From ef070f1764f9f31a6b7bf25917c49bd725bc8796 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 21 Aug 2024 18:03:13 +0000 Subject: [PATCH] Auto-Update: 2024-08-21T18:00:17.988484+00:00 --- CVE-2019/CVE-2019-162xx/CVE-2019-16220.json | 6 +- CVE-2020/CVE-2020-118xx/CVE-2020-11846.json | 4 +- CVE-2020/CVE-2020-118xx/CVE-2020-11847.json | 4 +- CVE-2020/CVE-2020-118xx/CVE-2020-11850.json | 4 +- CVE-2021/CVE-2021-476xx/CVE-2021-47622.json | 84 +++++- CVE-2021/CVE-2021-476xx/CVE-2021-47624.json | 84 +++++- CVE-2022/CVE-2022-254xx/CVE-2022-25477.json | 80 ++++- CVE-2022/CVE-2022-254xx/CVE-2022-25478.json | 80 ++++- CVE-2022/CVE-2022-254xx/CVE-2022-25479.json | 52 +--- CVE-2022/CVE-2022-263xx/CVE-2022-26327.json | 78 +++++ CVE-2022/CVE-2022-263xx/CVE-2022-26328.json | 78 +++++ CVE-2022/CVE-2022-487xx/CVE-2022-48773.json | 97 +++++- CVE-2022/CVE-2022-487xx/CVE-2022-48775.json | 126 +++++++- CVE-2022/CVE-2022-487xx/CVE-2022-48777.json | 85 +++++- CVE-2022/CVE-2022-487xx/CVE-2022-48778.json | 111 ++++++- CVE-2023/CVE-2023-423xx/CVE-2023-42308.json | 39 ++- CVE-2023/CVE-2023-528xx/CVE-2023-52885.json | 142 ++++++++- CVE-2023/CVE-2023-528xx/CVE-2023-52886.json | 124 +++++++- CVE-2024/CVE-2024-203xx/CVE-2024-20375.json | 56 ++++ CVE-2024/CVE-2024-216xx/CVE-2024-21690.json | 48 +++ CVE-2024/CVE-2024-222xx/CVE-2024-22277.json | 60 +++- CVE-2024/CVE-2024-258xx/CVE-2024-25833.json | 39 ++- CVE-2024/CVE-2024-258xx/CVE-2024-25842.json | 39 ++- CVE-2024/CVE-2024-273xx/CVE-2024-27371.json | 14 +- CVE-2024/CVE-2024-273xx/CVE-2024-27375.json | 14 +- CVE-2024/CVE-2024-280xx/CVE-2024-28000.json | 4 +- CVE-2024/CVE-2024-283xx/CVE-2024-28340.json | 39 ++- CVE-2024/CVE-2024-336xx/CVE-2024-33656.json | 56 ++++ CVE-2024/CVE-2024-336xx/CVE-2024-33657.json | 56 ++++ CVE-2024/CVE-2024-345xx/CVE-2024-34515.json | 39 ++- CVE-2024/CVE-2024-355xx/CVE-2024-35540.json | 67 ++++- CVE-2024/CVE-2024-365xx/CVE-2024-36528.json | 39 ++- CVE-2024/CVE-2024-365xx/CVE-2024-36550.json | 34 ++- CVE-2024/CVE-2024-366xx/CVE-2024-36667.json | 34 ++- CVE-2024/CVE-2024-366xx/CVE-2024-36691.json | 39 ++- CVE-2024/CVE-2024-37xx/CVE-2024-3779.json | 160 +++++++++- CVE-2024/CVE-2024-393xx/CVE-2024-39344.json | 25 ++ CVE-2024/CVE-2024-394xx/CVE-2024-39487.json | 180 ++++++++++- CVE-2024/CVE-2024-396xx/CVE-2024-39690.json | 66 +++- CVE-2024/CVE-2024-404xx/CVE-2024-40453.json | 29 ++ CVE-2024/CVE-2024-405xx/CVE-2024-40500.json | 58 +++- CVE-2024/CVE-2024-409xx/CVE-2024-40952.json | 102 ++++++- CVE-2024/CVE-2024-409xx/CVE-2024-40960.json | 162 +++++++++- CVE-2024/CVE-2024-409xx/CVE-2024-40961.json | 150 +++++++++- CVE-2024/CVE-2024-409xx/CVE-2024-40994.json | 126 +++++++- CVE-2024/CVE-2024-409xx/CVE-2024-40995.json | 150 +++++++++- CVE-2024/CVE-2024-409xx/CVE-2024-40996.json | 114 ++++++- CVE-2024/CVE-2024-409xx/CVE-2024-40997.json | 84 +++++- CVE-2024/CVE-2024-410xx/CVE-2024-41000.json | 117 +++++++- CVE-2024/CVE-2024-410xx/CVE-2024-41001.json | 93 +++++- CVE-2024/CVE-2024-410xx/CVE-2024-41002.json | 105 ++++++- CVE-2024/CVE-2024-410xx/CVE-2024-41006.json | 170 ++++++++++- CVE-2024/CVE-2024-416xx/CVE-2024-41674.json | 4 +- CVE-2024/CVE-2024-416xx/CVE-2024-41675.json | 4 +- CVE-2024/CVE-2024-419xx/CVE-2024-41937.json | 37 +++ CVE-2024/CVE-2024-423xx/CVE-2024-42369.json | 66 +++- CVE-2024/CVE-2024-425xx/CVE-2024-42550.json | 21 ++ CVE-2024/CVE-2024-425xx/CVE-2024-42556.json | 43 ++- CVE-2024/CVE-2024-425xx/CVE-2024-42563.json | 43 ++- CVE-2024/CVE-2024-425xx/CVE-2024-42572.json | 34 ++- CVE-2024/CVE-2024-429xx/CVE-2024-42950.json | 34 ++- CVE-2024/CVE-2024-430xx/CVE-2024-43022.json | 21 ++ CVE-2024/CVE-2024-430xx/CVE-2024-43027.json | 21 ++ CVE-2024/CVE-2024-433xx/CVE-2024-43371.json | 4 +- CVE-2024/CVE-2024-434xx/CVE-2024-43407.json | 4 +- CVE-2024/CVE-2024-434xx/CVE-2024-43410.json | 60 ++++ CVE-2024/CVE-2024-434xx/CVE-2024-43411.json | 60 ++++ CVE-2024/CVE-2024-50xx/CVE-2024-5018.json | 62 +++- CVE-2024/CVE-2024-57xx/CVE-2024-5723.json | 56 ++++ CVE-2024/CVE-2024-57xx/CVE-2024-5725.json | 56 ++++ CVE-2024/CVE-2024-57xx/CVE-2024-5762.json | 60 ++++ CVE-2024/CVE-2024-59xx/CVE-2024-5928.json | 60 ++++ CVE-2024/CVE-2024-59xx/CVE-2024-5929.json | 60 ++++ CVE-2024/CVE-2024-59xx/CVE-2024-5930.json | 60 ++++ CVE-2024/CVE-2024-61xx/CVE-2024-6141.json | 60 ++++ CVE-2024/CVE-2024-67xx/CVE-2024-6733.json | 61 +++- CVE-2024/CVE-2024-67xx/CVE-2024-6734.json | 61 +++- CVE-2024/CVE-2024-67xx/CVE-2024-6735.json | 61 +++- CVE-2024/CVE-2024-68xx/CVE-2024-6811.json | 56 ++++ CVE-2024/CVE-2024-68xx/CVE-2024-6812.json | 56 ++++ CVE-2024/CVE-2024-68xx/CVE-2024-6813.json | 60 ++++ CVE-2024/CVE-2024-68xx/CVE-2024-6814.json | 60 ++++ CVE-2024/CVE-2024-68xx/CVE-2024-6899.json | 66 +++- CVE-2024/CVE-2024-69xx/CVE-2024-6952.json | 65 +++- CVE-2024/CVE-2024-69xx/CVE-2024-6953.json | 77 ++++- CVE-2024/CVE-2024-69xx/CVE-2024-6954.json | 65 +++- CVE-2024/CVE-2024-69xx/CVE-2024-6955.json | 66 +++- CVE-2024/CVE-2024-69xx/CVE-2024-6956.json | 66 +++- CVE-2024/CVE-2024-69xx/CVE-2024-6957.json | 66 +++- CVE-2024/CVE-2024-69xx/CVE-2024-6958.json | 66 +++- CVE-2024/CVE-2024-74xx/CVE-2024-7448.json | 60 ++++ CVE-2024/CVE-2024-76xx/CVE-2024-7600.json | 60 ++++ CVE-2024/CVE-2024-76xx/CVE-2024-7601.json | 60 ++++ CVE-2024/CVE-2024-76xx/CVE-2024-7602.json | 60 ++++ CVE-2024/CVE-2024-76xx/CVE-2024-7603.json | 60 ++++ CVE-2024/CVE-2024-76xx/CVE-2024-7604.json | 60 ++++ CVE-2024/CVE-2024-77xx/CVE-2024-7722.json | 60 ++++ CVE-2024/CVE-2024-77xx/CVE-2024-7723.json | 60 ++++ CVE-2024/CVE-2024-77xx/CVE-2024-7724.json | 60 ++++ CVE-2024/CVE-2024-77xx/CVE-2024-7725.json | 60 ++++ CVE-2024/CVE-2024-77xx/CVE-2024-7795.json | 56 ++++ CVE-2024/CVE-2024-78xx/CVE-2024-7885.json | 4 +- CVE-2024/CVE-2024-80xx/CVE-2024-8007.json | 4 +- README.md | 94 +++--- _state.csv | 314 +++++++++++--------- 105 files changed, 6257 insertions(+), 543 deletions(-) create mode 100644 CVE-2022/CVE-2022-263xx/CVE-2022-26327.json create mode 100644 CVE-2022/CVE-2022-263xx/CVE-2022-26328.json create mode 100644 CVE-2024/CVE-2024-203xx/CVE-2024-20375.json create mode 100644 CVE-2024/CVE-2024-216xx/CVE-2024-21690.json create mode 100644 CVE-2024/CVE-2024-336xx/CVE-2024-33656.json create mode 100644 CVE-2024/CVE-2024-336xx/CVE-2024-33657.json create mode 100644 CVE-2024/CVE-2024-393xx/CVE-2024-39344.json create mode 100644 CVE-2024/CVE-2024-404xx/CVE-2024-40453.json create mode 100644 CVE-2024/CVE-2024-419xx/CVE-2024-41937.json create mode 100644 CVE-2024/CVE-2024-425xx/CVE-2024-42550.json create mode 100644 CVE-2024/CVE-2024-430xx/CVE-2024-43022.json create mode 100644 CVE-2024/CVE-2024-430xx/CVE-2024-43027.json create mode 100644 CVE-2024/CVE-2024-434xx/CVE-2024-43410.json create mode 100644 CVE-2024/CVE-2024-434xx/CVE-2024-43411.json create mode 100644 CVE-2024/CVE-2024-57xx/CVE-2024-5723.json create mode 100644 CVE-2024/CVE-2024-57xx/CVE-2024-5725.json create mode 100644 CVE-2024/CVE-2024-57xx/CVE-2024-5762.json create mode 100644 CVE-2024/CVE-2024-59xx/CVE-2024-5928.json create mode 100644 CVE-2024/CVE-2024-59xx/CVE-2024-5929.json create mode 100644 CVE-2024/CVE-2024-59xx/CVE-2024-5930.json create mode 100644 CVE-2024/CVE-2024-61xx/CVE-2024-6141.json create mode 100644 CVE-2024/CVE-2024-68xx/CVE-2024-6811.json create mode 100644 CVE-2024/CVE-2024-68xx/CVE-2024-6812.json create mode 100644 CVE-2024/CVE-2024-68xx/CVE-2024-6813.json create mode 100644 CVE-2024/CVE-2024-68xx/CVE-2024-6814.json create mode 100644 CVE-2024/CVE-2024-74xx/CVE-2024-7448.json create mode 100644 CVE-2024/CVE-2024-76xx/CVE-2024-7600.json create mode 100644 CVE-2024/CVE-2024-76xx/CVE-2024-7601.json create mode 100644 CVE-2024/CVE-2024-76xx/CVE-2024-7602.json create mode 100644 CVE-2024/CVE-2024-76xx/CVE-2024-7603.json create mode 100644 CVE-2024/CVE-2024-76xx/CVE-2024-7604.json create mode 100644 CVE-2024/CVE-2024-77xx/CVE-2024-7722.json create mode 100644 CVE-2024/CVE-2024-77xx/CVE-2024-7723.json create mode 100644 CVE-2024/CVE-2024-77xx/CVE-2024-7724.json create mode 100644 CVE-2024/CVE-2024-77xx/CVE-2024-7725.json create mode 100644 CVE-2024/CVE-2024-77xx/CVE-2024-7795.json diff --git a/CVE-2019/CVE-2019-162xx/CVE-2019-16220.json b/CVE-2019/CVE-2019-162xx/CVE-2019-16220.json index 3425aab5096..573cede4770 100644 --- a/CVE-2019/CVE-2019-162xx/CVE-2019-16220.json +++ b/CVE-2019/CVE-2019-162xx/CVE-2019-16220.json @@ -2,13 +2,13 @@ "id": "CVE-2019-16220", "sourceIdentifier": "cve@mitre.org", "published": "2019-09-11T14:15:11.947", - "lastModified": "2023-01-31T19:34:36.827", - "vulnStatus": "Analyzed", + "lastModified": "2024-08-21T16:15:06.657", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect." + "value": "In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect if a provided URL path does not start with a forward slash." }, { "lang": "es", diff --git a/CVE-2020/CVE-2020-118xx/CVE-2020-11846.json b/CVE-2020/CVE-2020-118xx/CVE-2020-11846.json index 0cdbf5742c3..09be0323af4 100644 --- a/CVE-2020/CVE-2020-118xx/CVE-2020-11846.json +++ b/CVE-2020/CVE-2020-118xx/CVE-2020-11846.json @@ -2,8 +2,8 @@ "id": "CVE-2020-11846", "sourceIdentifier": "security@opentext.com", "published": "2024-08-21T14:15:07.737", - "lastModified": "2024-08-21T14:15:07.737", - "vulnStatus": "Received", + "lastModified": "2024-08-21T16:06:23.153", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2020/CVE-2020-118xx/CVE-2020-11847.json b/CVE-2020/CVE-2020-118xx/CVE-2020-11847.json index dd74486f040..e5acd3858f0 100644 --- a/CVE-2020/CVE-2020-118xx/CVE-2020-11847.json +++ b/CVE-2020/CVE-2020-118xx/CVE-2020-11847.json @@ -2,8 +2,8 @@ "id": "CVE-2020-11847", "sourceIdentifier": "security@opentext.com", "published": "2024-08-21T14:15:07.957", - "lastModified": "2024-08-21T14:15:07.957", - "vulnStatus": "Received", + "lastModified": "2024-08-21T16:06:23.153", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2020/CVE-2020-118xx/CVE-2020-11850.json b/CVE-2020/CVE-2020-118xx/CVE-2020-11850.json index 89e7dd1ca5d..5c5c6f190e2 100644 --- a/CVE-2020/CVE-2020-118xx/CVE-2020-11850.json +++ b/CVE-2020/CVE-2020-118xx/CVE-2020-11850.json @@ -2,8 +2,8 @@ "id": "CVE-2020-11850", "sourceIdentifier": "security@opentext.com", "published": "2024-08-21T13:15:04.027", - "lastModified": "2024-08-21T13:15:04.027", - "vulnStatus": "Received", + "lastModified": "2024-08-21T16:06:23.153", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2021/CVE-2021-476xx/CVE-2021-47622.json b/CVE-2021/CVE-2021-476xx/CVE-2021-47622.json index 5b8f86c87e0..6c9f10354c0 100644 --- a/CVE-2021/CVE-2021-476xx/CVE-2021-47622.json +++ b/CVE-2021/CVE-2021-476xx/CVE-2021-47622.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47622", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-16T12:15:02.400", - "lastModified": "2024-07-16T13:43:58.773", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:31:30.087", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,91 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: scsi: ufs: corrige un punto muerto en el controlador de errores Se ha observado el siguiente punto muerto en una configuraci\u00f3n de prueba: - Todas las etiquetas asignadas - El controlador de errores SCSI llama a ufshcd_eh_host_reset_handler() - ufshcd_eh_host_reset_handler( ) las colas funcionan que llaman a ufshcd_err_handler() - ufshcd_err_handler() se bloquea de la siguiente manera: Cola de trabajo: ufs_eh_wq_0 ufshcd_err_handler.cfi_jt Rastreo de llamadas: __switch_to+0x298/0x5d8 __schedule+0x6cc/0xa94 Schedule+0x12c/0x298 get_tag+0x210/0x480 __blk_mq_alloc_request+0x1c8/ 0x284 blk_get_request+0x74/0x134 ufshcd_exec_dev_cmd+0x68/0x640 ufshcd_verify_dev_init+0x68/0x35c ufshcd_probe_hba+0x12c/0x1cb8 ufshcd_host_reset_and_restore+0x88/0x254 _reset_and_restore+0xd0/0x354 ufshcd_err_handler+0x408/0xc58 proceso_one_work+0x24c/0x66c trabajador_thread+0x3e8/0xa4c kthread+0x150/ 0x1b4 ret_from_fork+0x10/0x30 Solucione este bloqueo haciendo que ufshcd_exec_dev_cmd() asigne una solicitud reservada." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.15.25", + "matchCriteriaId": "0B2AC86E-F9F8-4303-B3D9-66D77F68DB32" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "5.16.11", + "matchCriteriaId": "0D327234-5D4A-43DC-A6DF-BCA0CEBEC039" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/493c9e850677df8b4eda150c2364b1c1a72ed724", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/945c3cca05d78351bba29fa65d93834cb7934c7b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d69d98d8edf90e25e4e09930dd36dd6d09dd6768", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-476xx/CVE-2021-47624.json b/CVE-2021/CVE-2021-476xx/CVE-2021-47624.json index 3f0761202ea..600bcd7eceb 100644 --- a/CVE-2021/CVE-2021-476xx/CVE-2021-47624.json +++ b/CVE-2021/CVE-2021-476xx/CVE-2021-47624.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47624", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-16T12:15:02.553", - "lastModified": "2024-07-16T13:43:58.773", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:43:52.917", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,91 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net/sunrpc: corrige fugas de recuento de referencias en rpc_sysfs_xprt_state_change Los problemas de fugas de recuento tienen lugar en una ruta de manejo de errores. Cuando el tercer argumento buf no coincide con \"fuera de l\u00ednea\", \"en l\u00ednea\" o \"eliminar\", la funci\u00f3n simplemente devuelve -EINVAL y se olvida de disminuir el recuento de referencias de un objeto rpc_xprt y un objeto rpc_xprt_switch aumentado en rpc_sysfs_xprt_kobj_get_xprt() y rpc_sysfs_xprt_kobj_get_xprt_switch (), lo que provoca fugas en el recuento de referencias de ambos objetos no utilizados. Solucione este problema saltando a la ruta de manejo de errores etiquetada con out_put cuando buf no coincida con \"fuera de l\u00ednea\", \"en l\u00ednea\" o \"eliminar\"." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.15.24", + "matchCriteriaId": "9064E0A6-C05B-4161-9FB1-A2CC0F00A07A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "5.16.10", + "matchCriteriaId": "679523BA-1392-404B-AB85-F5A5408B1ECC" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/4b22aa42bd4d2d630ef1854c139275c3532937cb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5f6024c05a2c0fdd180b29395aaf686d25af3a0f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/776d794f28c95051bc70405a7b1fa40115658a18", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-254xx/CVE-2022-25477.json b/CVE-2022/CVE-2022-254xx/CVE-2022-25477.json index 9023ef78da3..f8b850c13be 100644 --- a/CVE-2022/CVE-2022-254xx/CVE-2022-25477.json +++ b/CVE-2022/CVE-2022-254xx/CVE-2022-25477.json @@ -2,8 +2,8 @@ "id": "CVE-2022-25477", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-02T19:15:11.757", - "lastModified": "2024-07-03T12:53:24.977", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T16:11:13.223", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,87 @@ "value": "Una vulnerabilidad en el controlador Realtek RtsPer para lector de tarjetas PCIe (RtsPer.sys) anterior a 10.0.22000.21355 y el controlador Realtek RtsUer para lector de tarjetas USB (RtsUer.sys) anterior a 10.0.22000.31274 filtra registros de controladores que contienen direcciones de objetos en modo kernel, lo que debilita KASLR." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:realtek:rtsper:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.21355", + "matchCriteriaId": "126006F2-0655-4EAB-AD95-87AADA0C8F8E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:realtek:rtsuer:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.31274", + "matchCriteriaId": "B45E5C60-6DE7-4324-84A0-5F4270C6ACA0" + } + ] + } + ] + } + ], "references": [ { "url": "http://realtek.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://gist.github.com/zwclose/feb16f1424779a61cb1d9f6d5681408a", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.realtek.com/images/safe-report/Realtek_RtsPer_RtsUer_Security_Advisory_Report.pdf", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-254xx/CVE-2022-25478.json b/CVE-2022/CVE-2022-254xx/CVE-2022-25478.json index e482b3dffa9..0b1b071dc99 100644 --- a/CVE-2022/CVE-2022-254xx/CVE-2022-25478.json +++ b/CVE-2022/CVE-2022-254xx/CVE-2022-25478.json @@ -2,8 +2,8 @@ "id": "CVE-2022-25478", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-02T19:15:11.870", - "lastModified": "2024-07-03T12:53:24.977", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T16:09:11.237", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,87 @@ "value": "Una vulnerabilidad en el controlador Realtek RtsPer para lector de tarjetas PCIe (RtsPer.sys) anterior a 10.0.22000.21355 y el controlador Realtek RtsUer para lector de tarjetas USB (RtsUer.sys) anterior a 10.0.22000.31274 proporciona acceso de lectura y escritura al espacio de configuraci\u00f3n PCI del dispositivo." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:realtek:rtsper:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.21355", + "matchCriteriaId": "126006F2-0655-4EAB-AD95-87AADA0C8F8E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:realtek:rtsuer:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.31274", + "matchCriteriaId": "B45E5C60-6DE7-4324-84A0-5F4270C6ACA0" + } + ] + } + ] + } + ], "references": [ { "url": "http://realtek.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://gist.github.com/zwclose/feb16f1424779a61cb1d9f6d5681408a", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.realtek.com/images/safe-report/Realtek_RtsPer_RtsUer_Security_Advisory_Report.pdf", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-254xx/CVE-2022-25479.json b/CVE-2022/CVE-2022-254xx/CVE-2022-25479.json index 3c99e0831f6..101dbece436 100644 --- a/CVE-2022/CVE-2022-254xx/CVE-2022-25479.json +++ b/CVE-2022/CVE-2022-254xx/CVE-2022-25479.json @@ -2,8 +2,8 @@ "id": "CVE-2022-25479", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-02T19:15:11.957", - "lastModified": "2024-08-21T15:23:53.593", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T16:09:09.517", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -53,7 +53,6 @@ ], "configurations": [ { - "operator": "AND", "nodes": [ { "operator": "OR", @@ -61,48 +60,15 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:realtek:rtsuer.sys_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "10.0.22000.31274", - "matchCriteriaId": "82B85217-BCB4-4004-BED8-5DBC467D872A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:realtek:rtsuer.sys:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9DE6F57D-3CD4-4D8C-BF80-7F84ECD77723" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:realtek:rtsper.sys_firmware:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:realtek:rtsper:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.22000.21355", - "matchCriteriaId": "77939C6B-1EF5-4B34-9133-931067B96F97" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ + "matchCriteriaId": "126006F2-0655-4EAB-AD95-87AADA0C8F8E" + }, { - "vulnerable": false, - "criteria": "cpe:2.3:h:realtek:rtsper.sys:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58C777F7-983D-4207-A5C8-0BAC3F79ECCC" + "vulnerable": true, + "criteria": "cpe:2.3:a:realtek:rtsuer:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.31274", + "matchCriteriaId": "B45E5C60-6DE7-4324-84A0-5F4270C6ACA0" } ] } diff --git a/CVE-2022/CVE-2022-263xx/CVE-2022-26327.json b/CVE-2022/CVE-2022-263xx/CVE-2022-26327.json new file mode 100644 index 00000000000..17d92dcea56 --- /dev/null +++ b/CVE-2022/CVE-2022-263xx/CVE-2022-26327.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2022-26327", + "sourceIdentifier": "security@opentext.com", + "published": "2024-08-21T16:15:06.870", + "lastModified": "2024-08-21T17:25:08.560", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in OpenText Performance Center on Windows allows Retrieve Embedded Sensitive Data.This issue affects Performance Center: 12.63." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:M/U:Clear", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "ACTIVE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "LOW", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "MODERATE", + "providerUrgency": "CLEAR", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://portal.microfocus.com/s/article/KM000006815?language=en_US", + "source": "security@opentext.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-263xx/CVE-2022-26328.json b/CVE-2022/CVE-2022-263xx/CVE-2022-26328.json new file mode 100644 index 00000000000..79e60fd94f4 --- /dev/null +++ b/CVE-2022/CVE-2022-263xx/CVE-2022-26328.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2022-26328", + "sourceIdentifier": "security@opentext.com", + "published": "2024-08-21T16:15:07.057", + "lastModified": "2024-08-21T17:25:08.560", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText Performance Center on Windows allows Cross-Site Scripting (XSS).This issue affects Performance Center: 12.63." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:M/U:Clear", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "ACTIVE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "LOW", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "MODERATE", + "providerUrgency": "CLEAR", + "baseScore": 2.0, + "baseSeverity": "LOW" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://portal.microfocus.com/s/article/KM000032041?language=en_US", + "source": "security@opentext.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48773.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48773.json index c9636b518fc..d16fd88fd5c 100644 --- a/CVE-2022/CVE-2022-487xx/CVE-2022-48773.json +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48773.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48773", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-16T12:15:02.640", - "lastModified": "2024-07-16T13:43:58.773", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:45:26.867", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,106 @@ "value": "En el kernel de Linux se ha solucionado la siguiente vulnerabilidad: xprtrdma: corrige derefs de puntero en casos de error de rpcrdma_ep_create Si hay fallos entonces no debemos dejar los punteros no NULL con el valor de error, de lo contrario `rpcrdma_ep_destroy` se confunde y prueba free ellos, lo que resulta en un Ups." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.10.102", + "matchCriteriaId": "FE2A35CB-3560-4AEF-9643-66B8EB899366" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.25", + "matchCriteriaId": "D098AA16-8E21-4EB7-AE2F-1EEB58E1A3A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "5.16.11", + "matchCriteriaId": "0D327234-5D4A-43DC-A6DF-BCA0CEBEC039" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1e7433fb95ccc01629a5edaa4ced0cd8c98d0ae0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2526d4d8b209dc5ac1fbeb468149774888b2a141", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9921c866dc369577c3ebb9adf2383b01b58c18de", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a9c10b5b3b67b3750a10c8b089b2e05f5e176e33", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48775.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48775.json index b92522f7843..02472890700 100644 --- a/CVE-2022/CVE-2022-487xx/CVE-2022-48775.json +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48775.json @@ -2,44 +2,150 @@ "id": "CVE-2022-48775", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-16T12:15:02.793", - "lastModified": "2024-08-03T16:15:48.183", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:47:10.263", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj\n\nkobject_init_and_add() takes reference even when it fails.\nAccording to the doc of kobject_init_and_add()\uff1a\n\n If this function returns an error, kobject_put() must be called to\n properly clean up the memory associated with the object.\n\nFix memory leak by calling kobject_put()." + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj\n\nkobject_init_and_add() takes reference even when it fails.\nAccording to the doc of kobject_init_and_add()?\n\n If this function returns an error, kobject_put() must be called to\n properly clean up the memory associated with the object.\n\nFix memory leak by calling kobject_put()." }, { "lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Controladores: hv: vmbus: corrige la p\u00e9rdida de memoria en vmbus_add_channel_kobj kobject_init_and_add() toma referencia incluso cuando falla. \u00bfSeg\u00fan el documento de kobject_init_and_add()? Si esta funci\u00f3n devuelve un error, se debe llamar a kobject_put() para limpiar adecuadamente la memoria asociada con el objeto. Solucione la p\u00e9rdida de memoria llamando a kobject_put()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.231", + "matchCriteriaId": "AC95C65F-81A3-45CE-9AEB-8890D21A3303" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.181", + "matchCriteriaId": "FB33213E-1A45-4E3B-A129-58AAA2EB921D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.102", + "matchCriteriaId": "DAD66A9A-8D06-48D1-8AA8-FC060496FF53" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.25", + "matchCriteriaId": "D098AA16-8E21-4EB7-AE2F-1EEB58E1A3A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "5.16.11", + "matchCriteriaId": "0D327234-5D4A-43DC-A6DF-BCA0CEBEC039" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/417947891bd5ae327f15efed1a0da2b12ef24962", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8bc69f86328e87a0ffa79438430cc82f3aa6a194", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/91d8866ca55232d21995a3d54fac96de33c9e20c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/92e25b637cd4e010f776c86e4810300e773eac5c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c377e2ba78d3fe9a1f0b4ec424e75f81da7e81e9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fe595759c2a4a5bb41c438474f15947d8ae32f5c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48777.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48777.json index 2c0c92b3568..9fe99dee915 100644 --- a/CVE-2022/CVE-2022-487xx/CVE-2022-48777.json +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48777.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48777", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-16T12:15:02.940", - "lastModified": "2024-07-16T13:43:58.773", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:52:44.367", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,92 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mtd: parsers: qcom: corrige el p\u00e1nico del kernel en la partici\u00f3n omitida En el caso de una partici\u00f3n omitida (caso cuando el nombre de la entrada est\u00e1 vac\u00edo), el kernel entra en p\u00e1nico en la funci\u00f3n de limpieza como el nombre la entrada es NULA. Vuelva a trabajar la l\u00f3gica del analizador verificando primero el n\u00famero de partici\u00f3n real y luego asigne el espacio y configure los datos para las particiones v\u00e1lidas. La l\u00f3gica tambi\u00e9n era fundamentalmente err\u00f3nea, ya que con una partici\u00f3n omitida, el n\u00famero de pieza devuelto era incorrecto al no disminuirlo para las particiones omitidas." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.25", + "matchCriteriaId": "7FD35AF8-114D-4BB9-BF2F-5AC360C1BC0D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "5.16.11", + "matchCriteriaId": "0D327234-5D4A-43DC-A6DF-BCA0CEBEC039" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/65d003cca335cabc0160d3cd7daa689eaa9dd3cd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a2995fe23095ceda2dc382fbe057f5e164595548", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/eb03cb6e03ffd9173e18e5fe87e4e3ce83820453", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48778.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48778.json index 75203704301..fa263fe4330 100644 --- a/CVE-2022/CVE-2022-487xx/CVE-2022-48778.json +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48778.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48778", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-16T12:15:03.010", - "lastModified": "2024-07-16T13:43:58.773", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:59:05.793", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,122 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: mtd: rawnand: gpmi: no filtrar la referencia de PM en la ruta de error Si gpmi_nfc_apply_timings() falla, se debe descartar el contador de uso del tiempo de ejecuci\u00f3n de PM." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.4.174", + "versionEndExcluding": "5.4.181", + "matchCriteriaId": "7C87A014-0685-4F19-AFB4-92D70C2F5E86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10.94", + "versionEndExcluding": "5.10.102", + "matchCriteriaId": "2F8484B5-4C78-484C-B905-1049FCB1A0A4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15.17", + "versionEndExcluding": "5.15.25", + "matchCriteriaId": "AFF9E8A8-A352-42D0-97A3-8EA0F1086775" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16.3", + "versionEndExcluding": "5.16.11", + "matchCriteriaId": "85541B15-F4B0-4090-99DA-98AF1312A8B6" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/4a7ec50298b1127c5024a750c969ea0794899545", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4cd3281a910a5adf73b2a0a82241dd67844d0b25", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/58d3111eafce9e4398654b07f0b1dac27f26ee5b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9161f365c91614e5a3f5c6dcc44c3b1b33bc59c0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a4eeeaca50199e3f19eb13ac3b7e0bbb93e22de4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-423xx/CVE-2023-42308.json b/CVE-2023/CVE-2023-423xx/CVE-2023-42308.json index 8d12aebec1e..f3cff0d112f 100644 --- a/CVE-2023/CVE-2023-423xx/CVE-2023-42308.json +++ b/CVE-2023/CVE-2023-423xx/CVE-2023-42308.json @@ -2,7 +2,7 @@ "id": "CVE-2023-42308", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-12T21:15:55.787", - "lastModified": "2024-03-13T12:33:51.697", + "lastModified": "2024-08-21T16:35:00.997", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Vulnerabilidad de Cross Site Scripting (XSS) en Manage Fastrack Subjects in Code-Projects Exam Form Submission 1.0 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de la secci\u00f3n \"Nombre del sujeto\" y \"C\u00f3digo del asunto\"." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], "references": [ { "url": "https://github.com/ASR511-OO7/CVE-2023-42308/blob/main/CVE-7", diff --git a/CVE-2023/CVE-2023-528xx/CVE-2023-52885.json b/CVE-2023/CVE-2023-528xx/CVE-2023-52885.json index 7a950101be7..71f985a7b94 100644 --- a/CVE-2023/CVE-2023-528xx/CVE-2023-52885.json +++ b/CVE-2023/CVE-2023-528xx/CVE-2023-52885.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52885", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-14T08:15:01.823", - "lastModified": "2024-07-15T13:00:34.853", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:03:01.107", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,159 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: SUNRPC: corrige UAF en svc_tcp_listen_data_ready() Despu\u00e9s de que se libera el oyente svc_sock, y antes de invocar svc_tcp_accept() para el calcet\u00edn secundario establecido, hay una ventana que indica que el newsock retiene un oyente liberado. svc_sock en sk_user_data que clona desde el padre. En la ventana de ejecuci\u00f3n, si se reciben datos en el newsock, observaremos el informe de use-after-free en svc_tcp_listen_data_ready(). Reproducir mediante dos tareas: 1. while:; hacer rpc.nfsd 0; rpc.nfsd; hecho 2. mientras:; hacer eco \"\" | ncat -4 127.0.0.1 2049; Informe KASAN hecho: ================================================= ==================== ERROR: KASAN: slab-use-after-free en svc_tcp_listen_data_ready+0x1cf/0x1f0 [sunrpc] Lectura de tama\u00f1o 8 en la direcci\u00f3n ffff888139d96228 por tarea nc /102553 CPU: 7 PID: 102553 Comm: nc Not tainted 6.3.0+ #18 Nombre de hardware: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 12/11/2020 Seguimiento de llamadas: dump_stack_lvl+ 0x33/0x50 print_address_description.constprop.0+0x27/0x310 print_report+0x3e/0x70 kasan_report+0xae/0xe0 svc_tcp_listen_data_ready+0x1cf/0x1f0 [sunrpc] tcp_data_queue+0x9f4/0x20e0 tcp_rcv_ establecido+0x666/0x1f60 tcp_v4_do_rcv+0x51c/0x850 tcp_v4_rcv+0x23fc/0x2e80 ip_protocol_deliver_rcu+0x62/0x300 ip_local_deliver_finish+0x267/0x350 ip_local_deliver+0x18b/0x2d0 ip_rcv+0x2fb/0x370 __netif_receive_skb_one_core+0x166/0x1b0 Process_backlog+0x24c/0x5e 0 __napi_poll+0xa2/0x500 net_rx_action+0x854/0xc90 __do_softirq+0x1bb/0x5de do_softirq+0xcb/0x100 ... Asignado por la tarea 102371: kasan_save_stack+0x1e/0x40 kasan_set_track+0x21/0x30 __kasan_kmalloc+0x7b/0x90 svc_setup_socket+0x52/0x4f0 [sunrpc] 0x400 [sunrpc] __write_ports_addfd+0x209/0x390 [nfsd] write_ports+0x239/0x2c0 [nfsd] nfsctl_transaction_write+0xac/0x110 [nfsd] vfs_write+0x1c3/0xae0 ksys_write+0xed/0x1c0 do_syscall_64+0x3 8/0x90 Entry_SYSCALL_64_after_hwframe+0x72/0xdc Liberado por la tarea 102551: kasan_save_stack +0x1e/0x40 kasan_set_track+0x21/0x30 kasan_save_free_info+0x2a/0x50 __kasan_slab_free+0x106/0x190 __kmem_cache_free+0x133/0x270 svc_xprt_free+0x1e2/0x350 [sunrpc] _destroy_all+0x25a/0x440 [sunrpc] nfsd_put+0x125/0x240 [nfsd] nfsd_svc+ 0x2cb/0x3c0 [nfsd] write_threads+0x1ac/0x2a0 [nfsd] nfsctl_transaction_write+0xac/0x110 [nfsd] vfs_write+0x1c3/0xae0 ksys_write+0xed/0x1c0 do_syscall_64+0x38/0x90 entrada_SYSCALL_ 64_after_hwframe+0x72/0xdc Arregle el UAF simplemente sin hacer nada en svc_tcp_listen_data_ready() si state!= TCP_LISTEN, eso evitar\u00e1 desreferenciar svsk para todos los sockets secundarios." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.8", + "versionEndExcluding": "4.14.322", + "matchCriteriaId": "EA304272-C8A2-45E1-8E51-A4EAB3581183" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.291", + "matchCriteriaId": "D2D2CA9F-4CC4-4AF5-8C6D-E58415AB782E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.251", + "matchCriteriaId": "7FA663C4-CA72-4B5A-8592-7354D978F58E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.188", + "matchCriteriaId": "43CAE50A-4A6C-488E-813C-F8DB77C13C8B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.121", + "matchCriteriaId": "EC77775B-EC31-4966-966C-1286C02B2A85" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.39", + "matchCriteriaId": "9BD1D4A1-304D-4187-8178-6D7C0050B1AF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.4.4", + "matchCriteriaId": "A91BC267-63EE-413E-A6EF-6B96C2A278D1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/42725e5c1b181b757ba11d804443922982334d9b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7e1f989055622fd086c5dfb291fc72adf5660b6f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c7b8c2d06e437639694abe76978e915cfb73f428", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cd5ec3ee52ce4b7e283cc11facfa420c297c8065", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/dfc896c4a75cb8cd7cb2dfd9b469cf1e3f004254", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ef047411887ff0845afd642d6a687819308e1a4e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fbf4ace39b2e4f3833236afbb2336edbafd75eee", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fc80fc2d4e39137869da3150ee169b40bf879287", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-528xx/CVE-2023-52886.json b/CVE-2023/CVE-2023-528xx/CVE-2023-52886.json index 0ea1aee1279..97cff0103a1 100644 --- a/CVE-2023/CVE-2023-528xx/CVE-2023-52886.json +++ b/CVE-2023/CVE-2023-528xx/CVE-2023-52886.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52886", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-16T10:15:02.493", - "lastModified": "2024-07-16T13:43:58.773", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:28:49.267", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,137 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: USB: core: corrige la ejecuci\u00f3n al no sobrescribir udev->descriptor en hub_port_init() Syzbot inform\u00f3 una lectura fuera de los l\u00edmites en sysfs.c:read_descriptors(): ERROR: KASAN : slab-out-of-bounds in read_descriptors+0x263/0x280 drivers/usb/core/sysfs.c:883 Lectura de tama\u00f1o 8 en addr ffff88801e78b8c8 por tarea udevd/5011 CPU: 0 PID: 5011 Comm: udevd No contaminado 6.4. 0-rc6-syzkaller-00195-g40f71e7cd3c6 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 27/05/2023 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:88 [en l\u00ednea] dump_stack_lvl+0xd9 /0x150 lib/dump_stack.c:106 print_address_description.constprop.0+0x2c/0x3c0 mm/kasan/report.c:351 print_report mm/kasan/report.c:462 [en l\u00ednea] kasan_report+0x11c/0x130 mm/kasan/report .c:572 read_descriptors+0x263/0x280 drivers/usb/core/sysfs.c:883 ... Asignado por la tarea 758: ... __do_kmalloc_node mm/slab_common.c:966 [en l\u00ednea] __kmalloc+0x5e/0x190 mm/slab_common .c:979 kmalloc include/linux/slab.h:563 [en l\u00ednea] kzalloc include/linux/slab.h:680 [en l\u00ednea] usb_get_configuration+0x1f7/0x5170 drivers/usb/core/config.c:887 usb_enumerate_device drivers/usb /core/hub.c:2407 [en l\u00ednea] usb_new_device+0x12b0/0x19d0 drivers/usb/core/hub.c:2545 Seg\u00fan lo analizado por Khazhy Kumykov, la causa de este error es una ejecuci\u00f3n entre read_descriptors() y hub_port_init(): La primera rutina usa un campo en udev->descriptor, sin esperar que cambie, mientras que la segunda lo sobrescribe. Antes de commit 45bf39f8df7f (\"USB: core: No mantener bloqueado el dispositivo mientras lee el archivo sysfs de \"descriptores\") esta ejecuci\u00f3n no pod\u00eda ocurrir porque las rutinas eran mutuamente excluyentes gracias al bloqueo del dispositivo. Quitar ese bloqueo de read_descriptors() lo expuso a la ejecuci\u00f3n. La mejor manera de corregir el error es evitar que hub_port_init() cambie el descriptor udev->una vez que udev se haya inicializado y registrado. Los controladores esperan que los descriptores almacenados en el kernel sean inmutables; No debemos socavar esta expectativa. De hecho, este cambio deber\u00eda haberse realizado hace mucho tiempo. Entonces ahora hub_port_init() tomar\u00e1 un argumento adicional, especificando un b\u00fafer en el cual almacenar el descriptor del dispositivo que lee. (Si udev a\u00fan no se ha inicializado, el puntero del b\u00fafer ser\u00e1 NULL y luego hub_port_init() almacenar\u00e1 el descriptor del dispositivo en udev como antes). Esto elimina la ejecuci\u00f3n de datos responsable de la lectura fuera de los l\u00edmites. Los cambios en hub_port_init() parecen m\u00e1s extensos de lo que realmente son, debido a los cambios de sangr\u00eda resultantes de un intento de evitar escribir en otras partes de la estructura usb_device despu\u00e9s de que se haya inicializado. Se deben realizar cambios similares en el c\u00f3digo que lee el descriptor BOS, pero eso se puede manejar en un parche separado m\u00e1s adelante. Este parche es suficiente para corregir el error encontrado por syzbot." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "PHYSICAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.5, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10.171", + "versionEndExcluding": "5.10.195", + "matchCriteriaId": "99B4D934-EEA7-4F5C-8D50-00B56A8A110D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15.97", + "versionEndExcluding": "5.15.132", + "matchCriteriaId": "A4BAAF72-0C38-4E64-9F28-D9D51C6537F7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.1.15", + "versionEndExcluding": "6.1.53", + "matchCriteriaId": "7B451AC8-736D-4DEB-ADEA-03790BCEE7B5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.3", + "versionEndExcluding": "6.4.16", + "matchCriteriaId": "27AD8520-E4FB-4ABB-8C4F-ED0C20CAFC66" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.5", + "versionEndExcluding": "6.5.3", + "matchCriteriaId": "880C803A-BEAE-4DA0-8A59-AC023F7B4EE3" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/7fe9d87996062f5eb0ca476ad0257f79bf43aaf5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8186596a663506b1124bede9fde6f243ef9f37ee", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9d241c5d9a9b7ad95c90c6520272fe404d5ac88f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b4a074b1fb222164ed7d5c0b8c922dc4a0840848", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b9fbfb349eacc0820f91c797d7f0a3ac7a4935b5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ff33299ec8bb80cdcc073ad9c506bd79bb2ed20b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-203xx/CVE-2024-20375.json b/CVE-2024/CVE-2024-203xx/CVE-2024-20375.json new file mode 100644 index 00000000000..a8fbf8a80ee --- /dev/null +++ b/CVE-2024/CVE-2024-203xx/CVE-2024-20375.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-20375", + "sourceIdentifier": "ykramarz@cisco.com", + "published": "2024-08-21T17:15:07.303", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the SIP call processing function of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a crafted SIP message to an affected Cisco Unified CM or Cisco Unified CM SME device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition that interrupts the communications of reliant voice and video devices." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ykramarz@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 8.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "ykramarz@cisco.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-dos-kkHq43We", + "source": "ykramarz@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-216xx/CVE-2024-21690.json b/CVE-2024/CVE-2024-216xx/CVE-2024-21690.json new file mode 100644 index 00000000000..9607b396c45 --- /dev/null +++ b/CVE-2024/CVE-2024-216xx/CVE-2024-21690.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2024-21690", + "sourceIdentifier": "security@atlassian.com", + "published": "2024-08-21T16:15:07.390", + "lastModified": "2024-08-21T17:25:08.560", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "This High severity Reflected XSS and CSRF (Cross-Site Request Forgery) vulnerability was introduced in versions 7.19.0, 7.20.0, 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.6.0, 8.7.1, 8.8.0, and 8.9.0 of Confluence Data Center and Server. \n\t\n\tThis Reflected XSS and CSRF (Cross-Site Request Forgery) vulnerability, with a CVSS Score of 7.1, allows an unauthenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser and force a end user to execute unwanted actions on a web application in which they're currently authenticated which has high impact to confidentiality, low impact to integrity, no impact to availability, and requires user interaction. \n\t\n\tAtlassian recommends that Confluence Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:\n\t\t\n\t\t* Confluence Data Center and Server 7.19: Upgrade to a release greater than or equal to 7.19.26\n\t\t\n\t\t* Confluence Data Center and Server 8.5: Upgrade to a release greater than or equal to 8.5.14\n\t\t\n\t\t* Confluence Data Center and Server 9.0: Upgrade to a release greater than or equal to 9.0.1\n\t\t\n\t\t\n\t\n\tSee the release notes (https://confluence.atlassian.com/doc/confluence-release-notes-327.html). You can download the latest version of Confluence Data Center and Server from the download center (https://www.atlassian.com/software/confluence/download-archives). \n\t\n\tThis vulnerability was reported via our Bug Bounty program." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@atlassian.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.2 + } + ] + }, + "references": [ + { + "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1431535667", + "source": "security@atlassian.com" + }, + { + "url": "https://jira.atlassian.com/browse/CONFSERVER-97720", + "source": "security@atlassian.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-222xx/CVE-2024-22277.json b/CVE-2024/CVE-2024-222xx/CVE-2024-22277.json index 99254d237e7..fd91c116437 100644 --- a/CVE-2024/CVE-2024-222xx/CVE-2024-22277.json +++ b/CVE-2024/CVE-2024-222xx/CVE-2024-22277.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22277", "sourceIdentifier": "security@vmware.com", "published": "2024-07-04T14:15:01.990", - "lastModified": "2024-07-05T12:55:51.367", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T16:12:46.790", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security@vmware.com", "type": "Secondary", @@ -39,10 +59,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vmware:cloud_director:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.0.0", + "versionEndExcluding": "4.7.2", + "matchCriteriaId": "7C06DDD1-FB6C-4A11-8786-00702A272D85" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24557", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-258xx/CVE-2024-25833.json b/CVE-2024/CVE-2024-258xx/CVE-2024-25833.json index ac9c37782bb..07fb272e707 100644 --- a/CVE-2024/CVE-2024-258xx/CVE-2024-25833.json +++ b/CVE-2024/CVE-2024-258xx/CVE-2024-25833.json @@ -2,7 +2,7 @@ "id": "CVE-2024-25833", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-29T01:44:16.753", - "lastModified": "2024-02-29T13:49:29.390", + "lastModified": "2024-08-21T16:35:02.683", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "F-logic DataCube3 v1.0 es vulnerable a la inyecci\u00f3n de SQL no autenticado, lo que podr\u00eda permitir que un actor malicioso no autenticado ejecute consultas SQL arbitrarias en la base de datos." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], "references": [ { "url": "https://neroteam.com/blog/f-logic-datacube3-vulnerability-report", diff --git a/CVE-2024/CVE-2024-258xx/CVE-2024-25842.json b/CVE-2024/CVE-2024-258xx/CVE-2024-25842.json index 9e3b439e999..408392503ee 100644 --- a/CVE-2024/CVE-2024-258xx/CVE-2024-25842.json +++ b/CVE-2024/CVE-2024-258xx/CVE-2024-25842.json @@ -2,7 +2,7 @@ "id": "CVE-2024-25842", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-03T09:15:06.210", - "lastModified": "2024-03-04T13:58:23.447", + "lastModified": "2024-08-21T16:35:03.457", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Se descubri\u00f3 un problema en el m\u00f3dulo Presta World \"Administrador de cuentas - Representante de ventas y distribuidores - CRM\" (prestasalesmanager) para PrestaShop anterior a la versi\u00f3n 9.0, que permite a atacantes remotos escalar privilegios y obtener informaci\u00f3n confidencial a trav\u00e9s de los m\u00e9todos uploadLogo() y postProcess." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], "references": [ { "url": "https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2024-02-29-prestasalesmanager.md", diff --git a/CVE-2024/CVE-2024-273xx/CVE-2024-27371.json b/CVE-2024/CVE-2024-273xx/CVE-2024-27371.json index 028a995192e..ccf6009b769 100644 --- a/CVE-2024/CVE-2024-273xx/CVE-2024-27371.json +++ b/CVE-2024/CVE-2024-273xx/CVE-2024-27371.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27371", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-05T19:15:12.687", - "lastModified": "2024-06-27T16:40:45.063", - "vulnStatus": "Analyzed", + "lastModified": "2024-08-21T16:35:04.317", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -69,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-1288" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-273xx/CVE-2024-27375.json b/CVE-2024/CVE-2024-273xx/CVE-2024-27375.json index 52309d43d22..e068bce1ed7 100644 --- a/CVE-2024/CVE-2024-273xx/CVE-2024-27375.json +++ b/CVE-2024/CVE-2024-273xx/CVE-2024-27375.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27375", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-05T19:15:13.557", - "lastModified": "2024-06-27T16:23:15.020", - "vulnStatus": "Analyzed", + "lastModified": "2024-08-21T16:35:05.110", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -69,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-1288" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-280xx/CVE-2024-28000.json b/CVE-2024/CVE-2024-280xx/CVE-2024-28000.json index c05cd0774a7..5ccde9404cf 100644 --- a/CVE-2024/CVE-2024-280xx/CVE-2024-28000.json +++ b/CVE-2024/CVE-2024-280xx/CVE-2024-28000.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28000", "sourceIdentifier": "audit@patchstack.com", "published": "2024-08-21T14:15:08.547", - "lastModified": "2024-08-21T15:15:08.117", - "vulnStatus": "Received", + "lastModified": "2024-08-21T16:06:23.153", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-283xx/CVE-2024-28340.json b/CVE-2024/CVE-2024-283xx/CVE-2024-28340.json index 2698b3d706b..122419b971b 100644 --- a/CVE-2024/CVE-2024-283xx/CVE-2024-28340.json +++ b/CVE-2024/CVE-2024-283xx/CVE-2024-28340.json @@ -2,7 +2,7 @@ "id": "CVE-2024-28340", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-12T17:15:59.140", - "lastModified": "2024-03-12T17:46:17.273", + "lastModified": "2024-08-21T16:35:05.830", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Una fuga de informaci\u00f3n en el componente currentsetting.htm de Netgear CBR40 2.5.0.28, Netgear CBK40 2.5.0.28 y Netgear CBK43 2.5.0.28 permite a los atacantes obtener informaci\u00f3n confidencial sin necesidad de autenticaci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], "references": [ { "url": "https://github.com/funny-mud-peee/IoT-vuls/blob/main/Netgear%20CBR40%5CCBK40%5CCBK43/Info%20Leak%20in%20Netgear-CBR40%E3%80%81CBK40%E3%80%81CBK43%20Router%EF%BC%88currentsetting.htm%EF%BC%89.md", diff --git a/CVE-2024/CVE-2024-336xx/CVE-2024-33656.json b/CVE-2024/CVE-2024-336xx/CVE-2024-33656.json new file mode 100644 index 00000000000..826c7827d77 --- /dev/null +++ b/CVE-2024/CVE-2024-336xx/CVE-2024-33656.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-33656", + "sourceIdentifier": "biossecurity@ami.com", + "published": "2024-08-21T17:15:07.567", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The DXE module SmmComputrace contains a vulnerability that allows local attackers to leak stack or global memory. This could lead to privilege escalation, arbitrary code execution, and bypassing OS security mechanisms" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "biossecurity@ami.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "biossecurity@ami.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "references": [ + { + "url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024003.pdf", + "source": "biossecurity@ami.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-336xx/CVE-2024-33657.json b/CVE-2024/CVE-2024-336xx/CVE-2024-33657.json new file mode 100644 index 00000000000..4d7d1df6f81 --- /dev/null +++ b/CVE-2024/CVE-2024-336xx/CVE-2024-33657.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-33657", + "sourceIdentifier": "biossecurity@ami.com", + "published": "2024-08-21T17:15:07.777", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "This SMM vulnerability affects certain modules, allowing privileged attackers to execute arbitrary code, manipulate stack memory, and leak information from SMRAM to kernel space, potentially leading to denial-of-service attacks." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "biossecurity@ami.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "biossecurity@ami.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024003.pdf", + "source": "biossecurity@ami.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-345xx/CVE-2024-34515.json b/CVE-2024/CVE-2024-345xx/CVE-2024-34515.json index 586af61cffc..aa0303244a5 100644 --- a/CVE-2024/CVE-2024-345xx/CVE-2024-34515.json +++ b/CVE-2024/CVE-2024-345xx/CVE-2024-34515.json @@ -2,7 +2,7 @@ "id": "CVE-2024-34515", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-05T21:15:55.650", - "lastModified": "2024-05-06T12:44:56.377", + "lastModified": "2024-08-21T17:35:01.453", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "image-optimizer anterior a 1.7.3 permite la deserializaci\u00f3n PHAR, por ejemplo, el protocolo phar:// en argumentos para file_exists()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], "references": [ { "url": "https://github.com/spatie/image-optimizer/compare/1.7.2...1.7.3", diff --git a/CVE-2024/CVE-2024-355xx/CVE-2024-35540.json b/CVE-2024/CVE-2024-355xx/CVE-2024-35540.json index d46bb03f4c8..be47af32fd7 100644 --- a/CVE-2024/CVE-2024-355xx/CVE-2024-35540.json +++ b/CVE-2024/CVE-2024-355xx/CVE-2024-35540.json @@ -2,17 +2,41 @@ "id": "CVE-2024-35540", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-20T15:15:21.103", - "lastModified": "2024-08-20T16:35:15.360", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-21T16:05:06.290", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A stored cross-site scripting (XSS) vulnerability in Typecho v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de cross-site scripting (XSS) almacenado en Typecho v1.3.0 permite a los atacantes ejecutar scripts web o HTML arbitrario a trav\u00e9s de un payload manipulado." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -36,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -47,10 +81,37 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:typecho:typecho:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.2.1", + "matchCriteriaId": "AFBE627E-899B-4684-A7CE-3144D803F3A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:typecho:typecho:1.3.0:alpha:*:*:*:*:*:*", + "matchCriteriaId": "19152324-0D74-4B60-88C1-5E4BC64F645C" + } + ] + } + ] + } + ], "references": [ { "url": "https://cyberaz0r.info/2024/08/typecho-multiple-vulnerabilities/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-365xx/CVE-2024-36528.json b/CVE-2024/CVE-2024-365xx/CVE-2024-36528.json index dbe48f12685..2c28f990d74 100644 --- a/CVE-2024/CVE-2024-365xx/CVE-2024-36528.json +++ b/CVE-2024/CVE-2024-365xx/CVE-2024-36528.json @@ -2,7 +2,7 @@ "id": "CVE-2024-36528", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-10T15:15:52.483", - "lastModified": "2024-06-10T18:06:22.600", + "lastModified": "2024-08-21T17:35:02.500", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "nukeviet v.4.5 y anteriores y nukeviet-egov v.1.2.02 y anteriores tienen una vulnerabilidad de deserializaci\u00f3n que da como resultado la ejecuci\u00f3n de c\u00f3digo a trav\u00e9s de /admin/extensions/download.php y /admin/extensions/upload.php." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], "references": [ { "url": "https://mat4mee.notion.site/2-bug-chains-in-nukeViet-lead-to-RCE-bdd42b20b05a448fbe87c752b41bb15f", diff --git a/CVE-2024/CVE-2024-365xx/CVE-2024-36550.json b/CVE-2024/CVE-2024-365xx/CVE-2024-36550.json index 70b4b92d51f..81b7c0dd7fa 100644 --- a/CVE-2024/CVE-2024-365xx/CVE-2024-36550.json +++ b/CVE-2024/CVE-2024-365xx/CVE-2024-36550.json @@ -2,8 +2,8 @@ "id": "CVE-2024-36550", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-04T15:15:47.497", - "lastModified": "2024-06-06T15:24:43.683", - "vulnStatus": "Analyzed", + "lastModified": "2024-08-21T16:35:07.113", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-352" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-366xx/CVE-2024-36667.json b/CVE-2024/CVE-2024-366xx/CVE-2024-36667.json index f1cba4f34af..14bec95b09d 100644 --- a/CVE-2024/CVE-2024-366xx/CVE-2024-36667.json +++ b/CVE-2024/CVE-2024-366xx/CVE-2024-36667.json @@ -2,8 +2,8 @@ "id": "CVE-2024-36667", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-05T19:15:15.687", - "lastModified": "2024-06-27T14:53:18.847", - "vulnStatus": "Analyzed", + "lastModified": "2024-08-21T16:35:07.880", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-352" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-366xx/CVE-2024-36691.json b/CVE-2024/CVE-2024-366xx/CVE-2024-36691.json index a535fcfcea7..906db3e2be9 100644 --- a/CVE-2024/CVE-2024-366xx/CVE-2024-36691.json +++ b/CVE-2024/CVE-2024-366xx/CVE-2024-36691.json @@ -2,7 +2,7 @@ "id": "CVE-2024-36691", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-12T15:15:52.400", - "lastModified": "2024-06-13T18:36:09.010", + "lastModified": "2024-08-21T17:35:03.320", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Los permisos inseguros en el m\u00e9todo AdminController.AjaxSave() de PPGo_Jobs v2.8.0 permiten a atacantes autenticados modificar arbitrariamente la informaci\u00f3n de la cuenta de los usuarios." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-277" + } + ] + } + ], "references": [ { "url": "https://www.yuque.com/beimi-tb0gl/yrgtbp/wi8bg26o3wlfqdaf?singleDoc", diff --git a/CVE-2024/CVE-2024-37xx/CVE-2024-3779.json b/CVE-2024/CVE-2024-37xx/CVE-2024-3779.json index faa049d8132..acdea7e4709 100644 --- a/CVE-2024/CVE-2024-37xx/CVE-2024-3779.json +++ b/CVE-2024/CVE-2024-37xx/CVE-2024-3779.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3779", "sourceIdentifier": "security@eset.com", "published": "2024-07-16T09:15:02.877", - "lastModified": "2024-07-16T13:43:58.773", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:38:16.057", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "security@eset.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + }, { "source": "security@eset.com", "type": "Secondary", @@ -51,10 +81,134 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:eset:internet_security:*:*:*:*:*:*:*:*", + "versionEndExcluding": "17.2.7.0", + "matchCriteriaId": "B883CA27-1FC9-4AF6-9BBD-6FC41DE3A667" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:eset:nod32:*:*:*:*:*:*:*:*", + "versionEndExcluding": "17.2.7.0", + "matchCriteriaId": "620325BE-DDE6-4ADE-BB6A-36CA8E48A30A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:eset:security:*:*:*:*:ultimate:*:*:*", + "versionEndExcluding": "17.2.7.0", + "matchCriteriaId": "0EB1BEC6-15AD-4B95-A954-814594AE8FCB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:eset:smart_security:*:*:*:*:premium:*:*:*", + "versionEndExcluding": "17.2.7.0", + "matchCriteriaId": "B5D76653-60CC-4107-A027-02E2A1B255DE" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:windows:*:*", + "versionEndExcluding": "11.1.2039.0", + "matchCriteriaId": "102DE882-64EA-4752-9722-2EAE0074BF91" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:eset:endpoint_security:*:*:*:*:*:windows:*:*", + "versionEndExcluding": "11.1.2039.0", + "matchCriteriaId": "56305C95-A7D6-49BC-8CEE-5EA343190842" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:eset:server_security:*:*:*:*:*:windows_server:*:*", + "versionEndExcluding": "11.0.12012.0", + "matchCriteriaId": "9F9E6C2C-AA89-4377-B0A0-6B3B36209B90" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:eset:mail_security:*:*:*:*:*:exchange_server:*:*", + "versionEndIncluding": "11.0.10008.0", + "matchCriteriaId": "A8906CBA-D3F0-4BC1-B32A-11D4425EE784" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:eset:mail_security:-:*:*:*:*:domino:*:*", + "matchCriteriaId": "5043B5B1-38B2-4621-B738-A79E5DF8D98E" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:eset:security:*:*:*:*:*:sharepoint_server:*:*", + "versionEndExcluding": "11.0.15004.0", + "matchCriteriaId": "61BC0A21-A589-48B5-9D35-E0E8749EDFDB" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.eset.com/en/ca8688", - "source": "security@eset.com" + "source": "security@eset.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-393xx/CVE-2024-39344.json b/CVE-2024/CVE-2024-393xx/CVE-2024-39344.json new file mode 100644 index 00000000000..2352d7dca3d --- /dev/null +++ b/CVE-2024/CVE-2024-393xx/CVE-2024-39344.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-39344", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-08-21T16:15:08.013", + "lastModified": "2024-08-21T17:25:08.560", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in the Docusign API package 8.142.14 for Salesforce. The Apttus_DocuApi__DocusignAuthentication__mdt object is installed via the marketplace from this package and stores some configuration information in a manner that could be compromised. With the default settings when installed for all users, the object can be accessible and (via its fields) could disclose some keys. These disclosed components can be combined to create a valid session via the Docusign API. This will generally lead to a complete compromise of the Docusign account because the session is for an administrator service account and may have permission to re-authenticate as specific users with the same authorization flow." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://deneyed.com/blog/conga/", + "source": "cve@mitre.org" + }, + { + "url": "https://login.salesforce.com/packaging/installPackage.apexp?p0=04t6S000000YUDxQAO", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39487.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39487.json index 2b7f93c895f..40a8c93b160 100644 --- a/CVE-2024/CVE-2024-394xx/CVE-2024-39487.json +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39487.json @@ -2,8 +2,8 @@ "id": "CVE-2024-39487", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-09T10:15:04.597", - "lastModified": "2024-07-18T12:15:03.183", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-21T17:18:01.117", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,197 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bonding: corrige la lectura fuera de los l\u00edmites en bond_option_arp_ip_targets_set() En la funci\u00f3n bond_option_arp_ip_targets_set(), si newval->string es una cadena vac\u00eda, newval->string+1 apuntar\u00e1 a el byte despu\u00e9s de la cadena, lo que provoca una lectura fuera de los l\u00edmites. ERROR: KASAN: slab-out-of-bounds en strlen+0x7d/0xa0 lib/string.c:418 Lectura del tama\u00f1o 1 en la direcci\u00f3n ffff8881119c4781 por tarea syz-executor665/8107 CPU: 1 PID: 8107 Comm: syz-executor665 No tainted 6.7.0-rc7 #1 Nombre del hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS 1.15.0-1 01/04/2014 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:88 [en l\u00ednea] dump_stack_lvl+0xd9/0x150 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:364 [en l\u00ednea] print_report+0xc1/0x5e0 mm/kasan/report.c:475 kasan_report+0xbe/0xf0 mm/kasan/report. c:588 strlen+0x7d/0xa0 lib/string.c:418 __fortify_strlen include/linux/fortify-string.h:210 [en l\u00ednea] in4_pton+0xa3/0x3f0 net/core/utils.c:130 bond_option_arp_ip_targets_set+0xc2/0x910 controladores /net/bonding/bond_options.c:1201 __bond_opt_set+0x2a4/0x1030 controladores/net/bonding/bond_options.c: 767 __bond_opt_set_notify+0x48/0x150 Drivers/net/bonding/bond_options.c: 792 bond_pt_tryset neto /bonding/bond_options.c:817 bonding_sysfs_store_option+0xa1/0x120 drivers/net/bonding/bond_sysfs.c:156 dev_attr_store+0x54/0x80 drivers/base/core.c:2366 sysfs_kf_write+0x114/0x170 fs/sysfs/file.c :136 kernfs_fop_write_iter+0x337/0x500 fs/kernfs/file.c:334 call_write_iter include/linux/fs.h:2020 [en l\u00ednea] new_sync_write fs/read_write.c:491 [en l\u00ednea] vfs_write+0x96a/0xd80 fs/read_write.c :584 ksys_write+0x122/0x250 fs/read_write.c:637 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0x40/0x110 arch/x86/entry/common.c:83 Entry_SYSCALL_64_after_hwframe+0x63/0x6 ---[rastreo final]--- Solucionelo agregando una verificaci\u00f3n de la longitud de la cadena antes de usarlo." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.13", + "versionEndExcluding": "4.19.318", + "matchCriteriaId": "A275A2D4-178A-4222-9C35-51A823A040CD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.280", + "matchCriteriaId": "625DBFAB-C3D0-4309-A27F-12D6428FB38F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.222", + "matchCriteriaId": "00696AC5-EE29-437F-97F9-C4D66608B327" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.163", + "matchCriteriaId": "A97DEB09-4927-40F8-B5C6-F5BD5EAE0CFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.98", + "matchCriteriaId": "E09E92A5-27EF-40E4-926A-B1CDC8270551" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.39", + "matchCriteriaId": "29E894E4-668F-4DB0-81F7-4FB5F698E970" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.9.9", + "matchCriteriaId": "ADCC1407-0CB3-4C8F-B4C5-07F682CD7085" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", + "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", + "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3173713D-909A-4DD3-9DD4-1E171EB057EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*", + "matchCriteriaId": "79F18AFA-40F7-43F0-BA30-7BDB65F918B9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc5:*:*:*:*:*:*", + "matchCriteriaId": "BD973AA4-A789-49BD-8D57-B2846935D3C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc6:*:*:*:*:*:*", + "matchCriteriaId": "8F3E9E0C-AC3E-4967-AF80-6483E8AB0078" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/6a8a4fd082c439e19fede027e80c79bc4c84bb8e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6b21346b399fd1336fe59233a17eb5ce73041ee1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/707c85ba3527ad6aa25552033576b0f1ff835d7b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9f835e48bd4c75fdf6a9cff3f0b806a7abde78da", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b75e33eae8667084bd4a63e67657c6a5a0f8d1e8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bfd14e5915c2669f292a31d028e75dcd82f1e7e9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c8eb8ab9a44ff0e73492d0a12a643c449f641a9f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e271ff53807e8f2c628758290f0e499dbe51cb3d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-396xx/CVE-2024-39690.json b/CVE-2024/CVE-2024-396xx/CVE-2024-39690.json index 79243dfc360..c5ee60914e4 100644 --- a/CVE-2024/CVE-2024-396xx/CVE-2024-39690.json +++ b/CVE-2024/CVE-2024-396xx/CVE-2024-39690.json @@ -2,17 +2,41 @@ "id": "CVE-2024-39690", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-20T15:15:21.340", - "lastModified": "2024-08-20T15:44:20.567", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-21T16:01:47.157", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Capsule is a multi-tenancy and policy-based framework for Kubernetes. In Capsule v0.7.0 and earlier, the tenant-owner can patch any arbitrary namespace that has not been taken over by a tenant (i.e., namespaces without the ownerReference field), thereby gaining control of that namespace." + }, + { + "lang": "es", + "value": "Capsule es un framework multiinquilino y basado en pol\u00edticas para Kubernetes. En Capsule v0.7.0 y versiones anteriores, el inquilino-propietario puede parchear cualquier espacio de nombres arbitrario que no haya sido asumido por un inquilino (es decir, espacios de nombres sin el campo propietarioReferencia), obteniendo as\u00ed el control de ese espacio de nombres." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -36,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -47,14 +81,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:projectcapsule:capsule:*:*:*:*:*:*:*:*", + "versionEndIncluding": "0.7.0", + "matchCriteriaId": "A192D305-E13C-436F-8AF2-0D3DC4CD03C1" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/projectcapsule/capsule/commit/d620b0457ddec01616b8eab8512a10611611f584", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/projectcapsule/capsule/security/advisories/GHSA-mq69-4j5w-3qwp", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-404xx/CVE-2024-40453.json b/CVE-2024/CVE-2024-404xx/CVE-2024-40453.json new file mode 100644 index 00000000000..270e57d21de --- /dev/null +++ b/CVE-2024/CVE-2024-404xx/CVE-2024-40453.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-40453", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-08-21T17:15:08.100", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "squirrellyjs squirrelly v9.0.0 and fixed in v.9.0.1 was discovered to contain a code injection vulnerability via the component options.varName." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/squirrellyjs/squirrelly", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/squirrellyjs/squirrelly/pull/262", + "source": "cve@mitre.org" + }, + { + "url": "https://samuzora.com/posts/cve-2024-40453", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-405xx/CVE-2024-40500.json b/CVE-2024/CVE-2024-405xx/CVE-2024-40500.json index 49fcc916d8f..2f5c9273197 100644 --- a/CVE-2024/CVE-2024-405xx/CVE-2024-40500.json +++ b/CVE-2024/CVE-2024-405xx/CVE-2024-40500.json @@ -2,8 +2,8 @@ "id": "CVE-2024-40500", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-12T17:15:17.153", - "lastModified": "2024-08-12T18:57:17.383", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T16:05:32.603", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 6.0 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,10 +81,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:scilico:i-librarian:*:*:*:*:*:*:*:*", + "versionEndIncluding": "5.11.0", + "matchCriteriaId": "DA0B421D-0E94-4B84-BD50-72254FC4A974" + } + ] + } + ] + } + ], "references": [ { "url": "https://nitipoom-jar.github.io/CVE-2024-40500/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-409xx/CVE-2024-40952.json b/CVE-2024/CVE-2024-409xx/CVE-2024-40952.json index da92ceb0ac9..e2b9e16f824 100644 --- a/CVE-2024/CVE-2024-409xx/CVE-2024-40952.json +++ b/CVE-2024/CVE-2024-409xx/CVE-2024-40952.json @@ -2,8 +2,8 @@ "id": "CVE-2024-40952", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-12T13:15:17.477", - "lastModified": "2024-07-12T16:34:58.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T16:50:34.377", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,109 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ocfs2: corrigi\u00f3 la desreferencia del puntero NULL en ocfs2_journal_dirty() bdev->bd_super se elimin\u00f3 y commit 8887b94d9322 cambi\u00f3 el uso de bdev->bd_super a b_assoc_map->host->i_sb. Esto introduce la siguiente desreferencia del puntero NULL en ocfs2_journal_dirty() ya que b_assoc_map a\u00fan no est\u00e1 inicializado. Esto se puede reproducir f\u00e1cilmente ejecutando xfstests generic/186, que no simula m\u00e1s cr\u00e9ditos. [134.351592] ERROR: desreferencia del puntero NULL del kernel, direcci\u00f3n: 0000000000000000... [134.355341] RIP: 0010:ocfs2_journal_dirty+0x14f/0x160 [ocfs2]... [134.365071] Seguimiento de llamadas: [134.3653 12] [134.365524] ? __die_body+0x1e/0x60 [ 134.365868] ? page_fault_oops+0x13d/0x4f0 [134.366265]? __pfx_bit_wait_io+0x10/0x10 [134.366659]? horario+0x27/0xb0 [ 134.366981] ? exc_page_fault+0x6a/0x140 [134.367356]? asm_exc_page_fault+0x26/0x30 [134.367762]? ocfs2_journal_dirty+0x14f/0x160 [ocfs2] [ 134.368305] ? ocfs2_journal_dirty+0x13d/0x160 [ocfs2] [ 134.368837] ocfs2_create_new_meta_bhs.isra.51+0x139/0x2e0 [ocfs2] [ 134.369454] ocfs2_grow_tree+0x688/0x8a0 [ocfs2] 134.369927] ocfs2_split_and_insert.isra.67+0x35c/0x4a0 [ocfs2] [ 134.370521] ocfs2_split_extent+0x314/0x4d0 [ocfs2] [ 134.371019] ocfs2_change_extent_flag+0x174/0x410 [ocfs2] [ 134.371566] ocfs2_add_refcount_flag+0x3fa/0x630 ocfs2] [134.372117] ocfs2_reflink_remap_extent+0x21b/0x4c0 [ocfs2] [134.372994]? inode_update_timestamps+0x4a/0x120 [134.373692]? __pfx_ocfs2_journal_access_di+0x10/0x10 [ocfs2] [ 134.374545] ? __pfx_ocfs2_journal_access_di+0x10/0x10 [ocfs2] [ 134.375393] ocfs2_reflink_remap_blocks+0xe4/0x4e0 [ocfs2] [ 134.376197] ocfs2_remap_file_range+0x1de/0x390 [ocfs2] [ 13 4.376971] ? permiso_archivo_seguridad+0x29/0x50 [ 134.377644] vfs_clone_file_range+0xfe/0x320 [ 134.378268] ioctl_file_clone+0x45/0xa0 [ 134.378853] do_vfs_ioctl+0x457/0x990 [ 134.379 422] __x64_sys_ioctl+0x6e/0xd0 [ 134.379987] do_syscall_64+0x5d/0x170 [ 134.380550] entrada_SYSCALL_64_after_hwframe+ 0x76/0x7e [ 134.381231] RIP: 0033:0x7fa4926397cb [ 134.381786] C\u00f3digo: 73 01 c3 48 8b 0d bd 56 38 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f f84 00 00 00 00 00 90 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8d 56 38 00 f7 d8 64 89 01 48 [ 134.383930] RSP: 002b:00007ffc2b39f7b8 : 00000246 ORIG_RAX: 00000000000000010 [ 134.384854] RAX : ffffffffffffffda RBX: 0000000000000004 RCX: 00007fa4926397cb [ 134.385734] RDX: 00007ffc2b39f7f0 RSI: 000000004020940d RDI: 0000000000000003 [ 134.386606] RBP: 0000000000000000 R08: 00111a82a4f015bb R09: 00007fa494221000 [ 134.387476] R10: 0000000000000000 R11: 0000000000000 246 R12: 0000000000000000 [ 134.388342] R13: 0000000000f10000 R14: 0000558e844e2ac8 R15: 0000000000f10000 [ 134.389207] Solucionelo abortando solo la transacci\u00f3n y el diario en ocfs2_journal_dirty() ahora, y deje ocfs2_abort() m\u00e1s tarde cuando detecte un identificador abortado, por ejemplo, iniciar la siguiente transacci\u00f3n. En este caso, registre tambi\u00e9n los detalles del identificador." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6", + "versionEndExcluding": "6.6.36", + "matchCriteriaId": "7811AF31-E4C8-4CC1-8D27-717621D639B8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.9.7", + "matchCriteriaId": "0A047AF2-94AC-4A3A-B32D-6AB930D8EF1C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", + "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", + "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3173713D-909A-4DD3-9DD4-1E171EB057EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*", + "matchCriteriaId": "79F18AFA-40F7-43F0-BA30-7BDB65F918B9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0550ad87711f815b3d73e487ec58ca7d8f56edbc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/58f7e1e2c9e72c7974054c64c3abeac81c11f822", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/72663d3e09091f431a0774227ca207c0358362dd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-409xx/CVE-2024-40960.json b/CVE-2024/CVE-2024-409xx/CVE-2024-40960.json index c619f961802..85fe5f40fdd 100644 --- a/CVE-2024/CVE-2024-409xx/CVE-2024-40960.json +++ b/CVE-2024/CVE-2024-409xx/CVE-2024-40960.json @@ -2,8 +2,8 @@ "id": "CVE-2024-40960", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-12T13:15:18.040", - "lastModified": "2024-07-12T16:34:58.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T16:53:01.407", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,179 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ipv6: evita una posible desreferencia NULL en rt6_probe() syzbot detect\u00f3 una desreferencia NULL en rt6_probe() [1] Rescate si __in6_dev_get() devuelve NULL. [1] Ups: falla de protecci\u00f3n general, probablemente para la direcci\u00f3n no can\u00f3nica 0xdffffc00000000cb: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref en el rango [0x00000000000000658-0x000000000000065f] CPU: 1 PID: 22444 Comm: syz- executor.0 No contaminado 6.10.0-rc2-syzkaller-00383-gb8481381d4e2 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/04/2024 RIP: 0010:rt6_probe net/ipv6/route.c: 656 [en l\u00ednea] RIP: 0010:find_match+0x8c4/0xf50 net/ipv6/route.c:758 C\u00f3digo: 14 fd f7 48 8b 85 38 ff ff ff 48 c7 45 b0 00 00 00 00 48 8d b8 5c 06 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 19 RSP: EFLAGS: 00010203 RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90004521000 RDX: 00000000000000cb RSI: ffffffff8990d0cd RDI: 000000000000065c RBP: ffffc900034af1 50 R08: 0000000000000005 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000002 R12: 000000000000000a R13: 1ffff92000695e 18 R14: ffff8880244a1d20 R15: 00000000000000000 FS: 00007f4844a5a6c0(0000) GS :ffff8880b9300000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000001b31b27000 CR3: 000000002d42c000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 00000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000400 Seguimiento de llamadas: rt6_nh_find_match+0xfa/0x1a0 net/ipv6/route.c:784 nexthop_for_each_fib6_nh+0x26d/0x4a0 net/ipv4/nexthop.c:1496 __find_rr_leaf+0x6e7/0xe00 net/ipv6/route.c:825 net/ipv6/ route.c:853 [en l\u00ednea] rt6_select net/ipv6/route.c:897 [en l\u00ednea] fib6_table_lookup+0x57e/0xa30 net/ipv6/route.c:2195 ip6_pol_route+0x1cd/0x1150 net/ipv6/route.c:2231 pol_lookup_func include/net/ip6_fib.h:616 [en l\u00ednea] fib6_rule_lookup+0x386/0x720 net/ipv6/fib6_rules.c:121 ip6_route_output_flags_noref net/ipv6/route.c:2639 [en l\u00ednea] ip6_route_output_flags+0x1d0/0x640 net/ipv6 /ruta. c:2651 ip6_dst_lookup_tail.constprop.0+0x961/0x1760 net/ipv6/ip6_output.c:1147 ip6_dst_lookup_flow+0x99/0x1d0 net/ipv6/ip6_output.c:1250 rawv6_sendmsg+0xdab/0x4340 net/ipv6/raw. c:898 inet_sendmsg +0x119/0x140 net/ipv4/af_inet.c:853 sock_sendmsg_nosec net/socket.c:730 [en l\u00ednea] __sock_sendmsg net/socket.c:745 [en l\u00ednea] sock_write_iter+0x4b8/0x5c0 net/socket.c:1160 new_sync_write fs/ read_write.c:497 [en l\u00ednea] vfs_write+0x6b6/0x1140 fs/read_write.c:590 ksys_write+0x1f8/0x260 fs/read_write.c:643 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xcd /0x250 arch/x86/entry/common.c:83 entrada_SYSCALL_64_after_hwframe+0x77/0x7f" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.17", + "versionEndExcluding": "4.19.317", + "matchCriteriaId": "E413839C-8E38-49FB-A9C2-BBCEFBC8C4CF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.279", + "matchCriteriaId": "F4E38E58-1B9F-4DF2-AD3D-A8BEAA2959D8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.221", + "matchCriteriaId": "659E1520-6345-41AF-B893-A7C0647585A0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.162", + "matchCriteriaId": "10A39ACC-3005-40E8-875C-98A372D1FFD5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.96", + "matchCriteriaId": "61E887B4-732A-40D2-9983-CC6F281EBFB7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.36", + "matchCriteriaId": "E1046C95-860A-45B0-B718-2B29F65BFF10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.9.7", + "matchCriteriaId": "0A047AF2-94AC-4A3A-B32D-6AB930D8EF1C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", + "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", + "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3173713D-909A-4DD3-9DD4-1E171EB057EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*", + "matchCriteriaId": "79F18AFA-40F7-43F0-BA30-7BDB65F918B9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1ed9849fdf9a1a617129346b11d2094ca26828dc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/51ee2f7c30790799d0ec30c0ce0c743e58f046f2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/569c9d9ea6648d099187527b93982f406ddcebc0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6eed6d3cd19ff3cfa83aeceed86da14abaf7417b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/73e7c8ca6ad76f29b2c99c20845a6f3b203ff0c6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b86762dbe19a62e785c189f313cda5b989931f37", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d66fc4826127c82f99c4033380f8e93833d331c7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f0cda984e4e634b221dbf9642b8ecc5b4806b41e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-409xx/CVE-2024-40961.json b/CVE-2024/CVE-2024-409xx/CVE-2024-40961.json index bcd67605d82..aadd5a117ff 100644 --- a/CVE-2024/CVE-2024-409xx/CVE-2024-40961.json +++ b/CVE-2024/CVE-2024-409xx/CVE-2024-40961.json @@ -2,8 +2,8 @@ "id": "CVE-2024-40961", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-12T13:15:18.110", - "lastModified": "2024-07-12T16:34:58.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T16:54:20.817", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,165 @@ "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: ipv6: previene posible deref NULL en fib6_nh_init() syzbot nos recuerda que in6_dev_get() puede devolver NULL. fib6_nh_init() ip6_validate_gw( &idev ) ip6_route_check_nh( idev ) *idev = in6_dev_get(dev); // puede ser NULL Ups: falla de protecci\u00f3n general, probablemente para direcci\u00f3n no can\u00f3nica 0xdffffc00000000bc: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x00000000000005e0-0x00000000000005e7] CPU: 0 PID: 11237 Co mil\u00edmetros: syz-executor.3 No est\u00e1 contaminado 6.10.0-rc2-syzkaller-00249-gbe27b8965297 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/06/2024 RIP: 0010:fib6_nh_init+0x640/0x2160 net/ ipv6/route.c:3606 C\u00f3digo: 00 00 fc ff df 4c 8b 64 24 58 48 8b 44 24 28 4c 8b 74 24 30 48 89 c1 48 89 44 24 28 48 8d 98 e0 05 00 00 48 89 8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 b3 17 00 00 8b 1b 31 ff 89 de e8 b8 8b RSP: 0018:ffffc900032775a0 EFLAGS: 00010202 RAX: 00000000000000bc RBX: 00000000000005e0 RCX: 0000000000000000 RDX: 0000000000000010 RSI: ffffc90003277a54 RDI: ffff88802b3a08d8 RBP: ffffc900032778b0 R08: 00000000000002fc R09: 0000000000000000 R10: 00000000000002fc R11: 0000000000000000 R12: ff88802b3a08b8 R13: 1ffff9200064eec8 R14: ffffc90003277a00 R15: dffffc0000000000 FS: 00007f940feb06c0(0000) GS:ffff8880b9400000(0000) 000000000000 CS: 0010 DS: 0000 ES : 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 00000000245e8000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000 000 DR2: 0000000000000000 DR3: 00000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Seguimiento de llamadas: ip6_route_info_create+0x99e/0x12b0 net/ipv6/route.c :3809 ip6_route_add+0x28/0x160 net/ipv6/route.c:3853 ipv6_route_ioctl+0x588/0x870 net/ipv6/route.c:4483 inet6_ioctl+0x21a/0x280 net/ipv6/af_inet6.c:579 0x158/0x460 neto /socket.c:1222 sock_ioctl+0x629/0x8e0 net/socket.c:1341 vfs_ioctl fs/ioctl.c:51 [en l\u00ednea] __do_sys_ioctl fs/ioctl.c:907 [en l\u00ednea] __se_sys_ioctl+0xfc/0x170 fs/ioctl.c :893 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 Entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f940f07cea9" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.17", + "versionEndExcluding": "5.4.279", + "matchCriteriaId": "7E97C9AF-9148-4AD9-B3DA-F7F536B4B7DA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.221", + "matchCriteriaId": "659E1520-6345-41AF-B893-A7C0647585A0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.162", + "matchCriteriaId": "10A39ACC-3005-40E8-875C-98A372D1FFD5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.96", + "matchCriteriaId": "61E887B4-732A-40D2-9983-CC6F281EBFB7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.36", + "matchCriteriaId": "E1046C95-860A-45B0-B718-2B29F65BFF10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.9.7", + "matchCriteriaId": "0A047AF2-94AC-4A3A-B32D-6AB930D8EF1C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", + "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", + "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3173713D-909A-4DD3-9DD4-1E171EB057EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*", + "matchCriteriaId": "79F18AFA-40F7-43F0-BA30-7BDB65F918B9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/2eab4543a2204092c3a7af81d7d6c506e59a03a6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3200ffeec4d59aad5bc9ca75d2c1fae47c0aeade", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4cdfe813015d5a24586bd0a84fa0fa6eb0a1f668", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/88b9a55e2e35ea846d41f4efdc29d23345bd1aa4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ae8d3d39efe366c2198f530e01e4bf07830bf403", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b6947723c9eabcab58cfb33cdb0a565a6aee6727", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/de5ad4d45cd0128a2a37555f48ab69aa19d78adc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-409xx/CVE-2024-40994.json b/CVE-2024/CVE-2024-409xx/CVE-2024-40994.json index ce6c545c9c3..58c1d822bb5 100644 --- a/CVE-2024/CVE-2024-409xx/CVE-2024-40994.json +++ b/CVE-2024/CVE-2024-409xx/CVE-2024-40994.json @@ -2,8 +2,8 @@ "id": "CVE-2024-40994", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-12T13:15:20.620", - "lastModified": "2024-07-12T16:34:58.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T16:32:22.197", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,137 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ptp: corrige el desbordamiento de enteros en max_vclocks_store En sistemas de 32 bits, la multiplicaci\u00f3n \"4 * max\" puede desbordarse. Utilice kcalloc() para realizar la asignaci\u00f3n y evitar esto." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.14", + "versionEndExcluding": "5.15.162", + "matchCriteriaId": "0A48FD5B-D0CA-4E4C-8D52-9395CBE79191" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.96", + "matchCriteriaId": "61E887B4-732A-40D2-9983-CC6F281EBFB7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.36", + "matchCriteriaId": "E1046C95-860A-45B0-B718-2B29F65BFF10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.9.7", + "matchCriteriaId": "0A047AF2-94AC-4A3A-B32D-6AB930D8EF1C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", + "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", + "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3173713D-909A-4DD3-9DD4-1E171EB057EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*", + "matchCriteriaId": "79F18AFA-40F7-43F0-BA30-7BDB65F918B9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/4b03da87d0b7074c93d9662c6e1a8939f9b8b86e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/666e934d749e50a37f3796caaf843a605f115b6f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/81d23d2a24012e448f651e007fac2cfd20a45ce0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d50d62d5e6ee6aa03c00bddb91745d0b632d3b0f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e1fccfb4638ee6188377867f6015d0ce35764a8e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-409xx/CVE-2024-40995.json b/CVE-2024/CVE-2024-409xx/CVE-2024-40995.json index 8daa9ecdf2c..f28dd90e727 100644 --- a/CVE-2024/CVE-2024-409xx/CVE-2024-40995.json +++ b/CVE-2024/CVE-2024-409xx/CVE-2024-40995.json @@ -2,8 +2,8 @@ "id": "CVE-2024-40995", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-12T13:15:20.680", - "lastModified": "2024-07-12T16:34:58.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T16:33:00.850", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,165 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/sched: act_api: corrige posible bucle infinito en tcf_idr_check_alloc() syzbot encontr\u00f3 tareas pendientes esperando en rtnl_lock [1] Hay un reproductor disponible en el error syzbot. Cuando se env\u00eda una solicitud para agregar varias acciones con el mismo \u00edndice, la segunda solicitud se bloquear\u00e1 para siempre en la primera solicitud. Esto retiene rtnl_lock y hace que las tareas se bloqueen. Devuelve -EAGAIN para evitar bucles infinitos y al mismo tiempo mantener el comportamiento documentado. [1] INFORMACI\u00d3N: tarea kworker/1:0:5088 bloqueada durante m\u00e1s de 143 segundos. No contaminado 6.9.0-rc4-syzkaller-00173-g3cdb45594619 #0 \"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" desactiva este mensaje. tarea:kworker/1:0 estado:D pila:23744 pid:5088 tgid:5088 ppid:2 banderas:0x00004000 Cola de trabajo: events_power_ficient reg_check_chans_work Seguimiento de llamadas: context_switch kernel/sched/core.c:5409 [en l\u00ednea] __schedule+ 0xf15/0x5d00 kernel/sched/core.c:6746 __schedule_loop kernel/sched/core.c:6823 programaci\u00f3n [en l\u00ednea]+0xe7/0x350 kernel/sched/core.c:6838 Schedule_preempt_disabled+0x13/0x30 kernel/sched/core. c:6895 __mutex_lock_common kernel/locking/mutex.c:684 [en l\u00ednea] __mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752 wiphy_lock include/net/cfg80211.h:5953 [en l\u00ednea] reg_leave_invalid_chans net/wireless/reg. c:2466 [en l\u00ednea] reg_check_chans_work+0x10a/0x10e0 net/wireless/reg.c:2481" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-835" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.19", + "versionEndExcluding": "5.4.279", + "matchCriteriaId": "CBC0131E-7D30-4D5F-A92D-DD198A9A909B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.221", + "matchCriteriaId": "659E1520-6345-41AF-B893-A7C0647585A0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.162", + "matchCriteriaId": "10A39ACC-3005-40E8-875C-98A372D1FFD5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.96", + "matchCriteriaId": "61E887B4-732A-40D2-9983-CC6F281EBFB7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.36", + "matchCriteriaId": "E1046C95-860A-45B0-B718-2B29F65BFF10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.9.7", + "matchCriteriaId": "0A047AF2-94AC-4A3A-B32D-6AB930D8EF1C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", + "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", + "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3173713D-909A-4DD3-9DD4-1E171EB057EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*", + "matchCriteriaId": "79F18AFA-40F7-43F0-BA30-7BDB65F918B9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0d8a2d287c8a394c0d4653f0c6c7be4c688e5a74", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/25987a97eec4d5f897cd04ee1b45170829c610da", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5f926aa96b08b6c47178fe1171e7ae331c695fc2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6fc78d67f51aeb9a542d39a8714e16bc411582d4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7a0e497b597df7c4cf2b63fc6e9188b6cabe5335", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c6a7da65a296745535a964be1019ec7691b0cb90", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d864319871b05fadd153e0aede4811ca7008f5d6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-409xx/CVE-2024-40996.json b/CVE-2024/CVE-2024-409xx/CVE-2024-40996.json index 41635052b78..d004b1af2aa 100644 --- a/CVE-2024/CVE-2024-409xx/CVE-2024-40996.json +++ b/CVE-2024/CVE-2024-409xx/CVE-2024-40996.json @@ -2,8 +2,8 @@ "id": "CVE-2024-40996", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-12T13:15:20.740", - "lastModified": "2024-07-12T16:34:58.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T16:36:14.723", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,123 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: bpf: evitar splat en pskb_pull_reason compilaciones de syzkaller (CONFIG_DEBUG_NET=y) frecuentemente activa una sugerencia de depuraci\u00f3n en pskb_may_pull. Nos gustar\u00eda conservar esta verificaci\u00f3n de depuraci\u00f3n porque podr\u00eda indicar desbordamientos de enteros y otros problemas (el c\u00f3digo del kernel debe extraer encabezados, no valores enormes). En el caso de bpf, este s\u00edmbolo no es nada interesante: estos programas bpf (sin sentido) normalmente son generados por un fuzzer de todos modos. Haga lo que Eric sugiri\u00f3 y suprima esa advertencia. Para CONFIG_DEBUG_NET=n no necesitamos la verificaci\u00f3n adicional porque pskb_may_pull har\u00e1 lo correcto: devolver un error sin el rastreo WARN()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.1.86", + "versionEndExcluding": "6.1.96", + "matchCriteriaId": "57BC82B2-9518-4E49-8B35-1E0659D07153" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6.27", + "versionEndExcluding": "6.6.36", + "matchCriteriaId": "11D787AB-6330-424C-8EDA-145219D31344" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.9", + "versionEndExcluding": "6.9.7", + "matchCriteriaId": "1833E4E3-20C1-46FE-BE78-1FA23B2452C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", + "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", + "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3173713D-909A-4DD3-9DD4-1E171EB057EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*", + "matchCriteriaId": "79F18AFA-40F7-43F0-BA30-7BDB65F918B9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/2bbe3e5a2f4ef69d13be54f1cf895b4658287080", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5e90258303a358e88737afb5048bee9113beea3a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7f9644782c559635bd676c12c59389a34ed7c866", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/dacc15e9cb248d19e5fc63c54bef0b9b55007761", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-409xx/CVE-2024-40997.json b/CVE-2024/CVE-2024-409xx/CVE-2024-40997.json index 4af01ec268f..59c18259f8f 100644 --- a/CVE-2024/CVE-2024-409xx/CVE-2024-40997.json +++ b/CVE-2024/CVE-2024-409xx/CVE-2024-40997.json @@ -2,8 +2,8 @@ "id": "CVE-2024-40997", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-12T13:15:20.800", - "lastModified": "2024-07-12T16:34:58.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T16:09:33.373", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,91 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: cpufreq: amd-pstate: corrige la p\u00e9rdida de memoria en la salida del EPP de la CPU La memoria cpudata de kzalloc() en amd_pstate_epp_cpu_init() no se libera en la funci\u00f3n de salida an\u00e1loga, as\u00ed que solucione eso. [rjw: ediciones de asunto y registro de cambios]" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.6.36", + "matchCriteriaId": "97F8F699-7041-44A4-9087-0E1FFC0543C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.9.7", + "matchCriteriaId": "0A047AF2-94AC-4A3A-B32D-6AB930D8EF1C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/448efb7ea0bfa2c4e27c5a2eb5684fd225cd12cd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8015c17fe11a8608cc3eb83d0ab831e1845a9582", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cea04f3d9aeebda9d9c063c0dfa71e739c322c81", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-410xx/CVE-2024-41000.json b/CVE-2024/CVE-2024-410xx/CVE-2024-41000.json index f7953086157..00e628d4fe7 100644 --- a/CVE-2024/CVE-2024-410xx/CVE-2024-41000.json +++ b/CVE-2024/CVE-2024-410xx/CVE-2024-41000.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41000", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-12T13:15:20.987", - "lastModified": "2024-07-12T16:34:58.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T16:17:13.427", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,130 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: block/ioctl: prefiero una verificaci\u00f3n de desbordamiento diferente. La ejecuci\u00f3n de syzkaller con el sanitizante de desbordamiento de enteros con signo recientemente reintroducido muestra este informe: [62.982337] ------------[ corte aqu\u00ed ]------------ [ 62.985692] cgroup: Nombre no v\u00e1lido [ 62.986211] UBSAN: desbordamiento de entero con signo en ../block/ioctl.c:36:46 [ 62.989370] 9pnet_fd: p9_fd_create_tcp (7343): problema al conectar el socket a 127.0.0.1 [62.992992] 9223372036854775807 + 4095 no se puede representar en el tipo 'long long' [62.997827] 9pnet_fd: p9_fd_create_tcp (7345): problema al conectar el socket 1 27.0.0.1 [62.999369] aleatorio: crng resembrado al reanudarse el sistema [63.000634] GUP ya no aumenta la pila en syz-executor.2 (7353): 20002000-20003000 (20001000) [63.000668] CPU: 0 PID: 7353 Comm: syz-executor.2 No contaminado 6.8.0 -rc2-00035-gb3ef86b5a957 #1 [ 63.000677] Nombre del hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 01/04/2014 [ 63.000682] Seguimiento de llamadas: [ 63.000686 ] [ 63.000731] dump_stack_lvl+0x93/0xd0 [ 63.000919] __get_user_pages+0x903/0xd30 [ 63.001030] __gup_longterm_locked+0x153e/0x1ba0 [ 63.001041] ? _raw_read_unlock_irqrestore+0x17/0x50 [63.001072]? try_get_folio+0x29c/0x2d0 [ 63.001083] internal_get_user_pages_fast+0x1119/0x1530 [ 63.001109] iov_iter_extract_pages+0x23b/0x580 [ 63.001206] 0 [ 63.001235] iomap_dio_bio_iter+0x9b6/0x1410 [ 63.001297] __iomap_dio_rw+0xab4/0x1810 [ 63.001316] iomap_dio_rw+ 0x45/0xa0 [ 63.001328] ext4_file_write_iter+0xdde/0x1390 [ 63.001372] vfs_write+0x599/0xbd0 [ 63.001394] ksys_write+0xc8/0x190 [ 63.001403] 0xd4/0x1b0 [63.001421] ? arch_exit_to_user_mode_prepare+0x3a/0x60 [ 63.001479] Entry_SYSCALL_64_after_hwframe+0x6f/0x77 [ 63.001535] RIP: 0033:0x7f7fd3ebf539 [ 63.001551] C\u00f3digo: 28 00 00 00 05 48 83 c4 28 c3 e8 f1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 63.001562] RSP: b:00007f7fd32570c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 63.001584] RAX: ffffffffffffffda RBX: 00007f7fd3ff3f80 RCX: 00007f7fd3ebf539 [ 63.001590] RDX: 4f7e43360 RSI: 0000000020000000 RDI: 0000000000000004 [ 63.001595] RBP: 00007f7fd3f1e496 R08: 0000000000000000 R09: 00000000000000000 [ 63.001599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 63.001604] R13: 0000000000000006 R14: 00007f7fd3ff3f80 R15: 00007ffd415ad2b8 ... [ 63.018142] ---[ end trace ]--- Hist\u00f3ricamente, el sanitizante de desbordamiento de enteros con signo no funcionaba en el kernel debido a su interacci\u00f3n con `-fwrapv` pero esto se ha cambiado desde entonces [1] en la versi\u00f3n m\u00e1s reciente de Clang; Se volvi\u00f3 a habilitar en el kernel con el commit 557f8c582a9ba8ab (\"ubsan: reintroducir el sanitizante de desbordamiento firmado\"). Modifiquemos esta l\u00f3gica de verificaci\u00f3n de desbordamiento para no realizar un desbordamiento durante la verificaci\u00f3n en s\u00ed, evitando as\u00ed el s\u00edmbolo de UBSAN. [1]: https://github.com/llvm/llvm-project/pull/82432" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.10.221", + "matchCriteriaId": "C6FAA8A5-3F50-4B9F-9EEA-8430F59C03AB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.162", + "matchCriteriaId": "10A39ACC-3005-40E8-875C-98A372D1FFD5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.96", + "matchCriteriaId": "61E887B4-732A-40D2-9983-CC6F281EBFB7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.36", + "matchCriteriaId": "E1046C95-860A-45B0-B718-2B29F65BFF10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.9.7", + "matchCriteriaId": "0A047AF2-94AC-4A3A-B32D-6AB930D8EF1C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/3220c90f4dbdc6d20d0608b164d964434a810d66", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/54160fb1db2de367485f21e30196c42f7ee0be4e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/58706e482bf45c4db48b0c53aba2468c97adda24", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/61ec76ec930709b7bcd69029ef1fe90491f20cf9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ccb326b5f9e623eb7f130fbbf2505ec0e2dcaff9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fd841ee01fb4a79cb7f5cc424b5c96c3a73b2d1e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-410xx/CVE-2024-41001.json b/CVE-2024/CVE-2024-410xx/CVE-2024-41001.json index 6a95f7d068a..d855d681176 100644 --- a/CVE-2024/CVE-2024-410xx/CVE-2024-41001.json +++ b/CVE-2024/CVE-2024-410xx/CVE-2024-41001.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41001", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-12T13:15:21.053", - "lastModified": "2024-07-12T16:34:58.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T16:17:45.513", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,102 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: io_uring/sqpoll: soluci\u00f3n alternativa a una posible p\u00e9rdida de memoria de auditor\u00eda. kmemleak se queja de que hay una p\u00e9rdida de memoria relacionada con el manejo de la conexi\u00f3n: objeto sin referencia 0xffff0001093bdf00 (tama\u00f1o 128): comm \"iou-sqp-455 \", pid 457, jiffies 4294894164 volcado hexadecimal (primeros 32 bytes): 02 00 fa ea 7f 00 00 01 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ retroceso (crc 2e481b1a): [<00000000c0a26af4>] kmemleak_alloc+0x30/0x38 [<000000009c30bb45>] kmalloc_trace+0x228/0x358 [<000000009da9d39f>] __audit_sockaddr+0xd0/0x138 [<0000000089a93e34>] move_addr_to_kernel+0x1a0/0x1f8 [<000000000b4e80e6>] connect_prep+0x1ec/0x2d4 [<00000000abfbcd99>] io_submit_sqes+0x588/0x1e48 [<00000000e7c25e07>] io_sq_thread+0x8a4/0x10e4 [<00000000d999b491>] ret_from_fork+0x10/0x20 lo que puede suceder si: 1) El tipo de comando hace algo en el lado de preparaci\u00f3n que desencadena una llamada de auditor\u00eda. 2) El hilo no ha realizado ninguna operaci\u00f3n antes de esto que haya desencadenado una llamada de auditor\u00eda dentro de ->issue(), donde tenemos audit_uring_entry() y audit_uring_exit(). Evite esto emitiendo una operaci\u00f3n NOP general antes de que SQPOLL haga algo." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.1.96", + "matchCriteriaId": "35AF7215-0096-45EB-86C7-28C9322438E1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.36", + "matchCriteriaId": "E1046C95-860A-45B0-B718-2B29F65BFF10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.9.7", + "matchCriteriaId": "0A047AF2-94AC-4A3A-B32D-6AB930D8EF1C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/55c22375cbaa24f77dd13f9ae0642915444a1227", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9e810bd995823786ea30543e480e8a573e5e5667", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a40e90d9304629002fb17200f7779823a81191d3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c4ce0ab27646f4206a9eb502d6fe45cb080e1cae", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-410xx/CVE-2024-41002.json b/CVE-2024/CVE-2024-410xx/CVE-2024-41002.json index 8aba4d5f054..e11436ae441 100644 --- a/CVE-2024/CVE-2024-410xx/CVE-2024-41002.json +++ b/CVE-2024/CVE-2024-410xx/CVE-2024-41002.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41002", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-12T13:15:21.120", - "lastModified": "2024-07-12T16:34:58.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T16:18:10.740", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,116 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: crypto: hisilicon/sec: corrige la p\u00e9rdida de memoria para la liberaci\u00f3n de recursos de segundo El AIV es uno de los recursos de SEC. Al liberar recursos, es necesario liberar los recursos AIV al mismo tiempo. De lo contrario, se produce una p\u00e9rdida de memoria. La liberaci\u00f3n de recursos aiv se agrega a la funci\u00f3n de liberaci\u00f3n de recursos sec." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.15.162", + "matchCriteriaId": "DD1E49C8-DE20-4CCB-8715-3FB3FA95ABC7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.96", + "matchCriteriaId": "61E887B4-732A-40D2-9983-CC6F281EBFB7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.36", + "matchCriteriaId": "E1046C95-860A-45B0-B718-2B29F65BFF10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.9.7", + "matchCriteriaId": "0A047AF2-94AC-4A3A-B32D-6AB930D8EF1C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/36810d2db3496bb8b4db7ccda666674a5efc7b47", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7c42ce556ff65995c8875c9ed64141c14238e7e6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9f21886370db451b0fdc651f6e41550a1da70601", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a886bcb0f67d1e3d6b2da25b3519de59098200c2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bba4250757b4ae1680fea435a358d8093f254094", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-410xx/CVE-2024-41006.json b/CVE-2024/CVE-2024-410xx/CVE-2024-41006.json index 73ddbc1af6f..282e8533be2 100644 --- a/CVE-2024/CVE-2024-410xx/CVE-2024-41006.json +++ b/CVE-2024/CVE-2024-410xx/CVE-2024-41006.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41006", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-12T13:15:21.370", - "lastModified": "2024-07-12T16:34:58.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:20:57.467", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,187 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: netrom: corrige una p\u00e9rdida de memoria en nr_heartbeat_expiry() syzbot inform\u00f3 una p\u00e9rdida de memoria en nr_create() [0]. El commit 409db27e3a2e (\"netrom: Reparar el use-after-free de un socket de escucha\") agreg\u00f3 sock_hold() a la funci\u00f3n nr_heartbeat_expiry(), donde a) un socket tiene un indicador SOCK_DESTROY ob) un socket de escucha tiene un indicador SOCK_DEAD. Pero en el caso \"a\", cuando se establece el indicador SOCK_DESTROY, el descriptor de archivo ya se ha cerrado y se ha llamado a la funci\u00f3n nr_release(). Por lo tanto, no tiene sentido mantener el recuento de referencias porque nadie llamar\u00e1 a otro nr_destroy_socket() y lo pondr\u00e1 como en el caso \"b\". nr_connect nr_establecer_data_link nr_start_heartbeat nr_release interruptor (nr->estado) caso NR_STATE_3 nr->estado = NR_STATE_2 sock_set_flag(sk, SOCK_DESTROY); nr_rx_frame nr_process_rx_frame interruptor (nr->estado) caso NR_STATE_2 nr_state2_machine() nr_disconnect() nr_sk(sk)->estado = NR_STATE_0 sock_set_flag(sk, SOCK_DEAD) nr_heartbeat_expiry interruptor (nr->estado) caso NR_STATE_0 if (sock_flag(sk, OCK_DESTROY) || (sk->sk_state == TCP_LISTEN && sock_flag(sk, SOCK_DEAD))) sock_hold() // ( !!! ) nr_destroy_socket() Para solucionar la p\u00e9rdida de memoria, llamemos a sock_hold() solo para un socket de escucha. Encontrado por InfoTeCS en nombre del Centro de verificaci\u00f3n de Linux (linuxtesting.org) con Syzkaller. [0]: https://syzkaller.appspot.com/bug?extid=d327a1f3b12e1e206c16" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.19.272", + "versionEndExcluding": "4.19.317", + "matchCriteriaId": "0799BB5F-A0F0-4290-872D-24364C18F638" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.4.231", + "versionEndExcluding": "5.4.279", + "matchCriteriaId": "4821FCF8-B57B-4F3C-B3FC-5CFAEA2C6BC5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10.166", + "versionEndExcluding": "5.10.221", + "matchCriteriaId": "E81DAF77-0E91-457C-AC9D-117B2D0BF7CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15.91", + "versionEndExcluding": "5.15.162", + "matchCriteriaId": "2E0E5DA0-5043-4127-8316-B0E03B88EE6E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.1.9", + "versionEndExcluding": "6.1.96", + "matchCriteriaId": "012144F5-2368-4D39-ABE2-07E7568304BB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.36", + "matchCriteriaId": "E1046C95-860A-45B0-B718-2B29F65BFF10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.9.7", + "matchCriteriaId": "0A047AF2-94AC-4A3A-B32D-6AB930D8EF1C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", + "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", + "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3173713D-909A-4DD3-9DD4-1E171EB057EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*", + "matchCriteriaId": "79F18AFA-40F7-43F0-BA30-7BDB65F918B9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0b9130247f3b6a1122478471ff0e014ea96bb735", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/280cf1173726a7059b628c610c71050d5c0b6937", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5391f9db2cab5ef1cb411be1ab7dbec728078fba", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a02fd5d775cf9787ee7698c797e20f2fa13d2e2b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b6ebe4fed73eedeb73f4540f8edc4871945474c8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d377f5a28332954b19e373d36823e59830ab1712", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d616876256b38ecf9a1a1c7d674192c5346bc69c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e07a9c2a850cdebf625e7a1b8171bd23a8554313", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-416xx/CVE-2024-41674.json b/CVE-2024/CVE-2024-416xx/CVE-2024-41674.json index e18810f0816..ac0bbd38271 100644 --- a/CVE-2024/CVE-2024-416xx/CVE-2024-41674.json +++ b/CVE-2024/CVE-2024-416xx/CVE-2024-41674.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41674", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-21T15:15:08.770", - "lastModified": "2024-08-21T15:15:08.770", - "vulnStatus": "Received", + "lastModified": "2024-08-21T16:06:23.153", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-416xx/CVE-2024-41675.json b/CVE-2024/CVE-2024-416xx/CVE-2024-41675.json index 91b65918e9f..1e2e566d831 100644 --- a/CVE-2024/CVE-2024-416xx/CVE-2024-41675.json +++ b/CVE-2024/CVE-2024-416xx/CVE-2024-41675.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41675", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-21T15:15:08.963", - "lastModified": "2024-08-21T15:15:08.963", - "vulnStatus": "Received", + "lastModified": "2024-08-21T16:06:23.153", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41937.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41937.json new file mode 100644 index 00000000000..c22bb53d91f --- /dev/null +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41937.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2024-41937", + "sourceIdentifier": "security@apache.org", + "published": "2024-08-21T16:15:08.107", + "lastModified": "2024-08-21T17:25:08.560", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a cross-site scripting attack when clicking on a provider documentation link. This would require the provider to be installed on the web server and the\u00a0user to click the provider link.\nUsers should upgrade to 2.10.0 or later, which fixes this vulnerability." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/apache/airflow/pull/40933", + "source": "security@apache.org" + }, + { + "url": "https://lists.apache.org/thread/lwlmgg6hqfmkpvw5py4w53hxyl37jl6d", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-423xx/CVE-2024-42369.json b/CVE-2024/CVE-2024-423xx/CVE-2024-42369.json index 10106a5ccd1..9a86c7795ae 100644 --- a/CVE-2024/CVE-2024-423xx/CVE-2024-42369.json +++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42369.json @@ -2,17 +2,41 @@ "id": "CVE-2024-42369", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-20T15:15:21.540", - "lastModified": "2024-08-20T15:44:20.567", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-21T16:01:03.147", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk's getRoomUpgradeHistory function will infinitely recurse in this case, causing the code to hang. This method is public but also called by the 'leaveRoomChain()' method, so leaving a room will also trigger the bug. This was patched in matrix-js-sdk 34.3.1." + }, + { + "lang": "es", + "value": "Matrix-js-sdk es un SDK cliente-servidor del protocolo de mensajer\u00eda Matrix para JavaScript. Un servidor dom\u00e9stico malicioso puede crear una sala o una estructura de sala tal que los predecesores formen un ciclo. La funci\u00f3n getRoomUpgradeHistory de Matrix-js-sdk se repetir\u00e1 infinitamente en este caso, lo que provocar\u00e1 que el c\u00f3digo se cuelgue. Este m\u00e9todo es p\u00fablico pero tambi\u00e9n lo llama el m\u00e9todo 'leaveRoomChain()', por lo que salir de una habitaci\u00f3n tambi\u00e9n activar\u00e1 el error. Esto fue parcheado en Matrix-js-sdk 34.3.1." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -36,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-674" + } + ] + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -47,14 +81,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:matrix:javascript_sdk:*:*:*:*:*:*:*:*", + "versionEndExcluding": "34.3.1", + "matchCriteriaId": "C489179C-DCFC-4A63-B66D-7AD76CCD6663" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/matrix-org/matrix-js-sdk/commit/a0efed8b881b3db6c9f2c71d6a6e74c2828978c6", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-vhr5-g3pm-49fm", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-425xx/CVE-2024-42550.json b/CVE-2024/CVE-2024-425xx/CVE-2024-42550.json new file mode 100644 index 00000000000..fc54a53f8e7 --- /dev/null +++ b/CVE-2024/CVE-2024-425xx/CVE-2024-42550.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-42550", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-08-21T17:15:08.187", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A cross-site scripting (XSS) vulnerability in the component /email/welcome.php of Mini Inventory and Sales Management System commit 18aa3d allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/topsky979/3332b6ba95f5a95aec4f635d8bb20f7c", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-425xx/CVE-2024-42556.json b/CVE-2024/CVE-2024-425xx/CVE-2024-42556.json index 97737c98058..21d366afc4b 100644 --- a/CVE-2024/CVE-2024-425xx/CVE-2024-42556.json +++ b/CVE-2024/CVE-2024-425xx/CVE-2024-42556.json @@ -2,16 +2,55 @@ "id": "CVE-2024-42556", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-20T13:15:06.420", - "lastModified": "2024-08-20T15:44:20.567", + "lastModified": "2024-08-21T16:35:08.730", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Hotel Management System commit 91caab8 was discovered to contain a SQL injection vulnerability via the room_type parameter at admin_room_removed.php." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que el commit de Hotel Management System 91caab8 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro room_type en admin_room_removed.php." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://gist.github.com/topsky979/9688bcdd3e05ba79ebf4ff1042609b20", diff --git a/CVE-2024/CVE-2024-425xx/CVE-2024-42563.json b/CVE-2024/CVE-2024-425xx/CVE-2024-42563.json index fac7e71d98f..d42484b7354 100644 --- a/CVE-2024/CVE-2024-425xx/CVE-2024-42563.json +++ b/CVE-2024/CVE-2024-425xx/CVE-2024-42563.json @@ -2,16 +2,55 @@ "id": "CVE-2024-42563", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-20T13:15:07.123", - "lastModified": "2024-08-20T15:44:20.567", + "lastModified": "2024-08-21T16:35:09.490", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An arbitrary file upload vulnerability in ERP commit 44bd04 allows attackers to execute arbitrary code via uploading a crafted HTML file." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de carga de archivos arbitrarios en el commit 44bd04 de ERP permite a los atacantes ejecutar c\u00f3digo arbitrario cargando un archivo HTML manipulado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://gist.github.com/topsky979/f645f99661ff33aed44d65dfa49e36fe", diff --git a/CVE-2024/CVE-2024-425xx/CVE-2024-42572.json b/CVE-2024/CVE-2024-425xx/CVE-2024-42572.json index 82c4cf9d9d2..2df453dad92 100644 --- a/CVE-2024/CVE-2024-425xx/CVE-2024-42572.json +++ b/CVE-2024/CVE-2024-425xx/CVE-2024-42572.json @@ -2,8 +2,8 @@ "id": "CVE-2024-42572", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-20T13:15:08.007", - "lastModified": "2024-08-21T13:44:58.823", - "vulnStatus": "Analyzed", + "lastModified": "2024-08-21T16:35:10.263", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-89" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-429xx/CVE-2024-42950.json b/CVE-2024/CVE-2024-429xx/CVE-2024-42950.json index c8f6dd2fdf6..06bbdb291ca 100644 --- a/CVE-2024/CVE-2024-429xx/CVE-2024-42950.json +++ b/CVE-2024/CVE-2024-429xx/CVE-2024-42950.json @@ -2,8 +2,8 @@ "id": "CVE-2024-42950", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-15T17:15:19.497", - "lastModified": "2024-08-15T19:31:17.737", - "vulnStatus": "Analyzed", + "lastModified": "2024-08-21T17:35:04.793", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-430xx/CVE-2024-43022.json b/CVE-2024/CVE-2024-430xx/CVE-2024-43022.json new file mode 100644 index 00000000000..841fa8f50c6 --- /dev/null +++ b/CVE-2024/CVE-2024-430xx/CVE-2024-43022.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-43022", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-08-21T17:15:08.303", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue in the downloader.php component of TOSEI online store management system v4.02, v4.03, and v4.04 allows attackers to execute a directory traversal." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/b0rgch3n/6ba0b04da7e48ead20f10b15088fd244", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-430xx/CVE-2024-43027.json b/CVE-2024/CVE-2024-430xx/CVE-2024-43027.json new file mode 100644 index 00000000000..bb2c89cb31d --- /dev/null +++ b/CVE-2024/CVE-2024-430xx/CVE-2024-43027.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-43027", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-08-21T16:15:08.297", + "lastModified": "2024-08-21T17:25:08.560", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "DrayTek Vigor 3900 before v1.5.1.5_Beta, DrayTek Vigor 2960 before v1.5.1.5_Beta and DrayTek Vigor 300B before v1.5.1.5_Beta were discovered to contain a command injection vulnerability via the action parameter at cgi-bin/mainfunction.cgi." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/N1nEmAn/wp/blob/main/V3900.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-433xx/CVE-2024-43371.json b/CVE-2024/CVE-2024-433xx/CVE-2024-43371.json index 74f8bf18eab..c8656c1daca 100644 --- a/CVE-2024/CVE-2024-433xx/CVE-2024-43371.json +++ b/CVE-2024/CVE-2024-433xx/CVE-2024-43371.json @@ -2,8 +2,8 @@ "id": "CVE-2024-43371", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-21T15:15:09.190", - "lastModified": "2024-08-21T15:15:09.190", - "vulnStatus": "Received", + "lastModified": "2024-08-21T16:06:23.153", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-434xx/CVE-2024-43407.json b/CVE-2024/CVE-2024-434xx/CVE-2024-43407.json index ede466787ce..0b2f5bbaf6c 100644 --- a/CVE-2024/CVE-2024-434xx/CVE-2024-43407.json +++ b/CVE-2024/CVE-2024-434xx/CVE-2024-43407.json @@ -2,8 +2,8 @@ "id": "CVE-2024-43407", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-21T15:15:09.397", - "lastModified": "2024-08-21T15:15:09.397", - "vulnStatus": "Received", + "lastModified": "2024-08-21T16:06:23.153", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-434xx/CVE-2024-43410.json b/CVE-2024/CVE-2024-434xx/CVE-2024-43410.json new file mode 100644 index 00000000000..5751e2149b6 --- /dev/null +++ b/CVE-2024/CVE-2024-434xx/CVE-2024-43410.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-43410", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-08-21T16:15:08.373", + "lastModified": "2024-08-21T17:25:08.560", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Russh is a Rust SSH client & server library. Allocating an untrusted amount of memory allows any unauthenticated user to OOM a russh server. An SSH packet consists of a 4-byte big-endian length, followed by a byte stream of this length.\nAfter parsing and potentially decrypting the 4-byte length, russh allocates enough memory for this bytestream, as a performance optimization to avoid reallocations later. But this length is entirely untrusted and can be set to any value by the client, causing this much memory to be allocated, which will cause the process to OOM within a few such requests. This vulnerability is fixed in 0.44.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Eugeny/russh/commit/f660ea3f64b86d11d19e33076012069f02431e55", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/Eugeny/russh/security/advisories/GHSA-vgvv-x7xg-6cqg", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-434xx/CVE-2024-43411.json b/CVE-2024/CVE-2024-434xx/CVE-2024-43411.json new file mode 100644 index 00000000000..be566e1ead8 --- /dev/null +++ b/CVE-2024/CVE-2024-434xx/CVE-2024-43411.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-43411", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-08-21T16:15:08.570", + "lastModified": "2024-08-21T17:25:08.560", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A theoretical vulnerability has been identified in CKEditor 4.22 (and above). In a highly unlikely scenario where an attacker gains control over the https://cke4.ckeditor.com domain, they could potentially execute an attack on CKEditor 4 instances. The issue impacts only editor instances with enabled version notifications. Please note that this feature is disabled by default in all CKEditor 4 LTS versions. Therefore, if you use CKEditor 4 LTS, it is highly unlikely that you are affected by this vulnerability. If you are unsure, please contact us. The fix is available in version 4.25.0-lts." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.1, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 0.5, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ckeditor/ckeditor4/commit/b5069c9cb769ea22eae1cbd7200f22b1cf2e3a7f", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-6v96-m24v-f58j", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-50xx/CVE-2024-5018.json b/CVE-2024/CVE-2024-50xx/CVE-2024-5018.json index ed8e5e2d9f4..ac47e93767b 100644 --- a/CVE-2024/CVE-2024-50xx/CVE-2024-5018.json +++ b/CVE-2024/CVE-2024-50xx/CVE-2024-5018.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5018", "sourceIdentifier": "security@progress.com", "published": "2024-06-25T21:16:01.543", - "lastModified": "2024-06-26T12:44:29.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-21T16:00:23.410", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security@progress.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, { "source": "security@progress.com", "type": "Secondary", @@ -51,14 +81,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:*", + "versionEndExcluding": "23.1.3", + "matchCriteriaId": "C22487E3-6723-40C7-86A0-764EBAA37A55" + } + ] + } + ] + } + ], "references": [ { "url": "https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024", - "source": "security@progress.com" + "source": "security@progress.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.progress.com/network-monitoring", - "source": "security@progress.com" + "source": "security@progress.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-57xx/CVE-2024-5723.json b/CVE-2024/CVE-2024-57xx/CVE-2024-5723.json new file mode 100644 index 00000000000..9331e417d58 --- /dev/null +++ b/CVE-2024/CVE-2024-57xx/CVE-2024-5723.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-5723", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T17:15:08.413", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Centreon updateServiceHost SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the updateServiceHost function. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the apache user. Was ZDI-CAN-23294." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-595/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-57xx/CVE-2024-5725.json b/CVE-2024/CVE-2024-57xx/CVE-2024-5725.json new file mode 100644 index 00000000000..fceef332b63 --- /dev/null +++ b/CVE-2024/CVE-2024-57xx/CVE-2024-5725.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-5725", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T17:15:08.607", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Centreon initCurveList SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the initCurveList function. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the apache user. Was ZDI-CAN-22683." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-597/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-57xx/CVE-2024-5762.json b/CVE-2024/CVE-2024-57xx/CVE-2024-5762.json new file mode 100644 index 00000000000..5b2e1ef3c03 --- /dev/null +++ b/CVE-2024/CVE-2024-57xx/CVE-2024-5762.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-5762", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T17:15:08.810", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Zen Cart. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the findPluginAdminPage function. The issue results from the lack of proper validation of user-supplied data prior to passing it to a PHP include function. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the service account. Was ZDI-CAN-21408." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-98" + } + ] + } + ], + "references": [ + { + "url": "https://docs.zen-cart.com/release/whatsnew_2.0.0", + "source": "zdi-disclosures@trendmicro.com" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-883/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-59xx/CVE-2024-5928.json b/CVE-2024/CVE-2024-59xx/CVE-2024-5928.json new file mode 100644 index 00000000000..720b5521234 --- /dev/null +++ b/CVE-2024/CVE-2024-59xx/CVE-2024-5928.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-5928", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T17:15:09.003", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Patch Management Agent. By creating a symbolic link, an attacker can abuse the agent to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22315." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-59" + } + ] + } + ], + "references": [ + { + "url": "https://success.vipre.com/en_US/home-windows-release-notes/home-windows-release-notes-20240227", + "source": "zdi-disclosures@trendmicro.com" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-817/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-59xx/CVE-2024-5929.json b/CVE-2024/CVE-2024-59xx/CVE-2024-5929.json new file mode 100644 index 00000000000..7fd3a7c077b --- /dev/null +++ b/CVE-2024/CVE-2024-59xx/CVE-2024-5929.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-5929", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T17:15:09.237", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "VIPRE Advanced Security PMAgent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Patch Management Agent. The issue results from loading a file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22316." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-427" + } + ] + } + ], + "references": [ + { + "url": "https://success.vipre.com/en_US/home-windows-release-notes/home-windows-release-notes-20240227", + "source": "zdi-disclosures@trendmicro.com" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-818/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-59xx/CVE-2024-5930.json b/CVE-2024/CVE-2024-59xx/CVE-2024-5930.json new file mode 100644 index 00000000000..cc25d58fe3a --- /dev/null +++ b/CVE-2024/CVE-2024-59xx/CVE-2024-5930.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-5930", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T17:15:09.443", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Anti Malware Service. The issue results from incorrect permissions on a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22345." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-732" + } + ] + } + ], + "references": [ + { + "url": "https://success.vipre.com/en_US/home-windows-release-notes/home-windows-release-notes-20240227", + "source": "zdi-disclosures@trendmicro.com" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-819/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-61xx/CVE-2024-6141.json b/CVE-2024/CVE-2024-61xx/CVE-2024-6141.json new file mode 100644 index 00000000000..757e760d7a4 --- /dev/null +++ b/CVE-2024/CVE-2024-61xx/CVE-2024-6141.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-6141", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T17:15:09.660", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Windscribe Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Windscribe Service. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23441." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Windscribe/Desktop-App/blob/90a5cc3c1f50f6545f83969c2ace6b4ac2c91c4e/client/common/changelog.txt#L23", + "source": "zdi-disclosures@trendmicro.com" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-820/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-67xx/CVE-2024-6733.json b/CVE-2024/CVE-2024-67xx/CVE-2024-6733.json index bcc279b5282..d9271e4959d 100644 --- a/CVE-2024/CVE-2024-67xx/CVE-2024-6733.json +++ b/CVE-2024/CVE-2024-67xx/CVE-2024-6733.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6733", "sourceIdentifier": "cna@vuldb.com", "published": "2024-07-14T23:15:02.290", - "lastModified": "2024-07-15T13:00:34.853", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-21T17:00:32.243", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:angeljudesuarez:tailoring_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D6D27827-5554-4FAB-8460-52599930F4FF" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/jiaoyanshuai/cve/issues/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.271454", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.271454", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.374463", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-67xx/CVE-2024-6734.json b/CVE-2024/CVE-2024-67xx/CVE-2024-6734.json index 75a0922b057..7bc28351bd6 100644 --- a/CVE-2024/CVE-2024-67xx/CVE-2024-6734.json +++ b/CVE-2024/CVE-2024-67xx/CVE-2024-6734.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6734", "sourceIdentifier": "cna@vuldb.com", "published": "2024-07-15T00:15:01.913", - "lastModified": "2024-07-15T13:00:34.853", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-21T17:00:52.007", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:angeljudesuarez:tailoring_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D6D27827-5554-4FAB-8460-52599930F4FF" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/jiaoyanshuai/cve/issues/2", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.271455", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.271455", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.374464", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-67xx/CVE-2024-6735.json b/CVE-2024/CVE-2024-67xx/CVE-2024-6735.json index af8c8e03c26..95667c5d0c1 100644 --- a/CVE-2024/CVE-2024-67xx/CVE-2024-6735.json +++ b/CVE-2024/CVE-2024-67xx/CVE-2024-6735.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6735", "sourceIdentifier": "cna@vuldb.com", "published": "2024-07-15T00:15:02.207", - "lastModified": "2024-07-15T13:00:34.853", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-08-21T17:01:02.657", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:angeljudesuarez:tailoring_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D6D27827-5554-4FAB-8460-52599930F4FF" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/xzyxiaohaha/cve/issues/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.271456", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.271456", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.374516", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-68xx/CVE-2024-6811.json b/CVE-2024/CVE-2024-68xx/CVE-2024-6811.json new file mode 100644 index 00000000000..cd00fb5caf4 --- /dev/null +++ b/CVE-2024/CVE-2024-68xx/CVE-2024-6811.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-6811", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T16:15:08.783", + "lastModified": "2024-08-21T17:25:08.560", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of WSQ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24192." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-903/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-68xx/CVE-2024-6812.json b/CVE-2024/CVE-2024-68xx/CVE-2024-6812.json new file mode 100644 index 00000000000..ba5af0910f2 --- /dev/null +++ b/CVE-2024/CVE-2024-68xx/CVE-2024-6812.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-6812", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T16:15:08.970", + "lastModified": "2024-08-21T17:25:08.560", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of WSQ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23273." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-904/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-68xx/CVE-2024-6813.json b/CVE-2024/CVE-2024-68xx/CVE-2024-6813.json new file mode 100644 index 00000000000..45d997b8538 --- /dev/null +++ b/CVE-2024/CVE-2024-68xx/CVE-2024-6813.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-6813", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T16:15:09.163", + "lastModified": "2024-08-21T17:25:08.560", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the getSortString method. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-23207." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://kb.netgear.com/000066231/Security-Advisory-for-SQL-Injection-on-the-NMS300-PSV-2024-0018", + "source": "zdi-disclosures@trendmicro.com" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-902/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-68xx/CVE-2024-6814.json b/CVE-2024/CVE-2024-68xx/CVE-2024-6814.json new file mode 100644 index 00000000000..9bf9d218afd --- /dev/null +++ b/CVE-2024/CVE-2024-68xx/CVE-2024-6814.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-6814", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T16:15:09.357", + "lastModified": "2024-08-21T17:25:08.560", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the getFilterString method. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-23399." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://kb.netgear.com/000066232/Security-Advisory-for-SQL-Injection-on-the-NMS300-PSV-2024-0019", + "source": "zdi-disclosures@trendmicro.com" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-901/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-68xx/CVE-2024-6899.json b/CVE-2024/CVE-2024-68xx/CVE-2024-6899.json index d1ee4835955..8fcab818dd5 100644 --- a/CVE-2024/CVE-2024-68xx/CVE-2024-6899.json +++ b/CVE-2024/CVE-2024-68xx/CVE-2024-6899.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6899", "sourceIdentifier": "cna@vuldb.com", "published": "2024-07-19T05:15:10.737", - "lastModified": "2024-07-19T13:01:44.567", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:30:03.590", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,56 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jkev:record_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "457BEE12-29ED-48B8-8C96-E181F0E80B56" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/netmanzhang/VUL/blob/main/Record-Management-System-02.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.271924", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.271924", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.375191", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6952.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6952.json index 8e4ad80c382..603414e18c8 100644 --- a/CVE-2024/CVE-2024-69xx/CVE-2024-6952.json +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6952.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6952", "sourceIdentifier": "cna@vuldb.com", "published": "2024-07-21T12:15:02.043", - "lastModified": "2024-07-22T13:00:31.330", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:41:15.617", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,55 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:angeljudesuarez:university_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46ABF764-A0DC-4B5A-83AE-90926CEB0601" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/DeepMountains/Mirage/blob/main/CVE6-1.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.272074", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.272074", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.376865", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6953.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6953.json index 4c27a71d07a..aa82e00457b 100644 --- a/CVE-2024/CVE-2024-69xx/CVE-2024-6953.json +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6953.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6953", "sourceIdentifier": "cna@vuldb.com", "published": "2024-07-21T12:15:02.500", - "lastModified": "2024-07-22T13:00:31.330", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:40:06.063", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -109,6 +129,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +150,57 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:angeljudesuarez:tailoring_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D6D27827-5554-4FAB-8460-52599930F4FF" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/333-uit/CVE/issues/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Issue Tracking" + ] }, { "url": "https://vuldb.com/?ctiid.272075", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.272075", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.376879", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6954.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6954.json index 31699758cee..5b44a33577b 100644 --- a/CVE-2024/CVE-2024-69xx/CVE-2024-6954.json +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6954.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6954", "sourceIdentifier": "cna@vuldb.com", "published": "2024-07-21T13:15:03.130", - "lastModified": "2024-07-22T13:00:31.330", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:38:34.087", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,55 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jkev:record_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "457BEE12-29ED-48B8-8C96-E181F0E80B56" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/netmanzhang/VUL/blob/main/Record-Management-System-11.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.272077", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.272077", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.377340", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6955.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6955.json index 22c2c271f7b..49f3d0cc929 100644 --- a/CVE-2024/CVE-2024-69xx/CVE-2024-6955.json +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6955.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6955", "sourceIdentifier": "cna@vuldb.com", "published": "2024-07-21T13:15:03.580", - "lastModified": "2024-07-22T13:00:31.330", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:37:00.700", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,56 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jkev:record_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "457BEE12-29ED-48B8-8C96-E181F0E80B56" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/netmanzhang/VUL/blob/main/Record-Management-System-12.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.272076", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.272076", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.377341", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6956.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6956.json index cb416ab399c..375e9737c47 100644 --- a/CVE-2024/CVE-2024-69xx/CVE-2024-6956.json +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6956.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6956", "sourceIdentifier": "cna@vuldb.com", "published": "2024-07-21T14:15:03.373", - "lastModified": "2024-07-22T13:00:31.330", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:35:59.550", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,56 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:angeljudesuarez:university_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46ABF764-A0DC-4B5A-83AE-90926CEB0601" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/DeepMountains/Mirage/blob/main/CVE6-2.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.272078", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.272078", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.377754", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6957.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6957.json index fa4ad7799e9..24b6950c6af 100644 --- a/CVE-2024/CVE-2024-69xx/CVE-2024-6957.json +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6957.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6957", "sourceIdentifier": "cna@vuldb.com", "published": "2024-07-21T15:15:03.267", - "lastModified": "2024-07-22T13:00:31.330", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:33:42.753", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,56 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:angeljudesuarez:university_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46ABF764-A0DC-4B5A-83AE-90926CEB0601" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/DeepMountains/Mirage/blob/main/CVE6-3.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.272079", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.272079", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.377755", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6958.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6958.json index a1547410eec..273b063b09a 100644 --- a/CVE-2024/CVE-2024-69xx/CVE-2024-6958.json +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6958.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6958", "sourceIdentifier": "cna@vuldb.com", "published": "2024-07-21T15:15:03.720", - "lastModified": "2024-07-22T13:00:31.330", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-21T17:42:29.697", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,56 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:angeljudesuarez:university_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46ABF764-A0DC-4B5A-83AE-90926CEB0601" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/DeepMountains/Mirage/blob/main/CVE6-4.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.272080", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.272080", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.377756", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-74xx/CVE-2024-7448.json b/CVE-2024/CVE-2024-74xx/CVE-2024-7448.json new file mode 100644 index 00000000000..14fb1cf8b4d --- /dev/null +++ b/CVE-2024/CVE-2024-74xx/CVE-2024-7448.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-7448", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T17:15:09.860", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that the target must acquire data from a malicious mobile device.\n\nThe specific flaw exists within the Android device image acquisition functionality. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-23964." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://docs.magnetforensics.com/docs/axiom/release_notes.html", + "source": "zdi-disclosures@trendmicro.com" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1129/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7600.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7600.json new file mode 100644 index 00000000000..d860e16b29e --- /dev/null +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7600.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-7600", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T16:15:09.570", + "lastModified": "2024-08-21T17:25:08.560", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of root. Was ZDI-CAN-25025." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes", + "source": "zdi-disclosures@trendmicro.com" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1103/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7601.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7601.json new file mode 100644 index 00000000000..d49363fd3fa --- /dev/null +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7601.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-7601", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T16:15:09.757", + "lastModified": "2024-08-21T17:25:08.560", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Logsign Unified SecOps Platform Directory data_export_delete_all Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of root. Was ZDI-CAN-25026." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes", + "source": "zdi-disclosures@trendmicro.com" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1106/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7602.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7602.json new file mode 100644 index 00000000000..c7197215507 --- /dev/null +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7602.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-7602", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T16:15:09.940", + "lastModified": "2024-08-21T17:25:08.560", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-25027." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes", + "source": "zdi-disclosures@trendmicro.com" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1102/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7603.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7603.json new file mode 100644 index 00000000000..426f91e9d63 --- /dev/null +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7603.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-7603", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T16:15:10.123", + "lastModified": "2024-08-21T17:25:08.560", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary directories on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete directories in the context of root. Was ZDI-CAN-25028." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes", + "source": "zdi-disclosures@trendmicro.com" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1105/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7604.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7604.json new file mode 100644 index 00000000000..a275d1b2daa --- /dev/null +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7604.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-7604", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T16:15:10.330", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of the user's license expiration date. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25029." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.5, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes", + "source": "zdi-disclosures@trendmicro.com" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1104/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-77xx/CVE-2024-7722.json b/CVE-2024/CVE-2024-77xx/CVE-2024-7722.json new file mode 100644 index 00000000000..4bd8f162d90 --- /dev/null +++ b/CVE-2024/CVE-2024-77xx/CVE-2024-7722.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-7722", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T16:15:10.580", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Foxit PDF Reader Doc Object Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23702." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "source": "zdi-disclosures@trendmicro.com" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1124/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-77xx/CVE-2024-7723.json b/CVE-2024/CVE-2024-77xx/CVE-2024-7723.json new file mode 100644 index 00000000000..05719ff74c2 --- /dev/null +++ b/CVE-2024/CVE-2024-77xx/CVE-2024-7723.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-7723", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T16:15:10.760", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23736." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "source": "zdi-disclosures@trendmicro.com" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1125/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-77xx/CVE-2024-7724.json b/CVE-2024/CVE-2024-77xx/CVE-2024-7724.json new file mode 100644 index 00000000000..c48d8324b4f --- /dev/null +++ b/CVE-2024/CVE-2024-77xx/CVE-2024-7724.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-7724", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T16:15:10.933", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23900." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "source": "zdi-disclosures@trendmicro.com" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1126/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-77xx/CVE-2024-7725.json b/CVE-2024/CVE-2024-77xx/CVE-2024-7725.json new file mode 100644 index 00000000000..5b3a34b8a07 --- /dev/null +++ b/CVE-2024/CVE-2024-77xx/CVE-2024-7725.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-7725", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T16:15:11.120", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23928." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "source": "zdi-disclosures@trendmicro.com" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1127/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-77xx/CVE-2024-7795.json b/CVE-2024/CVE-2024-77xx/CVE-2024-7795.json new file mode 100644 index 00000000000..0c09a1c0e55 --- /dev/null +++ b/CVE-2024/CVE-2024-77xx/CVE-2024-7795.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-7795", + "sourceIdentifier": "zdi-disclosures@trendmicro.com", + "published": "2024-08-21T16:15:11.380", + "lastModified": "2024-08-21T17:24:59.627", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Autel MaxiCharger AC Elite Business C50 AppAuthenExchangeRandomNum Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 EV chargers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the AppAuthenExchangeRandomNum BLE command. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23384." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-121" + } + ] + } + ], + "references": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1154/", + "source": "zdi-disclosures@trendmicro.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-78xx/CVE-2024-7885.json b/CVE-2024/CVE-2024-78xx/CVE-2024-7885.json index f7050e43cff..dd9af4c6f49 100644 --- a/CVE-2024/CVE-2024-78xx/CVE-2024-7885.json +++ b/CVE-2024/CVE-2024-78xx/CVE-2024-7885.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7885", "sourceIdentifier": "secalert@redhat.com", "published": "2024-08-21T14:15:09.500", - "lastModified": "2024-08-21T14:15:09.500", - "vulnStatus": "Received", + "lastModified": "2024-08-21T16:06:23.153", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-80xx/CVE-2024-8007.json b/CVE-2024/CVE-2024-80xx/CVE-2024-8007.json index d6950514283..aa503529313 100644 --- a/CVE-2024/CVE-2024-80xx/CVE-2024-8007.json +++ b/CVE-2024/CVE-2024-80xx/CVE-2024-8007.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8007", "sourceIdentifier": "secalert@redhat.com", "published": "2024-08-21T14:15:09.753", - "lastModified": "2024-08-21T14:15:09.753", - "vulnStatus": "Received", + "lastModified": "2024-08-21T16:06:23.153", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { diff --git a/README.md b/README.md index c3ac1c759af..46b14a6ec10 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-08-21T16:00:18.162518+00:00 +2024-08-21T18:00:17.988484+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-08-21T15:59:56.493000+00:00 +2024-08-21T17:59:05.793000+00:00 ``` ### Last Data Feed Release @@ -33,53 +33,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -260787 +260823 ``` ### CVEs added in the last Commit -Recently added CVEs: `9` +Recently added CVEs: `36` -- [CVE-2020-11846](CVE-2020/CVE-2020-118xx/CVE-2020-11846.json) (`2024-08-21T14:15:07.737`) -- [CVE-2020-11847](CVE-2020/CVE-2020-118xx/CVE-2020-11847.json) (`2024-08-21T14:15:07.957`) -- [CVE-2024-28000](CVE-2024/CVE-2024-280xx/CVE-2024-28000.json) (`2024-08-21T14:15:08.547`) -- [CVE-2024-41674](CVE-2024/CVE-2024-416xx/CVE-2024-41674.json) (`2024-08-21T15:15:08.770`) -- [CVE-2024-41675](CVE-2024/CVE-2024-416xx/CVE-2024-41675.json) (`2024-08-21T15:15:08.963`) -- [CVE-2024-43371](CVE-2024/CVE-2024-433xx/CVE-2024-43371.json) (`2024-08-21T15:15:09.190`) -- [CVE-2024-43407](CVE-2024/CVE-2024-434xx/CVE-2024-43407.json) (`2024-08-21T15:15:09.397`) -- [CVE-2024-7885](CVE-2024/CVE-2024-78xx/CVE-2024-7885.json) (`2024-08-21T14:15:09.500`) -- [CVE-2024-8007](CVE-2024/CVE-2024-80xx/CVE-2024-8007.json) (`2024-08-21T14:15:09.753`) +- [CVE-2024-43027](CVE-2024/CVE-2024-430xx/CVE-2024-43027.json) (`2024-08-21T16:15:08.297`) +- [CVE-2024-43410](CVE-2024/CVE-2024-434xx/CVE-2024-43410.json) (`2024-08-21T16:15:08.373`) +- [CVE-2024-43411](CVE-2024/CVE-2024-434xx/CVE-2024-43411.json) (`2024-08-21T16:15:08.570`) +- [CVE-2024-5723](CVE-2024/CVE-2024-57xx/CVE-2024-5723.json) (`2024-08-21T17:15:08.413`) +- [CVE-2024-5725](CVE-2024/CVE-2024-57xx/CVE-2024-5725.json) (`2024-08-21T17:15:08.607`) +- [CVE-2024-5762](CVE-2024/CVE-2024-57xx/CVE-2024-5762.json) (`2024-08-21T17:15:08.810`) +- [CVE-2024-5928](CVE-2024/CVE-2024-59xx/CVE-2024-5928.json) (`2024-08-21T17:15:09.003`) +- [CVE-2024-5929](CVE-2024/CVE-2024-59xx/CVE-2024-5929.json) (`2024-08-21T17:15:09.237`) +- [CVE-2024-5930](CVE-2024/CVE-2024-59xx/CVE-2024-5930.json) (`2024-08-21T17:15:09.443`) +- [CVE-2024-6141](CVE-2024/CVE-2024-61xx/CVE-2024-6141.json) (`2024-08-21T17:15:09.660`) +- [CVE-2024-6811](CVE-2024/CVE-2024-68xx/CVE-2024-6811.json) (`2024-08-21T16:15:08.783`) +- [CVE-2024-6812](CVE-2024/CVE-2024-68xx/CVE-2024-6812.json) (`2024-08-21T16:15:08.970`) +- [CVE-2024-6813](CVE-2024/CVE-2024-68xx/CVE-2024-6813.json) (`2024-08-21T16:15:09.163`) +- [CVE-2024-6814](CVE-2024/CVE-2024-68xx/CVE-2024-6814.json) (`2024-08-21T16:15:09.357`) +- [CVE-2024-7448](CVE-2024/CVE-2024-74xx/CVE-2024-7448.json) (`2024-08-21T17:15:09.860`) +- [CVE-2024-7600](CVE-2024/CVE-2024-76xx/CVE-2024-7600.json) (`2024-08-21T16:15:09.570`) +- [CVE-2024-7601](CVE-2024/CVE-2024-76xx/CVE-2024-7601.json) (`2024-08-21T16:15:09.757`) +- [CVE-2024-7602](CVE-2024/CVE-2024-76xx/CVE-2024-7602.json) (`2024-08-21T16:15:09.940`) +- [CVE-2024-7603](CVE-2024/CVE-2024-76xx/CVE-2024-7603.json) (`2024-08-21T16:15:10.123`) +- [CVE-2024-7604](CVE-2024/CVE-2024-76xx/CVE-2024-7604.json) (`2024-08-21T16:15:10.330`) +- [CVE-2024-7722](CVE-2024/CVE-2024-77xx/CVE-2024-7722.json) (`2024-08-21T16:15:10.580`) +- [CVE-2024-7723](CVE-2024/CVE-2024-77xx/CVE-2024-7723.json) (`2024-08-21T16:15:10.760`) +- [CVE-2024-7724](CVE-2024/CVE-2024-77xx/CVE-2024-7724.json) (`2024-08-21T16:15:10.933`) +- [CVE-2024-7725](CVE-2024/CVE-2024-77xx/CVE-2024-7725.json) (`2024-08-21T16:15:11.120`) +- [CVE-2024-7795](CVE-2024/CVE-2024-77xx/CVE-2024-7795.json) (`2024-08-21T16:15:11.380`) ### CVEs modified in the last Commit -Recently modified CVEs: `73` +Recently modified CVEs: `67` -- [CVE-2024-39935](CVE-2024/CVE-2024-399xx/CVE-2024-39935.json) (`2024-08-21T15:35:11.193`) -- [CVE-2024-42334](CVE-2024/CVE-2024-423xx/CVE-2024-42334.json) (`2024-08-21T15:59:56.493`) -- [CVE-2024-42577](CVE-2024/CVE-2024-425xx/CVE-2024-42577.json) (`2024-08-21T14:35:12.110`) -- [CVE-2024-42608](CVE-2024/CVE-2024-426xx/CVE-2024-42608.json) (`2024-08-21T15:54:44.310`) -- [CVE-2024-42612](CVE-2024/CVE-2024-426xx/CVE-2024-42612.json) (`2024-08-21T14:35:12.920`) -- [CVE-2024-42815](CVE-2024/CVE-2024-428xx/CVE-2024-42815.json) (`2024-08-21T14:35:13.727`) -- [CVE-2024-42939](CVE-2024/CVE-2024-429xx/CVE-2024-42939.json) (`2024-08-21T14:35:14.557`) -- [CVE-2024-44070](CVE-2024/CVE-2024-440xx/CVE-2024-44070.json) (`2024-08-21T14:35:15.433`) -- [CVE-2024-6190](CVE-2024/CVE-2024-61xx/CVE-2024-6190.json) (`2024-08-21T14:19:02.380`) -- [CVE-2024-6377](CVE-2024/CVE-2024-63xx/CVE-2024-6377.json) (`2024-08-21T15:54:23.567`) -- [CVE-2024-6378](CVE-2024/CVE-2024-63xx/CVE-2024-6378.json) (`2024-08-21T15:53:57.750`) -- [CVE-2024-6379](CVE-2024/CVE-2024-63xx/CVE-2024-6379.json) (`2024-08-21T15:52:49.027`) -- [CVE-2024-6453](CVE-2024/CVE-2024-64xx/CVE-2024-6453.json) (`2024-08-21T14:37:10.103`) -- [CVE-2024-6843](CVE-2024/CVE-2024-68xx/CVE-2024-6843.json) (`2024-08-21T15:35:12.407`) -- [CVE-2024-7841](CVE-2024/CVE-2024-78xx/CVE-2024-7841.json) (`2024-08-21T14:12:12.943`) -- [CVE-2024-7842](CVE-2024/CVE-2024-78xx/CVE-2024-7842.json) (`2024-08-21T14:13:38.923`) -- [CVE-2024-7843](CVE-2024/CVE-2024-78xx/CVE-2024-7843.json) (`2024-08-21T14:13:11.157`) -- [CVE-2024-7844](CVE-2024/CVE-2024-78xx/CVE-2024-7844.json) (`2024-08-21T14:12:43.497`) -- [CVE-2024-7929](CVE-2024/CVE-2024-79xx/CVE-2024-7929.json) (`2024-08-21T14:10:01.937`) -- [CVE-2024-7930](CVE-2024/CVE-2024-79xx/CVE-2024-7930.json) (`2024-08-21T14:09:28.830`) -- [CVE-2024-7931](CVE-2024/CVE-2024-79xx/CVE-2024-7931.json) (`2024-08-21T14:08:54.820`) -- [CVE-2024-7944](CVE-2024/CVE-2024-79xx/CVE-2024-7944.json) (`2024-08-21T15:24:44.280`) -- [CVE-2024-7945](CVE-2024/CVE-2024-79xx/CVE-2024-7945.json) (`2024-08-21T15:25:35.197`) -- [CVE-2024-8003](CVE-2024/CVE-2024-80xx/CVE-2024-8003.json) (`2024-08-21T15:51:28.397`) -- [CVE-2024-8005](CVE-2024/CVE-2024-80xx/CVE-2024-8005.json) (`2024-08-21T15:49:59.470`) +- [CVE-2024-41002](CVE-2024/CVE-2024-410xx/CVE-2024-41002.json) (`2024-08-21T16:18:10.740`) +- [CVE-2024-41006](CVE-2024/CVE-2024-410xx/CVE-2024-41006.json) (`2024-08-21T17:20:57.467`) +- [CVE-2024-41674](CVE-2024/CVE-2024-416xx/CVE-2024-41674.json) (`2024-08-21T16:06:23.153`) +- [CVE-2024-41675](CVE-2024/CVE-2024-416xx/CVE-2024-41675.json) (`2024-08-21T16:06:23.153`) +- [CVE-2024-42369](CVE-2024/CVE-2024-423xx/CVE-2024-42369.json) (`2024-08-21T16:01:03.147`) +- [CVE-2024-42556](CVE-2024/CVE-2024-425xx/CVE-2024-42556.json) (`2024-08-21T16:35:08.730`) +- [CVE-2024-42563](CVE-2024/CVE-2024-425xx/CVE-2024-42563.json) (`2024-08-21T16:35:09.490`) +- [CVE-2024-42572](CVE-2024/CVE-2024-425xx/CVE-2024-42572.json) (`2024-08-21T16:35:10.263`) +- [CVE-2024-42950](CVE-2024/CVE-2024-429xx/CVE-2024-42950.json) (`2024-08-21T17:35:04.793`) +- [CVE-2024-43371](CVE-2024/CVE-2024-433xx/CVE-2024-43371.json) (`2024-08-21T16:06:23.153`) +- [CVE-2024-43407](CVE-2024/CVE-2024-434xx/CVE-2024-43407.json) (`2024-08-21T16:06:23.153`) +- [CVE-2024-5018](CVE-2024/CVE-2024-50xx/CVE-2024-5018.json) (`2024-08-21T16:00:23.410`) +- [CVE-2024-6733](CVE-2024/CVE-2024-67xx/CVE-2024-6733.json) (`2024-08-21T17:00:32.243`) +- [CVE-2024-6734](CVE-2024/CVE-2024-67xx/CVE-2024-6734.json) (`2024-08-21T17:00:52.007`) +- [CVE-2024-6735](CVE-2024/CVE-2024-67xx/CVE-2024-6735.json) (`2024-08-21T17:01:02.657`) +- [CVE-2024-6899](CVE-2024/CVE-2024-68xx/CVE-2024-6899.json) (`2024-08-21T17:30:03.590`) +- [CVE-2024-6952](CVE-2024/CVE-2024-69xx/CVE-2024-6952.json) (`2024-08-21T17:41:15.617`) +- [CVE-2024-6953](CVE-2024/CVE-2024-69xx/CVE-2024-6953.json) (`2024-08-21T17:40:06.063`) +- [CVE-2024-6954](CVE-2024/CVE-2024-69xx/CVE-2024-6954.json) (`2024-08-21T17:38:34.087`) +- [CVE-2024-6955](CVE-2024/CVE-2024-69xx/CVE-2024-6955.json) (`2024-08-21T17:37:00.700`) +- [CVE-2024-6956](CVE-2024/CVE-2024-69xx/CVE-2024-6956.json) (`2024-08-21T17:35:59.550`) +- [CVE-2024-6957](CVE-2024/CVE-2024-69xx/CVE-2024-6957.json) (`2024-08-21T17:33:42.753`) +- [CVE-2024-6958](CVE-2024/CVE-2024-69xx/CVE-2024-6958.json) (`2024-08-21T17:42:29.697`) +- [CVE-2024-7885](CVE-2024/CVE-2024-78xx/CVE-2024-7885.json) (`2024-08-21T16:06:23.153`) +- [CVE-2024-8007](CVE-2024/CVE-2024-80xx/CVE-2024-8007.json) (`2024-08-21T16:06:23.153`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 2ed35236bf1..b29e4d4dc2c 100644 --- a/_state.csv +++ b/_state.csv @@ -134006,7 +134006,7 @@ CVE-2019-16217,0,0,064b0f121eb67bb3b2ff4a1bfd319b38c8f3c1b46d29c4c1d72b24a1744e0 CVE-2019-16218,0,0,d9804d9359219f84d5524c4a9bedb163b151ce747216bfc634953e4fb83dea3d,2023-01-31T19:34:50.097000 CVE-2019-16219,0,0,df6f58e2145bd205e45c77c1cb062d96fa6c53e47301d48477169f3a37b75d1c,2023-01-31T19:34:42.450000 CVE-2019-1622,0,0,fc36d0775b40c5b0e8702c0f2750cb116cfb70d55c1db4bfebb1257e979dd040,2020-10-06T19:47:45.983000 -CVE-2019-16220,0,0,c43991b2c7242271ea1f49fcc58fb61fba64f39604322819ebe75f34e986477c,2023-01-31T19:34:36.827000 +CVE-2019-16220,0,1,97b33819f9233c8fcd04a31c3138b3d5397a4228eaa0a90d56363060be4f0b6d,2024-08-21T16:15:06.657000 CVE-2019-16221,0,0,80b21155eef2cea796e87582860f5f7dea9f7ee1495abe0164244dfec79f371a,2023-01-31T19:34:08.497000 CVE-2019-16222,0,0,94990655f5989849130af88807edc0a4f4cd2d7bc36ebfae1c17de82a3c2ccfd,2023-01-31T19:34:26.617000 CVE-2019-16223,0,0,811340089413300a95a9ee5e869f6677ea3ac7590fa4277b49f2087f5ef7d593,2022-10-07T01:50:00.770000 @@ -141505,7 +141505,7 @@ CVE-2019-6777,0,0,ed6230942b3610eea0429ec2cfbbc51a947c36a03c9bcb771f9139498e5346 CVE-2019-6778,0,0,624be7218683a3ed21d22047a9797407677bd15a7fc63c1307f2059c7a520798,2023-11-07T03:13:15.563000 CVE-2019-6779,0,0,ffd5f23055df50dd893a8f105f4aadf1aeeddb55d8d60f510f8c7e0b4e201059,2019-01-25T15:34:55.207000 CVE-2019-6780,0,0,005d2836f4bf10c78ec5c08408505a612e313f416801d77cc024b46a98f8397b,2019-01-28T14:11:53.850000 -CVE-2019-6781,0,1,87a917a44c4742fd4a74db75e52249c7209df3c4c023a9ec27d9615c1ca2a1c2,2024-08-21T14:07:38.877000 +CVE-2019-6781,0,0,87a917a44c4742fd4a74db75e52249c7209df3c4c023a9ec27d9615c1ca2a1c2,2024-08-21T14:07:38.877000 CVE-2019-6782,0,0,6280a1e7ea5d95f22ff268570370b59746bc3b592e524d4fb44d1451d9ee77ce,2020-08-24T17:37:01.140000 CVE-2019-6783,0,0,cd609ab9a9750091ef95a18aa1de29726314a30e27f6b3f586277eff70b974b2,2019-09-10T19:44:11.237000 CVE-2019-6784,0,0,11b94fbe30db8ce55d4cd292df0aecd8bc3465896e9c7f35e4bcb2129a6cc909,2019-09-10T19:10:43.527000 @@ -146819,12 +146819,12 @@ CVE-2020-11842,0,0,0341f82bc92298980c2fecdf676cf93a6aa4aea6aadcf0c0ab02ee9516b35 CVE-2020-11843,0,0,b19c69b984c81046691cb13cdbe821d32efdcff1216ced249b5cca02d385b8e1,2024-06-11T13:54:12.057000 CVE-2020-11844,0,0,30484315e297bc9fc671ccde41b4cddacde42e3ca4029c7078a2d75feb874221,2023-11-07T03:15:10.640000 CVE-2020-11845,0,0,7e08b7d4c78c56795d5b38717a7a0c67d123b244dfcc98521773ca6a4bf5f2ad,2023-11-07T03:15:10.940000 -CVE-2020-11846,1,1,2f2a71171e319fe5fb465733f9e77b400df58ab2bc434a0d5e02563bd9d684b9,2024-08-21T14:15:07.737000 -CVE-2020-11847,1,1,ad666f684152c37c5a77c5043c8029917101df5e7f86b76680c05ac0f3711346,2024-08-21T14:15:07.957000 +CVE-2020-11846,0,1,dbd105608b278005dce235f9afcae972419aa71ee29f31e97b165f4404c659e5,2024-08-21T16:06:23.153000 +CVE-2020-11847,0,1,af1c03a40751a9ee7eb44b7bfb6ba1826029428dfa156c62c34bd99d228dd3af,2024-08-21T16:06:23.153000 CVE-2020-11848,0,0,8b23a9eceff9959ab288670219d1f6006701c7021ce0c312a1ae7c487d5ba6ee,2023-11-07T03:15:11.227000 CVE-2020-11849,0,0,09295df17fa5dd8adaff1580dbfce546c6c9c519a1569b4961ddc2c9383ed8fb,2023-11-07T03:15:11.503000 CVE-2020-1185,0,0,3316dc17683cc6cc502a5a61a4139663716df73cc9e5aeb1b7b86cd4d9551321,2021-07-21T11:39:23.747000 -CVE-2020-11850,0,0,cebbf51f1c45b548786aeef921a738c81de5b4cc50f4c3e4bde845b14248debc,2024-08-21T13:15:04.027000 +CVE-2020-11850,0,1,a880962fc5cb09914969f43c2029ff38c4de972bf755cf56f89f5ef4f32ebcac,2024-08-21T16:06:23.153000 CVE-2020-11851,0,0,4ee7500b04ed49333edaab0460360ee6e3c1c64822d3fd6fa5fe961906315d49,2023-11-07T03:15:11.767000 CVE-2020-11852,0,0,112bc0d3fcb0af2373f487930f6d85a8825e32e1638612dc8b7461f6b5afad16,2023-11-07T03:15:12.037000 CVE-2020-11853,0,0,32b8f066baea30ce3a5502342cf34ba35e924476d7f149d54fcc4651ef73cd28,2023-11-07T03:15:12.290000 @@ -168403,13 +168403,13 @@ CVE-2021-22192,0,0,d3fa449c70dfd563f9ba5c781943593cd35fd411ab25785950f07fd4ac7da CVE-2021-22193,0,0,2987ff343b087b288eb5718acae25e2b5b3f4f5f0d1b9da7b3e5364391b4a242,2021-03-26T16:24:06.683000 CVE-2021-22194,0,0,8fb04f2816074ec407478dbacf56dd415cfb0ee9357e96e0f731b4f69635d293,2021-09-14T16:51:47.187000 CVE-2021-22195,0,0,9d8c7fdf7970fabf2a7b5d93d16a1874d6ccef793f5bd4bb7fc18545d51b3466,2022-07-12T17:42:04.277000 -CVE-2021-22196,0,1,241a37bce0a56b34e123fdfba24cb9fcf692b9f82c38e9228789260c6836e048,2024-08-21T14:07:32.817000 -CVE-2021-22197,0,1,e7973db1b67ca6f969424efd2b9186a2c3f71e60b656501c2d45396f9cb9cacb,2024-08-21T14:07:27.717000 -CVE-2021-22198,0,1,b91364a9a1187edd11f6f838c67710028ace35bb0ea0d184812fa493a5bbc39c,2024-08-21T14:07:17.797000 +CVE-2021-22196,0,0,241a37bce0a56b34e123fdfba24cb9fcf692b9f82c38e9228789260c6836e048,2024-08-21T14:07:32.817000 +CVE-2021-22197,0,0,e7973db1b67ca6f969424efd2b9186a2c3f71e60b656501c2d45396f9cb9cacb,2024-08-21T14:07:27.717000 +CVE-2021-22198,0,0,b91364a9a1187edd11f6f838c67710028ace35bb0ea0d184812fa493a5bbc39c,2024-08-21T14:07:17.797000 CVE-2021-22199,0,0,57f4d367f02fa030c60583d714a13f8dbf72c7918582eb2b26bb77a3bda2015a,2021-04-30T13:51:49.673000 CVE-2021-2220,0,0,8f31636ae80e5a0d22a6f89cdc6ae9359a98ada289c6012b7493a87444046e39,2021-04-28T18:24:32.057000 CVE-2021-22200,0,0,b1b9a3423ca32ca239581dec52991307b9ff53c6e73f87ef86d2fa52f67761ea,2022-09-23T14:50:16.447000 -CVE-2021-22201,0,1,540d9d197deada1ab800126e776f48a04870ed94141b91f997702a7eb952466f,2024-08-21T14:07:10.707000 +CVE-2021-22201,0,0,540d9d197deada1ab800126e776f48a04870ed94141b91f997702a7eb952466f,2024-08-21T14:07:10.707000 CVE-2021-22202,0,0,1350f0956b43e4cd4665e53cfeb36055cbc3debe51b475c4b95e754e41d11c40,2021-04-07T19:01:48.483000 CVE-2021-22203,0,0,04c823716f4b62c1e3e648683d958604cb5a5f694494b0ed21467afcd8ee488a,2022-07-22T12:14:46.430000 CVE-2021-22204,0,0,6ad8e0e8c598430c8867a7cc21ac6b6ac0d894782eb69de7731748c5abe2fe65,2024-07-24T17:07:58.813000 @@ -176411,7 +176411,7 @@ CVE-2021-3282,0,0,3c170643b196d4af5186ff8456cb48d816601a7a9c0db05bb71b3f46fd28ee CVE-2021-32820,0,0,df26e63933814c01417978e47fbfbd6b1e4c391e3b510693dcb6e2a2e02ba52f,2022-07-02T18:24:15.590000 CVE-2021-32821,0,0,6ab8d4060f8021b1905fa80e695664d07c4a86d67746fc3db79b9b6e0da9789a,2023-01-10T15:02:29.047000 CVE-2021-32822,0,0,8d1d5c6f505aa70118833823440a17ae40d57f2917de5ee25a885d2aebf63d1a,2022-07-02T18:23:07.957000 -CVE-2021-32823,0,1,4237e95b35ebf9fb3ff56c9f80028e3880dfc05659dcd1ea594984ad5f5a3b4d,2024-08-21T14:09:00.713000 +CVE-2021-32823,0,0,4237e95b35ebf9fb3ff56c9f80028e3880dfc05659dcd1ea594984ad5f5a3b4d,2024-08-21T14:09:00.713000 CVE-2021-32824,0,0,33e94ef0e6c15acabe04e87dd007117d4e9f97d6055ba95e1eb8af855df40338,2023-01-10T13:57:42.147000 CVE-2021-32825,0,0,cecb1f7472284570bd4476615609a468b56e6718731788eb514c960a52300a68,2022-07-02T18:22:01.657000 CVE-2021-32826,0,0,cb6cd694cfa603a0c8ddec02936d4b86d14ef6a4719de44cc1e0542c8a28e36d,2021-08-24T17:58:16.843000 @@ -187470,9 +187470,9 @@ CVE-2021-47618,0,0,2a314532463f641de5a1abcd70cc0a94c3a5563bdb37f6cd3ebfada5f8416 CVE-2021-47619,0,0,3423ea9cbab93af03ecb9855e0285f5e2851c0e4b6812bafeb4e82921247592c,2024-06-20T12:43:25.663000 CVE-2021-47620,0,0,fb48237cc161b8d736f32b3c4687ae5c6d236eb8a2b8089bbf75bcca0c16df9e,2024-06-20T12:43:25.663000 CVE-2021-47621,0,0,e2a12dc01cb26b616b467be0797cdc4becade42dc6473a1cfae1a845981be942,2024-08-19T17:35:03.327000 -CVE-2021-47622,0,0,5687fedeaf0fc97598385001780a91dee2aac32ca83156e078d729c2dde62413,2024-07-16T13:43:58.773000 +CVE-2021-47622,0,1,1d63636624695cdf93325419218fd644932a974f7e674106d3329295d563b92a,2024-08-21T17:31:30.087000 CVE-2021-47623,0,0,51281b2f0091c3f4d7a64df3b524258b3de520fa994b2caf678cd311e53f80eb,2024-07-16T13:43:58.773000 -CVE-2021-47624,0,0,c2a585352ebb3edc0ad7ac5a6a183524a0456da3ae869c5049c066da0fc05ae9,2024-07-16T13:43:58.773000 +CVE-2021-47624,0,1,77027762eeac62404a5f01e1332f031001f54107024312a5e6ca732f487bd823,2024-08-21T17:43:52.917000 CVE-2022-0001,0,0,c7771fc2d861960e86f1fd6d32008510ecf97da9ca69c795218a9bb34cd032b1,2024-04-09T15:15:26.797000 CVE-2022-0002,0,0,383f70837be6118e87e9457e616e4d09f60a1ff845d543b16ebbc8f1078dc94f,2022-08-19T12:28:50.667000 CVE-2022-0004,0,0,e3e425e8f15bba73e3ddeac7007a097fd53c30dc0f781f80718d8d9da4feab39,2022-06-10T20:52:37.810000 @@ -194394,10 +194394,10 @@ CVE-2022-25464,0,0,fa4446c0b87ccc8489496fa2f9dcccfb6f1f7e87309e1719761a02c32bdef CVE-2022-25465,0,0,7cbe3853c67634a1c63754575fe4ed932bd1f0187da78b5a63369dcaa7c4cae1,2022-03-11T15:55:36.710000 CVE-2022-2547,0,0,dbeba4a8b3d68d6d3de10cc461419e2c751bf3e1f6f2ec4f183c6a17312177c5,2022-08-19T01:43:28.157000 CVE-2022-25471,0,0,d59a2094cef30b0a74747ab7cc9d6328094a89833946591fcbe214da809a6cc7,2022-03-09T19:47:15.070000 -CVE-2022-25477,0,0,966ee36b3c9e2e9793514336a12f495dd21f9f3b70ddb8eea4ce29cfe6b51c19,2024-07-03T12:53:24.977000 -CVE-2022-25478,0,0,0da071f9d82bb033c90829560e3da6c0e90fb76d0ee6088e00cf78712dc5bc27,2024-07-03T12:53:24.977000 -CVE-2022-25479,0,1,504375c0e9c0a90cd5be5d37ab0c4ba17a2a5a112433fcaf549855853b6f40f9,2024-08-21T15:23:53.593000 -CVE-2022-25480,0,1,3014168fd7e8c7f2c9484a5386ee047300ee64cc29756299275ad4142894afdb,2024-08-21T15:57:59.397000 +CVE-2022-25477,0,1,cb58d5fbadc3ce2e8130355a1d0c1ba5962d29d6450bb3073da88cd563f0e252,2024-08-21T16:11:13.223000 +CVE-2022-25478,0,1,95f7d46191c4f20a5abae2e5ff8c454e2d71584401f0d5df01bd4e5139542f65,2024-08-21T16:09:11.237000 +CVE-2022-25479,0,1,c1f38243d43dfe578688881e64fdb77f8cba1853c2bc4fd3f7cf839089868196,2024-08-21T16:09:09.517000 +CVE-2022-25480,0,0,3014168fd7e8c7f2c9484a5386ee047300ee64cc29756299275ad4142894afdb,2024-08-21T15:57:59.397000 CVE-2022-25481,0,0,39cf9a73c463f25981da336ece7b787bc04e88649ca7479c7b1f74ad7e94bf81,2024-08-03T05:16:04.587000 CVE-2022-25484,0,0,07f0b9f1320784b0105d435f5fd3b8eefe70e3aca276722e91dffdd88cfe785c,2022-03-28T20:53:05.180000 CVE-2022-25485,0,0,fe4dcd756be960aeab4fda110858bc8cb2a1cdd75bdac67031c3b935cc94cf47,2022-03-23T18:18:46.160000 @@ -195063,6 +195063,8 @@ CVE-2022-26319,0,0,df89539e33ae729765bbf5708419e9238cd5395f00f3879c2a7d76f26e1eb CVE-2022-26320,0,0,0821ab29948bcb8ff6394127add06f2455ef2463ce545b333685d1b7d5e7ee9b,2022-03-23T15:02:20.840000 CVE-2022-26325,0,0,71c58e61480c4b27374f3a990d8a54d98de2bdee3e9fb84b64281d4b075b3b7a,2023-11-07T03:44:56.980000 CVE-2022-26326,0,0,9ad27885fa0c540266ca1167975a0cab125c731a5ab45882b07301ce6001b68d,2023-11-07T03:44:57.197000 +CVE-2022-26327,1,1,2843eb99ab3a7cb35c3e4a9e16078fdbec9d2d4d6cb6df8ef3bd5b25a9b25970,2024-08-21T17:25:08.560000 +CVE-2022-26328,1,1,ed9be012739926be741dce043bfac02490c3fd33310d2ba7416cb37304c8684c,2024-08-21T17:25:08.560000 CVE-2022-26329,0,0,f95c63549f7d43fdb6838bfa7b2ca1a1e49fecbabc0c9b9abd69c3fc81419a15,2023-11-07T03:44:57.537000 CVE-2022-2633,0,0,bae15211c154fcc3bb9979ba7a9032f4e12b8bb98d327ad89cae53791fc1316e,2024-01-11T09:15:45.340000 CVE-2022-26330,0,0,1b013699f20f421af058c55f3843eb6fbb17098dd8fff2d571aec7b53d543c5b,2023-11-07T03:44:57.757000 @@ -212267,12 +212269,12 @@ CVE-2022-4877,0,0,7be088f764e81f3d159b624bbe89e382d534c3a5b5b12bd3cddcbca9b76598 CVE-2022-48770,0,0,c1d7d83fd1642cff8a855525ca26bcc6079d73fb16b8d7f896bc8d7f51eac629,2024-06-20T12:43:25.663000 CVE-2022-48771,0,0,a8deacbe046a73aa8a794ce68776d42685618f7346517abbe96cfaf42a525dde,2024-06-20T12:43:25.663000 CVE-2022-48772,0,0,825ad0b7596b25819d7b86965164bb12e2585ef24c7e39d20b3372592bbe9a0d,2024-06-25T18:50:42.040000 -CVE-2022-48773,0,0,a964c5a95b097569d00d29e3f4d836efd510de9337a58ff25985920096b0dc10,2024-07-16T13:43:58.773000 +CVE-2022-48773,0,1,dc19342bce35f737a0d55bbca86132f56db1115e6627671efed3de2bb7534729,2024-08-21T17:45:26.867000 CVE-2022-48774,0,0,da71c85f24cdf9bc921c3d339b713f4ee60d227e6dab069d48721a29377e0e3f,2024-07-16T13:43:58.773000 -CVE-2022-48775,0,0,d63d3cb12a64fd8f10f34e3198b045c37f1e463d38ae8328180babca1efb9eca,2024-08-03T16:15:48.183000 +CVE-2022-48775,0,1,2acb46b961b5a6a98400ee899a0271b90d0006fde257656a51a219503be9ebd4,2024-08-21T17:47:10.263000 CVE-2022-48776,0,0,893198e6ce5b87d6fcbfe9bc4c8bb366e00f9c75f1eab9b7f2694e999d3ee514,2024-07-16T13:43:58.773000 -CVE-2022-48777,0,0,3eabe1fb70f1075d99ddd0d443cbfefc9a68cd65897def23498bcb92f7a01643,2024-07-16T13:43:58.773000 -CVE-2022-48778,0,0,6930f71d238dfd6582214762854cba5d5a97f34959721961272415469926a2da,2024-07-16T13:43:58.773000 +CVE-2022-48777,0,1,830cdb53c9b73e969d2dc50a8fae272c4cde81d156eacd00732a3b9bd6316f81,2024-08-21T17:52:44.367000 +CVE-2022-48778,0,1,cf80129bac53c697067af006cd31eeb61d796e99bba997a50ccafd500fb3fa60,2024-08-21T17:59:05.793000 CVE-2022-48779,0,0,97d9d0eb3827fa1226e1fba33985b873f2171577e05e18972d57ccca28c3a039,2024-07-16T13:43:58.773000 CVE-2022-4878,0,0,fb05127321f1dbc90cfbd12f64590320f5f815bf94532155a8a99445e7198622,2024-05-17T02:17:00.683000 CVE-2022-48780,0,0,b117f40454daee066e1fc26a32af7cc957d4703e741175087709e91e884ce0cf,2024-07-16T13:43:58.773000 @@ -218179,7 +218181,7 @@ CVE-2023-24528,0,0,6e8e28778e306c6d39cb7bb3c4579189ee8673cbe400938fbc175042f0ef5 CVE-2023-24529,0,0,c7a0717c3c79da9a6fdb6d8e6c330668b10be20ca5f0ec4a5ace1aa0c3b85186,2023-04-11T22:15:08.633000 CVE-2023-2453,0,0,bea029ca94d29310ad24fcfb926577dcb265c68779a19d2a6f5e1f98ce427545,2023-09-08T17:27:41.190000 CVE-2023-24530,0,0,200d01a690f352db69eda42e0704e1901012716a322208bb433de204782f5ac9,2023-04-11T22:15:08.690000 -CVE-2023-24531,0,1,41f99e5f21b99fe9c5093f1868c525a82b7b0e6096537192abff2b99254a2e91,2024-08-21T14:35:00.837000 +CVE-2023-24531,0,0,41f99e5f21b99fe9c5093f1868c525a82b7b0e6096537192abff2b99254a2e91,2024-08-21T14:35:00.837000 CVE-2023-24532,0,0,46c1010375d987c12d3d2f6a244a66004a8474aaaffca43c12f77304e11c7143,2023-11-07T04:08:30.867000 CVE-2023-24533,0,0,266a62ac5dd5b5ec7da821bd36161407bdbe56170b7af5f3b74e1b0e0de14bc3,2023-11-07T04:08:31.050000 CVE-2023-24534,0,0,3cf7f5a57b366f81c058030685b4ab4d692fc68a4d4b50ba094d7c7c675f1b16,2023-11-25T11:15:14.030000 @@ -231835,7 +231837,7 @@ CVE-2023-42298,0,0,325bd6dcacae03a8901546ecf6a68800fcd55993f137c16c4a30439b947a3 CVE-2023-42299,0,0,b79e66f9e9bb5bdc9d54054f3ebc7185aeb1754cc53451dcffd1ae15c07339f7,2023-11-10T04:12:40.023000 CVE-2023-4230,0,0,4967c66ffa7c5bf64ae519d8870b972b3f945d6d22d2a1979da49242c09e7efd,2023-09-01T17:12:36.097000 CVE-2023-42307,0,0,5fa4879b7a758f2464953629284a4551a3498c385f632cac8def5b03ec6db753,2024-03-13T12:33:51.697000 -CVE-2023-42308,0,0,7516937693dd410db99451403f1267103cbefa22e3fdcbd1bf193b9f7fbd3c04,2024-03-13T12:33:51.697000 +CVE-2023-42308,0,1,3f6f62e7346fde4d116b4df82668d254e9367e62f9bf0a67af0cef27f85e59f8,2024-08-21T16:35:00.997000 CVE-2023-4231,0,0,5976e141bff0004dec67fac64b9b67ccaf573de12ea4dd0cec06ce30924d7e32,2023-09-20T15:34:03.560000 CVE-2023-42319,0,0,f1a8ad673cf0d82b4b9a41e959ce42527dce3528d5d4253718fc8c311fcb1beb,2023-10-25T17:39:00.483000 CVE-2023-4232,0,0,debbd2aed7d29cbc7fc6d9ba25bfdc68f7d2c098abdc58f1fe1b453514486b05,2024-04-18T13:04:28.900000 @@ -232672,7 +232674,7 @@ CVE-2023-43550,0,0,dd26777fe7c76aaddce632193169255ce63f6554f651158eb0fe9f8d3a6b3 CVE-2023-43551,0,0,1da0ac02f2044ad4b88696662d307d0447ec4789a4fffe3d4302bd62cb4a8ec4,2024-06-03T14:46:24.250000 CVE-2023-43552,0,0,df3b58954fcf9776a956bbffa11678a9c40ca1ba1f1d5d6d25fc081d8d702fa5,2024-04-12T15:15:22.210000 CVE-2023-43553,0,0,8941e7bb124b698e9acfc43e4da8e8c8b02af5a55db3e6552aa84d8cbfa3c4ed,2024-04-12T15:15:22.310000 -CVE-2023-43554,0,1,ebe79a774da399da8bc1be27303d958c444114dd1acac28b6410f89b38ffaf8b,2024-08-21T14:23:24.737000 +CVE-2023-43554,0,0,ebe79a774da399da8bc1be27303d958c444114dd1acac28b6410f89b38ffaf8b,2024-08-21T14:23:24.737000 CVE-2023-43555,0,0,cda7df5833e41442ddc362eb16f0c18ee659ca1f15aa965650a2448242784d5b,2024-06-03T14:46:24.250000 CVE-2023-43556,0,0,69dac4661060cf7876f4827f5c2b868921cf551c117e53edae64436a4aa9f67d,2024-06-03T14:46:24.250000 CVE-2023-4356,0,0,3c06bd3da07fea776daccde8a3b9274c7f86ff08a23bb0bce26102cdd4db70fe,2024-01-31T17:15:14.917000 @@ -234994,7 +234996,7 @@ CVE-2023-46943,0,0,3ae067c36d55bbbcd74a1ab1c994e778477a4e4efa0b96242be80940436c3 CVE-2023-46944,0,0,cdecfb8ec33e56621b60ab98b450535b2a63b71d0ae32649b6017af3e94bf349,2023-12-04T19:39:27.447000 CVE-2023-46947,0,0,69c22ce145401493ee925255d856f76068fc4e105d8df29e207613a75508c727,2023-11-13T18:50:17.157000 CVE-2023-4695,0,0,4336782c8ea05850b9eeaa8589b146f9074b1ac72d74510c5d547425385f33fc,2023-09-07T19:10:59.810000 -CVE-2023-46950,0,1,bb37bdee2d537a3890f65f9adf5263b8532fbc8731ec9c20145eca143a90b86e,2024-08-21T15:35:01.203000 +CVE-2023-46950,0,0,bb37bdee2d537a3890f65f9adf5263b8532fbc8731ec9c20145eca143a90b86e,2024-08-21T15:35:01.203000 CVE-2023-46951,0,0,109e2cbefa7e947d662ef6c944162b97936120093db19f170230b0541b6882f1,2024-08-01T13:45:03.913000 CVE-2023-46952,0,0,4bcf3948e8ecb1744ce911545c8fe6c861e6c40af1d5cc477719602d32e4f796,2024-01-23T21:44:21.433000 CVE-2023-46953,0,0,a872c64c0c4c630030a60d7892d6bcb58eb0d3a3b33b50c7787cc33ab267e7ac,2024-01-11T17:06:37.437000 @@ -236632,7 +236634,7 @@ CVE-2023-49190,0,0,86cb6859aa19958c166ca64e47676d44af4b98597ca7dd177a61fac83182b CVE-2023-49191,0,0,34969ee3df3717ecd0fd0437e5d4d4fc0bd1f9b89d2160d0adca8969e1a92937,2023-12-21T17:20:50.323000 CVE-2023-49195,0,0,239193d980cfd4324773344b0a932e91919adfb3eac7f01f4cac2dbd41501171,2023-12-18T19:48:51.397000 CVE-2023-49197,0,0,87fee8cafa9bc5eebe7f1b14f5bce64e09cfb3c60a34a1183c07dca6faf91be6,2023-12-21T17:26:04.913000 -CVE-2023-49198,0,1,4d6475dbfe0446a96260537231cb27868b40f11df2bf0eb8c592af5861c0e780,2024-08-21T14:35:01.510000 +CVE-2023-49198,0,0,4d6475dbfe0446a96260537231cb27868b40f11df2bf0eb8c592af5861c0e780,2024-08-21T14:35:01.510000 CVE-2023-4920,0,0,750757ff4ce213882eeb3b1cbdf16aac49f85b0688b4847bcc0bc2036d6471f3,2023-11-07T04:23:10.193000 CVE-2023-49208,0,0,2a9e047f121c5391d797b355b9800029d03397ffa5606d306303c89458886565,2023-11-30T20:47:45.190000 CVE-2023-4921,0,0,d59093adbc168eaf1f1dcabc1b2c8846c3b0575f8dbf1988414be85426e1ed5d,2024-01-11T19:15:12.373000 @@ -237731,7 +237733,7 @@ CVE-2023-50950,0,0,44d9f6fce0df4c0cb249dd6910d6c5f827d41fa95ee4793fa82fc6cd0bdbd CVE-2023-50951,0,0,f6602a94bee5ac370ebd327ee71099d1d7184ed6e0d0e6b8d7894abc3d65ab08,2024-02-20T19:50:53.960000 CVE-2023-50952,0,0,a42bfb9eb2ec7c3f0ba7edf0dc6ed3e721be6a8d276393fcea326ad1cdea6eda,2024-07-31T19:34:52.883000 CVE-2023-50953,0,0,52036d7752aac445cbb090aea392f5f16e3dcdb55ed4b88e406bc96e30a1871f,2024-07-31T19:13:21.947000 -CVE-2023-50954,0,1,baece4f5dc11741de457ffc101bd64213e3d518cabc43705ad07eb4c82b73f9e,2024-08-21T14:02:11.833000 +CVE-2023-50954,0,0,baece4f5dc11741de457ffc101bd64213e3d518cabc43705ad07eb4c82b73f9e,2024-08-21T14:02:11.833000 CVE-2023-50955,0,0,cb43484caa0d365611ce717b8ab9c294998eddcf699afed606cd6871f7a3627e,2024-02-22T19:07:27.197000 CVE-2023-50957,0,0,2afed176927569fa17df9b690207f86f15723fa616f6bf3a39224dbb3a2fe550,2024-02-15T04:37:53.297000 CVE-2023-50959,0,0,548130eb58aed1c2c003b7ce8a5bcf3c2c3f04edc69dd49d513dcce2ff15616d,2024-04-02T17:56:18.897000 @@ -239233,8 +239235,8 @@ CVE-2023-52881,0,0,6fd8affdcc64e7515585a36e8830d44119718460b76d8f8a6eab4860fa38e CVE-2023-52882,0,0,e51efc18668383cabb6a1a97b2fa54b9809b5bd71d28b08d72a7fdf9caf29900,2024-06-27T14:15:12.840000 CVE-2023-52883,0,0,97759c00758e41d95ed1ae62b92bf41e3188ce0db01c0040d74fe100684b74d7,2024-07-03T01:44:10.627000 CVE-2023-52884,0,0,bbf325b5c1ed57a9d1f4ab6303e0df9c8a8b60b96f00c7266f34fe596a2f1382,2024-06-21T11:22:01.687000 -CVE-2023-52885,0,0,bf364685107e55e770da1015b2b20f820b2146198fe7433439069c5b8fe9fd83,2024-07-15T13:00:34.853000 -CVE-2023-52886,0,0,c0f7ffc4b4733226d4691afd6753bdd5f0e8d9d99822dcd9469cd60c70566a43,2024-07-16T13:43:58.773000 +CVE-2023-52885,0,1,ba54ce0f1e6cfdb0c3068ff6239477d1947ca1e313d076509a55e33f062d9169,2024-08-21T17:03:01.107000 +CVE-2023-52886,0,1,83b61df55327135062e5e522c73f391153e99ea45d147df2c64cdb19c2b2b0e2,2024-08-21T17:28:49.267000 CVE-2023-52887,0,0,cb846ee4e76e369153e430accd03bef53983c1edb90492817231cbcbd98213a5,2024-07-29T16:21:52.517000 CVE-2023-52888,0,0,22b49aaad0de331d634875ed02b1dd2b64a739107c93a24ad94d1777a415da3c,2024-07-30T13:32:45.943000 CVE-2023-52889,0,0,ad1cde02a64052b28564d8e8a7e2af925007327c5229809929326bf9b8081627,2024-08-19T21:19:16.970000 @@ -243033,6 +243035,7 @@ CVE-2024-20366,0,0,ce7e4ab0363f4b2934fc27a08480c4ec05827340dd08325d4de96e54b996f CVE-2024-20367,0,0,0d59cd325b5448a23ac62ba4d011225bdec20c6d4a20e9044f14a66801d9654b,2024-04-03T17:24:18.150000 CVE-2024-20368,0,0,11ba77e6ca928b43fcf33bd9b64c67655ca382b15bfec85a328bbca787a43cf3,2024-04-03T17:24:18.150000 CVE-2024-20369,0,0,e23910e4adf6ac7fe444b246c85eb12e2e56e7b12054f1339b9256c8ec4ec112,2024-05-15T18:35:11.453000 +CVE-2024-20375,1,1,4fb6a21322317958d1ec43ef32dae141f64d5f5ef4f23637bb1872494c1b6f8a,2024-08-21T17:24:59.627000 CVE-2024-20376,0,0,616e740c2ab9d6be811f96c68e43db8bad88fc7cef9833f2acf95234fb3cc478,2024-05-01T19:50:25.633000 CVE-2024-20378,0,0,1d0c211142ee7b64cb979c7d6fe81a8dda4cc3d613763c0904f9ebf5643e5461,2024-05-01T19:50:25.633000 CVE-2024-2038,0,0,84783e34583c406994ceb062343516951516f0b07f0d721026ee845e3108d0ec,2024-05-24T01:15:30.977000 @@ -243432,7 +243435,7 @@ CVE-2024-20986,0,0,585c5c0b87b6851f5c4ab4c579de05f8ac5a9727bbc9a26d37be4c76b6efa CVE-2024-20987,0,0,5674babb479962fb00a1daf77527ad0fcadf7deb1dc2f2e21cb99ae36a705876,2024-01-20T18:30:16.877000 CVE-2024-20989,0,0,a7d22556fbb4c8bfc854b8be115e24e2b509ffa38c8b92b1c42f6ad2d22f1a59,2024-04-17T12:48:31.863000 CVE-2024-20990,0,0,7209f9c5b2fcc68cbcde805d29ae71b69a1171286586c868d73cb079225a11e2,2024-04-17T12:48:31.863000 -CVE-2024-20991,0,1,94f0f80e95be2725620dad0c6e5443bdd60acc699a66c91ac7c7279a95dd6e81,2024-08-21T15:35:02.493000 +CVE-2024-20991,0,0,94f0f80e95be2725620dad0c6e5443bdd60acc699a66c91ac7c7279a95dd6e81,2024-08-21T15:35:02.493000 CVE-2024-20992,0,0,2316a7e3695b6c04931a608a67fd92fa5f3396749f8f949eaa948bc7ed7c8bc9,2024-04-17T12:48:31.863000 CVE-2024-20993,0,0,f265f30034a72b0245584617af60357e0eba9fef80f9901f7019ccd722f377ca,2024-04-26T09:15:09.417000 CVE-2024-20994,0,0,f8518528037ebaf7b447fe64a92be5f1f29c56cd4dd76bc86ca6bad4ab5399ed,2024-04-26T09:15:09.500000 @@ -243448,7 +243451,7 @@ CVE-2024-21003,0,0,90a06bec930da30c9a00d7e245d95aa433119de047332777b49810dcb3c38 CVE-2024-21004,0,0,12fb5f942e2654153a412c5fc14ae11006d2f5e0ec44b20048eedc0b493190fb,2024-04-26T09:15:09.933000 CVE-2024-21005,0,0,3a0033bb21374d9be43479eee698b2830f41d8d2a9d0eb123f27394e5de66035,2024-04-26T09:15:10.030000 CVE-2024-21006,0,0,2bf05827c1375073e1ad934485914186267cfb26e257a4c1e61a55b796ef3611,2024-04-17T12:48:31.863000 -CVE-2024-21007,0,1,318b973189a970b7ce55f9b439b79912feb01731965e9cf4d9ebb34a06f5b815,2024-08-21T15:35:03.230000 +CVE-2024-21007,0,0,318b973189a970b7ce55f9b439b79912feb01731965e9cf4d9ebb34a06f5b815,2024-08-21T15:35:03.230000 CVE-2024-21008,0,0,38cec7a29a8a72c2bf7ce887f62e416f021ea4207cddde1c88ff950be614310a,2024-04-26T09:15:10.100000 CVE-2024-21009,0,0,a78eb0846c1ce90adf929785768d1085af60597400c4b21685b5b209abe7c262,2024-04-26T09:15:10.177000 CVE-2024-2101,0,0,f64308a9cf2bd395190830ff176a54d77164cf0faaa20d92ded300e0efbb1c30,2024-07-03T01:53:00.530000 @@ -243817,7 +243820,7 @@ CVE-2024-21451,0,0,fda859879476242f447364ed932f4e097d32ef677cea24910429c5be2e679 CVE-2024-21452,0,0,9f708d763548b34c7c49c3f0348df362d48fec38e955d6efb9dc3104c88d6865,2024-04-12T09:15:09.877000 CVE-2024-21453,0,0,da605aa15089d99be623e883beeca2f93e21f8fdda0997652a458a217ea7b701,2024-04-12T09:15:09.977000 CVE-2024-21454,0,0,bb3c6f4e967eb55a8c57e103a3dd8be0b010cb457fa764651101d90478af9307,2024-04-12T09:15:10.083000 -CVE-2024-21456,0,1,febed50af5286757c8cac18d43d41c241de675306b4f7eab1cf3e42fd902eaa8,2024-08-21T14:25:32.873000 +CVE-2024-21456,0,0,febed50af5286757c8cac18d43d41c241de675306b4f7eab1cf3e42fd902eaa8,2024-08-21T14:25:32.873000 CVE-2024-21457,0,0,0397b493f3a90fa8856b8c3877d0f328b647dc8423fd236ad4c3272a6eecd90f,2024-07-02T17:49:35.410000 CVE-2024-21458,0,0,f9498022a3fab8a9690b0ccfe79640e4fd1995291accc416b68050d29e4c1e40,2024-07-02T17:57:05.057000 CVE-2024-21459,0,0,ecee39c896d44f36960ac0d1b86aec74c9702a6ae0226b76c4a972441854dba6,2024-08-06T16:31:05.780000 @@ -243997,6 +244000,7 @@ CVE-2024-21686,0,0,4a77c3c56e7b5b00a78de09ce573bf8e0630b6f60379d0ccdce9209c8559b CVE-2024-21687,0,0,376ba9a42cfc804d783dd58059d1accf85ade36be58bc6e24e95588c80302a09,2024-08-01T13:46:48.050000 CVE-2024-21689,0,0,d8a79405abcb9c8abfdb03520e41049c9522145c88e975847ada5aebd53c39e7,2024-08-20T15:44:20.567000 CVE-2024-2169,0,0,25fcbf8b9d7008ea9954a41615969f4d36543f4a604eb878bcc8b4c5c18a9fe0,2024-08-02T17:35:41.760000 +CVE-2024-21690,1,1,7048d2ab1fbd019dd6cf299008c12072d2685cd19cd0b940e71ae4cebaf012a0,2024-08-21T17:25:08.560000 CVE-2024-2170,0,0,758d6332b5fccd657d38a7eddcc769e16fb72e0c1b6514443e29b8614302434a,2024-03-26T12:55:05.010000 CVE-2024-2171,0,0,e9c79cd9676afcf55166b18cc4887c5a70983811183f36611429f962ee8d8a26,2024-06-07T14:56:05.647000 CVE-2024-2172,0,0,edf7001396454eaaf4557a9c3fcef53434431cfdf8112832b9dc273636d1d743,2024-03-13T18:15:58.530000 @@ -244434,12 +244438,12 @@ CVE-2024-22273,0,0,bbfe4422f6a695e0d7f4adf7fd8e62a3d62f7c38479d626b031b977da5895 CVE-2024-22274,0,0,87361af428d962de76a852670d2cc5984c82c5471ebe2a2d40c0bfba59a3e184,2024-07-03T01:47:13.067000 CVE-2024-22275,0,0,4e0b17231c07cc777231dbb9d62f6bfa759cfc82db650243f36e18a0ee106c1b,2024-05-22T12:46:53.887000 CVE-2024-22276,0,0,419203f50311fd388fe713fe6b9bd9748f16b9b808692bb6bb617d18f1b85850,2024-06-28T10:27:00.920000 -CVE-2024-22277,0,0,7af6b2afb1e15f1dd493cd5a11be35c581a81443ea5b3d0ad0455da345de3e9f,2024-07-05T12:55:51.367000 +CVE-2024-22277,0,1,58ae5d0e4105b74890ddefb8230f50e402808e8f123d8f12b678d28eac27f1bc,2024-08-21T16:12:46.790000 CVE-2024-22278,0,0,f35dc006103cc663388ce8b4cff5063958c5dfc051683cc0f74cfb0c3db3bfcd,2024-08-14T22:15:04.253000 CVE-2024-22279,0,0,5d8aa0dbd91af7dcc363b8a8ffff6d2d8af807d5702d0e6e6114610449201025,2024-06-12T18:04:20.147000 CVE-2024-2228,0,0,4ca7747914203ad7b21ad0d53afc1cc8d90ca3afc5fa0d3e8fdef13a47d40ae2,2024-03-22T19:02:10.300000 CVE-2024-22280,0,0,3da3aabe176d318c08d6891e24f9a02048e4a39b0f9e5e399bf16a98c62585bd,2024-07-12T17:01:29.947000 -CVE-2024-22281,0,1,d96259588b19d3dd26052cfe143f0ec28a9074626468c6915dcadfc72f365a8e,2024-08-21T14:35:01.880000 +CVE-2024-22281,0,0,d96259588b19d3dd26052cfe143f0ec28a9074626468c6915dcadfc72f365a8e,2024-08-21T14:35:01.880000 CVE-2024-22282,0,0,26b1c47e99c9dffaa9274bb3bd07f383deef3df3849a0c4518fbd4e71b98ba58,2024-02-06T16:55:19.983000 CVE-2024-22283,0,0,544dd9a2e43016c913633959df76087fb16733849536bef1ea079da6811820f2,2024-02-01T04:13:41.033000 CVE-2024-22284,0,0,5e7364fc84632f981109189abefae496a6e3b87af77c98411ed929276f5c79be,2024-01-30T17:43:02.180000 @@ -244838,7 +244842,7 @@ CVE-2024-23060,0,0,c533a2c3ab7879cb6341107bf55fb347921b4dcfd1771c35cc46c295fffc3 CVE-2024-23061,0,0,4bc85ee93751bdf2ecee1ac20f811b6d9a6f53cf85093d58751326cdb25cc0ec,2024-01-18T15:18:14.357000 CVE-2024-2307,0,0,6e1c015f3d6c569a19e33c3b29b1ee5858f1aa7b73f614547925fd730d9ad323,2024-05-22T17:16:14.610000 CVE-2024-23076,0,0,3755509bf8827817934da61e08729c2a885d027bcd7311729b31f1394b062b4a,2024-08-01T23:15:39.920000 -CVE-2024-23077,0,1,8f63dd6db7b5e7fcb60e699216bda5b62808ca284359f0bf54d6092ff16b4456,2024-08-21T14:35:02.117000 +CVE-2024-23077,0,0,8f63dd6db7b5e7fcb60e699216bda5b62808ca284359f0bf54d6092ff16b4456,2024-08-21T14:35:02.117000 CVE-2024-23078,0,0,ee4cbf2c8fa0612860e33eb58b6ee83f820a866a5cff0b624d94739f87f4098c,2024-08-01T23:15:40.070000 CVE-2024-23079,0,0,0ebc4dd979380ec9ace5c9105776106a2e5250b5f5ea58853bd0c8da0ac1d128,2024-08-05T14:15:34.510000 CVE-2024-2308,0,0,5bb2112645629721229497ec215ea65583df40f8b60e0deeb65bb784d4510e83,2024-03-17T22:38:29.433000 @@ -245721,7 +245725,7 @@ CVE-2024-24311,0,0,0b1cb4c07817a4dcaf8ad6ee7df96b5fd803208f5f5402c3441d71356d2e8 CVE-2024-24312,0,0,c3d81851b0a21c153d5502fcc6af6d534386ad04fb506c5f3df2dbd0255efd0a,2024-07-03T01:48:16.113000 CVE-2024-24313,0,0,fb5ae34a5906d70e9a89b5d57ccc3ef0ec67afb90df0388312d4db57d8583f43,2024-07-03T01:48:16.943000 CVE-2024-2432,0,0,57240eece5c1b31c057486728f6363c9217250d91f3d10c0c941fdad51a7f6e5,2024-03-13T18:15:58.530000 -CVE-2024-24320,0,1,a5847bec026f9a38211f5c0373776488eb6f7d35353beef2a24ffd1ecc8d8864,2024-08-21T14:35:04.240000 +CVE-2024-24320,0,0,a5847bec026f9a38211f5c0373776488eb6f7d35353beef2a24ffd1ecc8d8864,2024-08-21T14:35:04.240000 CVE-2024-24321,0,0,88c98cb76542c8acb076726441dae70ba16682bd2171c6fbca3804855a845a0c,2024-02-15T05:02:58.427000 CVE-2024-24323,0,0,87c9f21a2b792326c3395038aca05fa9c659ed3affd70ad21bad1ba52479ce4a,2024-02-28T14:06:45.783000 CVE-2024-24324,0,0,e65b7320bc70eb87aafe69f87ce443d4231ab35603a9991590cdc2a337dea76b,2024-02-01T04:49:29.220000 @@ -246649,13 +246653,13 @@ CVE-2024-2583,0,0,bad6d25a4e56375c530c1d9887ed4d49edf53513d5bb806a8b8436b2ac73be CVE-2024-25830,0,0,71ac0259693b1e35aa4a4da1b197118a1a7a2d7250e15b0af091ae1d4d2bab0f,2024-08-13T19:35:05.710000 CVE-2024-25831,0,0,5b9f73c2b189e5dd33d90886632cdb674cb173750266ada8e06c07c01ebdf635,2024-08-20T20:35:09.747000 CVE-2024-25832,0,0,a4448e0b7fded4d69ae19d5a812394b0dfee60300a31f6c0311dd994464f2ea8,2024-02-29T13:49:29.390000 -CVE-2024-25833,0,0,9eade8ddd8e62f218449388bdffade4502b4ad7ecc9d7d4bee08e23a205616da,2024-02-29T13:49:29.390000 +CVE-2024-25833,0,1,b51394028b2e438a7195762bbea65216839d5c40b4973445f19556678b890008,2024-08-21T16:35:02.683000 CVE-2024-25837,0,0,ad7d9c7c2df86362ce1fb90c6e14af3076a01961d6031fa4b4699cf7d18f98dc,2024-08-19T13:00:23.117000 CVE-2024-25839,0,0,b292ed69a69a89261805c11d0ab816be1464bb7d24dcdc630e86eded8b8dd6c4,2024-03-04T13:58:23.447000 CVE-2024-2584,0,0,dd550e2c3dd90cf91d2a8279de69803860a7180796c6bc877e47cf73e9bebe16,2024-03-18T19:40:00.173000 CVE-2024-25840,0,0,0ec9234af1bcd2e4f8f49d2790368c3158903e7d9ad6bfc706120341ee9e28f6,2024-02-28T14:06:45.783000 CVE-2024-25841,0,0,1e884690076a8543014dd1ef44f68620ac511f194d49881f814cb46199163cf6,2024-02-28T14:06:45.783000 -CVE-2024-25842,0,0,736e250418b11146265cf45361dced64a8491e4f350e928a460a06d6e9546ce5,2024-03-04T13:58:23.447000 +CVE-2024-25842,0,1,879059a526422c3229bcab4008d9de7b4b9aa3260c695660b9b79560bfbb710d,2024-08-21T16:35:03.457000 CVE-2024-25843,0,0,b7ce35c602cb66544422a9541b1ca352e3e23db5766bb19933b8ddd232d2536b,2024-02-28T14:06:45.783000 CVE-2024-25844,0,0,1efbddea52e96516cb009d14a44c252f988b870416e9c0cb454ea358f81c127b,2024-03-04T13:58:23.447000 CVE-2024-25845,0,0,951e74ea3ea891e8023acd490009fca43f510ba7102419911edb4e33d96aa8f4,2024-03-08T14:02:57.420000 @@ -248009,11 +248013,11 @@ CVE-2024-27361,0,0,e36b02dee6138d8db49ead5ecd9bf32ca156e68e27cc50daa8adffe6cb1ea CVE-2024-27362,0,0,9d431a1116edfb20ae4c799537e5e9f5d11ebb0847e9e8bdd27f35d143873f1d,2024-07-12T14:58:02.413000 CVE-2024-27363,0,0,f6352d5e26499e6478b31ffa535bfa444a95ad102dd84d5e4c2e7b2372cfbda9,2024-07-11T13:06:13.187000 CVE-2024-27370,0,0,d787ca1729f6374f316c8229cfb768db5a8087155da314897f8dbb9bbd830bc1,2024-08-20T16:35:05.843000 -CVE-2024-27371,0,0,cbd643b16c6615db0b8df3b1d24b685d593f91f66066c3d76c853e9bd5bf2edd,2024-06-27T16:40:45.063000 +CVE-2024-27371,0,1,9f9543c2ab901d26d97e0899583296b8d79cc83789296e1252e008496317a15f,2024-08-21T16:35:04.317000 CVE-2024-27372,0,0,8907778c9fe6bbf87ab271d97dfb25ffd83018598cb715d55ddafede9aab4b45,2024-08-15T16:35:04.970000 CVE-2024-27373,0,0,926b1693c40cbc7615a0104dedd662ab64cdcfcf8165af55d6f5779ef02107a9,2024-06-27T16:41:34.797000 CVE-2024-27374,0,0,3b34220f69671b36a06fb2439f20f7eba7d2c207b7eb01a9af38b33fbd61591b,2024-07-03T01:50:34.903000 -CVE-2024-27375,0,0,fecb205b5b6f46b8b824fca91884f06a503a37afa56527415e1bb5b9087f41ad,2024-06-27T16:23:15.020000 +CVE-2024-27375,0,1,92b9c639cd4b226c16e0cd751bae68e4dce25c06f4a3d76f82cfae0dd2d80c3f,2024-08-21T16:35:05.110000 CVE-2024-27376,0,0,1ebdae80fd106c46f58011a1d5c59bf22bfdb9b800f242b56a2c59476db70d2d,2024-06-27T16:22:54.273000 CVE-2024-27377,0,0,205bfc682cd648dbb3fb004eed7bf03dcc0ffb1f33bab861ae1bacec7e440779,2024-06-27T16:01:21.063000 CVE-2024-27378,0,0,4bf6a7b64829709b7bd4a760a5c4864b781f81281af53f42fd40eaa4cf813990,2024-06-27T16:01:59.023000 @@ -248197,8 +248201,8 @@ CVE-2024-27707,0,0,97a5b1e4443445bbc3851bf93c1f743838b69b97d43532ab36e84f929a1c8 CVE-2024-27709,0,0,5ae0fb01fcc3e6a6feed263a5b82efd14a1c39afc6defb1474545136e5989939,2024-07-09T16:22:21.743000 CVE-2024-2771,0,0,0d7ad290285fd8c18499405c7e6fa83595b4cbfae3f819854d1ca5d72c6a755e,2024-05-20T13:00:34.807000 CVE-2024-27710,0,0,43de68ab0b570faf0f4235d817dd8f7006250699af7435eb090311caa9f412af,2024-07-09T16:22:22.570000 -CVE-2024-27711,0,1,7a12ddd68025397e8d1c5dde645c4b599c64a2e6a263d0d88ec0da90ffe80afe,2024-08-21T14:43:05.317000 -CVE-2024-27712,0,1,64edd3331305354b8ea49bc302f564349ca86dcdc1b633043cd26a07e3332ec5,2024-08-21T14:43:34.680000 +CVE-2024-27711,0,0,7a12ddd68025397e8d1c5dde645c4b599c64a2e6a263d0d88ec0da90ffe80afe,2024-08-21T14:43:05.317000 +CVE-2024-27712,0,0,64edd3331305354b8ea49bc302f564349ca86dcdc1b633043cd26a07e3332ec5,2024-08-21T14:43:34.680000 CVE-2024-27713,0,0,64018e29ddc87ebe0d2c41750aa91592739ce29d689cc79bbf60462239f515eb,2024-07-09T16:22:23.383000 CVE-2024-27715,0,0,b53060ac5f161ba9f8c11867640af89e771d5c1bd0a1ca5106a6746844ca160a,2024-07-08T15:49:22.437000 CVE-2024-27716,0,0,b641573cb295179e8a45c3c6f4e5e6326128a1395653bab45519462f6e6492de,2024-07-08T15:49:22.437000 @@ -248443,7 +248447,7 @@ CVE-2024-27997,0,0,38211b675f4409064c6233281099da5f5fa00ff059690325dad2c59b915c0 CVE-2024-27998,0,0,4b6f230fe964647fb680f6367b279bba522ac93005c2e8f6d523205374f3e144,2024-03-20T13:00:16.367000 CVE-2024-27999,0,0,eb71f5e78ce23e710caf587ffd7cde1246a6fc9b58a11c7b1c6cbe38842e0f52,2024-03-28T12:42:56.150000 CVE-2024-2800,0,0,74596529ca280c923328b734bd86866fc7dbc2558ef74b7cae183f2eae3e1b3f,2024-08-08T13:04:18.753000 -CVE-2024-28000,1,1,ee5c094bc11df2c8fe14ce94ae39a66d323708a956fff807ae224852ac74a0ee,2024-08-21T15:15:08.117000 +CVE-2024-28000,0,1,08efb1b1c95d7a361c37476c4accc51182840d3e3d04306b3a327b733e837865,2024-08-21T16:06:23.153000 CVE-2024-28001,0,0,769e60058cb29be891e3bd26013be397b6ae5a2c1de4b96ae3237e85af5cdd26,2024-03-28T12:42:56.150000 CVE-2024-28002,0,0,979c468740a66c74eeb1c5784ee90077b381a78255d231d99fff807000c5cb6b,2024-03-28T12:42:56.150000 CVE-2024-28003,0,0,bcd81510a407f30bd1be1a23c4e2407dda3d4099189594d6f9ca0831debc8ffd,2024-03-28T12:42:56.150000 @@ -248690,7 +248694,7 @@ CVE-2024-28335,0,0,1f0f16000380dd3374bd37cd33265b4629fe1de221282bb913749763f1030 CVE-2024-28338,0,0,4058229b720fcbbfc31bf8d1e879b9db75368619bf7702bfd3d1c419a7233635,2024-03-12T17:46:17.273000 CVE-2024-28339,0,0,e7edfb08e526caa3026f659d21730d02e6fceb32876a36cf2d55238da5d3b5b6,2024-03-12T17:46:17.273000 CVE-2024-2834,0,0,b28e87c6f045d84badec2f950b6e65f36270629b305c79d294240554601bad8c,2024-04-08T18:48:40.217000 -CVE-2024-28340,0,0,91d105878b09bacdf49466a06e7f06727d3b9879727c4470f4f12e21bf51156f,2024-03-12T17:46:17.273000 +CVE-2024-28340,0,1,df1f6b0e64753fa9fcb1e44290eba32c1363678518f4321559c5625366bd5374,2024-08-21T16:35:05.830000 CVE-2024-28344,0,0,07e206e8ae7b1052e93419db971a4a320fe24d9f630cd6feb731f0be928f9073,2024-07-03T01:51:39.137000 CVE-2024-28345,0,0,cbc92eac79dc638752aecc227342bc11a12121c68c4f31449456d516f3ae7ce1,2024-04-10T19:49:51.183000 CVE-2024-2835,0,0,91e1bef30b109ae6896eca4566686f034d0870ed7f02116f35133cb576984e90,2024-05-20T15:17:54.513000 @@ -248765,7 +248769,7 @@ CVE-2024-28550,0,0,e57300171200da6138bca7c12faed1257d5a1ced8bcd637b3699d9ed4209d CVE-2024-28551,0,0,c28fe5afcd679c3aa0a3784905b4c05c433762c4432fa1ed2b44c099adba75a4,2024-08-05T20:35:07.203000 CVE-2024-28553,0,0,b9d57a68a744d3ccd5c404d587c9bf7a5b20480c53447cfc05c22ab7aa24ff54,2024-03-21T20:58:52.357000 CVE-2024-28556,0,0,c7a9f11c6c2b705f23220da2e3877bcb36402bff752864a8069f34266c46e417,2024-07-03T01:51:41.963000 -CVE-2024-28557,0,1,77a8a38b1b31bd457d2e1155d30ba64028e47880496797c0f23104b8d60d248a,2024-08-21T15:35:04.820000 +CVE-2024-28557,0,0,77a8a38b1b31bd457d2e1155d30ba64028e47880496797c0f23104b8d60d248a,2024-08-21T15:35:04.820000 CVE-2024-28558,0,0,7b30a622f0a0af74fb84bf56f284f0001ad46af28ee0c7db870ba46879fc3d39,2024-08-01T13:49:08.363000 CVE-2024-28559,0,0,0ff36322a311ecd97481eb0c815102b811c012cb801e527ac38c14304bf20a6a,2024-08-01T13:49:09.173000 CVE-2024-2856,0,0,f39977c0ee4debb6810e431765ff954034447293df16f96ec47fd46fa1d43579,2024-05-17T02:38:34.693000 @@ -249431,7 +249435,7 @@ CVE-2024-29735,0,0,1c27e1fe9dbb50907062f908fab6fbb55a16239f685d6be40b04c11200e2a CVE-2024-29736,0,0,a29e5ad6d2da9dd2101bffb608f207d24cf828ac3cbdfd7bb52689ac543dddf1,2024-08-01T13:49:34.540000 CVE-2024-29737,0,0,773c8720c44afb54cbbd0c12354c2f0a043cfa72e5f75a21b0108ef944307c03,2024-08-01T13:49:34.853000 CVE-2024-29738,0,0,1c3e1564461702d87cd213d777f3523814ac3c73b5cc61bff5ae595e06e0fbeb,2024-04-08T18:49:25.863000 -CVE-2024-29739,0,1,e1057fb9115257c9cc112890add5aab29e2addabc474164aa5dc49dc015af77f,2024-08-21T14:35:06.390000 +CVE-2024-29739,0,0,e1057fb9115257c9cc112890add5aab29e2addabc474164aa5dc49dc015af77f,2024-08-21T14:35:06.390000 CVE-2024-2974,0,0,f10703d4490e9d3ed63c6b4abd6c9bf87d6d9b2c11e56d030e360944602d03aa,2024-04-10T13:23:38.787000 CVE-2024-29740,0,0,b8da55b65cd03c8f279340fc383178e4918b6ddc001e65f509694a717508d4d0,2024-07-03T01:52:30.657000 CVE-2024-29741,0,0,a475db5d288fe89871088d062fc43a43c29a2a7a1fc8050faa6de7801796db92,2024-04-08T18:49:25.863000 @@ -249444,7 +249448,7 @@ CVE-2024-29747,0,0,a9bb38ddde46ade8292f525e19d236b5bd174a30f99b61fb435143ca6b2dc CVE-2024-29748,0,0,96767832c3cd8bcc7713d77da33946498c08ad89c922c3cb2ab003c983f6b2f2,2024-08-14T16:58:53.233000 CVE-2024-29749,0,0,8a7e6237bf5dc8c5dbffc0cf5683dd39781e31dc868515daebcad93f5f9b5cad,2024-08-20T16:35:07.913000 CVE-2024-2975,0,0,ce2c1eaa1d0b58261b411dcccccd364c347ae6cf1b55cf3907ef667aa6188f26,2024-07-03T01:53:41.630000 -CVE-2024-29750,0,1,7a2be3474be8eb9a9a1f00370f7dd146a6646a497f8aa987bac4348534bf962f,2024-08-21T14:35:07.240000 +CVE-2024-29750,0,0,7a2be3474be8eb9a9a1f00370f7dd146a6646a497f8aa987bac4348534bf962f,2024-08-21T14:35:07.240000 CVE-2024-29751,0,0,8e30626f945d61075c4717f5f841ee16d47c70dd2db8b17eb8e68ab29954e7a3,2024-04-08T18:49:25.863000 CVE-2024-29752,0,0,91c07eba6b85a78d768844b939f2c1fb7a5629dc1f489273c2f6a197da6359f1,2024-04-08T18:49:25.863000 CVE-2024-29753,0,0,2fe72d442a3bd6e3a448018f4b0c5fd08bbb9368714b97406c81c1f0d2544ad4,2024-04-08T18:49:25.863000 @@ -250234,7 +250238,7 @@ CVE-2024-30561,0,0,317571b22962e8d6e5d0cb62ac3952d7d76cb14c6191157ad5ef89ba7149e CVE-2024-30564,0,0,92e98c5dcd641d0673e96635e88dfdb173d7997e6d4761f483834203fe7a9974,2024-04-26T04:15:09.020000 CVE-2024-30565,0,0,3bd2e856e06d3e3fe9f747497d3ea242e07c951fa4c500c8b76a56b8bcb712e0,2024-04-04T12:48:41.700000 CVE-2024-30567,0,0,f2a4d1211b738fa363bb6c48ea72578b3372d81c87f66a2aa1c7f2df3ee8bec0,2024-08-01T13:50:09.870000 -CVE-2024-30568,0,1,44c25f2577fa5438de7f51a90d4ade231e906e1e0fac9c82f2eeb8db8041cb68,2024-08-21T15:35:06.717000 +CVE-2024-30568,0,0,44c25f2577fa5438de7f51a90d4ade231e906e1e0fac9c82f2eeb8db8041cb68,2024-08-21T15:35:06.717000 CVE-2024-30569,0,0,927373a4f296e28220cb38df1137df4e0bb8bd499fda93ec080e07657fccab94,2024-04-03T17:24:18.150000 CVE-2024-30570,0,0,caed104332716a7853dfa2ec0af0a5363e33ead1c7830017a6995784a2222c35,2024-08-19T20:35:12.990000 CVE-2024-30571,0,0,d0b0ce739c22bcaf56190db28e9a8c1e2be7759ce3e5fac8f0fae70b3abe2c6e,2024-04-03T17:24:18.150000 @@ -250381,7 +250385,7 @@ CVE-2024-3082,0,0,73f778fdc2724a4675c4d14baf6f3f3263310fd80e05bde56450b6ab5fd9fd CVE-2024-3083,0,0,167876b1272c8a6dfd73f29aaa5d21992769cf34711c3674318107cb49ffc67f,2024-08-12T18:35:54.460000 CVE-2024-3084,0,0,305df29625577e6dd31738e34631201c5ea39f1d684ffd5f5306069a5e541323,2024-05-17T02:39:42.520000 CVE-2024-30840,0,0,bde9cfa535b48f54d789e649b4a4f6901a0c8eeadf35c9ffc95194a241788b3d,2024-08-15T19:35:10.820000 -CVE-2024-30845,0,1,bd254f7d322b717fb5f477bd2a6072b935bc9b8c30db157f273a719062c178c3,2024-08-21T14:35:08.250000 +CVE-2024-30845,0,0,bd254f7d322b717fb5f477bd2a6072b935bc9b8c30db157f273a719062c178c3,2024-08-21T14:35:08.250000 CVE-2024-30848,0,0,e520fc03d7d120883158934b80667a2b4d6398e475b39bea0f39a4affc9e9f6e,2024-08-01T13:50:28.210000 CVE-2024-30849,0,0,4b2a4ccd593d26ef45288147032dbc711b9bbef7de8ea7827855efca75655daa,2024-08-01T13:50:28.983000 CVE-2024-3085,0,0,509209dfddf53f9b46075ed419de44cbb1f67edbb1a1b964fb67c8391adf6753,2024-05-17T02:39:42.607000 @@ -250437,7 +250441,7 @@ CVE-2024-30938,0,0,29b8e40617dee21c8890e6dc6801cc20a4d0cd635b3d627aba79e0fa49cbd CVE-2024-30939,0,0,533ddd8e3c3323adc4540b47a20f0ad2914d0e15fa0a4366e01edaff34cffd58,2024-04-26T12:58:17.720000 CVE-2024-3094,0,0,98d623c51c3718f594d063257facb535556f13c6eb9aedf81f112b165abed8fb,2024-05-01T19:15:27.340000 CVE-2024-30946,0,0,7c64f57becf760e1029c7f17f5554dd3b55e452eafcf4a611ce8a9042ae36380,2024-07-03T01:54:24.920000 -CVE-2024-30949,0,1,202e32279483c8a9ccf9bc2c69e9e5054a0d5627a3e5e9f84dfb1934bcd5644c,2024-08-21T15:48:31.937000 +CVE-2024-30949,0,0,202e32279483c8a9ccf9bc2c69e9e5054a0d5627a3e5e9f84dfb1934bcd5644c,2024-08-21T15:48:31.937000 CVE-2024-3095,0,0,1dc2be507d2862bd5ada87d1bae78a2793983ea84c525f6d54bb8610a95deb10,2024-06-07T14:56:05.647000 CVE-2024-30950,0,0,19fcf7a45168a789955b2198c0713f1a1ef707cd5bb1de038ced1b6154c32fe1,2024-07-03T01:54:25.763000 CVE-2024-30951,0,0,9b092a5976ea47ae9ce6ac6665423991363b55ee54764d7a78a3d2ce95cbd3aa,2024-07-03T01:54:26.557000 @@ -250556,7 +250560,7 @@ CVE-2024-31139,0,0,1f981793bc0ffd1f30ec0eaae2f049959f8e2058241da40737858920eb14a CVE-2024-3114,0,0,28e81e315d786a9cdf65dd8197fff4b783e384b8bebbc1c25a3f01ac8969fa0a,2024-08-08T13:04:18.753000 CVE-2024-31140,0,0,1880c35ac5ba5af45eb21413401eeeaab09be8abf223654f6041d65ff3324893,2024-03-28T16:07:30.893000 CVE-2024-31142,0,0,16502fe8420294098dded506476ced118645fadee97cfcf27213cce5ae7650bd,2024-05-16T15:44:44.683000 -CVE-2024-31143,0,1,1f98a77fde40be218a5d12e6b00af8f536e83110a5110bb36201081d2e6f449f,2024-08-21T14:35:09.100000 +CVE-2024-31143,0,0,1f98a77fde40be218a5d12e6b00af8f536e83110a5110bb36201081d2e6f449f,2024-08-21T14:35:09.100000 CVE-2024-3115,0,0,ce15a233f41ff0461e80772019f46030689b0b2d2d5c745fde6ced2663519f76,2024-06-28T13:22:33.400000 CVE-2024-31156,0,0,0196e496a3b7a6255c15a0e2200e98a2f53059591b5db0d973b7d4520d1de2fe,2024-05-08T17:05:24.083000 CVE-2024-31159,0,0,1cdbc9c62e9fa77de1f1d4073e38d32145ad47af8833ae9b854fc846b51fea1e,2024-08-16T20:27:40.107000 @@ -251020,11 +251024,11 @@ CVE-2024-31857,0,0,b57daea1515042b1254b11fea9a109934d9eaeaf743c5e6b1d4482216f0f5 CVE-2024-31859,0,0,c7e4bf86d17f8d38f3b896e8ada50cd27745133fc837be8a4aeca253b15d0e96,2024-05-28T12:39:42.673000 CVE-2024-31860,0,0,0c85f33d3dadfb2fd0d5a6f2d0ed9d9d75da9aaa685f77a3492d74d36fbf93e1,2024-07-03T01:55:31.267000 CVE-2024-31861,0,0,7e520905222b40b184cd37e76ba3749bb6aceca828ca7e9efda91954bb808b66,2024-06-21T10:15:11.757000 -CVE-2024-31862,0,1,3f16a6d9612f966306ce7a67b229ce3867519147d68464f4271e3881457a5a98,2024-08-21T15:35:07.937000 +CVE-2024-31862,0,0,3f16a6d9612f966306ce7a67b229ce3867519147d68464f4271e3881457a5a98,2024-08-21T15:35:07.937000 CVE-2024-31863,0,0,ed4c144936af1b4a59f1909b6583a47816b126762b8a6687e75286af1f26a27c,2024-05-01T18:15:23.507000 CVE-2024-31864,0,0,dd401fd2f9c38e157d115772d6fe233b1887a6b2c7d0eb5183b48c430298b69f,2024-08-01T13:51:15.603000 CVE-2024-31865,0,0,02a2ba0d6bb162e0849bdf7568c167d76e92f64cab3447bcb8f0f65f613886ef,2024-07-03T01:55:31.473000 -CVE-2024-31866,0,1,4d372d14b7807ced8e821f43a5c883c03fa5dbca9edfba0af795f01513fe30b5,2024-08-21T15:35:08.187000 +CVE-2024-31866,0,0,4d372d14b7807ced8e821f43a5c883c03fa5dbca9edfba0af795f01513fe30b5,2024-08-21T15:35:08.187000 CVE-2024-31867,0,0,7c90191082994197ce09c1b6019992176f2d76072856e8d65beb1a7b6ded7916,2024-05-01T18:15:23.740000 CVE-2024-31868,0,0,be0ea2b246dea97d950d5311835807a91b45d404ab727e1af1e6a0979cb9ab4d,2024-05-01T18:15:23.793000 CVE-2024-31869,0,0,683e8c771fda682074fc448ea32be7db8fcec1e782121eb87243bff930796032,2024-05-01T18:15:23.843000 @@ -252272,6 +252276,8 @@ CVE-2024-33652,0,0,486e801beae2c2c99c631668abda9d91af90b0e1a9af64a8cd7a679f08c5c CVE-2024-33653,0,0,265fc534e8717f316164edd35fe39b65af5bd4a9e2599f020b58283bd3269b45,2024-07-09T18:19:14.047000 CVE-2024-33654,0,0,0892ef25c45719b53efeedb9f6ebabbe65a8f1a2df54c2a179e8dc18f8e5c732,2024-07-09T18:19:14.047000 CVE-2024-33655,0,0,5b78877100297f0da919505636ca4a0c13bc834698615142818e1b1740a1898b,2024-06-10T18:15:34.520000 +CVE-2024-33656,1,1,4dba07a4d7c3975860634650cad6a2f6ef65414eb84506eae92fb7aa2b8aafe0,2024-08-21T17:24:59.627000 +CVE-2024-33657,1,1,16f4d3f5fb15d93af789c743eaccd0cb6f8039f81c1fd99ea9692086f0dcc089,2024-08-21T17:24:59.627000 CVE-2024-3366,0,0,a2c419b6dceb854c8524f6fea56c90f31e3f9047e1890ead74a66fe52a9e4023,2024-05-17T02:39:53.090000 CVE-2024-33661,0,0,1fe83f392b56cfa5102f5ff20013157b18140b66b95ef00cb93915789153e2d5,2024-07-03T01:58:33.073000 CVE-2024-33663,0,0,db8b0a89295da87b904c35495b8dabe0be3c83ae5d78acd0b06dd2958ec2a318,2024-08-01T13:52:05.147000 @@ -252869,7 +252875,7 @@ CVE-2024-34508,0,0,5e2673a670e4b77b4a9c2499c88b60b0bcbf7731c3422764416c91ccda5ee CVE-2024-34509,0,0,3c941906fb696827a87e0e982c58b61c6ffdbf8aab60ea7334047097893c0c53,2024-06-28T19:15:05.630000 CVE-2024-34510,0,0,f301d8a0b574cf2dd7da2898e3fb90be94f70986543df229a4b66158f19cfd10,2024-05-06T12:44:56.377000 CVE-2024-34511,0,0,c1d20a47728b6c5526364d02e8958d8fb0539448423cf5c76333bac10d97f143,2024-05-14T15:39:15.780000 -CVE-2024-34515,0,0,034c81cf257ecc3676e1a6488e0209928b22ec93085a9ab4aae8747d3710039b,2024-05-06T12:44:56.377000 +CVE-2024-34515,0,1,114cbd02c999812d58d1b5d8c0232cb5a70990aca8005cfe1f7bb4b24ead461f,2024-08-21T17:35:01.453000 CVE-2024-34517,0,0,cde89b9593a0fa0e1ad4eef031d1be52532f44d623b2553db6a6b804041b3e30,2024-07-03T02:00:23.917000 CVE-2024-34519,0,0,e1bab0f51bff6ddc1064f759576ee7e30191ae4ab924c21597ebc2a29f9b8ff5,2024-07-03T02:00:25.010000 CVE-2024-34523,0,0,7ef51f7e789546b198cf934fa08689a630a0291ba9909985498eacb1d192e4fb,2024-08-02T03:15:43.153000 @@ -253217,7 +253223,7 @@ CVE-2024-35102,0,0,2b819b2aba7aeefcf863a3cc2beb98c85bbe7e051399664203866682707f6 CVE-2024-35108,0,0,26473bc212f25b793c66f492376510c497f3c8040fd855e035e2125e4662c9ef,2024-07-03T02:01:23.437000 CVE-2024-35109,0,0,5c37b5989db27d73a1b7673ab81df5907cc813f794f46739f6fbd9e9480590e6,2024-07-03T02:01:24.210000 CVE-2024-35110,0,0,a7533a91a83d0fe952e3715e535df8909054daffc452227b1e477f75ac3a9863,2024-07-03T02:01:24.987000 -CVE-2024-35116,0,1,a563a8223baddb703f5fd1f07e904d7e927e5f21b3c89fcbd6f74db44a319ee0,2024-08-21T14:46:12.917000 +CVE-2024-35116,0,0,a563a8223baddb703f5fd1f07e904d7e927e5f21b3c89fcbd6f74db44a319ee0,2024-08-21T14:46:12.917000 CVE-2024-35119,0,0,0e35a45c77b11b12852790cdf89b3d7024286bc6ab2025f024aa0adc87ff155a,2024-07-31T19:13:41.383000 CVE-2024-3512,0,0,d94170bf3eeacc29f71f3655c6497a6a8a80969c9ad074c1a71bef4e5d51d46d,2024-04-25T13:15:51.663000 CVE-2024-35124,0,0,768bc5b88e8d430ce96d2aaa393dcf94d9eddf81dbfd76800828a7f6b06edf18,2024-08-13T12:58:25.437000 @@ -253234,7 +253240,7 @@ CVE-2024-35152,0,0,b41d5d8fb05afbf50d1ef06fd658b7850273eedb06cda6e29568f6ff2e26d CVE-2024-35153,0,0,bceffddb04f303a203c6bdd6ad6ed1855809c9b42c9ff2e40956bbe7b4fb3c29,2024-08-02T15:24:29.190000 CVE-2024-35154,0,0,7c994b7a6d7158efefd5e2d9a1e0bdd18fbe7152cacfbfaf67e2a7f91ec1260c,2024-07-11T13:05:54.930000 CVE-2024-35155,0,0,371571e1aae62a09e601d6099b5578266a4a707997394118a0b1e39997d5568b,2024-08-01T17:56:03.997000 -CVE-2024-35156,0,1,c60c77ef40353c2652552678563f99e9cae12e7989782b9c762483c729b4d520,2024-08-21T14:48:04.303000 +CVE-2024-35156,0,0,c60c77ef40353c2652552678563f99e9cae12e7989782b9c762483c729b4d520,2024-08-21T14:48:04.303000 CVE-2024-3516,0,0,61323fc04733960d047e16de47c6d5cda2ae2931ba7c42276f6e75842f73a295,2024-07-03T02:06:20.027000 CVE-2024-35161,0,0,6aea9c3989d886688e1b7e99fb5bea03a80c08fc501d3b5e12f47ed8f4b07628,2024-08-13T09:15:04.610000 CVE-2024-35162,0,0,e2e13ef2eb30c7b92e657f4b1e361b879f73f57d79701db01dafa5276f6f5a54,2024-08-12T16:35:03.640000 @@ -253444,9 +253450,9 @@ CVE-2024-35527,0,0,72600462defbad3d94b9b914561cd106abcd4f14940c552d4d0bd67292ce0 CVE-2024-3553,0,0,d92b272ac91b29131b7e7854674ae1f210f8268a2cb6312d80e7312af083b77c,2024-05-02T18:00:37.360000 CVE-2024-35537,0,0,5d87fa9d71542082a5117fd75bd541152a38491d14562b96fe74b3627bb4d282,2024-06-24T19:40:04.190000 CVE-2024-35538,0,0,ed04b7d932d0abc622d3f5e76f1c9f5ff5c97c7b20099e46279f32f369e5223d,2024-08-20T15:44:20.567000 -CVE-2024-35539,0,1,16618d2486ea09bbf82db8818822a05ddd72b24bc841b39f2fd154025213c341,2024-08-21T14:35:10.017000 +CVE-2024-35539,0,0,16618d2486ea09bbf82db8818822a05ddd72b24bc841b39f2fd154025213c341,2024-08-21T14:35:10.017000 CVE-2024-3554,0,0,cc60bd735986056555560436c7b58f65485299a8475c11d30802709a9ea4095c,2024-05-02T18:00:37.360000 -CVE-2024-35540,0,0,a086083aac4539e15e5ae953f1b7de6ac916ae10fdf7bd84917c2eee5afa7d37,2024-08-20T16:35:15.360000 +CVE-2024-35540,0,1,4f572a874d260d53312a92cf2d7ba727a02942f3e7019b26764dd152b1bd2b78,2024-08-21T16:05:06.290000 CVE-2024-35545,0,0,bc697f72b53789e21cd5d8ac45caf67cd064397c19ab7b48462104e593b9785f,2024-06-27T12:47:19.847000 CVE-2024-35548,0,0,27743d34ac7e82f8c9c7eae383a15382d5ad0f4949e113942667401ad6f68173,2024-08-02T04:15:55.577000 CVE-2024-3555,0,0,70e8594716c631628b2245556d17090b4d4ee8454e4dfa9b7f7905554c7aadd3,2024-06-04T16:57:41.053000 @@ -254112,7 +254118,7 @@ CVE-2024-36255,0,0,a469b4be0a60fb4a2e32368cbd9ff1f41eb30d9e30ebf5e64783accfe9b2d CVE-2024-36257,0,0,de59e82b2cc868e7dbd975a3494539da4e2b96eaf9e15fff111a5d725848914c,2024-07-05T17:06:28.517000 CVE-2024-3626,0,0,ecad313ba7341fd9bbe18ef0c6d316a3039cc88d660f7ee647b2392d610decc0,2024-05-24T01:15:30.977000 CVE-2024-36260,0,0,7124cd5f6f22ea0ff6381adc7bbc9ef8be3fb49df2b108e82f1eb8ef9ef7e42a,2024-07-03T18:02:17.700000 -CVE-2024-36263,0,1,b19ce9bdaf5871a0e8a25ce5c3dd3fadaa21375012330812df4d2d32a979172d,2024-08-21T15:35:09.140000 +CVE-2024-36263,0,0,b19ce9bdaf5871a0e8a25ce5c3dd3fadaa21375012330812df4d2d32a979172d,2024-08-21T15:35:09.140000 CVE-2024-36264,0,0,14c280aba5df11c6b2ff8e262101089437d0333d307f52ff751b574a69563c9b,2024-08-02T04:16:59.800000 CVE-2024-36265,0,0,3c8ae8461757f224b0e43678d6a3475afd39b129c52679abb832e768cb65918d,2024-08-02T04:16:59.920000 CVE-2024-36266,0,0,9d2961d489b0fce568e04e4c1c269f16c8c57dd6d267e14663bd78f27bc7e154,2024-06-11T13:54:12.057000 @@ -254205,7 +254211,7 @@ CVE-2024-3642,0,0,18761de76cd7cd0e44650c50bce43f4d6feb32d4cdbac8c295b7b13430f4f4 CVE-2024-36420,0,0,f88ca1da3f418238df7aa68f8868409c11480e63fa5a419dd8cae87369fdc260,2024-07-03T15:29:45.557000 CVE-2024-36421,0,0,6377f154589fbee582a888cb89fe433db93fc2d1b9f4ba90a9e9d6ff1a5422db,2024-07-03T15:36:31.170000 CVE-2024-36422,0,0,1c8e85fff4389539f30938d98dea0041c583b614c5e1956a8be795decf84cdf1,2024-07-03T15:38:24.297000 -CVE-2024-36423,0,1,b453cf2ccb776ec471b0bfc211eaab3170432996cec7cbfa7fd53a528b83b04c,2024-08-21T14:35:42.877000 +CVE-2024-36423,0,0,b453cf2ccb776ec471b0bfc211eaab3170432996cec7cbfa7fd53a528b83b04c,2024-08-21T14:35:42.877000 CVE-2024-36424,0,0,74bb0bee78ee748646a140004458defb2a792605f4f6efef89113a667494d3ff,2024-08-12T18:45:53.647000 CVE-2024-36426,0,0,081cbabfe1f165d2e60c6bf5434c4cea5a1c1465246b1d9713d429b0a41c1ba0,2024-07-03T02:03:11.237000 CVE-2024-36427,0,0,10c5dade9c11af5e52239a7a8c18438909a8ea6a201617061be6b7626f49e18c,2024-07-03T02:03:12.033000 @@ -254268,7 +254274,7 @@ CVE-2024-36522,0,0,86674e42114231d1026f4ff35fe6fe6affeea594b7c00b1a81ef4e17dc0fe CVE-2024-36523,0,0,3016893dc57dcd62edd08208dde4ce2567742ed11633d9956e63ba6b508801fd,2024-06-13T18:36:09.010000 CVE-2024-36526,0,0,1ddb30b565e6d7a152e00264224393d020c0bb948b7f968c326e2d1f8170cd41,2024-08-01T13:52:58.227000 CVE-2024-36527,0,0,5a4da781a91464af6910d804126691f30125cf5f5ae9e52379cc70e43ae0f627,2024-07-03T02:03:14.827000 -CVE-2024-36528,0,0,2720657851e73513f2a766ff74bcbf76f8ccd5ffff5f964570f2d3734bd169d5,2024-06-10T18:06:22.600000 +CVE-2024-36528,0,1,219b411ec1aa5180703f379d25449667f2052c277c02e441e2817dff73b784e2,2024-08-21T17:35:02.500000 CVE-2024-3653,0,0,ebd69680b1122e6ac45d38522017549d10dde629dd149529cb0348d7b4220293,2024-08-12T13:38:27.570000 CVE-2024-36531,0,0,a4158d6a8860f8c9c37cc090a05d54c5f8fca61c7fff205691822d02cbdf6215,2024-08-01T13:52:59.007000 CVE-2024-36532,0,0,b051ad55854f4bc888db3a53610f7bcd9ed49e35c5868005d5e65395b423f5e4,2024-07-03T02:03:15.647000 @@ -254287,7 +254293,7 @@ CVE-2024-36543,0,0,dbb1c819537d5d2e6ccb57b6fa0d1307530721c713dab080cb8c7f78417a5 CVE-2024-36547,0,0,1b4cc0318f47a7d1f45dacca15d9b24343df7af637add62667d3afc6feef36f0,2024-08-19T17:35:18.467000 CVE-2024-36548,0,0,e144d04945e12f1b5c400dc40c85f1ddfbf9c8356b7dd5897c3f62cd196828a6,2024-08-19T16:35:18.257000 CVE-2024-36549,0,0,55197a9eb0c500888bab7cc4a629fb75ed440d45a5f54f4b25e5199e4a6cc60a,2024-08-14T20:35:11.993000 -CVE-2024-36550,0,0,91adae745b223f9735fdb21a15339bb26034752e595063e3f9b20141d647e605,2024-06-06T15:24:43.683000 +CVE-2024-36550,0,1,d598c384dd8bbd4edfd1900743514ac3a937e6a8f9e3bb960c12f741aca4d680,2024-08-21T16:35:07.113000 CVE-2024-36568,0,0,c947aedd82bb9149f6d5ed733e385977abac9a86db57bbcbe31097874b0b1009,2024-07-03T02:03:17.227000 CVE-2024-36569,0,0,360f77d552cdb048cab439a5bee7725cd5b340a5088e797dd6c6cd06c49b10f6,2024-07-03T02:03:18.013000 CVE-2024-3657,0,0,5d5edd2c181d124b6fe340f680aa00429419dbcc7ec2b37280e0e8bc6bf5ff1f,2024-08-21T13:15:04.753000 @@ -254322,7 +254328,7 @@ CVE-2024-3665,0,0,363adacfba9b700d09abe8e5cb25a2e59c15ebef1e27e5a96d91922980f92b CVE-2024-36650,0,0,a6dc4fabc18762dbfb018c0e11850a01ac287f515682c65a85c025009c2704da,2024-07-03T02:03:26.290000 CVE-2024-36656,0,0,da14d6f6b98aba8dd134bbca05ce0beee2307c23e23b68d72ed361bfc76eaea0,2024-07-03T02:03:27.067000 CVE-2024-3666,0,0,6ad9793fce3985f8c3a050857cc50fdd13adc9821f463b47a95b3582d82793f8,2024-05-22T12:46:53.887000 -CVE-2024-36667,0,0,5d33fe3dbd06350728f68e53202da54b1d3af96f7e9839cbb620a2859de830e2,2024-06-27T14:53:18.847000 +CVE-2024-36667,0,1,296f3287086da3f6cfa12e7ca929339a868eea2e8ba6cdd0781ec31906f03f82,2024-08-21T16:35:07.880000 CVE-2024-36668,0,0,e89c82c7c160394ecd7b95ff1019b3a4f5a00e165fb18cb7d323518ccaecb04b,2024-08-19T16:35:19.070000 CVE-2024-36669,0,0,104d3a672bff1b5eaa10a113e663439a5f312f1541afff3e81ca8512250c4931,2024-08-19T17:35:19.970000 CVE-2024-3667,0,0,67c8386bf84232df2260001ef819e9d91b62f19cfb2a953cb76f444117b56973,2024-06-06T14:07:44.473000 @@ -254341,7 +254347,7 @@ CVE-2024-36682,0,0,607667f3d3fa1e7539487ebcdf60477393019c86221af3075a4b31a599839 CVE-2024-36683,0,0,18a76ea23a5695131ac0a1a1cae26aee3d1ea92ed38cb283b784e28da9cb3b8c,2024-06-25T12:24:17.873000 CVE-2024-36684,0,0,92f14ba44da3232d94fa9d8919d066f2f528d700fa94d6456ec4eb59fdec8f01,2024-08-19T18:51:09.050000 CVE-2024-3669,0,0,adf9cc4d7b16c7513726b84fd5b10bd94ac2985d9cd2d264bea2883110b227ce,2024-08-01T13:56:38.537000 -CVE-2024-36691,0,0,eb4ea08bf79d1a6ac1d98f330c6ba45260957add9ca280d2ec95e1cc61898b85,2024-06-13T18:36:09.010000 +CVE-2024-36691,0,1,2dc541714f35cff24b0fb3cd72710beeeeaa2b0f3379e9849d1938be2b5e0991,2024-08-21T17:35:03.320000 CVE-2024-36699,0,0,f519eb157e638490c5e16aa33d3cf222cb0f0828212475d05c477400a1f8b777,2024-06-14T15:15:50.967000 CVE-2024-3670,0,0,77ac11a62196ad685da1366e218d9d33cb33f8c42dea24a7d4be6249347cd9dc,2024-05-02T18:00:37.360000 CVE-2024-36702,0,0,3210d1551f985a1be028e17dfcccc53d1d6245bdae9389bfe77a8fe591c428bd,2024-07-03T02:03:32.733000 @@ -254521,10 +254527,10 @@ CVE-2024-36986,0,0,19150827ddb5a5edfc4814b01ab21fdc0631b6b8b842914dd22329d1e779f CVE-2024-36987,0,0,1d55b78de0429e0f9217425a916f7a81cae7e1ecd4aabcd3cf4385f4839c5aca,2024-08-02T15:21:54.573000 CVE-2024-36989,0,0,689147655bf3300037b6b26d03b3db08b60063c952195c56a665f47f4c0b9812,2024-08-02T15:11:57.347000 CVE-2024-3699,0,0,30b1531f872c88b7cbea0828fb395914bc791e58c332296f8abe3de89de3423a,2024-06-12T17:53:09.130000 -CVE-2024-36990,0,1,c6ebb7eedce1b1630f254f51b2ec2bdff0ad362c70cf722357a5198ef0b015f1,2024-08-21T14:29:07.173000 +CVE-2024-36990,0,0,c6ebb7eedce1b1630f254f51b2ec2bdff0ad362c70cf722357a5198ef0b015f1,2024-08-21T14:29:07.173000 CVE-2024-36991,0,0,170802115c918c2bd8567732564fe4924a4eadc0df36a7df6beeafa80b77c812,2024-07-22T15:00:45.110000 -CVE-2024-36992,0,1,abecdc4ff7a886a1f65deead5ea9a8254937cde8f8bba6a6817f94c9cd8353cb,2024-08-21T14:30:51.263000 -CVE-2024-36993,0,1,7f59a560bfa90071fc78d38c16f79210d5ba47a0e83d9bb9c035ff8837c28bcc,2024-08-21T14:31:35.970000 +CVE-2024-36992,0,0,abecdc4ff7a886a1f65deead5ea9a8254937cde8f8bba6a6817f94c9cd8353cb,2024-08-21T14:30:51.263000 +CVE-2024-36993,0,0,7f59a560bfa90071fc78d38c16f79210d5ba47a0e83d9bb9c035ff8837c28bcc,2024-08-21T14:31:35.970000 CVE-2024-36994,0,0,5bcf467196c1b84a362932fda69af7a594fd1733711aa93db9e3192dd09151ba,2024-08-02T15:07:01.577000 CVE-2024-36995,0,0,001f01624b8476726d4d815467edb381482f5d309cf989b89173ce343b404752,2024-08-02T14:55:40.310000 CVE-2024-36996,0,0,27a454f471e059b9034eb213c7435a94a3c4a3888f97de83d5b9e26473d4fbe6,2024-08-02T14:47:12.667000 @@ -254636,8 +254642,8 @@ CVE-2024-3714,0,0,4bcb0bea6568f5dfd8667c7519e5c32cf286da2de79c4bdf6bef9437b54c8d CVE-2024-37140,0,0,c0e59e0c3820f0b4a910e5eed0fb2eac2eba5c793659c906795da47f31c33278,2024-06-26T12:44:29.693000 CVE-2024-37141,0,0,4138154ff13405362c4f0fa9b34cca08a172e0f83625a1ab272957b9a58f67e5,2024-06-26T12:44:29.693000 CVE-2024-37142,0,0,91ad6786bfe324031c2c492b047239c16136d081e58dc0c4b209abb161c2ca89,2024-08-08T21:17:18.647000 -CVE-2024-37145,0,1,48e6fe0ec0cb8db7ed2fece04fbac05dd6c524ab8406e6bdd7787d3fc4c1d070,2024-08-21T14:37:45.993000 -CVE-2024-37146,0,1,e83327d75d8983b439bef79d0fa1c9b690a2920daccff4309312027fb1699491,2024-08-21T14:38:39.563000 +CVE-2024-37145,0,0,48e6fe0ec0cb8db7ed2fece04fbac05dd6c524ab8406e6bdd7787d3fc4c1d070,2024-08-21T14:37:45.993000 +CVE-2024-37146,0,0,e83327d75d8983b439bef79d0fa1c9b690a2920daccff4309312027fb1699491,2024-08-21T14:38:39.563000 CVE-2024-37147,0,0,ba8c50fbc8db39821634ae7e204809a5bbf05c4c8996a3abdce4e3ee027f0fca,2024-07-11T13:05:54.930000 CVE-2024-37148,0,0,80bea212d724fd8426f29ccd28ad47ac03ff4315e23f67a8b6a1a81a53973b06,2024-07-11T13:05:54.930000 CVE-2024-37149,0,0,62da2a22ca18555c3b147f38a3030ae567e778beceec162cc580c895135a35f0,2024-07-11T13:05:54.930000 @@ -254914,7 +254920,7 @@ CVE-2024-37523,0,0,13bb725e58e999cc176a750d097aad585b673654b57d0f90da08bbd809966 CVE-2024-37528,0,0,9c6980ff0d1442c5b7fd4f5e3f8ba4ae579879f3db1ec83280b9bd21a4726381,2024-07-11T14:49:28.177000 CVE-2024-37529,0,0,e7c7666ddb7129dd28732dc712d978ffb5b752dde09ebf52d434400c70497667,2024-08-15T13:01:10.150000 CVE-2024-3753,0,0,84eff4df8db1a00368e62ddb5ee92a92d75f6c87384a685b642620e2007cf84f,2024-08-01T13:56:41.100000 -CVE-2024-37532,0,1,3b60301bd3ecd5ba1ae039adbdac16a6f9c55836208bf93b57eccc416f5b126c,2024-08-21T14:19:53.637000 +CVE-2024-37532,0,0,3b60301bd3ecd5ba1ae039adbdac16a6f9c55836208bf93b57eccc416f5b126c,2024-08-21T14:19:53.637000 CVE-2024-37533,0,0,d82586c3abd351c16093df491355c34e8750e635410a84408441a8e9ff8b85a0,2024-07-25T12:36:39.947000 CVE-2024-37535,0,0,062f7ebb43bb6d2a8ccb3332e5242404947b076c7894d1777e030e1c8e622113,2024-07-03T02:04:19.710000 CVE-2024-37536,0,0,df209a8df9bdd9e6c141521f70aae153351cd936d4fcc329ecd5520bb21d30d3,2024-07-22T13:00:31.330000 @@ -254989,7 +254995,7 @@ CVE-2024-37661,0,0,6db168d2f3ae431d826f69a05b16f3210dc133b79cd809abcdc976904db6e CVE-2024-37662,0,0,bb6f8e7d075ce8cc2661f5a874a4a5a881cd67a10164dc149927e6fe92640579,2024-08-14T14:35:29.050000 CVE-2024-37663,0,0,01b3999a296dc990f7de7601c48f66af39da90c049c2b0eec4443d6e5080ce32,2024-08-01T13:54:09.780000 CVE-2024-37664,0,0,262d89efd9586f8d9685582ca4f4936d4d0dff4dc96c611162b38556aa6e87b4,2024-08-01T13:54:10.727000 -CVE-2024-37665,0,1,86bdaabd0bf88f146be6b5ccf5ba0b8f8da14ec9180667fddd4589623eddd122,2024-08-21T14:35:10.830000 +CVE-2024-37665,0,0,86bdaabd0bf88f146be6b5ccf5ba0b8f8da14ec9180667fddd4589623eddd122,2024-08-21T14:35:10.830000 CVE-2024-3767,0,0,08d0f73c70b60c9cc34c72fa6999a3dafb3f22e13fea95b60c4494502c1111a5,2024-06-05T20:15:13.643000 CVE-2024-37671,0,0,c934aded8f9e7bb093bc4da68f3a137f8fa901c17bffce2acdd8e11067ab06ca,2024-06-24T19:40:48.993000 CVE-2024-37672,0,0,d5eb81d1e21bc7cef637f401e4be37019646f03f037f89409f28522c97a44e37,2024-06-24T19:41:06.183000 @@ -255028,7 +255034,7 @@ CVE-2024-37769,0,0,5d562468fe4e62bf5aa053de70325d9517e92227326a41659856d8da2dd29 CVE-2024-3777,0,0,0856ef763b1edbec0747809f2f5f1e269fdce9f6160541c599d8c16e527540d3,2024-04-15T13:15:31.997000 CVE-2024-37770,0,0,4e93402ad3ed64140e35d7a96007b07c29c5c8b6e92be0f25f51076d1a6ceeef,2024-07-11T15:05:53.090000 CVE-2024-3778,0,0,2b5fc9c77ae2f993ef971da35cf3870af6c405ab91c786afef1cf6cf11c368d8,2024-04-15T13:15:31.997000 -CVE-2024-3779,0,0,82198a0c0f8d14775095e0ee9d173ec658feddf9f066790f6376f46c33b19ad9,2024-07-16T13:43:58.773000 +CVE-2024-3779,0,1,1a47972c633583c7bae072fbb56beacb2d6111c4ffff8b051890256727892c2f,2024-08-21T17:38:16.057000 CVE-2024-37790,0,0,f03d38fcd39f9fc913c999134089e43d5d97a0d5c9124acb1959f0950b818b81,2024-06-21T16:15:12.440000 CVE-2024-37791,0,0,5b4a77640e01b5f5901f77da4cf3e217016c11878e7475119bb550241e2deb0e,2024-06-20T12:44:01.637000 CVE-2024-37794,0,0,0173114c4850547998c4a3719d0197d2f797f34c9e250dbc5cfe23ea2cc8953b,2024-07-03T02:04:43.130000 @@ -255046,7 +255052,7 @@ CVE-2024-37820,0,0,fa0bbe561377b7b439a8d7f261288bdc816d9d647e91a5782129fd4223c1a CVE-2024-37821,0,0,dad227ff1e39e1e08a617033ca30de21cc87f5062f829537e300bad0e33ab0a8,2024-07-03T02:04:48.313000 CVE-2024-37825,0,0,a074512a3706a5e0b66f32acac0d9da7bd1ebc518866e75f394400d27da107ec,2024-06-24T19:26:47.037000 CVE-2024-37826,0,0,2fbe8d9f157e2e65c941b4ecced5ec65bdd61ed1628ccd5a149b7fcb04f1f812,2024-08-12T21:35:07.723000 -CVE-2024-37828,0,1,c9a298cc8a48faa0046a40818d4649b9b3f4ce9e437cdb0259c7d11ae6346b11,2024-08-21T15:35:09.500000 +CVE-2024-37828,0,0,c9a298cc8a48faa0046a40818d4649b9b3f4ce9e437cdb0259c7d11ae6346b11,2024-08-21T15:35:09.500000 CVE-2024-37829,0,0,1e83f5827db2aebd4e043417419d588d621c3e555f2d66c999e782ce41670452,2024-07-11T15:05:54.680000 CVE-2024-3783,0,0,a6e56ec812c297facd52c1a6c05ed03a057924506051c9c8d60002ff023e1b00,2024-04-15T19:12:25.887000 CVE-2024-37830,0,0,175f2202a37b0eda1f7f7631b536d6d16530f7b0508b6ce8d75aadeaf8cd906f,2024-08-02T21:27:58.247000 @@ -255470,7 +255476,7 @@ CVE-2024-38459,0,0,4ef78a4d5c93482a3188b8be60d5fc2896531e30b015b11c8a864501b9d26 CVE-2024-3846,0,0,0870f232696d74977451a2a3214c388694b50eb565f2d8dd146f9e698c4155f9,2024-07-03T02:06:43.703000 CVE-2024-38460,0,0,a83478b1e6645ea829b9f93a0defc559cb2f8a0be7217154c087840c32fbb87e,2024-08-07T18:58:04.703000 CVE-2024-38461,0,0,e268a8ead5697a804af966d2a826ee9baea920113b391b1c3744a119373d7df1,2024-08-07T18:50:36.303000 -CVE-2024-38462,0,1,eee1037e92afd19b72d96698149e18c8eb4ae9f94fd1eaa04f16a4c6fba42630,2024-08-21T15:35:10.397000 +CVE-2024-38462,0,0,eee1037e92afd19b72d96698149e18c8eb4ae9f94fd1eaa04f16a4c6fba42630,2024-08-21T15:35:10.397000 CVE-2024-38465,0,0,bc539dddef4aa1a0b47d2d977bc59acb47f8ef6a3352faaf3f607867427b521e,2024-08-07T17:57:25.060000 CVE-2024-38466,0,0,fec02e93539607a11f50e179f4c4e7aca93a7d6a36c0ef295eda75e6e297852b,2024-08-07T17:57:35.367000 CVE-2024-38467,0,0,65442e1ae0d1a475e337e0854e519ac76df13c757eb0152563a4b35ed3da1f56,2024-07-03T02:05:05.690000 @@ -255481,10 +255487,10 @@ CVE-2024-38470,0,0,e532fc2610ce0ba05d395b2565b3921da00db5c8c8ee1a62b50a319ed8de7 CVE-2024-38471,0,0,3da065067273e795c22a9430ea2650425c29da7d06ad6ab18b550114c797a95a,2024-07-08T14:18:45.747000 CVE-2024-38472,0,0,0483e32b4907ebc7f547fb87caf5b24bef6a9183e30ea4e30b4ad6dc0faa92cd,2024-07-12T14:15:15.043000 CVE-2024-38473,0,0,36c5b6d67728da1356289c3874d586ffc56f76a7fbb2f457e14a9e4a12de691d,2024-08-01T13:54:52.397000 -CVE-2024-38474,0,1,4f088cfc0bc3e33027842b99d0e9469f8c62a5c78773b6fa11ed87f2035049e0,2024-08-21T15:03:30.407000 +CVE-2024-38474,0,0,4f088cfc0bc3e33027842b99d0e9469f8c62a5c78773b6fa11ed87f2035049e0,2024-08-21T15:03:30.407000 CVE-2024-38475,0,0,4434bbc9e26235e103b2ea8722d70e74e682dd306d9d4b03d295c12ec512ff31,2024-07-12T14:15:15.277000 -CVE-2024-38476,0,1,4e8c0d3d798258cbdd0e17d29bc51a96bcf1447e3dd9c6b865634f54cdf942e1,2024-08-21T15:08:56.040000 -CVE-2024-38477,0,1,f870fe888c8d23cfdfdc0433edf103c8cad01a9d525dd04e1a70d1ea4bc3e13e,2024-08-21T15:11:30.857000 +CVE-2024-38476,0,0,4e8c0d3d798258cbdd0e17d29bc51a96bcf1447e3dd9c6b865634f54cdf942e1,2024-08-21T15:08:56.040000 +CVE-2024-38477,0,0,f870fe888c8d23cfdfdc0433edf103c8cad01a9d525dd04e1a70d1ea4bc3e13e,2024-08-21T15:11:30.857000 CVE-2024-3848,0,0,3a1e7dbb50cc54ecdbcc89881c429869965f00f9d2e1eb9f088acc297fe8920f,2024-05-16T13:03:05.353000 CVE-2024-38480,0,0,04c4f9e75ecb94da8a57533882d0899c4c9616c45f6d4f0fa40fb0af2c036f64,2024-07-01T12:37:24.220000 CVE-2024-38481,0,0,a84ef873be05988cbfb5d94abd02b4ab54b65ea0e48ede31f1ebc6095538ede7,2024-08-02T13:54:44.360000 @@ -255954,7 +255960,7 @@ CVE-2024-39298,0,0,ebc8c1ac57b6c8432c32f877ad1093e868a3d2381cb98ee4d7cf51055258a CVE-2024-3930,0,0,54b8e4aa07087aa149fa9bad599c7a18dec56c1b93dd2d2499327bc3c7940bbd,2024-07-31T12:57:02.300000 CVE-2024-39301,0,0,72934b8f63bc52924fc16a3afe1a18dbebdfa8998d51203c594a2fbcffcac42e,2024-06-25T18:50:42.040000 CVE-2024-39302,0,0,946c3f23cfe199dda1010c0ea47b1d5e32454ef20b5307dfd8e2dc92485c1baa,2024-07-01T12:37:24.220000 -CVE-2024-39303,0,1,e1d113aa825245b6d1e52862ebbf0ca8379af72327c1818fa556c736e7b07e25,2024-08-21T15:54:35.650000 +CVE-2024-39303,0,0,e1d113aa825245b6d1e52862ebbf0ca8379af72327c1818fa556c736e7b07e25,2024-08-21T15:54:35.650000 CVE-2024-39304,0,0,b5f772f01b3427664c53f2fa0501efa536f799b20c5d68d0936fe6db6ed2d717,2024-07-29T14:12:08.783000 CVE-2024-39305,0,0,63f56317b3a65afc1e2039e772edc429176693e571707c38de2e052250926788,2024-07-02T12:09:16.907000 CVE-2024-39306,0,0,8e446f8cd38382555b776a84edd1102287cdb22d9e95652344c53f12d26a921f,2024-08-19T14:15:22.423000 @@ -255987,6 +255993,7 @@ CVE-2024-39337,0,0,ae96e6e5658ac679eff4c9acfa518814cd5ee8874dd941939a565173aee28 CVE-2024-39338,0,0,b2902b8c8fc819dc7cfd9bba42bea4279b850087be05ea18d3d2870591906304,2024-08-15T20:35:13.427000 CVE-2024-3934,0,0,3e23cb8746110c86130adc40e1a1911de8a168d18836a34bacdc1437f4453cac,2024-07-22T13:00:53.287000 CVE-2024-39340,0,0,5ebdab5b5b68a92db4ff353d7a08162224794f82acef11835fd7731e9f604ef2,2024-08-01T13:55:49.473000 +CVE-2024-39344,1,1,ee27177971b1683530327613c91c029c554fe55aa8892f109d9ea751e8b53428,2024-08-21T17:25:08.560000 CVE-2024-39345,0,0,a7fe401efcbb2b3728b6e10777ee0a9c04a224d785c5c0839b1d13cfea4ecde8,2024-08-01T13:55:50.247000 CVE-2024-39347,0,0,f05ffc50868d752b16aba36bcf98397a1a823dcf709e914fdceefc955d8df28b,2024-06-28T10:27:00.920000 CVE-2024-39348,0,0,798f996b4382b8a6e782460918b5005c42ce376a9b87c3209ffaa4789fe2c24c,2024-06-28T10:27:00.920000 @@ -256090,7 +256097,7 @@ CVE-2024-39483,0,0,d36581a3f952605fa4deddb55b42f749ee06fd7a8fd95b57c25fb72ba28ba CVE-2024-39484,0,0,a445c76503df3c2b08ea3e5bff9e0551e6280c35730c3d8354635c9d4c9c04c5,2024-07-08T18:01:56.137000 CVE-2024-39485,0,0,eeb489cc81d629e25edf2846d080f2d16c82c1a5d4e00cda1329db48257433c1,2024-07-08T15:36:56.127000 CVE-2024-39486,0,0,f6661e67cb8f63bf2a8706b1b4211e0b90a0a8c4c4943ff1097bf9c1f15dcc5d,2024-07-15T07:15:17.263000 -CVE-2024-39487,0,0,822ef2cee7c5469918d9d994b007a5af48169677375d4d4ce0761d3fbfae43ad,2024-07-18T12:15:03.183000 +CVE-2024-39487,0,1,07f5386c1bdf0075b39a52e9355dbebed54d46b5a78637d307e6a04462c33cf2,2024-08-21T17:18:01.117000 CVE-2024-39488,0,0,23685677cb72fbb43ef99f190181df9d9e8c31ec0d3e18867ab50491586a3910,2024-07-11T13:05:54.930000 CVE-2024-39489,0,0,c63175d29bd941720feca94efc3f3a1164cbdc8d8d5c1251ffb632e82e90379f,2024-07-31T14:50:26.330000 CVE-2024-39490,0,0,3a7cfe69ff3072a0b714a0d11ffcf616850cc2417c5fe88da248bebd02107b67,2024-07-11T13:05:54.930000 @@ -256248,7 +256255,7 @@ CVE-2024-39687,0,0,1f0dde45c697bd142eb547e4c25395e40bc6f58804b4b24f10fa4126a251a CVE-2024-39688,0,0,dccea6cc179f4688243addc0514825c9dd13727763645739ebeb475d416db47a,2024-07-24T12:55:13.223000 CVE-2024-39689,0,0,86295f6760848f0b510226e65028fed1b62502a931685ba6acf948103d5d29cb,2024-07-08T15:49:22.437000 CVE-2024-3969,0,0,017089a8e0e25cc18c41dde22c453ecf92ec4c4a53bf3304535dbfbcbb40fc3d,2024-05-28T17:11:55.903000 -CVE-2024-39690,0,0,84be1dc15d4558b1a1f0e0827896ca9422a203fd1acd8a1df897400847ae00a2,2024-08-20T15:44:20.567000 +CVE-2024-39690,0,1,548c1a8a7761f7a2711f05cc07ec0b531924c96fc05350235330c19432d9ad9a,2024-08-21T16:01:47.157000 CVE-2024-39691,0,0,5b1b13e200d826d3f40f75a75371b183af197da1146b1c1721e666feddcea9c6,2024-07-08T15:49:22.437000 CVE-2024-39693,0,0,3aed4b78b258f1f000b7104a802f9a4117c3d840404e28cf8e3ca8b4234aedba,2024-07-11T13:05:54.930000 CVE-2024-39694,0,0,381b8ab296ca7ac884a99d2ccce1d7cd1ffc3e5e3c8e60b132c7b247508328e4,2024-08-01T12:42:36.933000 @@ -256387,7 +256394,7 @@ CVE-2024-39931,0,0,57507fbe3202e653bd98909b84e780947039b01c02661b27c6bdbbdb819d8 CVE-2024-39932,0,0,f66805c87f9aab2044f816b4446ff24a7e25b5aa6328c8b5e2e33ad89efc57a8,2024-07-08T14:18:57.240000 CVE-2024-39933,0,0,b6d32209bff3b62be34bd9bfc29ae3793bbd5d0463ddb473f2add5c3bc3eb1dd,2024-07-12T16:11:56.423000 CVE-2024-39934,0,0,db75b4b985c877d9f527aebcde7fbafa2671883095bbdb7782b7d9d53f40af75,2024-07-08T14:18:57.977000 -CVE-2024-39935,0,1,4aedfb6b3771bf6b83919de0ae93bdd324f9ae4cd972df1155a481c0c648a715,2024-08-21T15:35:11.193000 +CVE-2024-39935,0,0,4aedfb6b3771bf6b83919de0ae93bdd324f9ae4cd972df1155a481c0c648a715,2024-08-21T15:35:11.193000 CVE-2024-39936,0,0,151737d9121a39faad5d145bce74b1ef3d7584b31944fb5416c69ce5b04a8dab,2024-07-08T16:41:50.813000 CVE-2024-39937,0,0,1f82f5b58ad230c732d9cc7b90ed7f292cb38d4f538cd1c141ede474ebd9d95b,2024-07-09T16:23:00.340000 CVE-2024-3994,0,0,1a9bed43f4b2f43f8d685322cd3b5005094af7345fc065cd7144b7703ac2b568,2024-04-25T13:18:02.660000 @@ -256487,6 +256494,7 @@ CVE-2024-40430,0,0,819917321160eef63130d1d20449f426edcebc30c5d6dc539b6c68435ff1d CVE-2024-40433,0,0,e7a4ec9affcd5459ba2865b747a3c21f3af0ec6afc5f3d7573785ee38941782a,2024-08-01T13:57:28.500000 CVE-2024-4044,0,0,e5bbe7519a57f32e10b3da751a3cb9112f45a7270ca309aa6997e34b1ffc6b95,2024-05-14T16:11:39.510000 CVE-2024-4045,0,0,2ae0d8f233b2cc7f6d27d9d81b74b74fd6cc2876f88a425dbeb60d35e4802b53,2024-05-28T12:39:42.673000 +CVE-2024-40453,1,1,a63d732012a7b741a18e2d1a2fbf66b31e580a80c16419a5a08f6fa26146d80c,2024-08-21T17:24:59.627000 CVE-2024-40455,0,0,2b4af03841b1088e106e2c8470bdfc3454c77a8d4b576f687e8da463b4385ab7,2024-08-01T13:57:29.287000 CVE-2024-40456,0,0,f1acaf3e46ce38cdd4b72320186132bab37cc38f6f4c796e31eaece0545a5e4c,2024-08-01T13:57:29.487000 CVE-2024-4046,0,0,b162bb54ae31ac06a54238ce430265f513a39f78ee0aa36d5d6ff941168dcdb1,2024-05-14T16:11:39.510000 @@ -256510,7 +256518,7 @@ CVE-2024-40488,0,0,935bd1c3b9e22ad2c8e572783ed910d0a85a3508107693b6f595be8805553 CVE-2024-40492,0,0,887baeb8c822fbf96c83ae7c8317e551b9d380e125d5f646dfb0a8c0719647ab,2024-08-01T13:57:30.260000 CVE-2024-40495,0,0,0c92b9527f5126e4b4bbf0d1f0a16c194305be9e806244080172bf727ded6b6a,2024-08-01T13:57:31.037000 CVE-2024-40498,0,0,5810ed5aa59e12db14c51ce30325d1c0d70a5c997d2111b8b796a66ebc036219,2024-08-06T16:30:24.547000 -CVE-2024-40500,0,0,4608f83d3c511004760717019138094898f58799c0117c9399ff8d2f8f9408db,2024-08-12T18:57:17.383000 +CVE-2024-40500,0,1,9a99879dfd0dbe8b302a14079bbe558c6c55e4235f8be751f039f05b5f32d9db,2024-08-21T16:05:32.603000 CVE-2024-40502,0,0,a7c6a31e5b7af110c861ba07a7795fbcc41db378deead021f902ae7acee4ed3f,2024-08-01T13:57:31.240000 CVE-2024-40503,0,0,1b06db37464d646561a96f96e7332cfde7dc7941dce27a6167d21314639debe2,2024-08-01T13:57:32.010000 CVE-2024-40505,0,0,7ece9bf9b6c0e4a275d20059391eb5add095153a9e53affa19425b4d1ec16355,2024-08-01T13:57:32.800000 @@ -256764,7 +256772,7 @@ CVE-2024-40949,0,0,791b23d5aa5b8f2913b54416c907a4bc6a3427cfe143f82f7d7f99adf2829 CVE-2024-4095,0,0,e2a40f44bdf8e372a41806afdce4161562b7b4bb2bcba8f3987036690d2e8184,2024-06-17T12:42:04.623000 CVE-2024-40950,0,0,b6979d5e6c063eb00970b540ceafda0becb430ff51009e9e1c48a7255ff5f822,2024-07-12T16:34:58.687000 CVE-2024-40951,0,0,15aa8df4b78f7514f02ec97aa813adcc5685b7b49e8bf3041732ce8e88b84a54,2024-08-06T13:29:07.827000 -CVE-2024-40952,0,0,284e20d0c02a4a07f0a633613bf6da63afc1e1864146bd195b56e5c256be8437,2024-07-12T16:34:58.687000 +CVE-2024-40952,0,1,0e259c5b64d27b28a64029bae66b9c49f91a589d68389fee91a3e779c87dcc5c,2024-08-21T16:50:34.377000 CVE-2024-40953,0,0,b95ef29b38cb2bdc14b7d3310e089ce1c53f0ae5a8fac0aff1ea43db998d2aa8,2024-07-12T16:34:58.687000 CVE-2024-40954,0,0,6435d77632d64383b2dd408edc2b98ec70827908a39e4fc7f1aeac09bff6b72f,2024-07-12T16:34:58.687000 CVE-2024-40955,0,0,4f78b513b01dfd2400b7927009e3f8081393369b68b71a3a8bf67f98b5e12e0c,2024-07-12T16:34:58.687000 @@ -256773,8 +256781,8 @@ CVE-2024-40957,0,0,ba43e6ddc634305a816231c000c7b443548485728739cecf3ba6005f6c02b CVE-2024-40958,0,0,c4b20d9cb20e4970bb454dd1d6fa22674e8409df2a8f77cff22e9737b19836ab,2024-07-12T16:34:58.687000 CVE-2024-40959,0,0,e7c156318badfedaa056792bcbefa34231e67bdbb7ed04e052f8e0abfa80614c,2024-07-12T16:34:58.687000 CVE-2024-4096,0,0,50bdcb96d8146d46d54f79639093726453baeacacf83f329111a9e971fb9861d,2024-08-01T13:59:25.313000 -CVE-2024-40960,0,0,8c9ecbf3ce1d5a966ceeaed5b8c07f68ad63349ac775596cb6095bfe9b87d6c9,2024-07-12T16:34:58.687000 -CVE-2024-40961,0,0,b3fbc1b12e9f7d49eaa74fd1640530148d2a137b642e9af23dd2db9c53e317ed,2024-07-12T16:34:58.687000 +CVE-2024-40960,0,1,224fc8abfb2f94783b28083c93e2292ac4ee8186631329fe5a1366c6e0afb3e1,2024-08-21T16:53:01.407000 +CVE-2024-40961,0,1,46c5313b9439073911d138fda8b8a768c839675dbf78976afbf75297f27433b1,2024-08-21T16:54:20.817000 CVE-2024-40962,0,0,3d1366142cae87f99bee1d01922e9c3346fad92689b81dead457f2b7f460d17c,2024-07-12T16:34:58.687000 CVE-2024-40963,0,0,2a96578cd7c6af1c34baa4ac9a95077df49820df6548101e36fdd738e266e9e1,2024-07-12T16:34:58.687000 CVE-2024-40964,0,0,71fa54b4dab6157dac57be297e369e5474c76b73727e066b7c320ab6b908d5be,2024-07-12T16:34:58.687000 @@ -256809,20 +256817,20 @@ CVE-2024-40990,0,0,cd4ca053a0ec5d11c69e407da176119a515b6b0abc494934cf9d76e0e1606 CVE-2024-40991,0,0,ec2ddb2f3ffaaab4f22b585138329157aff6badf22f9c0dc433ce0a15fb727e1,2024-07-12T16:34:58.687000 CVE-2024-40992,0,0,59330320f1c372354ad798dc40538850329b5c6373bec47c4461455ccd576b86,2024-07-12T16:34:58.687000 CVE-2024-40993,0,0,89f720d26a3286afd844c876b00dac13b1a1ac9b861825430f92c7a8bde3b9fe,2024-07-12T16:34:58.687000 -CVE-2024-40994,0,0,1abeb18b569c8ab907ddbdae0ef228bb0bdac596f0ed1970e744e60db669302f,2024-07-12T16:34:58.687000 -CVE-2024-40995,0,0,b8c3801c63d1ce17ae0c2f2c8ae7c4154c891db5197277339bf1e481f40b52e3,2024-07-12T16:34:58.687000 -CVE-2024-40996,0,0,6212bb9cc1ba50c097c41f46d08f0e1f29fecafa61c9b8a7ad2fdb0028fcb634,2024-07-12T16:34:58.687000 -CVE-2024-40997,0,0,306e569d86420b63ea01df1396407b53b9289ac72daa1a8b706cdbba2a6b993a,2024-07-12T16:34:58.687000 +CVE-2024-40994,0,1,87451351170180789ee67455de46510dfba865151492ccdc75166700c2d95b86,2024-08-21T16:32:22.197000 +CVE-2024-40995,0,1,7e774e2d3646b0f7dfbcad03b022ad4520be89bcbae9394e79e67060f0b7112d,2024-08-21T16:33:00.850000 +CVE-2024-40996,0,1,024bdc0733e5f73fa0231a2a745cd31843ec15e904ddb5c76b9d4a0bfd4786c7,2024-08-21T16:36:14.723000 +CVE-2024-40997,0,1,c32eb20693ee26e8aa58ed3f2e829a98445467bea9797601bdb1f84499b8c041,2024-08-21T16:09:33.373000 CVE-2024-40998,0,0,9da508127245f96a0a3187b3791e694d7423147f0ff8b17a1f0863f2b85caeaa,2024-07-12T16:34:58.687000 CVE-2024-40999,0,0,befb0b425fb0d7279ac5ad8ccd391425d06a7b97e64b517b26bf38c02ed2bb47,2024-07-12T16:34:58.687000 CVE-2024-4100,0,0,7f59e9bc55c06404ac377b1145b413dcdbe8a5d2f3074db367eedbc1e2d39377,2024-07-09T18:19:14.047000 -CVE-2024-41000,0,0,81046079da2b448022ea7b3680eff301547d5cd8de02bc3190c923c175124cbd,2024-07-12T16:34:58.687000 -CVE-2024-41001,0,0,71fd07e3d0803c7d002d688bf225a4f4da9bcfb5e22174a9bbb3f4204060378c,2024-07-12T16:34:58.687000 -CVE-2024-41002,0,0,7deea9c69df9422257c7eab994e2fe2813619d6b902db64016f50ba0e7a276dd,2024-07-12T16:34:58.687000 +CVE-2024-41000,0,1,e686e8fa14e77f5884a1e469f4251e35e44f493af012d847babf495df5eafb00,2024-08-21T16:17:13.427000 +CVE-2024-41001,0,1,29b7733bccdd729fd8f151ef33300cb3cb47287fad66b79705d0f6dafebc1715,2024-08-21T16:17:45.513000 +CVE-2024-41002,0,1,d5dca7b519105aebe7c927e62dd5afbcd4fe0f3f2ed6249b57814168be8039f7,2024-08-21T16:18:10.740000 CVE-2024-41003,0,0,34af7c5bec0bec46e58b8eca63f4eaa9d72a070d8c36181617dd9cac2e47859b,2024-07-12T16:34:58.687000 CVE-2024-41004,0,0,1d7ce0f59b365834038557de07b82b5f32bc5f203fd421800f8210717139541c,2024-07-12T16:34:58.687000 CVE-2024-41005,0,0,0581c40a7d6578257fb62f4f8b7b249bca4b3435363decba2015a514cb7ba480,2024-07-12T16:34:58.687000 -CVE-2024-41006,0,0,dc7b32cf519877d8421551e4b73fad107d79cbf71a2d87bd4f4846f9314e678d,2024-07-12T16:34:58.687000 +CVE-2024-41006,0,1,69ba1d1e4b23644651b93bb74f2f8b7ddc85169bfb70261df249f37e2080d9a0,2024-08-21T17:20:57.467000 CVE-2024-41007,0,0,557d3d79f36960ef2852244da6d9d8db811ba2a987274c1ebfaa71dd3034b15a,2024-07-19T18:24:59.197000 CVE-2024-41008,0,0,86de6e2be092cac70f5596fb96d0253f26291855f34ae4ddc015775261181c4a,2024-07-16T13:43:58.773000 CVE-2024-41009,0,0,c4729b5cb64b59a8130835040cce4fcac734ad6152593d4547aa0a45482d47fd,2024-07-29T07:15:04.560000 @@ -257127,8 +257135,8 @@ CVE-2024-4167,0,0,a726fa69800dd2a00fe506dc5d29a370681725e72bfe1ac34a8206d5070886 CVE-2024-41670,0,0,d4de1327e25e7abc39266a562cb92a3c058d45ff783401ce0a66d0266a4c8b41,2024-07-29T14:12:08.783000 CVE-2024-41671,0,0,246285a77daa13e5014904fc895b261c0c0cff4d8c9ca9cc03eeeb85acc4b806,2024-07-29T16:21:52.517000 CVE-2024-41672,0,0,22d9ca4e03b108f26bbb384eff42397f3ecb90b1b86b629c7d5509df37cbcfd2,2024-07-25T12:36:39.947000 -CVE-2024-41674,1,1,0bcdbae78a96f623f690062c510fdf762df628c9fcb5a1071931480912d22b0b,2024-08-21T15:15:08.770000 -CVE-2024-41675,1,1,b62370e1577a008c9a8e87e6edb30104186b463e20a17a8321a413aade924bd9,2024-08-21T15:15:08.963000 +CVE-2024-41674,0,1,2efc360b62688be6ccef330f160a0fdc2fcd4a58aa8980d70f1862bf900859a3,2024-08-21T16:06:23.153000 +CVE-2024-41675,0,1,c552f3fd4715304dafe4a5eed89c59bfbc25d98add0df31c42e0865266e54768,2024-08-21T16:06:23.153000 CVE-2024-41676,0,0,b56341df25e194e84048e23b9e09a8bb0d4e56dc4a3c6b47ab03c0be3461cedc,2024-07-29T16:21:52.517000 CVE-2024-41677,0,0,350177b79949244cfbc185c5f18aee412a8902a49d36a53e1d4b50536f1effd5,2024-08-12T18:51:29.497000 CVE-2024-4168,0,0,7f4f833c88738c683a47d814a058bf8a730868170937a9aca799097bc79bf22f,2024-06-04T19:20:31.690000 @@ -257269,6 +257277,7 @@ CVE-2024-41924,0,0,06cc2d8c551d8fd39f4e2ff31447bb4070ddde2d992cf8f0c8cb1b0035280 CVE-2024-41926,0,0,13c43cd281b4a9b74f2496b8daab80f10df1e7e6bc024b50c3c661b49018ccc2,2024-08-01T16:45:25.400000 CVE-2024-4193,0,0,4d4f4fcde78b01b33e30a077c434c1714d01a9ac9cd58d916bc86b963b6ddbd7,2024-05-14T16:11:39.510000 CVE-2024-41936,0,0,d330b2a32a604797fc4eb94f395ba3140911090caf0d19e4d7603d421735298b,2024-08-20T16:26:54.663000 +CVE-2024-41937,1,1,0df28de5643f0c9acf3f67c95f507dc7e1a9360e16ae09e6bb16a4e1b3aaf747,2024-08-21T17:25:08.560000 CVE-2024-41938,0,0,3ab7c3a39df7962916b58b6a8012e354ce7c2e72731bfa6d3bfa597d2e12afa7,2024-08-14T18:08:42.777000 CVE-2024-41939,0,0,4183ed079a81e71abb2d3254aa5006833dc573353e4bf1b5fd01bacb1a530db3,2024-08-14T18:09:24.030000 CVE-2024-4194,0,0,cb2c64b568e3bd7c78c9d4f736651c66722818abe246f3bc5aedd70e3521cb96,2024-06-06T14:17:35.017000 @@ -257570,7 +257579,7 @@ CVE-2024-42320,0,0,3bb9745120c3e683aefbafbca3ae9140002adac221663a12333f744da45f1 CVE-2024-42321,0,0,1716db5db6c984bf2ebbd691b80440a9181fa253c6bc8c5d00954d830484e312,2024-08-19T12:59:59.177000 CVE-2024-42322,0,0,2accb2a45b605eba549de2a0c83236102f9dab689f1b61dc800f0c45a0f92db4,2024-08-19T12:59:59.177000 CVE-2024-4233,0,0,e3336c43dd885f8db6271cd8e49f7796169d1b724e733d53d39e8dcd56cab238,2024-05-08T17:05:24.083000 -CVE-2024-42334,0,1,63554eb6ad9440efa3ee44750a635a89b93444804b44759a759c86799c0d08da,2024-08-21T15:59:56.493000 +CVE-2024-42334,0,0,63554eb6ad9440efa3ee44750a635a89b93444804b44759a759c86799c0d08da,2024-08-21T15:59:56.493000 CVE-2024-42335,0,0,2b9b97973dd654c6eb68cc221bad7788b92938b457385b73625ca969f07db996,2024-08-21T13:49:19.863000 CVE-2024-42336,0,0,9d50c356f0d4adf09aca00c9c846bf696f6bb56ab685e11cd2eb3baef191e723,2024-08-20T15:44:20.567000 CVE-2024-4234,0,0,18c98986f4d0c323ca7a76881b57d07f11d740fced15b647da44016411c790ed,2024-04-26T15:32:22.523000 @@ -257595,7 +257604,7 @@ CVE-2024-42365,0,0,cd9316acef63aa01c9388716e86faa1c498776bc0209be92960fb577e4f0b CVE-2024-42366,0,0,26d79ce86c657c865adda744afaa0f4e93052091893cacc16340b64f87dbee28,2024-08-08T18:55:19.180000 CVE-2024-42367,0,0,78b96b1f30a7354fdfb7431aa08d9784ec8c3726b77126448b6109517286436c,2024-08-12T13:41:36.517000 CVE-2024-42368,0,0,de4f48ab04f32dd7f3db383df19cc416867f89e8ecae60c2fdd0bef001ee0d34,2024-08-14T02:07:05.410000 -CVE-2024-42369,0,0,8a933389f3d26cb55a043d5173c573c8ee7309a659b6254a355b5d9c91a9c398,2024-08-20T15:44:20.567000 +CVE-2024-42369,0,1,2db0203d9e1c9ed86d7e5fe91c7527c5d07f66504aa58aae16d195697c2bea11,2024-08-21T16:01:03.147000 CVE-2024-4237,0,0,c38818d0c288b1eec57a9be9e655b05254cb3f3487787a1ecd91e69d9c20b38c,2024-05-17T02:40:19.580000 CVE-2024-42370,0,0,62e839a91edcd64bb21dabf32c60522dd52dc9540883662a6d8c03c0ecbecadd,2024-08-12T13:41:36.517000 CVE-2024-42373,0,0,295f57d389a740d58ca7f1197ba4847ae8998d712f5bf5435ce1e4024bfbdcde,2024-08-13T12:58:25.437000 @@ -257675,11 +257684,12 @@ CVE-2024-42545,0,0,f468a16273bd93e60bf7c85edbb037a37f95ddbef27d46e806b8081634956 CVE-2024-42546,0,0,fb60d203dacd557a0d6c3dd4a088a3933e203b772ae4b090e279b0a2f7b980c9,2024-08-15T16:35:15.603000 CVE-2024-42547,0,0,35eeb010fca94dc794f14fe3c29b0586f2dd6b453f1de383f4e89dde1cb85973,2024-08-13T17:08:12.543000 CVE-2024-4255,0,0,35fd058a4cc0a80e19d25400a3e944345c636d8ef400085f905d7b019af7edbf,2024-06-04T19:20:34.420000 +CVE-2024-42550,1,1,fc040a9fdb9874d1ee6063db817db51f08698296778147bc870cf1ae6bde398f,2024-08-21T17:24:59.627000 CVE-2024-42552,0,0,05029fbe912027602aebaf8833cf288ec3cd361d07011e6c98e55751bb0bdc6e,2024-08-20T15:44:20.567000 CVE-2024-42553,0,0,2423da66b36b5ac46e4d328e5cb18cc8071803cc838cae0003cc2096a1c3dcbb,2024-08-20T16:35:22.120000 CVE-2024-42554,0,0,e7093d400617647f295578e1e2a0acba43985e714edb761c848d698d7a6942ea,2024-08-20T15:44:20.567000 CVE-2024-42555,0,0,0a22b9ad39decd5ee3fb21d58c15efa0c29c80c6617d4653453476c140cafc1c,2024-08-20T16:35:23.320000 -CVE-2024-42556,0,0,b286d781ca4217f09767061e338f1832e727edabf2570c00a0b4398fa64ac107,2024-08-20T15:44:20.567000 +CVE-2024-42556,0,1,81d6db8e8a0baef375d5428aa737e7b39335d62051ece35a19f26aa45f376141,2024-08-21T16:35:08.730000 CVE-2024-42557,0,0,e02af384cbf4fcc983c541e561ec4a31ffa2ceb039568e1dee77a1c459bebde7,2024-08-20T15:44:20.567000 CVE-2024-42558,0,0,8f491b26435c6193a82ecd5e108c46f65e32c4d5502e567f20fed23169fbca61,2024-08-20T21:35:04.467000 CVE-2024-42559,0,0,9acb74b9f8ae969ec2fc9d0f6d482db1d87b890c76313d6c123d946977a290cc,2024-08-20T19:35:10.850000 @@ -257687,7 +257697,7 @@ CVE-2024-4256,0,0,2885dad709315de5112b738946979afcb06c4d717b1b754bf7bfd87477f08c CVE-2024-42560,0,0,77c3eb361010feb420ff28950817a9c1609b41f6e3fa7cd1b726ce40de2e033c,2024-08-20T16:35:24.553000 CVE-2024-42561,0,0,851b224ad04a9881247fc5fa1c3fb46325b04d8a33b689b57f61279bf963ea10,2024-08-20T15:44:20.567000 CVE-2024-42562,0,0,95374f95cddb8581f360fb4a8bda45010193fe86e767e637b2647fc080f29add,2024-08-20T16:35:25.820000 -CVE-2024-42563,0,0,40129ab7d8048132e234dd5b3a3d8048368dc40b360ab46b202db5c49bfeff90,2024-08-20T15:44:20.567000 +CVE-2024-42563,0,1,baa18250040bc5196343ebfbb432817447c4a3a44057e8dbcc112bc7387d631c,2024-08-21T16:35:09.490000 CVE-2024-42564,0,0,d11dd74cdbc88c75461941d9a4470126fb867541e46ed51b0c7bf5d3da3ec994,2024-08-20T15:44:20.567000 CVE-2024-42565,0,0,1591c4cab80f6693619cd5a4da52c8a7cd3181b67994b124b718c4e4c7faf1a2,2024-08-20T21:35:05.227000 CVE-2024-42566,0,0,98ae4d4c54aadbbb33d8445750ac45a5fb4d45d2ba72f710ffd19034073726bc,2024-08-21T13:47:05.013000 @@ -257697,12 +257707,12 @@ CVE-2024-42569,0,0,a2bf09fa7918830ac6a9bdd170fcd5f4025f3b5655536c64aae4250f3722f CVE-2024-4257,0,0,e0d599f1bfc48408556261adebbc05066e8b6b86cdfabfa8d99484b6710fdc92,2024-05-17T02:40:21.330000 CVE-2024-42570,0,0,f4fb85a858f58c2f291542defe868101fdd651787665eab2245b6ac99f2a7d38,2024-08-21T13:46:00.837000 CVE-2024-42571,0,0,1c554bb814a228d2952a27acace697648b5faf72b3d0b65c235a3480b0e47c2a,2024-08-20T15:44:20.567000 -CVE-2024-42572,0,0,d5e756401e0b9e3659d31dbdf17fd8a71113d1c2dc4fe792e3169491d0c4f5a3,2024-08-21T13:44:58.823000 +CVE-2024-42572,0,1,8a27d950b3f1c9ad5db7a77b1ee249eea67e2798f67a1d2d16a37bd410483cab,2024-08-21T16:35:10.263000 CVE-2024-42573,0,0,c4d9e0f6d8b833e2509d8c2910fa5ba22120e6bbd03b4460129e761d76e30cf4,2024-08-21T13:44:48.360000 CVE-2024-42574,0,0,aa616629d677652eb91e6bb032b777df1c13de96e0b62fbe4b20bbe0e1fe4f9a,2024-08-21T13:44:39.147000 CVE-2024-42575,0,0,cf2b2349db3c76ced20b6aa1a9b6de0d11718de3d1ae748f38b2de1c10e7197a,2024-08-21T13:43:06.420000 CVE-2024-42576,0,0,d7eb868484ad37f21c56ed60bc9cbb03790a1e242dbcb4957b7f3d19f6553c68,2024-08-20T16:35:29.750000 -CVE-2024-42577,0,1,90aae1e6030150c8a860d623cdf957a84ff52b3a936bb9734a4fd516a3527414,2024-08-21T14:35:12.110000 +CVE-2024-42577,0,0,90aae1e6030150c8a860d623cdf957a84ff52b3a936bb9734a4fd516a3527414,2024-08-21T14:35:12.110000 CVE-2024-42578,0,0,e49e6d1eec15d8971d4646a9d9f4fa585ff2792aff3d9892d55116d7caa208d1,2024-08-20T15:44:20.567000 CVE-2024-42579,0,0,fa99ce7ac5f22e1d2334d6eec7f7550bac4275b5f10f14882b3897e6f5bad313,2024-08-21T13:39:19.630000 CVE-2024-4258,0,0,cedc452cf08b1d582601f74b54055702e4527b179d19ae6d21e1fa7a35e392d8,2024-06-17T12:42:04.623000 @@ -257720,12 +257730,12 @@ CVE-2024-42604,0,0,c728aa7d1997da2891fdaf68c4e186010a0ab578e913f3d19b193328f99c3 CVE-2024-42605,0,0,3d7b70705f0c340fd9e9ac2feaeb7c16213ffec0f6a7c6374438550a8c1d62c6,2024-08-21T13:12:40.957000 CVE-2024-42606,0,0,e46323a2b9a85aad3954a3b27bc1e8c958b659372d991d6df8f73aab5c26bf01,2024-08-21T13:12:27.070000 CVE-2024-42607,0,0,b5b5d184fb29386f840a66de2587a7be0c2df56835ad775e585769a324e9820a,2024-08-21T13:12:16.913000 -CVE-2024-42608,0,1,8688c7f667989fa963c92bc639f5a0c943a12272781992761448bdeec07e55cf,2024-08-21T15:54:44.310000 +CVE-2024-42608,0,0,8688c7f667989fa963c92bc639f5a0c943a12272781992761448bdeec07e55cf,2024-08-21T15:54:44.310000 CVE-2024-42609,0,0,f63b45fca798ad24817857f390287beb793195563f037ecfcae8997c9ecfddec,2024-08-21T13:12:03.427000 CVE-2024-4261,0,0,cad163d5402c8383e323c083e324c4342bcfec07494a0960d776456fb2ab221b,2024-05-22T14:30:41.953000 CVE-2024-42610,0,0,9ff653a6a99494fed368590a85a46ec66dee52a770d3e028c312550d378eb0f9,2024-08-21T13:11:37.863000 CVE-2024-42611,0,0,f9674380fc6f878f1ac0ab8729105a9d78b38c8b71f0a0730627362d566fed82,2024-08-21T13:11:27.467000 -CVE-2024-42612,0,1,88a211cb8dd499a7fa3fe1db9d6951f94d122f8c08a69d042b1bd0caac23b339,2024-08-21T14:35:12.920000 +CVE-2024-42612,0,0,88a211cb8dd499a7fa3fe1db9d6951f94d122f8c08a69d042b1bd0caac23b339,2024-08-21T14:35:12.920000 CVE-2024-42613,0,0,6221a14ebaf52652c0c84fec6a243252d38dbbfd2eaa4426e4cb9e2770861a6f,2024-08-21T13:11:06.807000 CVE-2024-42616,0,0,7bee95a5cbe45629c3e71b1e12aa6afe4fbc410af1d1f91cf79c5dad28a1561c,2024-08-21T13:10:56.257000 CVE-2024-42617,0,0,28cb54a107433a0012884815935f086d11a13f698ecc4f093de34f4378dade94,2024-08-21T13:09:48.897000 @@ -257791,7 +257801,7 @@ CVE-2024-4280,0,0,f46c38f13eff52b4d020fb374e18f92e6528a4bade2042627b2165ccf7b627 CVE-2024-4281,0,0,cb48c26c252b1c83fb4810210335ce05e1fcbd94e5804419418b4f73b9d5c028,2024-05-08T13:15:00.690000 CVE-2024-42812,0,0,d754a1b3fa22845b1ec28a5e3b423343f3a09420e9ed62b3cb19e2fa117c33b2,2024-08-20T15:44:20.567000 CVE-2024-42813,0,0,ac2ce0206860ac49c7a00dc981456912113a83f39c5bd8ad9fc9aeb5495f6bf9,2024-08-20T15:44:20.567000 -CVE-2024-42815,0,1,61ecad930f8952f88e6624df649da2e776a6738d656b0dbfd5ed90ab12701c47,2024-08-21T14:35:13.727000 +CVE-2024-42815,0,0,61ecad930f8952f88e6624df649da2e776a6738d656b0dbfd5ed90ab12701c47,2024-08-21T14:35:13.727000 CVE-2024-4284,0,0,4fbe27a80563712e41b6422ac48754a31c657da862cab89b959335ecaf13d90e,2024-05-20T13:00:04.957000 CVE-2024-42843,0,0,147a94e278dd08ceb9ff0b00f505eb868d7a1e59c01ddecc9d1420e344e9ec86,2024-08-19T19:35:09.180000 CVE-2024-42849,0,0,476a8b05abd0e5119b7af3cdc63ecacc25e4b753be03084352759f8b34a540b8,2024-08-19T13:00:23.117000 @@ -257805,7 +257815,7 @@ CVE-2024-4291,0,0,3555454673f17bb302e51e81ea2fe7cd049aabde203c094d5792666ddbcea9 CVE-2024-42919,0,0,7884ca2db3b42df8cea014fe9c7f92e13b5906264980e99d7b276d089e845d16,2024-08-21T12:30:33.697000 CVE-2024-4292,0,0,3da8afef6eac3f0e74c17cae2760dab77b8f6d77627214b0783fc9bf5f2f59b0,2024-06-04T19:20:35.097000 CVE-2024-4293,0,0,32ea35cbc5ba91cf83ff71be9c2b19347dd1b3b0949ec88573415a66fabe3aec,2024-06-04T19:20:35.203000 -CVE-2024-42939,0,1,0a4f0bd6894ac6d88b35488a2f68269c6c1ee90e9a32b09e4e7e6a9150767f07,2024-08-21T14:35:14.557000 +CVE-2024-42939,0,0,0a4f0bd6894ac6d88b35488a2f68269c6c1ee90e9a32b09e4e7e6a9150767f07,2024-08-21T14:35:14.557000 CVE-2024-4294,0,0,0a6adde2b8f93d4c8d3c3070f48f62e5ef1709fd02553117d08b35488342d14f,2024-06-04T19:20:35.300000 CVE-2024-42940,0,0,097785b0d8b1a2c5e9dc9f93304a2dd55a9659adb94f015efea3fb7466159ea6,2024-08-15T19:33:37.670000 CVE-2024-42941,0,0,4823e4e899032fc94bff489b9cbadb70ea6c991fd28db39b71d862913b0d21ef,2024-08-15T19:33:07.637000 @@ -257818,7 +257828,7 @@ CVE-2024-42947,0,0,e7d01f7003d2f409e61d4e637f7500689fb65c07673a6b4b02e4e7886d96f CVE-2024-42948,0,0,2167f79bb14301e7998438c80225da1d9af3750f4b140d069a0f87d1b1360383,2024-08-15T19:31:38.217000 CVE-2024-42949,0,0,44c6441194e695d5a683578273dc6ba440e5cf17bcd806ba53209d34b464cf71,2024-08-16T18:15:30.507000 CVE-2024-4295,0,0,848d1af2676088d8bdb79c5f7e3bd4f81684dc40347bc492c56560372b53041d,2024-06-11T17:15:18.997000 -CVE-2024-42950,0,0,1385333ccf2f7050eee46921a9054c17c1d356a79617c45dbd50e9b7459032f8,2024-08-15T19:31:17.737000 +CVE-2024-42950,0,1,eb11eb812b7cc23c3e2677512c793bb40fc92f136b1df58b0cc1f22b415bf06e,2024-08-21T17:35:04.793000 CVE-2024-42951,0,0,7bdaaf021ce5c2c1a607b63871110c0151990fcef0c3aeca8294b3bad92bdb73,2024-08-16T18:35:14.290000 CVE-2024-42952,0,0,e1493349159808b41d3fd1446f0d95431c6347a80eabbe8adaa343717850dc24,2024-08-15T19:30:38.387000 CVE-2024-42953,0,0,8851520fe29c4e2cdfe788f671b16257937bb484146dbc70d9979d7ec9114024,2024-08-16T18:15:18.800000 @@ -257855,6 +257865,8 @@ CVE-2024-43009,0,0,468db8caeabef579a226d8a65490e413d586c09d4e7e764fb4b818b81835a CVE-2024-4301,0,0,218172685a71d9dc14b7de60ac62731c757d7801c2c506799e72286e245e5cdd,2024-04-29T12:42:03.667000 CVE-2024-43011,0,0,a1a7726f53e21e3beb63c25ff5d202a0a16dad76f49dffd4b60f93fe1759157a,2024-08-19T14:35:10.893000 CVE-2024-4302,0,0,3989b291497fea424d341ee8d50afc238ccc795cfb4606a4430491f615d9ea6b,2024-04-29T12:42:03.667000 +CVE-2024-43022,1,1,bcbb977578d31f1f827de05fade0aa40a1008113e5479b6fe4732e422174cbee,2024-08-21T17:24:59.627000 +CVE-2024-43027,1,1,023646627aeb42c9f27c70e233b2b26c2ec04024033b793398340bc23e8b2b89,2024-08-21T17:25:08.560000 CVE-2024-4303,0,0,83a712aebf2d4281174fc319c5a3b5ed1f6b2a8b7c1590974611c884faeb0657,2024-04-29T12:42:03.667000 CVE-2024-4304,0,0,cc036c021f3a6e70e19e6533fc0c5b7e8e9615d68f40d67450c876ce97ebcd8f,2024-04-29T12:42:03.667000 CVE-2024-43042,0,0,b853bda14fa02964a16c19d1896f72364ccfb9e1c7f5c0faac2a5ae6d185d191,2024-08-19T13:00:23.117000 @@ -258025,7 +258037,7 @@ CVE-2024-43368,0,0,1d00a2d97832bca557e0027710c3b9dd305a4196742f053b6b5599e12fe83 CVE-2024-43369,0,0,3f715b9274c2b9674573124fd01c9f3a8a848640345dd0ef56c5a08f4595beba,2024-08-19T13:00:23.117000 CVE-2024-4337,0,0,87f9a4f489ef032776e3da435c02385147be0cf8fdf2fdcc393190f8f887eca5,2024-04-30T13:11:16.690000 CVE-2024-43370,0,0,63a4b6e00d1567d9d6f653490e2b73cb49023bb731b98d8f0b3fa5d3f581b5b7,2024-08-19T13:00:23.117000 -CVE-2024-43371,1,1,942a79aa42f9b24ae0d118a3ba81d77eb626ccecb47e7dac5bc12a801a5f89dc,2024-08-21T15:15:09.190000 +CVE-2024-43371,0,1,3a2a473e40f31fc3b260341cd4e0913415db50eacb872b2b6c13cad2ec020f0c,2024-08-21T16:06:23.153000 CVE-2024-43372,0,0,a043dcae2b6cd795ef3b53e2a2297979218d8f1c42273b50d63478eed641cb64,2024-08-19T14:15:23.140000 CVE-2024-43373,0,0,db91654b81ea063be92db1e222d81162a2c449df0cbfa02fb41874b948a4c8f0,2024-08-16T21:46:08.440000 CVE-2024-43374,0,0,985df10ab42e21b923c86b553c9d031d32672b2cc13ac7d069fd0fa1d25bd2e8,2024-08-19T13:00:23.117000 @@ -258046,10 +258058,12 @@ CVE-2024-43401,0,0,15903cc3c455a698e44524d269216ecf71232ae93f3f18482e5b95f18bb9a CVE-2024-43403,0,0,2d2fd26bb8b3833065b554e3ee4081855a0a04ca3de9ec4a77dfc795be220eec,2024-08-21T12:30:33.697000 CVE-2024-43404,0,0,20af26cd731b3ba8b34b0057b5259bd09cfea8cca89a07a9d1aba2ec472dceb0,2024-08-20T15:44:20.567000 CVE-2024-43406,0,0,73b0ba9348d7fda79585237be1ca1a5ac69ce938ffa97f7ec991727d16bb5e34,2024-08-20T15:44:20.567000 -CVE-2024-43407,1,1,ba917217406b26111f4ff8369a7edfb9112be09f8f8ebf96340901199ac4270c,2024-08-21T15:15:09.397000 +CVE-2024-43407,0,1,7d467f466ef499beae825bf32e799dcad5cd40ef566d80f60a26b3cbd900e048,2024-08-21T16:06:23.153000 CVE-2024-43408,0,0,d4537cc05369b1073eab6be6b0c0270081103ca8bf402f8fafe9ed3f7a29471a,2024-08-21T12:30:33.697000 CVE-2024-43409,0,0,936bb6be49fd3f1a52856d091099b7d0ee01c9becc80fdf8cce500121c258f30,2024-08-20T15:44:20.567000 CVE-2024-4341,0,0,60a5b39ccdef4d059dc8073670ab0aea750a7880bf4e71543025f3d18b32ff1e,2024-07-08T15:49:22.437000 +CVE-2024-43410,1,1,8c80a18c88f75265fae7f89031cab1cfcbd4a6399d9448522c8036987a7542f6,2024-08-21T17:25:08.560000 +CVE-2024-43411,1,1,f92a9877c1d95fed34540f03846bc4d517644acd1a3d1746ec447531551b186c,2024-08-21T17:25:08.560000 CVE-2024-4342,0,0,2403af0b003f5953a3d2a1b74bf46d64f4a354bc628b01d2ea5f60de4a4002c6,2024-06-03T14:46:24.250000 CVE-2024-4344,0,0,0e21345ffbddb43f0000901c1c1f7a4c33b525c68a381cd32a35ab8e755aa5fd,2024-06-03T14:46:24.250000 CVE-2024-4345,0,0,991a52fb88968c952c460a76f59f283c0ad80fedc25d9533338fbc3b0d515f60,2024-05-07T13:39:32.710000 @@ -258185,7 +258199,7 @@ CVE-2024-4405,0,0,45cc63f187ac8ca241b3f6f4ea8115546cfb9789c95e5b84e970d2850f40bb CVE-2024-4406,0,0,4d2edf89174eefb11c1e35948c69459d7b4d6dd1a09c10eb7a0704c1561ef984,2024-05-02T18:00:37.360000 CVE-2024-44067,0,0,f6acc392be4d580c3750239c741db14e9e0b23cb38f1820ef772266e93e1673a,2024-08-20T20:35:34.497000 CVE-2024-44069,0,0,2eb956dd06d71bb925b0fe816cbe078cd7c5c9a8647e07e8d081256cc543fa9f,2024-08-19T12:59:59.177000 -CVE-2024-44070,0,1,335509dea99ada6c9ff96f06f0e87dab6ba3af229752b80bde023da9415a33b1,2024-08-21T14:35:15.433000 +CVE-2024-44070,0,0,335509dea99ada6c9ff96f06f0e87dab6ba3af229752b80bde023da9415a33b1,2024-08-21T14:35:15.433000 CVE-2024-44073,0,0,ad93c7cd67f110b3f3dbf8094f03e2f128eb131898a84b811a05132b4dd487f2,2024-08-21T12:32:44.470000 CVE-2024-44076,0,0,d8ab474e3e0cd492e411ba495a07543359555360960989541af9d6ad1fd6855e,2024-08-21T12:33:42.487000 CVE-2024-44083,0,0,87d77446f0404849741728544a896c280716acaeea3d28649c66451adb3a186e,2024-08-21T12:35:54.380000 @@ -258725,7 +258739,7 @@ CVE-2024-5014,0,0,a159cfb950f4667dfac650da1dbd95c7b0726154dc655b46619c19dd5e035f CVE-2024-5015,0,0,57e7561ea7b4a22dc47e95fb948c2e633eea845a4a10c36b8de173108bb8285f,2024-08-21T13:37:02.370000 CVE-2024-5016,0,0,99504ccb587052e75d99d9fcbf07f0a52b025e8122dba2c854727d3b50b1c62e,2024-08-21T13:38:32.480000 CVE-2024-5017,0,0,4bf66f9149c1825eb6053785aae4f79372d6014d70aef068fefc59f9d5142f99,2024-08-21T13:40:49.903000 -CVE-2024-5018,0,0,db90f5d428aef62075cfdd54e2cc9e013f4fa27d883078f17d78f927e28812b1,2024-06-26T12:44:29.693000 +CVE-2024-5018,0,1,ae4fae87d25d0ffdabf3f24c5b2aeefbd28a66a0c556c5b46ab6064495fdefe3,2024-08-21T16:00:23.410000 CVE-2024-5019,0,0,208ddc99e1f67b7d6822e7ee095131f1b9c059678d4d2eeb2b2f9eae704845da,2024-08-21T13:43:03.670000 CVE-2024-5021,0,0,38505cbaa011793e28d7950a2ea2daf96aac6ed3db846bcaf517334c4dc7fa50,2024-06-20T12:44:01.637000 CVE-2024-5022,0,0,0ed043d616e9fb9347e4abec6b2a3f19c9cd15ea7715d52174611d64d6e50bde,2024-05-20T13:00:34.807000 @@ -259322,7 +259336,9 @@ CVE-2024-5712,0,0,6fe769ed08d1c07fa399695b2a73ebe92703dd256409ae365a8a0674e8c2dc CVE-2024-5713,0,0,c0a70264e1ea76a973535ad7aa9bd75dbe3a56d9da197243643e4b409d2a1e15,2024-08-01T13:59:58.300000 CVE-2024-5714,0,0,3bed7ab990351d2edaae16abe4fb599113cf539749761008bcee140b1f61ca68,2024-06-27T19:25:12.067000 CVE-2024-5715,0,0,e1e04cb06aeff3910b9cd4da61fdba66eb5c18b86c8c893f8fd4f024cb9da509,2024-08-01T13:59:58.493000 +CVE-2024-5723,1,1,d79b1b24afbab8b654d7ebc0bb25f4fd5ccb17b3911d10f6346c12dc65f0b533,2024-08-21T17:24:59.627000 CVE-2024-5724,0,0,95ee0fa9720ac6888a5767a9230a1f3fdfc5298c3fd17ac1617c2c7bec17d8c1,2024-08-16T20:40:50.620000 +CVE-2024-5725,1,1,0bb113b1fb71936f03030e6063ab083a4565ef8d540201ca95406dbe832962c3,2024-08-21T17:24:59.627000 CVE-2024-5726,0,0,b4cd5dca5a477cdada0b4f3d32b95ed3a167d5579651d0457c156d64e550155f,2024-07-18T12:28:43.707000 CVE-2024-5727,0,0,040bfa497be860fd1871f63cb27032a120406323d19a196c7488cb84bed8cd86,2024-07-03T02:09:13.520000 CVE-2024-5728,0,0,970711b5fa2959720f2da02dc0abb41a56789d3063753f984448aaa0fb048438,2024-07-08T14:19:16.400000 @@ -259350,6 +259366,7 @@ CVE-2024-5757,0,0,5cb8c18a619114307d2634441346064118b79a7aeac4723897e195eaa5132d CVE-2024-5758,0,0,c078716fbf80b259c8ceac06415d3d039d4ef773f8ae701649c6b0b1483ee99e,2024-06-13T21:15:57.543000 CVE-2024-5759,0,0,63cf4f5f11600a3e2abf833e3aff1a738015e39c1ce27037c94f84f83452efea,2024-07-19T18:40:53.863000 CVE-2024-5761,0,0,1fdad964c86313b412878f67fac5999c9a1ea015b844614bc58b000414661a53,2024-06-07T19:15:24.467000 +CVE-2024-5762,1,1,7685db622b0ef316fe47b270e1905d87606eb2d71fbd315bb90522388aafa70f,2024-08-21T17:24:59.627000 CVE-2024-5763,0,0,d5a17677db04dab40e7ba46a3004731b252dfa637f97a1e637824a196a22c6e9,2024-08-20T15:44:20.567000 CVE-2024-5765,0,0,79117abfade54ce3ab13d72bbbbedb2fc58ed3797b29d0ebf953e2abb4b24073,2024-08-01T13:59:59.193000 CVE-2024-5766,0,0,1263d0917882c36f131e194bb6b44630da06ab1a17b9faa93d76c1b934e8029c,2024-06-10T02:52:08.267000 @@ -259479,6 +259496,9 @@ CVE-2024-5924,0,0,4b7e4b611121f550bcb0fd877a4f853b37b9df78f8237b70038811b9cca802 CVE-2024-5925,0,0,e946172587053e70c75c453600b6000de540319095aebb04cea6cd10cd2597bf,2024-06-28T10:27:00.920000 CVE-2024-5926,0,0,c0270df40bf1e286ad8957d3baf72bffff8cfb079896c2cd70dab328142b04f1,2024-07-12T08:15:11.797000 CVE-2024-5927,0,0,1b7b6c83db008ddacf60314208106fd6b62f6e315f688ea9bb13e1efdd6d20e3,2024-06-13T11:15:48.917000 +CVE-2024-5928,1,1,8e96cb1349d05ce42218ec5722a6c8fedfe5b7ea558f0ba73b9d78cf5ff9764b,2024-08-21T17:24:59.627000 +CVE-2024-5929,1,1,b0d1da24c71fba23c3303c17605e904ab46e3ebfdb8608536ce60a3f6f8c124a,2024-08-21T17:24:59.627000 +CVE-2024-5930,1,1,73ee32316144a9b3ec88d84547f2a32a4ae1a786d53fe53103f45358dec30f7f,2024-08-21T17:24:59.627000 CVE-2024-5932,0,0,39314038664af0ba6a59940f14f6f4752329a2f5be1b3f0fdde557c7381d5472,2024-08-20T15:44:20.567000 CVE-2024-5933,0,0,4b5b8ee984dca52e93a5c74fef0bbbf1e4141af006167bcc3f0d3b5bd5eb1afc,2024-08-19T21:07:56.627000 CVE-2024-5934,0,0,16721403d72b0462a70f000841eb683fbbdcd68e0952cf56add7902c00813b6e,2024-06-14T16:15:14.647000 @@ -259640,6 +259660,7 @@ CVE-2024-6134,0,0,c8a0602d6db0f3051b72e96c7e16fe4780a3ce250e242879d4a8baa99538dd CVE-2024-6136,0,0,2425dc33d9a66499cd0e61ed788949ec618401c3fdf6a1fd388e70bf34e3cc7e,2024-08-13T01:18:26.820000 CVE-2024-6138,0,0,fc35836bd5348e7eb9a778e4240c73e0ce52b6c3e53dfd414d6ee066e94e6acd,2024-07-12T16:54:53.997000 CVE-2024-6139,0,0,5132030314b9a0ca48cecf9e1dd593f9b9cec1db256d0c213c6569e108426fbe,2024-06-27T19:25:12.067000 +CVE-2024-6141,1,1,60bae7861d68ff1bc8bd02ee2d76eaed6edd65267cee4671dff7614eee7383ed,2024-08-21T17:24:59.627000 CVE-2024-6142,0,0,b186966dd1e43431007a65ef388b5fc16ca959c5df4a79ac4b3d70a69eba9543,2024-06-20T12:44:01.637000 CVE-2024-6143,0,0,809bcaf623fc8bb8a94d0137b3cba55dd5f1f165d6e316c641180eb9262d20ee,2024-06-20T12:44:01.637000 CVE-2024-6144,0,0,34fdda404a75a4c4d6599bec7541c145a061f61832fb3538fd14d272d1558c83,2024-06-20T12:44:01.637000 @@ -259682,7 +259703,7 @@ CVE-2024-6186,0,0,74f50a83bba6fd9acd5099500e18aafcc6991f5ca85d44a1cd8e6668ee356e CVE-2024-6187,0,0,46a9ddc8bb6bbc4e903f9925f1ffd0840f6c35cdad7ceeddf74058350bff44ed,2024-06-20T19:15:50.553000 CVE-2024-6188,0,0,4625f1b2f464b662fbeded6da9887ec07a27d81c66aeccd1b897d9eab956f4de,2024-06-20T16:15:15.003000 CVE-2024-6189,0,0,2355a57183440873745a58c5ee4255e73d48e3621df08442512d4d5de5154bef,2024-06-25T16:15:25.607000 -CVE-2024-6190,0,1,0d9b6329ee32034191535752143a1d403a57031330b300e1c4402182e9e21794,2024-08-21T14:19:02.380000 +CVE-2024-6190,0,0,0d9b6329ee32034191535752143a1d403a57031330b300e1c4402182e9e21794,2024-08-21T14:19:02.380000 CVE-2024-6191,0,0,97e62f49bbf59d417e17e1c185a719d026dd666b9cea29cbaf2df8f078cf498d,2024-06-20T16:07:50.417000 CVE-2024-6192,0,0,f3fb71ab4261b9f1fe9614be4c3aca69249da1a29d73f44d5548ddecce138315,2024-06-20T18:15:13.337000 CVE-2024-6193,0,0,476b924f51226d24001327f060e7c65bf0fd7643e073512f604e9ac2113d6939,2024-08-01T13:52:16.463000 @@ -259834,9 +259855,9 @@ CVE-2024-6373,0,0,e2b88eb3a63ea5c09c2c5241dee2a7883fb4754c8b06cd4990f2315b546648 CVE-2024-6374,0,0,f94841636056434d281b0adc40f21c7609c1c7ef70c052bfb7795df58f3d067b,2024-06-27T17:11:52.390000 CVE-2024-6375,0,0,2086f7a0dc16d184277c490b35389aec9b32cc5c6b68030b97b503ee789a3958,2024-07-03T14:54:52.427000 CVE-2024-6376,0,0,2eceea6553f0e47a0e34ab01650b7781a20682f6799be39f9cd1e64f3f19856f,2024-07-03T15:04:52.463000 -CVE-2024-6377,0,1,36795e94715b0759fab519379b404f0bb9d727ed78651b40eabbcff0cecc0077,2024-08-21T15:54:23.567000 -CVE-2024-6378,0,1,7454eef210b98e6b1e597d6be8302018d48792f1f9421573a9f7b1dc13ff197f,2024-08-21T15:53:57.750000 -CVE-2024-6379,0,1,ead5cfd964db26ab6e32cf9c111671dcbe91dbfd6e3a9dd5b5ddde35bc3e9c18,2024-08-21T15:52:49.027000 +CVE-2024-6377,0,0,36795e94715b0759fab519379b404f0bb9d727ed78651b40eabbcff0cecc0077,2024-08-21T15:54:23.567000 +CVE-2024-6378,0,0,7454eef210b98e6b1e597d6be8302018d48792f1f9421573a9f7b1dc13ff197f,2024-08-21T15:53:57.750000 +CVE-2024-6379,0,0,ead5cfd964db26ab6e32cf9c111671dcbe91dbfd6e3a9dd5b5ddde35bc3e9c18,2024-08-21T15:52:49.027000 CVE-2024-6381,0,0,2822fb12d769fe1cca32125b45cae52ba3e5807419213b6087c6db8de8d2b326,2024-07-03T12:53:24.977000 CVE-2024-6382,0,0,9f140af24f460b4413fa844f95383cc153754360a136939b8743c2d8327ebf99,2024-07-03T12:53:24.977000 CVE-2024-6383,0,0,4622f4fc90fbde51d6570a14e2ee494e3e71659c68201475e4e4eb659c036ac0,2024-07-05T12:55:51.367000 @@ -259885,7 +259906,7 @@ CVE-2024-6441,0,0,15383e1684ea64dc1d374e71fe60467b8bfc18bde94b0e73415ebe68688c21 CVE-2024-6447,0,0,45fe1e3b45bb9052a54143ac6931092e1b37ff897cd56aa11e3df59780bc06cb,2024-07-11T13:05:54.930000 CVE-2024-6451,0,0,6a9c0fb65fad3a5f99e557f5250ddd026fdc81cb51b281650e16075ca1a8cd9e,2024-08-19T17:35:23.417000 CVE-2024-6452,0,0,c694c1bdf54902e69172121aae2a54d0747cfc16750499c01d3cf3c9c6ef3263,2024-07-03T12:53:24.977000 -CVE-2024-6453,0,1,997e33861988fe67139dbc94cb45099acca0539b377b12d39324c5c718a66e9d,2024-08-21T14:37:10.103000 +CVE-2024-6453,0,0,997e33861988fe67139dbc94cb45099acca0539b377b12d39324c5c718a66e9d,2024-08-21T14:37:10.103000 CVE-2024-6455,0,0,8630ebc1a98e741e91f009e85126d02bca9a8a2c6f3c48f74f4c74c8c868f369,2024-07-19T13:01:44.567000 CVE-2024-6456,0,0,985d91070de732475e9817d5c1cb8157cd7895c8a1c97541c28eeac31792dc6e,2024-08-19T13:00:23.117000 CVE-2024-6457,0,0,2021b397e47ab38cda013de2c201fe3ea53b49570246fbb65269f60be90e5ab4,2024-07-16T13:43:58.773000 @@ -260070,9 +260091,9 @@ CVE-2024-6729,0,0,bcb767224deb16bf2afeb05fe1225bef68f4362bc8d1b39fa14ddbd884997e CVE-2024-6730,0,0,ef30d2eb7f24b640da190afcbc16e385d73ab8dd33302ee9e560c4fd64a066a0,2024-07-15T13:00:34.853000 CVE-2024-6731,0,0,c1f0bd3c11a2c8c6e666a080ff8caef145c9222128333d693bdc36ce4aafa4b2,2024-08-19T13:27:46.773000 CVE-2024-6732,0,0,4b564e3077773ce9465e3e7f1c3de207d911b9bdb780e0e7ab4cd3d37dda245b,2024-08-19T13:30:45.700000 -CVE-2024-6733,0,0,1b04f2a709cdab12e496472fe8c4597be3b3870fbebfd571deb5174547921171,2024-07-15T13:00:34.853000 -CVE-2024-6734,0,0,0a4d5157f965a1beb7690dae2ab7ddd7e581de25c672768a22ec0cb6f90751f1,2024-07-15T13:00:34.853000 -CVE-2024-6735,0,0,059e185c563aef15f572ef487105ca72ddd015a4f1b263acddae12242bbda14e,2024-07-15T13:00:34.853000 +CVE-2024-6733,0,1,2c6af872f9b8e7fd5b566f1882ba0aab1c7fe087e89241fd4a5514342919d09e,2024-08-21T17:00:32.243000 +CVE-2024-6734,0,1,99b6c404dde349127fbc4e3a9bddf4648a2734ed6897dbd445a2358ddaf7af89,2024-08-21T17:00:52.007000 +CVE-2024-6735,0,1,9ef87cfa7be3ed557a324eb8235c9371d645f72e1b23bc285d329ecd8e5d2258,2024-08-21T17:01:02.657000 CVE-2024-6736,0,0,cd891724cf60acf44adb2041fa0a22fbd65fd30182ae6730eef9f5f95cf8b475,2024-07-15T13:00:34.853000 CVE-2024-6737,0,0,8702e57b452a150308d6299787708abc780fef0e416c70970908b3d0d87bc73f,2024-07-16T14:06:09.530000 CVE-2024-6738,0,0,3a61a9d0dff57bd9a24abf3ccb065f63726018d20fe8e9197bc7bc11863de922,2024-07-16T14:06:27.810000 @@ -260126,6 +260147,10 @@ CVE-2024-6805,0,0,df9c24152184824aaec79a13a2bf3e8af4b412b0a659321142aa5850936d97 CVE-2024-6806,0,0,ee5c95118c41ce11e7d4b52c5bbead77dffa73ecabb9abea55db46ee557c211f,2024-07-24T12:55:13.223000 CVE-2024-6807,0,0,e4d3dc581aa656108086542a60085fb674561ed6b78bc58e0e899b44edae1d40,2024-08-06T11:16:07.450000 CVE-2024-6808,0,0,2df5a702fa4af6687f0c8dc8e100812ff9b6b346801edb239f41e0ca638c0076,2024-07-19T15:04:43.837000 +CVE-2024-6811,1,1,fcb69062318962c7f29c346967edc4eb346df61c05dace675d77661f13d3ec68,2024-08-21T17:25:08.560000 +CVE-2024-6812,1,1,c41f54f4372a4b179105459f6c49696d7184de4b816295370f5ab8028207d0e1,2024-08-21T17:25:08.560000 +CVE-2024-6813,1,1,6a21a5d43037bfd5d84ad70a83159aae7019b35c5a800088a530166c72802e27,2024-08-21T17:25:08.560000 +CVE-2024-6814,1,1,036c0b46f25187b9181e8a78842498f582eb75e5fcb228478713dbfcd9caea2d,2024-08-21T17:25:08.560000 CVE-2024-6823,0,0,1e2d1c8757819689d6550f5aeeb754dc03b20b4dd91487b47d8b2bbdb01a8e63,2024-08-13T12:58:25.437000 CVE-2024-6824,0,0,2b5b10cc415939a34f32e5b37be54f877a179f9144de8a5e8476b884ab80faa8,2024-08-08T13:04:18.753000 CVE-2024-6828,0,0,5e3bce0050be5ef41f841daf735b80af46e729368278d26d6a7ddc5bbbdee66f,2024-07-24T12:55:13.223000 @@ -260133,7 +260158,7 @@ CVE-2024-6830,0,0,66325e33317c6fde8b929b285667c5104c4ae04492532b5067560968ff36e7 CVE-2024-6833,0,0,b0ea48d29166f6347ac218b4f9f93d3f7fc599fd932b64c35cfa55e5a1a94672,2024-07-18T12:28:43.707000 CVE-2024-6834,0,0,23e85f57c9b7230818a4425261a24fd150d79ea72676d6bce04d47efdd69630e,2024-08-01T14:00:44.750000 CVE-2024-6836,0,0,94c1bcaa18f7036265464de8eba36ccdaae9b63d5d20f60a8cc42904bb485160,2024-07-29T20:20:30.867000 -CVE-2024-6843,0,1,aec077e7d49dac8e1cb0382a7568b4a4d58cd66583979c6d1347903e4ac17bee,2024-08-21T15:35:12.407000 +CVE-2024-6843,0,0,aec077e7d49dac8e1cb0382a7568b4a4d58cd66583979c6d1347903e4ac17bee,2024-08-21T15:35:12.407000 CVE-2024-6847,0,0,3aed5f2ad75c2a50eaefca5c72002315f9d747456f8615efa188f54be39bf54d,2024-08-20T19:35:15.040000 CVE-2024-6848,0,0,e171c12c58967922126feefb09977b436bb9e206684562a37899ca6ed3e35d20,2024-07-22T13:00:31.330000 CVE-2024-6864,0,0,25a84b435d49ce11c1c73a942909d4d326ce5027935626546ef4f0b2e3fcaea1,2024-08-20T15:44:20.567000 @@ -260155,7 +260180,7 @@ CVE-2024-6895,0,0,ba732cd0d0196677d9fba02b4344054d4844d09e5d174114e4dcf4446ecf92 CVE-2024-6896,0,0,5408a7e80aa3e88cd45cfede99bb9ef131493e304d3dbf46fdd9905f82d27439,2024-08-08T20:06:25.957000 CVE-2024-6897,0,0,0bc0c3c85d38c464186c16b9bc40451a421eb7b428d66cf1c3a2509fdf188e66,2024-07-29T14:12:08.783000 CVE-2024-6898,0,0,98dae2dc951da0c9f1ac4e695a7ad38573b2abb15f5508f51642ed9635c194c6,2024-07-19T13:01:44.567000 -CVE-2024-6899,0,0,397359020457c655f416abd05bdc982e2cbc9cd703cb46d21be66b71a5df8e91,2024-07-19T13:01:44.567000 +CVE-2024-6899,0,1,0e1303a05eac5f64f40b636b733340591f6500aece8697f82e69b185e523484a,2024-08-21T17:30:03.590000 CVE-2024-6900,0,0,e500188038c3ea14b8e23eb8bbafe809d907d6d44fb62c1134048b209905575c,2024-07-24T16:55:06.977000 CVE-2024-6901,0,0,5b35468e95067e893aef6f3b2a5c35230a71dda604aa4246e174e6067847a2c6,2024-07-24T16:55:57.230000 CVE-2024-6902,0,0,9b85a01f5de4fc5c3a3410cfeacfa5e7187e00590b2e96e858dd024e26f3a385,2024-07-24T16:55:37.197000 @@ -260195,13 +260220,13 @@ CVE-2024-6948,0,0,0b9fbb236c6e3f5ea21d1e35e20ae66f7f191a5cc171b7ef9247f18011e040 CVE-2024-6949,0,0,50fb9ada1c84c7692d0a258888bcfbeb043b4a29416a40cdc9f5aa2aa0edc74b,2024-07-22T13:00:31.330000 CVE-2024-6950,0,0,eef15633338af4a4d46f21c9ea1976ad7775894e17137260e2d107902fc3b3ff,2024-07-22T13:00:31.330000 CVE-2024-6951,0,0,ebbc0494a46d3e9d3d9e38f19f55f076805f950ade9957285c0b9a9903fc46f8,2024-08-14T16:34:39.177000 -CVE-2024-6952,0,0,fd0955184516d3fda15875a83b08a5a7df17aad86e1f851f922882248eb667e4,2024-07-22T13:00:31.330000 -CVE-2024-6953,0,0,32cde8331a759b445dde12d21d125b1536b493a591a751d80dde8b88c30d727f,2024-07-22T13:00:31.330000 -CVE-2024-6954,0,0,4a234ec1cdc20f325be4218db70056c3d70792051c40a4f477947b7b8199ca0a,2024-07-22T13:00:31.330000 -CVE-2024-6955,0,0,0b1b3d7125ba92b7c7fa833d1f473c2bcf93a3c8723502bdd9126db905c01576,2024-07-22T13:00:31.330000 -CVE-2024-6956,0,0,fd2eed4cc7cc56c9b0460db86c72f53296d90b0cdc060d51fc693b0e21b09d59,2024-07-22T13:00:31.330000 -CVE-2024-6957,0,0,eab06eb50ba1a79ed89e7a9d47e3c97ce725862e5f05dfacb308e4b224a0f8f3,2024-07-22T13:00:31.330000 -CVE-2024-6958,0,0,f80497b067f059cb3b0c2c2bd787df3e8dc58dc7b9b9069576dd9ba33732bb61,2024-07-22T13:00:31.330000 +CVE-2024-6952,0,1,918977008643369bfcea6db43d9f8d1eb39335c72e76787e42816cbd089da27d,2024-08-21T17:41:15.617000 +CVE-2024-6953,0,1,291eaa6525a2e87766f77633de5130202f5fd8fb4ed44f4af0f0f2dc212bc23a,2024-08-21T17:40:06.063000 +CVE-2024-6954,0,1,c06d03a87a212d68531c7c73c484227f56949bfb0d1b91e3dc55b0bff86a2313,2024-08-21T17:38:34.087000 +CVE-2024-6955,0,1,a26f625ecf124adff42bb43bc9f1e0c8d32b78d7fbf99f165aa453f32a4235a7,2024-08-21T17:37:00.700000 +CVE-2024-6956,0,1,402b3b90bc0ef6eea6fea2da2c73e896560064f50f2a4d52cad793cf96bb3277,2024-08-21T17:35:59.550000 +CVE-2024-6957,0,1,b4f44e4de7831c46c7995591b032592b6aa63f3442f007561464731699c5213c,2024-08-21T17:33:42.753000 +CVE-2024-6958,0,1,815ebcc0d5fc84aab6c67001f06fe76ce9152d116a343e60ea5524ee95f4434e,2024-08-21T17:42:29.697000 CVE-2024-6960,0,0,932ef4036cbd886ee22297597ffd985e884d3c0cad50613ff0bd32ecdcd39a17,2024-08-01T14:00:50.973000 CVE-2024-6961,0,0,c26f41db6b5c6e22104567980ea901ebcdc3d0c6ac8c59905ee37ac020ae3afe,2024-08-01T14:00:51.710000 CVE-2024-6962,0,0,b8054e2d59ceccdcd4628c1dbc900d3f0c22ab58e2eaf33700d9d63f648dd237,2024-07-25T15:47:18.363000 @@ -260503,6 +260528,7 @@ CVE-2024-7443,0,0,6fd967d6e919ba4fd37dfeb9ebba86f65e44a71c337f483ada629ef6535926 CVE-2024-7444,0,0,ca3d64055e225d6b5e8eee0e0444f0cb79935fb72609b2a9f4d68e4b74c3192c,2024-08-20T19:56:15.850000 CVE-2024-7445,0,0,cfdc75d4fec77cd886589c658aa3dd464f31452c81f68546e40e8c22e50a8eed,2024-08-09T15:36:06.757000 CVE-2024-7446,0,0,e26be21c8dbcfe67dfe123a70d3d827309d2b8d2fde731242ee6ec383c477df8,2024-08-09T15:36:35.453000 +CVE-2024-7448,1,1,ae9849032eac16c236c4781468f5868682dc2760c8d4f5d5b735d0acf907ec20,2024-08-21T17:24:59.627000 CVE-2024-7449,0,0,31b14531757b0311680dadfa626760cb5034a4ff48ce18c613a332462c638a89,2024-08-20T19:49:11.947000 CVE-2024-7450,0,0,f36a88ecb7cf7b37b6090837acfb29fe52cc382469b7cf045e11a727c85c93f7,2024-08-09T15:33:58.153000 CVE-2024-7451,0,0,6c3c74a805aba0686ff087a4aeedf52269a2704aceeaba8fd15f2602a7b0b5b8,2024-08-09T15:33:56.027000 @@ -260603,6 +260629,11 @@ CVE-2024-7589,0,0,aa1647eb6c306ec7b876b5795f9775a883f5cc7b06ae7ba418ac0c8e496652 CVE-2024-7590,0,0,7c97d5aae327ca695e1cd419af58bc8aaacb7517411055405e5e64d98b0261a2,2024-08-13T12:58:25.437000 CVE-2024-7592,0,0,8fcc04f54e061bfd6e46ae198ccc83c91032e0aab9065b8f437b9e9535665aed,2024-08-20T16:02:16.280000 CVE-2024-7593,0,0,2efb8857fe8e314338e0788060f0e22f0d56642d5618c3e3d62e70b5e7e24bac,2024-08-14T02:07:05.410000 +CVE-2024-7600,1,1,df9ea5382ae76eaa07d2038f3c1a261b5dab3a8d51edba8a1615dd75b8a7ae86,2024-08-21T17:25:08.560000 +CVE-2024-7601,1,1,0cd0cc3e9b592f69c60fa9525e9b4044ea678650dac96bf878bb0bc12d18b5f7,2024-08-21T17:25:08.560000 +CVE-2024-7602,1,1,681670da0d5ea368276c458bfd335dc84142a379f35cd9d1072e79c0c0968dd3,2024-08-21T17:25:08.560000 +CVE-2024-7603,1,1,ee75ca73d9ff000a521d60dd2bd96d940a61dcfaa024b75a8d0f0f33bb52d71c,2024-08-21T17:25:08.560000 +CVE-2024-7604,1,1,58eb9c041603c3622120dc34dbfc5b0275d32c68e3480a84279fede21b10ec78,2024-08-21T17:24:59.627000 CVE-2024-7610,0,0,a10689bea1d0fbdec4f1b8819e74182773158d5010cb9fbea2ce46532922c645,2024-08-08T13:04:18.753000 CVE-2024-7613,0,0,06e5e4cabe0ef18122aca52d435df5e080447fe62b8094db57d734d45448c36d,2024-08-12T13:41:36.517000 CVE-2024-7614,0,0,54eddeca8e1c6b6ecc667c92d7e5534bf70f527d9e0326937623565b4f96285b,2024-08-12T13:41:36.517000 @@ -260667,6 +260698,10 @@ CVE-2024-7707,0,0,38947b3991050cbcb34490d84db5d3d8182daacb8ab1c53d2e724892f18e8f CVE-2024-7709,0,0,885c8ab670bc9137207c7147a93dbb83f228a878ced7f9e3351a8e82272eda87,2024-08-17T10:15:10.957000 CVE-2024-7711,0,0,d162b2aa52f460525a4de3c665dffbe11ff5ad157026981df71b9201129fde70,2024-08-21T12:30:33.697000 CVE-2024-7715,0,0,cce2a99e52ea07f4f42d2501434c3e0483cd57d931341a557261d628f3236d39,2024-08-15T15:15:22.690000 +CVE-2024-7722,1,1,ed589b436121ac9a3fcd90fc85c4083056988d4210c0a21437bc5f095ecc7e14,2024-08-21T17:24:59.627000 +CVE-2024-7723,1,1,f8418822989427c5ec1502a344654c7e86d8c9bf23bba85bb56e5246084c028f,2024-08-21T17:24:59.627000 +CVE-2024-7724,1,1,2140d53b1531a123a76a6a3dc8b0dd231e5c8087b65471a97b5981e4adc89652,2024-08-21T17:24:59.627000 +CVE-2024-7725,1,1,d259c6d5729bf44a1338f2a16127fec02c9b65e8cb1e5bc73a0892db20205863,2024-08-21T17:24:59.627000 CVE-2024-7728,0,0,c0ed30007f00488b5c62db3cfd8f859193059df346d1ebce1c04c936068d2a21,2024-08-14T13:00:37.107000 CVE-2024-7729,0,0,b303d5d4be15b474d481a2bd874b63765444e7a77fd0332a4aa454ee055ae189,2024-08-14T13:00:37.107000 CVE-2024-7731,0,0,4a861aabf412f4b5069dda19ca66661f2d33b6edc7ffa683ebdfa08ec3de8567,2024-08-14T13:00:37.107000 @@ -260695,6 +260730,7 @@ CVE-2024-7790,0,0,456afed422d8355372643bd567f11679217bfde5ad866de9b559c62284a4c7 CVE-2024-7792,0,0,780efb1d4f2f4b2b409fe743d3f22e99dbfd1dd19ca4b6135b1d10d208fddc9f,2024-08-20T19:08:12.970000 CVE-2024-7793,0,0,bb4d13faa2c61a286b24cee75d87f2b6ca9a8400f7f1f86af9de88e306f04a14,2024-08-19T16:25:22.220000 CVE-2024-7794,0,0,518887acdec1d096ed1811f068ac701594939d9da7ca16210cb9fbd6cafa8631,2024-08-19T16:27:08.303000 +CVE-2024-7795,1,1,73ce209254878b5c3098ccd867b236fd49d4addfc3fae20ed136f1d0f4a7a1ff,2024-08-21T17:24:59.627000 CVE-2024-7797,0,0,3430cadba65aedfbf772af49a9e572a3ca306c1e3cba3762823768d5585ee5fe,2024-08-19T16:28:23.557000 CVE-2024-7798,0,0,fb236dc26edd7cd7b8d8ddc705b6042a9a0956f84b8af7a488e63270aae0e9d8,2024-08-19T16:42:32.480000 CVE-2024-7799,0,0,00b687245dbb834ce768a34773e6d247f116248fb1170e2cff00e71dda4a9f73,2024-08-19T16:47:37.860000 @@ -260716,10 +260752,10 @@ CVE-2024-7832,0,0,d4a13ef09d831987125a8ecb9cb6f57fc4d78d65bea0a84d0e17ca92ee69e7 CVE-2024-7833,0,0,b984e9fbf1df09267f07d264c50d0ef7583d91d54c2e1f8dd098a2d9fc6334c8,2024-08-19T16:00:21.393000 CVE-2024-7838,0,0,27df02a5cc65e831a93d364f5957ee1462f1aebc7844c7c31edfb410cb0a1545,2024-08-20T19:16:59.373000 CVE-2024-7839,0,0,188e96c2e6da74526fb5bd6714aa4962487dce47bff2bfe2c2ee9934d7c43ce6,2024-08-19T21:18:14.097000 -CVE-2024-7841,0,1,30d01d8bbe3d144bba2b7827240fa327034b88590168a3760f5fd6645e24392a,2024-08-21T14:12:12.943000 -CVE-2024-7842,0,1,6f597ddda6138d9acc81d07fc2eafe7775fb8cb17d6e8df28c226b7f95417689,2024-08-21T14:13:38.923000 -CVE-2024-7843,0,1,1916845a00ac6d864acb448c0fe39fd74d4023a097dc2d81074d929455ca1839,2024-08-21T14:13:11.157000 -CVE-2024-7844,0,1,b930ca741640f5c7b3b0ce1c61bb7f4e94c485b2638d8e79f4794845e86ce235,2024-08-21T14:12:43.497000 +CVE-2024-7841,0,0,30d01d8bbe3d144bba2b7827240fa327034b88590168a3760f5fd6645e24392a,2024-08-21T14:12:12.943000 +CVE-2024-7842,0,0,6f597ddda6138d9acc81d07fc2eafe7775fb8cb17d6e8df28c226b7f95417689,2024-08-21T14:13:38.923000 +CVE-2024-7843,0,0,1916845a00ac6d864acb448c0fe39fd74d4023a097dc2d81074d929455ca1839,2024-08-21T14:13:11.157000 +CVE-2024-7844,0,0,b930ca741640f5c7b3b0ce1c61bb7f4e94c485b2638d8e79f4794845e86ce235,2024-08-21T14:12:43.497000 CVE-2024-7845,0,0,a27541ca47acd484f46c609f3698b7013802437eb8a6a96b9ef6a93b64b0256f,2024-08-19T13:00:23.117000 CVE-2024-7849,0,0,e63d24df06d5f4555672e0892a25c4e5c95ca031f7861c25398c177add1bd8f5,2024-08-19T13:00:23.117000 CVE-2024-7850,0,0,eac62d06d40978b154610fb0b8829f684d203615f4f5ebfcbc586877034ad096,2024-08-20T15:44:20.567000 @@ -260730,7 +260766,7 @@ CVE-2024-7854,0,0,c7d42abb2b322c04201a8af34648ccfdb0ede7da24776e4c0b3ca238a25bf3 CVE-2024-7866,0,0,4c0cb0c858c0ff2de3d3bc9c6187348080bb51d5934bb16167513e626d441be5,2024-08-20T19:23:02.780000 CVE-2024-7867,0,0,6a317fb9db8a508202f8841173e6c3d2bd77edc707a891aff0fcaf7f472e0f1b,2024-08-19T13:00:23.117000 CVE-2024-7868,0,0,426aac72107d4f020c4b4c2ec1e49b6873953f44556989351b1605a1e98035d8,2024-08-19T13:00:23.117000 -CVE-2024-7885,1,1,9c4c9f4215f189b2640edfedd9937b98419f45d8668e05720ec3dbe19515577f,2024-08-21T14:15:09.500000 +CVE-2024-7885,0,1,d4e86ffa8f6c41db8fd62899fcadef82a76f3f1405a536b574424e08695e6cf7,2024-08-21T16:06:23.153000 CVE-2024-7886,0,0,b8c1f856b8479c6982faa8a2fc4a6d8b2480e045b8b096d9bd3b8640a06eb6f3,2024-08-19T13:00:23.117000 CVE-2024-7887,0,0,ba2ac28c88e5c856e9fa78c00b11f37e0df98a3508bf609dc9edbaa04a8fdb8e,2024-08-19T12:59:59.177000 CVE-2024-7896,0,0,d80047a3d1d6cdcff2bc1adb680d3fdbda8db4b01c807c4a42d25c13d72803dc,2024-08-19T17:15:11.543000 @@ -260763,9 +260799,9 @@ CVE-2024-7925,0,0,34a7774a8c3accfc943090e80e03d9858b71da046812c3f4a53477aade0cc1 CVE-2024-7926,0,0,96fa4895d6c7573e91e2a98dde52944f42d7ba88cdd8d8bade11bc21ef00bfee,2024-08-20T15:44:20.567000 CVE-2024-7927,0,0,4a78d5081726f9d44b080fe7d011b0c0d4fe7d0db089023fb075b65099c4303f,2024-08-20T15:44:20.567000 CVE-2024-7928,0,0,671a039a8258001c6ef11e23ca79fcb6be7f38f136ccb6e85345eff1e57a6325,2024-08-20T15:44:20.567000 -CVE-2024-7929,0,1,a805877edcd3cdd34f9befcb94d499b15f392a2db9c65471420306feafc6b5f3,2024-08-21T14:10:01.937000 -CVE-2024-7930,0,1,100658e5f06d4675f601c6d01184159576ab92141783db14fc9e9c2655e99e3e,2024-08-21T14:09:28.830000 -CVE-2024-7931,0,1,863f45f588d3a95c5820542bfd54aa0c5198b18b9403ddeaa589881d711878b9,2024-08-21T14:08:54.820000 +CVE-2024-7929,0,0,a805877edcd3cdd34f9befcb94d499b15f392a2db9c65471420306feafc6b5f3,2024-08-21T14:10:01.937000 +CVE-2024-7930,0,0,100658e5f06d4675f601c6d01184159576ab92141783db14fc9e9c2655e99e3e,2024-08-21T14:09:28.830000 +CVE-2024-7931,0,0,863f45f588d3a95c5820542bfd54aa0c5198b18b9403ddeaa589881d711878b9,2024-08-21T14:08:54.820000 CVE-2024-7933,0,0,bd97967bf86da61714b16426b6353963e9607e818bdfc7d66fbd25bec1050a41,2024-08-20T15:44:20.567000 CVE-2024-7934,0,0,0de99fdaf90b3723f8cc449fcce42a661448535d6c50386a3d2b0fbb725b1702,2024-08-20T15:44:20.567000 CVE-2024-7935,0,0,574989ecf9a77b96f4e243d212e206ad1b2f7cf3109f812bd999eaafc2581a98,2024-08-20T15:44:20.567000 @@ -260773,16 +260809,16 @@ CVE-2024-7936,0,0,cf4365fe1d0752346fd362041feab4848729c5ce67cb542c05b95010d5242c CVE-2024-7937,0,0,bfd626110b4738097d3eecc17d410635b5492a7f6c8b4af76523530d264a7d87,2024-08-20T15:44:20.567000 CVE-2024-7942,0,0,5b31cb5e8458774e5fec47eb01ab09f3b7e76a9f352de27f599173dde8e64b06,2024-08-20T15:44:20.567000 CVE-2024-7943,0,0,84fd281936993964831a8456f79f6df290184647869e7054aff52b4493acaea1,2024-08-20T15:44:20.567000 -CVE-2024-7944,0,1,746f5ab96ce75fa2f3ceb934a195b4543f73936672a5c19d615f70b88c853fd7,2024-08-21T15:24:44.280000 -CVE-2024-7945,0,1,d2428ee2dcd967452089d140ce94a2be4092f314afe3e103f6f27860690dc84d,2024-08-21T15:25:35.197000 +CVE-2024-7944,0,0,746f5ab96ce75fa2f3ceb934a195b4543f73936672a5c19d615f70b88c853fd7,2024-08-21T15:24:44.280000 +CVE-2024-7945,0,0,d2428ee2dcd967452089d140ce94a2be4092f314afe3e103f6f27860690dc84d,2024-08-21T15:25:35.197000 CVE-2024-7946,0,0,55b44492c55caac843a1ad836ee11f9cccc3723d88087e17cb61194f5c694743,2024-08-21T13:55:24.780000 CVE-2024-7947,0,0,65fb4d7d58134ef9bc023552b764ff03308d80cb6ca6d1287d9d812240a193e5,2024-08-21T13:53:38.750000 CVE-2024-7948,0,0,10e56bd82889acf527e731295a76df26abf6e1bd128042058528282707ce870d,2024-08-21T13:52:38.057000 CVE-2024-7949,0,0,a0f87c25225f514b77e6885828a01bd09830515b5f3d810f59da2bdb40fb721c,2024-08-21T13:51:13.580000 CVE-2024-7958,0,0,483ea949f242fd0880547068782264d397026329e525a14dcbacca7c22e7bcec,2024-08-19T20:15:08.907000 CVE-2024-7998,0,0,8aa3505a1b6ed462573d7b65c55c5633ff88a81168885ae03bec6b1db69a2167,2024-08-21T12:30:33.697000 -CVE-2024-8003,0,1,1eb6cc8bd16248d54ed281136e233da0a723cb74879af6e3337c9532a3caf8e1,2024-08-21T15:51:28.397000 -CVE-2024-8005,0,1,c059370cb975aea915e5671e32cb80d879151797480dbd5423b1593aeba96675,2024-08-21T15:49:59.470000 -CVE-2024-8007,1,1,9ff12ae2fe96477c378ce8e6c735621d9b73cb935f06ebef3ca1558c8faf5ecf,2024-08-21T14:15:09.753000 +CVE-2024-8003,0,0,1eb6cc8bd16248d54ed281136e233da0a723cb74879af6e3337c9532a3caf8e1,2024-08-21T15:51:28.397000 +CVE-2024-8005,0,0,c059370cb975aea915e5671e32cb80d879151797480dbd5423b1593aeba96675,2024-08-21T15:49:59.470000 +CVE-2024-8007,0,1,d227b03f895ef761f269cb1491d7d5722db05e40b51b1467b77f2f84ee5beceb,2024-08-21T16:06:23.153000 CVE-2024-8022,0,0,469d074c70ed4d6e1b7ca7023005d3bb3e3f23419b5a39b3540fd69e34fadcaa,2024-08-21T12:30:33.697000 CVE-2024-8023,0,0,7f1c10536d9d4e1a728f09b10c1ff35f77d0bba503a7c61c411fbfd5f6584d46,2024-08-21T12:30:33.697000