From f43a357e49f31b10c8678aaa791b557111de2295 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 1 Aug 2024 04:03:13 +0000 Subject: [PATCH] Auto-Update: 2024-08-01T04:00:17.499878+00:00 --- CVE-2024/CVE-2024-223xx/CVE-2024-22372.json | 6 +- CVE-2024/CVE-2024-340xx/CVE-2024-34021.json | 25 ++++ CVE-2024/CVE-2024-357xx/CVE-2024-35751.json | 8 +- CVE-2024/CVE-2024-357xx/CVE-2024-35755.json | 8 +- CVE-2024/CVE-2024-374xx/CVE-2024-37474.json | 8 +- CVE-2024/CVE-2024-396xx/CVE-2024-39607.json | 25 ++++ CVE-2024/CVE-2024-408xx/CVE-2024-40883.json | 25 ++++ CVE-2024/CVE-2024-66xx/CVE-2024-6687.json | 60 +++++++++ CVE-2024/CVE-2024-73xx/CVE-2024-7333.json | 137 ++++++++++++++++++++ CVE-2024/CVE-2024-73xx/CVE-2024-7334.json | 137 ++++++++++++++++++++ CVE-2024/CVE-2024-73xx/CVE-2024-7335.json | 137 ++++++++++++++++++++ CVE-2024/CVE-2024-73xx/CVE-2024-7336.json | 137 ++++++++++++++++++++ CVE-2024/CVE-2024-73xx/CVE-2024-7337.json | 137 ++++++++++++++++++++ README.md | 27 ++-- _state.csv | 25 ++-- 15 files changed, 870 insertions(+), 32 deletions(-) create mode 100644 CVE-2024/CVE-2024-340xx/CVE-2024-34021.json create mode 100644 CVE-2024/CVE-2024-396xx/CVE-2024-39607.json create mode 100644 CVE-2024/CVE-2024-408xx/CVE-2024-40883.json create mode 100644 CVE-2024/CVE-2024-66xx/CVE-2024-6687.json create mode 100644 CVE-2024/CVE-2024-73xx/CVE-2024-7333.json create mode 100644 CVE-2024/CVE-2024-73xx/CVE-2024-7334.json create mode 100644 CVE-2024/CVE-2024-73xx/CVE-2024-7335.json create mode 100644 CVE-2024/CVE-2024-73xx/CVE-2024-7336.json create mode 100644 CVE-2024/CVE-2024-73xx/CVE-2024-7337.json diff --git a/CVE-2024/CVE-2024-223xx/CVE-2024-22372.json b/CVE-2024/CVE-2024-223xx/CVE-2024-22372.json index 1379540b2ef..f7f4d6079dd 100644 --- a/CVE-2024/CVE-2024-223xx/CVE-2024-22372.json +++ b/CVE-2024/CVE-2024-223xx/CVE-2024-22372.json @@ -2,13 +2,13 @@ "id": "CVE-2024-22372", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-01-24T05:15:14.137", - "lastModified": "2024-01-30T22:17:49.987", - "vulnStatus": "Analyzed", + "lastModified": "2024-08-01T02:15:01.737", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product. Affected products and versions are as follows: WRC-X1800GS-B v1.17 and earlier, WRC-X1800GSA-B v1.17 and earlier, WRC-X1800GSH-B v1.17 and earlier, WRC-X6000XS-G v1.09, and WRC-X6000XST-G v1.12 and earlier." + "value": "OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product." }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-340xx/CVE-2024-34021.json b/CVE-2024/CVE-2024-340xx/CVE-2024-34021.json new file mode 100644 index 00000000000..8288c87879f --- /dev/null +++ b/CVE-2024/CVE-2024-340xx/CVE-2024-34021.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-34021", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2024-08-01T02:15:01.873", + "lastModified": "2024-08-01T02:15:01.873", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted upload of file with dangerous type vulnerability exists in ELECOM wireless LAN routers. A specially crafted file may be uploaded to the affected product by a logged-in user with an administrative privilege, resulting in an arbitrary OS command execution." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://jvn.jp/en/jp/JVN06672778/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://www.elecom.co.jp/news/security/20240730-01/", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35751.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35751.json index 9f77d877024..cb0d4b4d046 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35751.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35751.json @@ -2,8 +2,8 @@ "id": "CVE-2024-35751", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-08T13:15:57.370", - "lastModified": "2024-07-25T13:17:42.720", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-01T03:19:00.947", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -80,9 +80,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:cm-wp:woody_ad_snippets:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:cm-wp:woody_code_snippets:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.5.1", - "matchCriteriaId": "4E70D871-71CE-4853-8CFD-158C72BAFC8A" + "matchCriteriaId": "A04D2AC6-46AB-4647-A6BB-9A5B25735D3A" } ] } diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35755.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35755.json index 0c0a646871f..2a7d58c4c8c 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35755.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35755.json @@ -2,7 +2,7 @@ "id": "CVE-2024-35755", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-08T11:15:49.780", - "lastModified": "2024-07-23T20:15:16.157", + "lastModified": "2024-08-01T03:17:32.993", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -80,9 +80,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:eltiempoen:weather_widget_pro:*:*:*:*:*:*:*:*", - "versionEndIncluding": "1.1.40", - "matchCriteriaId": "42256ED5-D67F-4A7F-A7C5-C96B342AB15D" + "criteria": "cpe:2.3:a:eltiempoen:weather_widget_pro:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.1.41", + "matchCriteriaId": "37B32AB7-618E-435C-B48C-3B227D72361C" } ] } diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37474.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37474.json index 18e9aaf8ddc..493df65fb6f 100644 --- a/CVE-2024/CVE-2024-374xx/CVE-2024-37474.json +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37474.json @@ -2,8 +2,8 @@ "id": "CVE-2024-37474", "sourceIdentifier": "audit@patchstack.com", "published": "2024-07-04T19:15:10.790", - "lastModified": "2024-07-19T15:34:49.460", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-01T03:18:10.487", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -80,9 +80,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:automattic:newspack:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:automattic:newspack_ads:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "1.47.2", - "matchCriteriaId": "2966F72A-C5ED-4E67-A588-F50DCAC946F7" + "matchCriteriaId": "CB9637D5-35C4-415A-BE04-F6A76B74B8C2" } ] } diff --git a/CVE-2024/CVE-2024-396xx/CVE-2024-39607.json b/CVE-2024/CVE-2024-396xx/CVE-2024-39607.json new file mode 100644 index 00000000000..878f6f463b4 --- /dev/null +++ b/CVE-2024/CVE-2024-396xx/CVE-2024-39607.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-39607", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2024-08-01T02:15:01.950", + "lastModified": "2024-08-01T02:15:01.950", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "OS command injection vulnerability exists in ELECOM wireless LAN routers. A specially crafted request may be sent to the affected product by a logged-in user with an administrative privilege to execute an arbitrary OS command." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://jvn.jp/en/jp/JVN06672778/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://www.elecom.co.jp/news/security/20240730-01/", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-408xx/CVE-2024-40883.json b/CVE-2024/CVE-2024-408xx/CVE-2024-40883.json new file mode 100644 index 00000000000..ae9e3560acf --- /dev/null +++ b/CVE-2024/CVE-2024-408xx/CVE-2024-40883.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-40883", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2024-08-01T02:15:02.023", + "lastModified": "2024-08-01T02:15:02.023", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-site request forgery vulnerability exists in ELECOM wireless LAN routers. Viewing a malicious page while logging in to the affected product with an administrative privilege, the user may be directed to perform unintended operations such as changing the login ID, login password, etc." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://jvn.jp/en/jp/JVN06672778/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://www.elecom.co.jp/news/security/20240730-01/", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-66xx/CVE-2024-6687.json b/CVE-2024/CVE-2024-66xx/CVE-2024-6687.json new file mode 100644 index 00000000000..8a7311ef943 --- /dev/null +++ b/CVE-2024/CVE-2024-66xx/CVE-2024-6687.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-6687", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-08-01T02:15:02.087", + "lastModified": "2024-08-01T02:15:02.087", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The CTT Expresso para WooCommerce plugin for WordPress is vulnerable to sensitive information exposure in all versions up to and including 3.2.12 via the /wp-content/uploads/cepw directory. The generated .pdf and log files are publicly accessible and contain sensitive information such as sender and receiver names, phone numbers, physical addresses, and email addresses" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3127496%40ctt-expresso-para-woocommerce&new=3127496%40ctt-expresso-para-woocommerce&sfp_email=&sfph_mail=#file25", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/13088645-8233-40fb-8755-cbdf44c0eaf7?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-73xx/CVE-2024-7333.json b/CVE-2024/CVE-2024-73xx/CVE-2024-7333.json new file mode 100644 index 00000000000..7ea0dbb4313 --- /dev/null +++ b/CVE-2024/CVE-2024-73xx/CVE-2024-7333.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-7333", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-08-01T02:15:02.317", + "lastModified": "2024-08-01T02:15:02.317", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in TOTOLINK N350RT 9.3.5u.6139_B20201216. It has been declared as critical. This vulnerability affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument week/sTime/eTime leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273256. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.7, + "baseSeverity": "HIGH" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE", + "baseScore": 9.0 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 8.0, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/135a/IoT-vulnerable/blob/main/TOTOLINK/N350RT/setParentalRules.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.273256", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.273256", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.379281", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-73xx/CVE-2024-7334.json b/CVE-2024/CVE-2024-73xx/CVE-2024-7334.json new file mode 100644 index 00000000000..5a599b65aa2 --- /dev/null +++ b/CVE-2024/CVE-2024-73xx/CVE-2024-7334.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-7334", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-08-01T02:15:02.617", + "lastModified": "2024-08-01T02:15:02.617", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. It has been rated as critical. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273257 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.7, + "baseSeverity": "HIGH" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE", + "baseScore": 9.0 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 8.0, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ruan-uer/create/blob/main/IoT-vulnerable/TOTOLINK/EX1200/UploadCustomModule.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.273257", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.273257", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.379286", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-73xx/CVE-2024-7335.json b/CVE-2024/CVE-2024-73xx/CVE-2024-7335.json new file mode 100644 index 00000000000..9698eaaeae1 --- /dev/null +++ b/CVE-2024/CVE-2024-73xx/CVE-2024-7335.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-7335", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-08-01T02:15:02.900", + "lastModified": "2024-08-01T02:15:02.900", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical has been found in TOTOLINK EX200 4.0.3c.7646_B20201211. Affected is the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument http_host leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-273258 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.7, + "baseSeverity": "HIGH" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE", + "baseScore": 9.0 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 8.0, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/EX200/getSaveConfig.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.273258", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.273258", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.379313", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-73xx/CVE-2024-7336.json b/CVE-2024/CVE-2024-73xx/CVE-2024-7336.json new file mode 100644 index 00000000000..19361546610 --- /dev/null +++ b/CVE-2024/CVE-2024-73xx/CVE-2024-7336.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-7336", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-08-01T03:15:01.717", + "lastModified": "2024-08-01T03:15:01.717", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical was found in TOTOLINK EX200 4.0.3c.7646_B20201211. Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273259. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.7, + "baseSeverity": "HIGH" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE", + "baseScore": 9.0 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 8.0, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/EX200/loginauth.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.273259", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.273259", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.379314", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-73xx/CVE-2024-7337.json b/CVE-2024/CVE-2024-73xx/CVE-2024-7337.json new file mode 100644 index 00000000000..29ffb20fdea --- /dev/null +++ b/CVE-2024/CVE-2024-73xx/CVE-2024-7337.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-7337", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-08-01T03:15:01.987", + "lastModified": "2024-08-01T03:15:01.987", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. Affected by this issue is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273260. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.7, + "baseSeverity": "HIGH" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE", + "baseScore": 9.0 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 8.0, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/EX1200/loginauth.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.273260", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.273260", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.379315", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 8595c165568..796b9c62a00 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-08-01T02:00:16.656388+00:00 +2024-08-01T04:00:17.499878+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-08-01T01:15:09.663000+00:00 +2024-08-01T03:19:00.947000+00:00 ``` ### Last Data Feed Release @@ -33,23 +33,32 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -258694 +258703 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `9` -- [CVE-2024-7330](CVE-2024/CVE-2024-73xx/CVE-2024-7330.json) (`2024-08-01T00:15:02.480`) -- [CVE-2024-7331](CVE-2024/CVE-2024-73xx/CVE-2024-7331.json) (`2024-08-01T00:15:02.770`) -- [CVE-2024-7332](CVE-2024/CVE-2024-73xx/CVE-2024-7332.json) (`2024-08-01T01:15:09.663`) +- [CVE-2024-34021](CVE-2024/CVE-2024-340xx/CVE-2024-34021.json) (`2024-08-01T02:15:01.873`) +- [CVE-2024-39607](CVE-2024/CVE-2024-396xx/CVE-2024-39607.json) (`2024-08-01T02:15:01.950`) +- [CVE-2024-40883](CVE-2024/CVE-2024-408xx/CVE-2024-40883.json) (`2024-08-01T02:15:02.023`) +- [CVE-2024-6687](CVE-2024/CVE-2024-66xx/CVE-2024-6687.json) (`2024-08-01T02:15:02.087`) +- [CVE-2024-7333](CVE-2024/CVE-2024-73xx/CVE-2024-7333.json) (`2024-08-01T02:15:02.317`) +- [CVE-2024-7334](CVE-2024/CVE-2024-73xx/CVE-2024-7334.json) (`2024-08-01T02:15:02.617`) +- [CVE-2024-7335](CVE-2024/CVE-2024-73xx/CVE-2024-7335.json) (`2024-08-01T02:15:02.900`) +- [CVE-2024-7336](CVE-2024/CVE-2024-73xx/CVE-2024-7336.json) (`2024-08-01T03:15:01.717`) +- [CVE-2024-7337](CVE-2024/CVE-2024-73xx/CVE-2024-7337.json) (`2024-08-01T03:15:01.987`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `4` -- [CVE-2023-4262](CVE-2023/CVE-2023-42xx/CVE-2023-4262.json) (`2024-08-01T00:15:02.090`) +- [CVE-2024-22372](CVE-2024/CVE-2024-223xx/CVE-2024-22372.json) (`2024-08-01T02:15:01.737`) +- [CVE-2024-35751](CVE-2024/CVE-2024-357xx/CVE-2024-35751.json) (`2024-08-01T03:19:00.947`) +- [CVE-2024-35755](CVE-2024/CVE-2024-357xx/CVE-2024-35755.json) (`2024-08-01T03:17:32.993`) +- [CVE-2024-37474](CVE-2024/CVE-2024-374xx/CVE-2024-37474.json) (`2024-08-01T03:18:10.487`) ## Download and Usage diff --git a/_state.csv b/_state.csv index a6e667e7237..2d68955e2e0 100644 --- a/_state.csv +++ b/_state.csv @@ -231926,7 +231926,7 @@ CVE-2023-42580,0,0,857d6b0c372e6663712d898c016feff0c3c218909136cd95337a864def798 CVE-2023-42581,0,0,46e168df1b395467e74592619a6bbab0800f78cf8d4fec626bf850c7508c4d4f,2023-12-12T17:08:44.080000 CVE-2023-4259,0,0,66c07068928725737fca6c815c044a284bfe54d498bc2dc1dfdc90d5db05576a,2023-12-22T19:33:51.477000 CVE-2023-4260,0,0,825d2e262d09d358795c77a30ca8ce45e8b4eeaff5088b76af0e3b42b67d864b,2023-12-22T19:33:33.067000 -CVE-2023-4262,0,1,96c5e685e0ea51dcabf79db9f0bdc769da7bbc4411b11be6252f295df8d63962,2024-08-01T00:15:02.090000 +CVE-2023-4262,0,0,96c5e685e0ea51dcabf79db9f0bdc769da7bbc4411b11be6252f295df8d63962,2024-08-01T00:15:02.090000 CVE-2023-42627,0,0,5e2cd42b2278c38c4f57cff46961aa9936e939b832a0083c807af58694bbcce2,2023-12-28T16:13:12.767000 CVE-2023-42628,0,0,5207ef8837f7217e05d0e269eeb144df39b0636cf5f49008355f0fa919038baf,2023-12-28T16:13:28.370000 CVE-2023-42629,0,0,c50fd43fc12ac4375054e07f3b50f99863600d41b708051e6e543395b4e6b0c6,2023-12-28T16:13:32.073000 @@ -244303,7 +244303,7 @@ CVE-2024-22369,0,0,30b4ed35002a1c9041765935be8eb0a4b2b4296c6df468fe9e2f5061e6b3b CVE-2024-2237,0,0,8acc771e5420188b33ab0fa565428c5e7a786ced19cedd2d276b0e24b8b2ca41,2024-03-13T18:15:58.530000 CVE-2024-22370,0,0,9faa550aecd655dd0c6044075a993cb7fd6340db4b5ed67443b2de43fe28b521,2024-01-12T19:29:18.790000 CVE-2024-22371,0,0,65176fb1371180a9135c4e1994516587ff073e07658aacf0b6c50da88df3e9cd,2024-02-26T16:32:25.577000 -CVE-2024-22372,0,0,4d44dffa8c3c4313d847bd7ca0a92fb28eef4e03f25600302b19b528a9ba68a8,2024-01-30T22:17:49.987000 +CVE-2024-22372,0,1,41a96df2cec3cd9d4b88fe1ba832af86ed0b835682a086e1a6cff274644119c9,2024-08-01T02:15:01.737000 CVE-2024-22373,0,0,ee90570c26c3acb48d9fa787d85b6b327edae750fc1f814f1d147a75d6b2e6d8,2024-05-05T03:15:06.740000 CVE-2024-22377,0,0,782d358b34b5704e2c21ca3b717bc2ac1d3a2033eb04ef7cb90e2d91ab97e553,2024-07-11T13:05:54.930000 CVE-2024-22379,0,0,c9e285aa797b1e6528c89126683c7fb5cd7376e80739729d0c8313d95abb46f7,2024-05-17T18:36:05.263000 @@ -252114,6 +252114,7 @@ CVE-2024-34012,0,0,04f4534da5173cfce7ebae120e48f12f9b737be7b5131e98dd79deccdc3d7 CVE-2024-34013,0,0,31f555436f56628c9b80feda54af6c121f0002b6c021c0928728c76ed328d68f,2024-07-19T13:01:44.567000 CVE-2024-3402,0,0,860d32d94b28d3118ff3553c4f964ad26b3d56a8c45fca055d79619e6385e5e0,2024-06-07T14:56:05.647000 CVE-2024-34020,0,0,c4663f98778b76c33582b9d015039d06540b400c550bf7c9ee3e5b98d9ff425a,2024-07-03T01:59:16.227000 +CVE-2024-34021,1,1,3f2cfd64aa27207afc31a6cf68d5b45a2216292b387df955a0c6dac88d2017bf,2024-08-01T02:15:01.873000 CVE-2024-34024,0,0,0a0d832c0db4d58a70ccecce54b6344b3f181daaf3ed5285ed66313a40334a22,2024-06-20T12:44:01.637000 CVE-2024-34025,0,0,edd2792f368696b38d90328f1c1ccaaade65bc2e70f896834331ba779fb27dd0,2024-05-16T13:03:05.353000 CVE-2024-34027,0,0,a46473315ff7fae435c2b21f290e2c9550c38dfa46dbd2afc2165efc005d2aa6,2024-06-24T19:26:47.037000 @@ -253139,11 +253140,11 @@ CVE-2024-35748,0,0,0d0ae6570b9b5dd7d8320e68cedce9cf69c0c9ccda564604cf2b92bad42c2 CVE-2024-35749,0,0,3be9161c0f99f99e480b0f4d9d6c3b5b6bdb08738620c21eb9fc65f646cc2eeb,2024-06-12T18:19:55.050000 CVE-2024-3575,0,0,7b73b64d176ee42e3f815efb129e0a4e8daabc141e22843995ce14322618115c,2024-04-16T13:24:07.103000 CVE-2024-35750,0,0,6e06aeca71ad00810f40d3c09fd426bb6ff377dd4039e66a40155befdd774ca3,2024-06-10T02:52:08.267000 -CVE-2024-35751,0,0,3b8502ac115e3d4777ef4c7e19009dd97afeb4c0010a92e34d87916aafc7d602,2024-07-25T13:17:42.720000 +CVE-2024-35751,0,1,e1663b8c50f83517934d4862fd0d61dee5d0a49bf4813097a1ced7fef67b55a4,2024-08-01T03:19:00.947000 CVE-2024-35752,0,0,2959743628a1736f3c2cc142d9df4f39137eeb6a8e6aeb3884b9986bb7f210b1,2024-07-25T13:23:13.527000 CVE-2024-35753,0,0,4ad7364fde338b1172d3912b082d48ff9c7e6bb90d9788eb462ee65f933adbdc,2024-07-19T18:31:44.157000 CVE-2024-35754,0,0,6542d4ccfbee23f434dbe55310367fe2a58769f4413cd83c76145804203a6991,2024-06-12T18:19:06.043000 -CVE-2024-35755,0,0,2571e4c1c85d187483b8d6945db6f40920f15adf47a26bbdda7476c12f520093,2024-07-23T20:15:16.157000 +CVE-2024-35755,0,1,cc2117d22812aa69d3d5a641ac8b181d687b07ad79fa54540f5770eb7650b484,2024-08-01T03:17:32.993000 CVE-2024-35756,0,0,544619c9ecc5325b30fd6bce5cf3678837c7f45621d4b9369a6b2ab863337f02,2024-07-19T18:45:25.210000 CVE-2024-35757,0,0,1783dc94b696b52627bcb10bcd86c9195ecb7dd5f909ee1c78c7f825973d91cd,2024-06-24T19:19:01.097000 CVE-2024-35758,0,0,c003876eab7b54fdade1783d14653406500e6822c823598d393dc5d8fd37a00a,2024-06-24T19:19:51.957000 @@ -254362,7 +254363,7 @@ CVE-2024-37466,0,0,bfd79fbf2cc8fe5f4b671c7b28aed23901ff778f5b74f12d79e3146f6452b CVE-2024-3747,0,0,3219ce820822d72e46103b803901087d25784fb8e92da6509df83502f94f1ce3,2024-05-02T18:00:37.360000 CVE-2024-37471,0,0,d465bdcae3c1ad0d7280b371addcc2292b7e76a7a90d8614a04cd4784c1cba62,2024-07-19T17:02:31.163000 CVE-2024-37472,0,0,0212378c488764d33b1d17de1bc88a5356a23ba19a78046e8c133cfbba541862,2024-07-19T17:04:42.343000 -CVE-2024-37474,0,0,09ba42861da70f4250d6bcb8a99d1c17d7a003d3435623aaf83520b8203e23ce,2024-07-19T15:34:49.460000 +CVE-2024-37474,0,1,cf61b09860754eb2ef791cdf4ca372725ff10acc72703ca0f7e6cbc23292744a,2024-08-01T03:18:10.487000 CVE-2024-37476,0,0,beaa8c83ba0e39b20623f48990395c389b87f4d82490a453165560bffd5535b0,2024-07-19T16:52:39.713000 CVE-2024-37479,0,0,b47f15244b7d8bdc435b7b058e1a43515a90d9355fb7c5cb51f1025055601a89,2024-07-02T12:09:16.907000 CVE-2024-3748,0,0,130f91484f33c46b6a8a1b827c41c8bedf887e9f91a42beeaa1df38ecf15e978,2024-07-03T02:06:31.737000 @@ -255472,6 +255473,7 @@ CVE-2024-39598,0,0,565f2774e84c891d5996cf36fa669402a223a2e5a490f549b69365c6075a4 CVE-2024-39599,0,0,71c6e22ff50e3a1f14090d5ce5359c041b1ab088b8ff29fe36a33f35ff802136,2024-07-09T18:19:14.047000 CVE-2024-39600,0,0,3f218b3b2797556a97f50f1b3db443b951be2a33b8f95e3d04ecb200803e8aaa,2024-07-09T18:19:14.047000 CVE-2024-39601,0,0,7691c6b30f5986c79e8398298f8afaed5e766d08eb3fdbaa17ee23cfa6227202,2024-07-24T12:55:13.223000 +CVE-2024-39607,1,1,7d351fe5f1ab66522df339e7523a4db2286eba2e04f75ef235070b9e70434e42,2024-08-01T02:15:01.950000 CVE-2024-3961,0,0,7859b6a2f8e5a01656e72fd209a53f5adaf23f278f08a55d207894f918e1fda9,2024-07-17T13:32:37.647000 CVE-2024-39614,0,0,26b2dcc9a6a6be274ddfdc54c9957bec272862e2ee62a7b674c4947a1cc7966c,2024-07-11T13:05:54.930000 CVE-2024-3962,0,0,48687fe56cf9bd40f5a5971493143104fa6812806c2dc18cc2c914079c1544b9,2024-04-26T12:58:17.720000 @@ -255901,6 +255903,7 @@ CVE-2024-4087,0,0,559dc8fcb531eb7d96e390fa33463b50a20c5a688e8dbefeb3187bf1d2c5f7 CVE-2024-40872,0,0,61b6054f8d04261e92c08a44feec16dc1d8422a97543a2162e5dea5f0a6c8f9d,2024-07-26T12:38:41.683000 CVE-2024-40873,0,0,16fd81fc79820f32ad2e7940b90409fc2d2f9351443634159d6f5e89b93d7b04,2024-07-26T12:38:41.683000 CVE-2024-4088,0,0,61cc31924b86843bbd20c326ef7465dc1aa394b548458b2e1a9fc62c09ede628,2024-06-11T17:11:30.193000 +CVE-2024-40883,1,1,61859aa6fab414abad65f9dc85c1dcac4befa9f30ceca38d208a52e8b953f455,2024-08-01T02:15:02.023000 CVE-2024-40895,0,0,28ffbfad907ecd6e6665d2dbecd78214d48d230f78fe3bf5c93e6b599c909051,2024-07-30T13:32:45.943000 CVE-2024-40897,0,0,6abf47f4a62ea89c178f137de2c06b0ad3aa344f78325532ce36c2ccb3219895,2024-07-28T14:15:10.533000 CVE-2024-40898,0,0,6d797ebcdf9c53e0eade3a2c00a2f7d68b1d101b3405603dd30cc2157b772084,2024-07-18T12:28:43.707000 @@ -258407,6 +258410,7 @@ CVE-2024-6677,0,0,d8004a1441e952f05633a34727a4f9223ac5077c2123fd1507a1955287de18 CVE-2024-6679,0,0,193698b3a519c2de1af0fd23f7e404e2d54c730e4704d97d0092b63ef1c81272,2024-07-11T18:09:58.777000 CVE-2024-6680,0,0,131299d0989a76f846afb0c8ae15f4692f1a0fdd9931fad30c165660cd1232fc,2024-07-11T18:09:58.777000 CVE-2024-6681,0,0,fd87484dafd740c0f788720b14149eb40f6b6d8ce371416d0e039ce9acf82071,2024-07-11T18:09:58.777000 +CVE-2024-6687,1,1,8da08526b23d42202f04689532c9fc543d8d2a947afc7d51db690c4ccd57faa9,2024-08-01T02:15:02.087000 CVE-2024-6689,0,0,d40d4a6e022419e83ed34bb3a74eb0d24556e6d76f7b0a592f90775a9d52873c,2024-07-16T13:43:58.773000 CVE-2024-6694,0,0,7d61bbb6e4266a8c90354c9d0cb6da1ede156f667671ed3e7d5507b5e685e063,2024-07-22T13:00:53.287000 CVE-2024-6695,0,0,b8b8eb834b1b9a9af206e3d65440d92cd68142fa9e3d4c45cc66092e8f4a1c06,2024-07-31T12:57:02.300000 @@ -258689,7 +258693,12 @@ CVE-2024-7326,0,0,a5633e33c2a02d16e1af1e072da8fcba0a0a399f571fb68ca112102c143d39 CVE-2024-7327,0,0,510528affde5acd43eb35c63eb5d902602feae67d44ba5b56e6db447c84da7be,2024-07-31T22:15:02.520000 CVE-2024-7328,0,0,be7182a894a8e66f01544f620c1db2fc584f80c3fdfe225824388e187bc79987,2024-07-31T23:15:13.787000 CVE-2024-7329,0,0,647011e77f0a714e815e8381fc994d93728c4132bc26ac724dbc1603ac898070,2024-07-31T23:15:14.063000 -CVE-2024-7330,1,1,5bf5173338f50020395f31daa98d4e5268ee0c334bf7bc2b63dcd97ca1cac54d,2024-08-01T00:15:02.480000 -CVE-2024-7331,1,1,422506cc594da25bdbe818831361a21a2e0829762b0d1a1720237ffae15a8cb0,2024-08-01T00:15:02.770000 -CVE-2024-7332,1,1,ef2ff829409aed53fc5b7bd78181a4259375247ae472718669fa3749f64cef0b,2024-08-01T01:15:09.663000 +CVE-2024-7330,0,0,5bf5173338f50020395f31daa98d4e5268ee0c334bf7bc2b63dcd97ca1cac54d,2024-08-01T00:15:02.480000 +CVE-2024-7331,0,0,422506cc594da25bdbe818831361a21a2e0829762b0d1a1720237ffae15a8cb0,2024-08-01T00:15:02.770000 +CVE-2024-7332,0,0,ef2ff829409aed53fc5b7bd78181a4259375247ae472718669fa3749f64cef0b,2024-08-01T01:15:09.663000 +CVE-2024-7333,1,1,ab5b1eb89096d632fd0d3e24d267111879cdc5d9d5442a3d01b83ef574cac67c,2024-08-01T02:15:02.317000 +CVE-2024-7334,1,1,f6436d883d35ac14c8fd706811d0faed09a47eddb9b3a278251585eebdf4961a,2024-08-01T02:15:02.617000 +CVE-2024-7335,1,1,a8ca3ff100d2550a49bfae7a68b6f2b3f03844acfea91fd620bb94479ff0f69a,2024-08-01T02:15:02.900000 +CVE-2024-7336,1,1,98cf8001247af131404ed726a56cdfaacc3fdaabc0ae9ad0f26633ec52cc05a2,2024-08-01T03:15:01.717000 +CVE-2024-7337,1,1,5c858aa4e8d61610786b879cb485d1cfae507d8e6ee88f3cf4437d95bb969bf6,2024-08-01T03:15:01.987000 CVE-2024-7340,0,0,fce15548fae9b804b40d57548bf30df09df1870e3bdee4ca04fd99c2c05c0232,2024-07-31T15:15:11.203000