From efa9fcace55e9dc41d3418b40efd90a896fb7780 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 13 Dec 2024 13:03:37 +0000 Subject: [PATCH] Auto-Update: 2024-12-13T13:00:14.297263+00:00 --- CVE-2021/CVE-2021-320xx/CVE-2021-32007.json | 56 +++++++++++ CVE-2024/CVE-2024-118xx/CVE-2024-11827.json | 64 +++++++++++++ CVE-2024/CVE-2024-215xx/CVE-2024-21576.json | 100 ++++++++++++++++++++ CVE-2024/CVE-2024-215xx/CVE-2024-21577.json | 100 ++++++++++++++++++++ CVE-2024/CVE-2024-217xx/CVE-2024-21726.json | 6 +- CVE-2024/CVE-2024-520xx/CVE-2024-52058.json | 78 +++++++++++++++ CVE-2024/CVE-2024-520xx/CVE-2024-52059.json | 78 +++++++++++++++ CVE-2024/CVE-2024-520xx/CVE-2024-52060.json | 78 +++++++++++++++ CVE-2024/CVE-2024-520xx/CVE-2024-52061.json | 78 +++++++++++++++ CVE-2024/CVE-2024-520xx/CVE-2024-52062.json | 78 +++++++++++++++ CVE-2024/CVE-2024-520xx/CVE-2024-52063.json | 78 +++++++++++++++ CVE-2024/CVE-2024-520xx/CVE-2024-52064.json | 78 +++++++++++++++ CVE-2024/CVE-2024-520xx/CVE-2024-52065.json | 78 +++++++++++++++ CVE-2024/CVE-2024-520xx/CVE-2024-52066.json | 78 +++++++++++++++ CVE-2024/CVE-2024-96xx/CVE-2024-9608.json | 60 ++++++++++++ README.md | 41 ++++---- _state.csv | 48 ++++++---- 17 files changed, 1138 insertions(+), 39 deletions(-) create mode 100644 CVE-2021/CVE-2021-320xx/CVE-2021-32007.json create mode 100644 CVE-2024/CVE-2024-118xx/CVE-2024-11827.json create mode 100644 CVE-2024/CVE-2024-215xx/CVE-2024-21576.json create mode 100644 CVE-2024/CVE-2024-215xx/CVE-2024-21577.json create mode 100644 CVE-2024/CVE-2024-520xx/CVE-2024-52058.json create mode 100644 CVE-2024/CVE-2024-520xx/CVE-2024-52059.json create mode 100644 CVE-2024/CVE-2024-520xx/CVE-2024-52060.json create mode 100644 CVE-2024/CVE-2024-520xx/CVE-2024-52061.json create mode 100644 CVE-2024/CVE-2024-520xx/CVE-2024-52062.json create mode 100644 CVE-2024/CVE-2024-520xx/CVE-2024-52063.json create mode 100644 CVE-2024/CVE-2024-520xx/CVE-2024-52064.json create mode 100644 CVE-2024/CVE-2024-520xx/CVE-2024-52065.json create mode 100644 CVE-2024/CVE-2024-520xx/CVE-2024-52066.json create mode 100644 CVE-2024/CVE-2024-96xx/CVE-2024-9608.json diff --git a/CVE-2021/CVE-2021-320xx/CVE-2021-32007.json b/CVE-2021/CVE-2021-320xx/CVE-2021-32007.json new file mode 100644 index 00000000000..43e242344f7 --- /dev/null +++ b/CVE-2021/CVE-2021-320xx/CVE-2021-32007.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2021-32007", + "sourceIdentifier": "VulnerabilityReporting@secomea.com", + "published": "2024-12-13T11:15:06.060", + "lastModified": "2024-12-13T11:15:06.060", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "This issue affects:\nSecomea GateManager\nVersion 9.5 and all prior versions.\nProtection Mechanism Failure vulnerability in web server of Secomea GateManager to potentially leak information to remote servers." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "VulnerabilityReporting@secomea.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "VulnerabilityReporting@secomea.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://www.secomea.com/support/cybersecurity-advisory/", + "source": "VulnerabilityReporting@secomea.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-118xx/CVE-2024-11827.json b/CVE-2024/CVE-2024-118xx/CVE-2024-11827.json new file mode 100644 index 00000000000..c8cd37e3d57 --- /dev/null +++ b/CVE-2024/CVE-2024-118xx/CVE-2024-11827.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-11827", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-12-13T12:15:19.050", + "lastModified": "2024-12-13T12:15:19.050", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Out of the Block: OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ootb_query shortcode in all versions up to, and including, 2.8.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/ootb-openstreetmap/tags/2.8.3/includes/classes/Query.php#L283", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/ootb-openstreetmap/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c67c958e-1ab2-498c-b665-73e239d0029b?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-215xx/CVE-2024-21576.json b/CVE-2024/CVE-2024-215xx/CVE-2024-21576.json new file mode 100644 index 00000000000..32c31504a64 --- /dev/null +++ b/CVE-2024/CVE-2024-215xx/CVE-2024-21576.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2024-21576", + "sourceIdentifier": "report@snyk.io", + "published": "2024-12-13T12:15:19.753", + "lastModified": "2024-12-13T12:15:19.753", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "ComfyUI-Bmad-Nodes is vulnerable to Code Injection. The issue stems from a validation bypass in the BuildColorRangeHSVAdvanced, FilterContour and FindContour custom nodes. In the entrypoint function to each node, there\u2019s a call to eval which can be triggered by generating a workflow that injects a crafted string into the node. This can result in executing arbitrary code on the server." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "report@snyk.io", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 10.0, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "HIGH", + "subsequentSystemIntegrity": "HIGH", + "subsequentSystemAvailability": "HIGH", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "report@snyk.io", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 10.0, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "report@snyk.io", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/bmad4ever/comfyui_bmad_nodes/blob/392af9490cbadf32a1fe92ff820ebabe88c51ee8/cv_nodes.py#L1814", + "source": "report@snyk.io" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-215xx/CVE-2024-21577.json b/CVE-2024/CVE-2024-215xx/CVE-2024-21577.json new file mode 100644 index 00000000000..c0935b645a2 --- /dev/null +++ b/CVE-2024/CVE-2024-215xx/CVE-2024-21577.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2024-21577", + "sourceIdentifier": "report@snyk.io", + "published": "2024-12-13T12:15:19.910", + "lastModified": "2024-12-13T12:15:19.910", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "ComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionEval node contains an eval() in its entrypoint function that accepts arbitrary user-controlled data. A user can create a workflow that results in executing arbitrary code on the server." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "report@snyk.io", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 10.0, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "HIGH", + "subsequentSystemIntegrity": "HIGH", + "subsequentSystemAvailability": "HIGH", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "report@snyk.io", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 10.0, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "report@snyk.io", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/hay86/ComfyUI_AceNodes/blob/5ba01db8a3b7afb8e4aecfaa48823ddeb132bbbb/nodes.py#L1193", + "source": "report@snyk.io" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-217xx/CVE-2024-21726.json b/CVE-2024/CVE-2024-217xx/CVE-2024-21726.json index 8952aefbfbd..482c85c60d8 100644 --- a/CVE-2024/CVE-2024-217xx/CVE-2024-21726.json +++ b/CVE-2024/CVE-2024-217xx/CVE-2024-21726.json @@ -2,7 +2,7 @@ "id": "CVE-2024-21726", "sourceIdentifier": "security@joomla.org", "published": "2024-02-29T01:44:03.897", - "lastModified": "2024-11-21T08:54:52.860", + "lastModified": "2024-12-13T11:15:07.320", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -56,6 +56,10 @@ "url": "https://developer.joomla.org/security-centre/929-20240205-core-inadequate-content-filtering-within-the-filter-code.html", "source": "security@joomla.org" }, + { + "url": "https://www.sonarsource.com/blog/joomla-multiple-xss-vulnerabilities/", + "source": "security@joomla.org" + }, { "url": "https://developer.joomla.org/security-centre/929-20240205-core-inadequate-content-filtering-within-the-filter-code.html", "source": "af854a3a-2127-422b-91ae-364da2661108" diff --git a/CVE-2024/CVE-2024-520xx/CVE-2024-52058.json b/CVE-2024/CVE-2024-520xx/CVE-2024-52058.json new file mode 100644 index 00000000000..1f562477219 --- /dev/null +++ b/CVE-2024/CVE-2024-520xx/CVE-2024-52058.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-52058", + "sourceIdentifier": "3f572a00-62e2-4423-959a-7ea25eff1638", + "published": "2024-12-13T11:15:07.900", + "lastModified": "2024-12-13T11:15:07.900", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in RTI Connext Professional (System Designer) allows OS Command Injection.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.19." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.rti.com/vulnerabilities/#cve-2024-52058", + "source": "3f572a00-62e2-4423-959a-7ea25eff1638" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-520xx/CVE-2024-52059.json b/CVE-2024/CVE-2024-520xx/CVE-2024-52059.json new file mode 100644 index 00000000000..a4151d103ca --- /dev/null +++ b/CVE-2024/CVE-2024-520xx/CVE-2024-52059.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-52059", + "sourceIdentifier": "3f572a00-62e2-4423-959a-7ea25eff1638", + "published": "2024-12-13T11:15:08.080", + "lastModified": "2024-12-13T11:15:08.080", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Security Plugins) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.17." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://www.rti.com/vulnerabilities/#cve-2024-52059", + "source": "3f572a00-62e2-4423-959a-7ea25eff1638" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-520xx/CVE-2024-52060.json b/CVE-2024/CVE-2024-520xx/CVE-2024-52060.json new file mode 100644 index 00000000000..1d8dca415c0 --- /dev/null +++ b/CVE-2024/CVE-2024-520xx/CVE-2024-52060.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-52060", + "sourceIdentifier": "3f572a00-62e2-4423-959a-7ea25eff1638", + "published": "2024-12-13T11:15:08.250", + "lastModified": "2024-12-13T11:15:08.250", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routing Service, Recording Service, Queuing Service, Observability Collector Service, Cloud Discovery Service) allows Buffer Overflow via Environment Variables.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.1.45." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://www.rti.com/vulnerabilities/#cve-2024-52060", + "source": "3f572a00-62e2-4423-959a-7ea25eff1638" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-520xx/CVE-2024-52061.json b/CVE-2024/CVE-2024-520xx/CVE-2024-52061.json new file mode 100644 index 00000000000..7483dd688da --- /dev/null +++ b/CVE-2024/CVE-2024-520xx/CVE-2024-52061.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-52061", + "sourceIdentifier": "3f572a00-62e2-4423-959a-7ea25eff1638", + "published": "2024-12-13T11:15:08.457", + "lastModified": "2024-12-13T11:15:08.457", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries, Queuing Service, Recording Service, Routing Service) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.1.40, from 5.0.0 before 5.3.1.45." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://www.rti.com/vulnerabilities/#cve-2024-52061", + "source": "3f572a00-62e2-4423-959a-7ea25eff1638" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-520xx/CVE-2024-52062.json b/CVE-2024/CVE-2024-520xx/CVE-2024-52062.json new file mode 100644 index 00000000000..0bedee86eeb --- /dev/null +++ b/CVE-2024/CVE-2024-520xx/CVE-2024-52062.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-52062", + "sourceIdentifier": "3f572a00-62e2-4423-959a-7ea25eff1638", + "published": "2024-12-13T11:15:08.650", + "lastModified": "2024-12-13T11:15:08.650", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.1.40, from 5.0.0 before 5.3.1.45." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://www.rti.com/vulnerabilities/#cve-2024-52062", + "source": "3f572a00-62e2-4423-959a-7ea25eff1638" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-520xx/CVE-2024-52063.json b/CVE-2024/CVE-2024-520xx/CVE-2024-52063.json new file mode 100644 index 00000000000..7a1db14420f --- /dev/null +++ b/CVE-2024/CVE-2024-520xx/CVE-2024-52063.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-52063", + "sourceIdentifier": "3f572a00-62e2-4423-959a-7ea25eff1638", + "published": "2024-12-13T11:15:08.810", + "lastModified": "2024-12-13T11:15:08.810", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries, Routing Service) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.1.40, from 5.0.0 before 5.3.1.45." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://www.rti.com/vulnerabilities/#cve-2024-52063", + "source": "3f572a00-62e2-4423-959a-7ea25eff1638" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-520xx/CVE-2024-52064.json b/CVE-2024/CVE-2024-520xx/CVE-2024-52064.json new file mode 100644 index 00000000000..6539c0afdba --- /dev/null +++ b/CVE-2024/CVE-2024-520xx/CVE-2024-52064.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-52064", + "sourceIdentifier": "3f572a00-62e2-4423-959a-7ea25eff1638", + "published": "2024-12-13T11:15:08.963", + "lastModified": "2024-12-13T11:15:08.963", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.1.40, from 5.0.0 before 5.3.1.45." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://www.rti.com/vulnerabilities/#cve-2024-52064", + "source": "3f572a00-62e2-4423-959a-7ea25eff1638" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-520xx/CVE-2024-52065.json b/CVE-2024/CVE-2024-520xx/CVE-2024-52065.json new file mode 100644 index 00000000000..8c83e6ac84a --- /dev/null +++ b/CVE-2024/CVE-2024-520xx/CVE-2024-52065.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-52065", + "sourceIdentifier": "3f572a00-62e2-4423-959a-7ea25eff1638", + "published": "2024-12-13T11:15:09.153", + "lastModified": "2024-12-13T11:15:09.153", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional on non-Windows (Persistence Service) allows Buffer Overflow via Environment Variables.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.1.2 before 6.1.2.21, from 5.3.1.40 before 5.3.1.41." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://www.rti.com/vulnerabilities/#cve-2024-52065", + "source": "3f572a00-62e2-4423-959a-7ea25eff1638" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-520xx/CVE-2024-52066.json b/CVE-2024/CVE-2024-520xx/CVE-2024-52066.json new file mode 100644 index 00000000000..28c545c227a --- /dev/null +++ b/CVE-2024/CVE-2024-520xx/CVE-2024-52066.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-52066", + "sourceIdentifier": "3f572a00-62e2-4423-959a-7ea25eff1638", + "published": "2024-12-13T11:15:09.330", + "lastModified": "2024-12-13T11:15:09.330", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routing Service) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.1.40." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "3f572a00-62e2-4423-959a-7ea25eff1638", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://www.rti.com/vulnerabilities/#cve-2024-52066", + "source": "3f572a00-62e2-4423-959a-7ea25eff1638" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9608.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9608.json new file mode 100644 index 00000000000..cae249a42d4 --- /dev/null +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9608.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-9608", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-12-13T12:15:20.080", + "lastModified": "2024-12-13T12:15:20.080", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The MyParcel plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 4.24.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Please note this is only exploitable when the WooCommerce store is set to Belgium." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3206928/woocommerce-myparcel/tags/4.24.2/includes/admin/settings/class-wcmypa-settings.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d6c85f2b-965d-477f-9d9a-4a3f315c4904?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 4a4aa242ac9..6125c1772fa 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-13T11:00:38.571853+00:00 +2024-12-13T13:00:14.297263+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-13T10:15:07.507000+00:00 +2024-12-13T12:15:20.080000+00:00 ``` ### Last Data Feed Release @@ -33,35 +33,34 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -273570 +273584 ``` ### CVEs added in the last Commit -Recently added CVEs: `16` +Recently added CVEs: `14` -- [CVE-2024-10783](CVE-2024/CVE-2024-107xx/CVE-2024-10783.json) (`2024-12-13T10:15:06.400`) -- [CVE-2024-11012](CVE-2024/CVE-2024-110xx/CVE-2024-11012.json) (`2024-12-13T10:15:07.127`) -- [CVE-2024-11275](CVE-2024/CVE-2024-112xx/CVE-2024-11275.json) (`2024-12-13T09:15:04.887`) -- [CVE-2024-11754](CVE-2024/CVE-2024-117xx/CVE-2024-11754.json) (`2024-12-13T09:15:05.630`) -- [CVE-2024-11832](CVE-2024/CVE-2024-118xx/CVE-2024-11832.json) (`2024-12-13T09:15:06.113`) -- [CVE-2024-11910](CVE-2024/CVE-2024-119xx/CVE-2024-11910.json) (`2024-12-13T09:15:06.543`) -- [CVE-2024-11911](CVE-2024/CVE-2024-119xx/CVE-2024-11911.json) (`2024-12-13T09:15:07.083`) -- [CVE-2024-12042](CVE-2024/CVE-2024-120xx/CVE-2024-12042.json) (`2024-12-13T09:15:07.370`) -- [CVE-2024-12309](CVE-2024/CVE-2024-123xx/CVE-2024-12309.json) (`2024-12-13T09:15:07.810`) -- [CVE-2024-12414](CVE-2024/CVE-2024-124xx/CVE-2024-12414.json) (`2024-12-13T09:15:08.070`) -- [CVE-2024-12417](CVE-2024/CVE-2024-124xx/CVE-2024-12417.json) (`2024-12-13T09:15:08.353`) -- [CVE-2024-12420](CVE-2024/CVE-2024-124xx/CVE-2024-12420.json) (`2024-12-13T09:15:08.627`) -- [CVE-2024-12421](CVE-2024/CVE-2024-124xx/CVE-2024-12421.json) (`2024-12-13T09:15:08.870`) -- [CVE-2024-12465](CVE-2024/CVE-2024-124xx/CVE-2024-12465.json) (`2024-12-13T09:15:09.060`) -- [CVE-2024-52057](CVE-2024/CVE-2024-520xx/CVE-2024-52057.json) (`2024-12-13T10:15:07.320`) -- [CVE-2024-9290](CVE-2024/CVE-2024-92xx/CVE-2024-9290.json) (`2024-12-13T10:15:07.507`) +- [CVE-2021-32007](CVE-2021/CVE-2021-320xx/CVE-2021-32007.json) (`2024-12-13T11:15:06.060`) +- [CVE-2024-11827](CVE-2024/CVE-2024-118xx/CVE-2024-11827.json) (`2024-12-13T12:15:19.050`) +- [CVE-2024-21576](CVE-2024/CVE-2024-215xx/CVE-2024-21576.json) (`2024-12-13T12:15:19.753`) +- [CVE-2024-21577](CVE-2024/CVE-2024-215xx/CVE-2024-21577.json) (`2024-12-13T12:15:19.910`) +- [CVE-2024-52058](CVE-2024/CVE-2024-520xx/CVE-2024-52058.json) (`2024-12-13T11:15:07.900`) +- [CVE-2024-52059](CVE-2024/CVE-2024-520xx/CVE-2024-52059.json) (`2024-12-13T11:15:08.080`) +- [CVE-2024-52060](CVE-2024/CVE-2024-520xx/CVE-2024-52060.json) (`2024-12-13T11:15:08.250`) +- [CVE-2024-52061](CVE-2024/CVE-2024-520xx/CVE-2024-52061.json) (`2024-12-13T11:15:08.457`) +- [CVE-2024-52062](CVE-2024/CVE-2024-520xx/CVE-2024-52062.json) (`2024-12-13T11:15:08.650`) +- [CVE-2024-52063](CVE-2024/CVE-2024-520xx/CVE-2024-52063.json) (`2024-12-13T11:15:08.810`) +- [CVE-2024-52064](CVE-2024/CVE-2024-520xx/CVE-2024-52064.json) (`2024-12-13T11:15:08.963`) +- [CVE-2024-52065](CVE-2024/CVE-2024-520xx/CVE-2024-52065.json) (`2024-12-13T11:15:09.153`) +- [CVE-2024-52066](CVE-2024/CVE-2024-520xx/CVE-2024-52066.json) (`2024-12-13T11:15:09.330`) +- [CVE-2024-9608](CVE-2024/CVE-2024-96xx/CVE-2024-9608.json) (`2024-12-13T12:15:20.080`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `1` +- [CVE-2024-21726](CVE-2024/CVE-2024-217xx/CVE-2024-21726.json) (`2024-12-13T11:15:07.320`) ## Download and Usage diff --git a/_state.csv b/_state.csv index cede7cef58d..d79636d57b2 100644 --- a/_state.csv +++ b/_state.csv @@ -176138,6 +176138,7 @@ CVE-2021-32003,0,0,0ab0c12e80b6a55e89863cb2bded4fb5faaf86274d40a9063f46cc83d3717 CVE-2021-32004,0,0,c711be156e6bab6b83bbf28ba05238de081ebf4afdcf90f1fa1cb16c25906106,2024-11-21T06:06:41.753000 CVE-2021-32005,0,0,98c8fbec304b3bcbf9d61ae8e342f36131609e694f7978a1b72e4f2daa374fa4,2024-11-21T06:06:41.883000 CVE-2021-32006,0,0,a204caa10486cbbefb41479b5cf43d89ba16b11c29590e9619f668e7bac849ee,2024-11-21T06:06:42.013000 +CVE-2021-32007,1,1,00e8c02493a988831af7568bb186f220478524a790291108dc261665ce61c712,2024-12-13T11:15:06.060000 CVE-2021-32008,0,0,c24c0199bba704de19a4ec6ec29630e12085973618b29db0189bff01655deb93,2024-11-21T06:06:42.143000 CVE-2021-32009,0,0,f686c9648f02955225833b4606384eca97ead135b90aa0e4d82492e0320a32be,2024-11-21T06:06:42.270000 CVE-2021-32010,0,0,e240e56c82ab91b528fee16a10c9fd11cfc0790379fc80db4cebb2fc1e02b258,2024-11-21T06:06:42.393000 @@ -243516,7 +243517,7 @@ CVE-2024-1078,0,0,4fdf4438e937bc23eddab90d7d2917be63b435e62e0a2d1086ddd87d02563b CVE-2024-10780,0,0,24807701522a545ac98c6803b8e15da776f2d8a35c7b54777fb317026ce29a42,2024-11-28T10:15:05.280000 CVE-2024-10781,0,0,df5f48c6c5059116b8ab7de34db9894feb54bad774b862574fdcc33719382ffa,2024-11-26T06:15:08.057000 CVE-2024-10782,0,0,5406927f555c692a1d9c0a945182b268a80a14421e689a431011d46720d7260f,2024-11-21T13:57:24.187000 -CVE-2024-10783,1,1,232462393224d59e2154ead8e8b3eb3d36b1ac52876c9739c73fc397bf34feaf,2024-12-13T10:15:06.400000 +CVE-2024-10783,0,0,232462393224d59e2154ead8e8b3eb3d36b1ac52876c9739c73fc397bf34feaf,2024-12-13T10:15:06.400000 CVE-2024-10784,0,0,8aec2d03b2fd30a3ad14582a150ff225d197ed662755ec8fe77bf26658a5da9c,2024-12-12T07:15:07.510000 CVE-2024-10785,0,0,3f01bd087d273daf30380c315f820020814d213e2340745da66061077350c031,2024-11-21T13:57:24.187000 CVE-2024-10786,0,0,ccc5097d72c9d28e3db11dc281f3f9385330979372f0eb8c07e82e1cc6da99f0,2024-11-18T17:11:17.393000 @@ -243688,7 +243689,7 @@ CVE-2024-11007,0,0,62a2e0757d628f20a5e5c0dd4a347b28f717af7d2afebfa5668d63b84e88b CVE-2024-11008,0,0,1880244f1f67b5841f1d2e94dcf73ce7501d11084552d8b71465fd847ea3803b,2024-12-11T11:15:04.947000 CVE-2024-11009,0,0,f480d27ee8261f76524c7f6e635dd05967cd1bee3828280624cb8a929fc9e083,2024-11-27T12:15:19.383000 CVE-2024-11010,0,0,df432a6ddcc96473c4608b251cddef86854ccd41b5717633ded9b47b86325565,2024-12-10T00:15:21.207000 -CVE-2024-11012,1,1,050c35a7efa98d3315c7c574508df000ce7894b733b60e41d44a52c4cf25012f,2024-12-13T10:15:07.127000 +CVE-2024-11012,0,0,050c35a7efa98d3315c7c574508df000ce7894b733b60e41d44a52c4cf25012f,2024-12-13T10:15:07.127000 CVE-2024-11013,0,0,1584e7889c2d3a99777654ed0e3acd92f4aff58e9059c4aeb7efc6520ecfc42a,2024-11-29T08:15:03.923000 CVE-2024-11014,0,0,9f2efdb28e0b940011f1cf446ac00ebac4a7241224648feded8562f9b5e1a86a,2024-11-29T08:15:04.140000 CVE-2024-11015,0,0,ce90df143645eb5314baeab0136ffaa2898f5ea0f2f6ffaa7fb5855c9a246bb7,2024-12-12T04:15:04.797000 @@ -243890,7 +243891,7 @@ CVE-2024-11265,0,0,cd84e375ba34be8f1d8c0a95984eed473f1b4c14b99dc4b41ab53021d7d29 CVE-2024-11268,0,0,40373fcd315fe487c851607fe3ac45b00147e2cbb2f06b71a2f20cd5b3490696,2024-12-09T18:15:22.120000 CVE-2024-1127,0,0,156ab4f781dcbea8349dccaf03d8331b37e207b23f13868177d2fc6d72956211,2024-11-21T08:49:51.547000 CVE-2024-11274,0,0,68416047580eaaa72dd4e9ca219e395346d31290ba0ce8919ace0c1ae20f7ea4,2024-12-12T12:15:22.267000 -CVE-2024-11275,1,1,e4ceee5b7d1816f9e3e84b73f395bc2cf43308396d0bdbc3ce8f2747078ed613,2024-12-13T09:15:04.887000 +CVE-2024-11275,0,0,e4ceee5b7d1816f9e3e84b73f395bc2cf43308396d0bdbc3ce8f2747078ed613,2024-12-13T09:15:04.887000 CVE-2024-11276,0,0,bec6f6d7f70ddc5f33f40077c2ca48024f960e5925873d26e2cd076944abd586,2024-12-06T09:15:05.827000 CVE-2024-11277,0,0,70fa881c494ed4e8a3131fb313821feca0fce09e01d4dad197524b7869b481b5,2024-11-26T20:59:50.643000 CVE-2024-11278,0,0,3f323ea4c088ae11099db65ea7e4647c3e5f880422ea2bf5351a2656e281a2c7,2024-11-21T13:57:24.187000 @@ -244251,7 +244252,7 @@ CVE-2024-11745,0,0,96069305de6ef8812783ef245e2f61d86d985db42c36cad22c8d389adbd7e CVE-2024-11747,0,0,3759ff4fc6bacdbc93b41c30e49e712686d53794386a1c516e9d37a83c4db995,2024-12-04T03:15:04.933000 CVE-2024-1175,0,0,f997875411f4ee3836569f05e6ded063f5984d7986ed98f909a5423e1a302ce0,2024-11-21T08:49:58 CVE-2024-11750,0,0,3c34e091d90fe18ed980ae2930740ab9280c6a3419c7de611ea99715b89180e0,2024-12-12T05:15:09.577000 -CVE-2024-11754,1,1,7f899a763cc43644ced7e3eac1478b4e04aedec1f0a902ba54d937491193a54b,2024-12-13T09:15:05.630000 +CVE-2024-11754,0,0,7f899a763cc43644ced7e3eac1478b4e04aedec1f0a902ba54d937491193a54b,2024-12-13T09:15:05.630000 CVE-2024-11757,0,0,f6e9cc66f398e537f819c502da6499dbb37805cac3d1aa532638955a25992311,2024-12-12T06:15:21.367000 CVE-2024-1176,0,0,ade3cc69c20caab05c727481cc0ec5f568a186d8a0d855f0f768d9d6ccfee82f,2024-11-21T08:49:58.123000 CVE-2024-11760,0,0,5cfb5d180120c1875ad31a782b3cbd78a6ea2212cd7c91767b7a154b08a9b37d,2024-12-12T09:15:05.040000 @@ -244301,9 +244302,10 @@ CVE-2024-11819,0,0,4ad555b58c0b6ae087a0e197e14f318c0818cf9ebf662c2c2b44a9340719c CVE-2024-1182,0,0,3f29301d892b117e83ef161f22ec91ec635f3f594205a460782ee4e3d4d8572d,2024-11-21T08:49:58.813000 CVE-2024-11820,0,0,851b7a45884f50f3792038cee6a0dd94b1414d7c7c3cad4aa15d26efb61c7827,2024-12-03T14:54:20.297000 CVE-2024-11823,0,0,39aa0fbc102b8a9648f017c9098019c8c94234f421f38dd89f51eddc70f54f40,2024-12-06T09:15:07.463000 +CVE-2024-11827,1,1,80d64f76d513488d35b0b3043c1b9224eab483c6276ed14747481e2a5f979519,2024-12-13T12:15:19.050000 CVE-2024-11828,0,0,2182fcc94d5c2924b387611eabcc64629aff0d6ea201e85bc92b19a7228cc503,2024-12-12T21:07:04.270000 CVE-2024-1183,0,0,65ecfa5c3d2b221c19281f6b798c6cc7087d171223e10f3dd191314d09620aec,2024-11-21T08:49:58.950000 -CVE-2024-11832,1,1,aadf62fc4eeada44adff600b225c42fa09a9b0f6911729915b42277f1c29059c,2024-12-13T09:15:06.113000 +CVE-2024-11832,0,0,aadf62fc4eeada44adff600b225c42fa09a9b0f6911729915b42277f1c29059c,2024-12-13T09:15:06.113000 CVE-2024-11833,0,0,400c0bc8f7bed746cef05b7eb9344d2eed64ee376938496522edd2a73efd06a9,2024-12-13T06:15:25.233000 CVE-2024-11834,0,0,b4223c3487600139b2dc6f34da392d0877b89f37153f0f6d2ce4b7f993ed7954,2024-12-13T06:15:25.440000 CVE-2024-11835,0,0,58df7f1e073686cecda4af7fd302cbb6e3fec61392e0dce5022c4636e2d9dd85,2024-12-13T06:15:25.600000 @@ -244339,8 +244341,8 @@ CVE-2024-11901,0,0,85a51f3a62cac6a871a42c80931949fc5d3b4624a58f6d01d97754dcd7f10 CVE-2024-11903,0,0,1fb664847ae87ab093a142384297236893b764bd45b68ea230b1dd002c36e183,2024-12-04T08:15:06.830000 CVE-2024-11904,0,0,da24913eab17510e55c4ea2ef4b2fa1fad64a4fc2d2fdf47398459156652574a,2024-12-07T02:15:18.263000 CVE-2024-1191,0,0,6f7a8128ca74425a818c30dd0345aad863d38fbb6a993214ffab466088e49214,2024-11-21T08:50:00.150000 -CVE-2024-11910,1,1,3e53c17b4d4f3d6fda9e4abea3d4378ee27e9e34bda8c0d51cc6847e587e513e,2024-12-13T09:15:06.543000 -CVE-2024-11911,1,1,595ad0d6bcaed0c4a2a777d12876187817168daf7b8e8936a15520df1fd6ddae,2024-12-13T09:15:07.083000 +CVE-2024-11910,0,0,3e53c17b4d4f3d6fda9e4abea3d4378ee27e9e34bda8c0d51cc6847e587e513e,2024-12-13T09:15:06.543000 +CVE-2024-11911,0,0,595ad0d6bcaed0c4a2a777d12876187817168daf7b8e8936a15520df1fd6ddae,2024-12-13T09:15:07.083000 CVE-2024-11914,0,0,6bedccc117b468b1c5e82e3ad1903d97b2027e3032457dde2935576fa2de9097,2024-12-12T04:15:06.983000 CVE-2024-11918,0,0,f7031582b21494aaa2ccab4dd4ab92d52bf9f67c1445d9fb72b363b717cfc06b,2024-11-28T06:15:08.347000 CVE-2024-1192,0,0,feeadd7788bda0ae41e0b060ef10672169205cb5b73feeee0610abe95f0f97d2,2024-11-21T08:50:00.287000 @@ -244410,7 +244412,7 @@ CVE-2024-12028,0,0,d2c420f66bbd357e2489473cb2335e7956cf9c2e9639b9f4934dd8440bd3b CVE-2024-1203,0,0,d1f896c2674b7d8b8ac7ccf181e7d9a7e598afaaabec693045eb0f85d52368c5,2024-11-21T08:50:01.913000 CVE-2024-1204,0,0,52c83c0f4289636bc1afd18cb37875b782729e90167239cc1a53f532e5633e12,2024-11-21T08:50:02.033000 CVE-2024-12040,0,0,39e54c1617f7e28d0c3f3b48c53cf20fa25d33e84438fb670823959ec7d37040,2024-12-12T06:15:22.947000 -CVE-2024-12042,1,1,e9986891d8f31ba95ca9b0c2f45479fbb6f2378fb362247a8f772f70b86d7bb4,2024-12-13T09:15:07.370000 +CVE-2024-12042,0,0,e9986891d8f31ba95ca9b0c2f45479fbb6f2378fb362247a8f772f70b86d7bb4,2024-12-13T09:15:07.370000 CVE-2024-1205,0,0,7a555763b4ee56426377ab020ddc9dc79c7bd15b9be6f5edc39ecd5779b4ad33,2024-11-21T08:50:02.210000 CVE-2024-12053,0,0,deed3343567444a181a7ca41ddaf1738a385e7a42108cbc02e3ad8b91b7d2002,2024-12-03T20:15:14.513000 CVE-2024-12056,0,0,d7fbaa89c201679c30b80d6484a6860abf01d1ecc41424a8e0b08b504062cb8c,2024-12-04T15:15:09.700000 @@ -244510,7 +244512,7 @@ CVE-2024-12300,0,0,699335afc6b60ce8f75d8e5292b0de9023ec03e7dc3d726459e0a0c42acf7 CVE-2024-12305,0,0,591beb549e2fd130a4eb51689f906f54cfd4f9ef094b292b5ebd58de367d8b56,2024-12-09T09:15:04.970000 CVE-2024-12306,0,0,7a6ad19881298b2491617643bd5219a8f3696a7257d332ef3f9d18eb332eeb87,2024-12-09T09:15:05.293000 CVE-2024-12307,0,0,23aacf8c044133a030d70d78a0f87e6b3da2eadc1bf68e4a395d80d759eab88c,2024-12-09T09:15:05.433000 -CVE-2024-12309,1,1,d62c4fbe6a15f24d5555bddc7ce2150b421836015159b8d98df287596c6c6f09,2024-12-13T09:15:07.810000 +CVE-2024-12309,0,0,d62c4fbe6a15f24d5555bddc7ce2150b421836015159b8d98df287596c6c6f09,2024-12-13T09:15:07.810000 CVE-2024-1231,0,0,b14e8b0a07bc5ec367647c5978c3a1256f30a8a16700580e77b0e0e8d9654fdc,2024-11-21T08:50:06.870000 CVE-2024-12312,0,0,4f1e4d7a9351bbf89fb07bc3b891c5587f19ab228728d06e5854d5cf8ab9431c,2024-12-12T07:15:10.090000 CVE-2024-1232,0,0,0724dcbb02c95ade7614aaa3e49113b53bf4da94f0e9ec3c91efd2f39f26e0e2,2024-11-21T08:50:07.030000 @@ -244555,17 +244557,17 @@ CVE-2024-1240,0,0,04799415e1f0377b54b78e2b8bdc0cc625bbd87f5e08d92014024c374e43cc CVE-2024-12401,0,0,168ab50a00c8e055cc6b3c22c9a86d74152dd552dee0343c930d3f40f1bd1ecd,2024-12-12T09:15:05.790000 CVE-2024-12406,0,0,fa1ab7c597cd33fcacb317cf2fa610cdcf6468bc31d67d5c659a34b86d65b782,2024-12-12T05:15:12.210000 CVE-2024-1241,0,0,ba82bb77c28ed45b324839e72710669d8c2af006c45eeed23dee90a28ff67ea8,2024-11-21T08:50:08.490000 -CVE-2024-12414,1,1,c6c62afd8231ad84f0cfbacb9824eb7ef75ee3eec91768b77318c01a4a7a2e2c,2024-12-13T09:15:08.070000 -CVE-2024-12417,1,1,18cff6407a68203c614d63ed63995a1bbdcb09f8d67d032b1540cb6d37a1cca3,2024-12-13T09:15:08.353000 +CVE-2024-12414,0,0,c6c62afd8231ad84f0cfbacb9824eb7ef75ee3eec91768b77318c01a4a7a2e2c,2024-12-13T09:15:08.070000 +CVE-2024-12417,0,0,18cff6407a68203c614d63ed63995a1bbdcb09f8d67d032b1540cb6d37a1cca3,2024-12-13T09:15:08.353000 CVE-2024-1242,0,0,d730388eb7530fa29fb11ce649456e01cfb020c8a1d70e87c977d44dc1314073,2024-11-21T08:50:08.620000 -CVE-2024-12420,1,1,e390c38f4e88665e32a2cd62152aa860ec938ca2fa0dfcbdfe404f6557d8a750,2024-12-13T09:15:08.627000 -CVE-2024-12421,1,1,ac4f95208439dcb1252d6283c443373564305334068386dd134a6484558faee1,2024-12-13T09:15:08.870000 +CVE-2024-12420,0,0,e390c38f4e88665e32a2cd62152aa860ec938ca2fa0dfcbdfe404f6557d8a750,2024-12-13T09:15:08.627000 +CVE-2024-12421,0,0,ac4f95208439dcb1252d6283c443373564305334068386dd134a6484558faee1,2024-12-13T09:15:08.870000 CVE-2024-12441,0,0,8dc47fc0bc628e554cb5d5dec738cf187ea41d3428aede59fd0f61db8f834f33,2024-12-12T05:15:12.703000 CVE-2024-1245,0,0,95e8542ba13fb11ab7fe96b21acceb5168a3d85655e46eadbf4243e255ea26c4,2024-11-21T08:50:08.740000 CVE-2024-1246,0,0,1f374a88e5f240286cc1247b0f1cf35c16b35bebd909ebb6b31cd5f41f473567,2024-11-21T08:50:08.877000 CVE-2024-12461,0,0,87132fe6ee9a0a857141b6cda632ed8c8a71393196330fb5b19b4b0c53e8baa3,2024-12-12T04:15:07.820000 CVE-2024-12463,0,0,16058c978a913956bb36aa3280bcad6d31dbd913cf9beb7eb08a9f5fffeecbb8,2024-12-12T05:15:13.197000 -CVE-2024-12465,1,1,12688c9e12a4af7815fc2288834e09f6bf4fc2de624e4c07cbd62f7f14d587e0,2024-12-13T09:15:09.060000 +CVE-2024-12465,0,0,12688c9e12a4af7815fc2288834e09f6bf4fc2de624e4c07cbd62f7f14d587e0,2024-12-13T09:15:09.060000 CVE-2024-1247,0,0,87dd54613b1838220658d2242080e8fb0b79934df6e5afef144b61ee319c0ba1,2024-11-21T08:50:09.013000 CVE-2024-12479,0,0,a43f8145b082e439d09ff6167e64d352f39b03576b87a98804243a903d0554df,2024-12-12T01:40:28.927000 CVE-2024-12480,0,0,b0eab20a7ec0a125c8d7de42a5914029294e75829166f8b51f3f5c9a83e1f3a0,2024-12-12T01:40:29.110000 @@ -246695,6 +246697,8 @@ CVE-2024-2156,0,0,dad16cc8b52bdfe940c458388d7cb4591983119fee4b9576e287f5f27d4e6b CVE-2024-21571,0,0,d37e58d960b59009984c70d286739e560ae0d50ece0a82d653578b73814bd68d,2024-12-06T14:15:19.997000 CVE-2024-21574,0,0,45701805f5188114f1888c23c811ceeb10e4b0f020a4cfb74429c69bdd01fe15,2024-12-12T09:15:06.037000 CVE-2024-21575,0,0,97accf7ff45ffb715215f838147623de678c993003f8042176e982f0f1f05cf8,2024-12-12T15:15:12.733000 +CVE-2024-21576,1,1,42157063f6e4ca76e1343c8325c7a2508b01a6ce41e53efbf2a2b11172d442bb,2024-12-13T12:15:19.753000 +CVE-2024-21577,1,1,ac8ea4d0bcc3e10821f9050ff758868103ecf195d2be69297b820bfb1b2e21f3,2024-12-13T12:15:19.910000 CVE-2024-21583,0,0,c1d075392adda1a92bd116f6568c32f98f3861adb7381b8163ad6f1ba61849c1,2024-11-21T08:54:39.443000 CVE-2024-21584,0,0,b131eec7e1253fa331b7a55309f8a83408121476547446d36e68e2f68de5bf1d,2024-11-21T08:54:39.587000 CVE-2024-21585,0,0,9d0ae936587469574770d0fa4ad5b9b2924c2930649b2050f260c2352ac4f0cd,2024-11-21T08:54:39.697000 @@ -246807,7 +246811,7 @@ CVE-2024-21722,0,0,5f530469128a41bfa0dd5b7a458e5346dd38dd76f502f71a2747a4c0d3965 CVE-2024-21723,0,0,ea00e53d0673b309526ea9182c39ca1385df8eb584192b37edee739e9b4e1501,2024-12-02T16:15:08.967000 CVE-2024-21724,0,0,71ab50eedb3eaae0cf010b41547c1ab496cb8a61984051a476dd3c8a05ae25c7,2024-11-21T08:54:52.573000 CVE-2024-21725,0,0,102bc48d163faec6cc11fa8ada828cb863fe99c32c41e6fe5250a9d25bfe5aa9,2024-11-21T08:54:52.683000 -CVE-2024-21726,0,0,487e6207a8204a2911cc2e66200dc2457be259735519a9a8e8a62f26887ba50c,2024-11-21T08:54:52.860000 +CVE-2024-21726,0,1,618dce9f8a5b9eb531a5c86b35312ba1a47b09692b7ec96682d06ac2ff481c50,2024-12-13T11:15:07.320000 CVE-2024-21727,0,0,d36a5a952f97379e323c6e545f2e862cb297af7e7a1457e672ca02bec68bd484,2024-11-21T08:54:53.040000 CVE-2024-21728,0,0,2cbae60f817b8c7a7affecac1a8952c66a9f7eeec8d8bf74d3b215cd2045b4e6,2024-12-03T16:15:21.030000 CVE-2024-21729,0,0,ce8a30bafeb6b97535469464c82ba7fd23d6f7caed1d9ff1342347bbafd041de,2024-11-21T08:54:53.400000 @@ -268465,8 +268469,17 @@ CVE-2024-52053,0,0,634822104ec4d4af8aa9cf0854397b2e2ea6f5f55e9fc999886a29a44842f CVE-2024-52054,0,0,9a2d2ec3a40a48770d9647f97127693cc6b0ef5932cb18c296471a466b60d1e3,2024-11-21T23:15:05.627000 CVE-2024-52055,0,0,259d73954aece81f7c011d1c96f3f9c4bf1a8d33b43ce9ab6720600ab6632df4,2024-11-21T23:15:05.890000 CVE-2024-52056,0,0,da2fb97069f42481988d3de6950366edf96ce98eb60db797a3ccea41a89e8e92,2024-11-21T23:15:06.147000 -CVE-2024-52057,1,1,4afa017149785f60875924874d6d565d05d116767f78456dbc0402abf3c4ffe7,2024-12-13T10:15:07.320000 +CVE-2024-52057,0,0,4afa017149785f60875924874d6d565d05d116767f78456dbc0402abf3c4ffe7,2024-12-13T10:15:07.320000 +CVE-2024-52058,1,1,aae85787f6dd61b0c36f921e209af75bb054c384bd96651dad696b6309eb6ca5,2024-12-13T11:15:07.900000 +CVE-2024-52059,1,1,6bde304d0d8fd04ec20ec1688dd81311f75ec6afc8dae40129bbf0564959da20,2024-12-13T11:15:08.080000 CVE-2024-5206,0,0,8862c9be0fc374f53d6a02e5cb7505c5867d3e503357cffe44c63c1a9e66a567,2024-11-21T09:47:11.143000 +CVE-2024-52060,1,1,51861fd16a81d9128d9c1930b21fa40dae199275810da1c77565602fc23e71df,2024-12-13T11:15:08.250000 +CVE-2024-52061,1,1,3e859b2c21a377f69107a7383a75c3f2e624734e6ffe1ef6b5ed51955d3d4382,2024-12-13T11:15:08.457000 +CVE-2024-52062,1,1,361307b9e16a015a415e53e9cf30be8ae92860be6685212cbf9ca90c5195d5df,2024-12-13T11:15:08.650000 +CVE-2024-52063,1,1,01a99f2c9a9552c48c26ab7a9ae3aaea1052d83010fae3b40f5cb27ed5fd90c0,2024-12-13T11:15:08.810000 +CVE-2024-52064,1,1,991b8f36e22e95ac383d6de3f96bd4197dba9a89d12273fee0411c155cfe8081,2024-12-13T11:15:08.963000 +CVE-2024-52065,1,1,95a067ff6fd4c2b46a05689cbf6895ce02d09ceb321b81c8adccd934fd0156ff,2024-12-13T11:15:09.153000 +CVE-2024-52066,1,1,3b370b6b71e379be8a024a03d6db1cdc1268457f33eccf40b6255d7a5ebc066b,2024-12-13T11:15:09.330000 CVE-2024-52067,0,0,3b3805f082afbbdd7956c2385fa9d932a6e128593a07e351c3b4f992b1659428,2024-11-21T13:57:24.187000 CVE-2024-5207,0,0,1dd18e9ab7ff6bfd8ddcbcad1d892aa6d72fe1c4875644c7384ba96bff8c8b12,2024-11-21T09:47:11.280000 CVE-2024-5208,0,0,d422f38fd635e5406dd7f21299ff486ffd883cb5b6211c662371966536488116,2024-11-21T09:47:11.387000 @@ -273009,7 +273022,7 @@ CVE-2024-9284,0,0,e747cbb82ef430c65e12719c88c63c2fbce54e52eb20c21371241717d7cc4e CVE-2024-9286,0,0,5c87b07f904b24f28322b109601842556e84152397134ac82da299aaabaf274a,2024-11-21T17:15:27.713000 CVE-2024-9287,0,0,ee4875fcc1eab286a5a806a04af7541165bd2ee970c2b6c4a30368f5704e3047,2024-11-04T18:15:05.627000 CVE-2024-9289,0,0,82efcd622bd05af8234fb7f9750f1266ba9c6595f5976c11981038e615a0ed09,2024-10-07T18:25:21.380000 -CVE-2024-9290,1,1,e41d5c4a813bab3a7edd5eaac43a1cc6708ddeed01d4e71cc4f5faff8c970d3b,2024-12-13T10:15:07.507000 +CVE-2024-9290,0,0,e41d5c4a813bab3a7edd5eaac43a1cc6708ddeed01d4e71cc4f5faff8c970d3b,2024-12-13T10:15:07.507000 CVE-2024-9291,0,0,73e401584c500ba127e7af4fffd6757ae385ec6f94f9207b4110ea56e7a67b15,2024-10-07T16:13:44.433000 CVE-2024-9292,0,0,527c65352feb89104baea5b2d5dfb7b073634663094f34514a27c8ec3da14e3a,2024-10-10T12:57:21.987000 CVE-2024-9293,0,0,603fd9a9b5f2f09866227e56378d613899b58f9b42512fcc436593f8b2e0f098,2024-10-07T15:37:33.670000 @@ -273252,6 +273265,7 @@ CVE-2024-9600,0,0,ea15b50099d09f31b8281c72f2e9f7d888450824868eb6eb5785430b8539a9 CVE-2024-9602,0,0,9d8dd86d0cc225ffb6741a84ee0790d75b0a3de971742428da103b505a33eb9b,2024-10-10T12:51:56.987000 CVE-2024-9603,0,0,6f73634986e4f0954072f40ec952c1e4c294de097bee976da4c1af4a65275169,2024-10-10T12:51:56.987000 CVE-2024-9607,0,0,46ba6ae19aabe43b4e394b9eaf2c4143d8dae3b6ca887a4181734917d5564e5f,2024-11-05T17:40:57.777000 +CVE-2024-9608,1,1,b20534ec874707d92a2ff9fb1aa6d12ff20ee5b2f043fdd6617b961662fce412,2024-12-13T12:15:20.080000 CVE-2024-9609,0,0,a32ad4ba0330c8bd46a334ed0a6f34b381196d6ee0adb5a1527caca9a51b5222,2024-11-19T21:28:42.670000 CVE-2024-9610,0,0,f327439241391b51adbb56ced5a29061a4e9cbef39684c65a214212a54ae604b,2024-10-15T12:58:51.050000 CVE-2024-9611,0,0,049688b12d23536b7521af43a85c6bc56a995bcf550dd4b062c24ab61d06803f,2024-10-15T12:58:51.050000