admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-12-19T21:00:21.091629+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-12-19 21:03:43 +00:00
parent 3cf0a8f329
commit f1f78fd0db
92 changed files with 4623 additions and 627 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2004/CVE-2004-02xx/CVE-2004-0210.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2004-0210",
"sourceIdentifier": "cve@mitre.org",
"published": "2004-08-06T04:00:00.000",
"lastModified": "2024-11-20T23:48:00.663",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T20:05:39.017",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2004/CVE-2004-14xx/CVE-2004-1464.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2004-1464",
"sourceIdentifier": "cve@mitre.org",
"published": "2004-12-31T05:00:00.000",
"lastModified": "2024-11-20T23:50:56.793",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T20:06:18.227",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2010/CVE-2010-30xx/CVE-2010-3035.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-3035",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2010-08-30T21:00:12.203",
"lastModified": "2024-11-21T01:17:55.053",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T20:09:31.583",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2010/CVE-2010-39xx/CVE-2010-3904.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-3904",
"sourceIdentifier": "security@ubuntu.com",
"published": "2010-12-06T20:13:00.513",
"lastModified": "2024-11-21T01:19:52.257",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T20:10:12.953",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2010/CVE-2010-43xx/CVE-2010-4398.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-4398",
"sourceIdentifier": "cve@mitre.org",
"published": "2010-12-06T13:44:54.863",
"lastModified": "2024-11-21T01:20:51.987",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T20:10:00.257",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2010/CVE-2010-53xx/CVE-2010-5326.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-5326",
"sourceIdentifier": "cve@mitre.org",
"published": "2016-05-13T10:59:00.173",
"lastModified": "2024-11-21T01:23:03.023",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T19:13:11.297",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

10
CVE-2010/CVE-2010-53xx/CVE-2010-5330.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-5330",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-06-11T21:29:00.350",
"lastModified": "2024-11-21T01:23:03.783",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T19:13:27.623",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,13 +16,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",

4
CVE-2012/CVE-2012-03xx/CVE-2012-0391.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-0391",
"sourceIdentifier": "cve@mitre.org",
"published": "2012-01-08T15:55:01.217",
"lastModified": "2024-11-21T01:34:53.520",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T20:11:52.633",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2012/CVE-2012-15xx/CVE-2012-1535.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-1535",
"sourceIdentifier": "cve@mitre.org",
"published": "2012-08-15T10:31:40.677",
"lastModified": "2024-11-21T01:37:11.183",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T20:13:13.987",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2012/CVE-2012-17xx/CVE-2012-1710.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-1710",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2012-05-03T22:55:02.967",
"lastModified": "2024-11-21T01:37:30.750",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T20:12:24.990",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2012/CVE-2012-18xx/CVE-2012-1889.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-1889",
"sourceIdentifier": "secure@microsoft.com",
"published": "2012-06-13T04:46:46.190",
"lastModified": "2024-11-21T01:37:58.907",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T20:12:36.527",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2012/CVE-2012-31xx/CVE-2012-3152.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-3152",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2012-10-16T23:55:03.823",
"lastModified": "2024-11-21T01:40:18.590",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T19:49:26.617",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2012/CVE-2012-47xx/CVE-2012-4792.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-4792",
"sourceIdentifier": "secure@microsoft.com",
"published": "2012-12-30T18:55:01.477",
"lastModified": "2024-11-21T01:43:32.487",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T19:49:43.483",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2012/CVE-2012-50xx/CVE-2012-5076.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-5076",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2012-10-16T21:55:02.073",
"lastModified": "2024-11-21T01:43:59.393",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T19:49:20.863",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2013/CVE-2013-00xx/CVE-2013-0074.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-0074",
"sourceIdentifier": "secure@microsoft.com",
"published": "2013-03-13T00:55:01.137",
"lastModified": "2024-11-21T01:46:49.873",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T19:49:55.697",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2013/CVE-2013-04xx/CVE-2013-0422.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-0422",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2013-01-10T21:55:00.777",
"lastModified": "2024-11-21T01:47:30.510",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T19:49:47.333",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2014/CVE-2014-03xx/CVE-2014-0322.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-0322",
"sourceIdentifier": "secure@microsoft.com",
"published": "2014-02-14T16:55:07.500",
"lastModified": "2024-11-21T02:01:52.720",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T19:21:37.073",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2014/CVE-2014-17xx/CVE-2014-1761.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-1761",
"sourceIdentifier": "secure@microsoft.com",
"published": "2014-03-25T13:24:01.067",
"lastModified": "2024-11-21T02:04:59.127",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T19:32:14.073",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2014/CVE-2014-17xx/CVE-2014-1776.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-1776",
"sourceIdentifier": "secure@microsoft.com",
"published": "2014-04-27T10:55:03.340",
"lastModified": "2024-11-21T02:05:00.823",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T19:32:20.190",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2014/CVE-2014-18xx/CVE-2014-1812.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-1812",
"sourceIdentifier": "secure@microsoft.com",
"published": "2014-05-14T11:13:06.630",
"lastModified": "2024-11-21T02:05:04.843",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T19:32:26.427",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2014/CVE-2014-21xx/CVE-2014-2120.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-2120",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2014-03-19T01:15:04.007",
"lastModified": "2024-11-21T02:05:41.473",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T19:31:33.220",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2014/CVE-2014-28xx/CVE-2014-2817.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-2817",
"sourceIdentifier": "secure@microsoft.com",
"published": "2014-08-12T21:55:07.007",
"lastModified": "2024-11-21T02:07:00.083",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T19:12:30.300",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2014/CVE-2014-44xx/CVE-2014-4404.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-4404",
"sourceIdentifier": "product-security@apple.com",
"published": "2014-09-18T10:55:09.827",
"lastModified": "2024-11-21T02:10:07.407",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T19:12:43.413",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

14
CVE-2015/CVE-2015-06xx/CVE-2015-0666.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-0666",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2015-04-03T10:59:04.290",
"lastModified": "2024-11-21T02:23:30.033",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T19:12:51.923",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -101,7 +101,10 @@
},
{
"url": "http://www.securitytracker.com/id/1032009",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-dcnm",
@ -112,7 +115,10 @@
},
{
"url": "http://www.securitytracker.com/id/1032009",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
}
]
}

24
CVE-2015/CVE-2015-11xx/CVE-2015-1130.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-1130",
"sourceIdentifier": "product-security@apple.com",
"published": "2015-04-10T14:59:43.073",
"lastModified": "2024-11-21T02:24:44.383",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-19T19:13:03.840",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -86,7 +86,10 @@
},
{
"url": "http://www.osvdb.org/120418",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/bid/73982",
@ -97,7 +100,10 @@
},
{
"url": "http://www.securitytracker.com/id/1032048",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://support.apple.com/HT204659",
@ -122,7 +128,10 @@
},
{
"url": "http://www.osvdb.org/120418",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/bid/73982",
@ -133,7 +142,10 @@
},
{
"url": "http://www.securitytracker.com/id/1032048",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "https://support.apple.com/HT204659",

56
CVE-2020/CVE-2020-69xx/CVE-2020-6923.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2020-6923",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2024-12-19T19:15:06.030",
"lastModified": "2024-12-19T19:15:06.030",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The HP Linux Imaging and Printing (HPLIP) software may potentially be affected by memory buffer overflow."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "hp-security-alert@hp.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "hp-security-alert@hp.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://support.hp.com/us-en/document/c06927115",
"source": "hp-security-alert@hp.com"
}
]
}

60
CVE-2024/CVE-2024-121xx/CVE-2024-12111.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12111",
"sourceIdentifier": "security@opentext.com",
"published": "2024-12-19T20:15:06.950",
"lastModified": "2024-12-19T20:15:06.950",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In a specific scenario a LDAP user can abuse the authentication process in OpenText\u00a0Privileged Access Manager that allows authentication bypass.\u00a0This issue affects Privileged Access Manager version 23.3(4.4); 24.3(4.5)"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@opentext.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@opentext.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://www.netiq.com/documentation/privileged-access-manager-45/npam_45_releasenotes/data/npam_45_releasenotes.html",
"source": "security@opentext.com"
},
{
"url": "https://www.netiq.com/documentation/privileged-account-manager-44/npam_44_releasenotes/data/npam_44_releasenotes.html",
"source": "security@opentext.com"
}
]
}

129
CVE-2024/CVE-2024-19xx/CVE-2024-1938.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1938",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-02-29T01:43:57.600",
"lastModified": "2024-12-05T14:15:20.310",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T20:20:38.233",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,46 +81,121 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "122.0.6261.94",
"matchCriteriaId": "DF849192-D2B3-40BF-943B-BAF70BFCBB71"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_27.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/324596281",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWSP5MIK7CDWJQHN2SJJX2YGSSS7E4O/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6KJCEJWJR5Z54Z75LRJGELDNMFDKLZG/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTGM2WHYSZAUUPENB7YO6E5ONAKE6AKJ/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_27.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/324596281",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWSP5MIK7CDWJQHN2SJJX2YGSSS7E4O/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6KJCEJWJR5Z54Z75LRJGELDNMFDKLZG/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTGM2WHYSZAUUPENB7YO6E5ONAKE6AKJ/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

129
CVE-2024/CVE-2024-19xx/CVE-2024-1939.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1939",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-02-29T01:43:57.640",
"lastModified": "2024-11-21T08:51:38.683",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T20:20:25.553",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,46 +81,121 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "122.0.6261.94",
"matchCriteriaId": "DF849192-D2B3-40BF-943B-BAF70BFCBB71"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_27.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/323694592",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWSP5MIK7CDWJQHN2SJJX2YGSSS7E4O/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6KJCEJWJR5Z54Z75LRJGELDNMFDKLZG/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTGM2WHYSZAUUPENB7YO6E5ONAKE6AKJ/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_27.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/323694592",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWSP5MIK7CDWJQHN2SJJX2YGSSS7E4O/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6KJCEJWJR5Z54Z75LRJGELDNMFDKLZG/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTGM2WHYSZAUUPENB7YO6E5ONAKE6AKJ/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

101
CVE-2024/CVE-2024-21xx/CVE-2024-2173.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2173",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-03-06T19:15:08.973",
"lastModified": "2024-11-21T09:09:10.973",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T20:20:02.573",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -39,30 +59,95 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "122.0.6261.111",
"matchCriteriaId": "BE3EAEA3-E750-414C-A4DA-9D6A40D683EA"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/325893559",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYEGSHTMXIPXD5OW5CXVWQS3ZUBCBSXG/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/325893559",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYEGSHTMXIPXD5OW5CXVWQS3ZUBCBSXG/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

99
CVE-2024/CVE-2024-21xx/CVE-2024-2174.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2174",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-03-06T19:15:09.037",
"lastModified": "2024-11-21T09:09:11.167",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T20:24:09.830",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,30 +81,83 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "122.0.6261.111",
"matchCriteriaId": "BE3EAEA3-E750-414C-A4DA-9D6A40D683EA"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/325866363",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYEGSHTMXIPXD5OW5CXVWQS3ZUBCBSXG/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/325866363",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYEGSHTMXIPXD5OW5CXVWQS3ZUBCBSXG/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

99
CVE-2024/CVE-2024-21xx/CVE-2024-2176.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2176",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-03-06T19:15:09.090",
"lastModified": "2024-11-21T09:09:11.473",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T20:23:37.707",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,30 +81,83 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "122.0.6261.111",
"matchCriteriaId": "BE3EAEA3-E750-414C-A4DA-9D6A40D683EA"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/325936438",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYEGSHTMXIPXD5OW5CXVWQS3ZUBCBSXG/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/325936438",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYEGSHTMXIPXD5OW5CXVWQS3ZUBCBSXG/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

269
CVE-2024/CVE-2024-238xx/CVE-2024-23836.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23836",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-26T16:27:57.693",
"lastModified": "2024-11-21T08:58:31.793",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:26:20.673",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,160 +69,329 @@
"value": "CWE-770"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.16",
"matchCriteriaId": "E9AB3B22-820A-45AE-A0F1-B07C53FEB22E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.3",
"matchCriteriaId": "8AD3DB8D-5FEF-43FD-8E47-5EF72479EF29"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/OISF/suricata/commit/18841a58da71e735ddf4e52cbfa6989755ecbeb7",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/2a2120ecf10c5b5713ec2bf59469fe57f7b5b747",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/83c5567ea7b0b28376f57dcfee9c6301448c7bc7",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/8efaebe293e2a74c8e323fa85a6f5fadf82801bc",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/97953998d2d60673ed6c30ddfb6a2d59b4230f97",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/b1549e930f6426eeff43f12b672337cbcda566b8",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/cd035d59e3df157b606f4fe67324ea8e437be786",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/ce9b90326949c94a46611d6394e28600ee5e8bd5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/e7e28822f473320658d6125f16ac3f0524baff01",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/f9de1cca6182e571f1c02387dca6e695e55608af",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-q33q-45cr-3cpc",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6531",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6532",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6540",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6658",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6659",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6660",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/OISF/suricata/commit/18841a58da71e735ddf4e52cbfa6989755ecbeb7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/2a2120ecf10c5b5713ec2bf59469fe57f7b5b747",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/83c5567ea7b0b28376f57dcfee9c6301448c7bc7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/8efaebe293e2a74c8e323fa85a6f5fadf82801bc",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/97953998d2d60673ed6c30ddfb6a2d59b4230f97",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/b1549e930f6426eeff43f12b672337cbcda566b8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/cd035d59e3df157b606f4fe67324ea8e437be786",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/ce9b90326949c94a46611d6394e28600ee5e8bd5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/e7e28822f473320658d6125f16ac3f0524baff01",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/f9de1cca6182e571f1c02387dca6e695e55608af",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-q33q-45cr-3cpc",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6531",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6532",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6540",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6658",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6659",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6660",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
}
]
}

125
CVE-2024/CVE-2024-238xx/CVE-2024-23839.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23839",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-26T16:27:58.090",
"lastModified": "2024-11-21T08:58:32.243",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:38:28.107",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
@ -49,48 +69,129 @@
"value": "CWE-416"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.3",
"matchCriteriaId": "8AD3DB8D-5FEF-43FD-8E47-5EF72479EF29"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/OISF/suricata/commit/cd731fcaf42e5f7078c9be643bfa0cee2ad53e8f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-qxj6-hr2p-mmc7",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6657",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/OISF/suricata/commit/cd731fcaf42e5f7078c9be643bfa0cee2ad53e8f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-qxj6-hr2p-mmc7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6657",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
}
]
}

123
CVE-2024/CVE-2024-245xx/CVE-2024-24568.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24568",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-26T16:27:58.293",
"lastModified": "2024-11-21T08:59:26.350",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:30:33.157",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,48 +69,127 @@
"value": "CWE-284"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.3",
"matchCriteriaId": "8AD3DB8D-5FEF-43FD-8E47-5EF72479EF29"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/OISF/suricata/commit/478a2a38f54e2ae235f8486bff87d7d66b6307f0",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-gv29-5hqw-5h8c",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6717",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/OISF/suricata/commit/478a2a38f54e2ae235f8486bff87d7d66b6307f0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-gv29-5hqw-5h8c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6717",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
}
]
}

114
CVE-2024/CVE-2024-24xx/CVE-2024-2400.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2400",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-03-13T04:15:08.040",
"lastModified": "2024-11-21T09:09:40.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T20:21:05.327",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,38 +81,102 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "122.0.6261.128",
"matchCriteriaId": "13225AF1-52F4-4DF8-90CB-3391A8E3031F"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_12.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/327696052",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T55OZ7JOMLNT5ICM4DTCZOJZD6TZICKO/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VIKPDCUMQNF2DFB7TU3V4ISJ7WFJH7YI/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_12.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/327696052",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T55OZ7JOMLNT5ICM4DTCZOJZD6TZICKO/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VIKPDCUMQNF2DFB7TU3V4ISJ7WFJH7YI/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

130
CVE-2024/CVE-2024-326xx/CVE-2024-32663.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32663",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-05-07T15:15:08.713",
"lastModified": "2024-11-21T09:15:25.470",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:40:02.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -53,64 +73,142 @@
"value": "CWE-770"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.0.19",
"matchCriteriaId": "0D75940C-F39A-466B-9E79-D2E19DA182C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.5",
"matchCriteriaId": "A158A8DB-3609-488B-B986-52575C649704"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6892",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6900",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6892",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6900",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
}
]
}

92
CVE-2024/CVE-2024-326xx/CVE-2024-32664.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32664",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-05-07T15:15:08.937",
"lastModified": "2024-11-21T09:15:25.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:46:05.803",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
@ -53,32 +73,88 @@
"value": "CWE-122"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.0.19",
"matchCriteriaId": "0D75940C-F39A-466B-9E79-D2E19DA182C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.5",
"matchCriteriaId": "A158A8DB-3609-488B-B986-52575C649704"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/OISF/suricata/commit/311002baf288a225f62cf18a90c5fdd294447379",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/d5ffecf11ad2c6fe89265e518f5d7443caf26ba4",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-79vh-hpwq-3jh7",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://github.com/OISF/suricata/commit/311002baf288a225f62cf18a90c5fdd294447379",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/d5ffecf11ad2c6fe89265e518f5d7443caf26ba4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-79vh-hpwq-3jh7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

160
CVE-2024/CVE-2024-328xx/CVE-2024-32867.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32867",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-05-07T15:15:09.143",
"lastModified": "2024-11-21T09:15:53.740",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:48:46.393",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,88 +69,184 @@
"value": "CWE-754"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.0.19",
"matchCriteriaId": "0D75940C-F39A-466B-9E79-D2E19DA182C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.5",
"matchCriteriaId": "A158A8DB-3609-488B-B986-52575C649704"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6672",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6673",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6677",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6672",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6673",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://redmine.openinfosecfoundation.org/issues/6677",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
}
]
}

6
CVE-2024/CVE-2024-358xx/CVE-2024-35870.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35870",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-19T09:15:08.427",
"lastModified": "2024-11-21T09:21:05.570",
"lastModified": "2024-12-19T19:15:06.820",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -64,6 +64,10 @@
"url": "https://git.kernel.org/stable/c/6202996a1c1887e83d0b3b0fcd86d0e5e6910ea0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/755fe68cd4b59e1d2a2dd3286177fd4404f57fed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/24a9799aa8efecd0eb55a75e35f9d8e6400063aa",
"source": "af854a3a-2127-422b-91ae-364da2661108"

159
CVE-2024/CVE-2024-39xx/CVE-2024-3914.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3914",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-04-17T18:15:16.400",
"lastModified": "2024-11-21T09:30:41.297",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:03:05.733",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,70 +81,163 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "124.0.6367.60",
"matchCriteriaId": "AFB90495-B48B-4020-A2CC-51D77CABEB72"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/330759272",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/330759272",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

6
CVE-2024/CVE-2024-421xx/CVE-2024-42108.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-42108",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-30T08:15:03.333",
"lastModified": "2024-11-21T09:33:37.090",
"lastModified": "2024-12-19T19:15:07.023",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -71,6 +71,10 @@
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4a41bb9f2b402469d425a1c13359d3b3ea4e6403",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/92cbbe7759193e3418f38d0d73f8fe125312c58b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

16
CVE-2024/CVE-2024-423xx/CVE-2024-42315.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42315",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-17T09:15:11.470",
"lastModified": "2024-08-22T15:51:03.077",
"vulnStatus": "Analyzed",
"lastModified": "2024-12-19T19:15:07.147",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -85,6 +85,10 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/632fb232b6bbf8277edcbe9ecd4b4d98ecb122eb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/89fc548767a2155231128cb98726d6d2ea1256c9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
@ -98,6 +102,14 @@
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c052f775ee6ccacd3c97e4cf41a2a657e63d4259",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cd1c7858641384191ff7033fb1fc65dfcd559c6f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

6
CVE-2024/CVE-2024-449xx/CVE-2024-44949.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44949",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-04T19:15:30.040",
"lastModified": "2024-12-14T21:15:23.927",
"lastModified": "2024-12-19T19:15:07.270",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -86,6 +86,10 @@
"url": "https://git.kernel.org/stable/c/00baca74fb5879e5f9034b6156671301f500f8ee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3dfd8991ad33b10c2fb027a4cfcf57579fa786c1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/533de2f470baac40d3bf622fe631f15231a03c9f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

129
CVE-2024/CVE-2024-45xx/CVE-2024-4559.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4559",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-05-07T19:15:08.633",
"lastModified": "2024-11-21T09:43:06.370",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T20:47:26.740",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,46 +81,121 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "124.0.6367.155",
"matchCriteriaId": "85B5F2FF-0514-421A-8FBF-A7CFEA7F2294"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/331369797",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/331369797",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

34
CVE-2024/CVE-2024-495xx/CVE-2024-49550.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49550",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-12-10T21:15:17.903",
"lastModified": "2024-12-10T21:15:17.903",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:03:32.470",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:connect:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.4.9",
"matchCriteriaId": "599EEA89-BDA1-4FF2-9B78-103DDDD1E262"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:connect:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.7",
"matchCriteriaId": "E877A861-6761-4E6E-8589-34C30346DCEE"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-497xx/CVE-2024-49765.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49765",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-12-19T20:15:07.143",
"lastModified": "2024-12-19T20:15:07.143",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Discourse is an open source platform for community discussion. Sites that are using discourse connect but still have local logins enabled could allow attackers to bypass discourse connect to create accounts and login. This problem is patched in the latest version of Discourse. Users unable to upgrade who are using discourse connect may disable all other login methods as a workaround."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-359"
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse/security/advisories/GHSA-v8rf-pvgm-xxf2",
"source": "security-advisories@github.com"
}
]
}

129
CVE-2024/CVE-2024-49xx/CVE-2024-4948.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4948",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-05-15T21:15:09.347",
"lastModified": "2024-11-21T09:43:55.963",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T20:38:52.327",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,46 +81,121 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "125.0.6422.60",
"matchCriteriaId": "9EA6CD11-7561-41B3-B56A-B6D0F242EE50"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/333414294",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/333414294",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

129
CVE-2024/CVE-2024-49xx/CVE-2024-4949.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4949",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-05-15T21:15:09.430",
"lastModified": "2024-11-21T09:43:56.150",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T20:21:58.630",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,46 +81,121 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "125.0.6422.60",
"matchCriteriaId": "9EA6CD11-7561-41B3-B56A-B6D0F242EE50"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/326607001",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/326607001",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

131
CVE-2024/CVE-2024-49xx/CVE-2024-4950.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4950",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-05-15T21:15:09.493",
"lastModified": "2024-11-21T09:43:56.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T20:13:25.240",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -39,46 +59,133 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "125.0.6422.60",
"matchCriteriaId": "9EA6CD11-7561-41B3-B56A-B6D0F242EE50"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/40065403",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/40065403",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

119
CVE-2024/CVE-2024-51xx/CVE-2024-5157.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5157",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-05-22T16:15:10.863",
"lastModified": "2024-11-21T09:47:05.440",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T20:09:58.013",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,8 +15,41 @@
"value": "Use after free en Programaci\u00f3n en Google Chrome anterior a 125.0.6422.76 permit\u00eda a un atacante remoto ejecutar c\u00f3digo arbitrario dentro de una zona de pruebas a trav\u00e9s de una p\u00e1gina HTML manipulada. (Severidad de seguridad de Chrome: alta)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -28,38 +61,102 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "125.0.6422.76",
"matchCriteriaId": "3C0A06C7-8D33-4887-B12D-B009D878FF2A"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/336012573",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/336012573",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

114
CVE-2024/CVE-2024-51xx/CVE-2024-5158.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5158",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-05-22T16:15:10.947",
"lastModified": "2024-11-21T09:47:05.567",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:59:03.683",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,38 +81,102 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "125.0.6422.76",
"matchCriteriaId": "3C0A06C7-8D33-4887-B12D-B009D878FF2A"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/338908243",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/338908243",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

114
CVE-2024/CVE-2024-51xx/CVE-2024-5159.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5159",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-05-22T16:15:11.013",
"lastModified": "2024-11-21T09:47:05.763",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:55:52.627",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,38 +81,102 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "125.0.6422.76",
"matchCriteriaId": "3C0A06C7-8D33-4887-B12D-B009D878FF2A"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/335613092",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://issues.chromium.org/issues/335613092",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

56
CVE-2024/CVE-2024-525xx/CVE-2024-52589.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-52589",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-12-19T20:15:07.337",
"lastModified": "2024-12-19T20:15:07.337",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Discourse is an open source platform for community discussion. Moderators can see the Screened emails list in the admin dashboard, and through that can learn the email of a user. This problem is patched in the latest version of Discourse. Users unable to upgrade should remove moderator role from untrusted users."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 2.2,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.7,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse/security/advisories/GHSA-cqw6-rr3v-8fff",
"source": "security-advisories@github.com"
}
]
}

56
CVE-2024/CVE-2024-527xx/CVE-2024-52794.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-52794",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-12-19T20:15:07.513",
"lastModified": "2024-12-19T20:15:07.513",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Discourse is an open source platform for community discussion. Users clicking on the lightbox thumbnails could be affected. This problem is patched in the latest version of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse/security/advisories/GHSA-m3v4-v2rp-hfm9",
"source": "security-advisories@github.com"
}
]
}

12
CVE-2024/CVE-2024-531xx/CVE-2024-53119.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53119",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-02T14:15:12.667",
"lastModified": "2024-12-11T20:55:09.957",
"vulnStatus": "Analyzed",
"lastModified": "2024-12-19T19:15:07.407",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -127,6 +127,10 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4310902c766e371359e6c6311056ae80b5beeac9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/897617a413e0bf1c6380e3b34b2f28f450508549",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
@ -147,6 +151,10 @@
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e26fa236758e8baa61a82cfd9fd4388d2e8d6a4c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

18
CVE-2024/CVE-2024-531xx/CVE-2024-53125.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-53125",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-04T14:15:20.460",
"lastModified": "2024-12-04T14:15:20.460",
"lastModified": "2024-12-19T19:15:07.613",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -17,6 +17,22 @@
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/60fd3538d2a8fd44c41d25088c0ece3e1fd30659",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b57ac2d92c1f565743f6890a5b9cf317ed856b09",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bfe9446ea1d95f6cb7848da19dfd58d2eec6fd84",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dadf82c1b2608727bcc306843b540cd7414055a7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e2ef0f317a52e678fe8fa84b94d6a15b466d6ff0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"

56
CVE-2024/CVE-2024-539xx/CVE-2024-53991.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-53991",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-12-19T20:15:07.670",
"lastModified": "2024-12-19T20:15:07.670",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Discourse is an open source platform for community discussion. This vulnerability only impacts Discourse instances configured to use `FileStore::LocalStore` which means uploads and backups are stored locally on disk. If an attacker knows the name of the Discourse backup file, the attacker can trick nginx into sending the Discourse backup file with a well crafted request. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to upgrade. Users unable to upgrade can either 1. Download all local backups on to another storage device, disable the `enable_backups` site setting and delete all backups until the site has been upgraded to pull in the fix. Or 2. Change the `backup_location` site setting to `s3` so that backups are stored and downloaded directly from S3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse/security/advisories/GHSA-567m-82f6-56rv",
"source": "security-advisories@github.com"
}
]
}

56
CVE-2024/CVE-2024-540xx/CVE-2024-54032.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54032",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-12-10T21:15:20.690",
"lastModified": "2024-12-10T21:15:20.690",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:03:15.563",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.8
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -51,10 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:connect:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.4.9",
"matchCriteriaId": "599EEA89-BDA1-4FF2-9B78-103DDDD1E262"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:connect:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.7",
"matchCriteriaId": "E877A861-6761-4E6E-8589-34C30346DCEE"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-540xx/CVE-2024-54034.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54034",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-12-10T21:15:20.817",
"lastModified": "2024-12-10T21:15:20.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:03:03.917",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 5.8
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -51,10 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:connect:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.4.9",
"matchCriteriaId": "599EEA89-BDA1-4FF2-9B78-103DDDD1E262"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:connect:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.7",
"matchCriteriaId": "E877A861-6761-4E6E-8589-34C30346DCEE"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-540xx/CVE-2024-54036.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54036",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-12-10T21:15:20.947",
"lastModified": "2024-12-10T21:15:20.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:02:47.713",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -51,10 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:connect:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.4.9",
"matchCriteriaId": "599EEA89-BDA1-4FF2-9B78-103DDDD1E262"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:connect:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.7",
"matchCriteriaId": "E877A861-6761-4E6E-8589-34C30346DCEE"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-540xx/CVE-2024-54050.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54050",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-12-10T21:15:22.767",
"lastModified": "2024-12-10T21:15:22.767",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:02:17.920",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -51,10 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:connect:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.4.9",
"matchCriteriaId": "599EEA89-BDA1-4FF2-9B78-103DDDD1E262"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:connect:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.7",
"matchCriteriaId": "E877A861-6761-4E6E-8589-34C30346DCEE"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

82
CVE-2024/CVE-2024-541xx/CVE-2024-54150.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2024-54150",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-12-19T19:15:07.747",
"lastModified": "2024-12-19T19:15:07.747",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "cjwt is a C JSON Web Token (JWT) Implementation. Algorithm confusion occurs when a system improperly verifies the type of signature used, allowing attackers to exploit the lack of distinction between signing methods. If the system doesn't differentiate between an HMAC signed token and an RS/EC/PS signed token during verification, it becomes vulnerable to this kind of attack. For instance, an attacker could craft a token with the alg field set to \"HS256\" while the server expects an asymmetric algorithm like \"RS256\". The server might mistakenly use the wrong verification method, such as using a public key as the HMAC secret, leading to unauthorised access. For RSA, the key can be computed from a few signatures. For Elliptic Curve (EC), two potential keys can be recovered from one signature. This can be used to bypass the signature mechanism if an application relies on asymmetrically signed tokens. This issue has been addressed in version 2.3.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
}
],
"references": [
{
"url": "https://github.com/xmidt-org/cjwt/commit/096ab3e37f73c914b716e7259589179f363265fd",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xmidt-org/cjwt/security/advisories/GHSA-9h24-7qp5-gp82",
"source": "security-advisories@github.com"
}
]
}

12
CVE-2024/CVE-2024-54xx/CVE-2024-5466.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-5466",
"sourceIdentifier": "0fc0942c-577d-436f-ae8e-945763c79b02",
"published": "2024-08-23T14:15:11.073",
"lastModified": "2024-08-27T13:32:50.803",
"lastModified": "2024-12-19T20:21:12.243",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -88,11 +88,6 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoho:manageengine_remote_monitoring_and_management:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A662E0A-DC18-4444-8E80-60324D520134"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*",
@ -185,6 +180,11 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.8:build128187:*:*:*:*:*:*",
"matchCriteriaId": "17A772EF-75E0-43DB-95B8-6D1A00C76101"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_remote_monitoring_and_management_central:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1704E80-F82B-4205-94B3-0EC5F6C78415"
}
]
}

21
CVE-2024/CVE-2024-551xx/CVE-2024-55196.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-55196",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-12-19T19:15:07.947",
"lastModified": "2024-12-19T19:15:07.947",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insufficiently Protected Credentials in the Mail Server Configuration in GoPhish v0.12.1 allows an attacker to access cleartext passwords for the configured IMAP and SMTP servers."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/hexkaster/SecurityResearch/blob/main/CVE-2024-55196.md",
"source": "cve@mitre.org"
}
]
}

90
CVE-2024/CVE-2024-561xx/CVE-2024-56159.json Normal file
View File

@ -0,0 +1,90 @@
{
"id": "CVE-2024-56159",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-12-19T19:15:08.123",
"lastModified": "2024-12-19T19:15:08.123",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Astro is a web framework for content-driven websites. A bug in the build process allows any unauthenticated user to read parts of the server source code. During build, along with client assets such as css and font files, the sourcemap files **for the server code** are moved to a publicly-accessible folder. Any outside party can read them with an unauthorized HTTP GET request to the same server hosting the rest of the website. While some server files are hashed, making their access obscure, the files corresponding to the file system router (those in `src/pages`) are predictably named. For example. the sourcemap file for `src/pages/index.astro` gets named `dist/client/pages/index.astro.mjs.map`. This vulnerability is the root cause of issue #12703, which links to a simple stackblitz project demonstrating the vulnerability. Upon build, notice the contents of the `dist/client` (referred to as `config.build.client` in astro code) folder. All astro servers make the folder in question accessible to the public internet without any authentication. It contains `.map` files corresponding to the code that runs on the server. All **server-output** projects on Astro 5 versions **v5.0.3** through **v5.0.7**, that have **sourcemaps enabled**, either directly or through an add-on such as `sentry`, are affected. The fix for **server-output** projects was released in **astro@5.0.8**. Additionally, all **static-output** projects built using Astro 4 versions **4.16.17 or older**, or Astro 5 versions **5.0.8 or older**, that have **sourcemaps enabled** are also affected. The fix for **static-output** projects was released in **astro@5.0.9**, and backported to Astro v4 in **astro@4.16.18**. The immediate impact is limited to source code. Any secrets or environment variables are not exposed unless they are present verbatim in the source code. There is no immediate loss of integrity within the the vulnerable server. However, it is possible to subsequently discover another vulnerability via the revealed source code . There is no immediate impact to availability of the vulnerable server. However, the presence of an unsafe regular expression, for example, can quickly be exploited to subsequently compromise the availability. The fix for **server-output** projects was released in **astro@5.0.8**, and the fix for **static-output** projects was released in **astro@5.0.9** and backported to Astro v4 in **astro@4.16.18**. Users are advised to update immediately if they are using sourcemaps or an integration that enables sourcemaps."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "LOW",
"subsequentSystemAvailability": "LOW",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-219"
}
]
}
],
"references": [
{
"url": "https://github.com/getsentry/sentry-javascript/blob/develop/packages/astro/src/integration/index.ts#L50",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/withastro/astro/blob/176fe9f113fd912f9b61e848b00bbcfecd6d5c2c/packages/astro/src/core/build/static-build.ts#L139",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/withastro/astro/issues/12703",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/withastro/astro/security/advisories/GHSA-49w6-73cw-chjr",
"source": "security-advisories@github.com"
}
]
}

68
CVE-2024/CVE-2024-562xx/CVE-2024-56200.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-56200",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-12-19T19:15:08.280",
"lastModified": "2024-12-19T19:15:08.280",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Altair is a fork of Misskey v12. Affected versions lack of request validation and lack of authentication in the image proxy for compressing and resizing remote files could allow attacks that could affect availability, such as by abnormally increasing the CPU usage of the server on which this software is running or placing a heavy load on the network it is using. This issue has been fixed in v12.24Q4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
},
{
"lang": "en",
"value": "CWE-405"
}
]
}
],
"references": [
{
"url": "https://github.com/misskey-dev/misskey/security/advisories/GHSA-gq5q-c77c-v23600",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/nexryai/altair/commit/20bad5155a8d73f8d807c6c1ae0f7b8041331be8",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/nexryai/altair/security/advisories/GHSA-3pfm-hp96-pfgv",
"source": "security-advisories@github.com"
}
]
}

56
CVE-2024/CVE-2024-71xx/CVE-2024-7137.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-7137",
"sourceIdentifier": "product-security@silabs.com",
"published": "2024-12-19T20:15:07.820",
"lastModified": "2024-12-19T20:15:07.820",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The L2CAP receive data buffer for L2CAP packets is restricted to packet sizes smaller than the maximum supported packet size. Receiving a packet that exceeds the restricted buffer length may cause a crash. A hard reset is required to recover the crashed device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://community.silabs.com/068Vm00000F9zre",
"source": "product-security@silabs.com"
}
]
}

56
CVE-2024/CVE-2024-71xx/CVE-2024-7138.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-7138",
"sourceIdentifier": "product-security@silabs.com",
"published": "2024-12-19T20:15:07.947",
"lastModified": "2024-12-19T20:15:07.947",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An assert may be triggered, causing a temporary denial of service when a peer device sends a specially crafted malformed L2CAP packet. If a watchdog timer is not enabled, a hard reset is required to recover the device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
],
"references": [
{
"url": "https://community.silabs.com/068Vm00000F9zre",
"source": "product-security@silabs.com"
}
]
}

60
CVE-2024/CVE-2024-71xx/CVE-2024-7139.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-7139",
"sourceIdentifier": "product-security@silabs.com",
"published": "2024-12-19T20:15:08.073",
"lastModified": "2024-12-19T20:15:08.073",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to an unchecked buffer length, a specially crafted L2CAP packet can cause a buffer overflow. This buffer overflow triggers an assert, which results in a temporary denial of service.\u00a0\n\nIf a watchdog timer is not enabled, a hard reset is required to recover the device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-617"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://community.silabs.com/068Vm00000F9zre",
"source": "product-security@silabs.com"
}
]
}

48
CVE-2024/CVE-2024-72xx/CVE-2024-7234.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7234",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T22:15:16.190",
"lastModified": "2024-11-22T22:15:16.190",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:46:05.367",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,10 +73,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avg:antivirus:23.9.8494.795:*:*:*:free:*:*:*",
"matchCriteriaId": "A91471D6-546F-4DCC-8413-0A2598CCD66C"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1008/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

48
CVE-2024/CVE-2024-72xx/CVE-2024-7235.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7235",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T22:15:16.307",
"lastModified": "2024-11-22T22:15:16.307",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:42:37.133",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,10 +73,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avg:antivirus:23.11.8635.809:*:*:*:free:*:*:*",
"matchCriteriaId": "1A14A510-7F7B-4AD6-9130-22812A3ED045"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1006/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

48
CVE-2024/CVE-2024-72xx/CVE-2024-7236.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7236",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T22:15:16.427",
"lastModified": "2024-11-22T22:15:16.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:35:22.970",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,10 +73,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avg:antivirus:23.12.8700.812:-:*:*:free:*:*:*",
"matchCriteriaId": "FFE72048-27F6-4045-91BA-BD5D1751D271"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1009/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

48
CVE-2024/CVE-2024-72xx/CVE-2024-7237.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7237",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T22:15:16.547",
"lastModified": "2024-11-22T22:15:16.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:25:49.767",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,10 +73,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avg:antivirus:23.12.8700.813:-:*:*:free:*:*:*",
"matchCriteriaId": "B97C12BF-4D95-46E7-882A-4244C7F48BF4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1007/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

53
CVE-2024/CVE-2024-75xx/CVE-2024-7565.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7565",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T22:15:18.593",
"lastModified": "2024-11-22T22:15:18.593",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:15:24.127",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,14 +73,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:smartbear:soapui:.5.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FFCD977F-EB9F-4438-A4DF-588D797749B6"
}
]
}
]
}
],
"references": [
{
"url": "https://www.soapui.org/downloads/latest-release/release-notes/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1100/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

48
CVE-2024/CVE-2024-97xx/CVE-2024-9712.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9712",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:24.167",
"lastModified": "2024-11-22T21:15:24.167",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:17:34.457",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,10 +73,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trimble:sketchup:23.1.340:*:*:*:-:*:*:*",
"matchCriteriaId": "BC3CB63C-40F4-47A6-B7AE-F3A4FF77D987"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1473/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
}
]
}

48
CVE-2024/CVE-2024-97xx/CVE-2024-9713.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9713",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:24.280",
"lastModified": "2024-11-22T21:15:24.280",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:16:28.340",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,10 +73,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trimble:sketchup:24.0.484:*:*:*:pro:*:*:*",
"matchCriteriaId": "B0879BC5-6045-4E2E-A059-8157BA0AA539"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1474/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
}
]
}

48
CVE-2024/CVE-2024-97xx/CVE-2024-9714.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9714",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:24.397",
"lastModified": "2024-11-22T21:15:24.397",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:14:46.480",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,10 +73,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:*",
"matchCriteriaId": "589D3479-5680-4DB7-95CC-B1DC3C0D5E23"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1483/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
}
]
}

48
CVE-2024/CVE-2024-97xx/CVE-2024-9715.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9715",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:24.537",
"lastModified": "2024-11-22T21:15:24.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:14:39.070",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,10 +73,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:*",
"matchCriteriaId": "589D3479-5680-4DB7-95CC-B1DC3C0D5E23"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1376/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
}
]
}

48
CVE-2024/CVE-2024-97xx/CVE-2024-9716.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9716",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:24.680",
"lastModified": "2024-11-22T21:15:24.680",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:14:31.030",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,10 +73,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:*",
"matchCriteriaId": "589D3479-5680-4DB7-95CC-B1DC3C0D5E23"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1375/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
}
]
}

58
CVE-2024/CVE-2024-97xx/CVE-2024-9717.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9717",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:24.803",
"lastModified": "2024-11-22T21:15:24.803",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:14:21.630",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -49,12 +71,42 @@
"value": "CWE-457"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:*",
"matchCriteriaId": "589D3479-5680-4DB7-95CC-B1DC3C0D5E23"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1377/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
}
]
}

48
CVE-2024/CVE-2024-97xx/CVE-2024-9718.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9718",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:24.920",
"lastModified": "2024-11-22T21:15:24.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:14:03.807",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,10 +73,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:*",
"matchCriteriaId": "589D3479-5680-4DB7-95CC-B1DC3C0D5E23"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1378/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
}
]
}

48
CVE-2024/CVE-2024-97xx/CVE-2024-9719.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9719",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:25.027",
"lastModified": "2024-11-22T21:15:25.027",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:13:52.097",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,10 +73,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:*",
"matchCriteriaId": "589D3479-5680-4DB7-95CC-B1DC3C0D5E23"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1379/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
}
]
}

48
CVE-2024/CVE-2024-97xx/CVE-2024-9720.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9720",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:25.140",
"lastModified": "2024-11-22T21:15:25.140",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:13:44.393",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,10 +73,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:*",
"matchCriteriaId": "589D3479-5680-4DB7-95CC-B1DC3C0D5E23"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1477/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
}
]
}

48
CVE-2024/CVE-2024-97xx/CVE-2024-9721.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9721",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:25.257",
"lastModified": "2024-11-22T21:15:25.257",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:13:36.883",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,10 +73,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:*",
"matchCriteriaId": "589D3479-5680-4DB7-95CC-B1DC3C0D5E23"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1482/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
}
]
}

48
CVE-2024/CVE-2024-97xx/CVE-2024-9722.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9722",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:25.390",
"lastModified": "2024-11-22T21:15:25.390",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:13:28.567",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,10 +73,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:*",
"matchCriteriaId": "589D3479-5680-4DB7-95CC-B1DC3C0D5E23"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1481/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
}
]
}

48
CVE-2024/CVE-2024-97xx/CVE-2024-9723.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9723",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:25.517",
"lastModified": "2024-11-22T21:15:25.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:13:20.427",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,10 +73,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:*",
"matchCriteriaId": "589D3479-5680-4DB7-95CC-B1DC3C0D5E23"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1480/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
}
]
}

48
CVE-2024/CVE-2024-97xx/CVE-2024-9724.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9724",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:25.637",
"lastModified": "2024-11-22T21:15:25.637",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:13:11.980",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,10 +73,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:*",
"matchCriteriaId": "589D3479-5680-4DB7-95CC-B1DC3C0D5E23"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1479/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
}
]
}

48
CVE-2024/CVE-2024-97xx/CVE-2024-9725.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9725",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:25.760",
"lastModified": "2024-11-22T21:15:25.760",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:12:56.823",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,10 +73,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:*",
"matchCriteriaId": "589D3479-5680-4DB7-95CC-B1DC3C0D5E23"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1478/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
}
]
}

58
CVE-2024/CVE-2024-97xx/CVE-2024-9726.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9726",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:25.880",
"lastModified": "2024-11-22T21:15:25.880",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-19T19:12:27.903",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -49,12 +71,42 @@
"value": "CWE-121"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:*",
"matchCriteriaId": "589D3479-5680-4DB7-95CC-B1DC3C0D5E23"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1475/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
}
]
}

89
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-12-19T19:00:29.324360+00:00
2024-12-19T21:00:21.091629+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-12-19T18:59:21.867000+00:00
2024-12-19T20:47:26.740000+00:00
```
### Last Data Feed Release
@ -33,60 +33,57 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
274395
274408
```
### CVEs added in the last Commit
Recently added CVEs: `16`
Recently added CVEs: `13`
- [CVE-2021-22501](CVE-2021/CVE-2021-225xx/CVE-2021-22501.json) (`2024-12-19T17:15:06.527`)
- [CVE-2023-7005](CVE-2023/CVE-2023-70xx/CVE-2023-7005.json) (`2024-12-19T18:15:06.313`)
- [CVE-2024-12788](CVE-2024/CVE-2024-127xx/CVE-2024-12788.json) (`2024-12-19T17:15:08.270`)
- [CVE-2024-12789](CVE-2024/CVE-2024-127xx/CVE-2024-12789.json) (`2024-12-19T17:15:08.463`)
- [CVE-2024-12790](CVE-2024/CVE-2024-127xx/CVE-2024-12790.json) (`2024-12-19T17:15:08.650`)
- [CVE-2024-12791](CVE-2024/CVE-2024-127xx/CVE-2024-12791.json) (`2024-12-19T18:15:08.263`)
- [CVE-2024-12792](CVE-2024/CVE-2024-127xx/CVE-2024-12792.json) (`2024-12-19T18:15:08.900`)
- [CVE-2024-12793](CVE-2024/CVE-2024-127xx/CVE-2024-12793.json) (`2024-12-19T18:15:09.403`)
- [CVE-2024-12794](CVE-2024/CVE-2024-127xx/CVE-2024-12794.json) (`2024-12-19T18:15:09.963`)
- [CVE-2024-12801](CVE-2024/CVE-2024-128xx/CVE-2024-12801.json) (`2024-12-19T17:15:08.930`)
- [CVE-2024-38819](CVE-2024/CVE-2024-388xx/CVE-2024-38819.json) (`2024-12-19T18:15:10.557`)
- [CVE-2024-49336](CVE-2024/CVE-2024-493xx/CVE-2024-49336.json) (`2024-12-19T18:15:22.850`)
- [CVE-2024-51471](CVE-2024/CVE-2024-514xx/CVE-2024-51471.json) (`2024-12-19T18:15:23.153`)
- [CVE-2024-52896](CVE-2024/CVE-2024-528xx/CVE-2024-52896.json) (`2024-12-19T17:15:09.797`)
- [CVE-2024-52897](CVE-2024/CVE-2024-528xx/CVE-2024-52897.json) (`2024-12-19T18:15:23.357`)
- [CVE-2024-55081](CVE-2024/CVE-2024-550xx/CVE-2024-55081.json) (`2024-12-19T17:15:09.950`)
- [CVE-2020-6923](CVE-2020/CVE-2020-69xx/CVE-2020-6923.json) (`2024-12-19T19:15:06.030`)
- [CVE-2024-12111](CVE-2024/CVE-2024-121xx/CVE-2024-12111.json) (`2024-12-19T20:15:06.950`)
- [CVE-2024-49765](CVE-2024/CVE-2024-497xx/CVE-2024-49765.json) (`2024-12-19T20:15:07.143`)
- [CVE-2024-52589](CVE-2024/CVE-2024-525xx/CVE-2024-52589.json) (`2024-12-19T20:15:07.337`)
- [CVE-2024-52794](CVE-2024/CVE-2024-527xx/CVE-2024-52794.json) (`2024-12-19T20:15:07.513`)
- [CVE-2024-53991](CVE-2024/CVE-2024-539xx/CVE-2024-53991.json) (`2024-12-19T20:15:07.670`)
- [CVE-2024-54150](CVE-2024/CVE-2024-541xx/CVE-2024-54150.json) (`2024-12-19T19:15:07.747`)
- [CVE-2024-55196](CVE-2024/CVE-2024-551xx/CVE-2024-55196.json) (`2024-12-19T19:15:07.947`)
- [CVE-2024-56159](CVE-2024/CVE-2024-561xx/CVE-2024-56159.json) (`2024-12-19T19:15:08.123`)
- [CVE-2024-56200](CVE-2024/CVE-2024-562xx/CVE-2024-56200.json) (`2024-12-19T19:15:08.280`)
- [CVE-2024-7137](CVE-2024/CVE-2024-71xx/CVE-2024-7137.json) (`2024-12-19T20:15:07.820`)
- [CVE-2024-7138](CVE-2024/CVE-2024-71xx/CVE-2024-7138.json) (`2024-12-19T20:15:07.947`)
- [CVE-2024-7139](CVE-2024/CVE-2024-71xx/CVE-2024-7139.json) (`2024-12-19T20:15:08.073`)
### CVEs modified in the last Commit
Recently modified CVEs: `70`
Recently modified CVEs: `77`
- [CVE-2018-9463](CVE-2018/CVE-2018-94xx/CVE-2018-9463.json) (`2024-12-19T17:01:04.227`)
- [CVE-2021-32589](CVE-2021/CVE-2021-325xx/CVE-2021-32589.json) (`2024-12-19T17:15:07.167`)
- [CVE-2021-4314](CVE-2021/CVE-2021-43xx/CVE-2021-4314.json) (`2024-12-19T17:00:28.533`)
- [CVE-2024-1669](CVE-2024/CVE-2024-16xx/CVE-2024-1669.json) (`2024-12-19T17:32:13.720`)
- [CVE-2024-1670](CVE-2024/CVE-2024-16xx/CVE-2024-1670.json) (`2024-12-19T17:33:44.580`)
- [CVE-2024-1672](CVE-2024/CVE-2024-16xx/CVE-2024-1672.json) (`2024-12-19T17:53:20.020`)
- [CVE-2024-1673](CVE-2024/CVE-2024-16xx/CVE-2024-1673.json) (`2024-12-19T17:54:58.023`)
- [CVE-2024-1676](CVE-2024/CVE-2024-16xx/CVE-2024-1676.json) (`2024-12-19T17:58:37.093`)
- [CVE-2024-4059](CVE-2024/CVE-2024-40xx/CVE-2024-4059.json) (`2024-12-19T18:56:45.140`)
- [CVE-2024-4060](CVE-2024/CVE-2024-40xx/CVE-2024-4060.json) (`2024-12-19T18:54:01.637`)
- [CVE-2024-42004](CVE-2024/CVE-2024-420xx/CVE-2024-42004.json) (`2024-12-19T17:15:09.120`)
- [CVE-2024-42220](CVE-2024/CVE-2024-422xx/CVE-2024-42220.json) (`2024-12-19T17:15:09.243`)
- [CVE-2024-43106](CVE-2024/CVE-2024-431xx/CVE-2024-43106.json) (`2024-12-19T17:15:09.350`)
- [CVE-2024-49513](CVE-2024/CVE-2024-495xx/CVE-2024-49513.json) (`2024-12-19T17:15:33.163`)
- [CVE-2024-50379](CVE-2024/CVE-2024-503xx/CVE-2024-50379.json) (`2024-12-19T18:15:23.000`)
- [CVE-2024-53101](CVE-2024/CVE-2024-531xx/CVE-2024-53101.json) (`2024-12-19T18:08:23.857`)
- [CVE-2024-54038](CVE-2024/CVE-2024-540xx/CVE-2024-54038.json) (`2024-12-19T18:58:38.737`)
- [CVE-2024-54051](CVE-2024/CVE-2024-540xx/CVE-2024-54051.json) (`2024-12-19T18:59:21.867`)
- [CVE-2024-8355](CVE-2024/CVE-2024-83xx/CVE-2024-8355.json) (`2024-12-19T18:47:39.363`)
- [CVE-2024-9112](CVE-2024/CVE-2024-91xx/CVE-2024-9112.json) (`2024-12-19T18:15:52.733`)
- [CVE-2024-9113](CVE-2024/CVE-2024-91xx/CVE-2024-9113.json) (`2024-12-19T18:15:21.380`)
- [CVE-2024-9727](CVE-2024/CVE-2024-97xx/CVE-2024-9727.json) (`2024-12-19T17:46:11.723`)
- [CVE-2024-9728](CVE-2024/CVE-2024-97xx/CVE-2024-9728.json) (`2024-12-19T17:30:02.427`)
- [CVE-2024-9798](CVE-2024/CVE-2024-97xx/CVE-2024-9798.json) (`2024-12-19T17:00:16.440`)
- [CVE-2024-9802](CVE-2024/CVE-2024-98xx/CVE-2024-9802.json) (`2024-12-19T17:00:21.353`)
- [CVE-2024-54032](CVE-2024/CVE-2024-540xx/CVE-2024-54032.json) (`2024-12-19T19:03:15.563`)
- [CVE-2024-54034](CVE-2024/CVE-2024-540xx/CVE-2024-54034.json) (`2024-12-19T19:03:03.917`)
- [CVE-2024-54036](CVE-2024/CVE-2024-540xx/CVE-2024-54036.json) (`2024-12-19T19:02:47.713`)
- [CVE-2024-54050](CVE-2024/CVE-2024-540xx/CVE-2024-54050.json) (`2024-12-19T19:02:17.920`)
- [CVE-2024-5466](CVE-2024/CVE-2024-54xx/CVE-2024-5466.json) (`2024-12-19T20:21:12.243`)
- [CVE-2024-7234](CVE-2024/CVE-2024-72xx/CVE-2024-7234.json) (`2024-12-19T19:46:05.367`)
- [CVE-2024-7235](CVE-2024/CVE-2024-72xx/CVE-2024-7235.json) (`2024-12-19T19:42:37.133`)
- [CVE-2024-7236](CVE-2024/CVE-2024-72xx/CVE-2024-7236.json) (`2024-12-19T19:35:22.970`)
- [CVE-2024-7237](CVE-2024/CVE-2024-72xx/CVE-2024-7237.json) (`2024-12-19T19:25:49.767`)
- [CVE-2024-7565](CVE-2024/CVE-2024-75xx/CVE-2024-7565.json) (`2024-12-19T19:15:24.127`)
- [CVE-2024-9712](CVE-2024/CVE-2024-97xx/CVE-2024-9712.json) (`2024-12-19T19:17:34.457`)
- [CVE-2024-9713](CVE-2024/CVE-2024-97xx/CVE-2024-9713.json) (`2024-12-19T19:16:28.340`)
- [CVE-2024-9714](CVE-2024/CVE-2024-97xx/CVE-2024-9714.json) (`2024-12-19T19:14:46.480`)
- [CVE-2024-9715](CVE-2024/CVE-2024-97xx/CVE-2024-9715.json) (`2024-12-19T19:14:39.070`)
- [CVE-2024-9716](CVE-2024/CVE-2024-97xx/CVE-2024-9716.json) (`2024-12-19T19:14:31.030`)
- [CVE-2024-9717](CVE-2024/CVE-2024-97xx/CVE-2024-9717.json) (`2024-12-19T19:14:21.630`)
- [CVE-2024-9718](CVE-2024/CVE-2024-97xx/CVE-2024-9718.json) (`2024-12-19T19:14:03.807`)
- [CVE-2024-9719](CVE-2024/CVE-2024-97xx/CVE-2024-9719.json) (`2024-12-19T19:13:52.097`)
- [CVE-2024-9720](CVE-2024/CVE-2024-97xx/CVE-2024-9720.json) (`2024-12-19T19:13:44.393`)
- [CVE-2024-9721](CVE-2024/CVE-2024-97xx/CVE-2024-9721.json) (`2024-12-19T19:13:36.883`)
- [CVE-2024-9722](CVE-2024/CVE-2024-97xx/CVE-2024-9722.json) (`2024-12-19T19:13:28.567`)
- [CVE-2024-9723](CVE-2024/CVE-2024-97xx/CVE-2024-9723.json) (`2024-12-19T19:13:20.427`)
- [CVE-2024-9724](CVE-2024/CVE-2024-97xx/CVE-2024-9724.json) (`2024-12-19T19:13:11.980`)
- [CVE-2024-9725](CVE-2024/CVE-2024-97xx/CVE-2024-9725.json) (`2024-12-19T19:12:56.823`)
- [CVE-2024-9726](CVE-2024/CVE-2024-97xx/CVE-2024-9726.json) (`2024-12-19T19:12:27.903`)
## Download and Usage

339
_state.csv
View File

File diff suppressed because it is too large Load Diff