From 66b91c829ea0f5d8aa30ba828d88931cae90d4b5 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 3 Dec 2024 17:04:12 +0000 Subject: [PATCH] Auto-Update: 2024-12-03T17:01:01.472617+00:00 --- CVE-2018/CVE-2018-94xx/CVE-2018-9418.json | 43 +- CVE-2018/CVE-2018-94xx/CVE-2018-9423.json | 43 +- CVE-2018/CVE-2018-94xx/CVE-2018-9426.json | 43 +- CVE-2018/CVE-2018-94xx/CVE-2018-9429.json | 43 +- CVE-2018/CVE-2018-94xx/CVE-2018-9430.json | 43 +- CVE-2018/CVE-2018-94xx/CVE-2018-9431.json | 43 +- CVE-2018/CVE-2018-94xx/CVE-2018-9435.json | 43 +- CVE-2018/CVE-2018-94xx/CVE-2018-9441.json | 43 +- CVE-2018/CVE-2018-94xx/CVE-2018-9449.json | 43 +- CVE-2023/CVE-2023-448xx/CVE-2023-44854.json | 43 +- CVE-2024/CVE-2024-00xx/CVE-2024-0037.json | 38 +- CVE-2024/CVE-2024-108xx/CVE-2024-10893.json | 31 +- CVE-2024/CVE-2024-113xx/CVE-2024-11391.json | 60 ++ CVE-2024/CVE-2024-116xx/CVE-2024-11666.json | 75 ++- CVE-2024/CVE-2024-117xx/CVE-2024-11744.json | 81 ++- CVE-2024/CVE-2024-117xx/CVE-2024-11745.json | 93 ++- CVE-2024/CVE-2024-117xx/CVE-2024-11787.json | 65 +- CVE-2024/CVE-2024-117xx/CVE-2024-11789.json | 65 +- CVE-2024/CVE-2024-117xx/CVE-2024-11790.json | 65 +- CVE-2024/CVE-2024-117xx/CVE-2024-11791.json | 65 +- CVE-2024/CVE-2024-117xx/CVE-2024-11792.json | 65 +- CVE-2024/CVE-2024-117xx/CVE-2024-11793.json | 55 +- CVE-2024/CVE-2024-117xx/CVE-2024-11794.json | 55 +- CVE-2024/CVE-2024-117xx/CVE-2024-11795.json | 65 +- CVE-2024/CVE-2024-117xx/CVE-2024-11796.json | 55 +- CVE-2024/CVE-2024-117xx/CVE-2024-11797.json | 55 +- CVE-2024/CVE-2024-117xx/CVE-2024-11798.json | 55 +- CVE-2024/CVE-2024-117xx/CVE-2024-11799.json | 65 +- CVE-2024/CVE-2024-118xx/CVE-2024-11800.json | 65 +- CVE-2024/CVE-2024-118xx/CVE-2024-11801.json | 55 +- CVE-2024/CVE-2024-118xx/CVE-2024-11802.json | 65 +- CVE-2024/CVE-2024-118xx/CVE-2024-11803.json | 55 +- CVE-2024/CVE-2024-118xx/CVE-2024-11817.json | 84 ++- CVE-2024/CVE-2024-118xx/CVE-2024-11818.json | 83 ++- CVE-2024/CVE-2024-119xx/CVE-2024-11933.json | 65 +- CVE-2024/CVE-2024-121xx/CVE-2024-12101.json | 16 + CVE-2024/CVE-2024-207xx/CVE-2024-20760.json | 50 +- CVE-2024/CVE-2024-217xx/CVE-2024-21728.json | 31 +- CVE-2024/CVE-2024-244xx/CVE-2024-24431.json | 39 +- CVE-2024/CVE-2024-260xx/CVE-2024-26051.json | 70 +- CVE-2024/CVE-2024-260xx/CVE-2024-26052.json | 50 +- CVE-2024/CVE-2024-260xx/CVE-2024-26067.json | 48 +- CVE-2024/CVE-2024-260xx/CVE-2024-26069.json | 50 +- CVE-2024/CVE-2024-260xx/CVE-2024-26073.json | 50 +- CVE-2024/CVE-2024-260xx/CVE-2024-26080.json | 48 +- CVE-2024/CVE-2024-260xx/CVE-2024-26094.json | 50 +- CVE-2024/CVE-2024-260xx/CVE-2024-26096.json | 50 +- CVE-2024/CVE-2024-261xx/CVE-2024-26101.json | 50 +- CVE-2024/CVE-2024-261xx/CVE-2024-26102.json | 50 +- CVE-2024/CVE-2024-261xx/CVE-2024-26103.json | 50 +- CVE-2024/CVE-2024-261xx/CVE-2024-26104.json | 48 +- CVE-2024/CVE-2024-261xx/CVE-2024-26105.json | 50 +- CVE-2024/CVE-2024-261xx/CVE-2024-26106.json | 50 +- CVE-2024/CVE-2024-261xx/CVE-2024-26107.json | 48 +- CVE-2024/CVE-2024-261xx/CVE-2024-26118.json | 50 +- CVE-2024/CVE-2024-273xx/CVE-2024-27323.json | 72 +- CVE-2024/CVE-2024-295xx/CVE-2024-29507.json | 51 +- CVE-2024/CVE-2024-302xx/CVE-2024-30274.json | 60 +- CVE-2024/CVE-2024-302xx/CVE-2024-30298.json | 85 ++- CVE-2024/CVE-2024-316xx/CVE-2024-31669.json | 45 +- CVE-2024/CVE-2024-322xx/CVE-2024-32256.json | 43 +- CVE-2024/CVE-2024-326xx/CVE-2024-32610.json | 43 +- CVE-2024/CVE-2024-366xx/CVE-2024-36611.json | 45 +- CVE-2024/CVE-2024-366xx/CVE-2024-36615.json | 45 +- CVE-2024/CVE-2024-366xx/CVE-2024-36622.json | 45 +- CVE-2024/CVE-2024-388xx/CVE-2024-38862.json | 694 +++++++++++++++++++- CVE-2024/CVE-2024-388xx/CVE-2024-38863.json | 684 ++++++++++++++++++- CVE-2024/CVE-2024-398xx/CVE-2024-39890.json | 18 +- CVE-2024/CVE-2024-447xx/CVE-2024-44759.json | 39 +- CVE-2024/CVE-2024-451xx/CVE-2024-45106.json | 43 +- CVE-2024/CVE-2024-485xx/CVE-2024-48530.json | 45 +- CVE-2024/CVE-2024-485xx/CVE-2024-48533.json | 45 +- CVE-2024/CVE-2024-485xx/CVE-2024-48536.json | 45 +- CVE-2024/CVE-2024-492xx/CVE-2024-49203.json | 51 +- CVE-2024/CVE-2024-527xx/CVE-2024-52724.json | 43 +- CVE-2024/CVE-2024-527xx/CVE-2024-52732.json | 45 +- CVE-2024/CVE-2024-532xx/CVE-2024-53257.json | 60 ++ CVE-2024/CVE-2024-534xx/CVE-2024-53429.json | 60 ++ CVE-2024/CVE-2024-534xx/CVE-2024-53484.json | 43 +- CVE-2024/CVE-2024-535xx/CVE-2024-53564.json | 43 +- CVE-2024/CVE-2024-539xx/CVE-2024-53900.json | 43 +- CVE-2024/CVE-2024-539xx/CVE-2024-53999.json | 60 ++ CVE-2024/CVE-2024-540xx/CVE-2024-54000.json | 60 ++ CVE-2024/CVE-2024-541xx/CVE-2024-54159.json | 20 +- CVE-2024/CVE-2024-96xx/CVE-2024-9683.json | 72 +- README.md | 72 +- _state.csv | 252 +++---- 87 files changed, 5520 insertions(+), 509 deletions(-) create mode 100644 CVE-2024/CVE-2024-113xx/CVE-2024-11391.json create mode 100644 CVE-2024/CVE-2024-121xx/CVE-2024-12101.json create mode 100644 CVE-2024/CVE-2024-532xx/CVE-2024-53257.json create mode 100644 CVE-2024/CVE-2024-534xx/CVE-2024-53429.json create mode 100644 CVE-2024/CVE-2024-539xx/CVE-2024-53999.json create mode 100644 CVE-2024/CVE-2024-540xx/CVE-2024-54000.json diff --git a/CVE-2018/CVE-2018-94xx/CVE-2018-9418.json b/CVE-2018/CVE-2018-94xx/CVE-2018-9418.json index 3c1f5dd625c..8401faba7cc 100644 --- a/CVE-2018/CVE-2018-94xx/CVE-2018-9418.json +++ b/CVE-2018/CVE-2018-94xx/CVE-2018-9418.json @@ -2,16 +2,55 @@ "id": "CVE-2018-9418", "sourceIdentifier": "security@android.com", "published": "2024-12-02T22:15:08.727", - "lastModified": "2024-12-02T22:15:08.727", + "lastModified": "2024-12-03T16:15:18.587", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In handle_app_cur_val_response of dtif_rc.cc, there is a possible stack\u00a0buffer overflow due to a missing bounds check. This could lead to remote\u00a0code execution with no additional execution privileges needed. User\u00a0interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": " En handle_app_cur_val_response de dtif_rc.cc, existe un posible desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria debido a la falta de una comprobaci\u00f3n de los l\u00edmites. Esto podr\u00eda provocar la ejecuci\u00f3n remota de c\u00f3digo sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/pixel/2018-07-01", diff --git a/CVE-2018/CVE-2018-94xx/CVE-2018-9423.json b/CVE-2018/CVE-2018-94xx/CVE-2018-9423.json index b6b8c4fb802..9ebc5f816e0 100644 --- a/CVE-2018/CVE-2018-94xx/CVE-2018-9423.json +++ b/CVE-2018/CVE-2018-94xx/CVE-2018-9423.json @@ -2,16 +2,55 @@ "id": "CVE-2018-9423", "sourceIdentifier": "security@android.com", "published": "2024-12-02T22:15:08.827", - "lastModified": "2024-12-02T22:15:08.827", + "lastModified": "2024-12-03T15:15:05.530", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In ihevcd_parse_slice_header of ihevcd_parse_slice_header.c there is a possible out of bound read due to missing bounds check. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation." + }, + { + "lang": "es", + "value": " En ihevcd_parse_slice_header de ihevcd_parse_slice_header.c existe una posible lectura fuera de los l\u00edmites debido a la falta de verificaci\u00f3n de los l\u00edmites. Esto podr\u00eda provocar una denegaci\u00f3n de servicio sin necesidad de privilegios de ejecuci\u00f3n adicionales. Se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/pixel/2018-07-01", diff --git a/CVE-2018/CVE-2018-94xx/CVE-2018-9426.json b/CVE-2018/CVE-2018-94xx/CVE-2018-9426.json index da0b59bbb23..c43bf5509ef 100644 --- a/CVE-2018/CVE-2018-94xx/CVE-2018-9426.json +++ b/CVE-2018/CVE-2018-94xx/CVE-2018-9426.json @@ -2,16 +2,55 @@ "id": "CVE-2018-9426", "sourceIdentifier": "security@android.com", "published": "2024-12-02T22:15:08.917", - "lastModified": "2024-12-02T22:15:08.917", + "lastModified": "2024-12-03T15:15:05.730", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In \u00a0RsaKeyPairGenerator::getNumberOfIterations of RSAKeyPairGenerator.java,\u00a0an incorrect implementation could cause weak RSA key pairs being generated.\u00a0This could lead to crypto vulnerability with no additional execution\u00a0privileges needed. User interaction is not needed for exploitation.\u00a0Bulletin Fix: The fix is designed to correctly implement the key generation according to FIPS standard." + }, + { + "lang": "es", + "value": "En RsaKeyPairGenerator::getNumberOfIterations de RSAKeyPairGenerator.java, una implementaci\u00f3n incorrecta podr\u00eda provocar la generaci\u00f3n de pares de claves RSA d\u00e9biles. Esto podr\u00eda provocar una vulnerabilidad de cifrado sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para su explotaci\u00f3n. Correcci\u00f3n del bolet\u00edn: la correcci\u00f3n est\u00e1 dise\u00f1ada para implementar correctamente la generaci\u00f3n de claves de acuerdo con el est\u00e1ndar FIPS." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-331" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/pixel/2018-07-01", diff --git a/CVE-2018/CVE-2018-94xx/CVE-2018-9429.json b/CVE-2018/CVE-2018-94xx/CVE-2018-9429.json index 0d6b251bce1..1251fba2231 100644 --- a/CVE-2018/CVE-2018-94xx/CVE-2018-9429.json +++ b/CVE-2018/CVE-2018-94xx/CVE-2018-9429.json @@ -2,16 +2,55 @@ "id": "CVE-2018-9429", "sourceIdentifier": "security@android.com", "published": "2024-12-02T22:15:09.013", - "lastModified": "2024-12-02T22:15:09.013", + "lastModified": "2024-12-03T15:15:05.927", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In buildImageItemsIfPossible of ItemTable.cpp there is a possible out of bound read due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation." + }, + { + "lang": "es", + "value": " En buildImageItemsIfPossible de ItemTable.cpp existe una posible lectura fuera de los l\u00edmites debido a datos no inicializados. Esto podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n sin necesidad de privilegios de ejecuci\u00f3n adicionales. Se necesita la interacci\u00f3n del usuario para su explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/pixel/2018-07-01", diff --git a/CVE-2018/CVE-2018-94xx/CVE-2018-9430.json b/CVE-2018/CVE-2018-94xx/CVE-2018-9430.json index 182cd975d0d..b5c9d5f5b6c 100644 --- a/CVE-2018/CVE-2018-94xx/CVE-2018-9430.json +++ b/CVE-2018/CVE-2018-94xx/CVE-2018-9430.json @@ -2,16 +2,55 @@ "id": "CVE-2018-9430", "sourceIdentifier": "security@android.com", "published": "2024-12-02T22:15:09.113", - "lastModified": "2024-12-02T22:15:09.113", + "lastModified": "2024-12-03T15:15:06.087", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In prop2cfg of btif_storage.cc, there is a possible out of bounds write due\u00a0to an incorrect bounds check. This could lead to remote code execution with\u00a0no additional execution privileges needed. User interaction is not needed\u00a0for exploitation." + }, + { + "lang": "es", + "value": " En prop2cfg de btif_storage.cc, existe una posible escritura fuera de los l\u00edmites debido a una comprobaci\u00f3n de los l\u00edmites incorrecta. Esto podr\u00eda provocar la ejecuci\u00f3n remota de c\u00f3digo sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/pixel/2018-07-01", diff --git a/CVE-2018/CVE-2018-94xx/CVE-2018-9431.json b/CVE-2018/CVE-2018-94xx/CVE-2018-9431.json index f8f7feca40d..17aea1c25f2 100644 --- a/CVE-2018/CVE-2018-94xx/CVE-2018-9431.json +++ b/CVE-2018/CVE-2018-94xx/CVE-2018-9431.json @@ -2,16 +2,55 @@ "id": "CVE-2018-9431", "sourceIdentifier": "security@android.com", "published": "2024-12-02T22:15:09.210", - "lastModified": "2024-12-02T22:15:09.210", + "lastModified": "2024-12-03T15:15:06.270", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due\u00a0to improper input validation. This could lead to local escalation of\u00a0privilege with no additional execution privileges needed. User interaction\u00a0is not needed for exploitation." + }, + { + "lang": "es", + "value": "En OSUInfo de OSUInfo.java, existe una posible escalada de privilegios debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/pixel/2018-07-01", diff --git a/CVE-2018/CVE-2018-94xx/CVE-2018-9435.json b/CVE-2018/CVE-2018-94xx/CVE-2018-9435.json index 59691354fb3..c1402e90cad 100644 --- a/CVE-2018/CVE-2018-94xx/CVE-2018-9435.json +++ b/CVE-2018/CVE-2018-94xx/CVE-2018-9435.json @@ -2,16 +2,55 @@ "id": "CVE-2018-9435", "sourceIdentifier": "security@android.com", "published": "2024-12-02T22:15:09.310", - "lastModified": "2024-12-02T22:15:09.310", + "lastModified": "2024-12-03T15:15:06.450", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In gatt_process_error_rsp of gatt_cl.cc, there is a possible out of bound\u00a0read due to a missing bounds check. This could lead to local information\u00a0disclosure with no additional execution privileges needed. User interaction\u00a0is not needed for exploitation." + }, + { + "lang": "es", + "value": " En gatt_process_error_rsp de gatt_cl.cc, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltante. Esto podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.2, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.5, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/pixel/2018-08-01", diff --git a/CVE-2018/CVE-2018-94xx/CVE-2018-9441.json b/CVE-2018/CVE-2018-94xx/CVE-2018-9441.json index 5dcd270428a..74b25adc14a 100644 --- a/CVE-2018/CVE-2018-94xx/CVE-2018-9441.json +++ b/CVE-2018/CVE-2018-94xx/CVE-2018-9441.json @@ -2,16 +2,55 @@ "id": "CVE-2018-9441", "sourceIdentifier": "security@android.com", "published": "2024-12-03T01:15:04.697", - "lastModified": "2024-12-03T01:15:04.697", + "lastModified": "2024-12-03T15:15:06.620", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In sdp_copy_raw_data of sdp_discovery.cc, there is a possible out of bounds\u00a0read due to an incorrect bounds check. This could lead to local information\u00a0disclosure with no additional execution privileges needed. User interaction\u00a0is needed for exploitation." + }, + { + "lang": "es", + "value": " En sdp_copy_raw_data de sdp_discovery.cc, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites incorrecta. Esto podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. Se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/pixel/2018-08-01", diff --git a/CVE-2018/CVE-2018-94xx/CVE-2018-9449.json b/CVE-2018/CVE-2018-94xx/CVE-2018-9449.json index 18f1397f41f..ed63f1126ec 100644 --- a/CVE-2018/CVE-2018-94xx/CVE-2018-9449.json +++ b/CVE-2018/CVE-2018-94xx/CVE-2018-9449.json @@ -2,16 +2,55 @@ "id": "CVE-2018-9449", "sourceIdentifier": "security@android.com", "published": "2024-12-03T01:15:04.803", - "lastModified": "2024-12-03T01:15:04.803", + "lastModified": "2024-12-03T15:15:06.793", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In process_service_search_attr_rsp of sdp_discovery.cc, there is a possible out of bound read due\u00a0to a missing bounds check. This could lead to local information disclosure\u00a0with no additional execution privileges needed. User interaction is not\u00a0needed for exploitation." + }, + { + "lang": "es", + "value": " En process_service_search_attr_rsp de sdp_discovery.cc, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltante. Esto podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/pixel/2018-08-01", diff --git a/CVE-2023/CVE-2023-448xx/CVE-2023-44854.json b/CVE-2023/CVE-2023-448xx/CVE-2023-44854.json index 5537dd7455d..b6f7ac3af8e 100644 --- a/CVE-2023/CVE-2023-448xx/CVE-2023-44854.json +++ b/CVE-2023/CVE-2023-448xx/CVE-2023-44854.json @@ -2,7 +2,7 @@ "id": "CVE-2023-44854", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-12T04:15:09.003", - "lastModified": "2024-04-12T12:43:46.210", + "lastModified": "2024-12-03T16:15:20.170", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,11 +15,50 @@ "value": "Vulnerabilidad de Cross Site Scripting (XSS) en Cobham SAILOR VSAT Ku v.164B019, permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un script manipulado para la funci\u00f3n c_set_rslog_decode en el archivo acu_web." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], "references": [ { "url": "https://pine-amphibian-9b9.notion.site/ENG-SAILOR-Ku-Software-XSS-Remote-syslog-131b8031c9f74600aa3279c7d733d624", "source": "cve@mitre.org" + }, + { + "url": "https://pine-amphibian-9b9.notion.site/ENG-SAILOR-Ku-Software-XSS-Remote-syslog-131b8031c9f74600aa3279c7d733d624", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-00xx/CVE-2024-0037.json b/CVE-2024/CVE-2024-00xx/CVE-2024-0037.json index c87512d9176..c77f05bd6aa 100644 --- a/CVE-2024/CVE-2024-00xx/CVE-2024-0037.json +++ b/CVE-2024/CVE-2024-00xx/CVE-2024-0037.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0037", "sourceIdentifier": "security@android.com", "published": "2024-02-16T02:15:51.097", - "lastModified": "2024-11-26T16:29:39.073", - "vulnStatus": "Analyzed", + "lastModified": "2024-12-03T16:15:20.440", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 1.4 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 } ] }, @@ -49,6 +69,20 @@ "value": "CWE-862" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + }, + { + "lang": "en", + "value": "CWE-922" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-108xx/CVE-2024-10893.json b/CVE-2024/CVE-2024-108xx/CVE-2024-10893.json index 422c0c6fea5..1055b064850 100644 --- a/CVE-2024/CVE-2024-108xx/CVE-2024-10893.json +++ b/CVE-2024/CVE-2024-108xx/CVE-2024-10893.json @@ -2,16 +2,43 @@ "id": "CVE-2024-10893", "sourceIdentifier": "contact@wpscan.com", "published": "2024-12-03T06:15:08.500", - "lastModified": "2024-12-03T06:15:08.500", + "lastModified": "2024-12-03T15:15:09.780", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WP Booking Calendar WordPress plugin before 10.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + }, + { + "lang": "es", + "value": "El complemento WP Booking Calendar de WordPress anterior a la versi\u00f3n 10.6.5 no desinfecta ni escapa de algunas de sus configuraciones, lo que podr\u00eda permitir que usuarios con privilegios elevados, como el administrador, realicen ataques de cross site scripting almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n de varios sitios)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, "references": [ { "url": "https://wpscan.com/vulnerability/a230a552-3fda-4145-810f-58af540107db/", diff --git a/CVE-2024/CVE-2024-113xx/CVE-2024-11391.json b/CVE-2024/CVE-2024-113xx/CVE-2024-11391.json new file mode 100644 index 00000000000..e30aeccaa69 --- /dev/null +++ b/CVE-2024/CVE-2024-113xx/CVE-2024-11391.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-11391", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-12-03T15:15:09.973", + "lastModified": "2024-12-03T15:15:09.973", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the 'class_fma_connector.php' file in all versions up to, and including, 5.2.10. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted permissions by an Administrator, to upload arbitrary files on the affected site's server which may make remote code execution possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3199242/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f14a658c-1517-4af4-8bd7-c379ac07ab35?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11666.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11666.json index ffffb818ab5..a38ed86db4b 100644 --- a/CVE-2024/CVE-2024-116xx/CVE-2024-11666.json +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11666.json @@ -2,12 +2,17 @@ "id": "CVE-2024-11666", "sourceIdentifier": "research@onekey.com", "published": "2024-11-24T23:15:04.030", - "lastModified": "2024-11-25T00:15:04.040", - "vulnStatus": "Received", + "lastModified": "2024-12-03T15:40:14.907", + "vulnStatus": "Analyzed", + "cveTags": [], "descriptions": [ { "lang": "en", "value": "Affected devices beacon to eCharge cloud infrastructure asking if there are any command they should run. This communication is established over an insecure channel since peer verification is disabled everywhere. Therefore, remote unauthenticated users\u00a0 suitably positioned on the network between an EV charger controller and eCharge infrastructure can execute arbitrary commands with elevated privileges on affected devices.\n\nThis issue affects cph2_echarge_firmware: through 2.0.4." + }, + { + "lang": "es", + "value": "Los dispositivos afectados env\u00edan se\u00f1ales a la infraestructura en la nube de eCharge para preguntar si hay alg\u00fan comando que deban ejecutar. Esta comunicaci\u00f3n se establece a trav\u00e9s de un canal inseguro, ya que la verificaci\u00f3n entre pares est\u00e1 deshabilitada en todas partes. Por lo tanto, los usuarios remotos no autenticados ubicados adecuadamente en la red entre un controlador de cargador de veh\u00edculos el\u00e9ctricos y la infraestructura de eCharge pueden ejecutar comandos arbitrarios con privilegios elevados en los dispositivos afectados. Este problema afecta a cph2_echarge_firmware: hasta la versi\u00f3n 2.0.4." } ], "metrics": { @@ -31,6 +36,26 @@ }, "exploitabilityScore": 2.2, "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -44,12 +69,56 @@ "value": "CWE-345" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-345" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:echarge:salia_plcc_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.0.4", + "matchCriteriaId": "68BE2BFC-8664-4D95-AB52-0724D268B9AA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:echarge:salia_plcc:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7ABECA31-3F68-4CAC-991F-7EC594A2A779" + } + ] + } + ] } ], "references": [ { "url": "https://www.onekey.com/resource/critical-vulnerabilities-in-ev-charging-stations-analysis-of-echarge-controllers", - "source": "research@onekey.com" + "source": "research@onekey.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11744.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11744.json index 5fbc6477e13..62bf30904f5 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11744.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11744.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11744", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-26T21:15:06.483", - "lastModified": "2024-11-26T21:15:06.483", - "vulnStatus": "Received", + "lastModified": "2024-12-03T15:30:32.153", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en 1000 Projects Portfolio Management System MCA 1.0 y se ha clasificado como cr\u00edtica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /register.php. La manipulaci\u00f3n del nombre del argumento provoca una inyecci\u00f3n SQL. El ataque se puede ejecutar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. Tambi\u00e9n pueden verse afectados otros par\u00e1metros." } ], "metrics": { @@ -76,6 +80,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -118,28 +142,71 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:1000projects:portfolio_management_system_mca:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "C2EA77A4-2402-463E-9E5D-A08E8B927CE2" + } + ] + } + ] } ], "references": [ { "url": "https://1000projects.org/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/zdwf-klm/CVE/issues/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.286141", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.286141", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?submit.449734", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11745.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11745.json index b560d9440c3..b0aca516f58 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11745.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11745.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11745", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-26T21:15:06.733", - "lastModified": "2024-11-26T21:15:06.733", - "vulnStatus": "Received", + "lastModified": "2024-12-03T15:25:28.847", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical. Affected by this issue is the function route_static_check of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha detectado una vulnerabilidad en Tenda AC8 16.03.34.09 que se ha clasificado como cr\u00edtica. Este problema afecta a la funci\u00f3n route_static_check del archivo /goform/SetStaticRouteCfg. La manipulaci\u00f3n de la lista de argumentos provoca un desbordamiento del b\u00fafer basado en la pila. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { @@ -76,6 +80,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -118,28 +142,83 @@ "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:ac8_firmware:16.03.34.09:*:*:*:*:*:*:*", + "matchCriteriaId": "EE69F412-6FC7-470D-BC7E-B3AAC6B4585F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:ac8:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C81F1E48-0204-4478-A937-5D40CDD9E5E4" + } + ] + } + ] } ], "references": [ { "url": "https://tasty-foxtrot-3a8.notion.site/Tenda-AC8v4-route_static_check-stack-overflow-1460448e6195803087a5d39755d2bb6b?pvs=74", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.286142", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.286142", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?submit.449893", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.tenda.com.cn/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11787.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11787.json index 8bbd39a4458..13e8bc6ea41 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11787.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11787.json @@ -2,16 +2,42 @@ "id": "CVE-2024-11787", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-28T00:15:04.000", - "lastModified": "2024-11-28T00:15:04.000", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:09:14.300", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fuji Electric Monitouch V-SFT V10 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of V10 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24413." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en pila de an\u00e1lisis de archivos de Fuji Electric Monitouch V-SFT V10. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Fuji Electric Monitouch V-SFT. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos V10. El problema es el resultado de la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en pila. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24413." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -38,19 +64,50 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "023E2EFB-26E2-4C65-831F-0A97CD2FADFB" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1614/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11789.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11789.json index f24183ff19b..6d12fc13afa 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11789.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11789.json @@ -2,16 +2,42 @@ "id": "CVE-2024-11789", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-28T00:15:04.153", - "lastModified": "2024-11-28T00:15:04.153", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:08:48.497", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fuji Electric Monitouch V-SFT V10 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of V10 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24448." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en pila en el an\u00e1lisis de archivos de Fuji Electric Monitouch V-SFT V10. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Fuji Electric Monitouch V-SFT. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos V10. El problema es el resultado de la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en pila. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24448." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -38,19 +64,50 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "023E2EFB-26E2-4C65-831F-0A97CD2FADFB" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1615/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11790.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11790.json index 0026391a131..bcb3a734507 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11790.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11790.json @@ -2,16 +2,42 @@ "id": "CVE-2024-11790", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-28T00:15:04.297", - "lastModified": "2024-11-28T00:15:04.297", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:08:38.587", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fuji Electric Monitouch V-SFT V10 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of V10 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24449." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en pila en el an\u00e1lisis de archivos de Fuji Electric Monitouch V-SFT V10. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Fuji Electric Monitouch V-SFT. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos V10. El problema es el resultado de la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en pila. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24449." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -38,19 +64,50 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "023E2EFB-26E2-4C65-831F-0A97CD2FADFB" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1616/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11791.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11791.json index bed198cbc3f..2062b2e7409 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11791.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11791.json @@ -2,16 +2,42 @@ "id": "CVE-2024-11791", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-28T00:15:04.467", - "lastModified": "2024-11-28T00:15:04.467", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:08:22.910", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fuji Electric Monitouch V-SFT V8C File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of V8C files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24450." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en pila de an\u00e1lisis de archivos de Fuji Electric Monitouch V-SFT V8C. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Fuji Electric Monitouch V-SFT. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos V8C. El problema es el resultado de la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en pila. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24450." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -38,19 +64,50 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "023E2EFB-26E2-4C65-831F-0A97CD2FADFB" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1617/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11792.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11792.json index 259f4642b12..a6edbe45f07 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11792.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11792.json @@ -2,16 +2,42 @@ "id": "CVE-2024-11792", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-28T00:15:04.603", - "lastModified": "2024-11-28T00:15:04.603", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:07:42.940", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fuji Electric Monitouch V-SFT V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of V8 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24502." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en pila de an\u00e1lisis de archivos de Fuji Electric Monitouch V-SFT V8. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Fuji Electric Monitouch V-SFT. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos V8. El problema es el resultado de la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en pila. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24502." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -38,19 +64,50 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "023E2EFB-26E2-4C65-831F-0A97CD2FADFB" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1618/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11793.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11793.json index 3e19cb374df..166b85c791c 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11793.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11793.json @@ -2,16 +2,42 @@ "id": "CVE-2024-11793", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-28T00:15:04.730", - "lastModified": "2024-11-28T00:15:04.730", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:06:59.270", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fuji Electric Monitouch V-SFT V9C File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of V9C files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24503." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto fuera de los l\u00edmites en el an\u00e1lisis de archivos de Fuji Electric Monitouch V-SFT V9C. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Fuji Electric Monitouch V-SFT. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos V9C. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24503." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -38,7 +64,7 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -47,10 +73,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "023E2EFB-26E2-4C65-831F-0A97CD2FADFB" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1619/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11794.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11794.json index 67d7d954c0f..d657001ba2b 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11794.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11794.json @@ -2,16 +2,42 @@ "id": "CVE-2024-11794", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-28T00:15:04.883", - "lastModified": "2024-11-28T00:15:04.883", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:06:32.677", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fuji Electric Monitouch V-SFT V10 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of V10 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24504." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto fuera de los l\u00edmites en el an\u00e1lisis de archivos de Fuji Electric Monitouch V-SFT V10. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Fuji Electric Monitouch V-SFT. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos de V10. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24504." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -38,7 +64,7 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -47,10 +73,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "023E2EFB-26E2-4C65-831F-0A97CD2FADFB" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1620/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11795.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11795.json index 6ebc37c2a7a..6cdda304850 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11795.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11795.json @@ -2,16 +2,42 @@ "id": "CVE-2024-11795", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-28T00:15:05.017", - "lastModified": "2024-11-28T00:15:05.017", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:06:03.237", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fuji Electric Monitouch V-SFT V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of V8 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24505." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en pila de an\u00e1lisis de archivos de Fuji Electric Monitouch V-SFT V8. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Fuji Electric Monitouch V-SFT. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos V8. El problema es el resultado de la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en pila. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24505." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -38,19 +64,50 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "023E2EFB-26E2-4C65-831F-0A97CD2FADFB" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1621/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11796.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11796.json index ab7545075e6..e484ad622b3 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11796.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11796.json @@ -2,16 +2,42 @@ "id": "CVE-2024-11796", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-28T00:15:05.173", - "lastModified": "2024-11-28T00:15:05.173", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:05:21.907", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fuji Electric Monitouch V-SFT V9C File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of V9C files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24506." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto fuera de los l\u00edmites en el an\u00e1lisis de archivos de Fuji Electric Monitouch V-SFT V9C. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Fuji Electric Monitouch V-SFT. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos V9C. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24506." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -38,7 +64,7 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -47,10 +73,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "023E2EFB-26E2-4C65-831F-0A97CD2FADFB" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1622/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11797.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11797.json index 6316bfbfda8..9b0447905c4 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11797.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11797.json @@ -2,16 +2,42 @@ "id": "CVE-2024-11797", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-28T00:15:05.323", - "lastModified": "2024-11-28T00:15:05.323", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:04:52.443", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fuji Electric Monitouch V-SFT V8 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of V8 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24662." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto fuera de los l\u00edmites en el an\u00e1lisis de archivos de Fuji Electric Monitouch V-SFT V8. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Fuji Electric Monitouch V-SFT. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos V8. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24662." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -38,7 +64,7 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -47,10 +73,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "023E2EFB-26E2-4C65-831F-0A97CD2FADFB" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1623/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11798.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11798.json index 5370428fbe2..734a1fb3c1d 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11798.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11798.json @@ -2,16 +2,42 @@ "id": "CVE-2024-11798", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-28T00:15:05.463", - "lastModified": "2024-11-28T00:15:05.463", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:04:32.760", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fuji Electric Monitouch V-SFT X1 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of X1 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24663." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto fuera de los l\u00edmites en el an\u00e1lisis de archivos de Fuji Electric Monitouch V-SFT X1. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Fuji Electric Monitouch V-SFT. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos X1. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24663." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -38,7 +64,7 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -47,10 +73,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "023E2EFB-26E2-4C65-831F-0A97CD2FADFB" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1624/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11799.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11799.json index 27df9a9d036..66753346cac 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11799.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11799.json @@ -2,16 +2,42 @@ "id": "CVE-2024-11799", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-28T00:15:05.603", - "lastModified": "2024-11-28T00:15:05.603", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:22:54.423", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of V8 files in the V-Simulator 5 component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24664." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en pila de an\u00e1lisis de archivos de Fuji Electric Tellus Lite V-Simulator 5 V8. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Fuji Electric Tellus Lite. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos V8 en el componente V-Simulator 5. El problema es el resultado de la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en pila de longitud fija. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24664." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -38,19 +64,50 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fujielectric:tellus_lite_v-simulator:4.0.20.0:*:*:*:*:*:*:*", + "matchCriteriaId": "37F12BBC-7A23-41AB-B7F8-28C263FAFBE9" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1625/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-118xx/CVE-2024-11800.json b/CVE-2024/CVE-2024-118xx/CVE-2024-11800.json index 09bbd2740ad..b7fde992ac9 100644 --- a/CVE-2024/CVE-2024-118xx/CVE-2024-11800.json +++ b/CVE-2024/CVE-2024-118xx/CVE-2024-11800.json @@ -2,16 +2,42 @@ "id": "CVE-2024-11800", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-28T00:15:05.747", - "lastModified": "2024-11-28T00:15:05.747", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:22:41.957", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of V8 files in the V-Simulator 5 component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24768." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en pila de an\u00e1lisis de archivos de Fuji Electric Tellus Lite V-Simulator 5 V8. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Fuji Electric Tellus Lite. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos V8 en el componente V-Simulator 5. El problema es el resultado de la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en pila de longitud fija. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24768." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -38,19 +64,50 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fujielectric:tellus_lite_v-simulator:4.0.20.0:*:*:*:*:*:*:*", + "matchCriteriaId": "37F12BBC-7A23-41AB-B7F8-28C263FAFBE9" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1626/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-118xx/CVE-2024-11801.json b/CVE-2024/CVE-2024-118xx/CVE-2024-11801.json index b57fff768e1..ccfc4e5e464 100644 --- a/CVE-2024/CVE-2024-118xx/CVE-2024-11801.json +++ b/CVE-2024/CVE-2024-118xx/CVE-2024-11801.json @@ -2,16 +2,42 @@ "id": "CVE-2024-11801", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-28T00:15:05.873", - "lastModified": "2024-11-28T00:15:05.873", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:22:22.837", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of V8 files in the V-Simulator 5 component. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24769." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto en Fuji Electric Tellus Lite V-Simulator 5 V8 al analizar archivos fuera de los l\u00edmites. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Fuji Electric Tellus Lite. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos V8 en el componente V-Simulator 5. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede resultar en una escritura m\u00e1s all\u00e1 del final de una estructura de datos asignada. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24769." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -38,7 +64,7 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -47,10 +73,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fujielectric:tellus_lite_v-simulator:4.0.20.0:*:*:*:*:*:*:*", + "matchCriteriaId": "37F12BBC-7A23-41AB-B7F8-28C263FAFBE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1627/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-118xx/CVE-2024-11802.json b/CVE-2024/CVE-2024-118xx/CVE-2024-11802.json index 9c43fec3227..a68bad4bd99 100644 --- a/CVE-2024/CVE-2024-118xx/CVE-2024-11802.json +++ b/CVE-2024/CVE-2024-118xx/CVE-2024-11802.json @@ -2,16 +2,42 @@ "id": "CVE-2024-11802", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-28T00:15:06.007", - "lastModified": "2024-11-28T00:15:06.007", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:16:58.833", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of V8 files in the V-Simulator 5 component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24770." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en pila en el an\u00e1lisis de archivos de Fuji Electric Tellus Lite V-Simulator 5 V8. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Fuji Electric Tellus Lite. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos V8 en el componente V-Simulator 5. El problema es el resultado de la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en pila de longitud fija. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24770." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -38,19 +64,50 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fujielectric:tellus_lite_v-simulator:4.0.20.0:*:*:*:*:*:*:*", + "matchCriteriaId": "37F12BBC-7A23-41AB-B7F8-28C263FAFBE9" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1628/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-118xx/CVE-2024-11803.json b/CVE-2024/CVE-2024-118xx/CVE-2024-11803.json index 60a7a88d014..dba8070cd51 100644 --- a/CVE-2024/CVE-2024-118xx/CVE-2024-11803.json +++ b/CVE-2024/CVE-2024-118xx/CVE-2024-11803.json @@ -2,16 +2,42 @@ "id": "CVE-2024-11803", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-28T00:15:06.143", - "lastModified": "2024-11-28T00:15:06.143", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:16:42.027", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of V8 files in the V-Simulator 5 component. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24771." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto en Fuji Electric Tellus Lite V-Simulator 5 V8 al analizar archivos fuera de los l\u00edmites. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Fuji Electric Tellus Lite. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos V8 en el componente V-Simulator 5. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede resultar en una escritura m\u00e1s all\u00e1 del final de una estructura de datos asignada. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24771." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -38,7 +64,7 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -47,10 +73,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fujielectric:tellus_lite_v-simulator:4.0.20.0:*:*:*:*:*:*:*", + "matchCriteriaId": "37F12BBC-7A23-41AB-B7F8-28C263FAFBE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1629/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-118xx/CVE-2024-11817.json b/CVE-2024/CVE-2024-118xx/CVE-2024-11817.json index d5de5831e5d..820b9c0b9e7 100644 --- a/CVE-2024/CVE-2024-118xx/CVE-2024-11817.json +++ b/CVE-2024/CVE-2024-118xx/CVE-2024-11817.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11817", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-26T23:15:04.990", - "lastModified": "2024-11-26T23:15:04.990", - "vulnStatus": "Received", + "lastModified": "2024-12-03T15:15:41.753", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in PHPGurukul User Registration & Login and User Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en PHPGurukul User Registration & Login and User Management System 1.0. Se ha calificado como cr\u00edtica. Este problema afecta a algunas funciones desconocidas del archivo /admin/index.php. La manipulaci\u00f3n del argumento username provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { @@ -76,6 +80,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -107,7 +131,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -118,28 +142,72 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:user_registration_\\&_login_and_user_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F48F8CEA-7E27-491E-8C39-4898F0AE4432" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/wackymaker/CVE/issues/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://phpgurukul.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://vuldb.com/?ctiid.286190", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.286190", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.451431", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-118xx/CVE-2024-11818.json b/CVE-2024/CVE-2024-118xx/CVE-2024-11818.json index 665606b4f45..02e534803bd 100644 --- a/CVE-2024/CVE-2024-118xx/CVE-2024-11818.json +++ b/CVE-2024/CVE-2024-118xx/CVE-2024-11818.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11818", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-27T00:15:17.727", - "lastModified": "2024-11-27T00:15:17.727", - "vulnStatus": "Received", + "lastModified": "2024-12-03T15:06:10.997", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in PHPGurukul User Registration & Login and User Management System 1.0. This affects an unknown part of the file /signup.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en PHPGurukul User Registration & Login and User Management System 1.0. Afecta a una parte desconocida del archivo /signup.php. La manipulaci\u00f3n del argumento email provoca una inyecci\u00f3n SQL. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede ser utilizado." } ], "metrics": { @@ -76,6 +80,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -107,7 +131,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -118,28 +142,71 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:user_registration_\\&_login_and_user_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F48F8CEA-7E27-491E-8C39-4898F0AE4432" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/wackymaker/CVE/issues/3", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://phpgurukul.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://vuldb.com/?ctiid.286191", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.286191", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.451441", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-119xx/CVE-2024-11933.json b/CVE-2024/CVE-2024-119xx/CVE-2024-11933.json index 83b18bc6b4b..851b0038e9f 100644 --- a/CVE-2024/CVE-2024-119xx/CVE-2024-11933.json +++ b/CVE-2024/CVE-2024-119xx/CVE-2024-11933.json @@ -2,16 +2,42 @@ "id": "CVE-2024-11933", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-28T00:15:06.283", - "lastModified": "2024-11-28T00:15:06.283", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:04:10.350", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Fuji Electric Monitouch V-SFT X1 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of X1 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24548." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en mont\u00f3n en el an\u00e1lisis de archivos de Fuji Electric Monitouch V-SFT X1. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Fuji Electric Monitouch V-SFT. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos X1. El problema es el resultado de la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en mont\u00f3n. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24548." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -38,19 +64,50 @@ "weaknesses": [ { "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-122" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "023E2EFB-26E2-4C65-831F-0A97CD2FADFB" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1630/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-121xx/CVE-2024-12101.json b/CVE-2024/CVE-2024-121xx/CVE-2024-12101.json new file mode 100644 index 00000000000..e89df6c12a3 --- /dev/null +++ b/CVE-2024/CVE-2024-121xx/CVE-2024-12101.json @@ -0,0 +1,16 @@ +{ + "id": "CVE-2024-12101", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-12-03T16:15:20.910", + "lastModified": "2024-12-03T16:15:20.910", + "vulnStatus": "Rejected", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20760.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20760.json index d8fc1479556..32e31eec6b7 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20760.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20760.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20760", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:08.197", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:24:49.360", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-217xx/CVE-2024-21728.json b/CVE-2024/CVE-2024-217xx/CVE-2024-21728.json index db8ff91e18a..0863bf229c2 100644 --- a/CVE-2024/CVE-2024-217xx/CVE-2024-21728.json +++ b/CVE-2024/CVE-2024-217xx/CVE-2024-21728.json @@ -2,7 +2,7 @@ "id": "CVE-2024-21728", "sourceIdentifier": "security@joomla.org", "published": "2024-02-15T21:15:09.220", - "lastModified": "2024-02-16T13:38:00.047", + "lastModified": "2024-12-03T16:15:21.030", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,30 @@ "value": "Se encontr\u00f3 una vulnerabilidad de Open Redirect en osTicky2 inferior a 2.2.8. osTicky (osTicket Bridge) de SmartCalc es una extensi\u00f3n de Joomla 3.x que proporciona integraci\u00f3n frontal de Joomla con osTicket, un popular sistema de tickets de soporte. La vulnerabilidad Open Redirect permite a los atacantes controlar el par\u00e1metro de retorno en la URL a una URL maliciosa base64." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "security@joomla.org", @@ -32,6 +55,10 @@ { "url": "https://github.com/solracsf/osTicky", "source": "security@joomla.org" + }, + { + "url": "https://github.com/solracsf/osTicky", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-244xx/CVE-2024-24431.json b/CVE-2024/CVE-2024-244xx/CVE-2024-24431.json index 8c0a9985166..30567cb3f54 100644 --- a/CVE-2024/CVE-2024-244xx/CVE-2024-24431.json +++ b/CVE-2024/CVE-2024-244xx/CVE-2024-24431.json @@ -2,7 +2,7 @@ "id": "CVE-2024-24431", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T19:15:06.137", - "lastModified": "2024-11-18T17:11:56.587", + "lastModified": "2024-12-03T16:15:21.187", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Una afirmaci\u00f3n alcanzable en la funci\u00f3n ogs_nas_emm_decode de Open5GS v2.7.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un paquete NAS manipulado con una longitud de mensaje EMM de longitud cero." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], "references": [ { "url": "https://cellularsecurity.org/ransacked", diff --git a/CVE-2024/CVE-2024-260xx/CVE-2024-26051.json b/CVE-2024/CVE-2024-260xx/CVE-2024-26051.json index 0aa517a588a..d278857a126 100644 --- a/CVE-2024/CVE-2024-260xx/CVE-2024-26051.json +++ b/CVE-2024/CVE-2024-260xx/CVE-2024-26051.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26051", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:13.547", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:25:37.877", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N", + "baseScore": 3.4, + "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", @@ -30,19 +32,37 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.4, - "baseSeverity": "LOW" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.7, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +71,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-260xx/CVE-2024-26052.json b/CVE-2024/CVE-2024-260xx/CVE-2024-26052.json index 502187d958e..1a180edb2ba 100644 --- a/CVE-2024/CVE-2024-260xx/CVE-2024-26052.json +++ b/CVE-2024/CVE-2024-260xx/CVE-2024-26052.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26052", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:13.780", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:25:48.917", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-260xx/CVE-2024-26067.json b/CVE-2024/CVE-2024-260xx/CVE-2024-26067.json index ceb14cb5303..67bc9f029a2 100644 --- a/CVE-2024/CVE-2024-260xx/CVE-2024-26067.json +++ b/CVE-2024/CVE-2024-260xx/CVE-2024-26067.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26067", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:15.667", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:26:08.383", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -51,10 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-260xx/CVE-2024-26069.json b/CVE-2024/CVE-2024-260xx/CVE-2024-26069.json index 79fb304c2fd..f6ae4fe36f3 100644 --- a/CVE-2024/CVE-2024-260xx/CVE-2024-26069.json +++ b/CVE-2024/CVE-2024-260xx/CVE-2024-26069.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26069", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:15.923", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:26:21.123", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-260xx/CVE-2024-26073.json b/CVE-2024/CVE-2024-260xx/CVE-2024-26073.json index 98f7026cea2..e7a0f716fc4 100644 --- a/CVE-2024/CVE-2024-260xx/CVE-2024-26073.json +++ b/CVE-2024/CVE-2024-260xx/CVE-2024-26073.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26073", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:16.177", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:26:34.260", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-260xx/CVE-2024-26080.json b/CVE-2024/CVE-2024-260xx/CVE-2024-26080.json index 69954963c82..8136066d987 100644 --- a/CVE-2024/CVE-2024-260xx/CVE-2024-26080.json +++ b/CVE-2024/CVE-2024-260xx/CVE-2024-26080.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26080", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:16.417", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:26:46.317", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-260xx/CVE-2024-26094.json b/CVE-2024/CVE-2024-260xx/CVE-2024-26094.json index 8b84fd6a6c9..8c27e2c7751 100644 --- a/CVE-2024/CVE-2024-260xx/CVE-2024-26094.json +++ b/CVE-2024/CVE-2024-260xx/CVE-2024-26094.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26094", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:16.690", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:26:56.900", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-260xx/CVE-2024-26096.json b/CVE-2024/CVE-2024-260xx/CVE-2024-26096.json index c8c0ea42699..3af18e036fd 100644 --- a/CVE-2024/CVE-2024-260xx/CVE-2024-26096.json +++ b/CVE-2024/CVE-2024-260xx/CVE-2024-26096.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26096", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:16.917", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:27:10.247", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-261xx/CVE-2024-26101.json b/CVE-2024/CVE-2024-261xx/CVE-2024-26101.json index bb26865fc67..32c54fee09e 100644 --- a/CVE-2024/CVE-2024-261xx/CVE-2024-26101.json +++ b/CVE-2024/CVE-2024-261xx/CVE-2024-26101.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26101", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:17.123", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:27:19.990", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-261xx/CVE-2024-26102.json b/CVE-2024/CVE-2024-261xx/CVE-2024-26102.json index e72925a9de6..e79c08eb726 100644 --- a/CVE-2024/CVE-2024-261xx/CVE-2024-26102.json +++ b/CVE-2024/CVE-2024-261xx/CVE-2024-26102.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26102", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:17.370", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:27:31.687", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-261xx/CVE-2024-26103.json b/CVE-2024/CVE-2024-261xx/CVE-2024-26103.json index 65a2394ff9b..aadb4756706 100644 --- a/CVE-2024/CVE-2024-261xx/CVE-2024-26103.json +++ b/CVE-2024/CVE-2024-261xx/CVE-2024-26103.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26103", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:17.600", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:27:41.650", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-261xx/CVE-2024-26104.json b/CVE-2024/CVE-2024-261xx/CVE-2024-26104.json index 4b4f846fc03..96c829b1e8e 100644 --- a/CVE-2024/CVE-2024-261xx/CVE-2024-26104.json +++ b/CVE-2024/CVE-2024-261xx/CVE-2024-26104.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26104", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:17.837", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:27:52.680", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -51,10 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-261xx/CVE-2024-26105.json b/CVE-2024/CVE-2024-261xx/CVE-2024-26105.json index 91207448e37..676825c3a73 100644 --- a/CVE-2024/CVE-2024-261xx/CVE-2024-26105.json +++ b/CVE-2024/CVE-2024-261xx/CVE-2024-26105.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26105", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:18.100", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:28:02.483", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-261xx/CVE-2024-26106.json b/CVE-2024/CVE-2024-261xx/CVE-2024-26106.json index df58a8ea1e3..73a26c074f8 100644 --- a/CVE-2024/CVE-2024-261xx/CVE-2024-26106.json +++ b/CVE-2024/CVE-2024-261xx/CVE-2024-26106.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26106", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:18.350", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:28:13.490", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-261xx/CVE-2024-26107.json b/CVE-2024/CVE-2024-261xx/CVE-2024-26107.json index dc978c1c539..83300dbb30e 100644 --- a/CVE-2024/CVE-2024-261xx/CVE-2024-26107.json +++ b/CVE-2024/CVE-2024-261xx/CVE-2024-26107.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26107", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:18.547", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:28:23.067", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-261xx/CVE-2024-26118.json b/CVE-2024/CVE-2024-261xx/CVE-2024-26118.json index 999f9dccdfb..eec1a0907cb 100644 --- a/CVE-2024/CVE-2024-261xx/CVE-2024-26118.json +++ b/CVE-2024/CVE-2024-261xx/CVE-2024-26118.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26118", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:18.767", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:28:58.907", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-273xx/CVE-2024-27323.json b/CVE-2024/CVE-2024-273xx/CVE-2024-27323.json index 408622266fe..624d7b5a74d 100644 --- a/CVE-2024/CVE-2024-273xx/CVE-2024-27323.json +++ b/CVE-2024/CVE-2024-273xx/CVE-2024-27323.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27323", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-01T22:15:15.950", - "lastModified": "2024-04-02T12:50:42.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:50:34.657", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -16,6 +16,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -23,6 +45,8 @@ "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", @@ -30,9 +54,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.6, "impactScore": 5.9 @@ -49,12 +71,50 @@ "value": "CWE-295" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-295" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.1.2.382", + "matchCriteriaId": "5CD96316-2D89-435B-939D-2BCD5DE42D84" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-198/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-198/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-295xx/CVE-2024-29507.json b/CVE-2024/CVE-2024-295xx/CVE-2024-29507.json index 9539c992a7d..6b5daed3ca1 100644 --- a/CVE-2024/CVE-2024-295xx/CVE-2024-29507.json +++ b/CVE-2024/CVE-2024-295xx/CVE-2024-29507.json @@ -2,7 +2,7 @@ "id": "CVE-2024-29507", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-03T19:15:03.240", - "lastModified": "2024-07-05T12:55:51.367", + "lastModified": "2024-12-03T16:15:21.343", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Artifex Ghostscript anterior a 10.03.0 a veces tiene un desbordamiento del b\u00fafer basado en pila a trav\u00e9s de los par\u00e1metros CIDFSubstPath y CIDFSubstFont." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], "references": [ { "url": "https://bugs.ghostscript.com/show_bug.cgi?id=707510", @@ -28,6 +63,18 @@ { "url": "https://www.openwall.com/lists/oss-security/2024/07/03/7", "source": "cve@mitre.org" + }, + { + "url": "https://bugs.ghostscript.com/show_bug.cgi?id=707510", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=7745dbe24514", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://www.openwall.com/lists/oss-security/2024/07/03/7", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-302xx/CVE-2024-30274.json b/CVE-2024/CVE-2024-302xx/CVE-2024-30274.json index 24f1910dc44..db583a12469 100644 --- a/CVE-2024/CVE-2024-302xx/CVE-2024-30274.json +++ b/CVE-2024/CVE-2024-302xx/CVE-2024-30274.json @@ -2,8 +2,8 @@ "id": "CVE-2024-30274", "sourceIdentifier": "psirt@adobe.com", "published": "2024-05-16T09:15:10.527", - "lastModified": "2024-05-16T13:03:05.353", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:31:14.377", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,27 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 7.8, - "baseSeverity": "HIGH" + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 @@ -42,7 +62,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +71,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.0", + "matchCriteriaId": "CD315CE1-12F5-4A6B-AC9A-248B6230428C" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-31.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-31.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-302xx/CVE-2024-30298.json b/CVE-2024/CVE-2024-302xx/CVE-2024-30298.json index 400472c3497..bd7139ceb8a 100644 --- a/CVE-2024/CVE-2024-302xx/CVE-2024-30298.json +++ b/CVE-2024/CVE-2024-302xx/CVE-2024-30298.json @@ -2,8 +2,8 @@ "id": "CVE-2024-30298", "sourceIdentifier": "psirt@adobe.com", "published": "2024-05-16T09:15:12.680", - "lastModified": "2024-05-16T13:03:05.353", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:30:43.050", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,27 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "baseScore": 5.5, - "baseSeverity": "MEDIUM" + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.8, "impactScore": 3.6 @@ -42,7 +62,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +71,63 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionStartIncluding": "23.0.0", + "versionEndExcluding": "23.0.6", + "matchCriteriaId": "3E241CF7-1D65-4BF8-8759-EADE0D0FBEEC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionStartIncluding": "24.0.0", + "versionEndExcluding": "24.0.3", + "matchCriteriaId": "41C1FD5E-1403-4D81-81D7-FE84D39531DA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/animate/apsb24-36.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-36.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-316xx/CVE-2024-31669.json b/CVE-2024/CVE-2024-316xx/CVE-2024-31669.json index 9b48f9e6c64..cf810beb79a 100644 --- a/CVE-2024/CVE-2024-316xx/CVE-2024-31669.json +++ b/CVE-2024/CVE-2024-316xx/CVE-2024-31669.json @@ -2,16 +2,55 @@ "id": "CVE-2024-31669", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-02T15:15:11.113", - "lastModified": "2024-12-02T15:15:11.113", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:15:21.540", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "rizin before Release v0.6.3 is vulnerable to Uncontrolled Resource Consumption via bin_pe_parse_imports, Pe_r_bin_pe_parse_var, and estimate_slide." + }, + { + "lang": "es", + "value": "Las versiones anteriores a la versi\u00f3n v0.6.3 de rizin son vulnerables al consumo descontrolado de recursos a trav\u00e9s de bin_pe_parse_imports, Pe_r_bin_pe_parse_var y estimate_slide." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://gist.github.com/Crispy-fried-chicken/fb9f7000f0517a085483f7f2a60f0f08", diff --git a/CVE-2024/CVE-2024-322xx/CVE-2024-32256.json b/CVE-2024/CVE-2024-322xx/CVE-2024-32256.json index bb3da464cd8..c0601d4b1f2 100644 --- a/CVE-2024/CVE-2024-322xx/CVE-2024-32256.json +++ b/CVE-2024/CVE-2024-322xx/CVE-2024-32256.json @@ -2,7 +2,7 @@ "id": "CVE-2024-32256", "sourceIdentifier": "cve@mitre.org", "published": "2024-04-16T17:15:11.050", - "lastModified": "2024-04-17T12:48:31.863", + "lastModified": "2024-12-03T16:15:21.697", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,11 +15,50 @@ "value": "Phpgurukul Tourism Management System v2.0 es vulnerable a la carga sin restricciones de archivos con tipos peligrosos a trav\u00e9s de /tms/admin/change-image.php. Al actualizar un paquete actual, no se verifican qu\u00e9 tipos de archivos se cargan desde la imagen." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], "references": [ { "url": "https://github.com/jinhaochan/CVE-POC/blob/main/tms/POC.md", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/jinhaochan/CVE-POC/blob/main/tms/POC.md", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32610.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32610.json index 1ddc1146bde..0f123fef8f4 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32610.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32610.json @@ -2,7 +2,7 @@ "id": "CVE-2024-32610", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:45.893", - "lastModified": "2024-05-14T16:12:23.490", + "lastModified": "2024-12-03T16:15:21.880", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,11 +15,50 @@ "value": "La librer\u00eda HDF5 hasta la versi\u00f3n 1.14.3 tiene un SEGV en H5T_close_real en H5T.c, lo que genera un puntero de instrucci\u00f3n da\u00f1ado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", + "baseScore": 5.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.4, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", "source": "cve@mitre.org" + }, + { + "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-366xx/CVE-2024-36611.json b/CVE-2024/CVE-2024-366xx/CVE-2024-36611.json index e825def9395..0ed8d7a2e43 100644 --- a/CVE-2024/CVE-2024-366xx/CVE-2024-36611.json +++ b/CVE-2024/CVE-2024-366xx/CVE-2024-36611.json @@ -2,16 +2,55 @@ "id": "CVE-2024-36611", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-29T19:15:06.780", - "lastModified": "2024-11-29T19:15:06.780", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:15:22.057", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Symfony v7.07, a security vulnerability was identified in the FormLoginAuthenticator component, where it failed to adequately handle cases where the username or password field of a login request is empty. This flaw could lead to various security risks, including improper authentication logic handling or denial of service." + }, + { + "lang": "es", + "value": "En Symfony v7.07, se identific\u00f3 una vulnerabilidad de seguridad en el componente FormLoginAuthenticator, que no pod\u00eda gestionar adecuadamente los casos en los que el campo de nombre de usuario o contrase\u00f1a de una solicitud de inicio de sesi\u00f3n estaba vac\u00edo. Este fallo podr\u00eda generar varios riesgos de seguridad, incluido el manejo inadecuado de la l\u00f3gica de autenticaci\u00f3n o la denegaci\u00f3n de servicio." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://gist.github.com/1047524396/3581425e0911b716cf8ce4fa30e41e6c", diff --git a/CVE-2024/CVE-2024-366xx/CVE-2024-36615.json b/CVE-2024/CVE-2024-366xx/CVE-2024-36615.json index daeffb2c81f..877080dbce9 100644 --- a/CVE-2024/CVE-2024-366xx/CVE-2024-36615.json +++ b/CVE-2024/CVE-2024-366xx/CVE-2024-36615.json @@ -2,16 +2,55 @@ "id": "CVE-2024-36615", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-29T19:15:07.703", - "lastModified": "2024-11-29T19:15:07.703", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:15:22.197", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "FFmpeg n7.0 has a race condition vulnerability in the VP9 decoder. This could lead to a data race if video encoding parameters were being exported, as the side data would be attached in the decoder thread while being read in the output thread." + }, + { + "lang": "es", + "value": "FFmpeg n7.0 tiene una vulnerabilidad de condici\u00f3n ejecuci\u00f3n en el decodificador VP9. Esto podr\u00eda provocar una ejecuci\u00f3n de datos si se exportaran par\u00e1metros de codificaci\u00f3n de video, ya que los datos secundarios se adjuntar\u00edan en el hilo del decodificador mientras se le\u00edan en el hilo de salida." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-362" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://gist.github.com/1047524396/c44e5eaafa8f408eea0c9411205990fb", diff --git a/CVE-2024/CVE-2024-366xx/CVE-2024-36622.json b/CVE-2024/CVE-2024-366xx/CVE-2024-36622.json index 9d619d878e8..b878079b955 100644 --- a/CVE-2024/CVE-2024-366xx/CVE-2024-36622.json +++ b/CVE-2024/CVE-2024-366xx/CVE-2024-36622.json @@ -2,16 +2,55 @@ "id": "CVE-2024-36622", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-29T18:15:08.140", - "lastModified": "2024-11-29T18:15:08.140", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:15:22.343", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In RaspAP raspap-webgui 3.0.9 and earlier, a command injection vulnerability exists in the clearlog.php script. The vulnerability is due to improper sanitization of user input passed via the logfile parameter." + }, + { + "lang": "es", + "value": "En RaspAP raspap-webgui 3.0.9 y versiones anteriores, existe una vulnerabilidad de inyecci\u00f3n de comandos en el script clearlog.php. La vulnerabilidad se debe a una desinfecci\u00f3n incorrecta de la entrada del usuario que se pasa a trav\u00e9s del par\u00e1metro logfile." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://gist.github.com/1047524396/ab997b902ec892e592a0df93f38e6941", diff --git a/CVE-2024/CVE-2024-388xx/CVE-2024-38862.json b/CVE-2024/CVE-2024-388xx/CVE-2024-38862.json index b267d8a4f9a..753cfea2c6d 100644 --- a/CVE-2024/CVE-2024-388xx/CVE-2024-38862.json +++ b/CVE-2024/CVE-2024-388xx/CVE-2024-38862.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38862", "sourceIdentifier": "security@checkmk.com", "published": "2024-10-14T08:15:02.563", - "lastModified": "2024-10-15T12:57:46.880", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:56:19.887", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 2.0, + "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", @@ -54,11 +56,31 @@ "recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", - "providerUrgency": "NOT_DEFINED", - "baseScore": 2.0, - "baseSeverity": "LOW" + "providerUrgency": "NOT_DEFINED" } } + ], + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.4, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + } ] }, "weaknesses": [ @@ -71,12 +93,672 @@ "value": "CWE-532" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FFBDA1FD-7112-4309-AFDC-57DFF865365A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1AE224D8-742B-4D1F-ABBE-3DDA3EA5C5AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1E6FCE7B-7ECE-42A4-82C5-12A647B0CCC8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "923AA113-D5E7-4F78-88BA-B72EF250F3EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B1984F57-A313-48AC-B8F9-F352D82824D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "A38DB527-72A6-40B8-B46F-B8E78BFFDB1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "67643E11-91A1-4580-BC4C-574074C862CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "350B7E0F-D234-4D7C-91E4-F35E73579A24" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "DE58ACA9-8078-46A7-8487-C06E4E38F372" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "B3D8CF4D-E1F8-4D8D-A8A9-1783CAC869E4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b9:*:*:*:*:*:*", + "matchCriteriaId": "58B0B051-7D3C-4EC7-96B0-38A1CC108D61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "B783A741-AAF2-43EE-8272-9239133A01E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "A5F275A3-A99E-40E1-BD77-694FA568541F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "3A44BF1A-5BE0-4412-B51D-055445758B61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "A31BAE94-9096-4320-AC19-AA204E8EC08D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "1B0784EA-98E8-4490-B97B-894F188A223D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "A56A901F-1040-4DB9-9BE3-FE1999C514CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "58A904FC-C015-469D-8502-E678D5FDBD06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "1B5D109C-60AA-4FA4-9B10-2191AAF109F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "37297866-24BB-4044-8744-EC0A8C29F152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "F9D4A171-CCB3-43B8-8B70-78610423E7C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "5E1145FF-426D-407C-9F4B-EF773BD191EC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "4DA8F776-A724-48FC-B7EF-13788BC69753" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "46F42A22-99F2-4DF5-9B00-3123396F87AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "1C59D4D3-D526-4E6B-B3AA-FE485D030190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "65E5CAE6-DC8B-47B3-84A0-D79B0C33EB45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "8B9E0D89-79E2-476A-8A3E-8443316BC310" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "38EA0591-C30B-4102-8A06-1B922FD3A0C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "5E9AF0D3-8DD6-4EC7-BB33-54401D4025FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "983604CC-DD2C-42A9-8B9D-A9A261CE8BA6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "224960F7-695C-415B-B991-E8C01859AA80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "1F6D86E4-738B-4ADA-858E-C12CCED9FAAA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "BD8EBF09-9B70-4972-85B1-82F41488BE3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "076463AA-195F-4CD6-861B-72FE1C8A407F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "009D2C7B-39B8-400F-80A5-06D56319232C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "3D5AEB8D-772E-401F-975C-61BDD30B481E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "2ECAB6C5-518C-4CA4-8B2B-D51115612A8B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "FECC252C-02AA-41EC-BB84-5C1A6BC0FB8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "238324F5-7225-40DD-82E8-52F30F0D3776" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "4F3C9510-BD43-4F67-9C30-4F82B5D230E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "51941654-F6FF-4323-AECA-5D1D84308CD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "6E800133-1D28-41D1-8D73-9437D741F83B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "8A34B28B-2BD9-4F28-9428-8CF7FCEAD7C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p39:*:*:*:*:*:*", + "matchCriteriaId": "D3FC491E-DE27-4C8F-B699-DB5260935D51" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "63043834-98E5-47C2-91F1-41B98270ABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p40:*:*:*:*:*:*", + "matchCriteriaId": "0BE2C8FE-20CC-4B7E-B27B-54C873DC7530" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p41:*:*:*:*:*:*", + "matchCriteriaId": "5C3C3714-C696-4456-88AA-B6E4EFC73C92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p42:*:*:*:*:*:*", + "matchCriteriaId": "BFF9D1C9-C340-4C31-A3EA-74EF85C6F34D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p43:*:*:*:*:*:*", + "matchCriteriaId": "A70FBA9D-F7DF-4961-9518-F7AE14FE174D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p44:*:*:*:*:*:*", + "matchCriteriaId": "FB38424F-0955-4FE3-9C1D-69D21A08AA8D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p45:*:*:*:*:*:*", + "matchCriteriaId": "4EE19624-17FB-45DD-926D-1A745FF02CB0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p46:*:*:*:*:*:*", + "matchCriteriaId": "C7E289B5-B6C6-4514-9CA1-5EBE155ECFE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p47:*:*:*:*:*:*", + "matchCriteriaId": "ECBDBA95-0CAA-42A2-A3B1-B4D0DF1F7523" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p48:*:*:*:*:*:*", + "matchCriteriaId": "B0819489-976E-4C46-9D76-0338F40C2A64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "FCF745D0-2EA6-4414-90BC-99D3ED08BB01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "4823087F-D7FA-4594-8FD3-412DE5EA1F02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "6429F9CE-D477-4CFF-B6E0-4BF11B61ED0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "A50C58F9-94ED-4D85-8331-2D81F8E0760A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "9A6AC0BD-FB65-4FAA-B344-66F87F16F8B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "C66704F1-0B5E-4B43-8748-987022F378F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "B068974F-6F67-4CBB-B567-FCED86E28F22" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "EA70F36A-EEF6-48DC-B15E-055D0DE8A052" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B2017F38-38DB-4E96-B34F-160BC731CBBE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "0949F399-371B-409C-AF9F-32690D881440" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "42E1E31A-B5CC-45F2-A2E5-3EEF735499BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "4B364FCA-500C-458E-B997-82CD0B1D24F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "0B32E657-917B-482B-B6A4-3D3746992A4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "2119C732-E024-4DA6-8E47-9E08E5E12602" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:*", + "matchCriteriaId": "4F0B99A8-A124-43BD-B8AA-EECC9112346F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "3FB7221E-BE9F-4529-8E07-8AD547FA3208" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "30A074AD-9499-46E3-AB67-D6CEE3AA01C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "A8BD0240-A22B-4273-BD47-C35A8C12E127" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "DAA5680F-1DD0-48AA-BB7F-15B27365F0FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "BC2F31CA-D4EB-44E6-9A09-5255D33F4A88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "CD80BD69-20C6-4E17-B165-98689179A5A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "B044D43B-0233-4A0D-A356-B9F9324E2777" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "7DE79896-EBE5-42F2-A126-2A871BBA1071" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "51A44E69-EEA1-4B01-B7B3-5BF7B39819E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "BCB65AEB-CF52-410B-92B1-2DCFB914FFA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "B7E17FA6-9011-489C-9FA9-368CA2D86FAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7BCEB6FF-668F-4313-9264-0BF021AFC45F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "F8B27218-A4FF-47BE-B578-6DB704478921" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "8735357F-16A7-4408-9DDD-1C6796BADBE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "4505098C-0A2B-481E-A3DF-D6DF8EFA4DE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "C12AFCCF-014E-4EEB-8F04-F1ACE182BA98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "66B85557-D5EC-4AF4-B97A-D2B80A58B3B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "233ECD21-FA72-43AF-8E4C-DAC27CC18F3C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "8B4DB8EE-C10A-4097-8E66-2932BAEB732E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "8653402A-C5AA-4CB1-8742-A12CCBE59373" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "77047A82-E6D5-4E84-9BEC-ACD2FDA91FAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "2E44AE62-1746-410F-A28E-F8292E1F8D68" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "E2342E2D-58B0-43E7-8C01-DF4678520F39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "B6C1AC39-5AE0-4FC8-93FF-966400B074F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "68455233-52CD-44B8-8B02-D94BA84DA6A8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "1C95A313-7665-4877-B421-0D20E3D3D54D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "0AEF278D-D782-4A2B-B1B8-19A21D151AA2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "B027FE8B-1802-4449-A0CB-6D15F9634559" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "1871B646-CA69-477F-B113-B901AC7B3934" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "EEC65A72-CAE1-4E28-83EF-7ECAFE921BB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "D8FDECBC-8213-495F-A932-C4310F7C1F87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "CB49BC95-6AA8-4F53-A3D6-E199BF756AAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "050B6617-8FD4-47A6-BE4A-A52503A65812" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "4CA0FEC5-7036-47AF-A341-873B6C324B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*", + "matchCriteriaId": "83202950-840A-4CB7-AD96-CE62E84FABD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1A020A77-7D84-4557-9B0B-D74A89BC1538" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "D9770554-978B-4552-9E0E-CD6B6675243C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "1883D2F4-CB96-4DDE-87E8-D1990A3FA092" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "99AD6F39-AF67-4CB9-BED2-00CA75B9F5DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "F08FE580-67D4-419C-AE4A-3B9EBC6A2838" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "9DD5C67F-CD3E-400E-802D-8B52408A259F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "310A2FA2-633A-48FB-A5C2-9A9A922E72E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "3C0F1DC8-D9DF-4A7A-80DC-618FAB091375" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "9B0A1E3E-1B5A-4346-95BC-DE6FF6EE14CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "EB52B2A7-BDC1-4A4F-ABAF-69C1BA8E83C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "9F89225F-6969-4D89-B889-9CB09972825B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "2A1B23EA-4571-4E4E-80BC-FD76FFD83FFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "625A6998-5DAE-4538-9760-20523CCE501F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "6EFD4461-2C37-418F-90AD-3A956B2D91C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "88523633-844C-41FE-ADF1-74D6AA2BCE6C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7D1993E3-C4F9-4D78-BD02-A0B22D93BF1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "B28A0C9D-072A-413C-8587-CD57CB918190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "DF22D0A7-82B1-4598-B8C5-BDFE523D07F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "20035AFB-75B4-4164-9833-A2FCAE24B577" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "8BCBACEB-7130-455D-B4BE-243053C116DC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "156384E2-E04B-4153-A91F-3F307C9FEAE8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "EEC0ED95-F43B-46D7-9AA0-A0FB1C32EF1D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "91C194C1-5292-4E2A-BB71-9C5CD3CE6194" + } + ] + } + ] } ], "references": [ { "url": "https://checkmk.com/werk/17095", - "source": "security@checkmk.com" + "source": "security@checkmk.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-388xx/CVE-2024-38863.json b/CVE-2024/CVE-2024-388xx/CVE-2024-38863.json index 50cc828f752..6a423438ac4 100644 --- a/CVE-2024/CVE-2024-388xx/CVE-2024-38863.json +++ b/CVE-2024/CVE-2024-388xx/CVE-2024-38863.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38863", "sourceIdentifier": "security@checkmk.com", "published": "2024-10-14T08:15:02.823", - "lastModified": "2024-10-15T12:57:46.880", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:47:15.693", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 2.0, + "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", @@ -54,11 +56,31 @@ "recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", - "providerUrgency": "NOT_DEFINED", - "baseScore": 2.0, - "baseSeverity": "LOW" + "providerUrgency": "NOT_DEFINED" } } + ], + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } ] }, "weaknesses": [ @@ -71,12 +93,662 @@ "value": "CWE-598" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1AE224D8-742B-4D1F-ABBE-3DDA3EA5C5AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1E6FCE7B-7ECE-42A4-82C5-12A647B0CCC8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "923AA113-D5E7-4F78-88BA-B72EF250F3EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B1984F57-A313-48AC-B8F9-F352D82824D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "A38DB527-72A6-40B8-B46F-B8E78BFFDB1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "67643E11-91A1-4580-BC4C-574074C862CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "350B7E0F-D234-4D7C-91E4-F35E73579A24" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "DE58ACA9-8078-46A7-8487-C06E4E38F372" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "B3D8CF4D-E1F8-4D8D-A8A9-1783CAC869E4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b9:*:*:*:*:*:*", + "matchCriteriaId": "58B0B051-7D3C-4EC7-96B0-38A1CC108D61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "B783A741-AAF2-43EE-8272-9239133A01E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "A5F275A3-A99E-40E1-BD77-694FA568541F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "3A44BF1A-5BE0-4412-B51D-055445758B61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "A31BAE94-9096-4320-AC19-AA204E8EC08D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "1B0784EA-98E8-4490-B97B-894F188A223D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "A56A901F-1040-4DB9-9BE3-FE1999C514CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "58A904FC-C015-469D-8502-E678D5FDBD06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "1B5D109C-60AA-4FA4-9B10-2191AAF109F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "37297866-24BB-4044-8744-EC0A8C29F152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "F9D4A171-CCB3-43B8-8B70-78610423E7C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "5E1145FF-426D-407C-9F4B-EF773BD191EC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "4DA8F776-A724-48FC-B7EF-13788BC69753" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "46F42A22-99F2-4DF5-9B00-3123396F87AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "1C59D4D3-D526-4E6B-B3AA-FE485D030190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "65E5CAE6-DC8B-47B3-84A0-D79B0C33EB45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "8B9E0D89-79E2-476A-8A3E-8443316BC310" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "38EA0591-C30B-4102-8A06-1B922FD3A0C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "5E9AF0D3-8DD6-4EC7-BB33-54401D4025FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "983604CC-DD2C-42A9-8B9D-A9A261CE8BA6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "224960F7-695C-415B-B991-E8C01859AA80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "1F6D86E4-738B-4ADA-858E-C12CCED9FAAA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "BD8EBF09-9B70-4972-85B1-82F41488BE3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "076463AA-195F-4CD6-861B-72FE1C8A407F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "009D2C7B-39B8-400F-80A5-06D56319232C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "3D5AEB8D-772E-401F-975C-61BDD30B481E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "2ECAB6C5-518C-4CA4-8B2B-D51115612A8B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "FECC252C-02AA-41EC-BB84-5C1A6BC0FB8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "238324F5-7225-40DD-82E8-52F30F0D3776" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "4F3C9510-BD43-4F67-9C30-4F82B5D230E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "51941654-F6FF-4323-AECA-5D1D84308CD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "6E800133-1D28-41D1-8D73-9437D741F83B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "8A34B28B-2BD9-4F28-9428-8CF7FCEAD7C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p39:*:*:*:*:*:*", + "matchCriteriaId": "D3FC491E-DE27-4C8F-B699-DB5260935D51" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "63043834-98E5-47C2-91F1-41B98270ABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p40:*:*:*:*:*:*", + "matchCriteriaId": "0BE2C8FE-20CC-4B7E-B27B-54C873DC7530" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p41:*:*:*:*:*:*", + "matchCriteriaId": "5C3C3714-C696-4456-88AA-B6E4EFC73C92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p42:*:*:*:*:*:*", + "matchCriteriaId": "BFF9D1C9-C340-4C31-A3EA-74EF85C6F34D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p43:*:*:*:*:*:*", + "matchCriteriaId": "A70FBA9D-F7DF-4961-9518-F7AE14FE174D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p44:*:*:*:*:*:*", + "matchCriteriaId": "FB38424F-0955-4FE3-9C1D-69D21A08AA8D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p45:*:*:*:*:*:*", + "matchCriteriaId": "4EE19624-17FB-45DD-926D-1A745FF02CB0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p46:*:*:*:*:*:*", + "matchCriteriaId": "C7E289B5-B6C6-4514-9CA1-5EBE155ECFE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p47:*:*:*:*:*:*", + "matchCriteriaId": "ECBDBA95-0CAA-42A2-A3B1-B4D0DF1F7523" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "FCF745D0-2EA6-4414-90BC-99D3ED08BB01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "4823087F-D7FA-4594-8FD3-412DE5EA1F02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "6429F9CE-D477-4CFF-B6E0-4BF11B61ED0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "A50C58F9-94ED-4D85-8331-2D81F8E0760A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "9A6AC0BD-FB65-4FAA-B344-66F87F16F8B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "C66704F1-0B5E-4B43-8748-987022F378F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "B068974F-6F67-4CBB-B567-FCED86E28F22" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "EA70F36A-EEF6-48DC-B15E-055D0DE8A052" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B2017F38-38DB-4E96-B34F-160BC731CBBE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "0949F399-371B-409C-AF9F-32690D881440" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "42E1E31A-B5CC-45F2-A2E5-3EEF735499BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "4B364FCA-500C-458E-B997-82CD0B1D24F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "0B32E657-917B-482B-B6A4-3D3746992A4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "2119C732-E024-4DA6-8E47-9E08E5E12602" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:*", + "matchCriteriaId": "4F0B99A8-A124-43BD-B8AA-EECC9112346F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "3FB7221E-BE9F-4529-8E07-8AD547FA3208" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "30A074AD-9499-46E3-AB67-D6CEE3AA01C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "A8BD0240-A22B-4273-BD47-C35A8C12E127" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "DAA5680F-1DD0-48AA-BB7F-15B27365F0FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "BC2F31CA-D4EB-44E6-9A09-5255D33F4A88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "CD80BD69-20C6-4E17-B165-98689179A5A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "B044D43B-0233-4A0D-A356-B9F9324E2777" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "7DE79896-EBE5-42F2-A126-2A871BBA1071" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "51A44E69-EEA1-4B01-B7B3-5BF7B39819E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "BCB65AEB-CF52-410B-92B1-2DCFB914FFA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "B7E17FA6-9011-489C-9FA9-368CA2D86FAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7BCEB6FF-668F-4313-9264-0BF021AFC45F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "F8B27218-A4FF-47BE-B578-6DB704478921" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "8735357F-16A7-4408-9DDD-1C6796BADBE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "4505098C-0A2B-481E-A3DF-D6DF8EFA4DE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "C12AFCCF-014E-4EEB-8F04-F1ACE182BA98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "66B85557-D5EC-4AF4-B97A-D2B80A58B3B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "233ECD21-FA72-43AF-8E4C-DAC27CC18F3C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "8B4DB8EE-C10A-4097-8E66-2932BAEB732E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "8653402A-C5AA-4CB1-8742-A12CCBE59373" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "77047A82-E6D5-4E84-9BEC-ACD2FDA91FAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "2E44AE62-1746-410F-A28E-F8292E1F8D68" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "E2342E2D-58B0-43E7-8C01-DF4678520F39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "B6C1AC39-5AE0-4FC8-93FF-966400B074F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "68455233-52CD-44B8-8B02-D94BA84DA6A8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "1C95A313-7665-4877-B421-0D20E3D3D54D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "0AEF278D-D782-4A2B-B1B8-19A21D151AA2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "B027FE8B-1802-4449-A0CB-6D15F9634559" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "1871B646-CA69-477F-B113-B901AC7B3934" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "EEC65A72-CAE1-4E28-83EF-7ECAFE921BB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "D8FDECBC-8213-495F-A932-C4310F7C1F87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "CB49BC95-6AA8-4F53-A3D6-E199BF756AAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "050B6617-8FD4-47A6-BE4A-A52503A65812" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "4CA0FEC5-7036-47AF-A341-873B6C324B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*", + "matchCriteriaId": "83202950-840A-4CB7-AD96-CE62E84FABD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1A020A77-7D84-4557-9B0B-D74A89BC1538" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "D9770554-978B-4552-9E0E-CD6B6675243C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "1883D2F4-CB96-4DDE-87E8-D1990A3FA092" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "99AD6F39-AF67-4CB9-BED2-00CA75B9F5DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "F08FE580-67D4-419C-AE4A-3B9EBC6A2838" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "9DD5C67F-CD3E-400E-802D-8B52408A259F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "310A2FA2-633A-48FB-A5C2-9A9A922E72E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "3C0F1DC8-D9DF-4A7A-80DC-618FAB091375" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "9B0A1E3E-1B5A-4346-95BC-DE6FF6EE14CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "EB52B2A7-BDC1-4A4F-ABAF-69C1BA8E83C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "9F89225F-6969-4D89-B889-9CB09972825B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "2A1B23EA-4571-4E4E-80BC-FD76FFD83FFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "625A6998-5DAE-4538-9760-20523CCE501F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "6EFD4461-2C37-418F-90AD-3A956B2D91C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "88523633-844C-41FE-ADF1-74D6AA2BCE6C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7D1993E3-C4F9-4D78-BD02-A0B22D93BF1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "B28A0C9D-072A-413C-8587-CD57CB918190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "DF22D0A7-82B1-4598-B8C5-BDFE523D07F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "20035AFB-75B4-4164-9833-A2FCAE24B577" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "8BCBACEB-7130-455D-B4BE-243053C116DC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "156384E2-E04B-4153-A91F-3F307C9FEAE8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "EEC0ED95-F43B-46D7-9AA0-A0FB1C32EF1D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "91C194C1-5292-4E2A-BB71-9C5CD3CE6194" + } + ] + } + ] } ], "references": [ { "url": "https://checkmk.com/werk/17096", - "source": "security@checkmk.com" + "source": "security@checkmk.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-398xx/CVE-2024-39890.json b/CVE-2024/CVE-2024-398xx/CVE-2024-39890.json index 0303d724233..d94fcebe33f 100644 --- a/CVE-2024/CVE-2024-398xx/CVE-2024-39890.json +++ b/CVE-2024/CVE-2024-398xx/CVE-2024-39890.json @@ -2,13 +2,17 @@ "id": "CVE-2024-39890", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-02T21:15:10.483", - "lastModified": "2024-12-02T21:15:10.483", + "lastModified": "2024-12-03T16:15:22.483", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300. The baseband software does not properly check the length specified by the CC (Call Control). This can lead to an Out-of-Bounds write." + }, + { + "lang": "es", + "value": " Se ha descubierto un problema en los procesadores m\u00f3viles, los procesadores port\u00e1tiles y los m\u00f3dems Samsung Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, los m\u00f3dems 5123 y 5300. El software de banda base no comprueba correctamente la longitud especificada por el CC (control de llamadas). Esto puede provocar una escritura fuera de los l\u00edmites." } ], "metrics": { @@ -35,6 +39,18 @@ } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], "references": [ { "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/", diff --git a/CVE-2024/CVE-2024-447xx/CVE-2024-44759.json b/CVE-2024/CVE-2024-447xx/CVE-2024-44759.json index af0220573f5..ade71d07fcd 100644 --- a/CVE-2024/CVE-2024-447xx/CVE-2024-44759.json +++ b/CVE-2024/CVE-2024-447xx/CVE-2024-44759.json @@ -2,7 +2,7 @@ "id": "CVE-2024-44759", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-15T20:15:20.163", - "lastModified": "2024-11-18T17:11:56.587", + "lastModified": "2024-12-03T16:15:22.597", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Una vulnerabilidad de descarga de archivos arbitrarios en el componente /Doc/DownloadFile del software de gesti\u00f3n ERP NUS-M9 v3.0.0 permite a los atacantes descargar archivos arbitrarios y acceder a informaci\u00f3n confidencial a trav\u00e9s de una solicitud de interfaz manipulada espec\u00edficamente." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], "references": [ { "url": "https://github.com/WarmBrew/web_vul/blob/main/CVES/CVE-2024-44759.md", diff --git a/CVE-2024/CVE-2024-451xx/CVE-2024-45106.json b/CVE-2024/CVE-2024-451xx/CVE-2024-45106.json index ba523d3637e..23efc141074 100644 --- a/CVE-2024/CVE-2024-451xx/CVE-2024-45106.json +++ b/CVE-2024/CVE-2024-451xx/CVE-2024-45106.json @@ -2,26 +2,63 @@ "id": "CVE-2024-45106", "sourceIdentifier": "security@apache.org", "published": "2024-12-03T10:15:05.697", - "lastModified": "2024-12-03T10:15:05.697", + "lastModified": "2024-12-03T15:15:10.470", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper authentication of an HTTP endpoint in the S3 Gateway of Apache Ozone 1.4.0 allows any authenticated Kerberos user to revoke and regenerate the S3 secrets of any other user. This is only possible if:\n * ozone.s3g.secret.http.enabled is set to true. The default value of this configuration is false.\n * The user configured in ozone.s3g.kerberos.principal is also configured in ozone.s3.administrators or ozone.administrators.\n\n\nUsers are recommended to upgrade to Apache Ozone version 1.4.1 which disables the affected endpoint." + }, + { + "lang": "es", + "value": "La autenticaci\u00f3n incorrecta de un endpoint HTTP en la puerta de enlace S3 de Apache Ozone 1.4.0 permite que cualquier usuario Kerberos autenticado revoque y regenere los secretos S3 de cualquier otro usuario. Esto solo es posible si: * ozone.s3g.secret.http.enabled est\u00e1 configurado como verdadero. El valor predeterminado de esta configuraci\u00f3n es falso. * El usuario configurado en ozone.s3g.kerberos.principal tambi\u00e9n est\u00e1 configurado en ozone.s3.administrators o ozone.administrators. Se recomienda a los usuarios que actualicen a Apache Ozone versi\u00f3n 1.4.1, que deshabilita el endpoint afectado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-287" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] } ], "references": [ diff --git a/CVE-2024/CVE-2024-485xx/CVE-2024-48530.json b/CVE-2024/CVE-2024-485xx/CVE-2024-48530.json index 702ba1aac42..f3258150451 100644 --- a/CVE-2024/CVE-2024-485xx/CVE-2024-48530.json +++ b/CVE-2024/CVE-2024-485xx/CVE-2024-48530.json @@ -2,16 +2,55 @@ "id": "CVE-2024-48530", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-20T21:15:07.300", - "lastModified": "2024-11-20T21:15:07.300", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:15:22.973", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in the Instructor Appointment Availability module of eSoft Planner 3.24.08271-USA allows attackers to cause a Denial of Service (DoS) via a crafted POST request." + }, + { + "lang": "es", + "value": "Un problema en Instructor Appointment Availability module of eSoft Planner 3.24.08271-USA permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de una solicitud POST manipulada espec\u00edficamente." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/esoft-planner-cve/esoft_planner_cve", diff --git a/CVE-2024/CVE-2024-485xx/CVE-2024-48533.json b/CVE-2024/CVE-2024-485xx/CVE-2024-48533.json index 7f7f24e609a..32363c62544 100644 --- a/CVE-2024/CVE-2024-485xx/CVE-2024-48533.json +++ b/CVE-2024/CVE-2024-485xx/CVE-2024-48533.json @@ -2,16 +2,55 @@ "id": "CVE-2024-48533", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-20T21:15:07.487", - "lastModified": "2024-11-20T21:15:07.487", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:15:23.117", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A discrepancy between responses for valid and invalid e-mail accounts in the Forgot your Login? module of eSoft Planner 3.24.08271-USA allows attackers to enumerate valid user e-mail accounts." + }, + { + "lang": "es", + "value": "Una discrepancia entre las respuestas de cuentas de correo electr\u00f3nico v\u00e1lidas y no v\u00e1lidas en el m\u00f3dulo \u00bfOlvid\u00f3 su nombre de usuario? de eSoft Planner 3.24.08271-USA permite a los atacantes enumerar cuentas de correo electr\u00f3nico de usuario v\u00e1lidas." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/esoft-planner-cve/esoft_planner_cve", diff --git a/CVE-2024/CVE-2024-485xx/CVE-2024-48536.json b/CVE-2024/CVE-2024-485xx/CVE-2024-48536.json index c11922e4637..c56e281a0d1 100644 --- a/CVE-2024/CVE-2024-485xx/CVE-2024-48536.json +++ b/CVE-2024/CVE-2024-485xx/CVE-2024-48536.json @@ -2,16 +2,55 @@ "id": "CVE-2024-48536", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-20T21:15:07.740", - "lastModified": "2024-11-20T21:15:07.740", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:15:23.253", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Incorrect access control in eSoft Planner 3.24.08271-USA allow attackers to view all transactions performed by the company via supplying a crafted web request." + }, + { + "lang": "es", + "value": "El control de acceso incorrecto en eSoft Planner 3.24.08271-USA permite a los atacantes ver todas las transacciones realizadas por la empresa mediante el suministro de una solicitud web manipulada espec\u00edficamente para ello." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/esoft-planner-cve/esoft_planner_cve", diff --git a/CVE-2024/CVE-2024-492xx/CVE-2024-49203.json b/CVE-2024/CVE-2024-492xx/CVE-2024-49203.json index d05f607f161..2d1e9a642b1 100644 --- a/CVE-2024/CVE-2024-492xx/CVE-2024-49203.json +++ b/CVE-2024/CVE-2024-492xx/CVE-2024-49203.json @@ -2,17 +2,60 @@ "id": "CVE-2024-49203", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-20T21:15:08.090", - "lastModified": "2024-11-20T21:15:08.090", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:15:23.393", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Querydsl 5.1.0 allows SQL/HQL injection in orderBy in JPAQuery." + "value": "Querydsl 5.1.0 and OpenFeign Querydsl 6.8 allows SQL/HQL injection in orderBy in JPAQuery." + }, + { + "lang": "es", + "value": "Querydsl 5.1.0 y OpenFeign Querydsl 6.8 permiten la inyecci\u00f3n de SQL/HQL en orderBy en JPAQuery." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], - "metrics": {}, "references": [ + { + "url": "https://github.com/OpenFeign/querydsl/", + "source": "cve@mitre.org" + }, { "url": "https://github.com/querydsl/querydsl/issues/3757", "source": "cve@mitre.org" diff --git a/CVE-2024/CVE-2024-527xx/CVE-2024-52724.json b/CVE-2024/CVE-2024-527xx/CVE-2024-52724.json index ccce56a34d8..c93db83cda6 100644 --- a/CVE-2024/CVE-2024-527xx/CVE-2024-52724.json +++ b/CVE-2024/CVE-2024-527xx/CVE-2024-52724.json @@ -2,16 +2,55 @@ "id": "CVE-2024-52724", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-02T19:15:10.697", - "lastModified": "2024-12-02T19:15:10.697", + "lastModified": "2024-12-03T15:15:10.943", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "ZZCMS 2023 was discovered to contain a SQL injection vulnerability in /q/show.php." + }, + { + "lang": "es", + "value": " Se descubri\u00f3 que ZZCMS 2023 contiene una vulnerabilidad de inyecci\u00f3n SQL en /q/show.php." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://gist.github.com/npubaishao/768b638ab16b7da6478d028aeb25bbbc", diff --git a/CVE-2024/CVE-2024-527xx/CVE-2024-52732.json b/CVE-2024/CVE-2024-527xx/CVE-2024-52732.json index 923f65af79f..2531d0441f5 100644 --- a/CVE-2024/CVE-2024-527xx/CVE-2024-52732.json +++ b/CVE-2024/CVE-2024-527xx/CVE-2024-52732.json @@ -2,16 +2,55 @@ "id": "CVE-2024-52732", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-02T15:15:12.270", - "lastModified": "2024-12-02T15:15:12.270", - "vulnStatus": "Received", + "lastModified": "2024-12-03T16:15:23.540", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Incorrect access control in wms-Warehouse management system-zeqp v2.20.9.1 due to the token value of the zeqp system being reused." + }, + { + "lang": "es", + "value": " Control de acceso incorrecto en wms-Warehouse management system-zeqp v2.20.9.1 debido a que se reutiliza el valor del token del sistema zeqp." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://gist.github.com/LINF2009/fe2f0681389d4521d236a34ec2109a24", diff --git a/CVE-2024/CVE-2024-532xx/CVE-2024-53257.json b/CVE-2024/CVE-2024-532xx/CVE-2024-53257.json new file mode 100644 index 00000000000..a2ee3bda248 --- /dev/null +++ b/CVE-2024/CVE-2024-532xx/CVE-2024-53257.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-53257", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-12-03T16:15:23.693", + "lastModified": "2024-12-03T16:15:23.693", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Vitess is a database clustering system for horizontal scaling of MySQL. The /debug/querylogz and /debug/env pages for vtgate and vttablet do not properly escape user input. The result is that queries executed by Vitess can write HTML into the monitoring page at will. These pages are rendered using text/template instead of rendering with a proper HTML templating engine. This vulnerability is fixed in 21.0.1, 20.0.4, and 19.0.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 4.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/vitessio/vitess/commit/2b71d1b5f8ca676beeab2875525003cd45096217", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/vitessio/vitess/security/advisories/GHSA-7mwh-q3xm-qh6p", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-534xx/CVE-2024-53429.json b/CVE-2024/CVE-2024-534xx/CVE-2024-53429.json new file mode 100644 index 00000000000..15f8e496084 --- /dev/null +++ b/CVE-2024/CVE-2024-534xx/CVE-2024-53429.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-53429", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-21T15:15:35.530", + "lastModified": "2024-12-03T16:15:23.833", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Open62541 v1.4.6 is has an assertion failure in fuzz_binary_decode, which leads to a crash." + }, + { + "lang": "es", + "value": "Open62541 v1.4.6 tiene una falla de afirmaci\u00f3n en fuzz_binary_decode, lo que provoca un bloqueo." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-617" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/open62541/open62541/issues/6825", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-534xx/CVE-2024-53484.json b/CVE-2024/CVE-2024-534xx/CVE-2024-53484.json index d9f881c6da5..6f6906e1012 100644 --- a/CVE-2024/CVE-2024-534xx/CVE-2024-53484.json +++ b/CVE-2024/CVE-2024-534xx/CVE-2024-53484.json @@ -2,16 +2,55 @@ "id": "CVE-2024-53484", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-02T19:15:10.820", - "lastModified": "2024-12-02T19:15:10.820", + "lastModified": "2024-12-03T16:15:23.980", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Ever Traduora 0.20.0 and below is vulnerable to Privilege Escalation due to the use of a hard-coded JWT signing key." + }, + { + "lang": "es", + "value": " Ever Traduora 0.20.0 y versiones anteriores son vulnerables a la escalada de privilegios debido al uso de una clave de firma JWT codificada." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-798" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/ever-co/ever-traduora/issues/431%2C", diff --git a/CVE-2024/CVE-2024-535xx/CVE-2024-53564.json b/CVE-2024/CVE-2024-535xx/CVE-2024-53564.json index 0a4e6bf8c7d..3cab1d90c80 100644 --- a/CVE-2024/CVE-2024-535xx/CVE-2024-53564.json +++ b/CVE-2024/CVE-2024-535xx/CVE-2024-53564.json @@ -2,16 +2,55 @@ "id": "CVE-2024-53564", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-02T18:15:11.353", - "lastModified": "2024-12-02T18:15:11.353", + "lastModified": "2024-12-03T15:15:11.373", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An authenticated arbitrary file upload vulnerability in the component /module_admin/upload.php of freepbx v17.0.19.17 allows attackers to execute arbitrary code via uploading a crafted file." + }, + { + "lang": "es", + "value": " Una vulnerabilidad de carga de archivos arbitrarios autenticados en el componente /module_admin/upload.php de freepbx v17.0.19.17 permite a los atacantes ejecutar c\u00f3digo arbitrario mediante la carga de un archivo manipulado espec\u00edficamente." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://gist.github.com/hyp164D1/490732de230edf97423f6d95b0d2f903", diff --git a/CVE-2024/CVE-2024-539xx/CVE-2024-53900.json b/CVE-2024/CVE-2024-539xx/CVE-2024-53900.json index 5f49814b04e..ea2dbe09c30 100644 --- a/CVE-2024/CVE-2024-539xx/CVE-2024-53900.json +++ b/CVE-2024/CVE-2024-539xx/CVE-2024-53900.json @@ -2,16 +2,55 @@ "id": "CVE-2024-53900", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-02T20:15:08.347", - "lastModified": "2024-12-02T20:15:08.347", + "lastModified": "2024-12-03T16:15:24.113", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Mongoose before 8.8.3 can improperly use $where in match." + }, + { + "lang": "es", + "value": " Mongoose anterior a 8.8.3 puede usar $where incorrectamente en la coincidencia." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md", diff --git a/CVE-2024/CVE-2024-539xx/CVE-2024-53999.json b/CVE-2024/CVE-2024-539xx/CVE-2024-53999.json new file mode 100644 index 00000000000..fb6dd3918ec --- /dev/null +++ b/CVE-2024/CVE-2024-539xx/CVE-2024-53999.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-53999", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-12-03T16:15:24.250", + "lastModified": "2024-12-03T16:15:24.250", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. The application allows users to upload files with scripts in the filename parameter. As a result, a malicious user can upload a script file to the system. When users in the application use the \"Diff or Compare\" functionality, they are affected by a Stored Cross-Site Scripting vulnerability. This vulnerability is fixed in 4.2.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.7, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/27d165872847f5ae7417caf09f37edeeba741e1e", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-5jc6-h9w7-jm3p", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54000.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54000.json new file mode 100644 index 00000000000..7087d984382 --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54000.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-54000", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-12-03T16:15:24.380", + "lastModified": "2024-12-03T16:15:24.380", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In versions prior to 3.9.7, the requests.get() request in the _check_url method is specified as allow_redirects=True, which allows a server-side request forgery when a request to .well-known/assetlinks.json\" returns a 302 redirect. This is a bypass of the fix for CVE-2024-29190 and is fixed in 3.9.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/f22c584aa7d43527970c9da61eb678953cfc0a8e", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-m435-9v6r-v5f6", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-541xx/CVE-2024-54159.json b/CVE-2024/CVE-2024-541xx/CVE-2024-54159.json index aac75dba312..90b951ce34c 100644 --- a/CVE-2024/CVE-2024-541xx/CVE-2024-54159.json +++ b/CVE-2024/CVE-2024-541xx/CVE-2024-54159.json @@ -2,13 +2,17 @@ "id": "CVE-2024-54159", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-29T22:15:07.017", - "lastModified": "2024-11-29T22:15:07.017", - "vulnStatus": "Received", + "lastModified": "2024-12-03T15:15:12.097", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "stalld through 1.19.7 allows local users to cause a denial of service (file overwrite) via a /tmp/rtthrottle symlink attack." + }, + { + "lang": "es", + "value": "stalld hasta 1.19.7 permite a los usuarios locales provocar una denegaci\u00f3n de servicio (sobrescritura de archivo) mediante un ataque de enlace simb\u00f3lico /tmp/rtthrottle." } ], "metrics": { @@ -35,6 +39,18 @@ } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-732" + } + ] + } + ], "references": [ { "url": "https://cwe.mitre.org/data/definitions/61.html", diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9683.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9683.json index 957c0930185..8939510efe6 100644 --- a/CVE-2024/CVE-2024-96xx/CVE-2024-9683.json +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9683.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9683", "sourceIdentifier": "secalert@redhat.com", "published": "2024-10-17T15:15:13.850", - "lastModified": "2024-10-18T12:52:33.507", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-03T16:14:52.690", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "secalert@redhat.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", @@ -30,35 +32,87 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.2, "impactScore": 2.5 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 } ] }, "weaknesses": [ { "source": "secalert@redhat.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-305" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "B1987BDA-0113-4603-B9BE-76647EB043F2" + } + ] + } + ] } ], "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2024-9683", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317559", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 99a2da213b5..d8a13566fde 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-03T15:03:05.766364+00:00 +2024-12-03T17:01:01.472617+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-03T15:00:58.693000+00:00 +2024-12-03T16:56:19.887000+00:00 ``` ### Last Data Feed Release @@ -33,50 +33,50 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -271987 +271993 ``` ### CVEs added in the last Commit Recently added CVEs: `6` -- [CVE-2024-10074](CVE-2024/CVE-2024-100xx/CVE-2024-10074.json) (`2024-12-03T13:15:04.490`) -- [CVE-2024-11200](CVE-2024/CVE-2024-112xx/CVE-2024-11200.json) (`2024-12-03T14:15:19.923`) -- [CVE-2024-12082](CVE-2024/CVE-2024-120xx/CVE-2024-12082.json) (`2024-12-03T13:15:04.843`) -- [CVE-2024-42422](CVE-2024/CVE-2024-424xx/CVE-2024-42422.json) (`2024-12-03T13:15:04.987`) -- [CVE-2024-49529](CVE-2024/CVE-2024-495xx/CVE-2024-49529.json) (`2024-11-21T17:15:20.987`) -- [CVE-2024-9978](CVE-2024/CVE-2024-99xx/CVE-2024-9978.json) (`2024-12-03T13:15:05.140`) +- [CVE-2024-11391](CVE-2024/CVE-2024-113xx/CVE-2024-11391.json) (`2024-12-03T15:15:09.973`) +- [CVE-2024-12101](CVE-2024/CVE-2024-121xx/CVE-2024-12101.json) (`2024-12-03T16:15:20.910`) +- [CVE-2024-53257](CVE-2024/CVE-2024-532xx/CVE-2024-53257.json) (`2024-12-03T16:15:23.693`) +- [CVE-2024-53429](CVE-2024/CVE-2024-534xx/CVE-2024-53429.json) (`2024-11-21T15:15:35.530`) +- [CVE-2024-53999](CVE-2024/CVE-2024-539xx/CVE-2024-53999.json) (`2024-12-03T16:15:24.250`) +- [CVE-2024-54000](CVE-2024/CVE-2024-540xx/CVE-2024-54000.json) (`2024-12-03T16:15:24.380`) ### CVEs modified in the last Commit -Recently modified CVEs: `38` - -- [CVE-2024-26035](CVE-2024/CVE-2024-260xx/CVE-2024-26035.json) (`2024-12-03T14:39:57.947`) -- [CVE-2024-26038](CVE-2024/CVE-2024-260xx/CVE-2024-26038.json) (`2024-12-03T14:38:32.390`) -- [CVE-2024-26040](CVE-2024/CVE-2024-260xx/CVE-2024-26040.json) (`2024-12-03T14:37:58.917`) -- [CVE-2024-26041](CVE-2024/CVE-2024-260xx/CVE-2024-26041.json) (`2024-12-03T14:35:05.120`) -- [CVE-2024-26042](CVE-2024/CVE-2024-260xx/CVE-2024-26042.json) (`2024-12-03T14:34:28.220`) -- [CVE-2024-26043](CVE-2024/CVE-2024-260xx/CVE-2024-26043.json) (`2024-12-03T14:34:19.377`) -- [CVE-2024-26044](CVE-2024/CVE-2024-260xx/CVE-2024-26044.json) (`2024-12-03T14:32:50.367`) -- [CVE-2024-26045](CVE-2024/CVE-2024-260xx/CVE-2024-26045.json) (`2024-12-03T14:32:46.117`) -- [CVE-2024-26050](CVE-2024/CVE-2024-260xx/CVE-2024-26050.json) (`2024-12-03T14:32:40.333`) -- [CVE-2024-26056](CVE-2024/CVE-2024-260xx/CVE-2024-26056.json) (`2024-12-03T14:46:21.770`) -- [CVE-2024-26059](CVE-2024/CVE-2024-260xx/CVE-2024-26059.json) (`2024-12-03T14:46:10.120`) -- [CVE-2024-26061](CVE-2024/CVE-2024-260xx/CVE-2024-26061.json) (`2024-12-03T14:45:43.500`) -- [CVE-2024-26062](CVE-2024/CVE-2024-260xx/CVE-2024-26062.json) (`2024-12-03T14:44:08.960`) -- [CVE-2024-26063](CVE-2024/CVE-2024-260xx/CVE-2024-26063.json) (`2024-12-03T14:43:38.843`) -- [CVE-2024-26064](CVE-2024/CVE-2024-260xx/CVE-2024-26064.json) (`2024-12-03T14:42:01.657`) -- [CVE-2024-26065](CVE-2024/CVE-2024-260xx/CVE-2024-26065.json) (`2024-12-03T14:41:45.277`) -- [CVE-2024-30314](CVE-2024/CVE-2024-303xx/CVE-2024-30314.json) (`2024-12-03T14:33:44.160`) -- [CVE-2024-34112](CVE-2024/CVE-2024-341xx/CVE-2024-34112.json) (`2024-12-03T14:35:08.160`) -- [CVE-2024-34123](CVE-2024/CVE-2024-341xx/CVE-2024-34123.json) (`2024-12-03T14:35:59.150`) -- [CVE-2024-35366](CVE-2024/CVE-2024-353xx/CVE-2024-35366.json) (`2024-12-03T14:15:20.107`) -- [CVE-2024-39343](CVE-2024/CVE-2024-393xx/CVE-2024-39343.json) (`2024-12-03T14:15:20.397`) -- [CVE-2024-48990](CVE-2024/CVE-2024-489xx/CVE-2024-48990.json) (`2024-12-03T14:15:20.627`) -- [CVE-2024-48991](CVE-2024/CVE-2024-489xx/CVE-2024-48991.json) (`2024-12-03T14:15:20.740`) -- [CVE-2024-48992](CVE-2024/CVE-2024-489xx/CVE-2024-48992.json) (`2024-12-03T14:15:20.850`) -- [CVE-2024-52998](CVE-2024/CVE-2024-529xx/CVE-2024-52998.json) (`2024-12-03T14:32:51.580`) +Recently modified CVEs: `79` + +- [CVE-2024-29507](CVE-2024/CVE-2024-295xx/CVE-2024-29507.json) (`2024-12-03T16:15:21.343`) +- [CVE-2024-30274](CVE-2024/CVE-2024-302xx/CVE-2024-30274.json) (`2024-12-03T16:31:14.377`) +- [CVE-2024-30298](CVE-2024/CVE-2024-302xx/CVE-2024-30298.json) (`2024-12-03T16:30:43.050`) +- [CVE-2024-31669](CVE-2024/CVE-2024-316xx/CVE-2024-31669.json) (`2024-12-03T16:15:21.540`) +- [CVE-2024-32256](CVE-2024/CVE-2024-322xx/CVE-2024-32256.json) (`2024-12-03T16:15:21.697`) +- [CVE-2024-32610](CVE-2024/CVE-2024-326xx/CVE-2024-32610.json) (`2024-12-03T16:15:21.880`) +- [CVE-2024-36611](CVE-2024/CVE-2024-366xx/CVE-2024-36611.json) (`2024-12-03T16:15:22.057`) +- [CVE-2024-36615](CVE-2024/CVE-2024-366xx/CVE-2024-36615.json) (`2024-12-03T16:15:22.197`) +- [CVE-2024-36622](CVE-2024/CVE-2024-366xx/CVE-2024-36622.json) (`2024-12-03T16:15:22.343`) +- [CVE-2024-38862](CVE-2024/CVE-2024-388xx/CVE-2024-38862.json) (`2024-12-03T16:56:19.887`) +- [CVE-2024-38863](CVE-2024/CVE-2024-388xx/CVE-2024-38863.json) (`2024-12-03T16:47:15.693`) +- [CVE-2024-39890](CVE-2024/CVE-2024-398xx/CVE-2024-39890.json) (`2024-12-03T16:15:22.483`) +- [CVE-2024-44759](CVE-2024/CVE-2024-447xx/CVE-2024-44759.json) (`2024-12-03T16:15:22.597`) +- [CVE-2024-45106](CVE-2024/CVE-2024-451xx/CVE-2024-45106.json) (`2024-12-03T15:15:10.470`) +- [CVE-2024-48530](CVE-2024/CVE-2024-485xx/CVE-2024-48530.json) (`2024-12-03T16:15:22.973`) +- [CVE-2024-48533](CVE-2024/CVE-2024-485xx/CVE-2024-48533.json) (`2024-12-03T16:15:23.117`) +- [CVE-2024-48536](CVE-2024/CVE-2024-485xx/CVE-2024-48536.json) (`2024-12-03T16:15:23.253`) +- [CVE-2024-49203](CVE-2024/CVE-2024-492xx/CVE-2024-49203.json) (`2024-12-03T16:15:23.393`) +- [CVE-2024-52724](CVE-2024/CVE-2024-527xx/CVE-2024-52724.json) (`2024-12-03T15:15:10.943`) +- [CVE-2024-52732](CVE-2024/CVE-2024-527xx/CVE-2024-52732.json) (`2024-12-03T16:15:23.540`) +- [CVE-2024-53484](CVE-2024/CVE-2024-534xx/CVE-2024-53484.json) (`2024-12-03T16:15:23.980`) +- [CVE-2024-53564](CVE-2024/CVE-2024-535xx/CVE-2024-53564.json) (`2024-12-03T15:15:11.373`) +- [CVE-2024-53900](CVE-2024/CVE-2024-539xx/CVE-2024-53900.json) (`2024-12-03T16:15:24.113`) +- [CVE-2024-54159](CVE-2024/CVE-2024-541xx/CVE-2024-54159.json) (`2024-12-03T15:15:12.097`) +- [CVE-2024-9683](CVE-2024/CVE-2024-96xx/CVE-2024-9683.json) (`2024-12-03T16:14:52.690`) ## Download and Usage diff --git a/_state.csv b/_state.csv index a406ff8d71e..78b7773cd8c 100644 --- a/_state.csv +++ b/_state.csv @@ -126949,33 +126949,33 @@ CVE-2018-9413,0,0,c96c3efa9a30492ac98f18f0022a88627e5c62aad3ceec520d5c6c6e2465f8 CVE-2018-9414,0,0,ff411e1453b6d328c9937c931929b28e4db55740686db80ad8901a21ffa183de,2024-12-02T21:15:09.757000 CVE-2018-9415,0,0,ed7c0b7190441eec3d5a1d3e25bd99949f1ee50503dc12cac8466031b55d4227,2018-12-12T21:36:26.237000 CVE-2018-9417,0,0,d14f6cd2cf635e766e90a973936df96c48a6f5ddbb0b86d066715267e8c688d6,2024-11-22T22:08:46.630000 -CVE-2018-9418,0,0,86b4dfa22a3219c3f9d5034a4757f9ff995bbacf3a2fc82a5cbc74c8c40e90ee,2024-12-02T22:15:08.727000 +CVE-2018-9418,0,1,e851384c008e3a0dde6b54cd54b3ee4e68c29533e11960a94ecde9efdfeb4b80,2024-12-03T16:15:18.587000 CVE-2018-9419,0,0,c18c29ca18cc221fa9a8a8c05cd34721a5a1c5a074ea2d5aabaa414db75bd8e3,2024-11-22T22:07:33.540000 CVE-2018-9420,0,0,66fc0f4acf821ffb8066676839446733124360b845f6c5c453f18b9e6c40661b,2024-11-22T22:06:41.107000 CVE-2018-9421,0,0,52ba484018943b73a71b64289663d9ef88b221366cb0d59b8c78fc2228d30f11,2024-11-22T22:05:41.297000 CVE-2018-9422,0,0,b22e8a2bc8d5adc29f8bdfbdd7dc1e05001e055bf24c72ec70cb010b3e16095b,2019-08-19T20:15:10.567000 -CVE-2018-9423,0,0,6429a61812c1530f111bfc1063779ac291054cf489c4cfbb06a56a9e664d5689,2024-12-02T22:15:08.827000 +CVE-2018-9423,0,1,7b17958f5e3168f428bc9354965c2b08cc077840d35b7e45594d4f2bf0234971,2024-12-03T15:15:05.530000 CVE-2018-9424,0,0,071ed5e03e559b374e1e944c883e1f76b850eb82b86ac5533496dbfc405cbff1,2024-11-22T21:26:59.867000 CVE-2018-9425,0,0,8bb9fe5d8897d0c1ee991ea8f216f809874791aaa9aa06201b1a1ea7da995c7f,2019-10-02T12:37:35.567000 -CVE-2018-9426,0,0,e8a0b43c9e2f9cc03e9b91e751e2505103dbd9f5b1a6bdb4f3dd8276e43afc78,2024-12-02T22:15:08.917000 +CVE-2018-9426,0,1,986dd15b7c03529179be38e974e464d55709f848156ecd02193caed3e4c52cff,2024-12-03T15:15:05.730000 CVE-2018-9427,0,0,5486e933f7e8fc1bc0bff04d24f293fbfbce11d5548d03ed415827a8763827af,2018-12-18T17:33:53.610000 CVE-2018-9428,0,0,3b5ce7df2963b04e24e60241e4f43e4dd0d84039a25f956359e2baadc53434c2,2024-11-22T22:04:52.717000 -CVE-2018-9429,0,0,b9892d5139a31082ae9ac512e281aa4db068f938e8c67575e2043284b5edb0f1,2024-12-02T22:15:09.013000 -CVE-2018-9430,0,0,1e879fd9b3be4c0280c3eecdb5931334d471944ac8149a8f3ac9c579177562bc,2024-12-02T22:15:09.113000 -CVE-2018-9431,0,0,2a681870d64666e3d9e71af5fcfdf2ad31bc131ecf5e0b1626b97134f6597bf4,2024-12-02T22:15:09.210000 +CVE-2018-9429,0,1,f5ebd7f7f31f971d3af44c8145269dd2ae12d94294dbeae60b29b7b3910c64c3,2024-12-03T15:15:05.927000 +CVE-2018-9430,0,1,17ce67eec50cdf1ddf24fa00c1a77c31a4403919ae595976987d49e3a6797413,2024-12-03T15:15:06.087000 +CVE-2018-9431,0,1,c912b5573ab37af5b271c506e44c742055f1fcdf91107e2934aecd60d90fd41d,2024-12-03T15:15:06.270000 CVE-2018-9432,0,0,df057bd665a08e609e489b18ec44ef01d41efdbc35ca27192e24b02968fc98c8,2024-11-22T21:11:15.770000 CVE-2018-9433,0,0,7eb797c3d8bd260ec2ed1dbbfc9bf065ef873715e18a47f18908c92e08feb4be,2024-11-22T21:13:28.557000 -CVE-2018-9435,0,0,ee1327bfa3619abc31a585102da866f3ca24670ce83ca477b60091514b63e7a3,2024-12-02T22:15:09.310000 +CVE-2018-9435,0,1,d7acfbd9b6a8baf8942238ac46af38dbe5f587b828fc107ea7ec1738ffbada18,2024-12-03T15:15:06.450000 CVE-2018-9436,0,0,c8a247a24c83592bc549534ae7eaaefb20fd255e25c6b61b4321b051f8f1edfb,2018-12-12T21:25:58.460000 CVE-2018-9437,0,0,2fe7c032447c4aee2d71cdb7773a63d008648862a1635a0096aea7442fa776a0,2018-12-12T21:23:38.690000 CVE-2018-9438,0,0,9dbca74422ec533040b998a41e1e9831a0ef457b53367dc472271daa39aa9ea8,2019-10-03T00:03:26.223000 CVE-2018-9440,0,0,5d528d97aa009b19faaf4b76b2810035a508f7ff2a656fcd3a5ea6d1c0d4ebd7,2024-11-22T21:30:26.993000 -CVE-2018-9441,0,0,64e0ca2bcf827a0c3a213e5b6d51a206424c5243615bed13cdf55ac8ff086493,2024-12-03T01:15:04.697000 +CVE-2018-9441,0,1,71136ecdc98eab935890efab417789f90a76dae71108e4492cad31255e59036a,2024-12-03T15:15:06.620000 CVE-2018-9444,0,0,845df1a91dbb86e10e94c2948d2846f136bb91fcf20699ed819d25cc42061c97,2019-10-03T00:03:26.223000 CVE-2018-9445,0,0,98705da52e00a08c614b22fd78898c2cac0a1a38aa43d2cb54a22be54b025a7f,2018-12-12T21:11:21.837000 CVE-2018-9446,0,0,aade2e9dd27e08888d7772668cb279781f71a8adf195cc015d694763f350e194,2018-12-12T21:04:55.173000 CVE-2018-9448,0,0,6f09b1e98acf930f94a509976debb4b57f40d675d8c3078ca467fb9170d1e624,2018-12-12T21:02:17.877000 -CVE-2018-9449,0,0,3180cc976c0636dccd35b3a0144c54d1a1cf2fda607b0f3ceb51b090085bc964,2024-12-03T01:15:04.803000 +CVE-2018-9449,0,1,d46f6bb000c174f5d4853de6418cf958172d5b97c886e5814895a318df98e87a,2024-12-03T15:15:06.793000 CVE-2018-9450,0,0,88a5539155afc3838696edab4f8304f63eba50f73be2aafec2b62ff10c75122f,2018-12-12T20:55:12.133000 CVE-2018-9451,0,0,129d08baf0933d3fb93461fbfc4f9a2f145f8900af6404108ecd3acb357d36b8,2018-12-12T20:48:51.673000 CVE-2018-9452,0,0,780910fe7d2739fa64e821536152992dd248be72f6bf6989ab9ade5896bbdc38,2023-11-07T03:01:36.743000 @@ -234136,7 +234136,7 @@ CVE-2023-44848,0,0,970c0dfa22e1278f9e0582743c6ed3fabbbe9eed143c78d47a3794736c9d3 CVE-2023-4485,0,0,d526a2f954c2736d53f3460e51a08ad20649b599f0f9d65c5a7ab7793bc309d9,2023-11-07T04:22:39.683000 CVE-2023-44852,0,0,81fa0729ea0f25cfdf47c83b9b359d370eb0ad757ed0d34e038272288625118d,2024-04-12T12:43:46.210000 CVE-2023-44853,0,0,063d78de1e79f39a8a7ba8b021087b2fe317ac5c06b40bbf2260beeeda1a9bd3,2024-07-11T15:05:11.010000 -CVE-2023-44854,0,0,4e48088f87e2b11e1467bc2e46295bb34cce24866803fdf912aedaaaf1ece32a,2024-04-12T12:43:46.210000 +CVE-2023-44854,0,1,2f387dfb8951922484f04eba6c7c9648e5771307e982e4e9f580db0c3e860943,2024-12-03T16:15:20.170000 CVE-2023-44855,0,0,92111c6cfff436f5910c36b2425cefcca54a17fd5b869b376ff0baaabbc0006e,2024-08-01T13:44:55.020000 CVE-2023-44856,0,0,a76d181d88ad79e84650e79a2b1f7da6f319c0fddcf5a6791d43e3b94d0e0f48,2024-11-01T15:35:04.937000 CVE-2023-44857,0,0,26efa4526fba2775c0abb30007c2cd5f8e11cb8211d852c759d226044c613250,2024-07-03T01:41:47.663000 @@ -241803,7 +241803,7 @@ CVE-2024-0033,0,0,27344b7715a75d0aa82a7b18cd174c27fc55902f246df424d23b6d9f7df6dd CVE-2024-0034,0,0,cf6982fa2541b8054d4b654ea4c176621af3fadbf8e13dda28278df5290d9039,2024-08-01T13:45:55.720000 CVE-2024-0035,0,0,7f9a041eb0797a9ce082ac40f420562683422751c556b2a3bd01f4fb3ad4e8b1,2024-08-28T15:35:11.740000 CVE-2024-0036,0,0,fff8c3e6a7e572a710532aa58189e21f41ee35c59b75c244857e50ee7d7b8970,2024-08-21T21:35:03.820000 -CVE-2024-0037,0,0,1984abcd84fcbca749629505f54914a5fb0eaea260b199158895b24d5fba6398,2024-11-26T16:29:39.073000 +CVE-2024-0037,0,1,394cfced2a2723a704c6cbe26977af45d337b3a1bb3716915c523e280e7c05c0,2024-12-03T16:15:20.440000 CVE-2024-0038,0,0,8a4c5cca5cece8c101e9b56b16a23bb12b2d4f0643275b101b5b221ef0addcbe,2024-08-22T14:35:04.960000 CVE-2024-0039,0,0,bf163f6fc7f56cae12262037eeb80c9572f8668c8d542ca891d986c2ffbca152,2024-11-26T14:26:56.233000 CVE-2024-0040,0,0,cb768c0c56422d8be59b8ead41b2abde5abcab3c6641c5456375c74ed8738c47,2024-08-01T13:45:55.990000 @@ -242727,7 +242727,7 @@ CVE-2024-10070,0,0,097b5fa8b05282436b73014713798d6fa690cb8f60b9a6a570218b5126552 CVE-2024-10071,0,0,bb09f0d1e52fd077bfb7e20220a6e7299b02ea37e71361b2da945aab892ebc57,2024-10-22T14:20:07.393000 CVE-2024-10072,0,0,bc7125b99f3b32fe14c3d31b5db253134e4813c76ba571fea45856a5a9500c69,2024-10-22T14:20:16.997000 CVE-2024-10073,0,0,9ac62420226c9fe9ed2bbe058542cdb11512629d78e7df28a3c14d1c56a17916,2024-10-29T17:18:17.690000 -CVE-2024-10074,1,1,b284744f07fe1ddfdf77652f05295a2c0f173bf1f197cb901df5e6965a15cfaa,2024-12-03T13:15:04.490000 +CVE-2024-10074,0,0,b284744f07fe1ddfdf77652f05295a2c0f173bf1f197cb901df5e6965a15cfaa,2024-12-03T13:15:04.490000 CVE-2024-10078,0,0,2a32e11049e01066fde7387ca375ea057ecc9dffb9aee4dba521fe1d1cadf633,2024-10-22T16:28:26.113000 CVE-2024-10079,0,0,373e7888db951070e423ef6d1503b855c013868b3575c214d882cd52c4cf0816,2024-10-22T16:27:54.577000 CVE-2024-1008,0,0,a9b7d9e2e828ed74dc3f97aef993fcfdb7b13561fd219152455ff7524c8067cd,2024-05-17T02:35:09.680000 @@ -242845,7 +242845,7 @@ CVE-2024-10218,0,0,80b7300a65e46275d83f3bd59a6350bd0af804c93b7f84ec384cf6c815e43 CVE-2024-1022,0,0,f42eaa1b302319f7e3148377e0522c31bf6c16d407215c446c1d3f1b55b4debd,2024-05-17T02:35:11.070000 CVE-2024-10220,0,0,34f293e26dd67da6d92e244e4687b4aa20b912c0b86b79157464f27fb6137073,2024-11-22T17:15:06.650000 CVE-2024-10223,0,0,237ebcbe1a44551c4c262c272427d3817a64977114a9e921cdeb1f7ff3ea65fd,2024-11-01T12:57:03.417000 -CVE-2024-10224,0,1,b4b06129afa19bd4bd2db86d543a9417ce3496d8c49771d9c2d4f2d051e46d1d,2024-12-03T14:15:19.270000 +CVE-2024-10224,0,0,b4b06129afa19bd4bd2db86d543a9417ce3496d8c49771d9c2d4f2d051e46d1d,2024-12-03T14:15:19.270000 CVE-2024-10226,0,0,6d4cd561e79cc1ca7a5d9390efd20e7ca0cce098a56a2c4eb01cd0ded7623cbf,2024-10-31T16:48:41.553000 CVE-2024-10227,0,0,3dd5e64d31c98828e85e7c30a2d118d04e1c9c4e3f27cb753e16556963759a42,2024-10-29T14:34:04.427000 CVE-2024-10228,0,0,d569133a271818bbabb06a409fc5b29be55f5994c84d2df5dcb22d53edb0464d,2024-11-07T17:12:45.750000 @@ -243320,7 +243320,7 @@ CVE-2024-10886,0,0,dbb0fce1f84e13fbc68880e115c84f1055ea586a69373d4f7dec78acdd1fa CVE-2024-10887,0,0,6f1c620112f0531885feb58bf605da1bdf3e2be3ee69e7f92d5d01d446076f44,2024-11-13T17:01:16.850000 CVE-2024-1089,0,0,9442709e929187c1b992d082c3eaeec9226480f80fc28198e3a73f4a684640d5,2024-02-29T13:49:29.390000 CVE-2024-10891,0,0,75368c42ada2eff64310eb4f2bf04c277030b9ed62814601df628d2e55a629ad,2024-11-20T10:15:05.273000 -CVE-2024-10893,0,0,1e02db477629e0f5f43dc3a572525605befae0d3ba45f0ae221c6a9f0c6047d6,2024-12-03T06:15:08.500000 +CVE-2024-10893,0,1,0aab818c2ee8dd269b128accce04abd1993d7d71f805e1fbf57f82290441bfd5,2024-12-03T15:15:09.780000 CVE-2024-10895,0,0,595bc2f289687b30c5fe4f154f1211dd293d99cd45db772babe4d8ed8c825807,2024-11-27T07:15:08.347000 CVE-2024-10896,0,0,e962891bb7ff0bd290fd7c88332bde91f2f69d0bdc8b8df6012dc8f056efaa3b,2024-11-29T16:15:08.880000 CVE-2024-10897,0,0,5090338464622dc9d5ece2556a5b89ff3e6aa995d53aa797095eaa9a0db6f534,2024-11-20T16:09:16.643000 @@ -243392,7 +243392,7 @@ CVE-2024-10999,0,0,e7ea7377e972e711b7f09c97d1f1904a51f2a45036948c3c337a6d1c65fd2 CVE-2024-1100,0,0,f004473b9cf0d9d95a81c6b2db685e986de4389d0d38ab5c3537c8bbd36c025b,2024-07-03T01:44:59.517000 CVE-2024-11000,0,0,a7e8d5385c553ca345a72fc5358bdef9d69bb9b3c3980e31af7a0cfb92d81a8f,2024-11-13T01:05:49.643000 CVE-2024-11002,0,0,b6bf6324987f4073b2c9bfe8ed3afef93af42e688e9e8a0c5fdbab27cca15ed5,2024-11-26T07:15:05.413000 -CVE-2024-11003,0,1,a783ec5f16b410f220d004ec7b834ae4a4b65091c9d3bd08888ea586385d6942,2024-12-03T14:15:19.800000 +CVE-2024-11003,0,0,a783ec5f16b410f220d004ec7b834ae4a4b65091c9d3bd08888ea586385d6942,2024-12-03T14:15:19.800000 CVE-2024-11004,0,0,ae81cd254161ae2b32edcbdeb3c8b9257e0a408bd5a5695d4038ccc9e5adaac9,2024-11-13T17:01:58.603000 CVE-2024-11005,0,0,11c6f0332fc033e5f19567e3b4704591ec391ce7bb38c717fd45eebf4e8bd80e,2024-11-22T17:15:06.803000 CVE-2024-11006,0,0,94626099ce68e5d3e4adfe80a73960f4ad7b764747da2022a8d4006ce81886f0,2024-11-22T17:15:06.913000 @@ -243520,7 +243520,7 @@ CVE-2024-11195,0,0,59a97c370771f27b33e51ae1039dc49a821a1858990404541e8309b975c38 CVE-2024-11198,0,0,51d6daea956d8949d0eebe7d036d8836a4c8d5c266ea899d7a1d4229a0290103,2024-11-19T21:57:32.967000 CVE-2024-11199,0,0,1b252293dc51d6f43d3121b045d01eb3c6301ad12927e01a257a520b4287caef,2024-11-23T10:15:03.897000 CVE-2024-1120,0,0,4ae965ad3da5f8a3235e6e58dd82dd504b21e474d229ae465351f9f2ed6318d2,2024-03-01T14:04:04.827000 -CVE-2024-11200,1,1,f4d97ea48501a65608a17fa4e2270dbe4daddfc571376bcd024e4292966bd946,2024-12-03T14:15:19.923000 +CVE-2024-11200,0,0,f4d97ea48501a65608a17fa4e2270dbe4daddfc571376bcd024e4292966bd946,2024-12-03T14:15:19.923000 CVE-2024-11202,0,0,51d8d259b86d0f0a0aaf1b7832edde09bf21ffb4ef806afcd5ff2c031b036ac7,2024-11-26T08:15:03.710000 CVE-2024-11203,0,0,51c484c857cf59c3f813a2e3506116f16f445f710b53772d92de1b4f877cc338,2024-11-28T09:15:04.007000 CVE-2024-11206,0,0,4dabdbee4189d67c14faab7077a38bbebaaf9a0412b9485b8ea9f96e93b55b84,2024-11-15T13:58:08.913000 @@ -243621,6 +243621,7 @@ CVE-2024-11385,0,0,b8c574c75cf2cea00a757d377dc474503f06328c73f6861f0cd8dff47b3ce CVE-2024-11387,0,0,570819d44f260948aed21f18e713c0988e86544acdb78701fe81de7ec470e4a6,2024-11-23T05:15:06.833000 CVE-2024-11388,0,0,cc4ce5951e6443c6719f0b47e25fd91148c8919ab17cf08bd038e67541d941d5,2024-11-26T17:23:56.647000 CVE-2024-1139,0,0,3dc684f5c9c2296003368c61d669c2f327953a7aefcd4f9a72abdc4b058cbe13,2024-05-16T23:15:47.323000 +CVE-2024-11391,1,1,160a5b9b04cae17fd15d97deaa177463c24d83d649e68aace24a88d332e19a63,2024-12-03T15:15:09.973000 CVE-2024-11392,0,0,1e5f2ec38300a521839918df7c104887d1b6dd0c3952db0a36cb8a2513cfddaf,2024-11-27T21:55:00.983000 CVE-2024-11393,0,0,19dee016144f4c49671550a1a20a1c722bca8a9d767501dcdfc03cfe728a7c2b,2024-11-27T21:54:58.570000 CVE-2024-11394,0,0,ed715a5643cd62dc08ee2cf492057b775795efb9422c8c56a37f188481d1231f,2024-11-27T21:54:52.887000 @@ -243793,7 +243794,7 @@ CVE-2024-11662,0,0,8eddcedd4d81580627eb49a5c0b83d72ce9c466dae7dd645a8640b29c2f87 CVE-2024-11663,0,0,3626413ca3e66966b7d786a611d25e545ae4de59326fcb8c9442c9f727c440f4,2024-11-25T09:15:06.590000 CVE-2024-11664,0,0,f7e3e3893aefbf47475119b5cc15d35a6bf3fef30ce727b8b58d082d350666b1,2024-11-25T09:15:06.800000 CVE-2024-11665,0,0,432484acd0139af98341fd7fe90b0662197ea5956295af2989047d68fc0277cd,2024-11-25T00:15:03.957000 -CVE-2024-11666,0,0,2250b20e698d0c0188636489287d2b59448a3bc6ff2a33a1b94eca03d876ba25,2024-11-25T00:15:04.040000 +CVE-2024-11666,0,1,a7e124e4e7b7bca398eeda63d114e258fa78223da80e0f950915de9498ee814c,2024-12-03T15:40:14.907000 CVE-2024-11667,0,0,623b49dca2a1a534ffbd8f116339108bc3210c6b3403e4c93f0e00df5d59fcc7,2024-11-28T03:15:14.943000 CVE-2024-11668,0,0,76595504dbd2b64d21bcff47f11c8e8cc91ab680fc6cee5f2ffc1737d953cc2b,2024-11-26T19:15:22.027000 CVE-2024-11669,0,0,a5de8e98bfb8b633c540619e4d481ef856cf620fef729b0da27716832b9fbae5,2024-11-26T19:15:22.367000 @@ -243838,8 +243839,8 @@ CVE-2024-11732,0,0,9ac5f8faeb8d3d023aef30c0e1c16293895e21fbeef4db588eecb4bcce0a9 CVE-2024-1174,0,0,1a20d0936daa8c05ea33a8dfff3a4c4c734ee1e57e74d832a558685298d668aa,2024-08-28T21:35:03.473000 CVE-2024-11742,0,0,67990b8c6d291afd926a35484e6c0e210504d9728dfca33a0ba1469d0b959cb7,2024-11-26T20:15:25.703000 CVE-2024-11743,0,0,4f6422c96bd4f753ba6c7b4e725945a7686018b3a7c5c8f40a5c1bd59c112f03,2024-11-26T20:15:25.930000 -CVE-2024-11744,0,0,00cf39a5ff638eb8540e5762c3b7d5f96d7e68d9cff105ba77a0024d8435ddd0,2024-11-26T21:15:06.483000 -CVE-2024-11745,0,0,7dcacd2cf20ed5acc6af6d89bc5904d91f3ced648b148a25b404dd36098893ff,2024-11-26T21:15:06.733000 +CVE-2024-11744,0,1,d39b5f592014fd4a2278c647fc2411f75d3865150415b86b86bc4d90ea41f3d3,2024-12-03T15:30:32.153000 +CVE-2024-11745,0,1,96069305de6ef8812783ef245e2f61d86d985db42c36cad22c8d389adbd7e8c1,2024-12-03T15:25:28.847000 CVE-2024-1175,0,0,190484da8a43d8915393af59d3a99a603fc65c2c05796109a63c7e3028461e1e,2024-07-24T20:32:01.573000 CVE-2024-1176,0,0,3a9729597b8ae5d1f7a6b2981371f9af662d86aa4ba3ac1ac5a3a2992dbcfc6a,2024-03-13T18:16:18.563000 CVE-2024-11761,0,0,eb52b6beba84d5e3aa94afd1e69b06248988bf9736924036fa502f3813b0779d,2024-11-28T09:15:05.090000 @@ -243847,32 +243848,32 @@ CVE-2024-1177,0,0,d9cdcff987bd78d6f32a7f8b0a8d2970109268852041331a890d212ad12ebb CVE-2024-1178,0,0,1ff4a71536018366c289bfb8a1aa1adef7208a3ae26719efcdb84bec870fcd3d,2024-03-05T13:41:01.900000 CVE-2024-11782,0,0,e3d9ca853e3de7c456298225b3bac758bc6cc14e92c8dd2b7f7b36c0bd838f02,2024-12-03T10:15:05.320000 CVE-2024-11786,0,0,6cf20be08bd72bdf18f1b37af5fd1777457199a33f3d53de54fd985237bb5f39,2024-11-28T09:15:05.243000 -CVE-2024-11787,0,0,8884b7c43bffdc761343b898533952062d862c4863a9b6bcdc4c5c48c1360306,2024-11-28T00:15:04 +CVE-2024-11787,0,1,0fc43ca7c27cfe9e876d4315d9f5ebd6d728a646aa64b73ef36d749ae3468d41,2024-12-03T16:09:14.300000 CVE-2024-11788,0,0,01a0a36704164a1ea673e9c9b149d51cdeaf30b14f663c5b5a2abc31455fcbdb,2024-11-28T09:15:05.393000 -CVE-2024-11789,0,0,d06b95e66e5a22c78892acbd98b353175ae61fe9608345830498ff2e4f5fdb23,2024-11-28T00:15:04.153000 +CVE-2024-11789,0,1,d8f07d3d7ea009ac5d9fd72e1a0bd4d5ea8578472c7f0180e6d76006359b22f0,2024-12-03T16:08:48.497000 CVE-2024-1179,0,0,18b2d0d135c66f5f21d2d252edc06809b11030eef4b80a686f580bba7c87222c,2024-04-02T12:50:42.233000 -CVE-2024-11790,0,0,7eb0efb57861215d25474c9177a9b5846faf133f14c18a77853199cc14929512,2024-11-28T00:15:04.297000 -CVE-2024-11791,0,0,f7812facc833566721316fedb7fc13ab5fda3902d97cca96c1e9a04c70f6ce62,2024-11-28T00:15:04.467000 -CVE-2024-11792,0,0,724265a84bf5adbc66d134c3e007b45dde7354148574ac833d7840743d528d86,2024-11-28T00:15:04.603000 -CVE-2024-11793,0,0,4f3f24004a83dffb075d3766670bb1f47439f6afdd8003bba20bd8941410dc1a,2024-11-28T00:15:04.730000 -CVE-2024-11794,0,0,71af81b031f48800032ea660984c279b031b17bf80e20d95e76454e481374a42,2024-11-28T00:15:04.883000 -CVE-2024-11795,0,0,4d86cb62ace95a984949122078c830a55ddcd9651627f072a68610a81f11cc16,2024-11-28T00:15:05.017000 -CVE-2024-11796,0,0,d34e310658f8306339ba7b6f3b0bc7ddf2283092bf7e37f360abebfe2a77d0c3,2024-11-28T00:15:05.173000 -CVE-2024-11797,0,0,09f562a8cec3f54f1200a3a350f5254ad41da142ee62c861567d0bf2cf7a0ccb,2024-11-28T00:15:05.323000 -CVE-2024-11798,0,0,e442f0b00f0382a9e026e028e005f3773bd40e2e3b3c712c69a3e592929720ba,2024-11-28T00:15:05.463000 -CVE-2024-11799,0,0,21b96b10b4ae8a3e7ce2ac91ee6d2ef180e896d673e06481b2cbe4e89a06dbfb,2024-11-28T00:15:05.603000 +CVE-2024-11790,0,1,e988d74620c01d9561caceeb4755411d4d7ac5d5caa2e1ddf80e7d03798e0a57,2024-12-03T16:08:38.587000 +CVE-2024-11791,0,1,a282242f3195f1360ed8970247bb2873766bcf9e7b01704b3129def56fcd9706,2024-12-03T16:08:22.910000 +CVE-2024-11792,0,1,d8b72c34198e7d7761d23f59e5659e0bfaa920c7ac795c5ded45474ce118ca23,2024-12-03T16:07:42.940000 +CVE-2024-11793,0,1,857ee43deb04b42a918bb2c68574ce73788d0030aaff148e64da973ef0130973,2024-12-03T16:06:59.270000 +CVE-2024-11794,0,1,07030d740a13f7a50aac28994bcc57e57826ceadac688d24f3133d6ba0ad0a33,2024-12-03T16:06:32.677000 +CVE-2024-11795,0,1,a6a62594f243b757c227df5f64829f60dbbed7c17fa47f3d520e60b70ddfed5d,2024-12-03T16:06:03.237000 +CVE-2024-11796,0,1,8f85607a5d2afa6feefb48676fe94680b3b87b47d7a9ece4846a6c7d91db756a,2024-12-03T16:05:21.907000 +CVE-2024-11797,0,1,08e92f54ffdd019c809f0ce86e6d040f8755520503afbce9c33ef12e3ba0bd2c,2024-12-03T16:04:52.443000 +CVE-2024-11798,0,1,509f10e32654d66d39d1278b40784fa0e8d8b9f3d98d987964d9151aebf770d1,2024-12-03T16:04:32.760000 +CVE-2024-11799,0,1,7dc7493125c39bdd32ecaf0e17a665d15ced7a44b859e15db7979e25de19d8ec,2024-12-03T16:22:54.423000 CVE-2024-1180,0,0,bb83e3fdc0a8f87f14b71aa596dc16c65435770562b16333b2c46b0a903dc99c,2024-04-03T17:24:18.150000 -CVE-2024-11800,0,0,452e646ca4272df50dba618a6bbe5597902065fb71dbf212269417af86b3c28f,2024-11-28T00:15:05.747000 -CVE-2024-11801,0,0,9f7fb4a596ccaeab8fec5833422864785f9b02d4e4cdf4de8584f0f02ff993f7,2024-11-28T00:15:05.873000 -CVE-2024-11802,0,0,6f4d24723a8ed97073be195e50e0db56014f2b2ea65777a9a07412229fff3a98,2024-11-28T00:15:06.007000 -CVE-2024-11803,0,0,81a74b13e4dbf770a17aeec0a98f9e92d283ae44a8459caff765261ca92e6496,2024-11-28T00:15:06.143000 +CVE-2024-11800,0,1,c3f241cce937ea88f12c3e3d8077658b1f1ea7139e48c3521ef8554461a2ec39,2024-12-03T16:22:41.957000 +CVE-2024-11801,0,1,0e2ce1178702da2471c60f99f2f75841a57e7cae82d7e8916897270d12fd97da,2024-12-03T16:22:22.837000 +CVE-2024-11802,0,1,1ee509be931681d4c5a8d73b57a93991c64ec42b7974530a22aeb2c892a2963a,2024-12-03T16:16:58.833000 +CVE-2024-11803,0,1,644472c8797730bc30cd63b92f05bcde358630be8a0ae341ba8c4c7843fb16ba,2024-12-03T16:16:42.027000 CVE-2024-11805,0,0,c4320a41ca0d4edd118e9ad964bb3b250fee875896f75cfe07057a59cde52b29,2024-12-03T08:15:06.553000 CVE-2024-1181,0,0,3ab1ccda9f702c4fc6b350844c2c0edd9e45550807a44d2d8746213d5ed7378e,2024-03-20T13:00:16.367000 -CVE-2024-11817,0,0,878ee2179044a99d330d167a93477de960b6cf592f6203d72eec9805c4d5d74a,2024-11-26T23:15:04.990000 -CVE-2024-11818,0,0,db7694cd2fdcae7c78aac428fa42653e88b1d41dfdd73e2502c588c9613c4f73,2024-11-27T00:15:17.727000 -CVE-2024-11819,0,1,4ad555b58c0b6ae087a0e197e14f318c0818cf9ebf662c2c2b44a9340719cc17,2024-12-03T15:00:58.693000 +CVE-2024-11817,0,1,9a66a0fca3306ba25f6938738b8c35626d89b0596c6acf3b5c6bd12c17a8843e,2024-12-03T15:15:41.753000 +CVE-2024-11818,0,1,03353c8ea92f63bcb93155865a1eb5dbe1fed70391bddfd4d8cf954b882838c4,2024-12-03T15:06:10.997000 +CVE-2024-11819,0,0,4ad555b58c0b6ae087a0e197e14f318c0818cf9ebf662c2c2b44a9340719cc17,2024-12-03T15:00:58.693000 CVE-2024-1182,0,0,fa905e4a8a46b36f13d15329274923ae221fc1fe7f91daf124410752f4903054,2024-07-05T12:55:51.367000 -CVE-2024-11820,0,1,851b7a45884f50f3792038cee6a0dd94b1414d7c7c3cad4aa15d26efb61c7827,2024-12-03T14:54:20.297000 +CVE-2024-11820,0,0,851b7a45884f50f3792038cee6a0dd94b1414d7c7c3cad4aa15d26efb61c7827,2024-12-03T14:54:20.297000 CVE-2024-11828,0,0,246e1e2eab57884aa3d4d52a63d8c3c77eefda7cf137c7c25e51217c37ae62b7,2024-11-26T19:15:22.910000 CVE-2024-1183,0,0,b9ca697d85173799c910606842f064c322818be1aee71b1208c43495b066c09a,2024-04-16T13:24:07.103000 CVE-2024-1184,0,0,0bd0336a802b5a07ef17cf4c3337487d1573b3f8590cc13c2e3f9ac276b1f143,2024-05-17T02:35:16.900000 @@ -243894,7 +243895,7 @@ CVE-2024-11918,0,0,3593929fa79fd2ff3075ff0960153853c146cae2b4c652e91826347f06e81 CVE-2024-1192,0,0,2496c5c2bd24b6b1e653d79a0dbb975771788d1c54262403d529d1a596a31073,2024-05-17T02:35:17.743000 CVE-2024-11925,0,0,8ba6e48179945e2c0807e717394a91dffc0cd6e22b1cec23e4da5d64788cadee,2024-11-28T07:15:05.267000 CVE-2024-1193,0,0,ffb9a4095d8f9913e32a4a9fb84e7d515c719215bffa9c1271257c84c947030d,2024-05-17T02:35:17.833000 -CVE-2024-11933,0,0,3433d4a1e3008dbc27cbfa1dc50a084b7635bb7e5060f72b313d4ef9f8b985f0,2024-11-28T00:15:06.283000 +CVE-2024-11933,0,1,ff719b80c8b04b1955877df42e564ce90eac2c09e4f59c20e785f18a1e8804d6,2024-12-03T16:04:10.350000 CVE-2024-1194,0,0,2ada7ec0067a4a6c15e16c8b6d60d2605ff0ff50c80d53e3de0a5fe7493767f7,2024-05-17T02:35:17.933000 CVE-2024-1195,0,0,524480b99d81e527b71e9b6d2b12e0f3d16697f860efe8d11194cd8cf60ecd57,2024-05-17T02:35:18.037000 CVE-2024-11959,0,0,55f4f0848caef18230c7048f835a742ab3a0aaaf83b000723880212a9c969f3f,2024-11-28T15:15:18.003000 @@ -243941,9 +243942,10 @@ CVE-2024-1206,0,0,5f77d40826619ff076a6ee2348b6f5023dd16e0c591d0d5d735c076214b8b6 CVE-2024-12062,0,0,053134064f0b6efbb78d94709d74965493fd7936bfcf08f9a9a8ec7d826131fc,2024-12-03T10:15:05.493000 CVE-2024-1207,0,0,dcc484c1fca006f292c23965347128c235a983932753c8f043310e93d42eeea4,2024-02-15T02:05:42.313000 CVE-2024-1208,0,0,931317b38cffca1e6ab678e3f4e10db5d686e3bb7ffa9e092bfb0d5704f0fe50,2024-02-13T14:06:24.090000 -CVE-2024-12082,1,1,3b55c847ee02ef0d7f4b58fecd9285e5b3b7a20be8f27582ab2fdc4ac93dfac6,2024-12-03T13:15:04.843000 +CVE-2024-12082,0,0,3b55c847ee02ef0d7f4b58fecd9285e5b3b7a20be8f27582ab2fdc4ac93dfac6,2024-12-03T13:15:04.843000 CVE-2024-1209,0,0,b007174870c79d931de8bd87795b421ecc64b354efa55388cf8747cc0f9b9382,2024-02-14T16:51:40.300000 CVE-2024-1210,0,0,2bd6c4d9a535fadb91354d7280da4ed73754e214ed933073c198034626ca398d,2024-02-14T17:26:54.873000 +CVE-2024-12101,1,1,cf6330eb409e982923b4b0b78cc8d64ad396889b9513f5530cedf911c9fe2802,2024-12-03T16:15:20.910000 CVE-2024-1212,0,0,da6373ae7bafa80bc186105339e693a9592b96e608bda44b9b7e9a26c6194323,2024-11-19T17:24:39.480000 CVE-2024-1213,0,0,73c928f5e166c2f8b5a80c38e18cb771f40a6d802d77253df887196bd9243584,2024-03-21T12:58:51.093000 CVE-2024-1214,0,0,3ce61bef6906de47cb6dca47166861f981b3b7a12f38cc6bc1c75e176d1b9b5e,2024-03-21T12:58:51.093000 @@ -245265,7 +245267,7 @@ CVE-2024-20757,0,0,d4876285f861d8804a5deb2dce4161b79aaf535159e519e23db4f581b4072 CVE-2024-20758,0,0,9a68474708dbba86344d778593d171591406a4b15d84e428ecc0142dd681df99,2024-04-10T13:23:38.787000 CVE-2024-20759,0,0,a686ba0e4b3836d989843a87504f9dac91dbfa6f45b488354f95fb65c9a28ce7,2024-04-10T13:23:38.787000 CVE-2024-2076,0,0,b498bfd91472e82b9d0da8877f7703c42c1b4325bed0ae394a281bb937b4cf85,2024-05-17T02:38:02.357000 -CVE-2024-20760,0,0,d63623bebbee9525f76344f89c3dd456cea5200585e06bdf0ab6292faa278f85,2024-03-18T19:40:00.173000 +CVE-2024-20760,0,1,6d0cc8f06d6baf91d5ee9fe96291eb72040f4837c001560e934222ef69cfb990,2024-12-03T16:24:49.360000 CVE-2024-20761,0,0,effc1f74749cfb4de0a51bb869b82cb1b6120d03159af755229b4852d1eef78d,2024-03-18T19:40:00.173000 CVE-2024-20762,0,0,ea10f0e8d7fe9a7b94e73cdf8e279466b2cf3903cbb5861766fb1f64821f89f4,2024-03-18T19:40:00.173000 CVE-2024-20763,0,0,0d54e79e21cf32dfbe1bc44d0592f636e5ac1732654d64c3846be98120f1a1ba,2024-03-18T19:40:00.173000 @@ -245273,7 +245275,7 @@ CVE-2024-20764,0,0,aaf6aea1cfc81c17e2ef82d097347523784d6c37fa8e664f1fa9ad6c605a3 CVE-2024-20765,0,0,ad91982b1363103e7d071a542448be4f43c1d446a44c46149dd1d5563e96bd7d,2024-02-29T18:06:42.010000 CVE-2024-20766,0,0,898b775b089dd9caddb4b4690630a4034df5907c7b03a6ac372c91b73b803f73,2024-04-10T19:49:51.183000 CVE-2024-20767,0,0,e44fe1f40a168c1d580708d22170c7101344fa827a777107ab7c62d60385df35,2024-03-18T12:38:25.490000 -CVE-2024-20768,0,1,1e3e9e9553fe22dc3d69b454622eff7f4f96055b91832944849f7b2ee61961b0,2024-12-03T14:25:50.643000 +CVE-2024-20768,0,0,1e3e9e9553fe22dc3d69b454622eff7f4f96055b91832944849f7b2ee61961b0,2024-12-03T14:25:50.643000 CVE-2024-20769,0,0,4c236b05669b68ca5ce041ed8b26b6adfc2e0cb9e4a3ee0955957eb96f78ccb6,2024-06-14T19:30:30.037000 CVE-2024-2077,0,0,e7bd6e3d8e34c4ba57719bf938fdc690e0425d907fa9aeaa848477a4c8d06182,2024-05-17T02:38:02.460000 CVE-2024-20770,0,0,2220817887bead81dba660b5070a9bfc8174373fc0e12fc00c386ef0f159eda4,2024-04-10T19:49:51.183000 @@ -245300,9 +245302,9 @@ CVE-2024-20795,0,0,339aac1d5967def1721b9f2266bf58d280ddf20a2869a78a797eb0f1e5bbf CVE-2024-20796,0,0,00526c11ef10ac19e26f1b9fd4dbb5343656ad019ba0153210f3164b00fbb116,2024-04-11T12:47:44.137000 CVE-2024-20797,0,0,cca548d603d4ef24bc949550666e86662b0fde7c1a3163dc260ede4b6277d4bf,2024-04-11T12:47:44.137000 CVE-2024-20798,0,0,8b948926eaf9bb7762236e345460aa95eaff4b64e6ad072852daab65eab7f1c6,2024-04-11T12:47:44.137000 -CVE-2024-20799,0,1,8428cb712862354c385635b67f043354a5a529f6758e50018b2185b88daa17c7,2024-12-03T14:18:15.477000 +CVE-2024-20799,0,0,8428cb712862354c385635b67f043354a5a529f6758e50018b2185b88daa17c7,2024-12-03T14:18:15.477000 CVE-2024-2080,0,0,739bb7bc16949ce8dc42f086707a1965c48b8c0e80b8a96770d78539ca010524,2024-03-22T12:45:36.130000 -CVE-2024-20800,0,1,e90a6af871b5675be42c72ef35b247ceac517172f67ea5e497ab2a65b8ef6be6,2024-12-03T14:16:35.813000 +CVE-2024-20800,0,0,e90a6af871b5675be42c72ef35b247ceac517172f67ea5e497ab2a65b8ef6be6,2024-12-03T14:16:35.813000 CVE-2024-20802,0,0,199d727c032aa2e620e384dca4e13a9e3425e69f11a38c8295cb8667c34719d8,2024-01-10T16:14:57.787000 CVE-2024-20803,0,0,0344cde3efeaae4afbdf650bafe8bd2112bea594bd06ade4eca20bfb4af01ace,2024-01-10T16:11:26.313000 CVE-2024-20804,0,0,047c084f6461b3ccfa7e0491c6396c940be7f851c74224e7b3908c6f90469840,2024-04-02T01:15:50.777000 @@ -246189,7 +246191,7 @@ CVE-2024-21724,0,0,13cf7200241cf795a2ddca2e0396bacd352639744079d295d3483718d273f CVE-2024-21725,0,0,ebdabbe1fa288bbeb81a276a125f761859acd9172475efecd68ff4e2c004f13b,2024-10-27T02:35:00.563000 CVE-2024-21726,0,0,258e12429393fbdcadf90bc903b6c4eaa784036f8d4a014cbe225655bb0298a5,2024-11-04T21:35:03.690000 CVE-2024-21727,0,0,2cfa1a63a24a03456c625f31f74d2ce885912143f39c319c4ec56855c86f3f44,2024-10-29T19:35:15.020000 -CVE-2024-21728,0,0,6d3de60c64db99ec16689d15b3a09c6273756d73ea66742792a8ee295b84ce4d,2024-02-16T13:38:00.047000 +CVE-2024-21728,0,1,2cbae60f817b8c7a7affecac1a8952c66a9f7eeec8d8bf74d3b215cd2045b4e6,2024-12-03T16:15:21.030000 CVE-2024-21729,0,0,69b41949a5d8ab5958e5ae8c193456700a1a795d0620b2c7e7a56d8ac77a3347,2024-08-16T14:53:59.690000 CVE-2024-2173,0,0,cc4124960d2643aa2251e7a3c8790f6df41511bad9bea7473c2d4e9b36b2911e,2024-07-03T01:53:03.693000 CVE-2024-21730,0,0,1b2a5305e4ab8d792a0cdaca2379657af358835cd0a20f361a179e55999cc955,2024-08-16T14:47:27.933000 @@ -248056,7 +248058,7 @@ CVE-2024-2442,0,0,da6587851d777a7caecc3fd36ba9b67242261a5b34dedee058c0f959b1280f CVE-2024-24425,0,0,d53ddd215aa141fbc2d2ed66224530fe50b469290961d3787f25d193fdaa18f0,2024-11-19T17:35:09.450000 CVE-2024-24426,0,0,6166038340ada8fcc560b6807a8903fc1dd95abcef765f5426db322c486b2805,2024-11-18T17:11:56.587000 CVE-2024-2443,0,0,a8bbe87eac8a41399b1d0d3a72e714355872c34062df72f2bddd7214646f509e,2024-03-21T12:58:51.093000 -CVE-2024-24431,0,0,4a17e71430d299dc76b10f523b5bf34391f8435e621178a2d658fb28da0e4b0c,2024-11-18T17:11:56.587000 +CVE-2024-24431,0,1,df56f81b7c3a1e35add47673987ba3302b83c2d47d8419bd59e79e036d2e2abd,2024-12-03T16:15:21.187000 CVE-2024-2444,0,0,4077967648b87af230c120a80abe8a1c3709647ab561500ac246716e12815b1b,2024-08-08T21:35:09.480000 CVE-2024-24446,0,0,4c6e15fdd35cea3b2028a0ca801486700d3d050a15d3ac5c7114877688fb3063,2024-11-19T17:35:10.263000 CVE-2024-24447,0,0,68577331a6f4e1af2736b20dbfd3e5dfc70e89a5bafd5ffca69920501cd70cdc,2024-11-18T17:11:56.587000 @@ -249171,56 +249173,56 @@ CVE-2024-26024,0,0,3ab60f6be938f975935e53b7a80711b98fe8d56f189e7148a76008394bc4a CVE-2024-26025,0,0,3352cb4bf9ea0c839d1741e6282396ec44178b4e8d69bb56155c91bf1b50fdf8,2024-09-06T18:54:37.007000 CVE-2024-26026,0,0,9489dfd8cfaf84cc429afc6dedc0bc5efa9a938711a5b920a49c5eb5da48c8dd,2024-05-08T17:05:24.083000 CVE-2024-26027,0,0,92cac7f77f6e52e5db63c20697f9eef252fe749956e34d00b1955a621b2a7163,2024-09-06T18:52:51.097000 -CVE-2024-26028,0,1,ede9fe4cab969be7a28fa27ed4c92b2b85d7eee04aae61937a86bd32f02b4349,2024-12-03T14:18:21.500000 +CVE-2024-26028,0,0,ede9fe4cab969be7a28fa27ed4c92b2b85d7eee04aae61937a86bd32f02b4349,2024-12-03T14:18:21.500000 CVE-2024-26029,0,0,3b6290d9a75a8e9810fd217f46cbaf1351e6c78f04f13dd99b8776f7c655bd87,2024-08-07T12:15:36.547000 CVE-2024-2603,0,0,78190220c4426015d8e369c25fb4d08ae79b05986155963bab2103b320746b59,2024-07-03T01:53:22.183000 -CVE-2024-26030,0,1,9480f998e12c7225c9291a75c239ad904ef492a904984d0f591e44b1bf95f8b9,2024-12-03T14:25:09.180000 -CVE-2024-26031,0,1,37778b6b03f34d58e747cfcd35a3b12f95ef62c6450aea058b278695d6d8a2d7,2024-12-03T14:10:06.587000 -CVE-2024-26032,0,1,645c8078e6a26904d2d551665c39be159598a06b4a7a48d1153d69bd1f42025a,2024-12-03T14:40:37.250000 -CVE-2024-26033,0,1,e038cd7888bdfa6b33bfe5df359535de6a1e8fecc268a99a38060d9f29c2502f,2024-12-03T14:41:32.627000 -CVE-2024-26034,0,1,7b6a7735faab8554d9ba0052517c5f5f524ae1f59952c80e36700be3e0c5aef6,2024-12-03T14:40:27.617000 -CVE-2024-26035,0,1,6d2a0e3789cf1fc6e968489d15f56bea0ed58b0ddac4b2112fa1168e1ff12f68,2024-12-03T14:39:57.947000 +CVE-2024-26030,0,0,9480f998e12c7225c9291a75c239ad904ef492a904984d0f591e44b1bf95f8b9,2024-12-03T14:25:09.180000 +CVE-2024-26031,0,0,37778b6b03f34d58e747cfcd35a3b12f95ef62c6450aea058b278695d6d8a2d7,2024-12-03T14:10:06.587000 +CVE-2024-26032,0,0,645c8078e6a26904d2d551665c39be159598a06b4a7a48d1153d69bd1f42025a,2024-12-03T14:40:37.250000 +CVE-2024-26033,0,0,e038cd7888bdfa6b33bfe5df359535de6a1e8fecc268a99a38060d9f29c2502f,2024-12-03T14:41:32.627000 +CVE-2024-26034,0,0,7b6a7735faab8554d9ba0052517c5f5f524ae1f59952c80e36700be3e0c5aef6,2024-12-03T14:40:27.617000 +CVE-2024-26035,0,0,6d2a0e3789cf1fc6e968489d15f56bea0ed58b0ddac4b2112fa1168e1ff12f68,2024-12-03T14:39:57.947000 CVE-2024-26036,0,0,1d83088cd2cd101659224a3fc5c08fa64786f76447e958e3014dda7a1b3b2762,2024-06-14T19:30:06.617000 CVE-2024-26037,0,0,93771142bffee162d36251cc4e8ed14800b95d6cabf310d68e7055bd0eea978f,2024-06-14T19:48:13.247000 -CVE-2024-26038,0,1,968a447ee34eab05a2f4c9717ce5ed7be422a568ee2ecaf855ab8ca2f0d7aecf,2024-12-03T14:38:32.390000 +CVE-2024-26038,0,0,968a447ee34eab05a2f4c9717ce5ed7be422a568ee2ecaf855ab8ca2f0d7aecf,2024-12-03T14:38:32.390000 CVE-2024-26039,0,0,1174a6c1115f79e7f0889b154dfc89e46af3bb6dd2520ac9d5c13289cf240986,2024-06-14T19:47:57.717000 CVE-2024-2604,0,0,450c7d59fe8571ecee58ed217df60ab05189f4ad43db724a13d662a6d29d50fb,2024-05-17T02:38:21.500000 -CVE-2024-26040,0,1,2a0b751b728209a7c9a3b5df0fc88243a60aedc3d5c7976061e63cd1c530eb81,2024-12-03T14:37:58.917000 -CVE-2024-26041,0,1,2bd5f47ec9ed3dc4f1c1945994ca2a670f7b89c19a6dac4d15773010ee8fc2ed,2024-12-03T14:35:05.120000 -CVE-2024-26042,0,1,2ea8d4dd55cbe369521d040be468f269c837b84a9eac6286bae77d5ed2d0b904,2024-12-03T14:34:28.220000 -CVE-2024-26043,0,1,9e5ba2d761fb38599a187ece66b844e2c6f6948768589cb3a7e3e27c1f2048ba,2024-12-03T14:34:19.377000 -CVE-2024-26044,0,1,66bac57be53c755cbe995e285249cde839b00b7b1d98f8199c1aa466447b6bfc,2024-12-03T14:32:50.367000 -CVE-2024-26045,0,1,16de77a5d4b0cf723bbdcff02c0b9e5ead3b5ea66df2c839632d092fd2d31a4d,2024-12-03T14:32:46.117000 +CVE-2024-26040,0,0,2a0b751b728209a7c9a3b5df0fc88243a60aedc3d5c7976061e63cd1c530eb81,2024-12-03T14:37:58.917000 +CVE-2024-26041,0,0,2bd5f47ec9ed3dc4f1c1945994ca2a670f7b89c19a6dac4d15773010ee8fc2ed,2024-12-03T14:35:05.120000 +CVE-2024-26042,0,0,2ea8d4dd55cbe369521d040be468f269c837b84a9eac6286bae77d5ed2d0b904,2024-12-03T14:34:28.220000 +CVE-2024-26043,0,0,9e5ba2d761fb38599a187ece66b844e2c6f6948768589cb3a7e3e27c1f2048ba,2024-12-03T14:34:19.377000 +CVE-2024-26044,0,0,66bac57be53c755cbe995e285249cde839b00b7b1d98f8199c1aa466447b6bfc,2024-12-03T14:32:50.367000 +CVE-2024-26045,0,0,16de77a5d4b0cf723bbdcff02c0b9e5ead3b5ea66df2c839632d092fd2d31a4d,2024-12-03T14:32:46.117000 CVE-2024-26046,0,0,5c87a28b13d53ec29b89a2b33427517db21012c37c446a313fb6274d8fa5a520,2024-04-10T13:23:38.787000 CVE-2024-26047,0,0,148096905025fd63cbc95f27e9e4e0c5f23280eef70892c2f079c5329b94e086,2024-04-10T13:23:38.787000 CVE-2024-26049,0,0,a3a34d9b7dae7c572a170c4cf9ad06366559734e7c052afbd0e4cb731a5c408a,2024-08-07T13:15:59.723000 CVE-2024-2605,0,0,349e4409ed80d6811abb3d6a22d4a1c2580eb4cb5b90719226cde56ad4b7d78f,2024-08-28T15:35:21.410000 -CVE-2024-26050,0,1,e5e2c4f7b84f8f2f1d1ea8570d5ab87ff02bbfb4edf0f2eb8b892f6b238feba4,2024-12-03T14:32:40.333000 -CVE-2024-26051,0,0,78bc48859c38750da39204fe9139ed7326b9440e064a7c71bb9438b77aa20ed2,2024-03-18T19:40:00.173000 -CVE-2024-26052,0,0,b304109295db8f5f3410f8f04ff1bacf299ca38b40fc697f2ab4ec3a5eabc71f,2024-03-18T19:40:00.173000 +CVE-2024-26050,0,0,e5e2c4f7b84f8f2f1d1ea8570d5ab87ff02bbfb4edf0f2eb8b892f6b238feba4,2024-12-03T14:32:40.333000 +CVE-2024-26051,0,1,1a347b90b758666ad259b5f50da24b75e2e08d3b4f7120bb88a4169d2df5c2e5,2024-12-03T16:25:37.877000 +CVE-2024-26052,0,1,f320dbd982698eaae20e6d38a40220d06c671d55fbb93cadee7502524b69c8c2,2024-12-03T16:25:48.917000 CVE-2024-26053,0,0,08b1c01624e7d71b7ff35b901082456bbba3fa5d18db4bad7ba7d58bb2e8e67e,2024-06-14T19:46:37.923000 CVE-2024-26054,0,0,eda3484671c40e51a92b63a901454f377d91e0d9bfcdc0a5fb15602bc8f94d81,2024-06-14T19:24:41.580000 CVE-2024-26055,0,0,baa99b29bd8823923f255a8118fccf649a7d41ab4a2f879c4c914a9fe0240d12,2024-06-14T19:46:17.973000 -CVE-2024-26056,0,1,14ff68b17aa108cff431fe42e307f1d738d1d00dbe0108481078696aa0855c29,2024-12-03T14:46:21.770000 +CVE-2024-26056,0,0,14ff68b17aa108cff431fe42e307f1d738d1d00dbe0108481078696aa0855c29,2024-12-03T14:46:21.770000 CVE-2024-26057,0,0,e45b3f0f152eb3c78dc9320bed534a79a66b2c35d46fd8b2b0ef0017333c4b87,2024-06-14T19:46:03.817000 CVE-2024-26058,0,0,a93e87c800fd4d920581776c16d0072b04deb406d205f9f24e685781c2f5715f,2024-06-14T19:37:56.100000 -CVE-2024-26059,0,1,ac98e6d0b0199134c58aa887f2df563a6de6ceece47482ec1418cea94cf6190c,2024-12-03T14:46:10.120000 +CVE-2024-26059,0,0,ac98e6d0b0199134c58aa887f2df563a6de6ceece47482ec1418cea94cf6190c,2024-12-03T14:46:10.120000 CVE-2024-2606,0,0,e9eebb20c04d0205e18586a1da81a72eb028c0ab6b349ea25646cae1d987bed3,2024-10-30T15:35:09.973000 CVE-2024-26060,0,0,9cdef2d575b129761f3290b88017e8f07b5021de9d3255eeba059f838c645f83,2024-06-14T18:49:08.077000 -CVE-2024-26061,0,1,471407acdf51819c0bdd60ee5d73b186c8fadecaf5af71c2ca7d8c11adca573a,2024-12-03T14:45:43.500000 -CVE-2024-26062,0,1,54cf0e1b1e6d1778aaa7182ecd73a54656c80a039edadc40b460c0c801a0ad52,2024-12-03T14:44:08.960000 -CVE-2024-26063,0,1,f5a13f3984cabb12f59616fa26efdbef4591cca6826bbc28da51b1600a9b376a,2024-12-03T14:43:38.843000 -CVE-2024-26064,0,1,3098c3e3de91199d1bd6d20eb89b7ee3464bdc44d99dc9cd1e4ea880cda75894,2024-12-03T14:42:01.657000 -CVE-2024-26065,0,1,00462b106b4f303ce5343363705987a205782e4b4edc349db65b96bad65b09a1,2024-12-03T14:41:45.277000 +CVE-2024-26061,0,0,471407acdf51819c0bdd60ee5d73b186c8fadecaf5af71c2ca7d8c11adca573a,2024-12-03T14:45:43.500000 +CVE-2024-26062,0,0,54cf0e1b1e6d1778aaa7182ecd73a54656c80a039edadc40b460c0c801a0ad52,2024-12-03T14:44:08.960000 +CVE-2024-26063,0,0,f5a13f3984cabb12f59616fa26efdbef4591cca6826bbc28da51b1600a9b376a,2024-12-03T14:43:38.843000 +CVE-2024-26064,0,0,3098c3e3de91199d1bd6d20eb89b7ee3464bdc44d99dc9cd1e4ea880cda75894,2024-12-03T14:42:01.657000 +CVE-2024-26065,0,0,00462b106b4f303ce5343363705987a205782e4b4edc349db65b96bad65b09a1,2024-12-03T14:41:45.277000 CVE-2024-26066,0,0,c16f3c27056b3c70c3163298471f82d82d65c7e624bee5584c40df2a2851002f,2024-06-14T18:48:49.183000 -CVE-2024-26067,0,0,4e837a02e31f2ba959b9ab2cadbab50fe243bb7e44fdf350987cc4ea278caf71,2024-03-18T19:40:00.173000 +CVE-2024-26067,0,1,55ee056d8d24d915f9e7eae3819486a282aee907b0a6ef00f3e8fd7b1ed8f9ae,2024-12-03T16:26:08.383000 CVE-2024-26068,0,0,8b1bf80f59bd4ba690a55f04b468280504b7e85a202f44401a8c49c1cbdddd95,2024-06-14T18:48:22.843000 -CVE-2024-26069,0,0,06932d7c25518f00ea4226cb09347aed594cb6244df1e31a93709cbffb6b0714,2024-03-18T19:40:00.173000 +CVE-2024-26069,0,1,3220ecf329baa4e4f0114d1447ffd8d500befe9993cca1cd3cd3a1f7583e4467,2024-12-03T16:26:21.123000 CVE-2024-2607,0,0,dba392cc68d2c8c05396fcaad2e922f1d22124945f19c05914b24ceca7919748,2024-08-12T18:35:35.830000 CVE-2024-26070,0,0,75f7fe0de19444b2f7278954a826fb8e48c269d696e09896b4e65b0a036dcf80,2024-06-14T18:25:00.727000 CVE-2024-26071,0,0,b00573b04112bc3f9a4f12f32bec3604fa9595448750d9bdf978bd164cf11b27,2024-06-14T18:24:49.860000 CVE-2024-26072,0,0,795aa52dd62646e83ed807713ec96c12320151f66f145549208b2eae946acb55,2024-06-14T19:37:40.893000 -CVE-2024-26073,0,0,b95c664188cd7a3822b4df816f22545efa52e65224c4ba7d0a706b2027d9e407,2024-03-18T19:40:00.173000 +CVE-2024-26073,0,1,ea8b0395170bba4c212a67abb89e06fac33b2f03fd0bce7a8e02833ca1d25823,2024-12-03T16:26:34.260000 CVE-2024-26074,0,0,343c9b4e475dacc17a86a9d8e947e779cc9c9f7a1f2d9d30ddfd0d0411a8d1d6,2024-06-14T19:24:23.860000 CVE-2024-26075,0,0,901da86ca412d659e8a18006b04f83d9794756660ad061f7d2773a1db6038c69,2024-06-14T19:20:39.827000 CVE-2024-26076,0,0,e3d4735c38e5c3c9eb10fc500b9c2e29c498e85efcaf17e85354d76841836419,2024-04-10T13:23:38.787000 @@ -249228,7 +249230,7 @@ CVE-2024-26077,0,0,11d79deeaf314f3815fc296aaf122c971232c2b7cee0a2ccfd4d162d209c3 CVE-2024-26078,0,0,15c623e5c49ad76f544f4e36e05701d53300618f3be12cff6120b35ce02daf08,2024-06-14T19:35:02.233000 CVE-2024-26079,0,0,7def00d245ca33c0ed073b8deb05bb08843edfe5563d53cff951ac5e526b90ee,2024-04-10T13:23:38.787000 CVE-2024-2608,0,0,034c3f0d69de46d9ba7a73a0532d7d80b727b4c71250c7f2c3749a641f69ef8b,2024-07-03T01:53:22.600000 -CVE-2024-26080,0,0,4ab7d2a15fc915261ffd5025ab3893760bf4ae5122f887365e1bc49370f526da,2024-03-18T19:40:00.173000 +CVE-2024-26080,0,1,7604d52bd30e88605dff84d8eeb0e9952afe9b0f5abb04468110dd0739ff6514,2024-12-03T16:26:46.317000 CVE-2024-26081,0,0,1d29efd0c7c46f3f7680eb50611ca91569a2766002cfcbb2b36fea018596932d,2024-06-14T19:34:47.583000 CVE-2024-26082,0,0,603b5ee896e39670eda6156999639510b8626e2d981c7d45c9753ffcdefa3124,2024-06-14T19:34:37.370000 CVE-2024-26083,0,0,33df432e039989f8563bd2b33e594330302cc12f6f0d6608747f36d5fb9ed83e,2024-06-14T19:34:23.237000 @@ -249243,19 +249245,19 @@ CVE-2024-26090,0,0,ed98f35d571423c5ef53e825d7ea9212d7ca429e14c4d90b79333d7179f2c CVE-2024-26091,0,0,432c29cd1da1e6c9f8652a2bc2bfacfd01862e5bf100718ad43ba6760143b36d,2024-06-17T20:32:37.817000 CVE-2024-26092,0,0,67476159c2a94aa6c3caf2c7ea973d42f985c77e89e69f10705b74d3b72d9b65,2024-06-14T19:55:31.347000 CVE-2024-26093,0,0,c78f8313d7f9ae22e0b6d6b4b7b4f7ac5cc5c06dc88b21c00914a84215154be9,2024-06-14T19:50:01.977000 -CVE-2024-26094,0,0,2d31d375c1b6e210722b8a10541b4521ca01afb5e6d8a9b74afe5a40bb2089da,2024-03-18T19:40:00.173000 +CVE-2024-26094,0,1,9d2ed7254ec4f2ba31272bea4c933824296834da359032a69be2b9666b077acd,2024-12-03T16:26:56.900000 CVE-2024-26095,0,0,9f6c7bddb38cd6b8f363ea5c70ef041eaf1840874199b0d4f54fdf8f0f85f9ed,2024-06-14T19:55:53.020000 -CVE-2024-26096,0,0,7fe4823fe2a7b575a3ae0ebf41ef8d560b89c2e0159509c3214f5a6c2615f8b6,2024-03-18T19:40:00.173000 +CVE-2024-26096,0,1,a856d1c0d122ca77743cb2f984b701c53176cb71fb426f8e10c7bfcc9817e80e,2024-12-03T16:27:10.247000 CVE-2024-26097,0,0,cf64c962cadb0fc8f1556505bc07c2350b9f9285ec03ff659cd6a815a0eb0c88,2024-04-10T13:23:38.787000 CVE-2024-26098,0,0,dbbd02b23dacb0109748d3b2fc272a4103fcd271020bb791bb34007edc8f300f,2024-04-10T13:23:38.787000 CVE-2024-2610,0,0,b027d224535ed46303e9cb28e3c541ff296bc0a756671ac358daf18839ba9117,2024-11-06T16:35:15.013000 -CVE-2024-26101,0,0,a3bcaed7b7153b5cc7bbbc52911724f0db36b199f4ed571b79e387b893a73377,2024-03-18T19:40:00.173000 -CVE-2024-26102,0,0,35dbb61e3e6ac12fce2788e2b3706c2ebc69e7be37fd2a337727452fe09da848,2024-03-18T19:40:00.173000 -CVE-2024-26103,0,0,8def4a39c13d47b53292840b50c64b12658220aacee9dc293340637f660797b8,2024-03-18T19:40:00.173000 -CVE-2024-26104,0,0,bf0231b77e9154d5b4053914bd334bdbb9b5ba16998713b15890e3ad20cfab9d,2024-03-18T19:40:00.173000 -CVE-2024-26105,0,0,d0dc3fbdc251485be5090f8e02e2ba59b2f6b8c231656274c0ac66bc110507fd,2024-03-18T19:40:00.173000 -CVE-2024-26106,0,0,4e7ee30becb56c7846006d1ceeae2264f7d8cb86cf038e37adb109282ef50a5d,2024-03-18T19:40:00.173000 -CVE-2024-26107,0,0,1e2cd5d00128bf900eccfdb93b73052526da6e7c51240f44c6c2920b5b2757f1,2024-03-18T19:40:00.173000 +CVE-2024-26101,0,1,43f2d3fbbb4c4b8f51f15938710fd6d3cc2a2f7ffcb5f068956881a183094b6a,2024-12-03T16:27:19.990000 +CVE-2024-26102,0,1,26f73657f4749efd9627e01297796c03b1ed9f54e34743c90b72da281a5393e8,2024-12-03T16:27:31.687000 +CVE-2024-26103,0,1,f714c8eefd27e3fa0cacdf5e00ea44a31a1a65f24535b96be480888dbdc1b16b,2024-12-03T16:27:41.650000 +CVE-2024-26104,0,1,473a3743433dc999ddcf400330ab19f29fe48959e8ab52817ef075a45cbf682a,2024-12-03T16:27:52.680000 +CVE-2024-26105,0,1,27f7f278017171300618af97310d9c50740c8fc531a7d39404b83b07a9d8e6de,2024-12-03T16:28:02.483000 +CVE-2024-26106,0,1,01a6fc05ca7ef8f961bbec250ab6bca509ccbd24fb52a495c0f4da074337e1c2,2024-12-03T16:28:13.490000 +CVE-2024-26107,0,1,561b56160fca2d636095d7ed203b3a9b22965fa30573a9741175f19588d50ae7,2024-12-03T16:28:23.067000 CVE-2024-2611,0,0,6dd80cd3e53c7b3aadd4fa3dc85e5446582d7b7a4f7a605c2d1c45b629123e4f,2024-10-30T19:35:10.593000 CVE-2024-26110,0,0,06ea1ccf9ccc83b3b222343237107b52b6bb8ab16e3c47c48b2f2f7b78be64ad,2024-06-14T19:56:08.213000 CVE-2024-26111,0,0,f1175484e7c3c3f71bc36c49f0b92acce0068c9e0d1c3d1d637043db91ad89a5,2024-06-14T19:52:43.617000 @@ -249264,7 +249266,7 @@ CVE-2024-26114,0,0,dc5e7cb68806a360d656333090ce8bec0d5e4f02fca5f44407312b6d731b5 CVE-2024-26115,0,0,d74160aa381f4e1a51a3ec1cd1d03c99e220f3553ea9e0140484bf904ce91a95,2024-06-14T19:51:30.393000 CVE-2024-26116,0,0,abf59a73286b1cf58bc13403a83e9678e0351f50add52bd78b5eb74a78e51a0f,2024-06-14T19:51:03.750000 CVE-2024-26117,0,0,6c431170e13775aecc2297d81c07dfcb615de89aac569ded89309592114bcd11,2024-06-17T20:31:38.117000 -CVE-2024-26118,0,0,98defda7315cce15803c90cf38c17408639990289b533fb77421a5ed1418e327,2024-03-18T19:40:00.173000 +CVE-2024-26118,0,1,51eecbb3f408b7b654b7ea484ab79a4be1e6d997e00ed8c27833ae8c7b8b7702,2024-12-03T16:28:58.907000 CVE-2024-26119,0,0,c503d1dbd496f47cfcc05acb78d53a5a1697c7292b96b179a782ba7662c08032,2024-03-18T19:40:00.173000 CVE-2024-2612,0,0,4262bfdf186b50c97c0850391a589444d79ea8f33a25322b9905ef9642e35485,2024-08-12T18:35:36.893000 CVE-2024-26120,0,0,36e5d4f10867ad6f473ee2c131d347d7586e4f8a8ed54d61685777cb84ad6820,2024-03-18T19:40:00.173000 @@ -250336,7 +250338,7 @@ CVE-2024-2732,0,0,59c41b28a53d51de59243e9e076d0b70e0706e7684df1ed7a61104bd5a3689 CVE-2024-27320,0,0,322204c7c44b6b07c7c5ce2517955a5763bb970c7a635001dc6670202a7c4e27,2024-09-23T13:56:48.353000 CVE-2024-27321,0,0,21ec13da4bc7743b26ab8f16ae210d29125d1180d3f4bbbecb3541886b29f580,2024-09-20T17:06:58.440000 CVE-2024-27322,0,0,b770b9d962cb08865ef72f437565bd0d77dc69db533af805410b12f466305679,2024-06-10T18:15:28.103000 -CVE-2024-27323,0,0,69807669535ca94b03be7000671f196786b1f00fd0db4b0142b97dcabe39642e,2024-04-02T12:50:42.233000 +CVE-2024-27323,0,1,38592ea93906fb228845a81866b0a5686932b7d61e75313c319e38db86407877,2024-12-03T16:50:34.657000 CVE-2024-27324,0,0,bd68fc610631d765b504e2eb0f9c966837d653f843cbd0dbbbd7151aba723966,2024-04-02T12:50:42.233000 CVE-2024-27325,0,0,91c89b4ca089464e099a6844730ad761f5ea57833c3f8473c9d662fd4df4035a,2024-04-02T12:50:42.233000 CVE-2024-27326,0,0,17ed7eadcf7ccf0f8f633fa32c1b3dd8ae0821c2df09af51de2b083a97bfbfd7,2024-04-02T12:50:42.233000 @@ -251836,7 +251838,7 @@ CVE-2024-29500,0,0,2b9af0d3cdf9b55a92126bde2520cf6cbecb1bd416352c1f95dc67e322137 CVE-2024-29502,0,0,430553d99f150e3a768b506d8c7614a836291ddb0863f4cad999ccc23bd2277f,2024-04-11T12:47:44.137000 CVE-2024-29504,0,0,c8d4771bc57f6638d44adfb94d6bcdcf83c3f9df966567debd1ab6eedf3e1b31,2024-08-27T20:35:28.797000 CVE-2024-29506,0,0,c9a02eb460df4f11fbc78026855fba67bf2371f1d9fd03f640425d6e01ade41d,2024-08-02T20:06:16.967000 -CVE-2024-29507,0,0,e3739316b26d2c3b5d54a382ce803d308c0d38eaebe2a9099cd38065884f38e3,2024-07-05T12:55:51.367000 +CVE-2024-29507,0,1,93542c862056d4c35a631847c41896c490e01aa3d0b341ed0eed1882aed2d1c0,2024-12-03T16:15:21.343000 CVE-2024-29508,0,0,d9f02f88857c7ee25a0a60ec8f52d84a64b8fe034ccb745fb67dcf769cbbd248,2024-08-02T20:09:21.813000 CVE-2024-29509,0,0,7f9e33287211a4ce75194afd9a47efe59972b78feb98e78f742b830aacc87b77,2024-08-02T20:10:32.520000 CVE-2024-2951,0,0,f710e6d4245ad6c04fc32de495a410058cbe73872608e5a79d1a40f0d8a1be5d,2024-03-27T12:29:41.530000 @@ -252431,7 +252433,7 @@ CVE-2024-30270,0,0,efecb3f08ba92062dd267bd0c96f7f12cf461464043b62265b8f7d0e604df CVE-2024-30271,0,0,4f667ebf06641ee169a3ffa2348fd1053acc22044fe752e1f0db8c1957232f63,2024-04-12T12:44:04.930000 CVE-2024-30272,0,0,a408e080820ee91f9124f4e9a3caff1ca158aba4951c48fad2f31a3e9facd7d8,2024-04-12T12:44:04.930000 CVE-2024-30273,0,0,6b1d238c9e12ea2ba8fc60efb1a6f102260f96c472f5f331b760d3af4a0ceb07,2024-04-12T12:44:04.930000 -CVE-2024-30274,0,0,a2395c418161e6c596f5972c7c03ce0794aa86ba1471f6fa70be52e1a37f36af,2024-05-16T13:03:05.353000 +CVE-2024-30274,0,1,6d6a72c834ea38ccb2874ecc4feec72c8e33b47ed0e8a1829f5848ded1ff7c3a,2024-12-03T16:31:14.377000 CVE-2024-30275,0,0,5c7fd7a6cf84690d33049db8d301fa3c3763a08fb307abbb2a39ddc9f47ba093,2024-05-16T13:03:05.353000 CVE-2024-30276,0,0,0bd4be9c7f10ca7d4fd2dfa1716549a7092cbd7f9a2adabf7913546d4cdfeadd,2024-07-09T15:50:56.480000 CVE-2024-30278,0,0,61f4d7e9a9587a3224ab5f7ebbd333eb1034f085c631558b85be2564db298806,2024-07-15T16:15:37.093000 @@ -252456,7 +252458,7 @@ CVE-2024-30294,0,0,7c1c3ca5859403614ab177d8966fd465f2ca9acd2006f45c1e5ee913dc704 CVE-2024-30295,0,0,af52457c614b754de367b515ff58d8a2b362917a582134c64f2a73034397eb2f,2024-12-02T21:58:00.817000 CVE-2024-30296,0,0,debe059d0b0adab752e8eed367cea91d921632069a4779f8924abaecaafaf05b,2024-12-02T21:58:13.037000 CVE-2024-30297,0,0,e027b37ff8f5e82bbe1986c29e4c7b4c164a4ff6b5ee35f015fce4fc66acbbc0,2024-12-02T21:58:24.973000 -CVE-2024-30298,0,0,92bbe49d33f9c926bdca52a1a92f14b21413490e1bf1dd65bcaf24fbb0fe1407,2024-05-16T13:03:05.353000 +CVE-2024-30298,0,1,279ca5bcd5fcec6903f3036d422c280da087bd17682ad97831abb44712d4c965,2024-12-03T16:30:43.050000 CVE-2024-30299,0,0,1654b592ab1dce50a91f0ff3960d214faa43e082d949db6429602b9ab8066e0e,2024-07-15T17:37:09.007000 CVE-2024-3030,0,0,5eafba8e87a04804f0ee37eb44b2a0db0456e0dcfce765e75341d9edfec2815f,2024-04-04T12:48:41.700000 CVE-2024-30300,0,0,cb30fb32a49ef545078d6cb3d0e2c9d2976845dda248b7c3086e68c50460cc41,2024-07-15T17:37:06.847000 @@ -252473,7 +252475,7 @@ CVE-2024-3031,0,0,fa19e5674d76c5b46624774eba96476ad7fabe41ca511ba02fe99ace14a675 CVE-2024-30310,0,0,0318e7fa8c109fbd13dfaf43bb618e0a49e9b16e0b621e77faecb78de1db2a84,2024-12-02T21:22:11.137000 CVE-2024-30311,0,0,3840218508a24667161b6ff79a375834ddbf249257e991ddfa8b10e97ab37e31,2024-12-02T21:22:13.143000 CVE-2024-30312,0,0,d795e4958162bcd7905c2b6c90993ddfcc6293aa254bf6c539234075dec0a0ba,2024-12-02T21:22:15.280000 -CVE-2024-30314,0,1,42f4f4f53d09df828a9d772c476dba6f6fd9600ec6925401912c5ffb5da6d3e4,2024-12-03T14:33:44.160000 +CVE-2024-30314,0,0,42f4f4f53d09df828a9d772c476dba6f6fd9600ec6925401912c5ffb5da6d3e4,2024-12-03T14:33:44.160000 CVE-2024-3032,0,0,23903a6cbcf453fd38d8d4b287e955f74e9435539a64a2e4e4033c0e9a9a2ffa,2024-11-20T15:09:42.557000 CVE-2024-30321,0,0,77e82c6b15f80502cfe967b03a0cf5e1edff68cc4e25f0455ce9c65c8c4bfbce,2024-11-12T13:15:07.503000 CVE-2024-30322,0,0,f4e26e42e44429b86d19dca1655fc9b0e6d4cf366473cd59d34a3fd4371a1053,2024-04-03T17:24:18.150000 @@ -253494,7 +253496,7 @@ CVE-2024-31651,0,0,ff635ec14b868d2b93fa21d54db2cc160b86957cb7aa11437f2a0e792cdac CVE-2024-31652,0,0,d3a39df49d7c9a4ac8f46bb863860ab64051b06ba513b7c983446092a2722415,2024-10-30T17:35:05.700000 CVE-2024-3166,0,0,d48b1a20c8084628d17380e69f30813f1d8085267297cebc2bf523c13b3ece3d,2024-10-23T15:25:16.403000 CVE-2024-31666,0,0,253643df7e9c7fc7c94316b23bbda0edfbf28e84ffeb8510af634fd8ae7e9fc0,2024-04-22T19:24:06.727000 -CVE-2024-31669,0,0,31ec3184aae1ad222bbbb1a4594b8bb1b152b5cce59b11c364f48ace0bb1fce5,2024-12-02T15:15:11.113000 +CVE-2024-31669,0,1,e67157c072d6472b13e8463ea23f9b22948945715ffb2a3485fbc46118d6e7b5,2024-12-03T16:15:21.540000 CVE-2024-3167,0,0,0e0e401d957a36adf31f389f0d7fa47f7901c0598b7b2fd42d4c75bdbdd76e80,2024-04-26T15:55:58.810000 CVE-2024-31673,0,0,958f02eb1f314a421c4e692d99797c4d8f0e196e848d56cb014d5e77e7fc54c5,2024-08-05T19:35:12.297000 CVE-2024-31678,0,0,45c8b2607673d8af8b3ec231962e66bcea8064211e1867ed0addb4c93b773839,2024-08-01T13:51:04.350000 @@ -253869,7 +253871,7 @@ CVE-2024-32238,0,0,2e383d4cf27763d4a2e4c78aa0cd5794584e416efc1aa13fdb576cfd26ca2 CVE-2024-3224,0,0,5cb76873d21890ad6afc0804dc7e9ce4b6d28fdd7bfda362c8cc03368f50e1a6,2024-05-17T02:39:47.717000 CVE-2024-3225,0,0,40aa66a8e68f888608b499541fb92a4691409488858b4efe5c0a0411aebb7f11,2024-05-17T02:39:47.810000 CVE-2024-32254,0,0,cd4f1a5551a5c9822f757a7d2238dda17ee8a1fa8cc0f96cbea15de331abf612,2024-11-06T15:35:15.373000 -CVE-2024-32256,0,0,d73ccc721413fd8760cf4b0bafcea5475f35ae263cabc205ad24f200b9e298f1,2024-04-17T12:48:31.863000 +CVE-2024-32256,0,1,e878fe31c26ddc2ef1ba0d5960e20d26b67e4ede83d59e4dfc5d31992bbd2f30,2024-12-03T16:15:21.697000 CVE-2024-32258,0,0,5dae54230a1765016eb565e9e25d82cfb7f4d23860857f1e9a3317d31d41442b,2024-07-03T01:55:56.647000 CVE-2024-3226,0,0,ec3ef7f04eda709a41c6882e051ba63d6f97210f0092ab0d07f256b6e32ea9c3,2024-05-17T02:39:47.900000 CVE-2024-32268,0,0,f1e176f354d2a721a3d03d34d04aff542fd4d5a3ceb8bd6d31f1fe050fbb883e,2024-04-30T13:11:16.690000 @@ -254145,7 +254147,7 @@ CVE-2024-32607,0,0,eaec99baa1b483eede1020ebb49f7f526b5972105f0e6dfde50c82a8071a8 CVE-2024-32608,0,0,5e38d1849a448723ba2f30344e01b97ee6dc59cf93689c7dd7b5b71778a65b36,2024-10-17T16:47:02.247000 CVE-2024-32609,0,0,779fda0ffa1999f70549dd5bc26454852aa5b69a0ba347533f9e01b4e592fe2e,2024-08-16T16:35:10.610000 CVE-2024-3261,0,0,5a564cf24105216fca1fdc9c03d186979decb6a34306dfcf795295396bd14e90,2024-08-01T13:56:29.727000 -CVE-2024-32610,0,0,5100dd5cbf5b46cbb7cc886ebc012d3ebb66cde81cb5143cf02dc17bf6f8b899,2024-05-14T16:12:23.490000 +CVE-2024-32610,0,1,620309f9534bdc629634bc6efa112881bb9602565781505fddb3ab1c0c8ddcf2,2024-12-03T16:15:21.880000 CVE-2024-32611,0,0,abc754efada8aafebf0fe0506c081c90cf76bdf375a890d26aade6a81a7fbaab,2024-08-19T18:35:09.720000 CVE-2024-32612,0,0,fa0d8cb7dacac717a406d4aabafa79934264f1b91f48d6d8c4723fee6286bb46,2024-07-03T01:56:45.670000 CVE-2024-32613,0,0,f1f41ebc1e4e31cd144adfcffbfbbd261f6ca4f784d07dcc93c9e3cf304923f4,2024-07-03T01:56:46.420000 @@ -255305,7 +255307,7 @@ CVE-2024-34109,0,0,c9e7a028e318045ad0e07a30584a8cdf66484faf15b239f83d63fffcfc9c0 CVE-2024-3411,0,0,c5534494d0c0f328f6dd6a29b2c75cf0917384aed2d3044a8f39c15c542a2568,2024-07-03T21:15:03.933000 CVE-2024-34110,0,0,c15838464fcaf085b2c09e471beb2e732398e46cad7f992477efffffb5459007,2024-07-09T15:09:42.910000 CVE-2024-34111,0,0,19c043112b06522ffc5ddb9df0f8b999a9184efbe5f7c5a69c8e8324f21b6533,2024-08-07T15:15:54.520000 -CVE-2024-34112,0,1,8f1bc7613512ccaee7d59e04edc3235d03e9488247401e1813f71cbc5a8f5496,2024-12-03T14:35:08.160000 +CVE-2024-34112,0,0,8f1bc7613512ccaee7d59e04edc3235d03e9488247401e1813f71cbc5a8f5496,2024-12-03T14:35:08.160000 CVE-2024-34113,0,0,a2e9f7ac8776392f6be8ef1204f1c90f02f8da5b4c386f27bfe6c53f96f39c9b,2024-08-07T15:15:54.640000 CVE-2024-34115,0,0,cc8b9b55a33ad4e137b074effd11699dd96f8494f93e6413f33a6c251661c876,2024-07-19T18:02:32.427000 CVE-2024-34116,0,0,4851ab33470ffca4c1046ad0fdbe4ebf66556d22cc3b975d80dd125226b02f02,2024-08-07T15:15:54.863000 @@ -255316,7 +255318,7 @@ CVE-2024-3412,0,0,e50c7e3ae6f10b261f3da66fd6437a79038925b3952464be81ac0e7b8712c1 CVE-2024-34120,0,0,59b2d9c769f5e7837181f42b948f1f4d6a71599cbcd1b502e5c0f6b22b12ebe5,2024-06-14T20:02:45.567000 CVE-2024-34121,0,0,5c4bc5f93a8e677774dfec4d5defe369f17f675204e3af33dbf284e95e296370,2024-11-01T20:35:17.293000 CVE-2024-34122,0,0,1ec0410a2782988212e8d53b9aff3b950baab8772620259cd2192140e3a735de,2024-10-11T15:01:24.393000 -CVE-2024-34123,0,1,cacd50e122fa9bc468f9dd6ac02f78493bb7ad635f94b1497402fe1b9f16cae1,2024-12-03T14:35:59.150000 +CVE-2024-34123,0,0,cacd50e122fa9bc468f9dd6ac02f78493bb7ad635f94b1497402fe1b9f16cae1,2024-12-03T14:35:59.150000 CVE-2024-34124,0,0,1560ff2926f27a69ce258f83d62b0151a5e1ff052db9746c4e37b847f7058841,2024-08-19T18:56:27.377000 CVE-2024-34125,0,0,3248ba4e13305da4d550ff294e0777762ef3209cea1ba47228c44abb8259e093,2024-08-19T18:56:17.350000 CVE-2024-34126,0,0,9812afe65ee02221e5fd8a63677b5e9e3deeafed44b12298eb7011278c0e0e90,2024-08-19T18:55:47.043000 @@ -256209,7 +256211,7 @@ CVE-2024-35359,0,0,790098a5aa254df92059c385ad6325db39cd91d13b49630a333bac1d583fc CVE-2024-3536,0,0,67ef0d9459ffa6371d38db2913b0c14e7a0dd926c6d86f1aea2fa988c69cefc5,2024-05-17T02:39:59.897000 CVE-2024-35361,0,0,94079fbeae6f3e32a28e0bb042dbf7a904fcf03ef2f5fc193b1b6ac0fc4c26ea,2024-07-03T02:01:38.550000 CVE-2024-35362,0,0,234501ffddb96c378ce0415c69c86b74ffa92255e774ec0584c4ec784483afc1,2024-05-22T18:59:20.240000 -CVE-2024-35366,0,1,cce3847e362944647524f42f8c96161fb821767a34a431ba81a662d8d164730d,2024-12-03T14:15:20.107000 +CVE-2024-35366,0,0,cce3847e362944647524f42f8c96161fb821767a34a431ba81a662d8d164730d,2024-12-03T14:15:20.107000 CVE-2024-35367,0,0,fc1999610d5647bdd337d9cd372630739a60d5b54ee387f6b863824ba4ed87b5,2024-12-02T17:15:10.680000 CVE-2024-35368,0,0,9627ef41704bb16e68693f5c6e18e4ed8b2de5952a37d343cc0e72735c6da4fd,2024-12-02T17:15:10.860000 CVE-2024-35369,0,0,6df28d8460fe7b04f0a2efffc7b9a631fe258a88dc12fbb0a17d1341163bedc4,2024-11-29T18:15:06.983000 @@ -257213,9 +257215,9 @@ CVE-2024-36600,0,0,e7eab002c297c7d5ce5dd570ac3b60c68bd283d5ad8a781f4e7d7381b7481 CVE-2024-36604,0,0,ceabd4d65e8e525e1dbe1c2ad39c0fe240ecb352a8c95aa43d6d84024ca2af4a,2024-08-15T19:35:12.673000 CVE-2024-3661,0,0,c42cca3fa75d9e1e2e62908451948484a5d5cca5f29f392158a6d0b59eb829bd,2024-07-01T15:15:17.187000 CVE-2024-36610,0,0,978b382e6d2d7458ef4ee665877d5fa279890848d387de447325b7fb46ba2824,2024-12-02T17:15:11.230000 -CVE-2024-36611,0,0,42465fba5d209a57964c1117a778f054088fdce7482f6b6bd27c3304a10b7c3d,2024-11-29T19:15:06.780000 +CVE-2024-36611,0,1,4c2b02528fdd4d9d491867b6131bd05320914a0ba163026a539685333ebc096b,2024-12-03T16:15:22.057000 CVE-2024-36612,0,0,2e5bae787232529157776124a9b65f7f3416dd8775c93aff3efc637bb8af407f,2024-12-02T17:15:11.420000 -CVE-2024-36615,0,0,2f8c6f09c7b5113fafb5a41f7e4cbad94a7ad0500652cf2d1c05a06d469ab9d0,2024-11-29T19:15:07.703000 +CVE-2024-36615,0,1,c3893c90b5581100f420f26ee0ccf784458a2107b295d3c77defc3849a0f0672,2024-12-03T16:15:22.197000 CVE-2024-36616,0,0,296a4798d6d750743bea7f8c9bd5c284519a9999e91edf6d3d9b49bc20d67d94,2024-12-02T18:15:09.857000 CVE-2024-36617,0,0,f14a7d3b346fdf72174febe1311327593886e5ab37642fdc9a403f2c9c27d4e2,2024-12-02T18:15:10.270000 CVE-2024-36618,0,0,1b683ed0f9886fba3e4cae1a9790f48a732ffbacff8e54f88bc0a50590bee2ca,2024-12-02T18:15:10.520000 @@ -257223,7 +257225,7 @@ CVE-2024-36619,0,0,d30e29b19403999a360d49eb2b7510653e8a4eeae72cc3067a2b6e14731d7 CVE-2024-3662,0,0,bf35bc71372b512799f21214c4add2ef96949612530c04611b0774c90b1261c4,2024-04-15T13:15:31.997000 CVE-2024-36620,0,0,bd940859e3a70ba9f20daee48c18afd5e689ded5655791c03dcd144494e8ab28,2024-11-29T18:15:07.787000 CVE-2024-36621,0,0,395c2e8d706b3be77e22c8c62abd8cdfeac4ff3d292f427ab7129b4c0bf7529f,2024-11-29T18:15:07.993000 -CVE-2024-36622,0,0,be48e05186f5ac071984ac26618b6189df06db278a956e908f53e3b956f07a62,2024-11-29T18:15:08.140000 +CVE-2024-36622,0,1,07de4151f2340ac6d06674e425feabdd5df0677a18b73b685b4c7de1fe1f2642,2024-12-03T16:15:22.343000 CVE-2024-36623,0,0,5b0927c621a8ce8b7dff6d101236e2659ea986ccf06dc2c525fa93aebc3aee45,2024-11-29T18:15:08.293000 CVE-2024-36624,0,0,0a7b2aae5839929f5368ebe0e8fb0a7dbe600d4804ac108be619ee97ae88a044,2024-11-29T19:15:07.923000 CVE-2024-36625,0,0,7c23d2425847fcff4ab6a41af1e0a7a10f21527b69c1199afaca70ff1a9c9744,2024-11-29T18:15:08.607000 @@ -258991,8 +258993,8 @@ CVE-2024-38859,0,0,de323bde3647e4f305c3b46157fa86379bf5b570b3bfbebf89dea8495917b CVE-2024-3886,0,0,637917caac7fdeed5913d854d310583d9de4da2bf7f910a461c6efc8f1bacf15,2024-09-03T18:48:14.927000 CVE-2024-38860,0,0,266a5ea7baf50ab92e42d7685db3a6cf2803dcca1365001a34024abb32b3b89e,2024-09-20T12:30:51.220000 CVE-2024-38861,0,0,c849569e1ce9ba1b5e191f651dac8e0341ee6fab90d6f85280ffa2b71faa4392,2024-09-30T12:46:20.237000 -CVE-2024-38862,0,0,3bc5ae93f1a59ab8e5497540a76b21f2d9979e17d6c603e124efd9747fd40156,2024-10-15T12:57:46.880000 -CVE-2024-38863,0,0,4e07247c679d45b02eb8d79d50dd0caedb400217644fbadd1dac778936846513,2024-10-15T12:57:46.880000 +CVE-2024-38862,0,1,9b3effa57af127d210fa99d38decd49715030f753336a9c99109dcc9d2bae0d1,2024-12-03T16:56:19.887000 +CVE-2024-38863,0,1,19f40d0a8efdafcf1661471e0d88ded3ea1f1a6ed7ed00a5524865119c45bf20,2024-12-03T16:47:15.693000 CVE-2024-38867,0,0,0587553b0e73bb3d7fb83caa644dbd7ff748ca26af84fce237e8ae38fe20168b,2024-08-13T08:15:10.817000 CVE-2024-38868,0,0,f5122b748e151420a9f3845d24af4920bd437f9bfb8619e2cdc643a0cfcffcd9,2024-09-04T19:13:29.983000 CVE-2024-38869,0,0,c0f887639cd5f8290b163362347e9df211e2de0bfae6dfee57ed54004469d16e,2024-08-30T18:15:07.150000 @@ -259230,7 +259232,7 @@ CVE-2024-3934,0,0,3e23cb8746110c86130adc40e1a1911de8a168d18836a34bacdc1437f4453c CVE-2024-39340,0,0,fc621b442d86eea0a2e72227f2b14f23e2a67834630b902f47135788b8db4fd4,2024-09-23T15:15:13.907000 CVE-2024-39341,0,0,7c359c6b4015613fc52267fcd7e5d9646d4cfcd7e7964fd0c4b36316116d1347,2024-11-04T17:35:19.370000 CVE-2024-39342,0,0,93fef3118f07e5180653fc41b9d6410f0df44f4e0465d850d3b1f4400c7d473a,2024-09-26T13:32:55.343000 -CVE-2024-39343,0,1,6171b95408e88154e38dce78348a253a8927c06ba1552f0b46a9bf8a028abd73,2024-12-03T14:15:20.397000 +CVE-2024-39343,0,0,6171b95408e88154e38dce78348a253a8927c06ba1552f0b46a9bf8a028abd73,2024-12-03T14:15:20.397000 CVE-2024-39344,0,0,e818a000a36da13fc4fe8918e0aa5d488785b27901618777d7233d703b03f419,2024-08-26T16:35:10.110000 CVE-2024-39345,0,0,f773bf4aa168ca0fb54a499af45e3e951779cc47e8e783983f66e20a083935eb,2024-09-03T22:15:04.480000 CVE-2024-39347,0,0,f05ffc50868d752b16aba36bcf98397a1a823dcf709e914fdceefc955d8df28b,2024-06-28T10:27:00.920000 @@ -259698,7 +259700,7 @@ CVE-2024-39886,0,0,c211eb7fd7b7d4a2dcf17c01e99303dbbe9f112b3010b65271b5f2c7acb83 CVE-2024-39887,0,0,bcab76b5e08590d7913c7572e3483924f579ce0c6c9a43158866e543d2bd0484,2024-07-16T14:15:04.380000 CVE-2024-39888,0,0,12ac4fc0e9c84bce2da7114954ff2c2a0c7f51f26f043191b5bde403ad5b0bce,2024-07-09T18:19:14.047000 CVE-2024-3989,0,0,05ae590a507d36950ff969d05988ddbd0846a5630f6cd12721f077e7e440e592,2024-05-14T16:11:39.510000 -CVE-2024-39890,0,0,1abd78fdb2e75f327cc0e488ec9803e48688bf0f1aa5e6a81474037fda0b6eca,2024-12-02T21:15:10.483000 +CVE-2024-39890,0,1,ea58c24a6fb50554bebd1694b75a28def7d76cdc6d7e90f18b6202e1691d12da,2024-12-03T16:15:22.483000 CVE-2024-39891,0,0,ce65af2cc2ab9f5337749d509721b17f14cb456e8c1b3062d4901ad84093db6b,2024-07-24T14:38:43.270000 CVE-2024-39894,0,0,1740bddb6fe58de0ef1c139ba5a05d5875d6244dcec43c669506110ca6b1a045,2024-09-11T16:15:06.003000 CVE-2024-39895,0,0,81e277926f04a447fa0edae3630d7dab6d337a392b69cef51e67fcc762844274,2024-07-09T18:19:14.047000 @@ -261315,7 +261317,7 @@ CVE-2024-42417,0,0,97db2e1cae78c6c5b15ff9e0f09e1c2fc00065af3496103746ac59f2d9475 CVE-2024-42418,0,0,1170a194d58fc93f3e0e1a535dff12de506530448528f0fff3eaea817d001f8b,2024-09-04T18:22:22.583000 CVE-2024-4242,0,0,9c58e9b9e77452c845f3c5179c3be4415982efd0430d3da14ab0345d444eccfb,2024-06-04T19:20:33.363000 CVE-2024-42420,0,0,03ebd30eeb434ca03d3eabb7d6b0396c2658f46173e6697533666fb020a1c544,2024-11-05T19:39:31.913000 -CVE-2024-42422,1,1,0b232b35fd06e22a6b730459e5a39791707f9656a48c53d8b2af810ab36d879f,2024-12-03T13:15:04.987000 +CVE-2024-42422,0,0,0b232b35fd06e22a6b730459e5a39791707f9656a48c53d8b2af810ab36d879f,2024-12-03T13:15:04.987000 CVE-2024-42423,0,0,d28867b0d8eebf1aff8bd3b42424cd5e577a7dd9340d9f0359d41e2fac4ef5ea,2024-09-20T19:42:20.417000 CVE-2024-42424,0,0,a3a79ec5b3f9e4721afc9742622d2616be4d7445c5c0aff9b4256e4bf8fbae09,2024-09-10T12:09:50.377000 CVE-2024-42425,0,0,6aa2353bd532f46d0a2e205868494bbec291e24ba1bbc1fc9f37a272eab1bd0b,2024-09-16T15:46:03.110000 @@ -262882,7 +262884,7 @@ CVE-2024-4475,0,0,b199ea7732b827fa53d53ebb43badb03a8dff248a786cc8d7d2459800e62c0 CVE-2024-44756,0,0,1681a92faf0c64d1815b4eb0c3be7b2fb90b774755ff6087ed8af6c8466588d9,2024-11-19T21:57:56.293000 CVE-2024-44757,0,0,afa0b64a73ad54cd2de86e32a9739915e3b6a820b2485a49a35c06cde9462d98,2024-11-19T21:57:56.293000 CVE-2024-44758,0,0,0f87f6fd64cd3ee32a39610ab34845e08d64c79e468acaf8dd1c0a562c908710,2024-11-27T18:15:13.007000 -CVE-2024-44759,0,0,74017e4a120ba116b0925bdf36ae176aa3414e2488b714ba0e8a87153b7d0ab6,2024-11-18T17:11:56.587000 +CVE-2024-44759,0,1,6bb21d923750b4d8f9cd3e016df196f06ca7ebc082a2f4d744d2f6ce1660c830,2024-12-03T16:15:22.597000 CVE-2024-44760,0,0,c31c484463dbcf8debf14f8cb14c4edde2aeacb7ab3b47695b1fc32577e35939,2024-11-15T20:15:20.270000 CVE-2024-44761,0,0,7f624c83820070ebb06f16b5a059f7fe8de7d537067fdcab263416bb3a81ba98,2024-11-18T18:15:06.160000 CVE-2024-44762,0,0,a4d9c40079155e25bc23610bf9eb4b9c915e9b457539684228b809ce3110b930,2024-10-18T12:53:04.627000 @@ -263118,7 +263120,7 @@ CVE-2024-45101,0,0,cad1255565408251227b424af7803fa7b621bb0a87132fd60fe56f4ddc963 CVE-2024-45103,0,0,01e8c7d7777680c3c907a9b9346c8d516e1c4df3a86a3dfed3c0a030a8c65f44,2024-09-19T01:50:12.427000 CVE-2024-45104,0,0,30db7dcba4a138780d42a329ad568630f0b423c3266582b9f2b058712e15f7a1,2024-09-19T01:49:50.870000 CVE-2024-45105,0,0,9aafd743798418b48e0189ab1d1328ef9ead562b2c45a261fda806c20503b868,2024-09-14T11:47:14.677000 -CVE-2024-45106,0,0,0b7483e7fda2ca3e4f437827923b095d4721533c78676e955e670f0ec77727b3,2024-12-03T10:15:05.697000 +CVE-2024-45106,0,1,38434ab4c33ae35f1fc10e3802fa692146137471499cab7f43c7281e583b1cc0,2024-12-03T15:15:10.470000 CVE-2024-45107,0,0,d5e30880270706ae80f98d427d6a3501f7b9d607b88b780b72f90a000a13f3a6,2024-09-06T16:26:03.440000 CVE-2024-45108,0,0,03b1037fb5ccdb261a2f64bd06297f4c212c932af1d9e1d68068742a2f76d080,2024-09-13T17:00:03.120000 CVE-2024-45109,0,0,b69153e81faafb81e736e68d1b34969baaa1e930ab46f2d35f58ab7a52cf7801,2024-09-13T16:59:46 @@ -265174,12 +265176,12 @@ CVE-2024-4851,0,0,444f4e959fbd50fab42bb9cd6f5b1019a6d50ea56a5371bcf4f4fa6566e3e3 CVE-2024-48510,0,0,c0bda71a75c56137f5ca1653aef745d4cc18cf4bfb1f9d0f6b08426e5356f89d,2024-11-14T15:04:49.847000 CVE-2024-48514,0,0,772c22a7c82f7a2ba09c35b523755c3d2e15343c5a23d7fb25f81b1d3b219920,2024-10-25T12:56:07.750000 CVE-2024-4853,0,0,7e943be0a2434f6362f67f453fe22910f05fecde26076344b21d97f20b2d6efa,2024-08-29T15:15:31.687000 -CVE-2024-48530,0,0,b0b92a0223ecffbff44b18df7f91b3af4df04e01ad68a50633487afff2e8001c,2024-11-20T21:15:07.300000 +CVE-2024-48530,0,1,b5b83c3621089c062cd75d5999fd7edfe6d0c0349283534b9f9af54c99d88e42,2024-12-03T16:15:22.973000 CVE-2024-48531,0,0,b724f70e8e7f5c2abc833b12edca37a23ca68deaf01b1a2b568ec294ff26daf5,2024-11-20T21:15:07.400000 -CVE-2024-48533,0,0,8ee14ec2810264994a5d914e38d2a4c21dc2d5d6110453491269da17028819cc,2024-11-20T21:15:07.487000 +CVE-2024-48533,0,1,0ce7e32cf7fbd6e5816d446bba240523ab45e200cada609e63cd6196a4f25645,2024-12-03T16:15:23.117000 CVE-2024-48534,0,0,076d842795162a1260582c88e3c1c5362e5b5cd96403c6abe0bcd01fd1e9e63c,2024-11-20T21:15:07.567000 CVE-2024-48535,0,0,98833d3c25c49b706c4592fe8269d975a9b2a754117cbd4ae6e64590aafb002b,2024-11-20T21:15:07.660000 -CVE-2024-48536,0,0,7a7be8a277d5bfa8dd9c04d5c78a6a45dd588deb00faa374d90d52f1808d8c41,2024-11-20T21:15:07.740000 +CVE-2024-48536,0,1,ad1cabe4756bdd45e3d36c20554a63d5c7afc4d878e12201ede6e5b570703da5,2024-12-03T16:15:23.253000 CVE-2024-48538,0,0,d00c6ae109958170edcc3a2c583c2ac0637abae567969e57f7b9a648e6c8cb40,2024-10-25T12:56:07.750000 CVE-2024-48539,0,0,1d5c8fdf188ef55366358121671809693c2ffcac98329c253bc948034dac981b,2024-10-25T12:56:07.750000 CVE-2024-4854,0,0,9d5d733c00183e47994464da1b76a252c7e4b8268459cd8a1634b1fda6297d73,2024-08-29T15:15:31.797000 @@ -265392,9 +265394,9 @@ CVE-2024-48986,0,0,cf9484fda56052e686c7c5f0c8f108e09e57cac0d3001558017ed0e9f5d28 CVE-2024-48987,0,0,bb1285db59c3075341f96aec62f9b4ce4709041d90082c7f3534792a4d32fb84,2024-10-15T12:58:51.050000 CVE-2024-48989,0,0,9073e18090b9ae4eb5079758fa48cb03e03a3dcd9dfe9e38f4453d35dfeb5c4c,2024-11-13T17:01:16.850000 CVE-2024-4899,0,0,7d0ca1543842829897b22c32fd7c3ea389ea1c85b28761d045bc30da0b354462,2024-07-03T02:08:16.280000 -CVE-2024-48990,0,1,8ae314221da60f3f28b2dc061e7fd91a0c68d57bf2594502511d6f645886ec7c,2024-12-03T14:15:20.627000 -CVE-2024-48991,0,1,d168b58f77340c27c4fe11099d0fc3db2a31f2441bc53eda948353dc7a25f936,2024-12-03T14:15:20.740000 -CVE-2024-48992,0,1,cfcbe8040e38ad95869aae5b63b2c99ac1950d785833afab83d53352be93cc53,2024-12-03T14:15:20.850000 +CVE-2024-48990,0,0,8ae314221da60f3f28b2dc061e7fd91a0c68d57bf2594502511d6f645886ec7c,2024-12-03T14:15:20.627000 +CVE-2024-48991,0,0,d168b58f77340c27c4fe11099d0fc3db2a31f2441bc53eda948353dc7a25f936,2024-12-03T14:15:20.740000 +CVE-2024-48992,0,0,cfcbe8040e38ad95869aae5b63b2c99ac1950d785833afab83d53352be93cc53,2024-12-03T14:15:20.850000 CVE-2024-48993,0,0,196b3895a17ef7dfbcbfdd466d8bb48d5a37a44b82a7d059ceac4c05136016cf,2024-11-19T19:06:50.177000 CVE-2024-48994,0,0,f318b3abe51a65c36b34811cd6779d9025e28bb0518b94d3d7c79c7579b1e1e4,2024-11-15T15:40:38.250000 CVE-2024-48995,0,0,c8a152b4d83ebd46a319f38f36cd95f3ce9fdb5043f9229f5986839789db7ebd,2024-11-15T15:41:26.280000 @@ -265473,7 +265475,7 @@ CVE-2024-4919,0,0,c726f606173904c8377395d864d6d1f0bfcdbe8df42cdb4cc2d61ca12557d8 CVE-2024-49193,0,0,4817bc5a524f8686c9c390cc6499f217005a03a967baaa28cc06a1d405a85c45,2024-10-16T20:35:16.380000 CVE-2024-49195,0,0,ebe503b8e48bc1eb234bda5829019875beb46e6f81279b5b20d7be3e70714d45,2024-10-17T18:35:13.253000 CVE-2024-4920,0,0,fb11a98a98fcee227749c982e12efa14a4a4b18da858cef87f2552ce91a0c62d,2024-05-17T02:40:42.227000 -CVE-2024-49203,0,0,99f7f4449ed3737e057db9ca8f5f931841c469336388a541c9a12182a727e0bc,2024-11-20T21:15:08.090000 +CVE-2024-49203,0,1,2e3869ed85d4b49507eb3ad2a72ab3ad32e945a0849bd97e20225b0c256f2362,2024-12-03T16:15:23.393000 CVE-2024-49208,0,0,3a58d346a6ade89e8c0020a10a544403e4226ebcc2dc44aeebe9f12dc5b80439,2024-10-25T20:18:20.550000 CVE-2024-49209,0,0,7815188905707c2f76092b0250e46fa9658c3c02368a05bd7a2ebfc97747dcec,2024-10-25T20:17:36.353000 CVE-2024-4921,0,0,1060b5013f8dc8547f0f33cabd337061fb69f6fcf324e5387138007cbeb6a9c1,2024-06-04T19:20:53.730000 @@ -265707,7 +265709,7 @@ CVE-2024-49525,0,0,28a277ab9b52157a5e4549773b7a8750a6dbb7b4cb916799fff07dd0ec631 CVE-2024-49526,0,0,69c6bf5485d49eb3a2da169497c27d72a1196f6e9a7d6c7d2c7c44787150932a,2024-11-18T18:41:33.857000 CVE-2024-49527,0,0,0d9fde76ea05a295ae3bcd4b45293562d8fc9654bdbe0c09a49c5875709be45a,2024-11-18T18:39:52.213000 CVE-2024-49528,0,0,f04aeabc999019759ae70807d4e936a36d020a33909dd4ffb4e16898d3cf045e,2024-11-18T18:34:56.667000 -CVE-2024-49529,1,1,bc912441c1467e88d09c1eebc868707893b19843941c8a4da84053631d70d7a6,2024-12-03T14:37:05.960000 +CVE-2024-49529,0,0,bc912441c1467e88d09c1eebc868707893b19843941c8a4da84053631d70d7a6,2024-12-03T14:37:05.960000 CVE-2024-49536,0,0,64699087f9e557bcb15e1f1e76804f07eb5cb82ad8ee2392d1aa5d8b2e6ac029,2024-11-19T21:21:45.640000 CVE-2024-49557,0,0,d5723680a20b941e0b929edc2959b845b0ec9b5d07125e59e1942c5e8991b90e,2024-11-15T17:36:47.110000 CVE-2024-49558,0,0,3c676b75de26a8476d548ed8b3e232d51677ecb4a62749082177600c22312603,2024-11-15T17:35:54.480000 @@ -267725,11 +267727,11 @@ CVE-2024-52711,0,0,25e806d2babc20691476aabfcc4918f38a4f803e2dadea4a566e728ec69d7 CVE-2024-52714,0,0,e8174cb74f218481a745eaa4fb4441e2ce8d564c733028629c2c073a4476af1a,2024-11-20T20:35:15.260000 CVE-2024-5272,0,0,d387d985ee64cb70308558e1288744b27040b8f28ef99da7e8b0a0af44167dd6,2024-05-28T12:39:28.377000 CVE-2024-52723,0,0,5e158b9e6ae935fe53fcd904758ef5184a80e91ca85495f081966847a4cf0194,2024-11-22T16:15:33.983000 -CVE-2024-52724,0,0,31bcc87a603cca0a8b96eca1f7ca6e15911f791c17c30d44ad001cfd53b29b95,2024-12-02T19:15:10.697000 +CVE-2024-52724,0,1,1b9a842f88051cd2a156be0c29e93a887efef468c9086a38490e71ae06d82307,2024-12-03T15:15:10.943000 CVE-2024-52725,0,0,ca83ad92f53ba791b675728b41a882f6bce2ad034a322e498ad5b1a0459b09dd,2024-12-02T21:15:10.977000 CVE-2024-52726,0,0,07104ca9c9e8f2a3a4e4ad76e018b45eb5df5070643287e443babd815c74fea3,2024-11-27T17:15:13.463000 CVE-2024-5273,0,0,098baedadde55d65116b7be974965fe184b3495f86a75c5fc729e60404fd76e0,2024-11-07T15:35:14.380000 -CVE-2024-52732,0,0,d6a80ccb8de450005a7cb1743d48fc0ea7e9c3041c776b4edbabfa2f08461cb5,2024-12-02T15:15:12.270000 +CVE-2024-52732,0,1,4ca154eb1f5fd81030336111a38008c8fe0f668bf712f5a43c85e6f662721089,2024-12-03T16:15:23.540000 CVE-2024-52739,0,0,e67c6617d90c4f2c32d6849dbe6387498e43b14fb180727dba9b598a59a70f9d,2024-11-20T20:35:16.147000 CVE-2024-5274,0,0,c24e97658283aca2d227c212a256ad0361bc0b2f150a90ed4a532bb6225b406f,2024-11-27T18:12:51.690000 CVE-2024-5275,0,0,0a8f92936fd54cfeba80497afbb5044228db5d667d0dcb3a75c34af54c4c0fca,2024-06-20T12:44:01.637000 @@ -267815,7 +267817,7 @@ CVE-2024-5296,0,0,9bd527352a89f2b4ccfc677e3fc5feb9bb09c1923dac2d4ba397c3469bcfc6 CVE-2024-5297,0,0,d1218091e3a48aa0835b7de76e914f2fa4d051775431f4beee97941e4c178297,2024-05-24T01:15:30.977000 CVE-2024-5298,0,0,751024870f0005efd62d8664aa885c619c01fff4fc9d9e46acd3d648d421b0e1,2024-05-24T01:15:30.977000 CVE-2024-5299,0,0,ec4fa401441140dbf77742461a619e82e80b0b3301518890cfd68e9b147d30dc,2024-05-24T01:15:30.977000 -CVE-2024-52998,0,1,6290b7bcb6009685ce74422e3ebe6e84d8aa2373cdb09dbaf200385294d7d729,2024-12-03T14:32:51.580000 +CVE-2024-52998,0,0,6290b7bcb6009685ce74422e3ebe6e84d8aa2373cdb09dbaf200385294d7d729,2024-12-03T14:32:51.580000 CVE-2024-53008,0,0,eb27408d35fd63e0b06a6d91784ac9fdfba636caf4dc616097e327306086f070,2024-11-28T03:15:16.363000 CVE-2024-5301,0,0,e6554ba8ce305faf67a147a1164dfd0369262e65017220af5d0bddff09928633,2024-09-25T15:18:18.097000 CVE-2024-5302,0,0,39889567f28c32113cd40d7a6613b67998b6932facc1ad2f99b57c33f7aef565,2024-09-25T15:22:17.627000 @@ -267916,6 +267918,7 @@ CVE-2024-5325,0,0,3161b31796f943a80af27275e8f23d08c58d4d31d567c9aa76aee11dec3e80 CVE-2024-53253,0,0,d8774b8b7a52a6828fee68f5032117fca8a6e77570ad308c3ddf9958a04b65eb,2024-11-22T20:15:09.210000 CVE-2024-53254,0,0,ee53e9b703f27318442647deb86c75e2def0aedf5170eb37f9fbf3bd5e2537ab,2024-11-27T18:15:18.060000 CVE-2024-53255,0,0,d61a8d7710c40f67983bd99e9267ded1e91d86ea0747c698bd8cab97316873cd,2024-11-25T19:15:11.760000 +CVE-2024-53257,1,1,eae1aa4a1d7df1cd5d0e2ab98e730ae55122d465b4457dbe2bf329490028ee7a,2024-12-03T16:15:23.693000 CVE-2024-53258,0,0,a915b82637f40f0c10b7fb4e3ffc3bc669fcfe23ea0f5d157743938cb68f10dd,2024-11-25T20:15:10.030000 CVE-2024-53259,0,0,b56d791ed8a3934da53ca3b2bc8d09134e7671697306e7cd36424993380151b4,2024-12-02T17:15:12.767000 CVE-2024-5326,0,0,2be4cbe8832da29a051a88af0386c312f2db765fd88a5b2a911937a61354bc30,2024-05-30T13:15:41.297000 @@ -267948,6 +267951,7 @@ CVE-2024-5341,0,0,40f4ad179dcb36606de702fcfb61368c761e9a979db8ddd9beb5e39827e7a7 CVE-2024-5342,0,0,b9462ea77ffff29ff50fcb5529de81f4f86998607e3428d3f0d5025aaca0f233,2024-11-01T14:27:11.580000 CVE-2024-53425,0,0,dba41ac0d03c322e076798942c48ad94ab227d8220eb1e3a3534e4bdae7c6815,2024-11-26T18:15:20.090000 CVE-2024-53426,0,0,9339130e86a75243ea176c2c1911663d0047bd370b4ea0fccb09719eca2c3ad9,2024-11-26T18:15:20.330000 +CVE-2024-53429,1,1,eaa70acb2843e8489abf02d5796dd8a314b9b85961845be919325cda159f0f76,2024-12-03T16:15:23.833000 CVE-2024-5343,0,0,fedc1366914170279f2e5d2ad585273a49bb658750b62f8b5bda5b06ac846b44,2024-06-20T12:44:01.637000 CVE-2024-53438,0,0,269e7677ace7d9295c53368d7a770c8536638e497558c04303dcd88d3a89eb20,2024-11-27T17:15:14.647000 CVE-2024-5344,0,0,b9eb66177d3d824bf1f1529dfc9f0ece4e45e95565139113aee3e384e4e64696,2024-07-17T03:07:04.743000 @@ -267957,7 +267961,7 @@ CVE-2024-5346,0,0,da43d69a3160345da9f992308a5772b156b46661e78425f332f67d306a3aff CVE-2024-5347,0,0,16093735dbce016cf2430c73a4d8045f77e47434e1c219ace83416138a28cb5d,2024-05-31T13:01:46.727000 CVE-2024-53477,0,0,753aaf8c684bb995d983939a69c12192942ed2e573e55f2d4f5233aa6560b86c,2024-12-02T21:15:11.217000 CVE-2024-5348,0,0,bc3d8d1f3668d1fc879553d2a82a62e6b9980757b64bfd9f1d5fdacf853f73c6,2024-06-03T14:46:24.250000 -CVE-2024-53484,0,0,7f2e36a94d2ab38efc349e912aac79a8f2255c98dd9d4e3cafa14fba72ce9911,2024-12-02T19:15:10.820000 +CVE-2024-53484,0,1,c9442618db175b392539d76a1a9674a888dcbfcc13582e8461a2dd3982136eb4,2024-12-03T16:15:23.980000 CVE-2024-5349,0,0,095035450c60a13c08898917421d5656b2399179b1253e40806dcf47c3a4d9f7,2024-07-03T15:44:23.807000 CVE-2024-5350,0,0,8440f1aab6c7debe55a047353772f60d1de30f1b1b7f7fc13c3946381d3b4f12,2024-05-28T12:39:42.673000 CVE-2024-53504,0,0,0cf1059548643389b1e33bad68f218b18235298c923b702dcc5a0c676fd86048,2024-12-02T17:15:13.047000 @@ -267973,7 +267977,7 @@ CVE-2024-53554,0,0,438643a55aaa35b78f1b23aac2881a01cc4a8024d9a2bdae2137a7b9fa7a8 CVE-2024-53555,0,0,174e17d1628af05aaf3f22807e86abd0dc7a03bf1129ef93abe75153c9a01a07,2024-11-26T21:15:08.560000 CVE-2024-53556,0,0,6925ef5b3d50b82f5e08a24f19e7ff4e448493177d9879ad27f5ac4d6f2f0b97,2024-11-27T17:15:14.917000 CVE-2024-5356,0,0,85f64e8ba0cebff8187202ea327ca3c906742c5e7d2301ba82b2780a509234eb,2024-06-04T19:21:05.977000 -CVE-2024-53564,0,0,e10a96030ded2829a41b48cc1671c01830a59f8174dc924d23b218915340bc5b,2024-12-02T18:15:11.353000 +CVE-2024-53564,0,1,7d70e5f55e37762a76b108e6a64b73672727dd5c5512814b5c83672ff9b30cce,2024-12-03T15:15:11.373000 CVE-2024-53566,0,0,dbff5ecbfdcc9c433f6a2fc9ea0927173d5445ca6c33bb6be0347daffda46700,2024-12-02T18:15:11.500000 CVE-2024-5357,0,0,3e42587e7af2230be214dc062d75c1c832a73aeee43ae2fc11277198b34ad5c7,2024-06-07T20:15:12.387000 CVE-2024-5358,0,0,fdd72871ebf6d62b075a63baf142931fcf44d230f54a18747bfadc4ddcff1dbe,2024-06-04T19:21:06.077000 @@ -268119,7 +268123,7 @@ CVE-2024-5388,0,0,88068f2d18329bc2e1ad4660154ccfa55826fed94a4e1660b5757c6715c273 CVE-2024-5389,0,0,f6aaaf23dff2a1d7f90a7950cdbb76e8322ef8c0ff1bf8f6173fe4634d169b69,2024-07-09T19:15:13.853000 CVE-2024-53899,0,0,ca94e39391001349829a2f872ca5d1d0c6ef0f2f07a2a901a4f8c2f87ada266a,2024-11-26T18:23:09.517000 CVE-2024-5390,0,0,577e03013c579fd5ea5c07b95a092cd4d32be3fa4130d25da9e61ffe468007ab,2024-06-04T19:21:08.020000 -CVE-2024-53900,0,0,d85cbefb465ea902cbbe0e0389f3f5eff99eb2d1812c50eefe5ac1d7199e1a85,2024-12-02T20:15:08.347000 +CVE-2024-53900,0,1,c3a93f9dd28bd52f63bcce9aaf81fca10f963a4c7edccd38d582c67ac6799f5e,2024-12-03T16:15:24.113000 CVE-2024-53901,0,0,52cbcc170c451b305e90c5f0e2a88558d86a9bc5446c93579e76a9aa43a0081d,2024-11-26T19:52:01.653000 CVE-2024-53909,0,0,f496b480d61110aca5ba4afaa8506ac48e157eddeacabdc9f46723c429d54992,2024-11-29T20:54:47.700000 CVE-2024-5391,0,0,a7c29f93c1b76aed47351138468a6c5b251b9f9a4ad39cf688118719a36ed1c7,2024-06-07T20:15:12.687000 @@ -268159,7 +268163,9 @@ CVE-2024-53989,0,0,0358cc647ddace41a4dfeb86c3aca5be8a1a57964a4ee04c89fd93a56be38 CVE-2024-5399,0,0,6f591a4ee360dfdb4118262029ef6ec2f3647ffdfa160e81ed9cdadb88ac0f1d,2024-05-28T12:39:28.377000 CVE-2024-53990,0,0,6379e4bbe26e19105376b36b2196150c1631dc13a93cec6d1f3c3cedfc26df0a,2024-12-02T18:15:11.753000 CVE-2024-53992,0,0,968e2d279d6edfc36860c960df4396bf9d9df657b6a78a28aa81a3adc4be5a3e,2024-12-02T17:15:14.113000 +CVE-2024-53999,1,1,80e3192c64b986a2c82f7cb85ff5081bb2235e4dec0ec9c5a1f5324ae09e812c,2024-12-03T16:15:24.250000 CVE-2024-5400,0,0,094967d50b5003fa8a1a95a7cd40ccdb2300c03695bb818acf6e11d6054c6ffe,2024-05-28T12:39:28.377000 +CVE-2024-54000,1,1,79bf0fc3308433671fec9e277259b5b3b941c6e3097b99968c0a0fe0b45a16f5,2024-12-03T16:15:24.380000 CVE-2024-54003,0,0,2506866a989efaeab3da1a8a5555a804f26e4215f0a647f04a179f236368dfb1,2024-11-27T20:15:26.133000 CVE-2024-54004,0,0,4b55764e78df7d1fab73ac81a29fd36001f40116e182b6aab547372d06b234b5,2024-11-27T19:15:33.723000 CVE-2024-5402,0,0,a5e55a0c84701c59a5f5d7ada1c30ecac8bd71919dc47c454e4a5ba90cd9220e,2024-07-19T18:03:55.583000 @@ -268178,7 +268184,7 @@ CVE-2024-54124,0,0,d93261f0be0c719ea94f116c38fdd88edcab344178e1fea1cd1f60fbeb469 CVE-2024-5413,0,0,b448c8c4fee794a9903e33e6c17f07ddeb3dd7c0bc677024b75809ef047d2c8a,2024-05-28T14:59:09.827000 CVE-2024-5414,0,0,08acc305e6c9bea4a9589fa3dba157ea62649fb0f8c0ee74aad6ddc09386f1c2,2024-05-28T14:59:09.827000 CVE-2024-5415,0,0,d8ba178a70f3cfb2a3911a07d12ef045cc2ca261b5b8d85db5edc9c9636eef1e,2024-05-28T14:59:09.827000 -CVE-2024-54159,0,0,d90984b2f7355a1a8a07d418950bf4f2884d76989e35be06ace87948bd98ed40,2024-11-29T22:15:07.017000 +CVE-2024-54159,0,1,a6966b82b06dc6cc6ffe535670f7fe423d90e23d66a5791ea4c4b55b9827bb58,2024-12-03T15:15:12.097000 CVE-2024-5416,0,0,e60ac21c549a64885b0e4526eea23fa8e926aaead7cfc8773dbbebbe7c033943,2024-09-26T14:37:59.290000 CVE-2024-5417,0,0,7aeebeb967db19ec82014e996b2aa573677c8d8d73e22110a17d0cf5ea677289,2024-10-07T15:44:01.830000 CVE-2024-5418,0,0,a687af8fa8fe7200b6255f9fba7bdce69460001467d8b2873093024e735e15d4,2024-05-31T13:01:46.727000 @@ -271728,7 +271734,7 @@ CVE-2024-9677,0,0,944e049c847e061867c66e6b586a0cd99260b04bc2e2059d736567bf47cae0 CVE-2024-9680,0,0,b270ebb58405bce82b545a9823e949fa4790116b7a4834e574606834227d9216,2024-11-26T19:53:56.537000 CVE-2024-9681,0,0,8b924b450d4a6dbb27601fbb04f08d88c9285a0a1a67208f21518dfaaa0a72ba,2024-11-25T19:52:56.417000 CVE-2024-9682,0,0,2122d85927443e1998d90f1dfaf0e30f87a59df9f9140f4f34d3cb7460150d67,2024-11-19T15:47:07.517000 -CVE-2024-9683,0,0,a648737766df3deb74ddc86e7dcd00883598b7b3c943d9054e11451b5f185407,2024-10-18T12:52:33.507000 +CVE-2024-9683,0,1,e0cd26df0500a0cc9db7c9689d39531f945e069407d58ce00900c54b93d56ed1,2024-12-03T16:14:52.690000 CVE-2024-9685,0,0,a93c724a8b2ee6ce4a46c54a35028c939ad55b1fb441a5b479f473edc57de420,2024-10-15T14:30:00.483000 CVE-2024-9686,0,0,8a91e1ae5070fa70337820c934475166fa3e061411ab7464abf260ed961a0668,2024-11-06T16:19:04.333000 CVE-2024-9687,0,0,ae8c4791dae243694c67044fa0088a221548cce6d43bc08144a537d590a79ff2,2024-10-17T21:11:14.197000 @@ -271968,7 +271974,7 @@ CVE-2024-9974,0,0,a9f33ba1bf43a6581b26a64054dc48f869f96fec31a53cd68d396b83198ee7 CVE-2024-9975,0,0,4525d3890144372ea39c9bdd06414839f2c1fd17df2032696deb6863140465d5,2024-10-16T13:44:46.220000 CVE-2024-9976,0,0,5980d080e9ad25dff2e581d3c904125c709818a390af58c76d59996e26d292c8,2024-10-16T13:42:24.153000 CVE-2024-9977,0,0,8fbf86e7b1f024ef2593e8608c7ccd55ca749b0af624481d1e713f71c065dc16,2024-10-16T16:38:43.170000 -CVE-2024-9978,1,1,3a2501c5446b394c69c20954ec6ea86a8c312be2c740234a6fdca0863055d2bf,2024-12-03T13:15:05.140000 +CVE-2024-9978,0,0,3a2501c5446b394c69c20954ec6ea86a8c312be2c740234a6fdca0863055d2bf,2024-12-03T13:15:05.140000 CVE-2024-9979,0,0,bb7e55c386cc249a98b0827bb4feff1257591f1d244a65e7ccd05578ba319079,2024-10-16T16:38:43.170000 CVE-2024-9980,0,0,665ae4d3fad1ccd0bc296c2172cff10c0d57400041e58e918121ae8fdfb1183a,2024-10-17T18:03:34.807000 CVE-2024-9981,0,0,7aa55e716de319cd032858b815d476396828a27c5d3a7d5b6802447033166c68,2024-10-17T18:05:29.947000