CVE-2024-352xx/CVE-2024-35242.json | 6 ++- CVE-2024/CVE-2024-375xx/CVE-2024-37568.json | 6 ++- CVE-2024/CVE-2024-386xx/CVE-2024-38620.json | 32 ++++++++++++ README.md | 32 ++++++------ _state.csv | 40 ++++++++------- 14 files changed, 225 insertions(+), 209 deletions(-) create mode 100644 CVE-2024/CVE-2024-290xx/CVE-2024-29012.json create mode 100644 CVE-2024/CVE-2024-290xx/CVE-2024-29013.json create mode 100644 CVE-2024/CVE-2024-346xx/CVE-2024-34693.json create mode 100644 CVE-2024/CVE-2024-386xx/CVE-2024-38620.json diff --git a/CVE-2021/CVE-2021-475xx/CVE-2021-47573.json b/CVE-2021/CVE-2021-475xx/CVE-2021-47573.json index a647e6f1aa8..449d6821620 100644 --- a/CVE-2021/CVE-2021-475xx/CVE-2021-47573.json +++ b/CVE-2021/CVE-2021-475xx/CVE-2021-47573.json @@ -2,47 +2,14 @@ "id": "CVE-2021-47573", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-19T15:15:51.767", - "lastModified": "2024-06-19T15:15:51.767", - "vulnStatus": "Received", + "lastModified": "2024-06-20T09:15:10.660", + "vulnStatus": "Rejected", "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/blkfront: harden blkfront against event channel storms\n\nThe Xen blkfront driver is still vulnerable for an attack via excessive\nnumber of events sent by the backend. Fix that by using lateeoi event\nchannels.\n\nThis is part of XSA-391" + "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ], "metrics": {}, - "references": [ - { - "url": "https://git.kernel.org/stable/c/0fd08a34e8e3b67ec9bd8287ac0facf8374b844a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/25898389795bd85d8e1520c0c75c3ad906c17da7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/269d7124bcfad2558d2329d0fe603ca20b20d3f4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/3e04b9e6aa7d77287e70a400be83060d2b7b2cfe", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/4ed9f5c511ce95cb8db05ff82026ea901f45fd76", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/5ac3b68b79c9e964dd6f3cf80ff825518e502b79", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/8ac3b6ee7c9ff2df7c99624bb1235e2e55623825", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/caf9b51829a50590b84daea924a0fd62d32bc952", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - } - ] + "references": [] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-475xx/CVE-2021-47574.json b/CVE-2021/CVE-2021-475xx/CVE-2021-47574.json index fd918527ca5..a2dc4c1ddac 100644 --- a/CVE-2021/CVE-2021-475xx/CVE-2021-47574.json +++ b/CVE-2021/CVE-2021-475xx/CVE-2021-47574.json @@ -2,47 +2,14 @@ "id": "CVE-2021-47574", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-19T15:15:51.890", - "lastModified": "2024-06-19T15:15:51.890", - "vulnStatus": "Received", + "lastModified": "2024-06-20T09:15:10.850", + "vulnStatus": "Rejected", "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/netfront: harden netfront against event channel storms\n\nThe Xen netfront driver is still vulnerable for an attack via excessive\nnumber of events sent by the backend. Fix that by using lateeoi event\nchannels.\n\nFor being able to detect the case of no rx responses being added while\nthe carrier is down a new lock is needed in order to update and test\nrsp_cons and the number of seen unconsumed responses atomically.\n\nThis is part of XSA-391\n\n---\nV2:\n- don't eoi irq in case of interface set broken (Jan Beulich)\n- handle carrier off + no new responses added (Jan Beulich)\nV3:\n- add rx_ prefix to rsp_unconsumed (Jan Beulich)\n- correct xennet_set_rx_rsp_cons() spelling (Jan Beulich)" + "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ], "metrics": {}, - "references": [ - { - "url": "https://git.kernel.org/stable/c/3559ca594f15fcd23ed10c0056d40d71e5dab8e5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/3e68d099f09c260a7dee28b99af02fe6977a9e66", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/4bf81386e3d6e5083c93d51eff70260bcec091bb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/81900aa7d7a130dec4c55b68875e30fb8c9effec", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/99120c8230fdd5e8b72a6e4162db9e1c0a61954a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/a29c8b5226eda52e6d6ff151d9343558ea3ad451", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/b27d47950e481f292c0a5ad57357edb9d95d03ba", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/d31b3379179d64724d3bbfa87bd4ada94e3237de", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - } - ] + "references": [] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-475xx/CVE-2021-47575.json b/CVE-2021/CVE-2021-475xx/CVE-2021-47575.json index 7c4a52cb1a4..af476179bc8 100644 --- a/CVE-2021/CVE-2021-475xx/CVE-2021-47575.json +++ b/CVE-2021/CVE-2021-475xx/CVE-2021-47575.json @@ -2,47 +2,14 @@ "id": "CVE-2021-47575", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-19T15:15:52.010", - "lastModified": "2024-06-19T15:15:52.010", - "vulnStatus": "Received", + "lastModified": "2024-06-20T09:15:10.953", + "vulnStatus": "Rejected", "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/console: harden hvc_xen against event channel storms\n\nThe Xen console driver is still vulnerable for an attack via excessive\nnumber of events sent by the backend. Fix that by using a lateeoi event\nchannel.\n\nFor the normal domU initial console this requires the introduction of\nbind_evtchn_to_irq_lateeoi() as there is no xenbus device available\nat the time the event channel is bound to the irq.\n\nAs the decision whether an interrupt was spurious or not requires to\ntest for bytes having been read from the backend, move sending the\nevent into the if statement, as sending an event without having found\nany bytes to be read is making no sense at all.\n\nThis is part of XSA-391\n\n---\nV2:\n- slightly adapt spurious irq detection (Jan Beulich)\nV3:\n- fix spurious irq detection (Jan Beulich)" + "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ], "metrics": {}, - "references": [ - { - "url": "https://git.kernel.org/stable/c/153d1ea3272209fc970116f09051002d14422cde", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/560e64413b4a6d9bd6630e350d5f2e6a05f6ffe3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/57e46acb3b48ea4e8efb1e1bea2e89e0c6cc43e2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/68b78f976ca47d52c03c41eded207a312e46b934", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/728389c21176b2095fa58e858d5ef1d2f2aac429", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/8fa3a370cc2af858a9ba662ca4f2bd0917550563", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/c7eaa5082bccfc00dfdb500ac6cc86d6f24ca027", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/fe415186b43df0db1f17fa3a46275fd92107fe71", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - } - ] + "references": [] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-475xx/CVE-2021-47581.json b/CVE-2021/CVE-2021-475xx/CVE-2021-47581.json index 892ceabfb67..2434ed0d2e5 100644 --- a/CVE-2021/CVE-2021-475xx/CVE-2021-47581.json +++ b/CVE-2021/CVE-2021-475xx/CVE-2021-47581.json @@ -2,47 +2,14 @@ "id": "CVE-2021-47581", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-19T15:15:52.637", - "lastModified": "2024-06-19T15:15:52.637", - "vulnStatus": "Received", + "lastModified": "2024-06-20T09:15:11.057", + "vulnStatus": "Rejected", "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/netback: don't queue unlimited number of packages\n\nIn case a guest isn't consuming incoming network traffic as fast as it\nis coming in, xen-netback is buffering network packages in unlimited\nnumbers today. This can result in host OOM situations.\n\nCommit f48da8b14d04ca8 (\"xen-netback: fix unlimited guest Rx internal\nqueue and carrier flapping\") meant to introduce a mechanism to limit\nthe amount of buffered data by stopping the Tx queue when reaching the\ndata limit, but this doesn't work for cases like UDP.\n\nWhen hitting the limit don't queue further SKBs, but drop them instead.\nIn order to be able to tell Rx packages have been dropped increment the\nrx_dropped statistics counter in this case.\n\nIt should be noted that the old solution to continue queueing SKBs had\nthe additional problem of an overflow of the 32-bit rx_queue_len value\nwould result in intermittent Tx queue enabling.\n\nThis is part of XSA-392" + "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ], "metrics": {}, - "references": [ - { - "url": "https://git.kernel.org/stable/c/0928efb09178e01d3dc8e8849aa1c807436c3c37", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/0d99b3c6bd39a0a023e972d8f912fd47698bbbb8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/88f20cccbeec9a5e83621df5cc2453b5081454dc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/9bebb2eedf679b3be4acaa20efda97f32c999d74", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/b4226b387436315e7f57465c15335f4f4b5b075d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/bd926d189210cd1d5b4e618e45898053be6b4b3b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/be81992f9086b230623ae3ebbc85ecee4d00a3d3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/c9f17e92917fd5786be872626a3928979ecc4c39", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - } - ] + "references": [] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26639.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26639.json index dff6f0fffda..55d8214804f 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26639.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26639.json @@ -2,35 +2,14 @@ "id": "CVE-2024-26639", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-18T11:15:10.880", - "lastModified": "2024-04-04T14:15:09.457", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-20T09:15:11.183", + "vulnStatus": "Rejected", "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm, kmsan: fix infinite recursion due to RCU critical section\n\nAlexander Potapenko writes in [1]: \"For every memory access in the code\ninstrumented by KMSAN we call kmsan_get_metadata() to obtain the metadata\nfor the memory being accessed. For virtual memory the metadata pointers\nare stored in the corresponding `struct page`, therefore we need to call\nvirt_to_page() to get them.\n\nAccording to the comment in arch/x86/include/asm/page.h,\nvirt_to_page(kaddr) returns a valid pointer iff virt_addr_valid(kaddr) is\ntrue, so KMSAN needs to call virt_addr_valid() as well.\n\nTo avoid recursion, kmsan_get_metadata() must not call instrumented code,\ntherefore ./arch/x86/include/asm/kmsan.h forks parts of\narch/x86/mm/physaddr.c to check whether a virtual address is valid or not.\n\nBut the introduction of rcu_read_lock() to pfn_valid() added instrumented\nRCU API calls to virt_to_page_or_null(), which is called by\nkmsan_get_metadata(), so there is an infinite recursion now. I do not\nthink it is correct to stop that recursion by doing\nkmsan_enter_runtime()/kmsan_exit_runtime() in kmsan_get_metadata(): that\nwould prevent instrumented functions called from within the runtime from\ntracking the shadow values, which might introduce false positives.\"\n\nFix the issue by switching pfn_valid() to the _sched() variant of\nrcu_read_lock/unlock(), which does not require calling into RCU. Given\nthe critical section in pfn_valid() is very small, this is a reasonable\ntrade-off (with preemptible RCU).\n\nKMSAN further needs to be careful to suppress calls into the scheduler,\nwhich would be another source of recursion. This can be done by wrapping\nthe call to pfn_valid() into preempt_disable/enable_no_resched(). The\ndownside is that this sacrifices breaking scheduling guarantees; however,\na kernel compiled with KMSAN has already given up any performance\nguarantees due to being heavily instrumented.\n\nNote, KMSAN code already disables tracing via Makefile, and since mmzone.h\nis included, it is not necessary to use the notrace variant, which is\ngenerally preferred in all other cases." - }, - { - "lang": "es", - "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm, kmsan: corrige la recursividad infinita debido a la secci\u00f3n cr\u00edtica de RCU Alexander Potapenko escribe en [1]: \"Para cada acceso a memoria en el c\u00f3digo instrumentado por KMSAN llamamos kmsan_get_metadata() para obtener los metadatos de la memoria a la que se accede. Para la memoria virtual, los punteros de metadatos se almacenan en la `p\u00e1gina de estructura` correspondiente, por lo tanto, necesitamos llamar a virt_to_page() para obtenerlos. De acuerdo con el comentario en arch/x86/include/asm/page .h, virt_to_page(kaddr) devuelve un puntero v\u00e1lido si virt_addr_valid(kaddr) es verdadero, por lo que KMSAN tambi\u00e9n necesita llamar a virt_addr_valid(). Para evitar la recursividad, kmsan_get_metadata() no debe llamar al c\u00f3digo instrumentado, por lo tanto ./arch/x86/ include/asm/kmsan.h bifurca partes de arch/x86/mm/physaddr.c para verificar si una direcci\u00f3n virtual es v\u00e1lida o no, pero la introducci\u00f3n de rcu_read_lock() a pfn_valid() agreg\u00f3 llamadas API de RCU instrumentadas a virt_to_page_or_null() , que es llamado por kmsan_get_metadata(), por lo que ahora hay una recursividad infinita. No creo que sea correcto detener esa recursividad haciendo kmsan_enter_runtime()/kmsan_exit_runtime() en kmsan_get_metadata(): eso evitar\u00eda que las funciones instrumentadas llamadas desde el tiempo de ejecuci\u00f3n rastreen los valores ocultos, lo que podr\u00eda introducir falsos positivos. problema al cambiar pfn_valid() a la variante _sched() de rcu_read_lock/unlock(), que no requiere llamar a RCU. Dado que la secci\u00f3n cr\u00edtica en pfn_valid() es muy peque\u00f1a, esta es una compensaci\u00f3n razonable (con RCU interrumpible ). Adem\u00e1s, KMSAN debe tener cuidado de suprimir las llamadas al programador, lo que ser\u00eda otra fuente de recursividad. Esto se puede hacer envolviendo la llamada a pfn_valid() en preempt_disable/enable_no_resched(). La desventaja es que esto sacrifica la interrupci\u00f3n de la programaci\u00f3n. garant\u00edas; sin embargo, un kernel compilado con KMSAN ya ha renunciado a cualquier garant\u00eda de rendimiento debido a que est\u00e1 fuertemente instrumentado. Tenga en cuenta que el c\u00f3digo KMSAN ya deshabilita el seguimiento a trav\u00e9s de Makefile y, dado que mmzone.h est\u00e1 incluido, no es necesario usar la variante notrace, que generalmente se prefiere en todos los dem\u00e1s casos." + "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ], "metrics": {}, - "references": [ - { - "url": "https://git.kernel.org/stable/c/5a33420599fa0288792537e6872fd19cc8607ea6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/6335c0cdb2ea0ea02c999e04d34fd84f69fb27ff", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/dc904345e3771aa01d0b8358b550802fdc6fe00b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/f6564fce256a3944aa1bc76cb3c40e792d97c1eb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - } - ] + "references": [] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-290xx/CVE-2024-29012.json b/CVE-2024/CVE-2024-290xx/CVE-2024-29012.json new file mode 100644 index 00000000000..e0c0479b0a2 --- /dev/null +++ b/CVE-2024/CVE-2024-290xx/CVE-2024-29012.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-29012", + "sourceIdentifier": "PSIRT@sonicwall.com", + "published": "2024-06-20T09:15:11.347", + "lastModified": "2024-06-20T09:15:11.347", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "PSIRT@sonicwall.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-121" + } + ] + } + ], + "references": [ + { + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0008", + "source": "PSIRT@sonicwall.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-290xx/CVE-2024-29013.json b/CVE-2024/CVE-2024-290xx/CVE-2024-29013.json new file mode 100644 index 00000000000..eff485bb37a --- /dev/null +++ b/CVE-2024/CVE-2024-290xx/CVE-2024-29013.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-29013", + "sourceIdentifier": "PSIRT@sonicwall.com", + "published": "2024-06-20T09:15:11.543", + "lastModified": "2024-06-20T09:15:11.543", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "PSIRT@sonicwall.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-122" + } + ] + } + ], + "references": [ + { + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0009", + "source": "PSIRT@sonicwall.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-346xx/CVE-2024-34693.json b/CVE-2024/CVE-2024-346xx/CVE-2024-34693.json new file mode 100644 index 00000000000..f202c530a3b --- /dev/null +++ b/CVE-2024/CVE-2024-346xx/CVE-2024-34693.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-34693", + "sourceIdentifier": "security@apache.org", + "published": "2024-06-20T09:15:11.683", + "lastModified": "2024-06-20T09:15:11.683", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Input Validation vulnerability in Apache Superset, allows for an authenticated attacker to create a MariaDB connection with local_infile enabled. If both the MariaDB server (off by default) and the local mysql client on the web server are set to allow for local infile, it's possible for the attacker to execute a specific MySQL/MariaDB SQL command that is able to read files from the server and insert their content on a MariaDB database table.This issue affects Apache Superset: before 3.1.3 and version 4.0.0\n\nUsers are recommended to upgrade to version 4.0.1 or 3.1.3, which fixes the issue.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@apache.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/1803x1s34m7r71h1k0q1njol8k6fmyon", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-352xx/CVE-2024-35241.json b/CVE-2024/CVE-2024-352xx/CVE-2024-35241.json index 46048e103ee..35e12fbf004 100644 --- a/CVE-2024/CVE-2024-352xx/CVE-2024-35241.json +++ b/CVE-2024/CVE-2024-352xx/CVE-2024-35241.json @@ -2,7 +2,7 @@ "id": "CVE-2024-35241", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-10T22:15:09.677", - "lastModified": "2024-06-20T04:15:16.610", + "lastModified": "2024-06-20T09:15:11.993", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -63,6 +63,10 @@ "url": "https://github.com/composer/composer/security/advisories/GHSA-47f6-5gq3-vx9c", "source": "security-advisories@github.com" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PO4MU2BC7VR6LMHEX4X7DKGHVFXZV2MC/", + "source": "security-advisories@github.com" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLPJHM2WWSYU2F6KHW2BYFGYL4IGTKHC/", "source": "security-advisories@github.com" diff --git a/CVE-2024/CVE-2024-352xx/CVE-2024-35242.json b/CVE-2024/CVE-2024-352xx/CVE-2024-35242.json index 7251c2bf1a8..4d01d060ecb 100644 --- a/CVE-2024/CVE-2024-352xx/CVE-2024-35242.json +++ b/CVE-2024/CVE-2024-352xx/CVE-2024-35242.json @@ -2,7 +2,7 @@ "id": "CVE-2024-35242", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-10T22:15:09.893", - "lastModified": "2024-06-20T04:15:17.617", + "lastModified": "2024-06-20T09:15:12.140", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -63,6 +63,10 @@ "url": "https://github.com/composer/composer/security/advisories/GHSA-v9qv-c7wm-wgmf", "source": "security-advisories@github.com" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PO4MU2BC7VR6LMHEX4X7DKGHVFXZV2MC/", + "source": "security-advisories@github.com" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLPJHM2WWSYU2F6KHW2BYFGYL4IGTKHC/", "source": "security-advisories@github.com" diff --git a/CVE-2024/CVE-2024-375xx/CVE-2024-37568.json b/CVE-2024/CVE-2024-375xx/CVE-2024-37568.json index 6be976301cd..28143eb48c8 100644 --- a/CVE-2024/CVE-2024-375xx/CVE-2024-37568.json +++ b/CVE-2024/CVE-2024-375xx/CVE-2024-37568.json @@ -2,7 +2,7 @@ "id": "CVE-2024-37568", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-09T19:15:52.323", - "lastModified": "2024-06-18T11:15:51.270", + "lastModified": "2024-06-20T09:15:12.253", "vulnStatus": "Modified", "descriptions": [ { @@ -77,6 +77,10 @@ "Issue Tracking" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHJI32SN4FNAUVNALVGOKWHNSQ6XS3M5/", + "source": "cve@mitre.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZI7HYGN7VZAYFV6UV3SRLYF7QGERXIU/", "source": "cve@mitre.org" diff --git a/CVE-2024/CVE-2024-386xx/CVE-2024-38620.json b/CVE-2024/CVE-2024-386xx/CVE-2024-38620.json new file mode 100644 index 00000000000..046dd601702 --- /dev/null +++ b/CVE-2024/CVE-2024-386xx/CVE-2024-38620.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-38620", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-06-20T08:15:38.377", + "lastModified": "2024-06-20T08:15:38.377", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: HCI: Remove HCI_AMP support\n\nSince BT_HS has been remove HCI_AMP controllers no longer has any use so\nremove it along with the capability of creating AMP controllers.\n\nSince we no longer need to differentiate between AMP and Primary\ncontrollers, as only HCI_PRIMARY is left, this also remove\nhdev->dev_type altogether." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/5af2e235b0d5b797e9531a00c50058319130e156", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/84a4bb6548a29326564f0e659fb8064503ecc1c7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/af1d425b6dc67cd67809f835dd7afb6be4d43e03", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d3c7b012d912b31ad23b9349c0e499d6dddd48ec", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 9673597a4f1..b01bf6dac26 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-06-20T08:00:18.524719+00:00 +2024-06-20T10:00:55.194049+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-06-20T07:15:41.933000+00:00 +2024-06-20T09:15:12.253000+00:00 ``` ### Last Data Feed Release @@ -33,29 +33,31 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -254645 +254649 ``` ### CVEs added in the last Commit -Recently added CVEs: `7` +Recently added CVEs: `4` -- [CVE-2023-25646](CVE-2023/CVE-2023-256xx/CVE-2023-25646.json) (`2024-06-20T07:15:41.340`) -- [CVE-2024-38619](CVE-2024/CVE-2024-386xx/CVE-2024-38619.json) (`2024-06-20T07:15:41.830`) -- [CVE-2024-4098](CVE-2024/CVE-2024-40xx/CVE-2024-4098.json) (`2024-06-20T07:15:41.933`) -- [CVE-2024-4565](CVE-2024/CVE-2024-45xx/CVE-2024-4565.json) (`2024-06-20T06:15:09.950`) -- [CVE-2024-5475](CVE-2024/CVE-2024-54xx/CVE-2024-5475.json) (`2024-06-20T06:15:10.077`) -- [CVE-2024-5522](CVE-2024/CVE-2024-55xx/CVE-2024-5522.json) (`2024-06-20T06:15:10.197`) -- [CVE-2024-6113](CVE-2024/CVE-2024-61xx/CVE-2024-6113.json) (`2024-06-20T06:15:10.310`) +- [CVE-2024-29012](CVE-2024/CVE-2024-290xx/CVE-2024-29012.json) (`2024-06-20T09:15:11.347`) +- [CVE-2024-29013](CVE-2024/CVE-2024-290xx/CVE-2024-29013.json) (`2024-06-20T09:15:11.543`) +- [CVE-2024-34693](CVE-2024/CVE-2024-346xx/CVE-2024-34693.json) (`2024-06-20T09:15:11.683`) +- [CVE-2024-38620](CVE-2024/CVE-2024-386xx/CVE-2024-38620.json) (`2024-06-20T08:15:38.377`) ### CVEs modified in the last Commit -Recently modified CVEs: `3` +Recently modified CVEs: `8` -- [CVE-2024-1023](CVE-2024/CVE-2024-10xx/CVE-2024-1023.json) (`2024-06-20T06:15:08.910`) -- [CVE-2024-1132](CVE-2024/CVE-2024-11xx/CVE-2024-1132.json) (`2024-06-20T06:15:09.397`) -- [CVE-2024-1300](CVE-2024/CVE-2024-13xx/CVE-2024-1300.json) (`2024-06-20T06:15:09.693`) +- [CVE-2021-47573](CVE-2021/CVE-2021-475xx/CVE-2021-47573.json) (`2024-06-20T09:15:10.660`) +- [CVE-2021-47574](CVE-2021/CVE-2021-475xx/CVE-2021-47574.json) (`2024-06-20T09:15:10.850`) +- [CVE-2021-47575](CVE-2021/CVE-2021-475xx/CVE-2021-47575.json) (`2024-06-20T09:15:10.953`) +- [CVE-2021-47581](CVE-2021/CVE-2021-475xx/CVE-2021-47581.json) (`2024-06-20T09:15:11.057`) +- [CVE-2024-26639](CVE-2024/CVE-2024-266xx/CVE-2024-26639.json) (`2024-06-20T09:15:11.183`) +- [CVE-2024-35241](CVE-2024/CVE-2024-352xx/CVE-2024-35241.json) (`2024-06-20T09:15:11.993`) +- [CVE-2024-35242](CVE-2024/CVE-2024-352xx/CVE-2024-35242.json) (`2024-06-20T09:15:12.140`) +- [CVE-2024-37568](CVE-2024/CVE-2024-375xx/CVE-2024-37568.json) (`2024-06-20T09:15:12.253`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 1748ff391b5..b0be2cf8c26 100644 --- a/_state.csv +++ b/_state.csv @@ -187371,15 +187371,15 @@ CVE-2021-47569,0,0,7b4ee9969d7b2bdfa51b608129e4a28e25fef0b05a577f53d9e872f37b867 CVE-2021-47570,0,0,8efc024fd057221731b8441eed1f78c2841bddbe1d7646bf65390da9848d7ece,2024-06-10T19:22:46.993000 CVE-2021-47571,0,0,9ae7dfe9cc2ea2b4111c421c046fb07b6c9a1d98489d868de0a813931f6c97cf,2024-06-10T19:22:36.833000 CVE-2021-47572,0,0,55c6e98268ccff9a12ecfcf7346b412b0260b19f4dd297c4a5d7a5ddb50f3eca,2024-06-10T19:22:05.237000 -CVE-2021-47573,0,0,d7651731b02758a42d2270c84cd3eec69c61560dd6729d6a0b61b966030a57d1,2024-06-19T15:15:51.767000 -CVE-2021-47574,0,0,faec0f88ff751ebb91e3072c1e7644e2c797437239d50359903bdaa680439098,2024-06-19T15:15:51.890000 -CVE-2021-47575,0,0,bc3a33c9622965fc183a4dcad28a9ac1803f40a25224f2117f5d79d66c049d6e,2024-06-19T15:15:52.010000 +CVE-2021-47573,0,1,77f17ceffef01ed1235383fa8b9d660bd9e97f9957ddf89f7588fecd6de7f3ee,2024-06-20T09:15:10.660000 +CVE-2021-47574,0,1,391863034eab59403fe143d15df40f1956c3dc69dca88c34541f90e4de440ed8,2024-06-20T09:15:10.850000 +CVE-2021-47575,0,1,722357c96fabd9dcaa94e25f2d6c3827cc0d9ffea8340b657e2489a7b6bb493c,2024-06-20T09:15:10.953000 CVE-2021-47576,0,0,529ff2838ef76d7619d5bef41c4412385193d0388581dc3389cc34ad5cb3392b,2024-06-19T15:15:52.117000 CVE-2021-47577,0,0,2e716ba915bf347483c8366b86986fd4bc924c2188585127b0346a76083dca64,2024-06-19T15:15:52.223000 CVE-2021-47578,0,0,b6cdd7cb71f065232f349708162f254a0436579d12bb1d2af1930716fd430722,2024-06-19T15:15:52.320000 CVE-2021-47579,0,0,bacd9b18ea2cec453f67aac72823401bb7e8ad56778087942ea94693446c2239,2024-06-19T15:15:52.427000 CVE-2021-47580,0,0,9d0dcf903250aa86955d83dd6f1490d35c7ce8feed681a55869b2ec26c204660,2024-06-19T15:15:52.537000 -CVE-2021-47581,0,0,1c86c7d02ee569088c250293fa18ba66c6e6ba91496b046ec16098d0a842b34a,2024-06-19T15:15:52.637000 +CVE-2021-47581,0,1,17ec8f4e133d40e0db5079fe03b869ad7ee16e0e079fffc51fd025ed4a3f9521,2024-06-20T09:15:11.057000 CVE-2021-47582,0,0,c9a1f9b44372a9f249b03729be5db788d3c9b94e5e60e99cb74bd75151e295d6,2024-06-19T15:15:52.743000 CVE-2021-47583,0,0,6e348f5d1cee71355f4561877aa842e4099a5c563bcd5b01e8d3e5ff3a090cb9,2024-06-19T15:15:52.843000 CVE-2021-47584,0,0,9fb73020197e21e2348918b425a736b526ca64cbfa5f5cb286809e6fb7fff65f,2024-06-19T15:15:52.947000 @@ -218733,7 +218733,7 @@ CVE-2023-25642,0,0,54cd3d92e51620fed76245134bc60afc7ae3e51e41fa4d6885ef8ef3472c8 CVE-2023-25643,0,0,6662e13f25246c83f148ea47e66b39f4bc11afce3dc84d7bc5d608fa8055f158,2023-12-18T20:09:13.630000 CVE-2023-25644,0,0,52583b69aeb656c73951a90f18c2035417d95e92cacdcefce04a1a56e3b20ff8,2023-12-18T20:08:39.477000 CVE-2023-25645,0,0,9cc2e48dedbeb9a73ae5d33a7b379d30567e4edf38b0cfb37087eb2bd6ba43a6,2023-06-26T22:19:11.390000 -CVE-2023-25646,1,1,0a90e80f06d479da65164144e1bda8d0bf9fd2057032fcd8540359018ed233b7,2024-06-20T07:15:41.340000 +CVE-2023-25646,0,0,0a90e80f06d479da65164144e1bda8d0bf9fd2057032fcd8540359018ed233b7,2024-06-20T07:15:41.340000 CVE-2023-25647,0,0,4c06370cd769277d2f1f2a309d8262dd5189ad19b7b62c9c9e0a79a6d67ec360,2023-08-24T16:20:12.140000 CVE-2023-25648,0,0,6b8f2a5d4f2290c9906f74dab886ae48b0efc0769734b2e0d0a39bf46259d5d1,2023-12-19T19:25:23.710000 CVE-2023-25649,0,0,7fdca89abb02c0a04c1a8d8d1c0be240d887fa7c73c6b501606d77250afdc458,2023-08-31T16:22:56.523000 @@ -241340,7 +241340,7 @@ CVE-2024-1019,0,0,27c6fed97db80e9684966512d657c2ae1b8d86be0f46f2f894fd714e51d0d5 CVE-2024-1020,0,0,9c38654e469ac00d17546e26ec534d4c7bea2be6d89bdf28044962880f9d5820,2024-05-17T02:35:10.867000 CVE-2024-1021,0,0,5a8e02d7058c067054b063aabba5540169cc60bb5eef34be87a607c196ef7d5f,2024-05-17T02:35:10.970000 CVE-2024-1022,0,0,69eec4d7da603217ad4d94fbf09fef8fa962f38c93419612a0efc6f64912229c,2024-05-17T02:35:11.070000 -CVE-2024-1023,0,1,9b3c96b8ef977b2b83376b3af2e2059fe305807d1e900f19d2ec0ecf13232785,2024-06-20T06:15:08.910000 +CVE-2024-1023,0,0,9b3c96b8ef977b2b83376b3af2e2059fe305807d1e900f19d2ec0ecf13232785,2024-06-20T06:15:08.910000 CVE-2024-1024,0,0,7bb01e43c6a7b4af67cf4acf4dcde6df2e6c572cbde2c1a38447944ffb722a3a,2024-05-17T02:35:11.210000 CVE-2024-1026,0,0,784347fcfe5d9ff4657c79eb997eb71c4a7b21475ee666dddd58b83b384cf3ea,2024-05-17T02:35:11.320000 CVE-2024-1027,0,0,1d01269e0df9bfa3c025958f48e327f6c3ac7e82a2b5d48fe02f1b63f0a6aa09,2024-05-17T02:35:11.427000 @@ -241441,7 +241441,7 @@ CVE-2024-1127,0,0,d56eedcfadebd263336bcc9003136ee639f27dd6c46c9263fea0eb8ea044d7 CVE-2024-1128,0,0,a231b73c645395e365defb40ca5d41741520485dac9e62df464e6e1705f68d2e,2024-02-29T13:49:29.390000 CVE-2024-1129,0,0,efcf801aad96aab23ddf4c5c1c7fe067759cd524a5f540fb4b3132cd808f2d93,2024-02-29T13:49:29.390000 CVE-2024-1130,0,0,19b9a2e3e227bc6e3d85f9dd98bd15cfd41c18a2ee1bc79c328385d5148fea32,2024-02-29T13:49:29.390000 -CVE-2024-1132,0,1,9ed9093a5d69eec7aaa9293012130ad2c33be7b2260c2825364334ddab958fd0,2024-06-20T06:15:09.397000 +CVE-2024-1132,0,0,9ed9093a5d69eec7aaa9293012130ad2c33be7b2260c2825364334ddab958fd0,2024-06-20T06:15:09.397000 CVE-2024-1133,0,0,85f4bf6d861639f9431d20ab28a51d2af9f3a3ecb32590788260710816d3a125,2024-02-29T13:49:29.390000 CVE-2024-1134,0,0,2e7c5ee3a71225c7c6e3e9d595fec8d66565da1f8113a13a6b762c5258606aef,2024-05-24T13:03:05.093000 CVE-2024-1135,0,0,2f6bc90f330f2812b6ceb34e2fa1ad9c1c5eca9415bce0719ca3f92f74cd2497,2024-04-16T13:24:07.103000 @@ -241594,7 +241594,7 @@ CVE-2024-1296,0,0,ab648d9dba58ca530bb990b50d92c4f5ce9f591faa8fbeeb49385095b8425c CVE-2024-1297,0,0,1fc219bb038ab422185a999365115aff94759fe3e5ff94e3dc4180f1d6bc82d0,2024-02-20T19:50:53.960000 CVE-2024-1298,0,0,b14e73b9f89ef2bb5f90efe91191494dc122a0d6eae045ea12354e4504b4ff5a,2024-06-11T04:15:12.513000 CVE-2024-1299,0,0,165a6e5bf7396c9871edb84a6ce28d3386b33fd34eb9238065e890fa150a178a,2024-03-07T13:52:27.110000 -CVE-2024-1300,0,1,33e77fcab681de41f2cbe22458773576696126c09d3f89bc639eb67960fa4dfd,2024-06-20T06:15:09.693000 +CVE-2024-1300,0,0,33e77fcab681de41f2cbe22458773576696126c09d3f89bc639eb67960fa4dfd,2024-06-20T06:15:09.693000 CVE-2024-1301,0,0,68d5e322fab21220735382791ea9287e8104e954fa5bc7b1f8f02021f25e280b,2024-03-12T17:46:17.273000 CVE-2024-1302,0,0,e42b35f7a02693024fada8fec8e812444e0bb721c54c537bf6c1b8db8c60ce66,2024-03-12T17:46:17.273000 CVE-2024-1303,0,0,d6386ac67e1b3bd9c657849a1747229ab86034b9c989d20fb5cde0be8bba0359,2024-03-12T17:46:17.273000 @@ -246239,7 +246239,7 @@ CVE-2024-26635,0,0,ef0ef4329a3775ea6d25838c212942f9e933ce2108a8101d274cfb6887156 CVE-2024-26636,0,0,760d91a296e0acf8ba41ea5db2ecf406899fc0855e4062b2617f6fe9e15d498d,2024-03-18T12:38:25.490000 CVE-2024-26637,0,0,fc892e24bd1b7e8206ffae07359f5a6f79726dc219d9822d731828992a4ead1a,2024-03-18T12:38:25.490000 CVE-2024-26638,0,0,810693405d991f7ccd7a2a1a0260a34b1a9402f77c9d945d74efd33b7925ef28,2024-03-18T12:38:25.490000 -CVE-2024-26639,0,0,8a473c1426f4ebb022f445f83a8e03ee2f46b4cc924d5c9a8fc1fa54d3a5296a,2024-04-04T14:15:09.457000 +CVE-2024-26639,0,1,9b6fa0232c66c8cf8fd9bbe39562770943151be50075f97d78497bc85fbca0f5,2024-06-20T09:15:11.183000 CVE-2024-2664,0,0,c0b832041353c8a6cfaeb7e198e87ee27cc866ec20501fb216f1e10cc4fe5ced,2024-04-10T13:23:38.787000 CVE-2024-26640,0,0,5cc6b5e042a5b441f74784080591c7d359381cd13aba12bdf63d6c89fc714c33,2024-03-18T12:38:25.490000 CVE-2024-26641,0,0,d0ed2cdfb0ff7417cb869a8d4b0f844e96cb33626fa12ef7a8d145f64e7e59f2,2024-03-18T12:38:25.490000 @@ -247913,6 +247913,8 @@ CVE-2024-29009,0,0,64d623a5e5091ece3a08216e60fd84baa7c5e2c60d17197a481a7a00a1fb5 CVE-2024-2901,0,0,df536d591427828a51852a2b88694908334d7c53f764c9038fd3774c5ac19973,2024-05-17T02:38:36.427000 CVE-2024-29010,0,0,1e3d8487ff712a2c650beb70061bccfe6dbcb9db93046ccef5c4aba76b5791d4,2024-05-01T19:50:25.633000 CVE-2024-29011,0,0,87d4656d77d891e8470b880f5feac00db31649e777019df201e1d135e5a0d7dd,2024-05-01T19:50:25.633000 +CVE-2024-29012,1,1,999b9b770baa8dc2cef8f5b8f9692cc2067265ac052b62a4dd1d34ebdf9cff96,2024-06-20T09:15:11.347000 +CVE-2024-29013,1,1,038e0a8a864d3094bd5ac1441f00f2be35b07bed2f90be66b3c0a13dda6e32a2,2024-06-20T09:15:11.543000 CVE-2024-29018,0,0,a31ea156ee4a30b6d7535cfe30928ed9f90e655143b9cf9c902aa0e59ea88865,2024-03-21T12:58:51.093000 CVE-2024-29019,0,0,fe2de4afc3940e547c647135fa914dde2bc9fce5b46dec96e6b4c47b6599bdc4,2024-04-11T12:47:44.137000 CVE-2024-2902,0,0,38f24f885a94a37a841618e1d20810a0ee756f93a05006f5b6341ee4af4d3b21,2024-05-17T02:38:36.520000 @@ -251447,6 +251449,7 @@ CVE-2024-34688,0,0,66fff955b629aa6883569d950a703da0f073f684f77574846b0584730e15d CVE-2024-3469,0,0,89a04cf68ae33ee1037c8a13e9431c4d00d2106abb2ae6d7191ba817489a1fcd,2024-06-13T19:36:21.350000 CVE-2024-34690,0,0,823a2e1ae33b55e0d3769be79c59e7f42483b5ff6dba621f60a0402d90d83ba8,2024-06-11T13:54:12.057000 CVE-2024-34691,0,0,827395ff4b0bf99f2642a5cd3134d1fe0effa60012a62490a349f26f4db25abb,2024-06-11T13:54:12.057000 +CVE-2024-34693,1,1,50822730ff419c99ef4d90417e3e09f36dead83ef4280bfa4c2f4b3c064023c2,2024-06-20T09:15:11.683000 CVE-2024-34694,0,0,c52b0ddd7913e7b99d778e62e2419069bd9d8eb90d9108e75c7e8088bb5608e8,2024-06-17T12:42:04.623000 CVE-2024-34695,0,0,d5ed5d99c8f0d08b73ea3cb249327295e787f14594542dd2f27279ab9312830c,2024-05-14T16:12:23.490000 CVE-2024-34697,0,0,95295a45851b4a50f600527e364638272a5d24a08a1ec02edb19abea712755b2,2024-05-14T16:12:23.490000 @@ -251714,8 +251717,8 @@ CVE-2024-35238,0,0,90b2bf17c4613df420698bab76b724ca8e351da1091b572382c658446aa99 CVE-2024-35239,0,0,dc8d7e5945f67552120d785b4ede9965a939fdf2358a18c70e37d67c3011c174,2024-05-29T13:02:09.280000 CVE-2024-3524,0,0,3956193ca7114f5710505c19e3a759f29fdc99e35e3e85d2dfaab62815660be2,2024-05-17T02:39:58.883000 CVE-2024-35240,0,0,acfeed6c530b591057353f6a14e986e7e3beca50f19145cd1d7655529729bf12,2024-05-29T13:02:09.280000 -CVE-2024-35241,0,0,58e2bf4621191e3619241a98522e8bf25e01eea2ea1662dfb9703b07c9f16ff8,2024-06-20T04:15:16.610000 -CVE-2024-35242,0,0,9cb91ff4ebda6021751d3ca5af6f9e03f8e258af15908703fd7a40b0c343fb9b,2024-06-20T04:15:17.617000 +CVE-2024-35241,0,1,4a6b31c14cd4bc5f7501900c1f56590acd344b1e5ce5ecc61874cf3d14d82318,2024-06-20T09:15:11.993000 +CVE-2024-35242,0,1,2e207f0b714427aca575cae65f49ba50d1e8e36b82c7f71cef6b3cbfa7cbc65d,2024-06-20T09:15:12.140000 CVE-2024-35248,0,0,7b24b3b12982d50407db134ff507626124f42d7e835fdd7f27fa9d0ab0e14275,2024-06-13T18:36:09.013000 CVE-2024-35249,0,0,9a167cb503ead93a464686d2899364feb1521f0eeb8918bfedcfea026510dd14,2024-06-13T18:36:09.013000 CVE-2024-3525,0,0,d160b9aacf64da3afa7deea3824b335adab6f10a287b9b570340cfda8c91ffed,2024-05-17T02:39:58.983000 @@ -252904,7 +252907,7 @@ CVE-2024-37535,0,0,07f7d930de9d2427116ed26f9657c7962aa8122c29cd0ba965c2b1ee75b9b CVE-2024-3754,0,0,01f193c84b52f462bda07bbe4a51fb49e63cd8bf2361f6b49c817e3a59b81e5a,2024-06-17T12:42:04.623000 CVE-2024-3755,0,0,255cc63bdc34aca663119fb8f6757a7da5a9acef7ecda034d88dc05babf4b05b,2024-05-06T12:44:56.377000 CVE-2024-3756,0,0,978b8204ea279199334a4c8c549150dc6420f24480b5effb717e8509749d66aa,2024-05-06T12:44:56.377000 -CVE-2024-37568,0,0,69f2fedd9c555b1dba6c5ed31ee1b4242f39058a2d21ca3419cdd98ba0a15bb0,2024-06-18T11:15:51.270000 +CVE-2024-37568,0,1,e54134c743ff1c9089094584276cdc79416cb675a0fc4a7177e49bc6dbf3bbc8,2024-06-20T09:15:12.253000 CVE-2024-37569,0,0,748406cd7b0e731a2b9037b16c6d1dde7e8c81aa1003e1ce6c82275ceb288683,2024-06-12T16:32:56.203000 CVE-2024-3757,0,0,62301a2775fcbfb9e8b5b1aa90b79aa074cd639699f2863765d338333af4b798,2024-05-07T13:39:32.710000 CVE-2024-37570,0,0,a374041c2622c9ba66d2048315fc9e015af6a8717cce4f8beb5b59800398626a,2024-06-12T16:32:34.513000 @@ -253193,8 +253196,9 @@ CVE-2024-38615,0,0,cd0cb9cadb10e6ec8f0952d21d8998d348b0724824fc945dca4d131da03ae CVE-2024-38616,0,0,2d6e2f70ac9dd0bba4b624050f77118d35857a36401a01447394dcac7cabb457,2024-06-19T14:15:21.403000 CVE-2024-38617,0,0,d2e96d7280323f32ed957d3b647a6c9211c0b9099dfb0dd2366229f84463ce19,2024-06-19T14:15:21.490000 CVE-2024-38618,0,0,2355a65d823178dbc67530257af22b7ca0cd2b710a40f5d1c17535efa8ffc772,2024-06-19T14:15:21.567000 -CVE-2024-38619,1,1,04916e6841fea2c2384a6e8546cea3a04b4c5fe37f91ff2f098a22d640694557,2024-06-20T07:15:41.830000 +CVE-2024-38619,0,0,04916e6841fea2c2384a6e8546cea3a04b4c5fe37f91ff2f098a22d640694557,2024-06-20T07:15:41.830000 CVE-2024-3862,0,0,d892c55e37e2ad71ebd3e4aade996aff767de8739f62e2d71c93704431b2b09c,2024-04-17T12:48:31.863000 +CVE-2024-38620,1,1,2d2b83ae1032a00e82c63edf9ae617b9ef9a62e18f90d060d3b153645c9e6bf1,2024-06-20T08:15:38.377000 CVE-2024-3863,0,0,2bcd7aff2d943e7ab42e23b79c60d375ad9e243a307a827bee502e9df179514c,2024-04-19T17:15:55.333000 CVE-2024-3864,0,0,19d7836c62228b8f626d6423c9bc9a43211c93bf4b17c3a151f2e9e764cbca42,2024-04-24T10:15:07.597000 CVE-2024-3865,0,0,8b230c3d643bf4def0090616d3b729148802c45f8b0915e5522b00babc710a03,2024-04-17T12:48:31.863000 @@ -253365,7 +253369,7 @@ CVE-2024-4093,0,0,5d27408cc41c323f4b0e69479d9f46468fbd0106e510632bee156499f1d6b2 CVE-2024-4094,0,0,5568bb7b9c58d0dfc0e61c5b0d15fec28f7a97c2856c9b64fe0b97085b61ff12,2024-06-18T06:15:12.360000 CVE-2024-4095,0,0,31c469f286897b03d948d4fae3cbc92250d27af63fa8e1eb75ef9d0aeba13389,2024-06-17T12:42:04.623000 CVE-2024-4097,0,0,6a60177672bc62dbe43e4e7ccd78e74b9159babed54b0d3a303c5a9a6fcd009a,2024-05-02T18:00:37.360000 -CVE-2024-4098,1,1,cb73ebe09904e382d0c5ce739d9d4659a207104f7c802fc61cc7679a1f5f21a1,2024-06-20T07:15:41.933000 +CVE-2024-4098,0,0,cb73ebe09904e382d0c5ce739d9d4659a207104f7c802fc61cc7679a1f5f21a1,2024-06-20T07:15:41.933000 CVE-2024-4103,0,0,db40310890aaaffd4decfd17ebe6978d2575902ae5387a15070f6cb8b96b8e99,2024-05-14T16:11:39.510000 CVE-2024-4104,0,0,8fd82744b8bcdbccac2be79cc70a35ed94046651bf70570898ef2c659d60f12d,2024-05-14T16:11:39.510000 CVE-2024-4107,0,0,ffdcb25066b63e479c86de36da9033958cd11095a536f4d270fcccd4e4bc4dda,2024-05-14T16:11:39.510000 @@ -253736,7 +253740,7 @@ CVE-2024-4561,0,0,419f075cb470fc0bcbe1e02ad47a96fd3735721568a3ea0b27d92242ea08e5 CVE-2024-4562,0,0,4b41dac3b3dc0160472fa769fd66d4820687adcd6a603b6680aeb5866557430b,2024-05-15T16:40:19.330000 CVE-2024-4563,0,0,43e81ccbb963e983297369a19c921ee8c5a4d32bc8be4a7c8277c1c258a5c174,2024-05-23T16:15:08.867000 CVE-2024-4564,0,0,4e10c9acbdd4f88d210f4dd1739d9efe5b9317a176118d23abd270246fa28562,2024-06-13T18:36:09.013000 -CVE-2024-4565,1,1,9e16384c1deeaddd0195082106205b41a2710419ce70589e041320cb81ad0ca0,2024-06-20T06:15:09.950000 +CVE-2024-4565,0,0,9e16384c1deeaddd0195082106205b41a2710419ce70589e041320cb81ad0ca0,2024-06-20T06:15:09.950000 CVE-2024-4566,0,0,5bf64390fca62ba0e88600d1f0954e23dea48d7610695fd2ef891697361d3217,2024-05-21T12:37:59.687000 CVE-2024-4567,0,0,bff521ec958712c348010a89da0e0aec519b6a717613a798e9a8fee426de5e74,2024-05-14T16:11:39.510000 CVE-2024-4568,0,0,79c6e65478e2e86d702896e792fead76bbebdb118f8c0f66e6390a241a22321a,2024-05-07T13:39:32.710000 @@ -254369,7 +254373,7 @@ CVE-2024-5464,0,0,20ac6d6efa943df789ee80e23b81c0dadba3276ccc683b7cb6fcce26ba339b CVE-2024-5465,0,0,9b677e9ed42136d68b443cf9dc4afa859310d29bdd1dad1920c040ce3c57d334,2024-06-17T12:42:04.623000 CVE-2024-5468,0,0,2bc9c38a1a2994a4c4ceddf0376e8b3ff5412f95fe840378ab4577710a81e066,2024-06-13T18:36:09.010000 CVE-2024-5469,0,0,a6ac25b89021bcbe477171d4304d10733bc198409739b73a4d379d6ba636b5b0,2024-06-17T12:42:04.623000 -CVE-2024-5475,1,1,097636162e4977d156e22d79d1f6c03e0fc9dc771a7805003543c3e6b3fe955d,2024-06-20T06:15:10.077000 +CVE-2024-5475,0,0,097636162e4977d156e22d79d1f6c03e0fc9dc771a7805003543c3e6b3fe955d,2024-06-20T06:15:10.077000 CVE-2024-5478,0,0,cbce39d40f4102e26dfaf35e6a6b20bf349245ad3d94d864b4543f6f43a9d245,2024-06-07T14:56:05.647000 CVE-2024-5480,0,0,0c96379cb76c4f8b6d9852cdcc0f60ebab5e5f97f64e4439ef99fbfb3e3714ee,2024-06-07T14:56:05.647000 CVE-2024-5481,0,0,7e1e4455e255ae80e6041eac91512213cb57b2091c06ce10c4272331eb1d58af,2024-06-11T18:00:09.740000 @@ -254399,7 +254403,7 @@ CVE-2024-5518,0,0,7be8efd54096829bb11c5abb04e19bf1a49b1768c0ad36f7ac88e032ad73e0 CVE-2024-5519,0,0,676af88d878b937cce3af5b28731e1191247d663004f92c739f5db0d966e0d3f,2024-06-04T19:21:10.043000 CVE-2024-5520,0,0,63f9c32911da3f67c58779f2c8ba34d9aa4b55d3386d570dad5bc0397c8cb5db,2024-05-30T13:15:41.297000 CVE-2024-5521,0,0,ccb2ba49d7e4be9859a81cd0c950d08f47c4a44700fa46f5775af6da3418abbd,2024-05-30T13:15:41.297000 -CVE-2024-5522,1,1,e90f5c28c2f7d912ff2ae30546e3593ce47fa168f0624b0e32070153ce1d46fc,2024-06-20T06:15:10.197000 +CVE-2024-5522,0,0,e90f5c28c2f7d912ff2ae30546e3593ce47fa168f0624b0e32070153ce1d46fc,2024-06-20T06:15:10.197000 CVE-2024-5523,0,0,047cc71fb1f4320881d428c79c80679ee2da549498da604407797261c69d069c,2024-05-31T13:01:46.727000 CVE-2024-5524,0,0,e7e0fe13822be5d672aca31e1ee31e0f364bc62cac379db56dfa86e4e6649c5d,2024-05-31T13:01:46.727000 CVE-2024-5525,0,0,27d51e0f90117d5f6e29d565f6efd293c83de249201cb9426e9c70697dbb918d,2024-05-31T13:01:46.727000 @@ -254627,7 +254631,7 @@ CVE-2024-6109,0,0,ac88b829202223826825501cf9791e4a037baf3e8842ea6d10b43cea56f9fb CVE-2024-6110,0,0,a93edb70ebaea05e4db1d298919bf28b75b9891dd6a65a876e1ff434451eb3ce,2024-06-18T12:15:13.290000 CVE-2024-6111,0,0,88ff3438da2fa6dff09fb1e17ea9913d07168b3e37cac6ddb91200dd8cb971da,2024-06-18T15:15:52.873000 CVE-2024-6112,0,0,3793178079993987ba7bf7b37db89ff5b23660048ce424d2f0351839dfc7b7ff,2024-06-18T15:15:52.993000 -CVE-2024-6113,1,1,c85a8a6a99c4e7341510804bf21b5466b2444897fe50231d9a7b1521955dc286,2024-06-20T06:15:10.310000 +CVE-2024-6113,0,0,c85a8a6a99c4e7341510804bf21b5466b2444897fe50231d9a7b1521955dc286,2024-06-20T06:15:10.310000 CVE-2024-6114,0,0,b861f686c72ead40271b9e15f5d48ada8c079a2c4c9ea1405ca71da7d3acf766,2024-06-18T13:15:52.897000 CVE-2024-6115,0,0,8370727144c08f52daee8853cdc1c595dffde958a895699c94efac517eada338,2024-06-18T13:15:53.267000 CVE-2024-6116,0,0,9c214becff49a599c0981aa0de917221cc0b2f05b538da5ededc03f464bf8356,2024-06-18T16:15:10.983000