diff --git a/CVE-2021/CVE-2021-470xx/CVE-2021-47077.json b/CVE-2021/CVE-2021-470xx/CVE-2021-47077.json index ed13dde1c8c..6990ffb89e0 100644 --- a/CVE-2021/CVE-2021-470xx/CVE-2021-47077.json +++ b/CVE-2021/CVE-2021-470xx/CVE-2021-47077.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47077", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-01T22:15:47.283", - "lastModified": "2024-11-21T06:35:21.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-10T21:01:51.030", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,120 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: qedf: Agregar comprobaciones de puntero en qedf_update_link_speed() Se observ\u00f3 el siguiente seguimiento: [ 14.042059] Seguimiento de llamadas: [ 14.042061] [ 14.042068] qedf_link_update+0x144/0x1f0 [ qedf] [14.042117] qed_link_update+0x5c/0x80 [qed] [14.042135] qed_mcp_handle_link_change+0x2d2/0x410 [qed] [14.042155]? qed_set_ptt+0x70/0x80 [qed] [14.042170]? qed_set_ptt+0x70/0x80 [qed] [14.042186]? qed_rd+0x13/0x40 [qed] [ 14.042205] qed_mcp_handle_events+0x437/0x690 [qed] [ 14.042221] ? qed_set_ptt+0x70/0x80 [qed] [ 14.042239] qed_int_sp_dpc+0x3a6/0x3e0 [qed] [ 14.042245] tasklet_action_common.isra.14+0x5a/0x100 [ 14.042250] __do_softirq+0xe4/0x2f8 [ 14.042253] salida_irq+0xf7/0x100 [ 14.042255] do_IRQ+0x7f/0xd0 [ 14.042257] common_interrupt+0xf/0xf [ 14.042259] API qedf_link_update() est\u00e1 siendo llamada desde QED pero en ese momento shost_data no est\u00e1 inicializado. Esto da como resultado una desreferencia del puntero NULL cuando intentamos desreferenciar shost_data mientras actualizamos las velocidades_compatibles. Agregue una verificaci\u00f3n de puntero NULL antes de eliminar la referencia a shost_data." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.11", + "versionEndExcluding": "5.10.40", + "matchCriteriaId": "2AAEF84B-9EDC-4A9E-9CED-005FB1D87316" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.12.7", + "matchCriteriaId": "E8F2CE30-38B0-4716-B12B-A139B0F9C5C9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*", + "matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/11014efcec378bb0050a6cf08eaf375e3693400a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/73578af92a0fae6609b955fcc9113e50e413c80f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a6362a737572f66051deb7637f3f77ddf7a4402f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/11014efcec378bb0050a6cf08eaf375e3693400a", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/73578af92a0fae6609b955fcc9113e50e413c80f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a6362a737572f66051deb7637f3f77ddf7a4402f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-363xx/CVE-2023-36358.json b/CVE-2023/CVE-2023-363xx/CVE-2023-36358.json index c5d1bda47d3..caddbae8035 100644 --- a/CVE-2023/CVE-2023-363xx/CVE-2023-36358.json +++ b/CVE-2023/CVE-2023-363xx/CVE-2023-36358.json @@ -2,7 +2,7 @@ "id": "CVE-2023-36358", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-22T20:15:09.873", - "lastModified": "2024-11-21T08:09:35.597", + "lastModified": "2024-12-10T22:15:05.393", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.1, "impactScore": 4.0 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.0 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-120" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-363xx/CVE-2023-36359.json b/CVE-2023/CVE-2023-363xx/CVE-2023-36359.json index 82124577578..74a8b5c7d92 100644 --- a/CVE-2023/CVE-2023-363xx/CVE-2023-36359.json +++ b/CVE-2023/CVE-2023-363xx/CVE-2023-36359.json @@ -2,7 +2,7 @@ "id": "CVE-2023-36359", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-22T20:15:09.920", - "lastModified": "2024-11-21T08:09:35.760", + "lastModified": "2024-12-10T21:15:14.750", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-120" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] } ], "configurations": [ @@ -254,6 +284,14 @@ "Exploit", "Third Party Advisory" ] + }, + { + "url": "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/8/TP-Link%20TL-WR940N%20TL-WR841N%20TL-WR941ND%20wireless%20router%20userRpmQoSRuleListRpm%20buffer%20read%20out-of-bounds%20vulnerability.md", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-525xx/CVE-2023-52503.json b/CVE-2023/CVE-2023-525xx/CVE-2023-52503.json index 201b2f58ddd..5c0dddd6e9c 100644 --- a/CVE-2023/CVE-2023-525xx/CVE-2023-52503.json +++ b/CVE-2023/CVE-2023-525xx/CVE-2023-52503.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52503", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-02T22:15:47.250", - "lastModified": "2024-11-21T08:39:55.033", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-10T21:26:43.377", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,47 +15,177 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: tee: amdtee: corrige la vulnerabilidad de Use After Free en amdtee_close_session Existe una posible condici\u00f3n de ejecuci\u00f3n en amdtee_close_session que puede causar el Use After Free en amdtee_open_session. Por ejemplo, si una sesi\u00f3n tiene refcount == 1 y un hilo intenta liberar esta sesi\u00f3n mediante: kref_put(&sess->refcount, destroy_session); el recuento de referencias disminuir\u00e1 y el siguiente paso ser\u00eda llamar a destroy_session(). Sin embargo, si en otro hilo, se llama a amdtee_open_session() antes de que destroy_session() haya completado la ejecuci\u00f3n, alloc_session() puede devolver 'sess' que se liberar\u00e1 m\u00e1s tarde en destroy_session(), lo que conducir\u00e1 a Use After Free en amdtee_open_session. Para solucionar este problema, trate la disminuci\u00f3n de sess->refcount y la eliminaci\u00f3n de 'sess' de la lista de sesiones en destroy_session() como una secci\u00f3n cr\u00edtica, para que se ejecute de forma at\u00f3mica." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.0, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.6", + "versionEndExcluding": "5.10.199", + "matchCriteriaId": "7BEA3A23-5DDA-4C82-91AB-12FA1B3FD828" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.136", + "matchCriteriaId": "B1FA5161-3AC0-44DF-B1F7-93A070F2B1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.59", + "matchCriteriaId": "96EA633C-1F3E-41C5-A13A-155C55A1F273" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.5.8", + "matchCriteriaId": "AD4E15B4-2591-4A3A-B2A2-7FEAECD5027D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*", + "matchCriteriaId": "84267A4F-DBC2-444F-B41D-69E15E1BEC97" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*", + "matchCriteriaId": "FB440208-241C-4246-9A83-C1715C0DAA6C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*", + "matchCriteriaId": "0DC421F1-3D5A-4BEF-BF76-4E468985D20B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:*", + "matchCriteriaId": "00AB783B-BE05-40E8-9A55-6AA457D95031" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc5:*:*:*:*:*:*", + "matchCriteriaId": "E7C78D0A-C4A2-4D41-B726-8979E33AD0F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1680c82929bc14d706065f123dab77f2f1293116", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1c95574350cd63bc3c5c2fa06658010768f2a0ce", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/60c3e7a00db954947c265b55099c21b216f2a05c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/da7ce52a2f6c468946195b116615297d3d113a27", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f4384b3e54ea813868bb81a861bf5b2406e15d8f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1680c82929bc14d706065f123dab77f2f1293116", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1c95574350cd63bc3c5c2fa06658010768f2a0ce", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/60c3e7a00db954947c265b55099c21b216f2a05c", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/da7ce52a2f6c468946195b116615297d3d113a27", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f4384b3e54ea813868bb81a861bf5b2406e15d8f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-109xx/CVE-2024-10968.json b/CVE-2024/CVE-2024-109xx/CVE-2024-10968.json index df1e1fdbb42..fcac500a582 100644 --- a/CVE-2024/CVE-2024-109xx/CVE-2024-10968.json +++ b/CVE-2024/CVE-2024-109xx/CVE-2024-10968.json @@ -2,8 +2,8 @@ "id": "CVE-2024-10968", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-07T20:15:15.633", - "lastModified": "2024-11-08T19:01:03.880", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-10T21:10:06.700", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -80,6 +80,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -122,24 +142,67 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:1000projects:bookstore_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F0449A3F-C6E8-468B-ABBC-9932801A9EEE" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/NG0324/CVE/issues/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.283417", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.283417", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.437322", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-109xx/CVE-2024-10969.json b/CVE-2024/CVE-2024-109xx/CVE-2024-10969.json index d1f9364496d..6fd341b5c60 100644 --- a/CVE-2024/CVE-2024-109xx/CVE-2024-10969.json +++ b/CVE-2024/CVE-2024-109xx/CVE-2024-10969.json @@ -2,8 +2,8 @@ "id": "CVE-2024-10969", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-07T20:15:15.930", - "lastModified": "2024-11-08T19:01:03.880", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-10T21:10:24.593", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -80,6 +80,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -122,24 +142,67 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:1000projects:bookstore_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F0449A3F-C6E8-468B-ABBC-9932801A9EEE" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/ppp-src/CVE/issues/31", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.283418", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.283418", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.437416", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-111xx/CVE-2024-11138.json b/CVE-2024/CVE-2024-111xx/CVE-2024-11138.json index 2b77d1d358f..0ab4be58efc 100644 --- a/CVE-2024/CVE-2024-111xx/CVE-2024-11138.json +++ b/CVE-2024/CVE-2024-111xx/CVE-2024-11138.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11138", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-12T18:15:17.543", - "lastModified": "2024-11-13T17:01:58.603", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-10T21:11:45.043", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -80,6 +80,26 @@ }, "exploitabilityScore": 1.2, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -122,24 +142,66 @@ "value": "CWE-434" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dedecms:dedecms:5.7.116:*:*:*:*:*:*:*", + "matchCriteriaId": "B41AD51D-5F0C-4504-88F6-5D4D9078AAEC" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/falling-snow1/cve1/blob/main/DedeCMS%20V5.7.116%20has%20Remote%20Code%20Excute%20vulnerability.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://vuldb.com/?ctiid.283977", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.283977", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.441900", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25604.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25604.json index 7b68cf903bc..33e879998d3 100644 --- a/CVE-2024/CVE-2024-256xx/CVE-2024-25604.json +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25604.json @@ -2,8 +2,8 @@ "id": "CVE-2024-25604", "sourceIdentifier": "security@liferay.com", "published": "2024-02-20T09:15:09.057", - "lastModified": "2024-11-21T09:01:03.820", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-10T22:59:32.727", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ] }, @@ -49,16 +69,186 @@ "value": "CWE-863" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.2", + "matchCriteriaId": "AF8EBC77-BA94-4AA8-BAF0-D1E3C9146459" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*", + "matchCriteriaId": "0DCF7F39-A198-4F7E-84B7-90C88C1BAA96" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*", + "matchCriteriaId": "E7E68DF8-749B-4284-A7C9-929701A86B36" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:*", + "matchCriteriaId": "340DF1FE-5720-4516-BA51-F2197A654409" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:*", + "matchCriteriaId": "97E155DE-05C6-4559-94A8-0EFEB958D0C9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_12:*:*:*:*:*:*", + "matchCriteriaId": "0635FB5F-9C90-49C7-A9EF-00C0396FCCAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_13:*:*:*:*:*:*", + "matchCriteriaId": "77523B76-FC26-41B1-A804-7372E13F4FB2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_14:*:*:*:*:*:*", + "matchCriteriaId": "B15397B8-5087-4239-AE78-D3C37D59DE83" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_15:*:*:*:*:*:*", + "matchCriteriaId": "311EE92A-0EEF-4556-A52F-E6C9522FA2DD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_16:*:*:*:*:*:*", + "matchCriteriaId": "49501C9E-D12A-45E0-92F3-8FD5FDC6D3CF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*", + "matchCriteriaId": "7CECAA19-8B7F-44C8-8059-6D4F2105E196" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*", + "matchCriteriaId": "68CBCEEB-7C28-4769-813F-3F01E33D2E08" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*", + "matchCriteriaId": "C0CB4927-A361-4DFA-BDB8-A454EA2894AB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*", + "matchCriteriaId": "B2B771B7-D5CB-4778-A3A8-1005E4EE134C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*", + "matchCriteriaId": "3B9DB383-3791-4A43-BA4D-7695B203E736" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*", + "matchCriteriaId": "13F02D77-20E9-4F32-9752-511EB71E6704" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*", + "matchCriteriaId": "6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_1:*:*:*:*:*:*", + "matchCriteriaId": "43F61E2F-4643-4D5D-84DB-7B7B6E93C67B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_2:*:*:*:*:*:*", + "matchCriteriaId": "8B057D81-7589-4007-9A0D-2D302B82F9CF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_3:*:*:*:*:*:*", + "matchCriteriaId": "6F0F2558-6990-43D7-9FE2-8E99D81B8269" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_4:*:*:*:*:*:*", + "matchCriteriaId": "11072673-C3AB-42EA-A26F-890DEE903D42" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_5:*:*:*:*:*:*", + "matchCriteriaId": "134560B0-9746-4EC3-8DE3-26E53E2CAC6D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*", + "matchCriteriaId": "6F6A98ED-E694-4F39-95D0-C152BD1EC115" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_1:*:*:*:*:*:*", + "matchCriteriaId": "2CD6861A-D546-462F-8B22-FA76A4AF8A9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_2:*:*:*:*:*:*", + "matchCriteriaId": "324BB977-5AAC-4367-98FC-605FF4997B3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:service_pack_1:*:*:*:*:*:*", + "matchCriteriaId": "2BBA40AC-4619-434B-90CF-4D29A1CA6D86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*", + "matchCriteriaId": "96E84DBC-C740-4E23-8D1D-83C8AE49813E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.4.3.5", + "matchCriteriaId": "E04E0EDA-8E18-43C3-A0B2-DF45B7CE811D" + } + ] + } + ] } ], "references": [ { "url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2024-25604", - "source": "security@liferay.com" + "source": "security@liferay.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2024-25604", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-256xx/CVE-2024-25605.json b/CVE-2024/CVE-2024-256xx/CVE-2024-25605.json index 81de1c27566..c408a74029e 100644 --- a/CVE-2024/CVE-2024-256xx/CVE-2024-25605.json +++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25605.json @@ -2,8 +2,8 @@ "id": "CVE-2024-25605", "sourceIdentifier": "security@liferay.com", "published": "2024-02-20T09:15:09.323", - "lastModified": "2024-11-21T09:01:03.953", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-10T22:20:47.737", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 } ] }, @@ -49,16 +69,191 @@ "value": "CWE-276" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.2", + "matchCriteriaId": "AF8EBC77-BA94-4AA8-BAF0-D1E3C9146459" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*", + "matchCriteriaId": "0DCF7F39-A198-4F7E-84B7-90C88C1BAA96" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*", + "matchCriteriaId": "E7E68DF8-749B-4284-A7C9-929701A86B36" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:*", + "matchCriteriaId": "340DF1FE-5720-4516-BA51-F2197A654409" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:*", + "matchCriteriaId": "97E155DE-05C6-4559-94A8-0EFEB958D0C9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_12:*:*:*:*:*:*", + "matchCriteriaId": "0635FB5F-9C90-49C7-A9EF-00C0396FCCAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_13:*:*:*:*:*:*", + "matchCriteriaId": "77523B76-FC26-41B1-A804-7372E13F4FB2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_14:*:*:*:*:*:*", + "matchCriteriaId": "B15397B8-5087-4239-AE78-D3C37D59DE83" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_15:*:*:*:*:*:*", + "matchCriteriaId": "311EE92A-0EEF-4556-A52F-E6C9522FA2DD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_16:*:*:*:*:*:*", + "matchCriteriaId": "49501C9E-D12A-45E0-92F3-8FD5FDC6D3CF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*", + "matchCriteriaId": "7CECAA19-8B7F-44C8-8059-6D4F2105E196" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*", + "matchCriteriaId": "68CBCEEB-7C28-4769-813F-3F01E33D2E08" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*", + "matchCriteriaId": "C0CB4927-A361-4DFA-BDB8-A454EA2894AB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*", + "matchCriteriaId": "B2B771B7-D5CB-4778-A3A8-1005E4EE134C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*", + "matchCriteriaId": "3B9DB383-3791-4A43-BA4D-7695B203E736" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*", + "matchCriteriaId": "13F02D77-20E9-4F32-9752-511EB71E6704" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*", + "matchCriteriaId": "6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*", + "matchCriteriaId": "759DDB90-6A89-4E4F-BD04-F70EFA5343B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_1:*:*:*:*:*:*", + "matchCriteriaId": "43F61E2F-4643-4D5D-84DB-7B7B6E93C67B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_2:*:*:*:*:*:*", + "matchCriteriaId": "8B057D81-7589-4007-9A0D-2D302B82F9CF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_3:*:*:*:*:*:*", + "matchCriteriaId": "6F0F2558-6990-43D7-9FE2-8E99D81B8269" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_4:*:*:*:*:*:*", + "matchCriteriaId": "11072673-C3AB-42EA-A26F-890DEE903D42" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:service_pack_5:*:*:*:*:*:*", + "matchCriteriaId": "134560B0-9746-4EC3-8DE3-26E53E2CAC6D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*", + "matchCriteriaId": "6F6A98ED-E694-4F39-95D0-C152BD1EC115" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_1:*:*:*:*:*:*", + "matchCriteriaId": "2CD6861A-D546-462F-8B22-FA76A4AF8A9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_2:*:*:*:*:*:*", + "matchCriteriaId": "324BB977-5AAC-4367-98FC-605FF4997B3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:service_pack_1:*:*:*:*:*:*", + "matchCriteriaId": "2BBA40AC-4619-434B-90CF-4D29A1CA6D86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*", + "matchCriteriaId": "96E84DBC-C740-4E23-8D1D-83C8AE49813E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.4.3.5", + "matchCriteriaId": "E04E0EDA-8E18-43C3-A0B2-DF45B7CE811D" + } + ] + } + ] } ], "references": [ { "url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2024-25605", - "source": "security@liferay.com" + "source": "security@liferay.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2024-25605", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-262xx/CVE-2024-26271.json b/CVE-2024/CVE-2024-262xx/CVE-2024-26271.json index 416798f70bb..a6cd33b3eea 100644 --- a/CVE-2024/CVE-2024-262xx/CVE-2024-26271.json +++ b/CVE-2024/CVE-2024-262xx/CVE-2024-26271.json @@ -2,7 +2,7 @@ "id": "CVE-2024-26271", "sourceIdentifier": "security@liferay.com", "published": "2024-10-22T15:15:05.523", - "lastModified": "2024-10-30T15:04:11.867", + "lastModified": "2024-12-10T21:07:04.467", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -88,6 +88,20 @@ "operator": "OR", "negate": false, "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2023.q3.1", + "versionEndExcluding": "2023.q3.6", + "matchCriteriaId": "935D404E-76A6-4405-8A74-0E70E50C3FCC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2023.q4.0", + "versionEndExcluding": "2023.q4.3", + "matchCriteriaId": "3758E9CF-12EC-4025-85BB-1D5EEA99359A" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update32:*:*:*:*:*:*", @@ -113,6 +127,31 @@ "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update75:*:*:*:*:*:*", "matchCriteriaId": "BB5558B0-6714-4B3A-B287-1943517A975A" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update76:*:*:*:*:*:*", + "matchCriteriaId": "7E325115-EEBC-41F4-8606-45270DA40B98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update77:*:*:*:*:*:*", + "matchCriteriaId": "848B2C72-447D-46E2-A5A7-43CF3764E578" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update78:*:*:*:*:*:*", + "matchCriteriaId": "26A0AF15-52A9-46FD-8157-359141332EAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update79:*:*:*:*:*:*", + "matchCriteriaId": "63D63872-C1D0-444F-BCC7-A514F323C256" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update80:*:*:*:*:*:*", + "matchCriteriaId": "9D9FA9AD-39D3-412A-B794-E1B29EEEEC4A" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update81:*:*:*:*:*:*", @@ -145,28 +184,33 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update92:*:*:*:*:*:*", - "matchCriteriaId": "865ABA1F-CA99-4602-B325-F81C9778855C" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update87:*:*:*:*:*:*", + "matchCriteriaId": "2A05FB86-332B-44E3-93CB-82465A38976E" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q3.1:*:*:*:*:*:*", - "matchCriteriaId": "1A13C2E9-9260-466E-9D98-0021CB2F41F8" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update88:*:*:*:*:*:*", + "matchCriteriaId": "7C754823-899C-4EEF-ACB7-E1551FA88B25" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q3.5:*:*:*:*:*:*", - "matchCriteriaId": "08FB7951-AEED-4B44-8504-ACA10D5B99B1" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update89:*:*:*:*:*:*", + "matchCriteriaId": "493D4C18-DEE2-4040-9C13-3A9AB2CE47BF" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q4.0:*:*:*:*:*:*", - "matchCriteriaId": "B6C54C71-6885-475B-939B-CEC309579BBA" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update90:*:*:*:*:*:*", + "matchCriteriaId": "8F17DD75-E63B-4E4C-B136-D43F17B389EF" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q4.2:*:*:*:*:*:*", - "matchCriteriaId": "4E4B4759-C7D4-4A33-B1B8-29869F60FEE3" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update91:*:*:*:*:*:*", + "matchCriteriaId": "62EE759A-78AD-40D6-8C5B-10403A8A4A89" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update92:*:*:*:*:*:*", + "matchCriteriaId": "865ABA1F-CA99-4602-B325-F81C9778855C" }, { "vulnerable": true, diff --git a/CVE-2024/CVE-2024-262xx/CVE-2024-26272.json b/CVE-2024/CVE-2024-262xx/CVE-2024-26272.json index 0994e1dd169..4010f932d39 100644 --- a/CVE-2024/CVE-2024-262xx/CVE-2024-26272.json +++ b/CVE-2024/CVE-2024-262xx/CVE-2024-26272.json @@ -2,7 +2,7 @@ "id": "CVE-2024-26272", "sourceIdentifier": "security@liferay.com", "published": "2024-10-22T15:15:05.740", - "lastModified": "2024-10-30T15:03:51.437", + "lastModified": "2024-12-10T21:07:02.180", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -88,16 +88,155 @@ "operator": "OR", "negate": false, "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2023.q3.1", + "versionEndExcluding": "2023.q3.6", + "matchCriteriaId": "935D404E-76A6-4405-8A74-0E70E50C3FCC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2023.q4.0", + "versionEndExcluding": "2023.q4.3", + "matchCriteriaId": "3758E9CF-12EC-4025-85BB-1D5EEA99359A" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*", "matchCriteriaId": "6F6A98ED-E694-4F39-95D0-C152BD1EC115" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_1:*:*:*:*:*:*", + "matchCriteriaId": "2CD6861A-D546-462F-8B22-FA76A4AF8A9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_2:*:*:*:*:*:*", + "matchCriteriaId": "324BB977-5AAC-4367-98FC-605FF4997B3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:service_pack_1:*:*:*:*:*:*", + "matchCriteriaId": "2BBA40AC-4619-434B-90CF-4D29A1CA6D86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:service_pack_3:*:*:*:*:*:*", + "matchCriteriaId": "728DF154-F19F-454C-87CA-1E755107F2A6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update10:*:*:*:*:*:*", + "matchCriteriaId": "AA984F92-4C6C-4049-A731-96F587B51E75" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update11:*:*:*:*:*:*", + "matchCriteriaId": "CADDF499-DDC4-4CEE-B512-404EA2024FCB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update12:*:*:*:*:*:*", + "matchCriteriaId": "9EC64246-1039-4009-B9BD-7828FA0FA1C5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update13:*:*:*:*:*:*", + "matchCriteriaId": "D9F352AE-AE22-4A84-94B6-6621D7E0BC59" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update14:*:*:*:*:*:*", "matchCriteriaId": "3E84D881-6D47-48FD-B743-9D531F5F7D5C" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update15:*:*:*:*:*:*", + "matchCriteriaId": "1F8A9DEC-2C27-4EBB-B684-8EBDB374CFCC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update16:*:*:*:*:*:*", + "matchCriteriaId": "C3E7B777-8026-4C8F-9353-B5504873E0F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update17:*:*:*:*:*:*", + "matchCriteriaId": "2207FEE5-2537-4C6E-AC9C-EC53DBF3C57E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update18:*:*:*:*:*:*", + "matchCriteriaId": "087A2B43-07CE-4B3D-B879-449631DDA8D7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update19:*:*:*:*:*:*", + "matchCriteriaId": "019CED83-6277-434C-839C-6C4E0C45FB1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update20:*:*:*:*:*:*", + "matchCriteriaId": "6C533124-74E6-4312-9AF7-6496DE2A5152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update21:*:*:*:*:*:*", + "matchCriteriaId": "8DDA248D-5F00-4FC1-B857-A7942BAA1F3E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update22:*:*:*:*:*:*", + "matchCriteriaId": "6C6BA174-69D4-43FC-9395-1B6306A44CDC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update23:*:*:*:*:*:*", + "matchCriteriaId": "A465C229-D3FB-43E9-87BE-119BEE9110F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update24:*:*:*:*:*:*", + "matchCriteriaId": "32E98546-CE96-4BB8-A11C-F7E850C155F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update25:*:*:*:*:*:*", + "matchCriteriaId": "DD43C626-F2F2-43BA-85AA-6ADAE8A6D11F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update26:*:*:*:*:*:*", + "matchCriteriaId": "5C72C0E0-7D0B-4E8F-A109-7BB5DCA1C8D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update27:*:*:*:*:*:*", + "matchCriteriaId": "7E796B04-FF54-4C02-979C-87E137A76F63" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update28:*:*:*:*:*:*", + "matchCriteriaId": "07C3D771-5E1B-46C4-AAF8-F425377582D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update29:*:*:*:*:*:*", + "matchCriteriaId": "B08F95DC-BE49-4717-B959-2BE8BD131953" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update30:*:*:*:*:*:*", + "matchCriteriaId": "E915FBC2-9BF7-4A99-B201-1F176D743494" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update31:*:*:*:*:*:*", + "matchCriteriaId": "E44E02C2-6F83-4525-BF9D-E82CE9A9880E" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update32:*:*:*:*:*:*", @@ -118,11 +257,436 @@ "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update35:*:*:*:*:*:*", "matchCriteriaId": "C6984AC8-461D-488F-A911-7BF1D12B44A5" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update4:*:*:*:*:*:*", + "matchCriteriaId": "AD408C73-7D78-4EB1-AA2C-F4A6D4DC980B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update5:*:*:*:*:*:*", + "matchCriteriaId": "513F3229-7C31-44EB-88F6-E564BE725853" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update6:*:*:*:*:*:*", + "matchCriteriaId": "76B9CD05-A10E-439C-9FDE-EA88EC3AF2C6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update7:*:*:*:*:*:*", + "matchCriteriaId": "A7D2D415-36AA-41B2-8FD9-21A98CDFE1EF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update8:*:*:*:*:*:*", + "matchCriteriaId": "124F2D2E-F8E7-4EDE-A98B-DD72FB43DF20" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update9:*:*:*:*:*:*", + "matchCriteriaId": "0DEE5985-289E-4138-B7C0-1E471BA7A1FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*", + "matchCriteriaId": "96E84DBC-C740-4E23-8D1D-83C8AE49813E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update1:*:*:*:*:*:*", + "matchCriteriaId": "8B1B2384-764F-43CC-8206-36DCBE9DDCBF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update10:*:*:*:*:*:*", + "matchCriteriaId": "C7B02106-D5EA-4A59-A959-CCE2AC8F55BC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update11:*:*:*:*:*:*", + "matchCriteriaId": "80204464-5DC5-4A52-B844-C833A96E6BD4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update12:*:*:*:*:*:*", + "matchCriteriaId": "6F8A5D02-0B45-4DA9-ACD8-42C1BFF62827" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update13:*:*:*:*:*:*", + "matchCriteriaId": "38DA7C99-AC2C-4B9A-B611-4697159E1D79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update14:*:*:*:*:*:*", + "matchCriteriaId": "F264AD07-D105-4F00-8920-6D8146E4FA63" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update15:*:*:*:*:*:*", + "matchCriteriaId": "C929CF16-4725-492A-872B-0928FE388FC9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update16:*:*:*:*:*:*", + "matchCriteriaId": "1B8750A1-E481-48D4-84F4-97D1ABE15B46" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update17:*:*:*:*:*:*", + "matchCriteriaId": "454F8410-D9AC-481E-841C-60F0DF2CC25E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update18:*:*:*:*:*:*", + "matchCriteriaId": "D1A442EE-460F-4823-B9EF-4421050F0847" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update19:*:*:*:*:*:*", + "matchCriteriaId": "608B205D-0B79-4D1C-B2C1-64C31DB1896E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update2:*:*:*:*:*:*", + "matchCriteriaId": "10B863B8-201D-494C-8175-168820996174" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update20:*:*:*:*:*:*", + "matchCriteriaId": "4427DC78-E80C-4057-A295-B0731437A99E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update21:*:*:*:*:*:*", + "matchCriteriaId": "22B6B8C1-1FF3-41BC-9576-16193AE20CC7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update22:*:*:*:*:*:*", + "matchCriteriaId": "DDA17F24-1A7E-4BEB-9C98-41761A2A36A2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update23:*:*:*:*:*:*", + "matchCriteriaId": "3B062851-CE6B-44F4-8222-422EC9872EC3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update24:*:*:*:*:*:*", + "matchCriteriaId": "D4687FDA-0078-4E89-ADD8-7EDDA68261A4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update25:*:*:*:*:*:*", + "matchCriteriaId": "7EA29B09-CC24-4063-96A5-96AA08C0886D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update26:*:*:*:*:*:*", + "matchCriteriaId": "331FC246-D3E9-4711-B305-BE51BF743CF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update27:*:*:*:*:*:*", + "matchCriteriaId": "A5823BC0-8C11-4C31-9E99-3C9D82918E2A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update28:*:*:*:*:*:*", + "matchCriteriaId": "E2E6CB66-1AE1-4626-8070-64C250ED8363" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update29:*:*:*:*:*:*", + "matchCriteriaId": "B63449AA-6831-4290-B1FA-0BB806820402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update3:*:*:*:*:*:*", + "matchCriteriaId": "CBF766CE-CBB8-472A-BAF0-BD39A7BCB4DE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update30:*:*:*:*:*:*", + "matchCriteriaId": "B3B169F6-B8B8-4612-AD7D-F75CC6A9297B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update31:*:*:*:*:*:*", + "matchCriteriaId": "12D46756-D26D-4877-ACE8-1C2721908428" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update32:*:*:*:*:*:*", + "matchCriteriaId": "5403DCEF-20C2-4568-8DF1-30804F522915" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update33:*:*:*:*:*:*", + "matchCriteriaId": "90E39742-90BE-4DEB-AB78-F9B8F7333F9A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update34:*:*:*:*:*:*", + "matchCriteriaId": "9D07DB20-9DCF-4C05-99D2-F6B37A082C14" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update35:*:*:*:*:*:*", + "matchCriteriaId": "341D1157-8118-4BD3-A902-36E90E066706" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update36:*:*:*:*:*:*", + "matchCriteriaId": "1AB71307-7EAA-436A-9CBC-5A94F034FB48" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update37:*:*:*:*:*:*", + "matchCriteriaId": "9446B3A5-6647-416C-92AF-7B6E0E929765" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update38:*:*:*:*:*:*", + "matchCriteriaId": "06386C7A-CAA1-4FC4-9182-5A66342FB903" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update39:*:*:*:*:*:*", + "matchCriteriaId": "8C84B701-B9A1-43D0-AF0C-30EDBD24CF90" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update4:*:*:*:*:*:*", + "matchCriteriaId": "182FAA46-D9FB-4170-B305-BAD0DF6E5DE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update40:*:*:*:*:*:*", + "matchCriteriaId": "BA9AF651-D118-4437-B400-531B26BF6801" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update41:*:*:*:*:*:*", + "matchCriteriaId": "2B256485-E289-4092-B45B-835DE12625B9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update42:*:*:*:*:*:*", + "matchCriteriaId": "119B54BD-75F4-46A4-A57D-16CFF4E12CEB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update43:*:*:*:*:*:*", + "matchCriteriaId": "A3382E2D-A414-40A1-A330-619859756A36" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update44:*:*:*:*:*:*", + "matchCriteriaId": "2E07B750-55B6-4DB6-B02B-216C2F5505A9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update45:*:*:*:*:*:*", + "matchCriteriaId": "B921E670-480F-4793-A636-3855A1654908" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update46:*:*:*:*:*:*", + "matchCriteriaId": "62AE52FE-FB7F-4339-BDDE-E5AD235BBC58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update47:*:*:*:*:*:*", + "matchCriteriaId": "C99508DB-19E9-4832-AB38-57C61C7D68BC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update48:*:*:*:*:*:*", + "matchCriteriaId": "67F50AF8-7B0E-4D01-9EB2-C6625E9DACB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update49:*:*:*:*:*:*", + "matchCriteriaId": "131E4E65-D997-47F1-8CB8-15CE6A60AB1D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update5:*:*:*:*:*:*", + "matchCriteriaId": "DF1BB9E6-D690-4C12-AEF0-4BD712869CBA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update50:*:*:*:*:*:*", + "matchCriteriaId": "CCD1DEA0-8823-4780-B5EE-C1A2BB3C6B4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update51:*:*:*:*:*:*", + "matchCriteriaId": "94AC684E-3C5F-4859-B6EB-42C478F9DD11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update52:*:*:*:*:*:*", + "matchCriteriaId": "DC6FF5AB-B6E4-45D9-854B-29DEC200DA4D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update53:*:*:*:*:*:*", + "matchCriteriaId": "9855E3CB-925E-4623-A776-59422AB2FC6A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update54:*:*:*:*:*:*", + "matchCriteriaId": "01C3B7BE-1F9B-4EDA-990C-A4022CB85612" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update55:*:*:*:*:*:*", + "matchCriteriaId": "65CF766C-626D-4F8C-BDBF-F0C5404DD545" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update56:*:*:*:*:*:*", + "matchCriteriaId": "720EF24C-9A36-405B-A380-6114C150B376" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update57:*:*:*:*:*:*", + "matchCriteriaId": "44479EF5-40BD-43A2-AD0F-CE1660222AB2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update58:*:*:*:*:*:*", + "matchCriteriaId": "B8E0BD92-0F77-481E-8167-F81755E00703" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update59:*:*:*:*:*:*", + "matchCriteriaId": "2BDB885E-814A-4CA8-A81C-1DB35989089B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update6:*:*:*:*:*:*", + "matchCriteriaId": "653A0452-070F-4312-B94A-F5BCB01B9BDC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update60:*:*:*:*:*:*", + "matchCriteriaId": "B73DA1AE-C62F-4E62-AA98-5697656825F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update61:*:*:*:*:*:*", + "matchCriteriaId": "D49DEE85-4DDB-4EF4-9F4D-11E7C1364055" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update62:*:*:*:*:*:*", + "matchCriteriaId": "365F28B6-DBF2-45BB-A06D-DD80CFBAD7BD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update63:*:*:*:*:*:*", + "matchCriteriaId": "5FDAD47C-C2DA-4533-AA58-DD6EC09A580A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update64:*:*:*:*:*:*", + "matchCriteriaId": "5F81F36F-B20F-48B3-A1F2-3D319A34176B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update65:*:*:*:*:*:*", + "matchCriteriaId": "754329CD-30B7-4410-A371-56A7C261B61B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update66:*:*:*:*:*:*", + "matchCriteriaId": "C9445405-6B94-4DD1-BA94-B600AA316BB7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update67:*:*:*:*:*:*", + "matchCriteriaId": "960F3F22-9CC8-4655-9B09-777E5A5A1239" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update68:*:*:*:*:*:*", + "matchCriteriaId": "D2B77C89-7F33-47A0-B6BF-473366033BEA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update69:*:*:*:*:*:*", + "matchCriteriaId": "8183B9D5-1C4D-4D30-BD85-13850FF34CB2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update7:*:*:*:*:*:*", + "matchCriteriaId": "15B67345-D0AF-4BFD-A62D-870F75306A4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update70:*:*:*:*:*:*", + "matchCriteriaId": "1675366A-2388-4F7E-B423-D39BC7D3D38D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update71:*:*:*:*:*:*", + "matchCriteriaId": "B93C3CF2-4F45-4F6C-AB6D-F9ABDA7C4DA8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update72:*:*:*:*:*:*", + "matchCriteriaId": "34A6A6A0-9307-4F5D-9605-1F786D1CD62A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update73:*:*:*:*:*:*", + "matchCriteriaId": "6B994132-7103-4132-9D90-11CA264FEDE3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update74:*:*:*:*:*:*", + "matchCriteriaId": "A1958E04-AB8A-4B0E-AB45-B810CAED2EEF" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update75:*:*:*:*:*:*", "matchCriteriaId": "BB5558B0-6714-4B3A-B287-1943517A975A" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update76:*:*:*:*:*:*", + "matchCriteriaId": "7E325115-EEBC-41F4-8606-45270DA40B98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update77:*:*:*:*:*:*", + "matchCriteriaId": "848B2C72-447D-46E2-A5A7-43CF3764E578" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update78:*:*:*:*:*:*", + "matchCriteriaId": "26A0AF15-52A9-46FD-8157-359141332EAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update79:*:*:*:*:*:*", + "matchCriteriaId": "63D63872-C1D0-444F-BCC7-A514F323C256" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update8:*:*:*:*:*:*", + "matchCriteriaId": "DE1F4262-A054-48CC-BF1D-AA77A94FFFE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update80:*:*:*:*:*:*", + "matchCriteriaId": "9D9FA9AD-39D3-412A-B794-E1B29EEEEC4A" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update81:*:*:*:*:*:*", @@ -155,28 +719,38 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update92:*:*:*:*:*:*", - "matchCriteriaId": "865ABA1F-CA99-4602-B325-F81C9778855C" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update87:*:*:*:*:*:*", + "matchCriteriaId": "2A05FB86-332B-44E3-93CB-82465A38976E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update88:*:*:*:*:*:*", + "matchCriteriaId": "7C754823-899C-4EEF-ACB7-E1551FA88B25" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q3.1:*:*:*:*:*:*", - "matchCriteriaId": "1A13C2E9-9260-466E-9D98-0021CB2F41F8" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update89:*:*:*:*:*:*", + "matchCriteriaId": "493D4C18-DEE2-4040-9C13-3A9AB2CE47BF" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q3.5:*:*:*:*:*:*", - "matchCriteriaId": "08FB7951-AEED-4B44-8504-ACA10D5B99B1" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update9:*:*:*:*:*:*", + "matchCriteriaId": "D176CECA-2821-49EA-86EC-1184C133C0A3" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q4.0:*:*:*:*:*:*", - "matchCriteriaId": "B6C54C71-6885-475B-939B-CEC309579BBA" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update90:*:*:*:*:*:*", + "matchCriteriaId": "8F17DD75-E63B-4E4C-B136-D43F17B389EF" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q4.2:*:*:*:*:*:*", - "matchCriteriaId": "4E4B4759-C7D4-4A33-B1B8-29869F60FEE3" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update91:*:*:*:*:*:*", + "matchCriteriaId": "62EE759A-78AD-40D6-8C5B-10403A8A4A89" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update92:*:*:*:*:*:*", + "matchCriteriaId": "865ABA1F-CA99-4602-B325-F81C9778855C" }, { "vulnerable": true, diff --git a/CVE-2024/CVE-2024-262xx/CVE-2024-26273.json b/CVE-2024/CVE-2024-262xx/CVE-2024-26273.json index 606dc0c443f..5220a0b7d73 100644 --- a/CVE-2024/CVE-2024-262xx/CVE-2024-26273.json +++ b/CVE-2024/CVE-2024-262xx/CVE-2024-26273.json @@ -2,7 +2,7 @@ "id": "CVE-2024-26273", "sourceIdentifier": "security@liferay.com", "published": "2024-10-22T15:15:05.937", - "lastModified": "2024-10-30T15:03:35.040", + "lastModified": "2024-12-10T21:07:07.587", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -88,11 +88,35 @@ "operator": "OR", "negate": false, "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2023.q3.1", + "versionEndExcluding": "2023.q3.6", + "matchCriteriaId": "935D404E-76A6-4405-8A74-0E70E50C3FCC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2023.q4.0", + "versionEndExcluding": "2023.q4.3", + "matchCriteriaId": "3758E9CF-12EC-4025-85BB-1D5EEA99359A" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update29:*:*:*:*:*:*", "matchCriteriaId": "B08F95DC-BE49-4717-B959-2BE8BD131953" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update30:*:*:*:*:*:*", + "matchCriteriaId": "E915FBC2-9BF7-4A99-B201-1F176D743494" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update31:*:*:*:*:*:*", + "matchCriteriaId": "E44E02C2-6F83-4525-BF9D-E82CE9A9880E" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update32:*:*:*:*:*:*", @@ -120,23 +144,463 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q3.1:*:*:*:*:*:*", - "matchCriteriaId": "1A13C2E9-9260-466E-9D98-0021CB2F41F8" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update1:*:*:*:*:*:*", + "matchCriteriaId": "8B1B2384-764F-43CC-8206-36DCBE9DDCBF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update10:*:*:*:*:*:*", + "matchCriteriaId": "C7B02106-D5EA-4A59-A959-CCE2AC8F55BC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update11:*:*:*:*:*:*", + "matchCriteriaId": "80204464-5DC5-4A52-B844-C833A96E6BD4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update12:*:*:*:*:*:*", + "matchCriteriaId": "6F8A5D02-0B45-4DA9-ACD8-42C1BFF62827" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update13:*:*:*:*:*:*", + "matchCriteriaId": "38DA7C99-AC2C-4B9A-B611-4697159E1D79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update14:*:*:*:*:*:*", + "matchCriteriaId": "F264AD07-D105-4F00-8920-6D8146E4FA63" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update15:*:*:*:*:*:*", + "matchCriteriaId": "C929CF16-4725-492A-872B-0928FE388FC9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update16:*:*:*:*:*:*", + "matchCriteriaId": "1B8750A1-E481-48D4-84F4-97D1ABE15B46" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update17:*:*:*:*:*:*", + "matchCriteriaId": "454F8410-D9AC-481E-841C-60F0DF2CC25E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update18:*:*:*:*:*:*", + "matchCriteriaId": "D1A442EE-460F-4823-B9EF-4421050F0847" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update19:*:*:*:*:*:*", + "matchCriteriaId": "608B205D-0B79-4D1C-B2C1-64C31DB1896E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update2:*:*:*:*:*:*", + "matchCriteriaId": "10B863B8-201D-494C-8175-168820996174" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update20:*:*:*:*:*:*", + "matchCriteriaId": "4427DC78-E80C-4057-A295-B0731437A99E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update21:*:*:*:*:*:*", + "matchCriteriaId": "22B6B8C1-1FF3-41BC-9576-16193AE20CC7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update22:*:*:*:*:*:*", + "matchCriteriaId": "DDA17F24-1A7E-4BEB-9C98-41761A2A36A2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update23:*:*:*:*:*:*", + "matchCriteriaId": "3B062851-CE6B-44F4-8222-422EC9872EC3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update24:*:*:*:*:*:*", + "matchCriteriaId": "D4687FDA-0078-4E89-ADD8-7EDDA68261A4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update25:*:*:*:*:*:*", + "matchCriteriaId": "7EA29B09-CC24-4063-96A5-96AA08C0886D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update26:*:*:*:*:*:*", + "matchCriteriaId": "331FC246-D3E9-4711-B305-BE51BF743CF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update27:*:*:*:*:*:*", + "matchCriteriaId": "A5823BC0-8C11-4C31-9E99-3C9D82918E2A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update28:*:*:*:*:*:*", + "matchCriteriaId": "E2E6CB66-1AE1-4626-8070-64C250ED8363" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update29:*:*:*:*:*:*", + "matchCriteriaId": "B63449AA-6831-4290-B1FA-0BB806820402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update3:*:*:*:*:*:*", + "matchCriteriaId": "CBF766CE-CBB8-472A-BAF0-BD39A7BCB4DE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update30:*:*:*:*:*:*", + "matchCriteriaId": "B3B169F6-B8B8-4612-AD7D-F75CC6A9297B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update31:*:*:*:*:*:*", + "matchCriteriaId": "12D46756-D26D-4877-ACE8-1C2721908428" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update32:*:*:*:*:*:*", + "matchCriteriaId": "5403DCEF-20C2-4568-8DF1-30804F522915" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update33:*:*:*:*:*:*", + "matchCriteriaId": "90E39742-90BE-4DEB-AB78-F9B8F7333F9A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update34:*:*:*:*:*:*", + "matchCriteriaId": "9D07DB20-9DCF-4C05-99D2-F6B37A082C14" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update35:*:*:*:*:*:*", + "matchCriteriaId": "341D1157-8118-4BD3-A902-36E90E066706" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update36:*:*:*:*:*:*", + "matchCriteriaId": "1AB71307-7EAA-436A-9CBC-5A94F034FB48" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update37:*:*:*:*:*:*", + "matchCriteriaId": "9446B3A5-6647-416C-92AF-7B6E0E929765" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update38:*:*:*:*:*:*", + "matchCriteriaId": "06386C7A-CAA1-4FC4-9182-5A66342FB903" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update39:*:*:*:*:*:*", + "matchCriteriaId": "8C84B701-B9A1-43D0-AF0C-30EDBD24CF90" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update4:*:*:*:*:*:*", + "matchCriteriaId": "182FAA46-D9FB-4170-B305-BAD0DF6E5DE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update40:*:*:*:*:*:*", + "matchCriteriaId": "BA9AF651-D118-4437-B400-531B26BF6801" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update41:*:*:*:*:*:*", + "matchCriteriaId": "2B256485-E289-4092-B45B-835DE12625B9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update42:*:*:*:*:*:*", + "matchCriteriaId": "119B54BD-75F4-46A4-A57D-16CFF4E12CEB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update43:*:*:*:*:*:*", + "matchCriteriaId": "A3382E2D-A414-40A1-A330-619859756A36" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update44:*:*:*:*:*:*", + "matchCriteriaId": "2E07B750-55B6-4DB6-B02B-216C2F5505A9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update45:*:*:*:*:*:*", + "matchCriteriaId": "B921E670-480F-4793-A636-3855A1654908" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update46:*:*:*:*:*:*", + "matchCriteriaId": "62AE52FE-FB7F-4339-BDDE-E5AD235BBC58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update47:*:*:*:*:*:*", + "matchCriteriaId": "C99508DB-19E9-4832-AB38-57C61C7D68BC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update48:*:*:*:*:*:*", + "matchCriteriaId": "67F50AF8-7B0E-4D01-9EB2-C6625E9DACB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update49:*:*:*:*:*:*", + "matchCriteriaId": "131E4E65-D997-47F1-8CB8-15CE6A60AB1D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update5:*:*:*:*:*:*", + "matchCriteriaId": "DF1BB9E6-D690-4C12-AEF0-4BD712869CBA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update50:*:*:*:*:*:*", + "matchCriteriaId": "CCD1DEA0-8823-4780-B5EE-C1A2BB3C6B4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update51:*:*:*:*:*:*", + "matchCriteriaId": "94AC684E-3C5F-4859-B6EB-42C478F9DD11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update52:*:*:*:*:*:*", + "matchCriteriaId": "DC6FF5AB-B6E4-45D9-854B-29DEC200DA4D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update53:*:*:*:*:*:*", + "matchCriteriaId": "9855E3CB-925E-4623-A776-59422AB2FC6A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update54:*:*:*:*:*:*", + "matchCriteriaId": "01C3B7BE-1F9B-4EDA-990C-A4022CB85612" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update55:*:*:*:*:*:*", + "matchCriteriaId": "65CF766C-626D-4F8C-BDBF-F0C5404DD545" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update56:*:*:*:*:*:*", + "matchCriteriaId": "720EF24C-9A36-405B-A380-6114C150B376" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update57:*:*:*:*:*:*", + "matchCriteriaId": "44479EF5-40BD-43A2-AD0F-CE1660222AB2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update58:*:*:*:*:*:*", + "matchCriteriaId": "B8E0BD92-0F77-481E-8167-F81755E00703" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update59:*:*:*:*:*:*", + "matchCriteriaId": "2BDB885E-814A-4CA8-A81C-1DB35989089B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update6:*:*:*:*:*:*", + "matchCriteriaId": "653A0452-070F-4312-B94A-F5BCB01B9BDC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update60:*:*:*:*:*:*", + "matchCriteriaId": "B73DA1AE-C62F-4E62-AA98-5697656825F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update61:*:*:*:*:*:*", + "matchCriteriaId": "D49DEE85-4DDB-4EF4-9F4D-11E7C1364055" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update62:*:*:*:*:*:*", + "matchCriteriaId": "365F28B6-DBF2-45BB-A06D-DD80CFBAD7BD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update63:*:*:*:*:*:*", + "matchCriteriaId": "5FDAD47C-C2DA-4533-AA58-DD6EC09A580A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update64:*:*:*:*:*:*", + "matchCriteriaId": "5F81F36F-B20F-48B3-A1F2-3D319A34176B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update65:*:*:*:*:*:*", + "matchCriteriaId": "754329CD-30B7-4410-A371-56A7C261B61B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update66:*:*:*:*:*:*", + "matchCriteriaId": "C9445405-6B94-4DD1-BA94-B600AA316BB7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update67:*:*:*:*:*:*", + "matchCriteriaId": "960F3F22-9CC8-4655-9B09-777E5A5A1239" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update68:*:*:*:*:*:*", + "matchCriteriaId": "D2B77C89-7F33-47A0-B6BF-473366033BEA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update69:*:*:*:*:*:*", + "matchCriteriaId": "8183B9D5-1C4D-4D30-BD85-13850FF34CB2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update7:*:*:*:*:*:*", + "matchCriteriaId": "15B67345-D0AF-4BFD-A62D-870F75306A4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update70:*:*:*:*:*:*", + "matchCriteriaId": "1675366A-2388-4F7E-B423-D39BC7D3D38D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update71:*:*:*:*:*:*", + "matchCriteriaId": "B93C3CF2-4F45-4F6C-AB6D-F9ABDA7C4DA8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update72:*:*:*:*:*:*", + "matchCriteriaId": "34A6A6A0-9307-4F5D-9605-1F786D1CD62A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update73:*:*:*:*:*:*", + "matchCriteriaId": "6B994132-7103-4132-9D90-11CA264FEDE3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update74:*:*:*:*:*:*", + "matchCriteriaId": "A1958E04-AB8A-4B0E-AB45-B810CAED2EEF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update75:*:*:*:*:*:*", + "matchCriteriaId": "BB5558B0-6714-4B3A-B287-1943517A975A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update76:*:*:*:*:*:*", + "matchCriteriaId": "7E325115-EEBC-41F4-8606-45270DA40B98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update77:*:*:*:*:*:*", + "matchCriteriaId": "848B2C72-447D-46E2-A5A7-43CF3764E578" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update78:*:*:*:*:*:*", + "matchCriteriaId": "26A0AF15-52A9-46FD-8157-359141332EAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update79:*:*:*:*:*:*", + "matchCriteriaId": "63D63872-C1D0-444F-BCC7-A514F323C256" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update8:*:*:*:*:*:*", + "matchCriteriaId": "DE1F4262-A054-48CC-BF1D-AA77A94FFFE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update80:*:*:*:*:*:*", + "matchCriteriaId": "9D9FA9AD-39D3-412A-B794-E1B29EEEEC4A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update81:*:*:*:*:*:*", + "matchCriteriaId": "294D8A56-A797-433C-A06E-106B2179151A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update82:*:*:*:*:*:*", + "matchCriteriaId": "824D88D9-4645-4CAD-8CAB-30F27DD388C4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update83:*:*:*:*:*:*", + "matchCriteriaId": "F6E8C952-B455-46E4-AC3D-D38CAF189F60" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update84:*:*:*:*:*:*", + "matchCriteriaId": "CD77C0EE-AC79-4443-A502-C1E02F806911" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update85:*:*:*:*:*:*", + "matchCriteriaId": "648EB53C-7A90-4DA6-BF1C-B5336CDE30C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update86:*:*:*:*:*:*", + "matchCriteriaId": "39835EF7-8E93-4695-973D-6E9B76C67372" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update87:*:*:*:*:*:*", + "matchCriteriaId": "2A05FB86-332B-44E3-93CB-82465A38976E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update88:*:*:*:*:*:*", + "matchCriteriaId": "7C754823-899C-4EEF-ACB7-E1551FA88B25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update89:*:*:*:*:*:*", + "matchCriteriaId": "493D4C18-DEE2-4040-9C13-3A9AB2CE47BF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update9:*:*:*:*:*:*", + "matchCriteriaId": "D176CECA-2821-49EA-86EC-1184C133C0A3" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q3.5:*:*:*:*:*:*", - "matchCriteriaId": "08FB7951-AEED-4B44-8504-ACA10D5B99B1" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update90:*:*:*:*:*:*", + "matchCriteriaId": "8F17DD75-E63B-4E4C-B136-D43F17B389EF" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q4.0:*:*:*:*:*:*", - "matchCriteriaId": "B6C54C71-6885-475B-939B-CEC309579BBA" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update91:*:*:*:*:*:*", + "matchCriteriaId": "62EE759A-78AD-40D6-8C5B-10403A8A4A89" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q4.2:*:*:*:*:*:*", - "matchCriteriaId": "4E4B4759-C7D4-4A33-B1B8-29869F60FEE3" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update92:*:*:*:*:*:*", + "matchCriteriaId": "865ABA1F-CA99-4602-B325-F81C9778855C" }, { "vulnerable": true, diff --git a/CVE-2024/CVE-2024-380xx/CVE-2024-38002.json b/CVE-2024/CVE-2024-380xx/CVE-2024-38002.json index 714abf742ba..78a188126d5 100644 --- a/CVE-2024/CVE-2024-380xx/CVE-2024-38002.json +++ b/CVE-2024/CVE-2024-380xx/CVE-2024-38002.json @@ -2,7 +2,7 @@ "id": "CVE-2024-38002", "sourceIdentifier": "security@liferay.com", "published": "2024-10-22T15:15:06.277", - "lastModified": "2024-10-30T14:47:10.953", + "lastModified": "2024-12-10T21:06:57.970", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -88,11 +88,210 @@ "operator": "OR", "negate": false, "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2023.q3.1", + "versionEndExcluding": "2023.q3.9", + "matchCriteriaId": "C3ED7CF1-6D8A-40F7-A009-F3A800F955BD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2023.q4.0", + "versionEndExcluding": "2023.q4.6", + "matchCriteriaId": "7C41E249-91C4-4B2D-A8D2-C953A463E14F" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*", "matchCriteriaId": "6F6A98ED-E694-4F39-95D0-C152BD1EC115" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_1:*:*:*:*:*:*", + "matchCriteriaId": "2CD6861A-D546-462F-8B22-FA76A4AF8A9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_2:*:*:*:*:*:*", + "matchCriteriaId": "324BB977-5AAC-4367-98FC-605FF4997B3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:service_pack_1:*:*:*:*:*:*", + "matchCriteriaId": "2BBA40AC-4619-434B-90CF-4D29A1CA6D86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:service_pack_3:*:*:*:*:*:*", + "matchCriteriaId": "728DF154-F19F-454C-87CA-1E755107F2A6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update10:*:*:*:*:*:*", + "matchCriteriaId": "AA984F92-4C6C-4049-A731-96F587B51E75" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update11:*:*:*:*:*:*", + "matchCriteriaId": "CADDF499-DDC4-4CEE-B512-404EA2024FCB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update12:*:*:*:*:*:*", + "matchCriteriaId": "9EC64246-1039-4009-B9BD-7828FA0FA1C5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update13:*:*:*:*:*:*", + "matchCriteriaId": "D9F352AE-AE22-4A84-94B6-6621D7E0BC59" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update14:*:*:*:*:*:*", + "matchCriteriaId": "3E84D881-6D47-48FD-B743-9D531F5F7D5C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update15:*:*:*:*:*:*", + "matchCriteriaId": "1F8A9DEC-2C27-4EBB-B684-8EBDB374CFCC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update16:*:*:*:*:*:*", + "matchCriteriaId": "C3E7B777-8026-4C8F-9353-B5504873E0F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update17:*:*:*:*:*:*", + "matchCriteriaId": "2207FEE5-2537-4C6E-AC9C-EC53DBF3C57E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update18:*:*:*:*:*:*", + "matchCriteriaId": "087A2B43-07CE-4B3D-B879-449631DDA8D7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update19:*:*:*:*:*:*", + "matchCriteriaId": "019CED83-6277-434C-839C-6C4E0C45FB1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update20:*:*:*:*:*:*", + "matchCriteriaId": "6C533124-74E6-4312-9AF7-6496DE2A5152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update21:*:*:*:*:*:*", + "matchCriteriaId": "8DDA248D-5F00-4FC1-B857-A7942BAA1F3E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update22:*:*:*:*:*:*", + "matchCriteriaId": "6C6BA174-69D4-43FC-9395-1B6306A44CDC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update23:*:*:*:*:*:*", + "matchCriteriaId": "A465C229-D3FB-43E9-87BE-119BEE9110F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update24:*:*:*:*:*:*", + "matchCriteriaId": "32E98546-CE96-4BB8-A11C-F7E850C155F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update25:*:*:*:*:*:*", + "matchCriteriaId": "DD43C626-F2F2-43BA-85AA-6ADAE8A6D11F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update26:*:*:*:*:*:*", + "matchCriteriaId": "5C72C0E0-7D0B-4E8F-A109-7BB5DCA1C8D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update27:*:*:*:*:*:*", + "matchCriteriaId": "7E796B04-FF54-4C02-979C-87E137A76F63" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update28:*:*:*:*:*:*", + "matchCriteriaId": "07C3D771-5E1B-46C4-AAF8-F425377582D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update29:*:*:*:*:*:*", + "matchCriteriaId": "B08F95DC-BE49-4717-B959-2BE8BD131953" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update30:*:*:*:*:*:*", + "matchCriteriaId": "E915FBC2-9BF7-4A99-B201-1F176D743494" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update31:*:*:*:*:*:*", + "matchCriteriaId": "E44E02C2-6F83-4525-BF9D-E82CE9A9880E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update32:*:*:*:*:*:*", + "matchCriteriaId": "660F37C6-61E6-4C34-8A7E-99C7DBEB8319" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update33:*:*:*:*:*:*", + "matchCriteriaId": "5AD8D0D3-31AC-41E5-A780-5D5B18BF6991" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update34:*:*:*:*:*:*", + "matchCriteriaId": "02D4C998-77F5-4428-A7B9-F7D909E23E92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update35:*:*:*:*:*:*", + "matchCriteriaId": "C6984AC8-461D-488F-A911-7BF1D12B44A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update36:*:*:*:*:*:*", + "matchCriteriaId": "E7FBF515-C800-41F3-9A0E-E850BE09FA93" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update4:*:*:*:*:*:*", + "matchCriteriaId": "AD408C73-7D78-4EB1-AA2C-F4A6D4DC980B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update5:*:*:*:*:*:*", + "matchCriteriaId": "513F3229-7C31-44EB-88F6-E564BE725853" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update6:*:*:*:*:*:*", + "matchCriteriaId": "76B9CD05-A10E-439C-9FDE-EA88EC3AF2C6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update7:*:*:*:*:*:*", + "matchCriteriaId": "A7D2D415-36AA-41B2-8FD9-21A98CDFE1EF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update8:*:*:*:*:*:*", + "matchCriteriaId": "124F2D2E-F8E7-4EDE-A98B-DD72FB43DF20" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update9:*:*:*:*:*:*", + "matchCriteriaId": "0DEE5985-289E-4138-B7C0-1E471BA7A1FD" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*", @@ -100,23 +299,463 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q3.1:*:*:*:*:*:*", - "matchCriteriaId": "1A13C2E9-9260-466E-9D98-0021CB2F41F8" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update1:*:*:*:*:*:*", + "matchCriteriaId": "8B1B2384-764F-43CC-8206-36DCBE9DDCBF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update10:*:*:*:*:*:*", + "matchCriteriaId": "C7B02106-D5EA-4A59-A959-CCE2AC8F55BC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update11:*:*:*:*:*:*", + "matchCriteriaId": "80204464-5DC5-4A52-B844-C833A96E6BD4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update12:*:*:*:*:*:*", + "matchCriteriaId": "6F8A5D02-0B45-4DA9-ACD8-42C1BFF62827" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update13:*:*:*:*:*:*", + "matchCriteriaId": "38DA7C99-AC2C-4B9A-B611-4697159E1D79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update14:*:*:*:*:*:*", + "matchCriteriaId": "F264AD07-D105-4F00-8920-6D8146E4FA63" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update15:*:*:*:*:*:*", + "matchCriteriaId": "C929CF16-4725-492A-872B-0928FE388FC9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update16:*:*:*:*:*:*", + "matchCriteriaId": "1B8750A1-E481-48D4-84F4-97D1ABE15B46" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update17:*:*:*:*:*:*", + "matchCriteriaId": "454F8410-D9AC-481E-841C-60F0DF2CC25E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update18:*:*:*:*:*:*", + "matchCriteriaId": "D1A442EE-460F-4823-B9EF-4421050F0847" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update19:*:*:*:*:*:*", + "matchCriteriaId": "608B205D-0B79-4D1C-B2C1-64C31DB1896E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update2:*:*:*:*:*:*", + "matchCriteriaId": "10B863B8-201D-494C-8175-168820996174" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update20:*:*:*:*:*:*", + "matchCriteriaId": "4427DC78-E80C-4057-A295-B0731437A99E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update21:*:*:*:*:*:*", + "matchCriteriaId": "22B6B8C1-1FF3-41BC-9576-16193AE20CC7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update22:*:*:*:*:*:*", + "matchCriteriaId": "DDA17F24-1A7E-4BEB-9C98-41761A2A36A2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update23:*:*:*:*:*:*", + "matchCriteriaId": "3B062851-CE6B-44F4-8222-422EC9872EC3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update24:*:*:*:*:*:*", + "matchCriteriaId": "D4687FDA-0078-4E89-ADD8-7EDDA68261A4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update25:*:*:*:*:*:*", + "matchCriteriaId": "7EA29B09-CC24-4063-96A5-96AA08C0886D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update26:*:*:*:*:*:*", + "matchCriteriaId": "331FC246-D3E9-4711-B305-BE51BF743CF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update27:*:*:*:*:*:*", + "matchCriteriaId": "A5823BC0-8C11-4C31-9E99-3C9D82918E2A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update28:*:*:*:*:*:*", + "matchCriteriaId": "E2E6CB66-1AE1-4626-8070-64C250ED8363" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update29:*:*:*:*:*:*", + "matchCriteriaId": "B63449AA-6831-4290-B1FA-0BB806820402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update3:*:*:*:*:*:*", + "matchCriteriaId": "CBF766CE-CBB8-472A-BAF0-BD39A7BCB4DE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update30:*:*:*:*:*:*", + "matchCriteriaId": "B3B169F6-B8B8-4612-AD7D-F75CC6A9297B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update31:*:*:*:*:*:*", + "matchCriteriaId": "12D46756-D26D-4877-ACE8-1C2721908428" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update32:*:*:*:*:*:*", + "matchCriteriaId": "5403DCEF-20C2-4568-8DF1-30804F522915" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update33:*:*:*:*:*:*", + "matchCriteriaId": "90E39742-90BE-4DEB-AB78-F9B8F7333F9A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update34:*:*:*:*:*:*", + "matchCriteriaId": "9D07DB20-9DCF-4C05-99D2-F6B37A082C14" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update35:*:*:*:*:*:*", + "matchCriteriaId": "341D1157-8118-4BD3-A902-36E90E066706" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update36:*:*:*:*:*:*", + "matchCriteriaId": "1AB71307-7EAA-436A-9CBC-5A94F034FB48" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update37:*:*:*:*:*:*", + "matchCriteriaId": "9446B3A5-6647-416C-92AF-7B6E0E929765" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update38:*:*:*:*:*:*", + "matchCriteriaId": "06386C7A-CAA1-4FC4-9182-5A66342FB903" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update39:*:*:*:*:*:*", + "matchCriteriaId": "8C84B701-B9A1-43D0-AF0C-30EDBD24CF90" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update4:*:*:*:*:*:*", + "matchCriteriaId": "182FAA46-D9FB-4170-B305-BAD0DF6E5DE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update40:*:*:*:*:*:*", + "matchCriteriaId": "BA9AF651-D118-4437-B400-531B26BF6801" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update41:*:*:*:*:*:*", + "matchCriteriaId": "2B256485-E289-4092-B45B-835DE12625B9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update42:*:*:*:*:*:*", + "matchCriteriaId": "119B54BD-75F4-46A4-A57D-16CFF4E12CEB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update43:*:*:*:*:*:*", + "matchCriteriaId": "A3382E2D-A414-40A1-A330-619859756A36" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update44:*:*:*:*:*:*", + "matchCriteriaId": "2E07B750-55B6-4DB6-B02B-216C2F5505A9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update45:*:*:*:*:*:*", + "matchCriteriaId": "B921E670-480F-4793-A636-3855A1654908" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update46:*:*:*:*:*:*", + "matchCriteriaId": "62AE52FE-FB7F-4339-BDDE-E5AD235BBC58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update47:*:*:*:*:*:*", + "matchCriteriaId": "C99508DB-19E9-4832-AB38-57C61C7D68BC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update48:*:*:*:*:*:*", + "matchCriteriaId": "67F50AF8-7B0E-4D01-9EB2-C6625E9DACB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update49:*:*:*:*:*:*", + "matchCriteriaId": "131E4E65-D997-47F1-8CB8-15CE6A60AB1D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update5:*:*:*:*:*:*", + "matchCriteriaId": "DF1BB9E6-D690-4C12-AEF0-4BD712869CBA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update50:*:*:*:*:*:*", + "matchCriteriaId": "CCD1DEA0-8823-4780-B5EE-C1A2BB3C6B4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update51:*:*:*:*:*:*", + "matchCriteriaId": "94AC684E-3C5F-4859-B6EB-42C478F9DD11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update52:*:*:*:*:*:*", + "matchCriteriaId": "DC6FF5AB-B6E4-45D9-854B-29DEC200DA4D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update53:*:*:*:*:*:*", + "matchCriteriaId": "9855E3CB-925E-4623-A776-59422AB2FC6A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update54:*:*:*:*:*:*", + "matchCriteriaId": "01C3B7BE-1F9B-4EDA-990C-A4022CB85612" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update55:*:*:*:*:*:*", + "matchCriteriaId": "65CF766C-626D-4F8C-BDBF-F0C5404DD545" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update56:*:*:*:*:*:*", + "matchCriteriaId": "720EF24C-9A36-405B-A380-6114C150B376" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update57:*:*:*:*:*:*", + "matchCriteriaId": "44479EF5-40BD-43A2-AD0F-CE1660222AB2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update58:*:*:*:*:*:*", + "matchCriteriaId": "B8E0BD92-0F77-481E-8167-F81755E00703" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update59:*:*:*:*:*:*", + "matchCriteriaId": "2BDB885E-814A-4CA8-A81C-1DB35989089B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update6:*:*:*:*:*:*", + "matchCriteriaId": "653A0452-070F-4312-B94A-F5BCB01B9BDC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update60:*:*:*:*:*:*", + "matchCriteriaId": "B73DA1AE-C62F-4E62-AA98-5697656825F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update61:*:*:*:*:*:*", + "matchCriteriaId": "D49DEE85-4DDB-4EF4-9F4D-11E7C1364055" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update62:*:*:*:*:*:*", + "matchCriteriaId": "365F28B6-DBF2-45BB-A06D-DD80CFBAD7BD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update63:*:*:*:*:*:*", + "matchCriteriaId": "5FDAD47C-C2DA-4533-AA58-DD6EC09A580A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update64:*:*:*:*:*:*", + "matchCriteriaId": "5F81F36F-B20F-48B3-A1F2-3D319A34176B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update65:*:*:*:*:*:*", + "matchCriteriaId": "754329CD-30B7-4410-A371-56A7C261B61B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update66:*:*:*:*:*:*", + "matchCriteriaId": "C9445405-6B94-4DD1-BA94-B600AA316BB7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update67:*:*:*:*:*:*", + "matchCriteriaId": "960F3F22-9CC8-4655-9B09-777E5A5A1239" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update68:*:*:*:*:*:*", + "matchCriteriaId": "D2B77C89-7F33-47A0-B6BF-473366033BEA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update69:*:*:*:*:*:*", + "matchCriteriaId": "8183B9D5-1C4D-4D30-BD85-13850FF34CB2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update7:*:*:*:*:*:*", + "matchCriteriaId": "15B67345-D0AF-4BFD-A62D-870F75306A4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update70:*:*:*:*:*:*", + "matchCriteriaId": "1675366A-2388-4F7E-B423-D39BC7D3D38D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update71:*:*:*:*:*:*", + "matchCriteriaId": "B93C3CF2-4F45-4F6C-AB6D-F9ABDA7C4DA8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update72:*:*:*:*:*:*", + "matchCriteriaId": "34A6A6A0-9307-4F5D-9605-1F786D1CD62A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update73:*:*:*:*:*:*", + "matchCriteriaId": "6B994132-7103-4132-9D90-11CA264FEDE3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update74:*:*:*:*:*:*", + "matchCriteriaId": "A1958E04-AB8A-4B0E-AB45-B810CAED2EEF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update75:*:*:*:*:*:*", + "matchCriteriaId": "BB5558B0-6714-4B3A-B287-1943517A975A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update76:*:*:*:*:*:*", + "matchCriteriaId": "7E325115-EEBC-41F4-8606-45270DA40B98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update77:*:*:*:*:*:*", + "matchCriteriaId": "848B2C72-447D-46E2-A5A7-43CF3764E578" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update78:*:*:*:*:*:*", + "matchCriteriaId": "26A0AF15-52A9-46FD-8157-359141332EAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update79:*:*:*:*:*:*", + "matchCriteriaId": "63D63872-C1D0-444F-BCC7-A514F323C256" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update8:*:*:*:*:*:*", + "matchCriteriaId": "DE1F4262-A054-48CC-BF1D-AA77A94FFFE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update80:*:*:*:*:*:*", + "matchCriteriaId": "9D9FA9AD-39D3-412A-B794-E1B29EEEEC4A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update81:*:*:*:*:*:*", + "matchCriteriaId": "294D8A56-A797-433C-A06E-106B2179151A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update82:*:*:*:*:*:*", + "matchCriteriaId": "824D88D9-4645-4CAD-8CAB-30F27DD388C4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update83:*:*:*:*:*:*", + "matchCriteriaId": "F6E8C952-B455-46E4-AC3D-D38CAF189F60" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update84:*:*:*:*:*:*", + "matchCriteriaId": "CD77C0EE-AC79-4443-A502-C1E02F806911" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update85:*:*:*:*:*:*", + "matchCriteriaId": "648EB53C-7A90-4DA6-BF1C-B5336CDE30C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update86:*:*:*:*:*:*", + "matchCriteriaId": "39835EF7-8E93-4695-973D-6E9B76C67372" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update87:*:*:*:*:*:*", + "matchCriteriaId": "2A05FB86-332B-44E3-93CB-82465A38976E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update88:*:*:*:*:*:*", + "matchCriteriaId": "7C754823-899C-4EEF-ACB7-E1551FA88B25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update89:*:*:*:*:*:*", + "matchCriteriaId": "493D4C18-DEE2-4040-9C13-3A9AB2CE47BF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update9:*:*:*:*:*:*", + "matchCriteriaId": "D176CECA-2821-49EA-86EC-1184C133C0A3" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q3.8:*:*:*:*:*:*", - "matchCriteriaId": "44D45214-03A5-45A5-B413-1648BD0A740C" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update90:*:*:*:*:*:*", + "matchCriteriaId": "8F17DD75-E63B-4E4C-B136-D43F17B389EF" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q4.0:*:*:*:*:*:*", - "matchCriteriaId": "B6C54C71-6885-475B-939B-CEC309579BBA" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update91:*:*:*:*:*:*", + "matchCriteriaId": "62EE759A-78AD-40D6-8C5B-10403A8A4A89" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q4.5:*:*:*:*:*:*", - "matchCriteriaId": "BE1390BB-5145-4DDF-B113-9F8B190D4E0A" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update92:*:*:*:*:*:*", + "matchCriteriaId": "865ABA1F-CA99-4602-B325-F81C9778855C" }, { "vulnerable": true, diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43712.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43712.json new file mode 100644 index 00000000000..92493f4ffde --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43712.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43712", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:05.830", + "lastModified": "2024-12-10T22:15:05.830", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could allow an attacker to execute arbitrary code in the context of the victim's browser. This issue occurs when data from a user-controllable source is improperly sanitized before being used in the Document Object Model (DOM) of a web page, leading to the execution of malicious scripts. Exploitation of this issue requires user interaction, such as tricking a victim into clicking a link or navigating to a malicious website." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43713.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43713.json new file mode 100644 index 00000000000..fbefe877165 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43713.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43713", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:06.017", + "lastModified": "2024-12-10T22:15:06.017", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to access a manipulated URL or page with the malicious script." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43714.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43714.json new file mode 100644 index 00000000000..a133957e010 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43714.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43714", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:06.200", + "lastModified": "2024-12-10T22:15:06.200", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to visit a malicious link or input data into a vulnerable page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43715.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43715.json new file mode 100644 index 00000000000..99c61610c29 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43715.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43715", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:06.377", + "lastModified": "2024-12-10T22:15:06.377", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to visit a malicious link or input data into a compromised form." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43716.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43716.json new file mode 100644 index 00000000000..3d384ef235e --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43716.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43716", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:06.533", + "lastModified": "2024-12-10T22:15:06.533", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43717.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43717.json new file mode 100644 index 00000000000..b927894e0a1 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43717.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43717", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:06.703", + "lastModified": "2024-12-10T22:15:06.703", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43718.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43718.json new file mode 100644 index 00000000000..c5b36ca54fb --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43718.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43718", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:06.860", + "lastModified": "2024-12-10T22:15:06.860", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43719.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43719.json new file mode 100644 index 00000000000..fe9666d9fd1 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43719.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43719", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:07.010", + "lastModified": "2024-12-10T22:15:07.010", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to access the manipulated URL or input." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43720.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43720.json new file mode 100644 index 00000000000..b75aaa55205 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43720.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43720", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:07.160", + "lastModified": "2024-12-10T22:15:07.160", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code in the context of the victim's browser session. By manipulating the DOM environment in the victim's browser, an attacker can inject malicious scripts that are executed by the victim's browser. Exploitation of this issue requires user interaction, typically in the form of following a malicious link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43721.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43721.json new file mode 100644 index 00000000000..128110b3f0c --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43721.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43721", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:07.310", + "lastModified": "2024-12-10T22:15:07.310", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to access a manipulated link or input data into a vulnerable page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43722.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43722.json new file mode 100644 index 00000000000..02a01ce3aba --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43722.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43722", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:07.500", + "lastModified": "2024-12-10T22:15:07.500", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to access the manipulated URL or input." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43723.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43723.json new file mode 100644 index 00000000000..2289b4bdb62 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43723.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43723", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:07.663", + "lastModified": "2024-12-10T22:15:07.663", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to visit a malicious link or page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43724.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43724.json new file mode 100644 index 00000000000..bd653b9e15f --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43724.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43724", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:07.827", + "lastModified": "2024-12-10T22:15:07.827", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. Exploitation of this issue requires user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43725.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43725.json new file mode 100644 index 00000000000..7629648ff59 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43725.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43725", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:07.987", + "lastModified": "2024-12-10T22:15:07.987", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43726.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43726.json new file mode 100644 index 00000000000..4c38fcb9564 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43726.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43726", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:08.170", + "lastModified": "2024-12-10T22:15:08.170", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43727.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43727.json new file mode 100644 index 00000000000..0e07cd616f7 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43727.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43727", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:08.330", + "lastModified": "2024-12-10T22:15:08.330", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43728.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43728.json new file mode 100644 index 00000000000..5360bdd1875 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43728.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43728", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:08.500", + "lastModified": "2024-12-10T22:15:08.500", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43729.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43729.json new file mode 100644 index 00000000000..a4473ee03f4 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43729.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43729", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:08.653", + "lastModified": "2024-12-10T22:15:08.653", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43730.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43730.json new file mode 100644 index 00000000000..efbf9d7947f --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43730.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43730", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:08.800", + "lastModified": "2024-12-10T22:15:08.800", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43731.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43731.json new file mode 100644 index 00000000000..fa8130830d9 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43731.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43731", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:08.953", + "lastModified": "2024-12-10T22:15:08.953", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43732.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43732.json new file mode 100644 index 00000000000..8a5d055aba7 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43732.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43732", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:09.130", + "lastModified": "2024-12-10T22:15:09.130", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could allow an attacker to execute arbitrary code in the context of the victim's browser. This issue occurs when data from a malicious source is processed by a web application's client-side scripts to update the DOM. Exploitation of this issue requires user interaction, such as convincing a victim to click on a malicious link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", + "baseScore": 4.6, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43733.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43733.json new file mode 100644 index 00000000000..a6155d2d49a --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43733.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43733", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:09.330", + "lastModified": "2024-12-10T22:15:09.330", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to visit a malicious link or input data into a compromised form." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43734.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43734.json new file mode 100644 index 00000000000..9bc245f9779 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43734.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43734", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:09.507", + "lastModified": "2024-12-10T22:15:09.507", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43735.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43735.json new file mode 100644 index 00000000000..fd00bd1851f --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43735.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43735", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:09.670", + "lastModified": "2024-12-10T22:15:09.670", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43736.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43736.json new file mode 100644 index 00000000000..eacef997da7 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43736.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43736", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:09.840", + "lastModified": "2024-12-10T22:15:09.840", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43737.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43737.json new file mode 100644 index 00000000000..d22d3b0dd71 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43737.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43737", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:09.990", + "lastModified": "2024-12-10T22:15:09.990", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43738.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43738.json new file mode 100644 index 00000000000..b22651835f7 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43738.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43738", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:10.153", + "lastModified": "2024-12-10T22:15:10.153", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could allow an attacker to execute arbitrary code in the context of the victim's browser. This issue occurs when data from a malicious source is processed by a web application and subsequently written to the web page without proper sanitization, allowing for the execution of unintended script code or the alteration of the intended user interface. User interaction is required as the victim must visit a malicious page or view a maliciously crafted link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43739.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43739.json new file mode 100644 index 00000000000..2f35a701c6b --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43739.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43739", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:10.320", + "lastModified": "2024-12-10T22:15:10.320", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43740.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43740.json new file mode 100644 index 00000000000..56cc8b0c476 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43740.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43740", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:10.480", + "lastModified": "2024-12-10T22:15:10.480", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43742.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43742.json new file mode 100644 index 00000000000..03b726f57a5 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43742.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43742", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:10.633", + "lastModified": "2024-12-10T22:15:10.633", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43743.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43743.json new file mode 100644 index 00000000000..6c12e6aaf36 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43743.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43743", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:10.787", + "lastModified": "2024-12-10T22:15:10.787", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43744.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43744.json new file mode 100644 index 00000000000..f1314a23b49 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43744.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43744", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:10.950", + "lastModified": "2024-12-10T22:15:10.950", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43745.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43745.json new file mode 100644 index 00000000000..3022885e6fd --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43745.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43745", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:11.110", + "lastModified": "2024-12-10T22:15:11.110", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43746.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43746.json new file mode 100644 index 00000000000..9d94848018d --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43746.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43746", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:11.277", + "lastModified": "2024-12-10T22:15:11.277", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43747.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43747.json new file mode 100644 index 00000000000..c09c8ec9e4f --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43747.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43747", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:11.440", + "lastModified": "2024-12-10T22:15:11.440", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43748.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43748.json new file mode 100644 index 00000000000..e199d60603b --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43748.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43748", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:11.597", + "lastModified": "2024-12-10T22:15:11.597", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43749.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43749.json new file mode 100644 index 00000000000..fc71fdd1e19 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43749.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43749", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:11.763", + "lastModified": "2024-12-10T22:15:11.763", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43750.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43750.json new file mode 100644 index 00000000000..3e0ec108639 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43750.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43750", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:11.913", + "lastModified": "2024-12-10T22:15:11.913", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43751.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43751.json new file mode 100644 index 00000000000..4f5521b8d00 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43751.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43751", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:12.057", + "lastModified": "2024-12-10T22:15:12.057", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43752.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43752.json new file mode 100644 index 00000000000..cdc5a96d110 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43752.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43752", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:12.203", + "lastModified": "2024-12-10T22:15:12.203", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43754.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43754.json new file mode 100644 index 00000000000..29c9855dfd4 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43754.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43754", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:12.343", + "lastModified": "2024-12-10T22:15:12.343", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could allow an attacker to execute arbitrary code in the context of the victim's browser. This issue occurs when data from a malicious source is processed by a web application's client-side scripts to update the DOM. Exploitation of this issue requires user interaction, such as convincing a victim to click on a malicious link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43755.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43755.json new file mode 100644 index 00000000000..822134e7a50 --- /dev/null +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43755.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43755", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:12.507", + "lastModified": "2024-12-10T22:15:12.507", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Input Validation vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-451xx/CVE-2024-45155.json b/CVE-2024/CVE-2024-451xx/CVE-2024-45155.json new file mode 100644 index 00000000000..191528d95d1 --- /dev/null +++ b/CVE-2024/CVE-2024-451xx/CVE-2024-45155.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-45155", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:15.983", + "lastModified": "2024-12-10T21:15:15.983", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Animate versions 23.0.8, 24.0.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-824" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-96.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-451xx/CVE-2024-45156.json b/CVE-2024/CVE-2024-451xx/CVE-2024-45156.json new file mode 100644 index 00000000000..fc7b116d0d4 --- /dev/null +++ b/CVE-2024/CVE-2024-451xx/CVE-2024-45156.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-45156", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:16.137", + "lastModified": "2024-12-10T21:15:16.137", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Animate versions 23.0.8, 24.0.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-96.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49513.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49513.json new file mode 100644 index 00000000000..4734075741a --- /dev/null +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49513.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49513", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:16.343", + "lastModified": "2024-12-10T21:15:16.343", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Not a product versions 21.0.0.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/pdfl-sdk1/apsb24-98.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49537.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49537.json new file mode 100644 index 00000000000..9df9e1b385c --- /dev/null +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49537.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49537", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:16.500", + "lastModified": "2024-12-10T21:15:16.500", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "After Effects versions 24.6.2, 25.0.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-121" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/after_effects/apsb24-95.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49538.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49538.json new file mode 100644 index 00000000000..73cf3f097a5 --- /dev/null +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49538.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49538", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:16.650", + "lastModified": "2024-12-10T21:15:16.650", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Illustrator versions 29.0.0, 28.7.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/illustrator/apsb24-94.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49541.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49541.json new file mode 100644 index 00000000000..7401cc06d72 --- /dev/null +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49541.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49541", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:16.793", + "lastModified": "2024-12-10T21:15:16.793", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Illustrator versions 29.0.0, 28.7.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/illustrator/apsb24-94.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49543.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49543.json new file mode 100644 index 00000000000..4416b1d3593 --- /dev/null +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49543.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49543", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:16.937", + "lastModified": "2024-12-10T21:15:16.937", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-121" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-97.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49544.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49544.json new file mode 100644 index 00000000000..b0948b3c5f1 --- /dev/null +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49544.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49544", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:17.073", + "lastModified": "2024-12-10T21:15:17.073", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-97.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49545.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49545.json new file mode 100644 index 00000000000..1bcaffc64a2 --- /dev/null +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49545.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49545", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:17.220", + "lastModified": "2024-12-10T21:15:17.220", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-122" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-97.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49546.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49546.json new file mode 100644 index 00000000000..dd9dfada684 --- /dev/null +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49546.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49546", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:17.350", + "lastModified": "2024-12-10T21:15:17.350", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-97.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49547.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49547.json new file mode 100644 index 00000000000..51e69d7a204 --- /dev/null +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49547.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49547", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:17.483", + "lastModified": "2024-12-10T21:15:17.483", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-97.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49548.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49548.json new file mode 100644 index 00000000000..ffb150c5392 --- /dev/null +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49548.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49548", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:17.617", + "lastModified": "2024-12-10T21:15:17.617", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-97.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49549.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49549.json new file mode 100644 index 00000000000..a039e7ab1fd --- /dev/null +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49549.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49549", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:17.753", + "lastModified": "2024-12-10T21:15:17.753", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-97.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49550.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49550.json new file mode 100644 index 00000000000..617d59d1693 --- /dev/null +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49550.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49550", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:17.903", + "lastModified": "2024-12-10T21:15:17.903", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52816.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52816.json new file mode 100644 index 00000000000..06efc747c54 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52816.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52816", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:13.527", + "lastModified": "2024-12-10T22:15:13.527", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52817.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52817.json new file mode 100644 index 00000000000..2113a5711df --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52817.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52817", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:13.703", + "lastModified": "2024-12-10T22:15:13.703", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52818.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52818.json new file mode 100644 index 00000000000..42c8cb69203 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52818.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52818", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:13.870", + "lastModified": "2024-12-10T22:15:13.870", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52822.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52822.json new file mode 100644 index 00000000000..9f90df166f8 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52822.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52822", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:14.070", + "lastModified": "2024-12-10T22:15:14.070", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to access a manipulated URL or page with the malicious script." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52823.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52823.json new file mode 100644 index 00000000000..25d593a4822 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52823.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52823", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:14.223", + "lastModified": "2024-12-10T22:15:14.223", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to visit a malicious link or input data into a compromised form." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52824.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52824.json new file mode 100644 index 00000000000..010fdff9227 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52824.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52824", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:14.367", + "lastModified": "2024-12-10T22:15:14.367", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52825.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52825.json new file mode 100644 index 00000000000..bf06f4c18cf --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52825.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52825", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:14.523", + "lastModified": "2024-12-10T22:15:14.523", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52826.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52826.json new file mode 100644 index 00000000000..6f053932180 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52826.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52826", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:14.687", + "lastModified": "2024-12-10T22:15:14.687", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52827.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52827.json new file mode 100644 index 00000000000..d07da1d1186 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52827.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52827", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:14.860", + "lastModified": "2024-12-10T22:15:14.860", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52828.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52828.json new file mode 100644 index 00000000000..8ba826b9bfd --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52828.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52828", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:15.027", + "lastModified": "2024-12-10T22:15:15.027", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52829.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52829.json new file mode 100644 index 00000000000..0f56f29c82a --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52829.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52829", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:15.173", + "lastModified": "2024-12-10T22:15:15.173", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52830.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52830.json new file mode 100644 index 00000000000..143542fb74a --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52830.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52830", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:15.333", + "lastModified": "2024-12-10T22:15:15.333", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52831.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52831.json new file mode 100644 index 00000000000..8c311b0ccae --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52831.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52831", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:15.533", + "lastModified": "2024-12-10T22:15:15.533", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52832.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52832.json new file mode 100644 index 00000000000..dd88bcc0871 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52832.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52832", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:18.100", + "lastModified": "2024-12-10T22:15:18.100", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52833.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52833.json new file mode 100644 index 00000000000..90f475d3877 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52833.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52833", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:18.250", + "lastModified": "2024-12-10T22:15:18.250", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Substance3D - Modeler versions 1.14.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/substance3d-modeler/apsb24-102.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52834.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52834.json new file mode 100644 index 00000000000..f7dd780046e --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52834.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52834", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:18.393", + "lastModified": "2024-12-10T22:15:18.393", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52835.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52835.json new file mode 100644 index 00000000000..d06a3c8404c --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52835.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52835", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:18.540", + "lastModified": "2024-12-10T22:15:18.540", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52836.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52836.json new file mode 100644 index 00000000000..f509fc5c665 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52836.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52836", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:18.687", + "lastModified": "2024-12-10T22:15:18.687", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52837.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52837.json new file mode 100644 index 00000000000..94073ed38b0 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52837.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52837", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:18.850", + "lastModified": "2024-12-10T22:15:18.850", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to access the manipulated URL or input for the exploit to execute." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52838.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52838.json new file mode 100644 index 00000000000..8c4ae8ae100 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52838.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52838", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:19.000", + "lastModified": "2024-12-10T22:15:19.000", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to visit a malicious link or input data into a compromised form." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52839.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52839.json new file mode 100644 index 00000000000..8a7ade3b9ee --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52839.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52839", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:19.150", + "lastModified": "2024-12-10T22:15:19.150", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to visit a malicious link or input data into a compromised form." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52840.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52840.json new file mode 100644 index 00000000000..b790f9642a1 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52840.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52840", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:19.297", + "lastModified": "2024-12-10T22:15:19.297", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to access the manipulated URL or input the malicious data themselves." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52841.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52841.json new file mode 100644 index 00000000000..303cd3dadd0 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52841.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52841", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:19.440", + "lastModified": "2024-12-10T22:15:19.440", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52842.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52842.json new file mode 100644 index 00000000000..111aad64242 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52842.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52842", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:19.593", + "lastModified": "2024-12-10T22:15:19.593", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52843.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52843.json new file mode 100644 index 00000000000..74016036c12 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52843.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52843", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:19.737", + "lastModified": "2024-12-10T22:15:19.737", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52844.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52844.json new file mode 100644 index 00000000000..784daaf08a2 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52844.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52844", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:19.900", + "lastModified": "2024-12-10T22:15:19.900", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to visit a malicious link or input data into a compromised form." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52845.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52845.json new file mode 100644 index 00000000000..99aeede3338 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52845.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52845", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:20.040", + "lastModified": "2024-12-10T22:15:20.040", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52846.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52846.json new file mode 100644 index 00000000000..ac81bf5be63 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52846.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52846", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:20.197", + "lastModified": "2024-12-10T22:15:20.197", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52847.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52847.json new file mode 100644 index 00000000000..c86ba2be9a2 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52847.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52847", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:20.340", + "lastModified": "2024-12-10T22:15:20.340", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52848.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52848.json new file mode 100644 index 00000000000..45a82b8da2a --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52848.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52848", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:20.483", + "lastModified": "2024-12-10T22:15:20.483", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52849.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52849.json new file mode 100644 index 00000000000..d73efbc0c2e --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52849.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52849", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:20.640", + "lastModified": "2024-12-10T22:15:20.640", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52850.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52850.json new file mode 100644 index 00000000000..473012a1f7a --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52850.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52850", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:20.783", + "lastModified": "2024-12-10T22:15:20.783", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52851.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52851.json new file mode 100644 index 00000000000..16920efe798 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52851.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52851", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:20.917", + "lastModified": "2024-12-10T22:15:20.917", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52852.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52852.json new file mode 100644 index 00000000000..dcd9ffaf39a --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52852.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52852", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:21.060", + "lastModified": "2024-12-10T22:15:21.060", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52853.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52853.json new file mode 100644 index 00000000000..9d7ee58e558 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52853.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52853", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:21.217", + "lastModified": "2024-12-10T22:15:21.217", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52854.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52854.json new file mode 100644 index 00000000000..7f743be67ad --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52854.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52854", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:21.373", + "lastModified": "2024-12-10T22:15:21.373", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52855.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52855.json new file mode 100644 index 00000000000..f742c74544f --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52855.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52855", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:21.523", + "lastModified": "2024-12-10T22:15:21.523", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52857.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52857.json new file mode 100644 index 00000000000..9f939435b38 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52857.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52857", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:21.667", + "lastModified": "2024-12-10T22:15:21.667", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52858.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52858.json new file mode 100644 index 00000000000..1a037c7341b --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52858.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52858", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:21.817", + "lastModified": "2024-12-10T22:15:21.817", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52859.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52859.json new file mode 100644 index 00000000000..8f2eacc3505 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52859.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52859", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:21.957", + "lastModified": "2024-12-10T22:15:21.957", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52860.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52860.json new file mode 100644 index 00000000000..b25a63bae66 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52860.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52860", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:22.097", + "lastModified": "2024-12-10T22:15:22.097", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. User interaction is required for exploitation, as a victim must visit a malicious link or input data into a vulnerable web application." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52861.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52861.json new file mode 100644 index 00000000000..55bd4c74562 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52861.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52861", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:22.230", + "lastModified": "2024-12-10T22:15:22.230", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52862.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52862.json new file mode 100644 index 00000000000..acde651407c --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52862.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52862", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:22.377", + "lastModified": "2024-12-10T22:15:22.377", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52864.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52864.json new file mode 100644 index 00000000000..33e409a01e1 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52864.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52864", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:22.520", + "lastModified": "2024-12-10T22:15:22.520", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52865.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52865.json new file mode 100644 index 00000000000..a70d12006a5 --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52865.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52865", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:22.663", + "lastModified": "2024-12-10T22:15:22.663", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.7, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52982.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52982.json new file mode 100644 index 00000000000..4693d0fb610 --- /dev/null +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52982.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52982", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:18.053", + "lastModified": "2024-12-10T21:15:18.053", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Animate versions 23.0.8, 24.0.5 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-96.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52983.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52983.json new file mode 100644 index 00000000000..06460e2cf4d --- /dev/null +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52983.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52983", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:18.203", + "lastModified": "2024-12-10T21:15:18.203", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-96.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52984.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52984.json new file mode 100644 index 00000000000..ec5cc732e0d --- /dev/null +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52984.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52984", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:18.347", + "lastModified": "2024-12-10T21:15:18.347", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-191" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-96.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52985.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52985.json new file mode 100644 index 00000000000..7532ed6c403 --- /dev/null +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52985.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52985", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:18.483", + "lastModified": "2024-12-10T21:15:18.483", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-191" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-96.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52986.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52986.json new file mode 100644 index 00000000000..faa005469fb --- /dev/null +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52986.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52986", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:18.627", + "lastModified": "2024-12-10T21:15:18.627", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-191" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-96.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52987.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52987.json new file mode 100644 index 00000000000..f9d493fff9a --- /dev/null +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52987.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52987", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:18.760", + "lastModified": "2024-12-10T21:15:18.760", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-191" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-96.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52988.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52988.json new file mode 100644 index 00000000000..c846740b595 --- /dev/null +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52988.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52988", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:18.910", + "lastModified": "2024-12-10T21:15:18.910", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Animate versions 23.0.8, 24.0.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-96.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52989.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52989.json new file mode 100644 index 00000000000..749725a12a7 --- /dev/null +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52989.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52989", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:19.040", + "lastModified": "2024-12-10T21:15:19.040", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-191" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-96.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52990.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52990.json new file mode 100644 index 00000000000..ab78b16e0cb --- /dev/null +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52990.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52990", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:19.170", + "lastModified": "2024-12-10T21:15:19.170", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Animate versions 23.0.8, 24.0.5 and earlier are affected by a Buffer Underwrite ('Buffer Underflow') vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to manipulate memory in such a way that they could execute code under the privileges of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-124" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-96.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52991.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52991.json new file mode 100644 index 00000000000..88b654a2a2e --- /dev/null +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52991.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52991", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:22.883", + "lastModified": "2024-12-10T22:15:22.883", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52992.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52992.json new file mode 100644 index 00000000000..693308528e7 --- /dev/null +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52992.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52992", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:23.033", + "lastModified": "2024-12-10T22:15:23.033", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52993.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52993.json new file mode 100644 index 00000000000..2cfa33e014f --- /dev/null +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52993.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52993", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:23.190", + "lastModified": "2024-12-10T22:15:23.190", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52994.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52994.json new file mode 100644 index 00000000000..03476eb6b16 --- /dev/null +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52994.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52994", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:19.310", + "lastModified": "2024-12-10T21:15:19.310", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Substance3D - Sampler versions 4.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/substance3d-sampler/apsb24-100.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52995.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52995.json new file mode 100644 index 00000000000..1e7e56a9a8e --- /dev/null +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52995.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52995", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:19.440", + "lastModified": "2024-12-10T21:15:19.440", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Substance3D - Sampler versions 4.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-122" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/substance3d-sampler/apsb24-100.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52996.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52996.json new file mode 100644 index 00000000000..60dafead2e1 --- /dev/null +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52996.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52996", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:19.573", + "lastModified": "2024-12-10T21:15:19.573", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Substance3D - Sampler versions 4.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-122" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/substance3d-sampler/apsb24-100.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52997.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52997.json new file mode 100644 index 00000000000..aa01e554352 --- /dev/null +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52997.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52997", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:19.740", + "lastModified": "2024-12-10T21:15:19.740", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Photoshop Desktop versions 26.0 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/photoshop/apsb24-101.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-529xx/CVE-2024-52999.json b/CVE-2024/CVE-2024-529xx/CVE-2024-52999.json new file mode 100644 index 00000000000..1a8a3fe59c5 --- /dev/null +++ b/CVE-2024/CVE-2024-529xx/CVE-2024-52999.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52999", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:23.547", + "lastModified": "2024-12-10T22:15:23.547", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Substance3D - Modeler versions 1.14.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-122" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/substance3d-modeler/apsb24-102.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-530xx/CVE-2024-53000.json b/CVE-2024/CVE-2024-530xx/CVE-2024-53000.json new file mode 100644 index 00000000000..83dcb86a1e1 --- /dev/null +++ b/CVE-2024/CVE-2024-530xx/CVE-2024-53000.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53000", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:23.693", + "lastModified": "2024-12-10T22:15:23.693", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Substance3D - Modeler versions 1.14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/substance3d-modeler/apsb24-102.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-530xx/CVE-2024-53001.json b/CVE-2024/CVE-2024-530xx/CVE-2024-53001.json new file mode 100644 index 00000000000..3223d6037b6 --- /dev/null +++ b/CVE-2024/CVE-2024-530xx/CVE-2024-53001.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53001", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:23.837", + "lastModified": "2024-12-10T22:15:23.837", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Substance3D - Modeler versions 1.14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/substance3d-modeler/apsb24-102.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-530xx/CVE-2024-53002.json b/CVE-2024/CVE-2024-530xx/CVE-2024-53002.json new file mode 100644 index 00000000000..c829f61f3b7 --- /dev/null +++ b/CVE-2024/CVE-2024-530xx/CVE-2024-53002.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53002", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:24.000", + "lastModified": "2024-12-10T22:15:24.000", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Substance3D - Modeler versions 1.14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/substance3d-modeler/apsb24-102.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-530xx/CVE-2024-53003.json b/CVE-2024/CVE-2024-530xx/CVE-2024-53003.json new file mode 100644 index 00000000000..b72fde9b805 --- /dev/null +++ b/CVE-2024/CVE-2024-530xx/CVE-2024-53003.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53003", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:24.140", + "lastModified": "2024-12-10T22:15:24.140", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Substance3D - Modeler versions 1.14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/substance3d-modeler/apsb24-102.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-530xx/CVE-2024-53004.json b/CVE-2024/CVE-2024-530xx/CVE-2024-53004.json new file mode 100644 index 00000000000..a38eac0dada --- /dev/null +++ b/CVE-2024/CVE-2024-530xx/CVE-2024-53004.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53004", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:24.287", + "lastModified": "2024-12-10T22:15:24.287", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Substance3D - Modeler versions 1.14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/substance3d-modeler/apsb24-102.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-530xx/CVE-2024-53005.json b/CVE-2024/CVE-2024-530xx/CVE-2024-53005.json new file mode 100644 index 00000000000..6bd8509bb86 --- /dev/null +++ b/CVE-2024/CVE-2024-530xx/CVE-2024-53005.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53005", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:24.463", + "lastModified": "2024-12-10T22:15:24.463", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Substance3D - Modeler versions 1.14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/substance3d-modeler/apsb24-102.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-530xx/CVE-2024-53006.json b/CVE-2024/CVE-2024-530xx/CVE-2024-53006.json new file mode 100644 index 00000000000..0ec21c9f5ae --- /dev/null +++ b/CVE-2024/CVE-2024-530xx/CVE-2024-53006.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53006", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:24.617", + "lastModified": "2024-12-10T22:15:24.617", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Substance3D - Modeler versions 1.14.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/substance3d-modeler/apsb24-102.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-534xx/CVE-2024-53470.json b/CVE-2024/CVE-2024-534xx/CVE-2024-53470.json index 6d4b3f00c42..53336b5d4f3 100644 --- a/CVE-2024/CVE-2024-534xx/CVE-2024-53470.json +++ b/CVE-2024/CVE-2024-534xx/CVE-2024-53470.json @@ -2,16 +2,55 @@ "id": "CVE-2024-53470", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-05T16:15:25.743", - "lastModified": "2024-12-05T16:15:25.743", - "vulnStatus": "Received", + "lastModified": "2024-12-10T22:15:25.010", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple stored cross-site scripting (XSS) vulnerabilities in the component /configuracao/gateway_pagamento.php of WeGIA v3.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the id or name parameter." + }, + { + "lang": "es", + "value": "Varias vulnerabilidades de cross-site scripting (XSS) almacenado en el componente /configuracao/gateway_pagamento.php de WeGIA v3.2.0 permiten a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro id o name." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/nilsonmori/WeGIA", @@ -24,6 +63,10 @@ { "url": "https://www.wegia.org", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/nmmorette/vulnerability-research/blob/main/CVE-2024-53470/README.md", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-534xx/CVE-2024-53471.json b/CVE-2024/CVE-2024-534xx/CVE-2024-53471.json index 5744999cf10..97e6a171b37 100644 --- a/CVE-2024/CVE-2024-534xx/CVE-2024-53471.json +++ b/CVE-2024/CVE-2024-534xx/CVE-2024-53471.json @@ -2,16 +2,55 @@ "id": "CVE-2024-53471", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-05T16:15:25.867", - "lastModified": "2024-12-05T16:15:25.867", - "vulnStatus": "Received", + "lastModified": "2024-12-10T22:15:25.277", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple stored cross-site scripting (XSS) vulnerabilities in the component /configuracao/meio_pagamento.php of WeGIA v3.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the id or name parameter." + }, + { + "lang": "es", + "value": "Varias vulnerabilidades de cross-site scripting (XSS) almacenado en el componente /configuracao/meio_pagamento.php de WeGIA v3.2.0 permiten a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro id o name." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/nilsonmori/WeGIA", @@ -20,6 +59,10 @@ { "url": "https://github.com/nmmorette/vulnerability-research/blob/main/CVE-2024-53471/README.md", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/nmmorette/vulnerability-research/blob/main/CVE-2024-53471/README.md", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-534xx/CVE-2024-53481.json b/CVE-2024/CVE-2024-534xx/CVE-2024-53481.json index 6123b634fed..a2c504ffecd 100644 --- a/CVE-2024/CVE-2024-534xx/CVE-2024-53481.json +++ b/CVE-2024/CVE-2024-534xx/CVE-2024-53481.json @@ -2,7 +2,7 @@ "id": "CVE-2024-53481", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-10T20:15:21.033", - "lastModified": "2024-12-10T20:15:21.033", + "lastModified": "2024-12-10T21:15:20.003", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "A Cross Site Scripting (XSS) vulnerability in the profile.php of PHPGurukul Beauty Parlour Management System v1.1 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the \"Firstname\" and \"Last name\" parameters." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], "references": [ { "url": "http://phpgurukul.com", diff --git a/CVE-2024/CVE-2024-539xx/CVE-2024-53951.json b/CVE-2024/CVE-2024-539xx/CVE-2024-53951.json new file mode 100644 index 00000000000..2fe88257782 --- /dev/null +++ b/CVE-2024/CVE-2024-539xx/CVE-2024-53951.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53951", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:20.167", + "lastModified": "2024-12-10T21:15:20.167", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-97.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-539xx/CVE-2024-53952.json b/CVE-2024/CVE-2024-539xx/CVE-2024-53952.json new file mode 100644 index 00000000000..542a8cff5b4 --- /dev/null +++ b/CVE-2024/CVE-2024-539xx/CVE-2024-53952.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53952", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:20.307", + "lastModified": "2024-12-10T21:15:20.307", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/indesign/apsb24-97.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-539xx/CVE-2024-53953.json b/CVE-2024/CVE-2024-539xx/CVE-2024-53953.json new file mode 100644 index 00000000000..b34637b544d --- /dev/null +++ b/CVE-2024/CVE-2024-539xx/CVE-2024-53953.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53953", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:20.437", + "lastModified": "2024-12-10T21:15:20.437", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Animate versions 23.0.8, 24.0.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-96.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-539xx/CVE-2024-53954.json b/CVE-2024/CVE-2024-539xx/CVE-2024-53954.json new file mode 100644 index 00000000000..784555d5f58 --- /dev/null +++ b/CVE-2024/CVE-2024-539xx/CVE-2024-53954.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53954", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:20.560", + "lastModified": "2024-12-10T21:15:20.560", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-191" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-96.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-539xx/CVE-2024-53955.json b/CVE-2024/CVE-2024-539xx/CVE-2024-53955.json new file mode 100644 index 00000000000..cac9ac18c16 --- /dev/null +++ b/CVE-2024/CVE-2024-539xx/CVE-2024-53955.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53955", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:25.610", + "lastModified": "2024-12-10T22:15:25.610", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Bridge versions 14.1.3, 15.0 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-191" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/bridge/apsb24-103.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-539xx/CVE-2024-53956.json b/CVE-2024/CVE-2024-539xx/CVE-2024-53956.json new file mode 100644 index 00000000000..0427f4cfa4b --- /dev/null +++ b/CVE-2024/CVE-2024-539xx/CVE-2024-53956.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53956", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:25.767", + "lastModified": "2024-12-10T22:15:25.767", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Premiere Pro versions 25.0, 24.6.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-122" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/premiere_pro/apsb24-104.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-539xx/CVE-2024-53957.json b/CVE-2024/CVE-2024-539xx/CVE-2024-53957.json new file mode 100644 index 00000000000..9eb19b76621 --- /dev/null +++ b/CVE-2024/CVE-2024-539xx/CVE-2024-53957.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53957", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:25.917", + "lastModified": "2024-12-10T22:15:25.917", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Substance3D - Painter versions 10.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-122" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-105.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-539xx/CVE-2024-53958.json b/CVE-2024/CVE-2024-539xx/CVE-2024-53958.json new file mode 100644 index 00000000000..08a282dc9e8 --- /dev/null +++ b/CVE-2024/CVE-2024-539xx/CVE-2024-53958.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53958", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:26.510", + "lastModified": "2024-12-10T22:15:26.510", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Substance3D - Painter versions 10.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-105.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-539xx/CVE-2024-53959.json b/CVE-2024/CVE-2024-539xx/CVE-2024-53959.json new file mode 100644 index 00000000000..b55c8f1c4cc --- /dev/null +++ b/CVE-2024/CVE-2024-539xx/CVE-2024-53959.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53959", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:27.347", + "lastModified": "2024-12-10T22:15:27.347", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Framemaker versions 2020.7, 2022.5 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-121" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/framemaker/apsb24-106.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-539xx/CVE-2024-53960.json b/CVE-2024/CVE-2024-539xx/CVE-2024-53960.json new file mode 100644 index 00000000000..83127a30815 --- /dev/null +++ b/CVE-2024/CVE-2024-539xx/CVE-2024-53960.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53960", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T22:15:27.550", + "lastModified": "2024-12-10T22:15:27.550", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54032.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54032.json new file mode 100644 index 00000000000..09836d21814 --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54032.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54032", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:20.690", + "lastModified": "2024-12-10T21:15:20.690", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54034.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54034.json new file mode 100644 index 00000000000..4851c0e78e6 --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54034.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54034", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:20.817", + "lastModified": "2024-12-10T21:15:20.817", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N", + "baseScore": 8.0, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54036.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54036.json new file mode 100644 index 00000000000..7d93d3fb921 --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54036.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54036", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:20.947", + "lastModified": "2024-12-10T21:15:20.947", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54037.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54037.json new file mode 100644 index 00000000000..0d915c39d0b --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54037.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54037", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:21.080", + "lastModified": "2024-12-10T21:15:21.080", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user input, the attacker can inject malicious scripts that run when the page is rendered. This type of attack requires user interaction, as the victim would need to visit a malicious link or input data into a compromised form." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54038.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54038.json new file mode 100644 index 00000000000..2c747065bcb --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54038.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54038", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:21.210", + "lastModified": "2024-12-10T21:15:21.210", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54039.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54039.json new file mode 100644 index 00000000000..41dffb994df --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54039.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54039", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:21.337", + "lastModified": "2024-12-10T21:15:21.337", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54040.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54040.json new file mode 100644 index 00000000000..61f2637cf19 --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54040.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54040", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:21.463", + "lastModified": "2024-12-10T21:15:21.463", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54041.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54041.json new file mode 100644 index 00000000000..cabf814b6e0 --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54041.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54041", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:21.590", + "lastModified": "2024-12-10T21:15:21.590", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54042.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54042.json new file mode 100644 index 00000000000..4a4ce0fc70c --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54042.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54042", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:21.720", + "lastModified": "2024-12-10T21:15:21.720", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54043.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54043.json new file mode 100644 index 00000000000..4b45aeffb8b --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54043.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54043", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:21.850", + "lastModified": "2024-12-10T21:15:21.850", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54044.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54044.json new file mode 100644 index 00000000000..49f601e7fc2 --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54044.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54044", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:21.977", + "lastModified": "2024-12-10T21:15:21.977", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54045.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54045.json new file mode 100644 index 00000000000..44f9dfdfb1e --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54045.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54045", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:22.110", + "lastModified": "2024-12-10T21:15:22.110", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54046.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54046.json new file mode 100644 index 00000000000..efd2494d617 --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54046.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54046", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:22.237", + "lastModified": "2024-12-10T21:15:22.237", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54047.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54047.json new file mode 100644 index 00000000000..6b26a89baef --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54047.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54047", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:22.360", + "lastModified": "2024-12-10T21:15:22.360", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54048.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54048.json new file mode 100644 index 00000000000..27e2c99e171 --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54048.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54048", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:22.490", + "lastModified": "2024-12-10T21:15:22.490", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54049.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54049.json new file mode 100644 index 00000000000..be9d5c99d11 --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54049.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54049", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:22.627", + "lastModified": "2024-12-10T21:15:22.627", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54050.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54050.json new file mode 100644 index 00000000000..a53c0b60f26 --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54050.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54050", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:22.767", + "lastModified": "2024-12-10T21:15:22.767", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.1, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.6, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54051.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54051.json new file mode 100644 index 00000000000..321feb85b74 --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54051.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54051", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-12-10T21:15:22.927", + "lastModified": "2024-12-10T21:15:22.927", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.1, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.6, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/connect/apsb24-99.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-556xx/CVE-2024-55635.json b/CVE-2024/CVE-2024-556xx/CVE-2024-55635.json index 50e72d687b4..11a64ed191b 100644 --- a/CVE-2024/CVE-2024-556xx/CVE-2024-55635.json +++ b/CVE-2024/CVE-2024-556xx/CVE-2024-55635.json @@ -2,7 +2,7 @@ "id": "CVE-2024-55635", "sourceIdentifier": "mlhess@drupal.org", "published": "2024-12-10T00:15:22.433", - "lastModified": "2024-12-10T00:15:22.433", + "lastModified": "2024-12-10T22:15:28.190", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,30 @@ "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Drupal Core allows Cross-Site Scripting (XSS).This issue affects Drupal Core: from 7.0 before 7.102." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "mlhess@drupal.org", diff --git a/CVE-2024/CVE-2024-556xx/CVE-2024-55636.json b/CVE-2024/CVE-2024-556xx/CVE-2024-55636.json index 400cf952bde..b4d50c2452f 100644 --- a/CVE-2024/CVE-2024-556xx/CVE-2024-55636.json +++ b/CVE-2024/CVE-2024-556xx/CVE-2024-55636.json @@ -2,7 +2,7 @@ "id": "CVE-2024-55636", "sourceIdentifier": "mlhess@drupal.org", "published": "2024-12-10T00:15:22.540", - "lastModified": "2024-12-10T00:15:22.540", + "lastModified": "2024-12-10T22:15:28.347", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,30 @@ "value": "Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "mlhess@drupal.org", diff --git a/CVE-2024/CVE-2024-556xx/CVE-2024-55637.json b/CVE-2024/CVE-2024-556xx/CVE-2024-55637.json index 49021ccc643..84a47fa9009 100644 --- a/CVE-2024/CVE-2024-556xx/CVE-2024-55637.json +++ b/CVE-2024/CVE-2024-556xx/CVE-2024-55637.json @@ -2,7 +2,7 @@ "id": "CVE-2024-55637", "sourceIdentifier": "mlhess@drupal.org", "published": "2024-12-10T00:15:22.650", - "lastModified": "2024-12-10T00:15:22.650", + "lastModified": "2024-12-10T22:15:28.500", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,30 @@ "value": "Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "mlhess@drupal.org", diff --git a/CVE-2024/CVE-2024-556xx/CVE-2024-55638.json b/CVE-2024/CVE-2024-556xx/CVE-2024-55638.json index 4e62f79a404..4b8c43ba40d 100644 --- a/CVE-2024/CVE-2024-556xx/CVE-2024-55638.json +++ b/CVE-2024/CVE-2024-556xx/CVE-2024-55638.json @@ -2,7 +2,7 @@ "id": "CVE-2024-55638", "sourceIdentifier": "mlhess@drupal.org", "published": "2024-12-10T00:15:22.770", - "lastModified": "2024-12-10T00:15:22.770", + "lastModified": "2024-12-10T22:15:28.640", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,30 @@ "value": "Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 7.0 before 7.102, from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "mlhess@drupal.org", diff --git a/CVE-2024/CVE-2024-56xx/CVE-2024-5660.json b/CVE-2024/CVE-2024-56xx/CVE-2024-5660.json index f93b8b061f0..311ff2cb110 100644 --- a/CVE-2024/CVE-2024-56xx/CVE-2024-5660.json +++ b/CVE-2024/CVE-2024-56xx/CVE-2024-5660.json @@ -2,7 +2,7 @@ "id": "CVE-2024-5660", "sourceIdentifier": "arm-security@arm.com", "published": "2024-12-10T14:30:47.963", - "lastModified": "2024-12-10T14:30:47.963", + "lastModified": "2024-12-10T22:15:28.790", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,30 @@ "value": "Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on A77, A78, A78C, A78AE, A710, V1, V2, V3, V3AE, X1, X1C, X2, X3, X4, N2, X925 & Travis\u00a0may permit bypass of Stage-2 translation and/or GPT protection" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "arm-security@arm.com", diff --git a/CVE-2024/CVE-2024-89xx/CVE-2024-8980.json b/CVE-2024/CVE-2024-89xx/CVE-2024-8980.json index 7417d0846d8..90692e522bf 100644 --- a/CVE-2024/CVE-2024-89xx/CVE-2024-8980.json +++ b/CVE-2024/CVE-2024-89xx/CVE-2024-8980.json @@ -2,7 +2,7 @@ "id": "CVE-2024-8980", "sourceIdentifier": "security@liferay.com", "published": "2024-10-22T15:15:07.337", - "lastModified": "2024-10-30T14:46:14.127", + "lastModified": "2024-12-10T21:07:09.857", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -90,39 +90,203 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:6.2:-:*:*:*:*:*:*", - "matchCriteriaId": "6BFA6FB8-865E-4C8B-B0CF-CB3C47C18DD3" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndIncluding": "7.2", + "matchCriteriaId": "0C6F1E5B-1C88-49AD-8B34-6190F1C6684C" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:-:*:*:*:*:*:*", - "matchCriteriaId": "4614C87F-F39C-4ADD-A7A2-4A498612AD38" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2023.q3.1", + "versionEndExcluding": "2023.q3.5", + "matchCriteriaId": "01AC8CB4-9E89-40E6-B4F6-6F1BB36C855D" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*", - "matchCriteriaId": "27DF695E-B890-42C2-8941-5BB53154755F" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*", + "matchCriteriaId": "6F6A98ED-E694-4F39-95D0-C152BD1EC115" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*", - "matchCriteriaId": "0DCF7F39-A198-4F7E-84B7-90C88C1BAA96" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_1:*:*:*:*:*:*", + "matchCriteriaId": "2CD6861A-D546-462F-8B22-FA76A4AF8A9C" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*", - "matchCriteriaId": "6F6A98ED-E694-4F39-95D0-C152BD1EC115" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_2:*:*:*:*:*:*", + "matchCriteriaId": "324BB977-5AAC-4367-98FC-605FF4997B3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:service_pack_1:*:*:*:*:*:*", + "matchCriteriaId": "2BBA40AC-4619-434B-90CF-4D29A1CA6D86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:service_pack_3:*:*:*:*:*:*", + "matchCriteriaId": "728DF154-F19F-454C-87CA-1E755107F2A6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update10:*:*:*:*:*:*", + "matchCriteriaId": "AA984F92-4C6C-4049-A731-96F587B51E75" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update11:*:*:*:*:*:*", + "matchCriteriaId": "CADDF499-DDC4-4CEE-B512-404EA2024FCB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update12:*:*:*:*:*:*", + "matchCriteriaId": "9EC64246-1039-4009-B9BD-7828FA0FA1C5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update13:*:*:*:*:*:*", + "matchCriteriaId": "D9F352AE-AE22-4A84-94B6-6621D7E0BC59" }, { "vulnerable": true, "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update14:*:*:*:*:*:*", "matchCriteriaId": "3E84D881-6D47-48FD-B743-9D531F5F7D5C" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update15:*:*:*:*:*:*", + "matchCriteriaId": "1F8A9DEC-2C27-4EBB-B684-8EBDB374CFCC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update16:*:*:*:*:*:*", + "matchCriteriaId": "C3E7B777-8026-4C8F-9353-B5504873E0F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update17:*:*:*:*:*:*", + "matchCriteriaId": "2207FEE5-2537-4C6E-AC9C-EC53DBF3C57E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update18:*:*:*:*:*:*", + "matchCriteriaId": "087A2B43-07CE-4B3D-B879-449631DDA8D7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update19:*:*:*:*:*:*", + "matchCriteriaId": "019CED83-6277-434C-839C-6C4E0C45FB1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update20:*:*:*:*:*:*", + "matchCriteriaId": "6C533124-74E6-4312-9AF7-6496DE2A5152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update21:*:*:*:*:*:*", + "matchCriteriaId": "8DDA248D-5F00-4FC1-B857-A7942BAA1F3E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update22:*:*:*:*:*:*", + "matchCriteriaId": "6C6BA174-69D4-43FC-9395-1B6306A44CDC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update23:*:*:*:*:*:*", + "matchCriteriaId": "A465C229-D3FB-43E9-87BE-119BEE9110F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update24:*:*:*:*:*:*", + "matchCriteriaId": "32E98546-CE96-4BB8-A11C-F7E850C155F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update25:*:*:*:*:*:*", + "matchCriteriaId": "DD43C626-F2F2-43BA-85AA-6ADAE8A6D11F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update26:*:*:*:*:*:*", + "matchCriteriaId": "5C72C0E0-7D0B-4E8F-A109-7BB5DCA1C8D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update27:*:*:*:*:*:*", + "matchCriteriaId": "7E796B04-FF54-4C02-979C-87E137A76F63" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update28:*:*:*:*:*:*", + "matchCriteriaId": "07C3D771-5E1B-46C4-AAF8-F425377582D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update29:*:*:*:*:*:*", + "matchCriteriaId": "B08F95DC-BE49-4717-B959-2BE8BD131953" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update30:*:*:*:*:*:*", + "matchCriteriaId": "E915FBC2-9BF7-4A99-B201-1F176D743494" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update31:*:*:*:*:*:*", + "matchCriteriaId": "E44E02C2-6F83-4525-BF9D-E82CE9A9880E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update32:*:*:*:*:*:*", + "matchCriteriaId": "660F37C6-61E6-4C34-8A7E-99C7DBEB8319" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update33:*:*:*:*:*:*", + "matchCriteriaId": "5AD8D0D3-31AC-41E5-A780-5D5B18BF6991" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update34:*:*:*:*:*:*", + "matchCriteriaId": "02D4C998-77F5-4428-A7B9-F7D909E23E92" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update35:*:*:*:*:*:*", "matchCriteriaId": "C6984AC8-461D-488F-A911-7BF1D12B44A5" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update4:*:*:*:*:*:*", + "matchCriteriaId": "AD408C73-7D78-4EB1-AA2C-F4A6D4DC980B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update5:*:*:*:*:*:*", + "matchCriteriaId": "513F3229-7C31-44EB-88F6-E564BE725853" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update6:*:*:*:*:*:*", + "matchCriteriaId": "76B9CD05-A10E-439C-9FDE-EA88EC3AF2C6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update7:*:*:*:*:*:*", + "matchCriteriaId": "A7D2D415-36AA-41B2-8FD9-21A98CDFE1EF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update8:*:*:*:*:*:*", + "matchCriteriaId": "124F2D2E-F8E7-4EDE-A98B-DD72FB43DF20" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:update9:*:*:*:*:*:*", + "matchCriteriaId": "0DEE5985-289E-4138-B7C0-1E471BA7A1FD" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*", @@ -130,13 +294,463 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q3.1:*:*:*:*:*:*", - "matchCriteriaId": "1A13C2E9-9260-466E-9D98-0021CB2F41F8" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update1:*:*:*:*:*:*", + "matchCriteriaId": "8B1B2384-764F-43CC-8206-36DCBE9DDCBF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update10:*:*:*:*:*:*", + "matchCriteriaId": "C7B02106-D5EA-4A59-A959-CCE2AC8F55BC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update11:*:*:*:*:*:*", + "matchCriteriaId": "80204464-5DC5-4A52-B844-C833A96E6BD4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update12:*:*:*:*:*:*", + "matchCriteriaId": "6F8A5D02-0B45-4DA9-ACD8-42C1BFF62827" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update13:*:*:*:*:*:*", + "matchCriteriaId": "38DA7C99-AC2C-4B9A-B611-4697159E1D79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update14:*:*:*:*:*:*", + "matchCriteriaId": "F264AD07-D105-4F00-8920-6D8146E4FA63" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update15:*:*:*:*:*:*", + "matchCriteriaId": "C929CF16-4725-492A-872B-0928FE388FC9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update16:*:*:*:*:*:*", + "matchCriteriaId": "1B8750A1-E481-48D4-84F4-97D1ABE15B46" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update17:*:*:*:*:*:*", + "matchCriteriaId": "454F8410-D9AC-481E-841C-60F0DF2CC25E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update18:*:*:*:*:*:*", + "matchCriteriaId": "D1A442EE-460F-4823-B9EF-4421050F0847" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update19:*:*:*:*:*:*", + "matchCriteriaId": "608B205D-0B79-4D1C-B2C1-64C31DB1896E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update2:*:*:*:*:*:*", + "matchCriteriaId": "10B863B8-201D-494C-8175-168820996174" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update20:*:*:*:*:*:*", + "matchCriteriaId": "4427DC78-E80C-4057-A295-B0731437A99E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update21:*:*:*:*:*:*", + "matchCriteriaId": "22B6B8C1-1FF3-41BC-9576-16193AE20CC7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update22:*:*:*:*:*:*", + "matchCriteriaId": "DDA17F24-1A7E-4BEB-9C98-41761A2A36A2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update23:*:*:*:*:*:*", + "matchCriteriaId": "3B062851-CE6B-44F4-8222-422EC9872EC3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update24:*:*:*:*:*:*", + "matchCriteriaId": "D4687FDA-0078-4E89-ADD8-7EDDA68261A4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update25:*:*:*:*:*:*", + "matchCriteriaId": "7EA29B09-CC24-4063-96A5-96AA08C0886D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update26:*:*:*:*:*:*", + "matchCriteriaId": "331FC246-D3E9-4711-B305-BE51BF743CF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update27:*:*:*:*:*:*", + "matchCriteriaId": "A5823BC0-8C11-4C31-9E99-3C9D82918E2A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update28:*:*:*:*:*:*", + "matchCriteriaId": "E2E6CB66-1AE1-4626-8070-64C250ED8363" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update29:*:*:*:*:*:*", + "matchCriteriaId": "B63449AA-6831-4290-B1FA-0BB806820402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update3:*:*:*:*:*:*", + "matchCriteriaId": "CBF766CE-CBB8-472A-BAF0-BD39A7BCB4DE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update30:*:*:*:*:*:*", + "matchCriteriaId": "B3B169F6-B8B8-4612-AD7D-F75CC6A9297B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update31:*:*:*:*:*:*", + "matchCriteriaId": "12D46756-D26D-4877-ACE8-1C2721908428" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update32:*:*:*:*:*:*", + "matchCriteriaId": "5403DCEF-20C2-4568-8DF1-30804F522915" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update33:*:*:*:*:*:*", + "matchCriteriaId": "90E39742-90BE-4DEB-AB78-F9B8F7333F9A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update34:*:*:*:*:*:*", + "matchCriteriaId": "9D07DB20-9DCF-4C05-99D2-F6B37A082C14" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update35:*:*:*:*:*:*", + "matchCriteriaId": "341D1157-8118-4BD3-A902-36E90E066706" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update36:*:*:*:*:*:*", + "matchCriteriaId": "1AB71307-7EAA-436A-9CBC-5A94F034FB48" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update37:*:*:*:*:*:*", + "matchCriteriaId": "9446B3A5-6647-416C-92AF-7B6E0E929765" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update38:*:*:*:*:*:*", + "matchCriteriaId": "06386C7A-CAA1-4FC4-9182-5A66342FB903" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update39:*:*:*:*:*:*", + "matchCriteriaId": "8C84B701-B9A1-43D0-AF0C-30EDBD24CF90" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update4:*:*:*:*:*:*", + "matchCriteriaId": "182FAA46-D9FB-4170-B305-BAD0DF6E5DE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update40:*:*:*:*:*:*", + "matchCriteriaId": "BA9AF651-D118-4437-B400-531B26BF6801" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update41:*:*:*:*:*:*", + "matchCriteriaId": "2B256485-E289-4092-B45B-835DE12625B9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update42:*:*:*:*:*:*", + "matchCriteriaId": "119B54BD-75F4-46A4-A57D-16CFF4E12CEB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update43:*:*:*:*:*:*", + "matchCriteriaId": "A3382E2D-A414-40A1-A330-619859756A36" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update44:*:*:*:*:*:*", + "matchCriteriaId": "2E07B750-55B6-4DB6-B02B-216C2F5505A9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update45:*:*:*:*:*:*", + "matchCriteriaId": "B921E670-480F-4793-A636-3855A1654908" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update46:*:*:*:*:*:*", + "matchCriteriaId": "62AE52FE-FB7F-4339-BDDE-E5AD235BBC58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update47:*:*:*:*:*:*", + "matchCriteriaId": "C99508DB-19E9-4832-AB38-57C61C7D68BC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update48:*:*:*:*:*:*", + "matchCriteriaId": "67F50AF8-7B0E-4D01-9EB2-C6625E9DACB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update49:*:*:*:*:*:*", + "matchCriteriaId": "131E4E65-D997-47F1-8CB8-15CE6A60AB1D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update5:*:*:*:*:*:*", + "matchCriteriaId": "DF1BB9E6-D690-4C12-AEF0-4BD712869CBA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update50:*:*:*:*:*:*", + "matchCriteriaId": "CCD1DEA0-8823-4780-B5EE-C1A2BB3C6B4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update51:*:*:*:*:*:*", + "matchCriteriaId": "94AC684E-3C5F-4859-B6EB-42C478F9DD11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update52:*:*:*:*:*:*", + "matchCriteriaId": "DC6FF5AB-B6E4-45D9-854B-29DEC200DA4D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update53:*:*:*:*:*:*", + "matchCriteriaId": "9855E3CB-925E-4623-A776-59422AB2FC6A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update54:*:*:*:*:*:*", + "matchCriteriaId": "01C3B7BE-1F9B-4EDA-990C-A4022CB85612" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update55:*:*:*:*:*:*", + "matchCriteriaId": "65CF766C-626D-4F8C-BDBF-F0C5404DD545" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update56:*:*:*:*:*:*", + "matchCriteriaId": "720EF24C-9A36-405B-A380-6114C150B376" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update57:*:*:*:*:*:*", + "matchCriteriaId": "44479EF5-40BD-43A2-AD0F-CE1660222AB2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update58:*:*:*:*:*:*", + "matchCriteriaId": "B8E0BD92-0F77-481E-8167-F81755E00703" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update59:*:*:*:*:*:*", + "matchCriteriaId": "2BDB885E-814A-4CA8-A81C-1DB35989089B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update6:*:*:*:*:*:*", + "matchCriteriaId": "653A0452-070F-4312-B94A-F5BCB01B9BDC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update60:*:*:*:*:*:*", + "matchCriteriaId": "B73DA1AE-C62F-4E62-AA98-5697656825F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update61:*:*:*:*:*:*", + "matchCriteriaId": "D49DEE85-4DDB-4EF4-9F4D-11E7C1364055" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update62:*:*:*:*:*:*", + "matchCriteriaId": "365F28B6-DBF2-45BB-A06D-DD80CFBAD7BD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update63:*:*:*:*:*:*", + "matchCriteriaId": "5FDAD47C-C2DA-4533-AA58-DD6EC09A580A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update64:*:*:*:*:*:*", + "matchCriteriaId": "5F81F36F-B20F-48B3-A1F2-3D319A34176B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update65:*:*:*:*:*:*", + "matchCriteriaId": "754329CD-30B7-4410-A371-56A7C261B61B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update66:*:*:*:*:*:*", + "matchCriteriaId": "C9445405-6B94-4DD1-BA94-B600AA316BB7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update67:*:*:*:*:*:*", + "matchCriteriaId": "960F3F22-9CC8-4655-9B09-777E5A5A1239" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update68:*:*:*:*:*:*", + "matchCriteriaId": "D2B77C89-7F33-47A0-B6BF-473366033BEA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update69:*:*:*:*:*:*", + "matchCriteriaId": "8183B9D5-1C4D-4D30-BD85-13850FF34CB2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update7:*:*:*:*:*:*", + "matchCriteriaId": "15B67345-D0AF-4BFD-A62D-870F75306A4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update70:*:*:*:*:*:*", + "matchCriteriaId": "1675366A-2388-4F7E-B423-D39BC7D3D38D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update71:*:*:*:*:*:*", + "matchCriteriaId": "B93C3CF2-4F45-4F6C-AB6D-F9ABDA7C4DA8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update72:*:*:*:*:*:*", + "matchCriteriaId": "34A6A6A0-9307-4F5D-9605-1F786D1CD62A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update73:*:*:*:*:*:*", + "matchCriteriaId": "6B994132-7103-4132-9D90-11CA264FEDE3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update74:*:*:*:*:*:*", + "matchCriteriaId": "A1958E04-AB8A-4B0E-AB45-B810CAED2EEF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update75:*:*:*:*:*:*", + "matchCriteriaId": "BB5558B0-6714-4B3A-B287-1943517A975A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update76:*:*:*:*:*:*", + "matchCriteriaId": "7E325115-EEBC-41F4-8606-45270DA40B98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update77:*:*:*:*:*:*", + "matchCriteriaId": "848B2C72-447D-46E2-A5A7-43CF3764E578" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update78:*:*:*:*:*:*", + "matchCriteriaId": "26A0AF15-52A9-46FD-8157-359141332EAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update79:*:*:*:*:*:*", + "matchCriteriaId": "63D63872-C1D0-444F-BCC7-A514F323C256" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update8:*:*:*:*:*:*", + "matchCriteriaId": "DE1F4262-A054-48CC-BF1D-AA77A94FFFE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update80:*:*:*:*:*:*", + "matchCriteriaId": "9D9FA9AD-39D3-412A-B794-E1B29EEEEC4A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update81:*:*:*:*:*:*", + "matchCriteriaId": "294D8A56-A797-433C-A06E-106B2179151A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update82:*:*:*:*:*:*", + "matchCriteriaId": "824D88D9-4645-4CAD-8CAB-30F27DD388C4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update83:*:*:*:*:*:*", + "matchCriteriaId": "F6E8C952-B455-46E4-AC3D-D38CAF189F60" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update84:*:*:*:*:*:*", + "matchCriteriaId": "CD77C0EE-AC79-4443-A502-C1E02F806911" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update85:*:*:*:*:*:*", + "matchCriteriaId": "648EB53C-7A90-4DA6-BF1C-B5336CDE30C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update86:*:*:*:*:*:*", + "matchCriteriaId": "39835EF7-8E93-4695-973D-6E9B76C67372" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update87:*:*:*:*:*:*", + "matchCriteriaId": "2A05FB86-332B-44E3-93CB-82465A38976E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update88:*:*:*:*:*:*", + "matchCriteriaId": "7C754823-899C-4EEF-ACB7-E1551FA88B25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update89:*:*:*:*:*:*", + "matchCriteriaId": "493D4C18-DEE2-4040-9C13-3A9AB2CE47BF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update9:*:*:*:*:*:*", + "matchCriteriaId": "D176CECA-2821-49EA-86EC-1184C133C0A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update90:*:*:*:*:*:*", + "matchCriteriaId": "8F17DD75-E63B-4E4C-B136-D43F17B389EF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update91:*:*:*:*:*:*", + "matchCriteriaId": "62EE759A-78AD-40D6-8C5B-10403A8A4A89" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:liferay:digital_experience_platform:2023:q3.4:*:*:*:*:*:*", - "matchCriteriaId": "951E7698-7E66-4671-84E9-7A7B0FB15B23" + "criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update92:*:*:*:*:*:*", + "matchCriteriaId": "865ABA1F-CA99-4602-B325-F81C9778855C" }, { "vulnerable": true, diff --git a/README.md b/README.md index 4e69a1788e8..fe38e0fc347 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-10T21:00:26.680303+00:00 +2024-12-10T23:00:30.405237+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-10T20:15:21.643000+00:00 +2024-12-10T22:59:32.727000+00:00 ``` ### Last Data Feed Release @@ -33,69 +33,66 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -272998 +273151 ``` ### CVEs added in the last Commit -Recently added CVEs: `36` - -- [CVE-2024-49532](CVE-2024/CVE-2024-495xx/CVE-2024-49532.json) (`2024-12-10T20:15:18.417`) -- [CVE-2024-49533](CVE-2024/CVE-2024-495xx/CVE-2024-49533.json) (`2024-12-10T20:15:18.563`) -- [CVE-2024-49534](CVE-2024/CVE-2024-495xx/CVE-2024-49534.json) (`2024-12-10T20:15:18.743`) -- [CVE-2024-49535](CVE-2024/CVE-2024-495xx/CVE-2024-49535.json) (`2024-12-10T20:15:18.923`) -- [CVE-2024-49551](CVE-2024/CVE-2024-495xx/CVE-2024-49551.json) (`2024-12-10T20:15:19.110`) -- [CVE-2024-49552](CVE-2024/CVE-2024-495xx/CVE-2024-49552.json) (`2024-12-10T20:15:19.297`) -- [CVE-2024-49553](CVE-2024/CVE-2024-495xx/CVE-2024-49553.json) (`2024-12-10T20:15:19.530`) -- [CVE-2024-49554](CVE-2024/CVE-2024-495xx/CVE-2024-49554.json) (`2024-12-10T20:15:19.963`) -- [CVE-2024-50699](CVE-2024/CVE-2024-506xx/CVE-2024-50699.json) (`2024-12-10T19:15:30.193`) -- [CVE-2024-50920](CVE-2024/CVE-2024-509xx/CVE-2024-50920.json) (`2024-12-10T19:15:30.290`) -- [CVE-2024-50921](CVE-2024/CVE-2024-509xx/CVE-2024-50921.json) (`2024-12-10T19:15:30.380`) -- [CVE-2024-50924](CVE-2024/CVE-2024-509xx/CVE-2024-50924.json) (`2024-12-10T19:15:30.463`) -- [CVE-2024-50928](CVE-2024/CVE-2024-509xx/CVE-2024-50928.json) (`2024-12-10T19:15:30.550`) -- [CVE-2024-50929](CVE-2024/CVE-2024-509xx/CVE-2024-50929.json) (`2024-12-10T19:15:30.643`) -- [CVE-2024-50930](CVE-2024/CVE-2024-509xx/CVE-2024-50930.json) (`2024-12-10T19:15:30.727`) -- [CVE-2024-50931](CVE-2024/CVE-2024-509xx/CVE-2024-50931.json) (`2024-12-10T19:15:30.813`) -- [CVE-2024-51165](CVE-2024/CVE-2024-511xx/CVE-2024-51165.json) (`2024-12-10T20:15:20.523`) -- [CVE-2024-53480](CVE-2024/CVE-2024-534xx/CVE-2024-53480.json) (`2024-12-10T20:15:20.920`) -- [CVE-2024-53481](CVE-2024/CVE-2024-534xx/CVE-2024-53481.json) (`2024-12-10T20:15:21.033`) -- [CVE-2024-54008](CVE-2024/CVE-2024-540xx/CVE-2024-54008.json) (`2024-12-10T19:15:30.900`) -- [CVE-2024-55500](CVE-2024/CVE-2024-555xx/CVE-2024-55500.json) (`2024-12-10T19:15:31.020`) -- [CVE-2024-55550](CVE-2024/CVE-2024-555xx/CVE-2024-55550.json) (`2024-12-10T19:15:31.110`) -- [CVE-2024-7572](CVE-2024/CVE-2024-75xx/CVE-2024-7572.json) (`2024-12-10T19:15:31.317`) -- [CVE-2024-8540](CVE-2024/CVE-2024-85xx/CVE-2024-8540.json) (`2024-12-10T19:15:31.463`) -- [CVE-2024-9844](CVE-2024/CVE-2024-98xx/CVE-2024-9844.json) (`2024-12-10T19:15:31.607`) +Recently added CVEs: `153` + +- [CVE-2024-53954](CVE-2024/CVE-2024-539xx/CVE-2024-53954.json) (`2024-12-10T21:15:20.560`) +- [CVE-2024-53955](CVE-2024/CVE-2024-539xx/CVE-2024-53955.json) (`2024-12-10T22:15:25.610`) +- [CVE-2024-53956](CVE-2024/CVE-2024-539xx/CVE-2024-53956.json) (`2024-12-10T22:15:25.767`) +- [CVE-2024-53957](CVE-2024/CVE-2024-539xx/CVE-2024-53957.json) (`2024-12-10T22:15:25.917`) +- [CVE-2024-53958](CVE-2024/CVE-2024-539xx/CVE-2024-53958.json) (`2024-12-10T22:15:26.510`) +- [CVE-2024-53959](CVE-2024/CVE-2024-539xx/CVE-2024-53959.json) (`2024-12-10T22:15:27.347`) +- [CVE-2024-53960](CVE-2024/CVE-2024-539xx/CVE-2024-53960.json) (`2024-12-10T22:15:27.550`) +- [CVE-2024-54032](CVE-2024/CVE-2024-540xx/CVE-2024-54032.json) (`2024-12-10T21:15:20.690`) +- [CVE-2024-54034](CVE-2024/CVE-2024-540xx/CVE-2024-54034.json) (`2024-12-10T21:15:20.817`) +- [CVE-2024-54036](CVE-2024/CVE-2024-540xx/CVE-2024-54036.json) (`2024-12-10T21:15:20.947`) +- [CVE-2024-54037](CVE-2024/CVE-2024-540xx/CVE-2024-54037.json) (`2024-12-10T21:15:21.080`) +- [CVE-2024-54038](CVE-2024/CVE-2024-540xx/CVE-2024-54038.json) (`2024-12-10T21:15:21.210`) +- [CVE-2024-54039](CVE-2024/CVE-2024-540xx/CVE-2024-54039.json) (`2024-12-10T21:15:21.337`) +- [CVE-2024-54040](CVE-2024/CVE-2024-540xx/CVE-2024-54040.json) (`2024-12-10T21:15:21.463`) +- [CVE-2024-54041](CVE-2024/CVE-2024-540xx/CVE-2024-54041.json) (`2024-12-10T21:15:21.590`) +- [CVE-2024-54042](CVE-2024/CVE-2024-540xx/CVE-2024-54042.json) (`2024-12-10T21:15:21.720`) +- [CVE-2024-54043](CVE-2024/CVE-2024-540xx/CVE-2024-54043.json) (`2024-12-10T21:15:21.850`) +- [CVE-2024-54044](CVE-2024/CVE-2024-540xx/CVE-2024-54044.json) (`2024-12-10T21:15:21.977`) +- [CVE-2024-54045](CVE-2024/CVE-2024-540xx/CVE-2024-54045.json) (`2024-12-10T21:15:22.110`) +- [CVE-2024-54046](CVE-2024/CVE-2024-540xx/CVE-2024-54046.json) (`2024-12-10T21:15:22.237`) +- [CVE-2024-54047](CVE-2024/CVE-2024-540xx/CVE-2024-54047.json) (`2024-12-10T21:15:22.360`) +- [CVE-2024-54048](CVE-2024/CVE-2024-540xx/CVE-2024-54048.json) (`2024-12-10T21:15:22.490`) +- [CVE-2024-54049](CVE-2024/CVE-2024-540xx/CVE-2024-54049.json) (`2024-12-10T21:15:22.627`) +- [CVE-2024-54050](CVE-2024/CVE-2024-540xx/CVE-2024-54050.json) (`2024-12-10T21:15:22.767`) +- [CVE-2024-54051](CVE-2024/CVE-2024-540xx/CVE-2024-54051.json) (`2024-12-10T21:15:22.927`) ### CVEs modified in the last Commit -Recently modified CVEs: `38` - -- [CVE-2024-1875](CVE-2024/CVE-2024-18xx/CVE-2024-1875.json) (`2024-12-10T19:56:33.457`) -- [CVE-2024-1876](CVE-2024/CVE-2024-18xx/CVE-2024-1876.json) (`2024-12-10T19:54:48.283`) -- [CVE-2024-1877](CVE-2024/CVE-2024-18xx/CVE-2024-1877.json) (`2024-12-10T19:55:04.673`) -- [CVE-2024-1878](CVE-2024/CVE-2024-18xx/CVE-2024-1878.json) (`2024-12-10T19:52:18.733`) -- [CVE-2024-1972](CVE-2024/CVE-2024-19xx/CVE-2024-1972.json) (`2024-12-10T19:53:51.173`) -- [CVE-2024-22122](CVE-2024/CVE-2024-221xx/CVE-2024-22122.json) (`2024-12-10T19:21:09.207`) -- [CVE-2024-43882](CVE-2024/CVE-2024-438xx/CVE-2024-43882.json) (`2024-12-10T19:15:26.840`) -- [CVE-2024-45722](CVE-2024/CVE-2024-457xx/CVE-2024-45722.json) (`2024-12-10T19:49:53.693`) -- [CVE-2024-46874](CVE-2024/CVE-2024-468xx/CVE-2024-46874.json) (`2024-12-10T19:49:18.773`) -- [CVE-2024-47146](CVE-2024/CVE-2024-471xx/CVE-2024-47146.json) (`2024-12-10T19:45:51.023`) -- [CVE-2024-47547](CVE-2024/CVE-2024-475xx/CVE-2024-47547.json) (`2024-12-10T19:57:32.987`) -- [CVE-2024-47791](CVE-2024/CVE-2024-477xx/CVE-2024-47791.json) (`2024-12-10T19:44:43.937`) -- [CVE-2024-48703](CVE-2024/CVE-2024-487xx/CVE-2024-48703.json) (`2024-12-10T19:56:48.667`) -- [CVE-2024-48874](CVE-2024/CVE-2024-488xx/CVE-2024-48874.json) (`2024-12-10T19:44:16.093`) -- [CVE-2024-50623](CVE-2024/CVE-2024-506xx/CVE-2024-50623.json) (`2024-12-10T20:15:20.257`) -- [CVE-2024-51727](CVE-2024/CVE-2024-517xx/CVE-2024-51727.json) (`2024-12-10T19:51:08.360`) -- [CVE-2024-52324](CVE-2024/CVE-2024-523xx/CVE-2024-52324.json) (`2024-12-10T19:42:56.737`) -- [CVE-2024-53141](CVE-2024/CVE-2024-531xx/CVE-2024-53141.json) (`2024-12-10T19:25:08.247`) -- [CVE-2024-53142](CVE-2024/CVE-2024-531xx/CVE-2024-53142.json) (`2024-12-10T19:17:56.657`) -- [CVE-2024-55268](CVE-2024/CVE-2024-552xx/CVE-2024-55268.json) (`2024-12-10T19:03:53.797`) -- [CVE-2024-55544](CVE-2024/CVE-2024-555xx/CVE-2024-55544.json) (`2024-12-10T20:15:21.147`) -- [CVE-2024-55545](CVE-2024/CVE-2024-555xx/CVE-2024-55545.json) (`2024-12-10T20:15:21.280`) -- [CVE-2024-55546](CVE-2024/CVE-2024-555xx/CVE-2024-55546.json) (`2024-12-10T20:15:21.403`) -- [CVE-2024-55547](CVE-2024/CVE-2024-555xx/CVE-2024-55547.json) (`2024-12-10T20:15:21.527`) -- [CVE-2024-55548](CVE-2024/CVE-2024-555xx/CVE-2024-55548.json) (`2024-12-10T20:15:21.643`) +Recently modified CVEs: `22` + +- [CVE-2021-47077](CVE-2021/CVE-2021-470xx/CVE-2021-47077.json) (`2024-12-10T21:01:51.030`) +- [CVE-2023-36358](CVE-2023/CVE-2023-363xx/CVE-2023-36358.json) (`2024-12-10T22:15:05.393`) +- [CVE-2023-36359](CVE-2023/CVE-2023-363xx/CVE-2023-36359.json) (`2024-12-10T21:15:14.750`) +- [CVE-2023-52503](CVE-2023/CVE-2023-525xx/CVE-2023-52503.json) (`2024-12-10T21:26:43.377`) +- [CVE-2024-10968](CVE-2024/CVE-2024-109xx/CVE-2024-10968.json) (`2024-12-10T21:10:06.700`) +- [CVE-2024-10969](CVE-2024/CVE-2024-109xx/CVE-2024-10969.json) (`2024-12-10T21:10:24.593`) +- [CVE-2024-11138](CVE-2024/CVE-2024-111xx/CVE-2024-11138.json) (`2024-12-10T21:11:45.043`) +- [CVE-2024-25604](CVE-2024/CVE-2024-256xx/CVE-2024-25604.json) (`2024-12-10T22:59:32.727`) +- [CVE-2024-25605](CVE-2024/CVE-2024-256xx/CVE-2024-25605.json) (`2024-12-10T22:20:47.737`) +- [CVE-2024-26271](CVE-2024/CVE-2024-262xx/CVE-2024-26271.json) (`2024-12-10T21:07:04.467`) +- [CVE-2024-26272](CVE-2024/CVE-2024-262xx/CVE-2024-26272.json) (`2024-12-10T21:07:02.180`) +- [CVE-2024-26273](CVE-2024/CVE-2024-262xx/CVE-2024-26273.json) (`2024-12-10T21:07:07.587`) +- [CVE-2024-38002](CVE-2024/CVE-2024-380xx/CVE-2024-38002.json) (`2024-12-10T21:06:57.970`) +- [CVE-2024-53470](CVE-2024/CVE-2024-534xx/CVE-2024-53470.json) (`2024-12-10T22:15:25.010`) +- [CVE-2024-53471](CVE-2024/CVE-2024-534xx/CVE-2024-53471.json) (`2024-12-10T22:15:25.277`) +- [CVE-2024-53481](CVE-2024/CVE-2024-534xx/CVE-2024-53481.json) (`2024-12-10T21:15:20.003`) +- [CVE-2024-55635](CVE-2024/CVE-2024-556xx/CVE-2024-55635.json) (`2024-12-10T22:15:28.190`) +- [CVE-2024-55636](CVE-2024/CVE-2024-556xx/CVE-2024-55636.json) (`2024-12-10T22:15:28.347`) +- [CVE-2024-55637](CVE-2024/CVE-2024-556xx/CVE-2024-55637.json) (`2024-12-10T22:15:28.500`) +- [CVE-2024-55638](CVE-2024/CVE-2024-556xx/CVE-2024-55638.json) (`2024-12-10T22:15:28.640`) +- [CVE-2024-5660](CVE-2024/CVE-2024-56xx/CVE-2024-5660.json) (`2024-12-10T22:15:28.790`) +- [CVE-2024-8980](CVE-2024/CVE-2024-89xx/CVE-2024-8980.json) (`2024-12-10T21:07:09.857`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 7229f757b18..c31ef638f58 100644 --- a/_state.csv +++ b/_state.csv @@ -152725,7 +152725,7 @@ CVE-2020-20300,0,0,090724554224d3930d7b383998d47d941324ba0a50c99b53d1909d1e1b60a CVE-2020-2031,0,0,a156362f94a9ed2ad8460c8d7055a44793d55c986ef26f12e96e03d87f693c26,2024-11-21T05:24:30.070000 CVE-2020-2032,0,0,49bfdea6c93c6818ba5150508314bd0c7e9ff51a8e2f15d4e99fdfb6ff195992,2024-11-21T05:24:30.247000 CVE-2020-2033,0,0,c1e77b6a2bf3a3235f9ffbd4d2a2fc8de8cfe2b5425d5b82b96250832e351c2a,2024-11-21T05:24:30.417000 -CVE-2020-20335,0,1,979b9dab937e1e29a0c261d3a3f55c2de50dc1c5a96812d739a906b0cab7ec72,2024-12-10T20:15:06.760000 +CVE-2020-20335,0,0,979b9dab937e1e29a0c261d3a3f55c2de50dc1c5a96812d739a906b0cab7ec72,2024-12-10T20:15:06.760000 CVE-2020-2034,0,0,ae9000b463a848a75502799be0ad4a6956dafd57e5f11fcbdbf99d086b5c4beb,2024-11-21T05:24:30.607000 CVE-2020-20340,0,0,8da650d138306a7e34374ffb71f96fcd599a6eacf92c428f890af437441c2854,2024-11-21T05:12:01.363000 CVE-2020-20341,0,0,0339fcf0d0d283f8317999448fdc196989664e270694a6c0c51946838cd9f6af,2024-11-21T05:12:01.530000 @@ -152749,7 +152749,7 @@ CVE-2020-20402,0,0,04449f29442ca6e194c86c3f5b43a230c1c730b03062bae066cfdf07dab84 CVE-2020-20406,0,0,0d0c0801f0b93125afe461fe90fcca22ea973e6d317bfb2fb360bd5737e92323,2024-11-21T05:12:03.483000 CVE-2020-2041,0,0,970deedc477beef1d9c35f672e6deaf16c3a48aba43d62a7024978a3fb962f55,2024-11-21T05:24:31.973000 CVE-2020-20412,0,0,225ba4fe9f25c7021650006518d59af9acdd0b0c0e080b06aa180ac7bab2eb1d,2024-11-21T05:12:03.637000 -CVE-2020-20413,0,1,21ea60223001fb11baf01cc54839c3f877a09c14bd5cb92ccb0d0014ae460e2c,2024-12-10T20:15:06.983000 +CVE-2020-20413,0,0,21ea60223001fb11baf01cc54839c3f877a09c14bd5cb92ccb0d0014ae460e2c,2024-12-10T20:15:06.983000 CVE-2020-2042,0,0,fe57cc34850005b29aa9d4f62c0e0f68e774a8c2101ec954e8f539ec14797b73,2024-11-21T05:24:32.210000 CVE-2020-20425,0,0,4c3fb1e6e5dca9991264fad8df3cccf2d571916ddd9874f1212fc95b2fd6a997,2024-11-21T05:12:03.940000 CVE-2020-20426,0,0,22e5c0c97a8a7208f7e784b92b170fcab457748fcfe4627714fb2cf86f484c04,2024-11-21T05:12:04.107000 @@ -152778,10 +152778,10 @@ CVE-2020-2048,0,0,699e162855126fb6405b963fbecdeb3cee1130beeac4e1e17aa66217352e47 CVE-2020-20486,0,0,3e24156a196254efec0fc7dd303275826efd0380b12aa62a9666a75897ecb069,2024-11-21T05:12:06.623000 CVE-2020-2049,0,0,1a6aaace605c04b16dc64015d56ec00e1979f3674e0ac77773f60bc95f42a007,2024-11-21T05:24:33.057000 CVE-2020-20490,0,0,f12393ad87560cbf9db1f1f3dcd77b6da2816d836e54c2e6da3f44725eaea076,2024-11-21T05:12:06.777000 -CVE-2020-20491,0,1,d8a88fc40a570c61cb1807fba54bd5214939d71d35fd6f7c5a046afdf21238cb,2024-12-10T20:15:07.187000 +CVE-2020-20491,0,0,d8a88fc40a570c61cb1807fba54bd5214939d71d35fd6f7c5a046afdf21238cb,2024-12-10T20:15:07.187000 CVE-2020-20495,0,0,fb9118154ddd5e44807f517ccdf21901f0f1b053ac7553cd23521737b9d4d6c7,2024-11-21T05:12:07.097000 CVE-2020-2050,0,0,a90a8b53471f7aa7d7e80f76b672c4b33314ca8cbc103a59c6d442067d7eecbe,2024-11-21T05:24:33.270000 -CVE-2020-20502,0,1,9f480c58cf73dd2ab38febc208f7f0fcecceb875fe6e89dc1e984f06067d830b,2024-12-10T19:15:13.083000 +CVE-2020-20502,0,0,9f480c58cf73dd2ab38febc208f7f0fcecceb875fe6e89dc1e984f06067d830b,2024-12-10T19:15:13.083000 CVE-2020-20508,0,0,159573edc10cc4647ffa1aa57a0d0d789e2ff3e59fffb79f6485105f5e766486,2024-11-21T05:12:07.397000 CVE-2020-2051,0,0,54805ce0a4a88248f1cb40064f5fa6d2236512e6abbeb809a008341d1dad2044,2023-11-07T03:21:34.867000 CVE-2020-20514,0,0,16a96e1a8a5355c00d06d7ce7922159b39236c9bfdbc36c6486dfc7cba8f8c06,2024-11-21T05:12:07.550000 @@ -152818,7 +152818,7 @@ CVE-2020-20627,0,0,b3093fb424285405b4e4263c4eb2ba7ec10e31527e348244542e38e60a0a2 CVE-2020-20628,0,0,bd7e9ef8c27680fbfc469fadbd1b99d20d8a65ac95dcc990c6d7b35c4285d190,2024-11-21T05:12:10.837000 CVE-2020-20633,0,0,8b3d75d786c93c5e3c8e9dab4028611675e6ae1844380827abe705a734407270,2024-11-21T05:12:10.973000 CVE-2020-20634,0,0,9a5cece317616f9d0c2b3e9bcaf0663623b334f06917eff135f4b00cf236ecf4,2024-11-21T05:12:11.123000 -CVE-2020-20636,0,1,a954b20cc41e93a2714fbefdc671915173ef7273f818137104f416552cc5867c,2024-12-10T19:15:14.167000 +CVE-2020-20636,0,0,a954b20cc41e93a2714fbefdc671915173ef7273f818137104f416552cc5867c,2024-12-10T19:15:14.167000 CVE-2020-2064,0,0,348ef9e48b63a71d2c33e05208967714a56e49397a350ae46c5dab48c995ed09,2023-11-07T03:21:37.377000 CVE-2020-20640,0,0,3b5ceb8caa892b1b71fb4fc7b4b4daf12d5e7c0257d3844b3d0d4024e9b45023,2024-11-21T05:12:11.417000 CVE-2020-20642,0,0,fcc5abc3fa5ef5e471335f13be1a55bb18fc9040a215797f3c8880ac4da22635,2024-11-21T05:12:11.567000 @@ -152842,7 +152842,7 @@ CVE-2020-20692,0,0,75113a590c67d4c970d36fd207cc6448a91e4003df60fb1710c3e1c543919 CVE-2020-20693,0,0,bbd222a833e0dd22f8d806803cbb2f8f34ae2ac1986b0360c52e55e62f1157ba,2024-11-21T05:12:13.720000 CVE-2020-20695,0,0,cdc805ecfc2a8c1776c4fb21a7bf09407d05ed337ace9764e859580125a9d277,2024-11-21T05:12:13.860000 CVE-2020-20696,0,0,53abcbd7d159c1aff3ede42b37019807e833f2abbdf575274542548121e85c51,2024-11-21T05:12:14.003000 -CVE-2020-20697,0,1,f2af1988a3e1d369946544383941fe0b3519104801e2c616beba5cb35b9760f1,2024-12-10T19:15:14.320000 +CVE-2020-20697,0,0,f2af1988a3e1d369946544383941fe0b3519104801e2c616beba5cb35b9760f1,2024-12-10T19:15:14.320000 CVE-2020-20698,0,0,e7c8c0e3b286afb7f5e2b2827583b1d3a152745be18b348efba2723bf260ee0d,2024-11-21T05:12:14.277000 CVE-2020-20699,0,0,9872b13b001337426c467c4536294d50f031dea0855ba84c3eee1365369b5608,2024-11-21T05:12:14.420000 CVE-2020-20700,0,0,7d578b169a7b7b3af0d2884c816a321b56ef41a64eaf3f4dc0eaead0fed57ec1,2024-11-21T05:12:14.550000 @@ -187208,8 +187208,8 @@ CVE-2021-47063,0,0,62517a898085ac87c1d4c363ee690679f3fd071c9bad633f6e658828ec25f CVE-2021-47064,0,0,3bd6a786c4077808029953bb049a9c471ffa608676a06c39506fb09e61ec99f9,2024-11-21T06:35:17.820000 CVE-2021-47065,0,0,ccbad5bde72572b0cedb79689aa5e03efef443c56720d7aff976c615bc24e71f,2024-12-10T17:54:50.497000 CVE-2021-47066,0,0,63cb7a656e47c5eb34316a10892fb8a1eafc05b262d1637b4e3dab9d49fc6701,2024-11-21T06:35:18.120000 -CVE-2021-47067,0,1,9df5b0005af4045c4050adb25d4d0a3c7ed0af17ec105b20f7776b61c08f0157,2024-12-10T19:50:32.683000 -CVE-2021-47068,0,1,e902a18ffbe6654398a0348af04e476fbaf331e8e30fa78b6bfe4762a12c956f,2024-12-10T19:50:49.147000 +CVE-2021-47067,0,0,9df5b0005af4045c4050adb25d4d0a3c7ed0af17ec105b20f7776b61c08f0157,2024-12-10T19:50:32.683000 +CVE-2021-47068,0,0,e902a18ffbe6654398a0348af04e476fbaf331e8e30fa78b6bfe4762a12c956f,2024-12-10T19:50:49.147000 CVE-2021-47069,0,0,c1eca05ee668952c1f7b1291c7ec7a82c3eb142d2cda65e66b7909adc2d987bc,2024-11-21T06:35:18.510000 CVE-2021-47070,0,0,affc793dd141d8f358bff7bbf0e6544f3d5ab387f0d1d9fdbb175a861def15c6,2024-11-21T06:35:18.633000 CVE-2021-47071,0,0,70d2443c4522733bfa6621cf92ec2f8083a480402e420a029b09490aeade57ef,2024-11-21T06:35:20.363000 @@ -187218,7 +187218,7 @@ CVE-2021-47073,0,0,1da6789de0e18c722faf0748d86b29266ec446ef02b371ec3294102d5dc16 CVE-2021-47074,0,0,62606d2032895447276146a4bd74173d7188ecf09841f325ee145350e8690bb6,2024-11-21T06:35:20.813000 CVE-2021-47075,0,0,36eeb7f2e930817c1b1fe865ad9fae545910e7fd96de6d94f28c455e8e24109c,2024-11-21T06:35:20.930000 CVE-2021-47076,0,0,eb44f78121b9b3561a16c318aaec96c6c6576ae1ed25b0b86867d5e51cb5effd,2024-11-21T06:35:21.103000 -CVE-2021-47077,0,0,88a58ca01c20870d26d8d975627c188957386e9af908e0df601d44abf59c2d17,2024-11-21T06:35:21.220000 +CVE-2021-47077,0,1,89ceade981ed48989989cfdea08722c6551df82a7dcf7e9e57d17f7163739998,2024-12-10T21:01:51.030000 CVE-2021-47078,0,0,10d2cc255b79f1ae1b2de2b41ed383d0a6ccb70ddfa9cdcb0b129f97f8f6ab93,2024-11-21T06:35:21.327000 CVE-2021-47079,0,0,c036a75d1b217059f3eeacf84ba954225baad506d2ec7a3aba1818ec631ba415,2024-12-09T18:41:59.903000 CVE-2021-47080,0,0,b2998f659a4b3e4f9d004f3f3d103d7ee3c84ede27b87e416214f7ed38cac5e7,2024-12-09T18:45:03.330000 @@ -222643,10 +222643,10 @@ CVE-2023-29174,0,0,60d4c62538ccab7168a6cd1f2a056c225b5c01512c96133b1a896e778a745 CVE-2023-29175,0,0,29ceee8620dffa511afd919186e9b4ab646732bc7395836fcee591326fc57bd1,2024-11-21T07:56:39.663000 CVE-2023-29177,0,0,34e536b2dd6516017134ae202be208043d632e379b245de54d5f97456f70853e,2024-11-21T07:56:39.793000 CVE-2023-29178,0,0,192b036255750951b2f948f3bccb436d9b8250da54d14e728cb678047e65557a,2024-11-21T07:56:39.910000 -CVE-2023-29179,0,1,150bd8d1fe2b8018ee43aeeb5131252bd102155bb051ffed83128a73e3125d0d,2024-12-10T19:28:38.803000 +CVE-2023-29179,0,0,150bd8d1fe2b8018ee43aeeb5131252bd102155bb051ffed83128a73e3125d0d,2024-12-10T19:28:38.803000 CVE-2023-2918,0,0,61c733d20500efcc82f9604ee077302f7b2e34c361148b54a33605771cee93dd,2023-11-07T04:13:32.830000 CVE-2023-29180,0,0,79507a70a6564ac33575d6bc0b5b0094aaa94b2cdb11c89a5577abe6a2ae3411,2024-12-10T16:58:41.603000 -CVE-2023-29181,0,1,4ee513e3e8e4b1988ac1020f45115a462424f406e28e4fbf0fe907547c2ff742,2024-12-10T19:07:41.227000 +CVE-2023-29181,0,0,4ee513e3e8e4b1988ac1020f45115a462424f406e28e4fbf0fe907547c2ff742,2024-12-10T19:07:41.227000 CVE-2023-29182,0,0,8e6f055a404b6bc97de586d6cde173cb4bec24f2991682f6b5f7fb8a67d03256,2024-11-21T07:56:40.370000 CVE-2023-29183,0,0,eb9482a74122ef99aa275848849976d909de5051785e444061c6a07addfb45e2,2024-11-21T07:56:40.483000 CVE-2023-29185,0,0,41ddcafee2e281b72ff94445eb71397c0d64003dbc083441752749f5f28e3446,2024-11-21T07:56:40.593000 @@ -227855,8 +227855,8 @@ CVE-2023-36354,0,0,f52211b337a7b329ca6967c351c2cceb8600276a1c14ee18982757daf0433 CVE-2023-36355,0,0,b13b6b4d1b429dcb0d564bf46350457d4136a5d32b0a65c6ff4288911b1c219a,2024-11-21T08:09:35.113000 CVE-2023-36356,0,0,dfe0803ee38c4a445d74cdbb675a6baf3dc666a786ff0be950f1a18a5fe656c5,2024-11-21T08:09:35.277000 CVE-2023-36357,0,0,7f8ec13898de07f57c7e8e66d0c8d2ff725c2b13b80d89d540b0324101332414,2024-12-02T19:15:07.480000 -CVE-2023-36358,0,0,c7104b5b3eb5deefd5686aed093a990e5ed7bec379a25e7da00c3fb74699ded4,2024-11-21T08:09:35.597000 -CVE-2023-36359,0,0,d1dfa6bc9ff8b432c89fb3752c2dd5043ef067469bf45d450bf9c7d6e9b8fa1a,2024-11-21T08:09:35.760000 +CVE-2023-36358,0,1,ded194e7b200adb441b4fa709d63c99e2eef0e06835442964ff220e3502b3889,2024-12-10T22:15:05.393000 +CVE-2023-36359,0,1,f1cfdda5960f8b568ffa1ef340bf74059ceff420da4bb55dede3794d35432533,2024-12-10T21:15:14.750000 CVE-2023-3636,0,0,f79ef9ecae829c199359798b63f24fb8a51eecaca990fa8998937337744d6ca2,2024-11-21T08:17:43.370000 CVE-2023-36360,0,0,03f8e99b08fd657ff41dfd2813e153f5a284df5fa1c76bf6a8d43cc2dedb5354,2023-11-07T04:16:33.320000 CVE-2023-36361,0,0,4e0200c7874320e4f073214633a311a386756b789151e899a0bc24bab0baa2b5,2024-11-21T08:09:35.950000 @@ -238582,7 +238582,7 @@ CVE-2023-50951,0,0,a54c39bbb984c66865707c18f40ef4caa534f821d04266c5357c454be96bb CVE-2023-50952,0,0,eb0a895474dc52fc7a9aa96374117680148519d7fa19b20d47851618098d4ef3,2024-11-21T08:37:35.927000 CVE-2023-50953,0,0,d79b22c128f600e5a640d3603650a325b1fd9c0f1e59b8fac87d18af918905c1,2024-11-21T08:37:36.080000 CVE-2023-50954,0,0,c3b8be7e25038836ab69cbf4b1f3b77767e2a9696c84bca593b09883dc574fa9,2024-11-21T08:37:36.227000 -CVE-2023-50955,0,1,054721455db1bb4a434bc0eeb3cc615632509d43de754db980f2fe970f47c525,2024-12-10T19:26:58.140000 +CVE-2023-50955,0,0,054721455db1bb4a434bc0eeb3cc615632509d43de754db980f2fe970f47c525,2024-12-10T19:26:58.140000 CVE-2023-50957,0,0,48bc2a455164fcb3dc9d6b320c285daa53b176ee389dda45bf6f8f3e21096ef5,2024-11-21T08:37:36.500000 CVE-2023-50959,0,0,a65991072a7be5e9bfc6dd105f3e29b24f202d07a14ac774359e6246211d7ee4,2024-11-21T08:37:36.643000 CVE-2023-5096,0,0,b339725eb66ec0962e11912446b66cd850e228ed170101209b480782ef995e44,2024-11-21T08:41:03.100000 @@ -239676,7 +239676,7 @@ CVE-2023-52480,0,0,cd04ea370d5bdea950880de8b151eed04d3c469cc9316c033c7f12aa23dc5 CVE-2023-52481,0,0,c036169f36373e26e323dd8da99dbd8c63f236021e8c8a4a9bb39e20912dc147,2024-11-21T08:39:52.207000 CVE-2023-52482,0,0,3a0df7f71f418f3e63754670552f138959109914bf16e4f18679cc937efd3c62,2024-11-21T08:39:52.390000 CVE-2023-52483,0,0,1a8b1ff366173442b98b03348889fdc6d9d6815924144c23f3b8733f390724f7,2024-11-21T08:39:52.513000 -CVE-2023-52484,0,1,688b7461214e279f98589a82904a607b59c917943fab1d733720294c9192c231,2024-12-10T19:49:58.407000 +CVE-2023-52484,0,0,688b7461214e279f98589a82904a607b59c917943fab1d733720294c9192c231,2024-12-10T19:49:58.407000 CVE-2023-52485,0,0,ea5d217cbbe7f3fbb8b73fc9db8b8e68e7acfb1bc7ee66425eeb4f3a03166777,2024-11-21T08:39:52.737000 CVE-2023-52486,0,0,931d7db046363d7eac30b1a64d095d58079d7cbe4dece1d8d75f3a1561b58746,2024-11-21T08:39:52.863000 CVE-2023-52487,0,0,b4c33df0f971ed24b0181094b9c29cfec4133a11adfee8d1ddb58791a511fb4d,2024-11-21T08:39:53.007000 @@ -239697,7 +239697,7 @@ CVE-2023-5250,0,0,58ce2b34b475373736e77e988be92b15eb836a64d3c5382c9b7f18d2986aa0 CVE-2023-52500,0,0,fbb9efaa221bcebca4695082e7346353f1edaceda435306e7320013f86e44d86,2024-11-21T08:39:54.610000 CVE-2023-52501,0,0,dce8fea28787eccd5fdf1c2279867b1856cfdadbf948affe1018e6b016ffe136,2024-11-21T08:39:54.730000 CVE-2023-52502,0,0,53b5c7371b4f4373fe848296392853f59d8735375e39195cf54701f13f36c71d,2024-11-21T08:39:54.847000 -CVE-2023-52503,0,0,aa0046c8ef1c51414cf3d948a200d6637ca0935cbd9947131f393476911601c5,2024-11-21T08:39:55.033000 +CVE-2023-52503,0,1,b25829a16f78c14d9235d80b7c332263af083b055661f6466ab49e61a0d35aa6,2024-12-10T21:26:43.377000 CVE-2023-52504,0,0,20d543413cbfdce3982f0e69879d8085fe9ae071f6db241d63eea26ff6923237,2024-11-21T08:39:55.150000 CVE-2023-52505,0,0,457ceb32eaa0dbf4f3fb83c3def49ce35850e4a94f5e4c24c521950a01b60bc6,2024-11-21T08:39:55.273000 CVE-2023-52506,0,0,2473aef6ecee2b11075221629d29edc4b86db27ed7be427c580f9b517750fde5,2024-11-21T08:39:55.397000 @@ -243068,7 +243068,7 @@ CVE-2024-10241,0,0,fe3dcecfada7c3764490fec385526c423fea05ceb1d8cfae03a9be08ced79 CVE-2024-10245,0,0,5714c51fb85acb3984990d3d9b6159b31ef4484b309f1b36de23af150cc1fca1,2024-11-12T13:55:21.227000 CVE-2024-10247,0,0,23e6e9a03b8e93235649708b73fc812b92cb4eb313d477a522da2963089c88ec,2024-12-06T04:15:04.190000 CVE-2024-10250,0,0,dce2ccadbd6e77d5f97f6e4ccb7b1ad74933eaf3de52e88abfac961c0db9fd4a,2024-10-25T16:37:32.777000 -CVE-2024-10256,1,1,41e50c2772aee3c6f19c1613289373c5e13b9c940006c460417aa0ecff16f0a4,2024-12-10T19:15:19.280000 +CVE-2024-10256,0,0,41e50c2772aee3c6f19c1613289373c5e13b9c940006c460417aa0ecff16f0a4,2024-12-10T19:15:19.280000 CVE-2024-1026,0,0,3b8711e596f8e047332158b9d61379ba52e624c4b3a7c24f0fe541a714abce3e,2024-11-21T08:49:37.720000 CVE-2024-10260,0,0,d942f8528242106c707ac5e36063bb1ab6b42d2c9d03f6207b97112072b4168d,2024-11-19T21:20:51.707000 CVE-2024-10261,0,0,c8ada3ff1a57362b6be9d96267e04fe7b15ba4d3c5c61c4cc5194a505b362908,2024-11-12T13:56:24.513000 @@ -243631,8 +243631,8 @@ CVE-2024-10964,0,0,57b272f10f583f57ad350a67bc460132637ea8e73b01849caa65e88235230 CVE-2024-10965,0,0,7a48e746780c9b936f9156485d79a795eb32972691169d69dc596fa55046e4dd,2024-11-23T01:45:14.267000 CVE-2024-10966,0,0,b7a50c5d6f825b28e507a19c3844f5a82d0b4c6a45687a7c351c49bc0dd409eb,2024-11-08T19:01:03.880000 CVE-2024-10967,0,0,7c3473c2b77a8d05803cf7f270943b5290b5d24c3b903af32185338840b213c3,2024-11-26T01:30:41.650000 -CVE-2024-10968,0,0,cf722af6d246e12a374b549008c0dac3c37a6aae2a0bef0e246924d4d96aee44,2024-11-08T19:01:03.880000 -CVE-2024-10969,0,0,7637e7e2ae49b56d1aabb223063a2e234f35350af5a35feb58df2f5b4e1e1f91,2024-11-08T19:01:03.880000 +CVE-2024-10968,0,1,a921b8902882d4801f626f2f4054af6a15bab4d0cf4468f9642e1f86377f1fd9,2024-12-10T21:10:06.700000 +CVE-2024-10969,0,1,8114c2dfe952beb461c299d8bda61eb6b5ef295ee43d6de90e2c4aa8ea5fd65c,2024-12-10T21:10:24.593000 CVE-2024-1097,0,0,f1ad2b99b98b2176c3b3ccdd494bed6625a86a9f96e0ed3a25e7d4f3cd789ac4,2024-11-19T19:05:30.620000 CVE-2024-10971,0,0,f8d3e9d67661e4546a1e254ebb74d5d0c1dddae1c4d768a7ce5fd78bda7de46d,2024-11-21T08:49:10.613000 CVE-2024-10975,0,0,87dd438a371aa254e8d367f54246f88f9b61e035fde8423a2dec0ee6b83d81a4,2024-11-08T19:01:03.880000 @@ -243766,7 +243766,7 @@ CVE-2024-11127,0,0,a3efa55977cec0481a9d0f60f752166adc632313ccf7c08d957fcbfaa47d4 CVE-2024-1113,0,0,db1a37354bc3ae93faa7351501dc98fbca0217da03c731fe56b764e77974ccf3,2024-11-21T08:49:49.557000 CVE-2024-11130,0,0,2031b0d91a76a3ae308e67f748474890b1fb080d7d4cbebe58df244865c594b4,2024-11-15T17:57:53.270000 CVE-2024-11136,0,0,725bf56498e2623c27a356d77c56c56ec2fbb4238d9582d18b0c73a291d687b6,2024-11-15T13:58:08.913000 -CVE-2024-11138,0,0,dc93dced3b89eb042a5df51b01e9c0469a8f5c5bf89a869604d3fd213194268a,2024-11-13T17:01:58.603000 +CVE-2024-11138,0,1,7a4f991a93172e8f92a25ff85e41fd89c92d700227aa3b95284768518268aadd,2024-12-10T21:11:45.043000 CVE-2024-1114,0,0,26f8d922f7817a26291214f4551b12b577ca7b3e88078b0c0c71e617799dfdd6,2024-11-21T08:49:49.727000 CVE-2024-11143,0,0,686e238b18cb6e6b1a398192b44515340df593fe49d6838dfcc7892698b7fdab,2024-11-18T15:03:56.927000 CVE-2024-11145,0,0,49d8db8e9affdc9bd928055d93b635f15e5703854689b5be5f582242400a9150,2024-11-26T20:15:25.270000 @@ -244115,9 +244115,9 @@ CVE-2024-1163,0,0,3534cb0564ba7e08015dfddf52a975a19f7b672cf09e3f78e469f84e669f2c CVE-2024-11630,0,0,602de6590967350fd7f3827b1a11ce4a1c578a1994d3c132149d73cf61dca0eb,2024-11-22T22:15:13.637000 CVE-2024-11631,0,0,ec063b412cc8e1fc69f64e54e806f8de997f3af353f8bd5c4b78d65e3cccfe32,2024-11-25T16:54:46.333000 CVE-2024-11632,0,0,de73f7ca209ed3887af097dcd8d60cda4bdd27816f354a861b8ba50b3a9bc56a,2024-11-25T16:50:43.257000 -CVE-2024-11633,1,1,540509d385be367af278463b62a22523724fcc49b0913c87b149cca4cb337549,2024-12-10T19:15:19.443000 -CVE-2024-11634,1,1,e47b7694ec13526f38152321ede4bc458c0e174eca0ffbdc4ed8fa4c5812082d,2024-12-10T19:15:19.570000 -CVE-2024-11639,1,1,be3da7234f279c9e8bdd2251b8814f363d52c4ee0ebba728717c0ee21bb2e7b9,2024-12-10T19:15:19.690000 +CVE-2024-11633,0,0,540509d385be367af278463b62a22523724fcc49b0913c87b149cca4cb337549,2024-12-10T19:15:19.443000 +CVE-2024-11634,0,0,e47b7694ec13526f38152321ede4bc458c0e174eca0ffbdc4ed8fa4c5812082d,2024-12-10T19:15:19.570000 +CVE-2024-11639,0,0,be3da7234f279c9e8bdd2251b8814f363d52c4ee0ebba728717c0ee21bb2e7b9,2024-12-10T19:15:19.690000 CVE-2024-1164,0,0,ea75a9ac84fb05bc5899ed5764c236687fb5121f662769fb6e46971a20a2f34a,2024-11-21T08:49:56.530000 CVE-2024-11643,0,0,ae78ce4f54b48c77ffb4df12d001ddabc5e672affe5a377c6c988d0deb6a52af,2024-12-04T16:15:24.177000 CVE-2024-11646,0,0,0ab6dee87b237852bbf12355ce0d89cfcc42d4de6a7d6f3a29942216f6fdc7dc,2024-11-25T16:49:56.377000 @@ -244200,8 +244200,8 @@ CVE-2024-1176,0,0,ade3cc69c20caab05c727481cc0ec5f568a186d8a0d855f0f768d9d6ccfee8 CVE-2024-11761,0,0,d23dfba4fec168c27495db29e782d019068846a5ade59e5c067fdb06c9bbac7b,2024-11-28T09:15:05.090000 CVE-2024-11769,0,0,7c09ce15e3c33c67c82c4f8389595c27e00e07d607e16c4d909baefd0cbdfd8b,2024-12-04T08:15:06.680000 CVE-2024-1177,0,0,50204f0e1e82280f8898460ad80abf26f09df69c8b4bae2f8e7f259925f88097,2024-11-21T08:49:58.233000 -CVE-2024-11772,1,1,8798de1b89615d4c1d5ee148ccb63311b2f2b6f0733c8b34822ca99faf169909,2024-12-10T19:15:19.817000 -CVE-2024-11773,1,1,1599f5d7cc145c0f3a3a46104ee78ba4948a77846b5397f39e14ea1e4596f3f5,2024-12-10T19:15:19.943000 +CVE-2024-11772,0,0,8798de1b89615d4c1d5ee148ccb63311b2f2b6f0733c8b34822ca99faf169909,2024-12-10T19:15:19.817000 +CVE-2024-11773,0,0,1599f5d7cc145c0f3a3a46104ee78ba4948a77846b5397f39e14ea1e4596f3f5,2024-12-10T19:15:19.943000 CVE-2024-11779,0,0,6fca322440fa0ec10b198ba4bdeb9536ec459d93d5e90d5fff62b8f50b0b654d,2024-12-05T10:31:39.980000 CVE-2024-1178,0,0,e86847946e473364610b445d63c15ed4c6d00a61287bc755b3617494adb6266f,2024-11-21T08:49:58.357000 CVE-2024-11782,0,0,80e41e72f948036c8856df6deb0c7080f3de56cbdfa10b8def2e5b899b6badbf,2024-12-03T10:15:05.320000 @@ -245020,14 +245020,14 @@ CVE-2024-1867,0,0,1a9680f2fdb51acbf197571e1c1c23acfdcfa6b457b0bf2443ac5cd4836177 CVE-2024-1868,0,0,b174f8e89a00bd2ec71604abc7710e9410f7d3ee47a4a570f69aec67317d5616,2024-11-22T20:15:08.280000 CVE-2024-1869,0,0,f8c69f612e814c4bd9b0f3c1664eca33f449de845c31ce2038b5c1d00298a8db,2024-11-21T08:51:29.133000 CVE-2024-1870,0,0,6d6d6ee7f5ab5452814e8c5a0d8fcee96177fee451cf6d8baa8b58ec9c14573d,2024-11-21T08:51:29.330000 -CVE-2024-1871,0,1,dcbb3e99371b228d2cde757038a9ba48206ad1eed6d2d1662cfcec52bdacc129,2024-12-10T19:55:56.137000 +CVE-2024-1871,0,0,dcbb3e99371b228d2cde757038a9ba48206ad1eed6d2d1662cfcec52bdacc129,2024-12-10T19:55:56.137000 CVE-2024-1872,0,0,ad000dac8ef2496ce597bea5013bb4d9bc4a26c36c7428589e16338d8f525adf,2024-11-21T08:51:29.627000 CVE-2024-1873,0,0,a265a1d37162e1ced49567600aa7a85cd5a363ca73d2786d74178f5bd173cc9d,2024-11-21T08:51:29.750000 CVE-2024-1874,0,0,b9e9a39981a1796c8ae11eb9992e575ab112661b1d9f76f9596b5e6a79e65919,2024-11-21T08:51:29.893000 -CVE-2024-1875,0,1,ce63bbdf5a256b3e1615829538a59af920e28f05b44b53936636dab4fa5e4bdb,2024-12-10T19:56:33.457000 -CVE-2024-1876,0,1,d6656c9715017a6c5ee6e316ccb9cdcb1cc32fac207b5c1984fd900512b81b39,2024-12-10T19:54:48.283000 -CVE-2024-1877,0,1,d0c0c4ca275ecf378a566c0f5db769848306bf17c7155c8549a74bb3694c4248,2024-12-10T19:55:04.673000 -CVE-2024-1878,0,1,cebde37b9bb9dd80ce6a9207ced6e59f6a807e6c5376446b731e950f9359ad57,2024-12-10T19:52:18.733000 +CVE-2024-1875,0,0,ce63bbdf5a256b3e1615829538a59af920e28f05b44b53936636dab4fa5e4bdb,2024-12-10T19:56:33.457000 +CVE-2024-1876,0,0,d6656c9715017a6c5ee6e316ccb9cdcb1cc32fac207b5c1984fd900512b81b39,2024-12-10T19:54:48.283000 +CVE-2024-1877,0,0,d0c0c4ca275ecf378a566c0f5db769848306bf17c7155c8549a74bb3694c4248,2024-12-10T19:55:04.673000 +CVE-2024-1878,0,0,cebde37b9bb9dd80ce6a9207ced6e59f6a807e6c5376446b731e950f9359ad57,2024-12-10T19:52:18.733000 CVE-2024-1879,0,0,f62e399465860da4b57814b0511a9a0bfbef3b5c2d0fa40320b57e00a41246fe,2024-11-21T08:51:30.603000 CVE-2024-1880,0,0,f0d424cebadb470eb60f563f685e9079bbeba9abe8e8698757d0ed4f893ed0ed,2024-11-21T08:51:30.767000 CVE-2024-1881,0,0,1f3ab4d30a7745b65ef736643ea77ab0a035d1b7a86f89f0504c7655430b65ff,2024-11-21T08:51:30.913000 @@ -245115,7 +245115,7 @@ CVE-2024-1968,0,0,2a9b0ace8391fc3e0c25b1e41dff1a4b4b80300cc75b29c526b48915b4b73b CVE-2024-1969,0,0,becd052632ced38bcf77712277a59b4bba3e152c66d5bb8e636e5fa64bab4508,2024-11-21T08:51:42.163000 CVE-2024-1970,0,0,f7d20d0499b0eca7fa9874af4666447ef4653663ed42486520d1c17d0281853d,2024-11-21T08:51:42.297000 CVE-2024-1971,0,0,a9d60843c8e987d208e3c59ce95ac2e6f450f7dd20020b1fba8658fdc2246d74,2024-11-21T08:51:42.447000 -CVE-2024-1972,0,1,d588fdf4dbff68b8f45f08be28da40cf6da6bb3e3b86b3b959ac11d406e89f60,2024-12-10T19:53:51.173000 +CVE-2024-1972,0,0,d588fdf4dbff68b8f45f08be28da40cf6da6bb3e3b86b3b959ac11d406e89f60,2024-12-10T19:53:51.173000 CVE-2024-1973,0,0,bdcc19c6cd3463ae97ce819fbb0ae7d75ae93c2f8b01f9a3134154723cf24538,2024-11-21T08:51:42.740000 CVE-2024-1974,0,0,ddf10b2e07b26483d69810a06ba5463d244f8930001a2db1397a922f561c064f,2024-11-21T08:51:42.867000 CVE-2024-1975,0,0,1ae0a6f555a0b739aa7c380171466dc1803a13ce978f8add5306445e96cc4399,2024-11-21T08:51:43 @@ -246971,7 +246971,7 @@ CVE-2024-22119,0,0,4bd6f0e5973d39a2a0656293d459ca6ef306ff5763274518b9b5aa7967be8 CVE-2024-2212,0,0,e75e0f2b1f2450fa59e5cec8f477ac1cae4224adbc8f01ea7cf95009aa609f07,2024-11-21T09:09:16.010000 CVE-2024-22120,0,0,8e56862446422e0e91455a2e1599414d6b8f9c030d42b3dcc7917f5cc5622a4c,2024-11-21T08:55:37.330000 CVE-2024-22121,0,0,04688fcf4ead04e75d87d970b502bc82bd60fd65218ebd0ae0a8a7c1417de80a,2024-12-10T16:19:19.810000 -CVE-2024-22122,0,1,a69e95a695ed6b70c3002d8ba75c57f766f7300bf0a8c0b2aa8dfda24d05dfe1,2024-12-10T19:21:09.207000 +CVE-2024-22122,0,0,a69e95a695ed6b70c3002d8ba75c57f766f7300bf0a8c0b2aa8dfda24d05dfe1,2024-12-10T19:21:09.207000 CVE-2024-22123,0,0,9b287ee5cfa5ac853e927cdfbf96855c3d9966d71632c59d89f027e96d407185,2024-12-10T16:32:45.670000 CVE-2024-22124,0,0,d5a044bf5c1dde953a41a09beb3001b525fa50e194473fec9101161bc3275ab9,2024-11-21T08:55:37.677000 CVE-2024-22125,0,0,0b92c8029608ce5d587636ba433cf4c1537d306a9d999b89c6b8f2c55a742714,2024-11-21T08:55:37.863000 @@ -249313,8 +249313,8 @@ CVE-2024-25600,0,0,28903babf8e9ad9ce0e5926e98fade9a295a4e34c50bc53f7183dac7a3597 CVE-2024-25601,0,0,592b72e8287af6c7a3150c0f52361c80173956d1cbaa844c63524e684c186930,2024-11-21T09:01:03.450000 CVE-2024-25602,0,0,43c5fd7be09141d81d52c491e8514b96cba0daa24c348da2dd7a06a5b7ef9400,2024-11-21T09:01:03.573000 CVE-2024-25603,0,0,6efc2ab54ea3be651c1cc1d95ba47da582406dbdf361cbfd55e80b7611a41412,2024-11-21T09:01:03.690000 -CVE-2024-25604,0,0,e99ab3998d72b0c4cb071fd7b44f248cbc2f526c5637c48ad8187ba8f0802d14,2024-11-21T09:01:03.820000 -CVE-2024-25605,0,0,13248e98a50cf18bdd1aac8fea40b9ad74762c87026e640e997c651783a8ffa1,2024-11-21T09:01:03.953000 +CVE-2024-25604,0,1,adb2744e99dce2faa265e66e541e673623a62dc0725d7f7a02f3571eed752f2b,2024-12-10T22:59:32.727000 +CVE-2024-25605,0,1,cd3f213631c053f1b608e3b480951743b40dfcd47cd39c4fbb6227f798899db1,2024-12-10T22:20:47.737000 CVE-2024-25606,0,0,bde9b15898ae8e9ac91d25fcc0eaa7295bb6e28d0668446fd2e7868187bc749d,2024-11-21T09:01:04.087000 CVE-2024-25607,0,0,92a9fb01b0a8ceee06add8818a4f6f32834dea0c68b94bc58e295449a80a9e8b,2024-11-21T09:01:04.213000 CVE-2024-25608,0,0,7279c61e8730c275fdc995418fe07aa60ec60482b57bc6e0726dab12a2b3647c,2024-11-21T09:01:04.343000 @@ -249889,9 +249889,9 @@ CVE-2024-26268,0,0,23e044f877833d2fc9c6cb2791fea7f1b133aec4b8fae18bf04051ac445c2 CVE-2024-26269,0,0,d870fd7aea3811009ab17d04f9dd1d54494e5857babaaa4dcaab41af1197170c,2024-11-21T09:02:16.430000 CVE-2024-2627,0,0,de67bfac37d74088e8645fc2f654e4a2f29dfe354b1fc4a8ac77cbde5ca7bfda,2024-11-21T09:10:09.897000 CVE-2024-26270,0,0,49db57e31c30404ffb3f7bccb6cb6e19533f6fa5e6e33873d874c52de8711e91,2024-11-21T09:02:16.553000 -CVE-2024-26271,0,0,8e0c1c5e02bee7054146a7265121dcd52b04fa98b560845e0627aae3fee59b04,2024-10-30T15:04:11.867000 -CVE-2024-26272,0,0,eb8dd66a1a67138023cc04aece64d0912227322f10d4c108660e98d4e11c2a13,2024-10-30T15:03:51.437000 -CVE-2024-26273,0,0,d2007e2a1444793d822da5c5827867c97d905fdecba6c95addda91b28559bd6a,2024-10-30T15:03:35.040000 +CVE-2024-26271,0,1,f5e20f3e7ade7688c430ad4b5e84f0ca9756226805976c19d5b4529200159d1e,2024-12-10T21:07:04.467000 +CVE-2024-26272,0,1,58a64a22c48ee9a99d489ffa86f4aa8bb22502dcecbaf406b7d5815d612ddd8d,2024-12-10T21:07:02.180000 +CVE-2024-26273,0,1,3ee41ff0c2ea2c1b4a7735a51d1950b78cbd34107596c9cdbc77e1aa48114140,2024-12-10T21:07:07.587000 CVE-2024-26275,0,0,7adf3b58cf07abc79b09e6a4e3ae91eec8606977c2d24583ab33b1ecfa27dc67,2024-11-21T09:02:17.087000 CVE-2024-26276,0,0,2507a0d98d6e86bf82fb6c6e69a8d9b42268b993e1b77dacbb992126b34776dc,2024-11-21T09:02:17.223000 CVE-2024-26277,0,0,883b80b0c2f142d921ae2a08f7c7ab6d81c3acfa65435daae1b7c2df6c5457f2,2024-11-21T09:02:17.347000 @@ -258695,7 +258695,7 @@ CVE-2024-37997,0,0,2006b990dbbb2069eddd0adaaf33aad8aa0cc21c743589acaa3ecc874870e CVE-2024-37998,0,0,dfd861d0b4df4e8d176ddf44fe3d2f2766e372fba153c1d9134a8a6bac6c195f,2024-11-21T09:24:40.713000 CVE-2024-37999,0,0,902faf7d67489217cd37d263849f71c3123d5265d393df6999a24ac65f3049a9,2024-11-21T09:24:40.843000 CVE-2024-3800,0,0,dfab3c406824ce0d4eb335e80feb62aa951ff12b204f0958a043e16218a90fc2,2024-11-21T09:30:25.690000 -CVE-2024-38002,0,0,58599f4de2cc284fd8ed875ee40c3304d2b0920ea464eece36e990df8ef9cf24,2024-10-30T14:47:10.953000 +CVE-2024-38002,0,1,0094626d4d749888df36614a8d2f1e1c8cae759add919cae9539858de17c7d9e,2024-12-10T21:06:57.970000 CVE-2024-3801,0,0,0f8bfa58ad160c9f71633ed43875c383317300520d9a57afb022ce5659399045,2024-11-21T09:30:25.820000 CVE-2024-38010,0,0,738538b21364387fdf533aba47443ed1eb58bd43ab96778d2e27a558178da55f,2024-11-21T09:24:41.133000 CVE-2024-38011,0,0,36a42c1107d1e04c268b3d9879d9ba8cd10e71d7fb8849da71f609adece6ec99,2024-11-21T09:24:41.290000 @@ -262785,10 +262785,52 @@ CVE-2024-43702,0,0,026195b67973267c5f7e1b66b43eadfe3de1f0eaa8dad79a11b9df4d6c345 CVE-2024-43703,0,0,e564d47a3ea8e2e59e7c0c62fe5b37de767d270b87bc716325b902fc07b61a86,2024-12-01T23:15:06.383000 CVE-2024-43704,0,0,82c22af109add6551b6eea89e99a6b50accfdf02d564899eae149615096d5dc8,2024-11-18T17:11:17.393000 CVE-2024-4371,0,0,e83d972dfd798c0045589442b000f085f252e3d21fb48583dd2590000a3618ae,2024-11-21T09:42:43.087000 +CVE-2024-43712,1,1,9ee48631a6c800619b6220970e4109eb3e24b302c90d74a7304d64274af05c08,2024-12-10T22:15:05.830000 +CVE-2024-43713,1,1,88956e95548256f6c441e123f3270b1fea317d031bbd101ad92b391bb25a18e2,2024-12-10T22:15:06.017000 +CVE-2024-43714,1,1,666f0d2462b8965622f2bce3e1536481448c0776ccb5be0162067dee976b3f8e,2024-12-10T22:15:06.200000 +CVE-2024-43715,1,1,40e6484d984150edb4ff88bf91b63943f5590c2eacd1a349b7ae86c49294189c,2024-12-10T22:15:06.377000 +CVE-2024-43716,1,1,07d0c20c4e1a2fa7a3b090c83bbc14eeb6af21216e32e6f9129956c8ae2fdbf9,2024-12-10T22:15:06.533000 +CVE-2024-43717,1,1,8c5304f4d78bbbcef5a32ae9021c13cb27a91dba45d8d57dcebd7def864f105d,2024-12-10T22:15:06.703000 +CVE-2024-43718,1,1,0ab5b1e3d3ace879d3623681441f70a779d5314e5c6f6389c1ff5e977a88a438,2024-12-10T22:15:06.860000 +CVE-2024-43719,1,1,9764b408538f848cead0dbf1069f4f60876464b760786acd334cf9fdc053a9f3,2024-12-10T22:15:07.010000 CVE-2024-4372,0,0,80047d29f24899dba9fb9823b96bdeb83dfdd1716f145c555f0448a73bb4cc01,2024-11-21T09:42:43.207000 +CVE-2024-43720,1,1,76928c5ef0db8034461437c52b5e02bc4ab89b62901520cc068aaecd2e3bd7e1,2024-12-10T22:15:07.160000 +CVE-2024-43721,1,1,1d14669fb2267cca251017e411673fc0a5df2b6fd792dc42405d131907e00156,2024-12-10T22:15:07.310000 +CVE-2024-43722,1,1,4026577d9c2c5d0a91c4a01d11148854c0f7c886ab80408495ce0328beeb76e2,2024-12-10T22:15:07.500000 +CVE-2024-43723,1,1,a882053d237d18e0e8eefe2d71e82c0a14d443b202d47a33a30e3e8adbf3bfa5,2024-12-10T22:15:07.663000 +CVE-2024-43724,1,1,3763064ce7e37065a077ec6473a10ccc04397cda18e7c8c86f86b3ae8f2db6df,2024-12-10T22:15:07.827000 +CVE-2024-43725,1,1,b99691726340b14dfc9dd0a0f49db5e6762d480ba8b60b38feeec8069cdfb7e0,2024-12-10T22:15:07.987000 +CVE-2024-43726,1,1,00d012e8bd070b6cdc9c1783a3576c3cf39050d3d6de64779d2c2dc095eb4d11,2024-12-10T22:15:08.170000 +CVE-2024-43727,1,1,39302cc38bcac03174fffb97dd3d3a6d80358a26c96b3ce45b836ad145d7c9e1,2024-12-10T22:15:08.330000 +CVE-2024-43728,1,1,c80985dd09e7ad8e39033d40eab120361ef4cd20028c9141a119799a6de9cb56,2024-12-10T22:15:08.500000 +CVE-2024-43729,1,1,adb8cec74aefe4e2cfc467a901674867119c5db8a8c5ed8279b28d237247afbb,2024-12-10T22:15:08.653000 CVE-2024-4373,0,0,90a0bc6a003143c6727c6fb96559f1f531614f51612ca46e3d9865e65abf33ed,2024-11-21T09:42:43.307000 +CVE-2024-43730,1,1,554b1f9dd4303d16e148076363d22a5eaf6cd3919eca15f869c24534b3e41a85,2024-12-10T22:15:08.800000 +CVE-2024-43731,1,1,618b4905d50c5a0f9653dc2d108ad6dbef8dcb1c3da71a8e0ab10155221c1c24,2024-12-10T22:15:08.953000 +CVE-2024-43732,1,1,16f50ba3e588ed01ca62ccb83b3016c041510ef147ba4e1eb16e8a57578344ec,2024-12-10T22:15:09.130000 +CVE-2024-43733,1,1,8a2211464cd02d7d0b3b54ac4e6e1bb3e3daabe02b23e820e01a3134f70c7b70,2024-12-10T22:15:09.330000 +CVE-2024-43734,1,1,5cf55b57e5738f86b87bbf2f8c7946ec3009db6f917dff7efaa176e79862b48b,2024-12-10T22:15:09.507000 +CVE-2024-43735,1,1,3de86dad72105c21814c232ac1ef9a581d3117e305e89a6a34fb420fef13f244,2024-12-10T22:15:09.670000 +CVE-2024-43736,1,1,3bd86a8f7c02c75b998104c9d43a9b6ec3fe6cbe8f381abaf6fa63a2a0b7d5ac,2024-12-10T22:15:09.840000 +CVE-2024-43737,1,1,2de6a61b4b618b9aeb86d6d56b2c66702cf2bc626d9e8e3bb1c75c86799d1cfb,2024-12-10T22:15:09.990000 +CVE-2024-43738,1,1,cf243843202dfab5a56a12222bca23d48fee7cc9c3056586bd57879f9e07aaa1,2024-12-10T22:15:10.153000 +CVE-2024-43739,1,1,49b94328668b277f5692616ddd2ee3143ee106234cbb03ec090baea1fcd6519e,2024-12-10T22:15:10.320000 CVE-2024-4374,0,0,0fc50b1de94238d83b826da2552010ff2a72cfbd8cd99e9aecee9f37433a6dbd,2024-11-21T09:42:43.410000 +CVE-2024-43740,1,1,c42a7cb58a34fe645b4e8ba4fa4f8195739fe32fc629b332138fc00fdc3d2eaa,2024-12-10T22:15:10.480000 +CVE-2024-43742,1,1,3626c593ea81e22089939d8eac91324d283bf7ae758a9ddc4900be70cdbb89bb,2024-12-10T22:15:10.633000 +CVE-2024-43743,1,1,30d50929f9185598230408f40fefb5ac6acf1ca6df5d52dec9f2959ea925a099,2024-12-10T22:15:10.787000 +CVE-2024-43744,1,1,a2c80a04a2d0b0708514970dd2adae417c720657458d50b19d922560cb75bea5,2024-12-10T22:15:10.950000 +CVE-2024-43745,1,1,b4e07d49a252d0ab5d4b47d0387e1c0cc24d59ba34f7c05c774af898ebab4667,2024-12-10T22:15:11.110000 +CVE-2024-43746,1,1,2da115c92ba05ae13896d0a270473a809ddb02762d8bd8a1e96866e650ebfc75,2024-12-10T22:15:11.277000 +CVE-2024-43747,1,1,e6cb69f695b1a963b1cc982b1f1849f12c9404b32a2f4dccf9b1006f06626cfa,2024-12-10T22:15:11.440000 +CVE-2024-43748,1,1,70a7a62895d4866bcda6fbe965b30937af6854c16b6c23de9c20cc6466631add,2024-12-10T22:15:11.597000 +CVE-2024-43749,1,1,035809cd32c66ba2d3808ce1bf38a99f7a6a8179f1fa29c433623b873f955924,2024-12-10T22:15:11.763000 CVE-2024-4375,0,0,226fb639a4436df6c70ad0c0a2a37d985a688254ed5b66b084e0fcdf89f3a83f,2024-11-21T09:42:43.523000 +CVE-2024-43750,1,1,5ff2bfa8f71453312fdcd917de2a161927bb75aec34801406c9417234bcaa687,2024-12-10T22:15:11.913000 +CVE-2024-43751,1,1,3884ff7ef488e7bbf2ab6953f704cfc41f1ed4521198206ecbe782828399e93b,2024-12-10T22:15:12.057000 +CVE-2024-43752,1,1,ba2dd2eda9200d8f82d846378bdcc47ad8ef5b6b8cbc72dd3e5f07ec22d3d559,2024-12-10T22:15:12.203000 +CVE-2024-43754,1,1,5798001f2eace304b743b28c8777db35d8d6bf4097d149a34408e50277858bd8,2024-12-10T22:15:12.343000 +CVE-2024-43755,1,1,220e68bab73625cee39348db067804689cbea3cc00850eb811f1343d1aeb2a7b,2024-12-10T22:15:12.507000 CVE-2024-43756,0,0,574012d52ba61623896d593dde944e97d1e4486f17b00226542a0b61b33f8b0d,2024-09-13T17:00:59.890000 CVE-2024-43758,0,0,572e17c14d16efa1d490120c56ed34a19c6fc103a35ebd610b716ea536d9632d,2024-09-13T17:27:33.230000 CVE-2024-43759,0,0,4270d1c80d4da61f734b4e2d0cec7cefaa5eece74e1d071a8d6c550e1b8941c2,2024-09-13T17:13:35.427000 @@ -262911,7 +262953,7 @@ CVE-2024-43879,0,0,cb7b3cfa1ed9fa4dd22345c94ae271a52fd44dd5bba20e03039cbabba1b4c CVE-2024-4388,0,0,99837116e7040f5b622c67ef977204da09fa60ddf02adfd57f2ad5e8d67736b6,2024-11-21T09:42:44.950000 CVE-2024-43880,0,0,231db0059b312bb2021c650db67b90f28f37ef8fa6891864c39dfabd491c0ab7,2024-08-21T12:30:33.697000 CVE-2024-43881,0,0,a40946e430007d3d83ea6de83f76454a9e9d71f940866bbda51302ab2716b573,2024-08-21T12:30:33.697000 -CVE-2024-43882,0,1,191a6ebc904e562892e83344a89b69f15bda76e02e01bea2af35ee72c88544c0,2024-12-10T19:15:26.840000 +CVE-2024-43882,0,0,191a6ebc904e562892e83344a89b69f15bda76e02e01bea2af35ee72c88544c0,2024-12-10T19:15:26.840000 CVE-2024-43883,0,0,830ced1a8aa6d306882d397b240dd3e11fc6c78568e78aa08961a039c4411b4c,2024-08-23T16:18:28.547000 CVE-2024-43884,0,0,bfa8db10caff52ce1921f51ca3ed5f816034c91fd434a9ca3c4abf7fe0e0d257,2024-09-04T12:15:04.927000 CVE-2024-43885,0,0,ce63004cf6cf26717c7c4032c76c66d0ed8da5d8344ffa40ce8e2cc1f3923cd2,2024-10-29T02:15:07.143000 @@ -263712,6 +263754,8 @@ CVE-2024-4515,0,0,7504024f77fc639532586006edbcd7df35e7f34ba56f61d68d467513e18a66 CVE-2024-45150,0,0,95b51ecadaebd1691fb6d0830c72849a15d157444cecbdab2e0bb3fba208f418,2024-10-18T14:35:32.140000 CVE-2024-45152,0,0,078be3b278fe562a83e4cffd61092d0b3a581e3cb96347e3601fbbc38485ff00,2024-10-18T14:41:51.683000 CVE-2024-45153,0,0,fbfef51b891369d8b4535dbd73c5037c896ececfed8b242bc1453c48af4b8df5,2024-12-02T22:44:29.430000 +CVE-2024-45155,1,1,91bfa5e04c5eb2f4e380705bd73ab70bce386f8d80e6e498ed0a8564bf2c613b,2024-12-10T21:15:15.983000 +CVE-2024-45156,1,1,393e553077f143d91adf4733a682f0adbf93d392b916d327253f5b4a77c3d538,2024-12-10T21:15:16.137000 CVE-2024-45157,0,0,a69b06d34ddf029527ac0ac1fe5b34d92807642f681ef6bd757e92f99741f827,2024-09-12T16:29:42.717000 CVE-2024-45158,0,0,3f9bce1afa9a77d0a545f8d7bc11dfbcc4df3d1e21a774f7f4e024057033de58,2024-09-06T19:35:26.390000 CVE-2024-45159,0,0,6443b31bd8a87954adf636c6caa04225967184f7d72f05db7c10765203afb376,2024-09-19T18:26:24.687000 @@ -264083,7 +264127,7 @@ CVE-2024-45717,0,0,d0042290bedfde686afafcdb66609ec6e09f7a07ad76868bcb14ec916e681 CVE-2024-45719,0,0,6ca7636d4f46abcbe25b85f74f485dd396329e29ed902891ee416ba7b0049fcb,2024-11-22T21:15:18.130000 CVE-2024-4572,0,0,6754f54e88e479a744a4367c8d1d2577fd697a90d0783dabcb9fc508df61090e,2024-05-14T15:44:06.153000 CVE-2024-45720,0,0,ab26e4a66e708abfafd5a0e7f8395b5431ac8a5c3efe1cec42e73393318df61a,2024-11-21T09:38:01.030000 -CVE-2024-45722,0,1,99e90dead076fb9e9fc18a56f056cd7375b2604ff68394e92c9018d081e9439e,2024-12-10T19:49:53.693000 +CVE-2024-45722,0,0,99e90dead076fb9e9fc18a56f056cd7375b2604ff68394e92c9018d081e9439e,2024-12-10T19:49:53.693000 CVE-2024-45723,0,0,c2919885d5759b94d1a6e43d666f2e6812bf29c2a138a6ff28db8cbe1dc6e5b4,2024-10-17T17:15:12.110000 CVE-2024-45731,0,0,9e6b9f6efc83855233c254d65e09470d9fc869b8f01875e0d9ffb17f0327775d,2024-10-17T13:09:33.017000 CVE-2024-45732,0,0,24cc0b0152e81ea15c2666bee2821d54ec33ce4703507dd7a1a16283e1a3b77d,2024-10-17T13:03:52.153000 @@ -264349,8 +264393,8 @@ CVE-2024-46330,0,0,fb0912248c72cdb890e148fb8d15fc4a24d9dfffc5c218fc836550de7cd4e CVE-2024-46331,0,0,6291a6cdf65b126a104c517cdbb8a547242f83239cadbf67a03f4d15648664f1,2024-09-30T12:45:57.823000 CVE-2024-46333,0,0,c870313be8293ae808f6f74cc79ece6e4d82dedcd46cf642a068e85f3720b28d,2024-09-30T12:45:57.823000 CVE-2024-4634,0,0,5b054bd144b9176362ee5c6f20d9184237b3f1751e5cc99bd16dbf550697f8a4,2024-11-21T09:43:15.343000 -CVE-2024-46340,1,1,37078bf5f7f3b7a1ef33e5e4adee87eecc0074045c3312ec06566ade68ff9a5e,2024-12-10T20:15:15.003000 -CVE-2024-46341,1,1,b001c98e3a96186be77e567c8b4593c21fb91e3a1b9d0c6b1574a97322024b0f,2024-12-10T20:15:15.110000 +CVE-2024-46340,0,0,37078bf5f7f3b7a1ef33e5e4adee87eecc0074045c3312ec06566ade68ff9a5e,2024-12-10T20:15:15.003000 +CVE-2024-46341,0,0,b001c98e3a96186be77e567c8b4593c21fb91e3a1b9d0c6b1574a97322024b0f,2024-12-10T20:15:15.110000 CVE-2024-4635,0,0,87f43db3808bf2002a7413b8e77f45922cac81f6b6e7149135bfc36fd2d70fdd,2024-11-21T09:43:15.457000 CVE-2024-4636,0,0,8496ac08c742f16db29c83aed5f523dca16873775dbf14d9aa4b48fa10b23c93,2024-11-21T09:43:15.583000 CVE-2024-46362,0,0,fb5d79f4b45f1bbb3eb6ebc0aef2b631b253923607b2e455ece7fd1f0a5d6943,2024-09-20T12:30:51.220000 @@ -264378,7 +264422,7 @@ CVE-2024-46424,0,0,2273b0f58286ad09b52a454674cc24b223f9c5afb4eee6fc1ffbbf08a1bb4 CVE-2024-4643,0,0,c72eb0e24aa15a0242ddb46f10dd387e245484987d8feff675043a9a2f0b31ff,2024-08-02T12:59:43.990000 CVE-2024-4644,0,0,789900a44e8049f565d0a084645f78e0226f44174b1ef54d3027776d0eb82aaf,2024-11-21T09:43:16.477000 CVE-2024-46441,0,0,228695ddcca85ab6755bc8a154549c980bf013ca49086460cfb0ab87ca194c52,2024-09-30T12:45:57.823000 -CVE-2024-46442,1,1,6c8b8bef1dab21f40adbcd51dfcf62b9d321d44a0adb5ec18375679fd239b811,2024-12-10T19:15:27.030000 +CVE-2024-46442,0,0,6c8b8bef1dab21f40adbcd51dfcf62b9d321d44a0adb5ec18375679fd239b811,2024-12-10T19:15:27.030000 CVE-2024-46446,0,0,32498f8ed9e97dfaea9d9d29b52aff01ff427c37b0ae17db53d50ecbc649b2b9,2024-10-11T13:04:46.337000 CVE-2024-4645,0,0,ae6fcbc17927f6fb7b15dd7e2cd4ad23d3bc0045e51ea10de74a0f641554c9cd,2024-11-21T09:43:16.590000 CVE-2024-46451,0,0,5691c8cee8fae2502da71b898418de27414898c09a161c995aa0a792f136951b,2024-09-17T14:35:31.353000 @@ -264721,7 +264765,7 @@ CVE-2024-4687,0,0,691fbe5c860edbdf18385945123ec35fc420e5337163168b9949809bc18727 CVE-2024-46870,0,0,1fd806f0972b8da340a2a96a775ca19e71689c6390ef179657882172ad5e53cb,2024-10-23T14:26:28.690000 CVE-2024-46871,0,0,25711ed8f60be9fcc0c5d63db63009a76fb8ed8d5dae3e3140cfc88e40df7df2,2024-10-23T16:10:48.077000 CVE-2024-46872,0,0,b89329ee39c24a048dc575ac8e49e59d1a714d7b0226ecee7aec778895c50c1d,2024-11-08T15:00:42.473000 -CVE-2024-46874,0,1,7cd8dd89d78842b3d31398ec57d48f865eac45f15801623ff544059d786fed98,2024-12-10T19:49:18.773000 +CVE-2024-46874,0,0,7cd8dd89d78842b3d31398ec57d48f865eac45f15801623ff544059d786fed98,2024-12-10T19:49:18.773000 CVE-2024-4688,0,0,0da5a2cc4532b2a20302b23569ddc0737195b6ffa097a6ed8db87ef0127f00f2,2024-11-21T09:43:23.167000 CVE-2024-46886,0,0,9a63353229e01fb1edd6f3ab48979b30c42407a9917c12b34caece3fb7192dd7,2024-10-10T12:56:30.817000 CVE-2024-46887,0,0,18c6791960d0c0f0f98cf0b746a3fe10c5dc360b7c999b0a9994c1273a38d556,2024-10-10T12:56:30.817000 @@ -264912,7 +264956,7 @@ CVE-2024-47139,0,0,2ea80937ea44c41ff081df285d143843d8800649d52ee529467323c945f04 CVE-2024-4714,0,0,0d524d117aabf03780c7be3f44074976485dfc4d101c0f965f441387c1ce48e4,2024-11-21T09:43:26.100000 CVE-2024-47142,0,0,3b160aeed892b3de0fae2f0bd942190d42286dfc37500bd913fc0a3b0770ad8c,2024-11-22T02:15:21.280000 CVE-2024-47145,0,0,060f9bb9a43b25110359917405fc9bc4bfa91006f8a71471b803c37bd9f0df18,2024-09-26T18:42:33.550000 -CVE-2024-47146,0,1,4c1ec2fd77a55fc12a380140e8b75abce8b99c7554038e5bb49a8e56f7893728,2024-12-10T19:45:51.023000 +CVE-2024-47146,0,0,4c1ec2fd77a55fc12a380140e8b75abce8b99c7554038e5bb49a8e56f7893728,2024-12-10T19:45:51.023000 CVE-2024-4715,0,0,cfdee50dbf680b557a3c5935dd446958982a7767348e746e1514b6a87d45fd32,2024-11-21T09:43:26.243000 CVE-2024-47158,0,0,b0c240c01999f96b32d54a0c5d41b1284741ebcdb34e1f30df025b02e60124f4,2024-11-06T17:10:03.857000 CVE-2024-47159,0,0,dc6f344db4381cf6189daa37a80d59a488ca43c446da4d79e165921cf750d139,2024-09-24T18:09:50.877000 @@ -265216,7 +265260,7 @@ CVE-2024-47534,0,0,df13f2ee68fa5e66e525b7b1f66f6aa0f0e1c060ce893dece259dc49bb627 CVE-2024-47535,0,0,298d41133677422a8f6d390f12d2cec10b4d60092e295406e026ea754c8a295e,2024-11-13T17:01:58.603000 CVE-2024-47536,0,0,6f8a4b4f8220f9b26154b954ad727df271a73f901fc0c3d5863c162fae5afc51,2024-10-04T13:51:25.567000 CVE-2024-4754,0,0,f946bc350cafc376503b251e8950814dfbf85a03e7ce93cc628c4f28533490c5,2024-11-21T09:43:31.777000 -CVE-2024-47547,0,1,2d31481abca240bc3ed5dcc05f409322a0c2b6bcc9f35c57907a82a526bf2e3f,2024-12-10T19:57:32.987000 +CVE-2024-47547,0,0,2d31481abca240bc3ed5dcc05f409322a0c2b6bcc9f35c57907a82a526bf2e3f,2024-12-10T19:57:32.987000 CVE-2024-47549,0,0,ec88edfad973e804c3e080b206fe5d22667e6bea7ecbaa56013ae1c9427b52bf,2024-11-05T19:40:52.070000 CVE-2024-4755,0,0,cf57304aa4a44badae0bfd971e93fc9d9b32ba95a21a3c55b71d92c862671250,2024-11-21T09:43:31.903000 CVE-2024-47553,0,0,86bf9ae6dcc3735351cc1155667ad5cbbc337c0ab20eeec82226cca16ce83de4,2024-10-11T20:04:08.623000 @@ -265438,7 +265482,7 @@ CVE-2024-47783,0,0,fcfe88cb3d1e313bb730c45aacf4eeca0f4bc7b4d2b5203d3a436193c5be1 CVE-2024-47789,0,0,4e41e3af7c3971f8658317523511cc8ea6d0da3f22708f230815441b517be231,2024-10-14T11:15:11.797000 CVE-2024-4779,0,0,2e1aaf861b56995420e2ecd41fb05fbeff0136f0ff02e8684e6cad712f3005ea,2024-11-21T09:43:35.870000 CVE-2024-47790,0,0,0033caa01d3b380ade4380efa296858b7b158eabdc29e84feb2d5832c0b983fa,2024-10-14T11:15:11.930000 -CVE-2024-47791,0,1,be995f7141981aa18e628c662f4ba93d9830bbfbb331a3c86fa3b8ff33c53b4f,2024-12-10T19:44:43.937000 +CVE-2024-47791,0,0,be995f7141981aa18e628c662f4ba93d9830bbfbb331a3c86fa3b8ff33c53b4f,2024-12-10T19:44:43.937000 CVE-2024-47793,0,0,882b9f21365001a1bbe1427d7ecd7686f09cb53c26df041c802a57c5badf616d,2024-10-21T21:25:36.697000 CVE-2024-47797,0,0,1db7c191d78a0c4eb63d4cdd8fe193396dc3e7794237bd9d846daea68af0e9f7,2024-11-06T15:24:53.210000 CVE-2024-47799,0,0,c3938335baae6d700a63faf82e2306985214819a9aa9e9a31818efb7cbeda4db,2024-11-12T13:55:21.227000 @@ -265842,7 +265886,7 @@ CVE-2024-4869,0,0,a498392e92d4315a3c1a63f0751024c8b7def437eeab49123db178ff4b1bb7 CVE-2024-48694,0,0,faeae9ab327b97202e086aff921470e6b984670cc294f1289742129b482c0fbd,2024-11-21T17:15:20.110000 CVE-2024-4870,0,0,0ea27412573995f30563e69813626323b1c481b1ce23f80a057c978dadba8008,2024-11-21T09:43:45.780000 CVE-2024-48700,0,0,01c4f559aaf90a38c82d132f177d7376c563e831acc8fed72ee735b60694278e,2024-10-29T19:35:24.643000 -CVE-2024-48703,0,1,1ce669a35e3bcbdd7497a86794488f0a116095a559c7bc7db605194b08446a0b,2024-12-10T19:56:48.667000 +CVE-2024-48703,0,0,1ce669a35e3bcbdd7497a86794488f0a116095a559c7bc7db605194b08446a0b,2024-12-10T19:56:48.667000 CVE-2024-48706,0,0,01b14d93ae4ee00944ef1cd75a9875b03abdc2bf7e76fb805796512272c54952,2024-10-25T18:58:35.380000 CVE-2024-48707,0,0,8c5783a4e9b64c0d59925994774447278a2e90a82fd2cd55ee2072a8b3d5b0c7,2024-10-25T19:11:54.310000 CVE-2024-48708,0,0,e061892415ada1b97948e5eaa0f479bd634d96d643152026ca3698c48e905eeb,2024-10-25T19:10:08.457000 @@ -265932,7 +265976,7 @@ CVE-2024-48868,0,0,a361a60d99edf5eb37f88ec8c1d3def4ba0c27590c70d263656b8125a909b CVE-2024-4887,0,0,a0d0f9a8fb046d1d64dccc572def5193a849cd711291225c860f9ae76aeae91c,2024-11-21T09:43:47.697000 CVE-2024-48870,0,0,18a307d8f6128cb29a6984af9c786b2a3f86ad0eb48edcca47ed5bd77f7947c8,2024-11-05T19:34:38.287000 CVE-2024-48871,0,0,26251cd83e6649c982aae8c8ae34bd0a5b5fab36220ebce9438b806232b57b8a,2024-12-06T18:15:25.267000 -CVE-2024-48874,0,1,e91353b4c897eac0214447eb130bdebec65a99afda7693b4da55208dff63bd11,2024-12-10T19:44:16.093000 +CVE-2024-48874,0,0,e91353b4c897eac0214447eb130bdebec65a99afda7693b4da55208dff63bd11,2024-12-10T19:44:16.093000 CVE-2024-48878,0,0,61df8c716ea1a9423d8f98d007fe741d86381fb579c3442ef6d827deee3b213c,2024-11-05T19:44:58.650000 CVE-2024-4888,0,0,976e7b832bf79393aa2e37e49c175837ff0b0624805b5936dd6a88fac194c14c,2024-11-21T09:43:47.830000 CVE-2024-4889,0,0,448c1f70818477ae58b5a3970f23d80223b8e0f9ef22dccf9b38608a258d6da6,2024-11-21T09:43:47.970000 @@ -266311,6 +266355,7 @@ CVE-2024-49509,0,0,15e897a9631a64e5146680986f3191fcf788babf34f3f0ba79ae3fe2c381d CVE-2024-49510,0,0,fe711f4c1936cc4d1c1a59bfdb147d64db234c5a51b851c0183ceb3b562d496d,2024-11-16T00:35:01.073000 CVE-2024-49511,0,0,c1a397163534f4b11a270038019b332581e67fda877ef20583e441a6f830b9d0,2024-11-16T00:34:33.607000 CVE-2024-49512,0,0,02ef47bf10e6dce59ce4befda9ee5100105274d34a60a4569c66eb776013d5cb,2024-11-16T00:34:20.890000 +CVE-2024-49513,1,1,f2e4fe215006d0241ece39a7212b8e68a1ac71e5d832e3383127ee041cc059a9,2024-12-10T21:15:16.343000 CVE-2024-49514,0,0,168a9134372c0d9a29fab9f489e9694c2368c05c346e3fe45209179b57524370,2024-11-18T18:06:39.030000 CVE-2024-49515,0,0,4ad3af5f10e18882a5a32566a0bec8998bc31a66f706415135803550e7f84b15,2024-11-13T19:14:24.320000 CVE-2024-49516,0,0,44da5d94482e4b65792e0d29a7ef15205438256f74e207e521457b4cb0fb7589,2024-11-13T18:52:31.573000 @@ -266327,17 +266372,28 @@ CVE-2024-49526,0,0,91580bc5ef55e25ba729bb7bf366a72fbcf6af47e1af7f62e9c6a47dd997a CVE-2024-49527,0,0,2aa6a84e4675e2195018ca2b89e39728b9baba0d87502ca908133e0e2b2a4ff1,2024-11-18T18:39:52.213000 CVE-2024-49528,0,0,63319d635eea06771d746aaef2fa7b933b9c0f0420f665631edc0ca867ae10a0,2024-11-18T18:34:56.667000 CVE-2024-49529,0,0,bc912441c1467e88d09c1eebc868707893b19843941c8a4da84053631d70d7a6,2024-12-03T14:37:05.960000 -CVE-2024-49530,1,1,afafe2f9e708a0df7b6d673b385a03bf08c9e6f95dcc179119b1592790dc1dc9,2024-12-10T20:15:18.107000 -CVE-2024-49531,1,1,43539ba71c9f721c1ff762780d88d45522d85ce331f91d895b58432f07e6d879,2024-12-10T20:15:18.270000 -CVE-2024-49532,1,1,9d1b9b0ce859c1d811e40a145a253b8ac17e8ce809f6d790ab23d88b89f25e5c,2024-12-10T20:15:18.417000 -CVE-2024-49533,1,1,75968618599fd3437292a06f84769b4df1570448be7e5d716f073cc32a878c69,2024-12-10T20:15:18.563000 -CVE-2024-49534,1,1,2de7ddeb964d1e2f1108f1d599e0866d435c778aa898e98642e7d656c11b74cf,2024-12-10T20:15:18.743000 -CVE-2024-49535,1,1,e52b71be2403d7e7c7ec6df87555241b12f0d6af2e7ed28d403cc9e5574871ea,2024-12-10T20:15:18.923000 +CVE-2024-49530,0,0,afafe2f9e708a0df7b6d673b385a03bf08c9e6f95dcc179119b1592790dc1dc9,2024-12-10T20:15:18.107000 +CVE-2024-49531,0,0,43539ba71c9f721c1ff762780d88d45522d85ce331f91d895b58432f07e6d879,2024-12-10T20:15:18.270000 +CVE-2024-49532,0,0,9d1b9b0ce859c1d811e40a145a253b8ac17e8ce809f6d790ab23d88b89f25e5c,2024-12-10T20:15:18.417000 +CVE-2024-49533,0,0,75968618599fd3437292a06f84769b4df1570448be7e5d716f073cc32a878c69,2024-12-10T20:15:18.563000 +CVE-2024-49534,0,0,2de7ddeb964d1e2f1108f1d599e0866d435c778aa898e98642e7d656c11b74cf,2024-12-10T20:15:18.743000 +CVE-2024-49535,0,0,e52b71be2403d7e7c7ec6df87555241b12f0d6af2e7ed28d403cc9e5574871ea,2024-12-10T20:15:18.923000 CVE-2024-49536,0,0,3226abc075af5af9440f5cdc9a3a66360f030ce3d405055960c0bca748fe4e92,2024-11-19T21:21:45.640000 -CVE-2024-49551,1,1,9445123a9c53b54d733fa08f43beb18f2ce6084e52ab61a7d528ad5ab92d83ca,2024-12-10T20:15:19.110000 -CVE-2024-49552,1,1,012ff5acfeb4e368169fa593e29c252993e80910ce98090bc36411dfd72cd242,2024-12-10T20:15:19.297000 -CVE-2024-49553,1,1,0ee5fb71153e208c0ba26614c22b2b1366f3826855b9b3b8fb41e8c5ca08636a,2024-12-10T20:15:19.530000 -CVE-2024-49554,1,1,e10a61d95f914e7fdca9f6609e64cc90a34963d463d52abfafc973ca5a974981,2024-12-10T20:15:19.963000 +CVE-2024-49537,1,1,9069a21f9ad82f63c2008fa214d1f0de46072a9dfd4ccd673ef0f8c9a149a49e,2024-12-10T21:15:16.500000 +CVE-2024-49538,1,1,81e85541e5661b26b50f4faa760250dc680859c0e56bb2cdf63fb912d594cf0a,2024-12-10T21:15:16.650000 +CVE-2024-49541,1,1,6c831ac9f6a3d11b676851a3d48c47166db3deef8bf35cccb4c42727ed1f24c2,2024-12-10T21:15:16.793000 +CVE-2024-49543,1,1,924475ae14f5d8ac0778b81265b81215ae6e2e70c39ad4176421ee7522bfb47e,2024-12-10T21:15:16.937000 +CVE-2024-49544,1,1,4ad36cc37598ffc2500960ab3589eedde9fbfb4be99d63a99a410eb31f285cb3,2024-12-10T21:15:17.073000 +CVE-2024-49545,1,1,4388025dcd940fca76d7eb8cf825b27e42f62038077b655f252866452a814b21,2024-12-10T21:15:17.220000 +CVE-2024-49546,1,1,3fa6d3ea3e007d50bb60e9761b11c951037efca9d325db42c8cdc612d790891e,2024-12-10T21:15:17.350000 +CVE-2024-49547,1,1,42cbe1a8169f080c60083e78853a43df10036fc439fec11e8c9fbb6ee3bc7ade,2024-12-10T21:15:17.483000 +CVE-2024-49548,1,1,d15d7a4ef91d0628ddda6e603a3bee21c45696be5f379adad00ea725e1a1245e,2024-12-10T21:15:17.617000 +CVE-2024-49549,1,1,fde806fc727424d2a36b3e057dc22c4803c1ce162cbcff5dca073789456a2c1e,2024-12-10T21:15:17.753000 +CVE-2024-49550,1,1,05badb1c283042dac26c35d1bdd2b9cbec87de216b529b66dd1d3cafdffb27e9,2024-12-10T21:15:17.903000 +CVE-2024-49551,0,0,9445123a9c53b54d733fa08f43beb18f2ce6084e52ab61a7d528ad5ab92d83ca,2024-12-10T20:15:19.110000 +CVE-2024-49552,0,0,012ff5acfeb4e368169fa593e29c252993e80910ce98090bc36411dfd72cd242,2024-12-10T20:15:19.297000 +CVE-2024-49553,0,0,0ee5fb71153e208c0ba26614c22b2b1366f3826855b9b3b8fb41e8c5ca08636a,2024-12-10T20:15:19.530000 +CVE-2024-49554,0,0,e10a61d95f914e7fdca9f6609e64cc90a34963d463d52abfafc973ca5a974981,2024-12-10T20:15:19.963000 CVE-2024-49557,0,0,5532c034124e1339f170ece3ff737643de5d5d0ee060aa342b412b3b95df7056,2024-11-15T17:36:47.110000 CVE-2024-49558,0,0,d6190c4fa083ad35fb776a8089e14895ccaced89c942fbc8e925117ea666e076,2024-11-15T17:35:54.480000 CVE-2024-4956,0,0,b59f0fa653d583ff50139b3494916619d3242eed1a7ae59aab01da9b6e8c6c91,2024-11-21T09:43:56.520000 @@ -267279,7 +267335,7 @@ CVE-2024-50614,0,0,29f22ac93163ff1303a42a1fec38fde0552d285d63129bbab00c726fede4a CVE-2024-50615,0,0,4d2a2e353be570a02fcdfff0b42fb37b106e2c1e8ab4e77f1c580e4daa183aa0,2024-10-30T20:35:37.310000 CVE-2024-50616,0,0,f16f40ce12577bc20e6d17ff8fa15bd5a1f69a543581dc34546ce7e8ac77217c,2024-10-30T20:35:38.380000 CVE-2024-5062,0,0,9128f70d0672705b0b285f525f62637be138c9786cd6adfa5de361b1c4e33225,2024-11-21T09:46:53.077000 -CVE-2024-50623,0,1,6fcd66e2e3cba1cd1f30ebab630bce12ee40ef64a6546c3f39f7c8deba3898a7,2024-12-10T20:15:20.257000 +CVE-2024-50623,0,0,6fcd66e2e3cba1cd1f30ebab630bce12ee40ef64a6546c3f39f7c8deba3898a7,2024-12-10T20:15:20.257000 CVE-2024-50624,0,0,425b4912ca74d0f19519cece63451f565c900b6a769644536a74ca4edcfab020,2024-10-30T21:35:12.223000 CVE-2024-50625,0,0,5abc4084e07d9a3c79345867768f046fd6b8291d524d27fdad129b14201bd194,2024-12-09T22:15:22.610000 CVE-2024-50626,0,0,663472eceab67dc8729488b116bdfc4f91c7ae178fe7f09c80d8f236516196dd,2024-12-09T22:15:22.733000 @@ -267308,7 +267364,7 @@ CVE-2024-50671,0,0,99782c17088a8d91d172d01f5a082085329526fd6f7189288ae0f91a8aaa1 CVE-2024-50672,0,0,a506f4d2b4e62571040ff3dd4b935bbaea397a7aabe2668687c8152c3cc151d7,2024-11-27T17:15:12.563000 CVE-2024-50677,0,0,54ff67392f620dccd9eeb53d31061bc888e708182d6ec73491b20cd570e10405,2024-12-06T17:15:10.180000 CVE-2024-5069,0,0,ad719aec2191fa4733004e376bcb495f235c4247fa2915a6912d571066c414e6,2024-11-21T09:46:53.973000 -CVE-2024-50699,1,1,42f483b91d404a323ae121397e8661f088733655bb29ba40851fe0711766e716,2024-12-10T19:15:30.193000 +CVE-2024-50699,0,0,42f483b91d404a323ae121397e8661f088733655bb29ba40851fe0711766e716,2024-12-10T19:15:30.193000 CVE-2024-5071,0,0,6dfa056d4abe7e6b37a7311009a7ee0087dcbc392285cd9b9ee51e94d1bed9a4,2024-11-21T09:46:54.120000 CVE-2024-5072,0,0,38bd8ba0572ad544e5273dfb8f5f6bfba13772caa98624367620d218345874da,2024-11-21T09:46:54.310000 CVE-2024-50724,0,0,6e4d1b405e7d4d8af96a4ce9056390bb6e194678013e22ab1b6431ba706461bd,2024-12-03T17:15:11.820000 @@ -267368,14 +267424,14 @@ CVE-2024-5090,0,0,7b6c0d5d4fe6cd2b9ee39cf4e630635d858bd47c5d22afc5ac55f4a356dc9e CVE-2024-5091,0,0,942cd7816598a9a38306116813c44d46c4017ec3ca91059e04ec4c54cf0eda30,2024-11-21T09:46:56.817000 CVE-2024-50919,0,0,0e0de43028cbc2e3a7be2da6c3327cae947119486f4b0445705a5caa5d92a911,2024-11-19T21:57:56.293000 CVE-2024-5092,0,0,b1e4be6fd5ffc39750cf5fee980ce18eada6838842fb0652be3753b9b4a8934e,2024-11-21T09:46:56.943000 -CVE-2024-50920,1,1,0410eb84a8cbc49a0e6a6329e4b5a5b8307e7bc178841ac5a4571bb4675f516e,2024-12-10T19:15:30.290000 -CVE-2024-50921,1,1,2b8e93f961af13cb8d2fe0b68f0ae0d21fc348db3041f530d3b90a34a028fac5,2024-12-10T19:15:30.380000 -CVE-2024-50924,1,1,587064682cfea38b6e6f1d4573f519684e441e040305f2713e4142f256f9b47e,2024-12-10T19:15:30.463000 -CVE-2024-50928,1,1,e62304ef2c754bf7721c6b4565f0b5b8591463e4aea1b7d5519fe6ba4bdd49b4,2024-12-10T19:15:30.550000 -CVE-2024-50929,1,1,8bb8660ff9d5047c8314206e3a40ca600a18e5eaa855751b9aefb8cd99e5a4a6,2024-12-10T19:15:30.643000 +CVE-2024-50920,0,0,0410eb84a8cbc49a0e6a6329e4b5a5b8307e7bc178841ac5a4571bb4675f516e,2024-12-10T19:15:30.290000 +CVE-2024-50921,0,0,2b8e93f961af13cb8d2fe0b68f0ae0d21fc348db3041f530d3b90a34a028fac5,2024-12-10T19:15:30.380000 +CVE-2024-50924,0,0,587064682cfea38b6e6f1d4573f519684e441e040305f2713e4142f256f9b47e,2024-12-10T19:15:30.463000 +CVE-2024-50928,0,0,e62304ef2c754bf7721c6b4565f0b5b8591463e4aea1b7d5519fe6ba4bdd49b4,2024-12-10T19:15:30.550000 +CVE-2024-50929,0,0,8bb8660ff9d5047c8314206e3a40ca600a18e5eaa855751b9aefb8cd99e5a4a6,2024-12-10T19:15:30.643000 CVE-2024-5093,0,0,980fcdd185426a9fa9ea34c399d0eba666c68a5c3f4d7d9361932fc8f79b7500,2024-11-21T09:46:57.060000 -CVE-2024-50930,1,1,3b1b5c2d6223c13d4b1a79d7b55ee8b8035b571a4ac69dd2b9ab01250f6d6e2c,2024-12-10T19:15:30.727000 -CVE-2024-50931,1,1,9a50534e6471d81455afdbb11ef4e33c7d946ef08de7c3fcb62356fa9f17cb42,2024-12-10T19:15:30.813000 +CVE-2024-50930,0,0,3b1b5c2d6223c13d4b1a79d7b55ee8b8035b571a4ac69dd2b9ab01250f6d6e2c,2024-12-10T19:15:30.727000 +CVE-2024-50931,0,0,9a50534e6471d81455afdbb11ef4e33c7d946ef08de7c3fcb62356fa9f17cb42,2024-12-10T19:15:30.813000 CVE-2024-5094,0,0,f572ab7eafee07c8d987d5a3c905aa40f60dd2446639e00e7652e97e7c95fb47,2024-11-21T09:46:57.203000 CVE-2024-50942,0,0,74bb27dcec6f641721fef2704da713b75046095ccb8aeb2b392b8ef1abb8cd71,2024-12-04T17:15:15.020000 CVE-2024-50947,0,0,b5c008650b1de4762f100f17a965e455e14b58a340b5da1077acb62ce0721971,2024-12-05T20:15:22.180000 @@ -267487,7 +267543,7 @@ CVE-2024-5116,0,0,c5d4b1414f08ab8180681382cdebd9ce0ef5c88379a43ca5ef4e39d2558da1 CVE-2024-51162,0,0,aa98991254878ca92d6b685fabb0999d9cd2433fd346cf67581df76b7299d30e,2024-11-22T17:15:09.353000 CVE-2024-51163,0,0,909afcfaa554939e2c78d7e7af80c5c6961aa7c27e1f5cf118fbed2c52564f74,2024-11-27T18:15:17.760000 CVE-2024-51164,0,0,d940764ceb362d708d88f9f5a08c2c1f5532b8b37b034d71dff6267e64a0a937,2024-12-09T17:15:09.107000 -CVE-2024-51165,1,1,6582d0bbddfb4e21c8384523d835543f988f1d56ab762bf635aad620835836b3,2024-12-10T20:15:20.523000 +CVE-2024-51165,0,0,6582d0bbddfb4e21c8384523d835543f988f1d56ab762bf635aad620835836b3,2024-12-10T20:15:20.523000 CVE-2024-5117,0,0,5e271946d97109af9825c50a9b323ef04401bb4942989f9cb9a1e16ac2b2951d,2024-11-21T09:47:00.397000 CVE-2024-51179,0,0,857fcabc550df085f68e65184c598436a379cf4f02ab73f3edfe252d5c778dbf,2024-11-13T20:35:10.303000 CVE-2024-5118,0,0,d1846e4a7219ebf75ef8c1b0d7fa03dde76ecbba746e36b5705002065c1088bf,2024-11-21T09:47:00.520000 @@ -267835,7 +267891,7 @@ CVE-2024-51720,0,0,c1b42e8b8b9a4611e24c90b34e1f2a6d508d3b99c34c996b74e1357a4fcbe CVE-2024-51721,0,0,487de257feea8dbdb8bd4c444162acda8f2a0d6c27209aa175498249c3cede3a,2024-11-13T17:01:16.850000 CVE-2024-51722,0,0,a82de8fcd7e90f6f41d39ca36a19feb39e82af6ac9b0df93c6d217f42c922560,2024-11-13T17:01:16.850000 CVE-2024-51723,0,0,405dcadcdbf00249437ac8a26372209fb3d01c194653eab79c47481a1ec06a48,2024-11-25T19:15:11.050000 -CVE-2024-51727,0,1,8858c32e9c05ed142d6035368629a58d5f5511d07aca54fdd69ef146c2c5ebd8,2024-12-10T19:51:08.360000 +CVE-2024-51727,0,0,8858c32e9c05ed142d6035368629a58d5f5511d07aca54fdd69ef146c2c5ebd8,2024-12-10T19:51:08.360000 CVE-2024-5173,0,0,090e48f75343bb69589a840e25ae60a8ac00187572b68cf38125a567b358b84e,2024-11-21T09:47:07.830000 CVE-2024-51734,0,0,c7b97e928c8850d54c2fdbd4124a5548ebb3a9718f17988908d6f3c7921c071a,2024-11-05T20:35:26.167000 CVE-2024-51735,0,0,48473e5db4cd5ecc77914f0341bc3fe19cd3b449987f541b0b758a8a1a3f060f,2024-11-06T18:17:17.287000 @@ -268173,7 +268229,7 @@ CVE-2024-52318,0,0,9990c8ea56e7da2a0fb5af64141a1eeb644a507e2c6f41d3a96bd75739255 CVE-2024-5232,0,0,9c659ab55a0398d626d6da1c09e82340b1fec2662d16e1eca07d5817bed41493,2024-11-21T09:47:14.200000 CVE-2024-52320,0,0,a91f1a0d011b39bfcaac1c75c3ee1f68c975a1805b618314ad2c7e5cf63b1bc0,2024-12-06T18:15:25.737000 CVE-2024-52323,0,0,57617b6f1b94228bad139ee211c36bd4ec7e4706388ebf89e10500861eceb01c,2024-11-27T15:15:26.377000 -CVE-2024-52324,0,1,2054ba02d0b8981b3c1a12af17c8df341d174c9cffd87dc077058c1d7b87e852,2024-12-10T19:42:56.737000 +CVE-2024-52324,0,0,2054ba02d0b8981b3c1a12af17c8df341d174c9cffd87dc077058c1d7b87e852,2024-12-10T19:42:56.737000 CVE-2024-5233,0,0,f7aceb9f589abd3e3127e7bdc682ef20b7c3a1e0d748898af38a399a8a8c2229,2024-11-21T09:47:14.357000 CVE-2024-52335,0,0,05b7f16f46701d8cb16659334fefffb384cbcb34acfff81c6760ef8a2995fd95,2024-12-06T14:15:21.230000 CVE-2024-52336,0,0,dd607d54a19f06d9586ad47f8dcb31a3a661a8cc06227fd4e6ebe7bf5d6da0a8,2024-12-05T14:15:21.663000 @@ -268499,11 +268555,56 @@ CVE-2024-52810,0,0,bc519c3395fca90f2847180bace5d2bd61f10ead143c379d0438b1982cdf8 CVE-2024-52811,0,0,8b4a122817488a51be41eacb5a5ec9e0b5886ee8b97dd1908dd9d3513b97f482,2024-11-25T19:15:11.567000 CVE-2024-52814,0,0,27542fdf4d1e39899f04e440482727ae79215851a144e892e913b9bf3a0be02c,2024-11-22T16:15:34.553000 CVE-2024-52815,0,0,c1e8fde97970f9249cef290754120e31a2a9f9b91031232cee085d5724ae3d3e,2024-12-03T17:15:12.267000 +CVE-2024-52816,1,1,9cd2f301c6ad090e9d7c870bdf8f9fb2cdad0c6ad494c1f4c7311d6427b21b93,2024-12-10T22:15:13.527000 +CVE-2024-52817,1,1,a2afad4adbb58fe46e8180fd8fcf21dbe3bc4a25fe48e063062835e55e702b15,2024-12-10T22:15:13.703000 +CVE-2024-52818,1,1,c591d3cdd4b4dff4dbb430e663018e6f0482cebb5a15b0e56af6bf8ebf53b92e,2024-12-10T22:15:13.870000 CVE-2024-5282,0,0,4f51eeaed389eb920a9aeb3a8c1e7ea5a9931768c3b7eb6744dae1b0adac061c,2024-11-21T09:47:20.920000 +CVE-2024-52822,1,1,22387ebff73677ed4f22b111a4ee51601ee1201ceeb655c0752c8406dc17c0a9,2024-12-10T22:15:14.070000 +CVE-2024-52823,1,1,7021b3fcf4d4b0f71b69ecbe3da196d9cf95c1e44a4eb8efbc8526196469adcd,2024-12-10T22:15:14.223000 +CVE-2024-52824,1,1,1673a49210295a6fc082a70b6b56c4788aaf535d6c6f3e943289e352f3685054,2024-12-10T22:15:14.367000 +CVE-2024-52825,1,1,03a6f20a540fbfe10cdbb4208bc17b62c1b1164aeb084113ee07584f80a47d41,2024-12-10T22:15:14.523000 +CVE-2024-52826,1,1,eb36d0c5f25dce1e2da616d7f54aafa0f8ce1b6b1f356d5ddb388243c8394811,2024-12-10T22:15:14.687000 +CVE-2024-52827,1,1,ce6b5b33bf3e549364019f6a6df626ca03e15278b76c16543c0963f403e8cdfc,2024-12-10T22:15:14.860000 +CVE-2024-52828,1,1,ffc66369dd2cff4e7a711b14587329d3250b0469537555be32472488a634a8b4,2024-12-10T22:15:15.027000 +CVE-2024-52829,1,1,e888ccf25e1c2fd2ad6e4e0d09e84cd8942e9d25c855d328ed23fe106093daa1,2024-12-10T22:15:15.173000 CVE-2024-5283,0,0,2e4c0e59b537a1fa6ef21044d27ad6c5c503d962bc23f2bfaaea7d6483dfc4a1,2024-11-21T09:47:21.083000 +CVE-2024-52830,1,1,19f7903b85c1532a422d34d1e9861acaf8c14a85bc7b10106fd28adb2bebffeb,2024-12-10T22:15:15.333000 +CVE-2024-52831,1,1,dc7f0b41c9248d2c032245d59bb15968be8ce0e9e78696545855e3a8a31b7cd6,2024-12-10T22:15:15.533000 +CVE-2024-52832,1,1,6b0fb930aba7a58c1e47c5feada2dbce541cb9afb931929d1787e423ebefe1cc,2024-12-10T22:15:18.100000 +CVE-2024-52833,1,1,f775271d8e1525ec1c720a874d9c56a107552706da04f4612742afe3d52f10c8,2024-12-10T22:15:18.250000 +CVE-2024-52834,1,1,e77f5eb9f7764d2efe0114af11137e65b77270553d3af3f3f047b1f77e63425e,2024-12-10T22:15:18.393000 +CVE-2024-52835,1,1,336545064d1861dc9ff401e157d88f4c988d4e832514b89199b784a4f850e6b2,2024-12-10T22:15:18.540000 +CVE-2024-52836,1,1,8407be9e351ce90331d0d6a24be87ca97a8e9d22a835c5172b2ad8d4b473b3a3,2024-12-10T22:15:18.687000 +CVE-2024-52837,1,1,f324dc392916019d8f6d706a98650bd28f14995ee2f27f21edb92de12ff1ebab,2024-12-10T22:15:18.850000 +CVE-2024-52838,1,1,aa684fb4dc0e6a326bb6932006784d5d9804e348a05a2fbff4b983ada57c3d15,2024-12-10T22:15:19 +CVE-2024-52839,1,1,8fc042291bf4fd05aceb42a32c171ba44e7085e1c28e888235ab14771202447e,2024-12-10T22:15:19.150000 CVE-2024-5284,0,0,f27d035f8fcaa3c5dd2f39806299edcb6edf39605d373e0e7746729a950daa3c,2024-11-21T09:47:21.243000 +CVE-2024-52840,1,1,2ef05a7a1d4726aad93ff9927589eabbf69b8713394ec8276c85ad82a3a7a449,2024-12-10T22:15:19.297000 +CVE-2024-52841,1,1,7acf477452bda97d064d1f98fc400d370a895937ed08c14a6ceca91683f11675,2024-12-10T22:15:19.440000 +CVE-2024-52842,1,1,bc90bac451465cd8dde720d278c7d7d0ed9441f2cf253864e85e5ad2a9dc6295,2024-12-10T22:15:19.593000 +CVE-2024-52843,1,1,bef2831b52c31d865a5ccd34b6cc1e0f39d83f33e4f43802f0ef6d3504564364,2024-12-10T22:15:19.737000 +CVE-2024-52844,1,1,523d68c9040a71f7d53514ced8d09219880f2d34b2fa425b43088225a2bd7af6,2024-12-10T22:15:19.900000 +CVE-2024-52845,1,1,a63f3fa33ec8d8f293b8bee7a9828fc08a4d3c85538b914dddaf573eb5e83101,2024-12-10T22:15:20.040000 +CVE-2024-52846,1,1,e9ebde3d1908d2c426b776cca864e3a2491e837a0a578ef32e077f554f7250d7,2024-12-10T22:15:20.197000 +CVE-2024-52847,1,1,109507e52d56b83ccc80c4de9f9174f0399ce85dd73fc5f5694e7651193d8d58,2024-12-10T22:15:20.340000 +CVE-2024-52848,1,1,cb65185dccae884335aad1f12c57c4bb19ee27520fe7c74b5ba8d1ea27b26435,2024-12-10T22:15:20.483000 +CVE-2024-52849,1,1,b351c123633b435c42646f208c9b7e12281b00f61b5c1ac683652c2ddc266070,2024-12-10T22:15:20.640000 CVE-2024-5285,0,0,25a8229cdfa4e13254dd0951e315a68edbe7ddfe1ffb4dedc6bf2138cc2fad8f,2024-11-21T09:47:21.403000 +CVE-2024-52850,1,1,c61d8c15323f5fe60a6bb33ff0b4523c95ca577ef372ce4e493befa517294c81,2024-12-10T22:15:20.783000 +CVE-2024-52851,1,1,5c7c472ab454ae08b0d4ac83b0e5ef9b32b8d2c0f6d4083fc6598ae0f25fc294,2024-12-10T22:15:20.917000 +CVE-2024-52852,1,1,74f02244650cea9b338bf8c6b77a0129125ca442d662b4c2bf9f2b45f871c052,2024-12-10T22:15:21.060000 +CVE-2024-52853,1,1,e7458c1ef49ccf0d8ea1ba998c86b437710477c6be8a041826e7351c00455252,2024-12-10T22:15:21.217000 +CVE-2024-52854,1,1,009841fa040f8f67d9d6d903a2358e2d8e69e21bf548fccc901e2583abfc248f,2024-12-10T22:15:21.373000 +CVE-2024-52855,1,1,4492248e1817f494f8ba3e559ba29141d3fc5dfb18c00af373c17316d2f822e5,2024-12-10T22:15:21.523000 +CVE-2024-52857,1,1,86db52201160974439d4088fd4de753eb451ab5c80d3a46f608ba42f78414496,2024-12-10T22:15:21.667000 +CVE-2024-52858,1,1,da4f0319a7d2920a929366a5da796388ca7d499b384c1b2cc814fd8adf768345,2024-12-10T22:15:21.817000 +CVE-2024-52859,1,1,dd90b33a51281c2049b0b0f22847034b3e1a07b8a718369194027b8d65102dd8,2024-12-10T22:15:21.957000 CVE-2024-5286,0,0,ffcd0e1ed442acf970104f3248793a2ad8bce94591cd92edc7dccb735466eae6,2024-11-21T09:47:21.590000 +CVE-2024-52860,1,1,92b871d90d15ef165f8c777c51eab434a63512d59606036ce7531fbbd14c7f9a,2024-12-10T22:15:22.097000 +CVE-2024-52861,1,1,d98bf81ccae2045616e8f90105015b86928e39b59021ec8b9adc91787f8d85da,2024-12-10T22:15:22.230000 +CVE-2024-52862,1,1,ff7feb4033305bb9603b443894ca7e1821f63bd92cc2a7ef3c702449b17d24c0,2024-12-10T22:15:22.377000 +CVE-2024-52864,1,1,344db1c8e80cd3870272e5b0e7f2f750b1520b0520d6c69b05ffa75ced8e0f77,2024-12-10T22:15:22.520000 +CVE-2024-52865,1,1,ce4b9bc93e1340740e22119661ed960f798d2b0f9d93c5cf6ab09b063beb6c65,2024-12-10T22:15:22.663000 CVE-2024-52867,0,0,b14a9f7c8b0d212f056e38d3758777be722d9d6a10918da14d6ef6ffa3fcbd7e,2024-11-21T09:46:35.283000 CVE-2024-5287,0,0,ede9629ba14e7833d0e00ab367a4e2205145f22a5dce3f4d9b720c5001bdf2cc,2024-11-21T09:47:21.753000 CVE-2024-52871,0,0,bc912334ad7760e2905477f1da15c92d58ec818da9de2502b7206c7a0336bc4d,2024-11-18T18:35:09.027000 @@ -268544,8 +268645,32 @@ CVE-2024-52959,0,0,2eb2157890632ca954f7c150a61a989fe40d967f91d0ca40fadb69eac73b6 CVE-2024-5296,0,0,f4668a62dc8d11409bf71e36f1f99bcc5881901b7026ad13be4beab222eb08c7,2024-11-21T09:47:22.827000 CVE-2024-5297,0,0,4e7f74d9629bbb9b864fb76b28bd5d406dd3be0c174577372182a6d0a600d934,2024-11-21T09:47:22.990000 CVE-2024-5298,0,0,329feabae44ccd7ff86530cac1ce0ba86c416ea44126377af7ea7290b6d65a10,2024-11-21T09:47:23.103000 +CVE-2024-52982,1,1,d4c8cf917744a1fead78b8ade90a4122e489131dde6a21024387c784388b07c5,2024-12-10T21:15:18.053000 +CVE-2024-52983,1,1,32f716a4ee996ee93a11134a523dbdcc04456d0b12d72d48c947054bd93ef1f2,2024-12-10T21:15:18.203000 +CVE-2024-52984,1,1,9f4fa98da214a5c55e0a26e9c6fa0cdbcee4632e62475188f7d50d034471e8ae,2024-12-10T21:15:18.347000 +CVE-2024-52985,1,1,0d55d1fc87ef1e1890a8bd3d147b2ad872c29dabc90a82bc7046d59271c809a4,2024-12-10T21:15:18.483000 +CVE-2024-52986,1,1,8302c940a08ae37c097cec8a4c165e4074a4b7d15080465dcdd82ae75c28f5c7,2024-12-10T21:15:18.627000 +CVE-2024-52987,1,1,a439891a04556f94a07a5caadc799167cd1b027e7464a630f332a47bf4345530,2024-12-10T21:15:18.760000 +CVE-2024-52988,1,1,e8bcbc0ecd6fe39f74e69d3af61e03c91fc054f693ecbfa650f21c12688923c7,2024-12-10T21:15:18.910000 +CVE-2024-52989,1,1,81491d0f65d8a7345ca04f13f5d8c90c19ad2f44f9bf39b5272fc930e77722aa,2024-12-10T21:15:19.040000 CVE-2024-5299,0,0,2529d83f4332340dd8e75b95926982e4ae8b624f13bfc3e75814ba5d64949f5a,2024-11-21T09:47:23.213000 +CVE-2024-52990,1,1,bd2f0de42826863f33e952bec766a3e63faebab4bec1f9cc4287a21759add14e,2024-12-10T21:15:19.170000 +CVE-2024-52991,1,1,8a6821b7f3b06f04b77be1068e019e2a9fca024a567b021c86f4eb9a2fb41b72,2024-12-10T22:15:22.883000 +CVE-2024-52992,1,1,3e38f4643e1141961ac4b544253d85cedc850a050573c8615becfa4a718a6505,2024-12-10T22:15:23.033000 +CVE-2024-52993,1,1,748892de9e9d59351bd15771ff43c45e736b1f012ed3a213c6de1f0854b492af,2024-12-10T22:15:23.190000 +CVE-2024-52994,1,1,2cd0586fb40792c7a487ff88a2682a1ecd6f2d454b9994169352cd7df9aeb6df,2024-12-10T21:15:19.310000 +CVE-2024-52995,1,1,a3099d90b55abcf26b549c067920f32a315aa9a3ca364123259b3a6e079a22f5,2024-12-10T21:15:19.440000 +CVE-2024-52996,1,1,a57afb01d3277dc8f1c34b62e9696316a1a26d9c78ffb0410a0300bb2c1dc079,2024-12-10T21:15:19.573000 +CVE-2024-52997,1,1,a5ab10ce606936e2cfb895068f98aa9f46c96c6578e4ed8df8154c7e1884d01f,2024-12-10T21:15:19.740000 CVE-2024-52998,0,0,6290b7bcb6009685ce74422e3ebe6e84d8aa2373cdb09dbaf200385294d7d729,2024-12-03T14:32:51.580000 +CVE-2024-52999,1,1,95094939bfd6900cf25010b48f43c6d669c48c53977270952939580400b5673a,2024-12-10T22:15:23.547000 +CVE-2024-53000,1,1,723fd44d0fa4c10847595664197057a9d5c075f93324ef9320ae7996448cf078,2024-12-10T22:15:23.693000 +CVE-2024-53001,1,1,6027b6bf4bd2e0541d44309761cda27d9f5d859e89bdf09504d92dd8c06a87ba,2024-12-10T22:15:23.837000 +CVE-2024-53002,1,1,97d9d1f10417834075f33d462468d1505b456bdcf996215b44a6a1c8df77a490,2024-12-10T22:15:24 +CVE-2024-53003,1,1,7ec181dbbf51dcee94abe1495b97e08b47f599c2b84fb505c7959a9ca50c835b,2024-12-10T22:15:24.140000 +CVE-2024-53004,1,1,f0691fe6059760f11f76965205dce3364b2da2ff2af1141452b95793c6854333,2024-12-10T22:15:24.287000 +CVE-2024-53005,1,1,b4b91484a4802af6ee99458daeb2041f9650c5d1dd9592932ad0ce610dc38603,2024-12-10T22:15:24.463000 +CVE-2024-53006,1,1,1b77a93f61b789d73a3401b2f32b9c484aa597e79953855de24b5f01d9cc1099,2024-12-10T22:15:24.617000 CVE-2024-53008,0,0,36a5b7477386f9a2d6dcbfd20d0c70ef83d1d8823020ec6fd4bce6966412829a,2024-11-28T03:15:16.363000 CVE-2024-5301,0,0,9944435231e4232deb9644b6756c62dd37aded32278d6910acfd86a9fca6bba1,2024-11-21T09:47:23.327000 CVE-2024-5302,0,0,82745a56882a5e93127da6843cc252c1f39f5e3b6031b0cf4b30203e7450051c,2024-11-21T09:47:23.453000 @@ -268660,8 +268785,8 @@ CVE-2024-53138,0,0,ba78ca1c93add90c82edf24c335a0a199acf6c3df53cd342e3d62dd82c6af CVE-2024-53139,0,0,cfe4b7c940db8146ca281d7f10e309400b247c6b403bd5c2e345cfc63527bcd2,2024-12-04T15:15:15.643000 CVE-2024-5314,0,0,3f9bafe97657efc7f668c5d897662a9659297ed1c2230826ab18be8ba9a6342b,2024-11-21T09:47:24.810000 CVE-2024-53140,0,0,97a42857cf07e6c73d5157878eaab6055c0a598352b9e5348ceaa16cdcbd0dc1,2024-12-05T12:15:19.703000 -CVE-2024-53141,0,1,bac15675c09f6811a6d88b2bd40199a11ae7509b12b3a955c8b4511890882333,2024-12-10T19:25:08.247000 -CVE-2024-53142,0,1,6c3c82afaa65b94acded7ae517ab5c9ebd592257e0bf92056ae5de7a8ded9a3a,2024-12-10T19:17:56.657000 +CVE-2024-53141,0,0,bac15675c09f6811a6d88b2bd40199a11ae7509b12b3a955c8b4511890882333,2024-12-10T19:25:08.247000 +CVE-2024-53142,0,0,6c3c82afaa65b94acded7ae517ab5c9ebd592257e0bf92056ae5de7a8ded9a3a,2024-12-10T19:17:56.657000 CVE-2024-53143,0,0,58aea596a92f51ecb8e396a2e6f1085ce03cd820c5355e9f3433d5e31dfbde48,2024-12-07T07:15:03.780000 CVE-2024-5315,0,0,cfc4383f1c53119936ccfb248038372daec91d7a497e742b345000be072ec700,2024-11-21T09:47:24.927000 CVE-2024-5317,0,0,c2af981f2442def6d43cf11dee826712fdb79df4e8b131d1c0815426b050d563,2024-11-21T09:47:25.040000 @@ -268733,14 +268858,14 @@ CVE-2024-53457,0,0,2a9d6ff9530514e1b1118f6cfb8ea3e80f964c7759c5b6fc65af26bdd6a25 CVE-2024-53459,0,0,5f9e5f3a8b33fbe02bdd059bb8fe15cb2eeacdc4f602dd12944ee928044f080b,2024-12-02T18:15:11.123000 CVE-2024-5346,0,0,835e1b7230e6e33db8d8cf7bc9b64a0aa9f43b5b6335773933376ca9c2372d0c,2024-11-21T09:47:28 CVE-2024-5347,0,0,a4eb7d8feed8c584fc13b2c0e6136e67598b45cb75b5638081f14ed1c0f5fa79,2024-11-21T09:47:28.127000 -CVE-2024-53470,0,0,dd20b2b11b8d7d06417674d3fbe9abd018dd69f2cfc472db4c40920988f45a16,2024-12-05T16:15:25.743000 -CVE-2024-53471,0,0,66cc0d978b899152ad34f9e5009670c46bda848efae84b041697b92c01e3a521,2024-12-05T16:15:25.867000 +CVE-2024-53470,0,1,7e717d458d3e971476fce58f4e759acfb3653594788d9bb4f7ef6a8cad1dbc8b,2024-12-10T22:15:25.010000 +CVE-2024-53471,0,1,dea70dfafbf7c115f6b9fc5aab8fa383b86b6c8d65d06c11e3049e5b3d3b885e,2024-12-10T22:15:25.277000 CVE-2024-53472,0,0,72dbc0cce14855ba1d3569457dbee3a8b2bcc3ee364096a0891b3e57adbf038f,2024-12-05T16:15:25.977000 CVE-2024-53473,0,0,358e2b05fdc54a6e3691e8ba3f77fedff57be14fcbc952f41ed19a97501744e2,2024-12-07T23:15:34.137000 CVE-2024-53477,0,0,0bf7b09ba287b24f18c03a66d52e9150f8f87653e9cc33aac9bf4a8d9356bba9,2024-12-02T21:15:11.217000 CVE-2024-5348,0,0,0c3454114961657672c2409af3f9f2f3bb9995c6579ea15f7d29552347b906f3,2024-11-21T09:47:28.240000 -CVE-2024-53480,1,1,4889d0ff1fe4dddc3829b2478649a6155b88e7256aa2574b5a87fc73b9645c93,2024-12-10T20:15:20.920000 -CVE-2024-53481,1,1,04dca06415b40f1bb3f15756a1c5abead1e0cce4d57efe608baac0b3f3b583f5,2024-12-10T20:15:21.033000 +CVE-2024-53480,0,0,4889d0ff1fe4dddc3829b2478649a6155b88e7256aa2574b5a87fc73b9645c93,2024-12-10T20:15:20.920000 +CVE-2024-53481,0,1,8c2a844186665814baa9349f5f9eb75c05702deacf50797c7fa1db6e74c909d8,2024-12-10T21:15:20.003000 CVE-2024-53484,0,0,0fc6633eb0bb323c7c1b56ffa21d5cd5b78570e350e583a38942d8a30f904a22,2024-12-03T16:15:23.980000 CVE-2024-5349,0,0,75911b9a04c41ba625bf561a6fda73d6a6249d16eb1736f313b0d58e1202f17d,2024-11-21T09:47:28.357000 CVE-2024-53490,0,0,c2f3aa4cff7ef0e114b620eaf49a4030edbb963b6051b20627f7157e432c7834,2024-12-05T17:15:14.180000 @@ -268985,7 +269110,17 @@ CVE-2024-53947,0,0,f3f49f507fdd673942647045e7a6129704131798f17f201931ae5ff94b253 CVE-2024-53948,0,0,6ea9a9bf9db83504c3565ac4e6f0a87dd0b4b80d29ed015b913925534416c4a7,2024-12-09T18:15:23.893000 CVE-2024-53949,0,0,b536a3aaccc48e4b523395b29ca4495755368005bd7e091272f9f8a953010750,2024-12-09T18:15:24.013000 CVE-2024-5395,0,0,aa518ac6cc2e8e3e116d2e709097641ebff6dab87bd1ab80d2e397c0f6317f19,2024-11-21T09:47:34.290000 +CVE-2024-53951,1,1,43e509fee888dfedc1ddd04d17a82a93b47aa2d7f61f4a6291f1cd966a3839d8,2024-12-10T21:15:20.167000 +CVE-2024-53952,1,1,38daed262ef75a5427be61fbe61366babf285e64ee4dda69e669dbd911c9195f,2024-12-10T21:15:20.307000 +CVE-2024-53953,1,1,5dc2d3b87414abd1b0a86230f9d8acddf47be361a7c50818b7ce9ac006f308f3,2024-12-10T21:15:20.437000 +CVE-2024-53954,1,1,12337a35199c24ab8d7ec22f5a08d121844d28c7a25b063dca67d12a40591e05,2024-12-10T21:15:20.560000 +CVE-2024-53955,1,1,c5af8768fe7083075e11107c6d540f2f7727b32060d9923503be5a85bf08f0e6,2024-12-10T22:15:25.610000 +CVE-2024-53956,1,1,e5a8521a14e4cbb76222eef41cd69b2793f16069558b7af55be6244ddaff726e,2024-12-10T22:15:25.767000 +CVE-2024-53957,1,1,1bb9e76a3063f3f957d1b9a7506439ae97014640321e8abb9df957ae9e9cf255,2024-12-10T22:15:25.917000 +CVE-2024-53958,1,1,b8642d2277418d24dfeb23f78defa8e23296fe394a736852cb16590879257a5f,2024-12-10T22:15:26.510000 +CVE-2024-53959,1,1,5a246505d595c5cbf97996d80b5e32a114e38474dd1156baf85534b2cb2948eb,2024-12-10T22:15:27.347000 CVE-2024-5396,0,0,a2e12a462b12b592c06259ea229afce64d9cb2b529021eb0ae1f63c97dd38d23,2024-11-21T09:47:34.430000 +CVE-2024-53960,1,1,7010c91cffe8702ad07fc789dd9a0c2b48640368e9c1eab4aa8d0a4b82defe1e,2024-12-10T22:15:27.550000 CVE-2024-5397,0,0,1c1b9f46c7fae3545f6c6bff25b88c782d3838975abd0364f3776c48ef8d8b3f,2024-11-21T09:47:34.563000 CVE-2024-53975,0,0,1c6eb06597883327a72f325fc0f751cbd0dc5c99b87a33d8b2ef4784e7416fa6,2024-11-27T15:15:26.923000 CVE-2024-53976,0,0,e0e34654e2920917adcad83ccc486a90e5a6d39da581d67f84c5bbc103fd6b7b,2024-11-26T16:15:21.430000 @@ -269012,12 +269147,30 @@ CVE-2024-54002,0,0,7c5a00df1d470c32b9eac42d93309bb19614d9762fa0f049a771979bb9894 CVE-2024-54003,0,0,b632b439005206974a2b4ec6ab08a78e134e0c09d892996aec7289d7221f0377,2024-11-27T20:15:26.133000 CVE-2024-54004,0,0,5d94a9bc2fe383b10883d5f21fb711b04368ee28bef8377081c80a039d1c1dee,2024-11-27T19:15:33.723000 CVE-2024-54005,0,0,78bbd546deba4e2b14f99ce80711c725e32521468135821d5bfe1062b9007f78,2024-12-10T14:30:47.037000 -CVE-2024-54008,1,1,c83adc0070c7b9fe5dc822e3df77a6cc986e702399c7129cd968ded9ec0b9a23,2024-12-10T19:15:30.900000 +CVE-2024-54008,0,0,c83adc0070c7b9fe5dc822e3df77a6cc986e702399c7129cd968ded9ec0b9a23,2024-12-10T19:15:30.900000 CVE-2024-54014,0,0,9895136be901bda6024d3c86fc774e344b5ffa93f0cfe6e13e8990c6229717ed,2024-12-05T03:15:14.530000 CVE-2024-5402,0,0,ff0d9bb22ac0a71984c61b65bae28749f481f4dd7d54b4eb8642f168357fe194,2024-11-21T09:47:34.947000 CVE-2024-5403,0,0,f4e58d907f2a672c85e38960e3074ec1cb3261646ec2ccae3d1a32d0c95159be,2024-11-21T09:47:35.097000 +CVE-2024-54032,1,1,df0158302690dede6512412fea2d6ccccc394f592fbabea5c3d49cd38dd7f328,2024-12-10T21:15:20.690000 +CVE-2024-54034,1,1,baaa40662bc32f195cddc79f3445c5d2533af057773b700c7fef44d6833372be,2024-12-10T21:15:20.817000 +CVE-2024-54036,1,1,21405c4cb11cd6b4deb8ff32afbb450126cd9ec1484d35e315024d84e8c8a188,2024-12-10T21:15:20.947000 +CVE-2024-54037,1,1,4f1c9e1bdd3e5e66246dfdf3e682f75fa5431cc6ed04a6b8c3b10699379f1e08,2024-12-10T21:15:21.080000 +CVE-2024-54038,1,1,508c9e54004006962495f03a00b50c70c49263e5fc81ce6f7870a7da64ac2daf,2024-12-10T21:15:21.210000 +CVE-2024-54039,1,1,3b2e527d49295c6804e18cf2f92ddd23f41d3c6345c8b9ac0c14f1f2ed50f544,2024-12-10T21:15:21.337000 CVE-2024-5404,0,0,3740c7be3046d2190332188e66ec21e8b1d4282df75b875095c31d64e80fbe92,2024-11-21T09:47:35.213000 +CVE-2024-54040,1,1,549d978f7583a4825b97064030c5badb3762cf7e6723188bcefb9be1a6200d33,2024-12-10T21:15:21.463000 +CVE-2024-54041,1,1,f606483c8aa9eca45ff6f1881b32b573f4344237f4044c5f4b6ae4fed277b694,2024-12-10T21:15:21.590000 +CVE-2024-54042,1,1,627992c033209e845a6af41961f6f72dbd144af08f18d5464d315f1b5874ced1,2024-12-10T21:15:21.720000 +CVE-2024-54043,1,1,55493f4f1751ed4dc7c97754ee71be29e965f63c4bc095b4a32f8cd59aae22e4,2024-12-10T21:15:21.850000 +CVE-2024-54044,1,1,06fe2a3b8d676ceb22e837bcdf275bfc416d9d966ef51cb8951620a42b790759,2024-12-10T21:15:21.977000 +CVE-2024-54045,1,1,423094df5e959be2432263e2ec7f568bf9c0ded1dc0c87e6596f89c05684b444,2024-12-10T21:15:22.110000 +CVE-2024-54046,1,1,589bf843ec98f51533159c4e2ecab05e1a70204de35a8fc003fe2b3a60389b77,2024-12-10T21:15:22.237000 +CVE-2024-54047,1,1,468dbe2f56cb4813dd8eda8a037852b48318d240118d1d600cef498d5bed864d,2024-12-10T21:15:22.360000 +CVE-2024-54048,1,1,39b377fa96a757b526e90a8c59e7b3f7cfc1a9151ce03d075db32fe19596a203,2024-12-10T21:15:22.490000 +CVE-2024-54049,1,1,c1e7f2cbe12586d407f72f606a5e2a9c6ca117139095e3df497b3a8c2ce3a497,2024-12-10T21:15:22.627000 CVE-2024-5405,0,0,8df36cd9ebb4aacfaea97c0ae9188e72e9768324f03849be72121f482af48749,2024-11-21T09:47:35.333000 +CVE-2024-54050,1,1,428c85900ce276f730a05cb59342cccb3401b06f05c398638e56ca8561c03ce2,2024-12-10T21:15:22.767000 +CVE-2024-54051,1,1,1d913bcc4017b91db45413bcbfda71d5158f669904b648b89bb2fe4e4425403e,2024-12-10T21:15:22.927000 CVE-2024-5406,0,0,5db0f501f7c712d4bcce798425460b3472165eeef82fd225689429d234120e5b,2024-11-21T09:47:35.457000 CVE-2024-5407,0,0,e082637321598f3dc8c3c9e1760b81a1e1197c4d13cd58fed3245c37f0bb71c9,2024-11-21T09:47:35.567000 CVE-2024-5408,0,0,0b23a712a85d13fef48f02294d854672174790bd624dfee1416450ccef66434a,2024-11-21T09:47:35.690000 @@ -269228,7 +269381,7 @@ CVE-2024-5523,0,0,0b2c43ef384781b0113b9be6f2b000f9de2199a81d337c7e51164ef3b409e6 CVE-2024-5524,0,0,96c1a4bf81cf964718431dd9c92394b3c99d70800d36b6797c2485b5f853cce6,2024-11-21T09:47:52.060000 CVE-2024-5525,0,0,85c272ad425dacde32e9f0580795bbb5b12316ff774e7fabc4e97fd793674bab,2024-11-21T09:47:52.173000 CVE-2024-5526,0,0,0c9c91db78cbdd3ff4ee3a189e439a311e3e6928df326db13557ea657472d9b7,2024-11-21T09:47:52.290000 -CVE-2024-55268,0,1,603f7869988eff0e3824a9e379205539d727fe751548836edf08646a7adcccfa,2024-12-10T19:03:53.797000 +CVE-2024-55268,0,0,603f7869988eff0e3824a9e379205539d727fe751548836edf08646a7adcccfa,2024-12-10T19:03:53.797000 CVE-2024-5527,0,0,d332540fc72a82323997817d4e967456b7cfd92130ba717f37312bb67a51dc8a,2024-08-16T20:24:34.470000 CVE-2024-5529,0,0,163a9ebbb03299028cfce2ba2a1351447eb53d5a4fc9810f5fc56b6d374bb7d9,2024-11-21T09:47:52.530000 CVE-2024-5530,0,0,2d0b01cc83bfe8893d941d6bfdb13cbbc2a5c286addf6d9a79089f227ed325e3,2024-11-21T09:47:52.657000 @@ -269249,18 +269402,18 @@ CVE-2024-5547,0,0,c70f2b15fdfae1a20148a4f5dddd13a94d9e6eb1c9039906b5e94118b8ba53 CVE-2024-5548,0,0,960acca9fdb4c73166f01cb6cab77802df52faee348d661f3dcdec3a5e889741,2024-11-21T09:47:54.380000 CVE-2024-5549,0,0,523dae47b6780776874c36c71ab66f8ac6e8e99599490648ee341f214b628e63,2024-11-21T09:47:54.507000 CVE-2024-5550,0,0,4077662850b9d5945d5c85ce45904d9c2783b7c7a72633a9665404cf6f9e870c,2024-11-21T09:47:54.640000 -CVE-2024-55500,1,1,7ea2d43275119b98a843fc25bdcf8207347a7af4afba9beb1849161133b44676,2024-12-10T19:15:31.020000 +CVE-2024-55500,0,0,7ea2d43275119b98a843fc25bdcf8207347a7af4afba9beb1849161133b44676,2024-12-10T19:15:31.020000 CVE-2024-5551,0,0,7ca1b2f3592d8c197217d4f6bb2a217c73a396396bc14275921b16391f97198d,2024-11-21T09:47:54.770000 CVE-2024-5552,0,0,948d6d5339e40bf52a297a53b027f97cabc4938d9f426267efe19c3ca8d00dfb,2024-11-21T09:47:54.927000 CVE-2024-5553,0,0,c6aeec952a2778be27c1792a1d1c97b8ff8c01ca6ed08226c6b506a6f771b767,2024-11-21T09:47:55.040000 CVE-2024-5554,0,0,3fb8d13bac6e351fa1470fa96b8178263946ef86d2aae872feb00193d95f3ac4,2024-11-21T09:47:55.160000 -CVE-2024-55544,0,1,63fa818cbb5be84d6b2d453d090d375632d6173835555b6669d699129bd7958a,2024-12-10T20:15:21.147000 -CVE-2024-55545,0,1,576419e778334b8ccb76d054cb04ebfd7460dca1ae98a332a2c06d655922b947,2024-12-10T20:15:21.280000 -CVE-2024-55546,0,1,ac6e7123908ba34a2d1fbd6dcd4ada7d4a8f82ea6c349ca2e14f1ad5dca06a8d,2024-12-10T20:15:21.403000 -CVE-2024-55547,0,1,8d6605a07deb55b1aa31e983960c2573ad4c93bb4cc482bcf2b5b04318fae565,2024-12-10T20:15:21.527000 -CVE-2024-55548,0,1,e32521c397892b3eea8d7e69cd8c965639f45411ec7c8a641b80756588f848b7,2024-12-10T20:15:21.643000 +CVE-2024-55544,0,0,63fa818cbb5be84d6b2d453d090d375632d6173835555b6669d699129bd7958a,2024-12-10T20:15:21.147000 +CVE-2024-55545,0,0,576419e778334b8ccb76d054cb04ebfd7460dca1ae98a332a2c06d655922b947,2024-12-10T20:15:21.280000 +CVE-2024-55546,0,0,ac6e7123908ba34a2d1fbd6dcd4ada7d4a8f82ea6c349ca2e14f1ad5dca06a8d,2024-12-10T20:15:21.403000 +CVE-2024-55547,0,0,8d6605a07deb55b1aa31e983960c2573ad4c93bb4cc482bcf2b5b04318fae565,2024-12-10T20:15:21.527000 +CVE-2024-55548,0,0,e32521c397892b3eea8d7e69cd8c965639f45411ec7c8a641b80756588f848b7,2024-12-10T20:15:21.643000 CVE-2024-5555,0,0,742073dac4de00aad4cb6df58c8d366b01298901468c1f8f2b3d987b01395142,2024-11-21T09:47:55.300000 -CVE-2024-55550,1,1,330f19b306d63b36d00ff3e867cd4f40d76330f49a19cb2527205238b7456e92,2024-12-10T19:15:31.110000 +CVE-2024-55550,0,0,330f19b306d63b36d00ff3e867cd4f40d76330f49a19cb2527205238b7456e92,2024-12-10T19:15:31.110000 CVE-2024-5556,0,0,f573f07f74091c9ef49ab63e55c790d8f661c071a22a95c82ecfdf6c6886287c,2024-08-27T14:36:53.273000 CVE-2024-55560,0,0,8ded767c4c0f73c31717fdba1e26cc9c22e0d2990356bc72ffccdc44c7980958,2024-12-09T16:15:22.750000 CVE-2024-55563,0,0,c66280007d4cae3698737b72d02776bf87f7156bc0d443fcb1212b7ae0d79246,2024-12-09T01:15:06.313000 @@ -269280,10 +269433,10 @@ CVE-2024-55601,0,0,89175adefd85ee52b8d0660bf5cffaad0818c3ee1a9c4ccd9c1b1dad82da5 CVE-2024-55602,0,0,50669de054a1828aef63b70e8d626e9a1c733113b3df3c2b5b9e9ba1699877b0,2024-12-10T18:15:43.500000 CVE-2024-5561,0,0,4022800ab031c19c97b7a8f23f8f937de2c70091af69e68157c4f9d46ea4b02c,2024-10-07T17:45:29.950000 CVE-2024-55634,0,0,ad2c430955951ebc1817bb1d3d7bee47a20555d925042aca8d328fb0e4be76b9,2024-12-10T00:15:22.323000 -CVE-2024-55635,0,0,9b6efcc7c2ea6cb020519f7e2c03e940bd131dd3914778654c917ebb7d97b80e,2024-12-10T00:15:22.433000 -CVE-2024-55636,0,0,b8ac9f4f334b71906f14452d66f3f062910963af6643908d74667d17532b6bb4,2024-12-10T00:15:22.540000 -CVE-2024-55637,0,0,080d61c7f42314671caaf10644c4cb10b8612f495d05db986a7db23bb8278a3a,2024-12-10T00:15:22.650000 -CVE-2024-55638,0,0,3cf5549d47c463e475f6e03c9a065e098d2fe62008e2881d0ac7cc891861dd9c,2024-12-10T00:15:22.770000 +CVE-2024-55635,0,1,02aeec60dc680ba5e64ba21b7921f79d14588994f0456ea0982ac81c3eef7905,2024-12-10T22:15:28.190000 +CVE-2024-55636,0,1,b733e66d088dc80ea0d2f7272ec2b8b2908f8b8b999bac93067067b2ba1c576a,2024-12-10T22:15:28.347000 +CVE-2024-55637,0,1,b339d1b46d013911874bbdadbc242ce2cec2e62c40f0c0b5fcadabacc3a18ead,2024-12-10T22:15:28.500000 +CVE-2024-55638,0,1,a4181edcafad19b32a68c9307a9f7762f0502e887b0637bf4f98f55d3d91262d,2024-12-10T22:15:28.640000 CVE-2024-5564,0,0,3aa73f6c6404c243b9f6f394613afc94e063551efa8746acdefa8554437d3ac7,2024-11-21T09:47:56.340000 CVE-2024-5565,0,0,032bdcff8dac2089c90f98c674e66bb1a3269fca437d11950d454869056d685d,2024-11-25T13:15:07.310000 CVE-2024-5566,0,0,55157068cefe792f617f9d985299d525c0156c753cbd8d7bb670501225f08f89,2024-11-21T09:47:56.607000 @@ -269368,7 +269521,7 @@ CVE-2024-5656,0,0,ba99339cfecc1c5fdb0f6d1bb26f06bfe70b58ff628ceb5bd66c459a2628a6 CVE-2024-5657,0,0,322b989a97af9a632a310787c45ccef95cbff8f0006f11abe6348fcd1668034b,2024-11-21T09:48:06.280000 CVE-2024-5658,0,0,7e7462fc3515e519516e2f809c98e13e2106352e6aac99c565fb770e189dd063,2024-11-21T09:48:06.413000 CVE-2024-5659,0,0,83e7687f93b86419198f1683634dd14733df87a0c466715b2e7e79370f69ac01,2024-11-21T09:48:06.543000 -CVE-2024-5660,0,0,eb5bbf2beb23a9bfa3f917607093cf8898bbcbcedddc583c8ef9cea625cd7c43,2024-12-10T14:30:47.963000 +CVE-2024-5660,0,1,16e07c0fdda274ec7d4c36bf5943e00082ee54db66c328edcf07e7ace2166180,2024-12-10T22:15:28.790000 CVE-2024-5661,0,0,7d090de96660a134ff2e3cb7262fde0b3d927ce5a88611486b37761a6a2d78a0,2024-11-21T09:48:06.673000 CVE-2024-5662,0,0,a32230f368c985ce000177685318420ae12365dafb7b142a133da07f0e3fd986,2024-11-21T09:48:06.860000 CVE-2024-5663,0,0,3d93cfa6260123c05a0fe5dd837778ab353045f85b9b96941dd647b061b7390d,2024-11-21T09:48:06.970000 @@ -271059,7 +271212,7 @@ CVE-2024-7568,0,0,2f553130e4eacfc693e995fca0612777f4d890e405998fe269b8e8bc9ce30e CVE-2024-7569,0,0,5994c6b63c20456eef57a01a5388108fe6a245760bb402517971f0893da8a4e1,2024-09-06T21:57:23.037000 CVE-2024-7570,0,0,4b95c50b05e603fd192a26ba7aeb93b1795ca78a10ab423596f59e19e721c691,2024-09-06T21:59:00.830000 CVE-2024-7571,0,0,027d2cadad2e85c3addd672df91df7034d43e7b07ed4f18f01713a8fda40d906,2024-11-13T17:01:58.603000 -CVE-2024-7572,1,1,e3422fa984a8d4d7d7bbd4e11ada69f8b1ec4a49100c5875713345ee93107953,2024-12-10T19:15:31.317000 +CVE-2024-7572,0,0,e3422fa984a8d4d7d7bbd4e11ada69f8b1ec4a49100c5875713345ee93107953,2024-12-10T19:15:31.317000 CVE-2024-7573,0,0,b682119c0c2e97bcbd91b2c93bf46919696a7eb8e95fa746f7aa6d0673139d3d,2024-08-28T12:57:27.610000 CVE-2024-7574,0,0,af702c08dced1e58034991ae3edb1ced31d7e457008281fc7156f6946a0e1bd9,2024-08-12T13:41:36.517000 CVE-2024-7575,0,0,9b6b16a82971357b7bcb5bdf359986a644d7d671a860a7f40a6de18251355f64,2024-10-03T13:52:23.060000 @@ -271848,7 +272001,7 @@ CVE-2024-8535,0,0,9430921b56a98fb793f25bd28deda9111898929b692dbcd6ef2778ea55060c CVE-2024-8536,0,0,f58b8cad2a0c4a90556b7c4730ad95a9e86edfd36c5b80cbcf69e920921131cf,2024-10-03T18:16:17.740000 CVE-2024-8538,0,0,9b85de2d90f35a6b2ee4405e401f24f5b3cc7b117815da585ee31db85a74f1aa,2024-09-26T16:28:02.990000 CVE-2024-8539,0,0,0dbabeb96fa28101a49b13ea4f960cb06147652df4fb97a7bd7d09986f46ca6a,2024-11-13T17:01:58.603000 -CVE-2024-8540,1,1,da09a9c14c9b289b7d7fb556c9700da2cd61af36d6ae6861041390900bdca222,2024-12-10T19:15:31.463000 +CVE-2024-8540,0,0,da09a9c14c9b289b7d7fb556c9700da2cd61af36d6ae6861041390900bdca222,2024-12-10T19:15:31.463000 CVE-2024-8541,0,0,11f11486e0c328b727b3519cc94f2174fb76a070c646745035cf6e7c2e119162,2024-11-08T15:07:08.400000 CVE-2024-8543,0,0,e6cedcbecc2d6bdc12712cbe45b90facb692961eb011612655f2e0245f4a87b3,2024-09-27T16:46:26.243000 CVE-2024-8544,0,0,f57d32bfe54ad578e2b1b1b6b550d79e0498f20d0d3b1ba87ad0030906c674b7,2024-09-27T12:57:21.617000 @@ -272215,7 +272368,7 @@ CVE-2024-8975,0,0,2e1af783568cf7ad44e3b33e6ac71980410920ee6be566fa4a01ec060d747a CVE-2024-8977,0,0,cb8e4225cbeae27a4d5cd5a6caff3e78c74f90a4a117f3ebee8859bf0cf66b60,2024-10-16T17:10:13.220000 CVE-2024-8978,0,0,d27b973a30e145b038f4aa46488a1a73c5d80a05af06996c64c589eb06d82073,2024-11-19T17:04:38.903000 CVE-2024-8979,0,0,c8d7a454a2e21b5a6419915f563e8d188611a09ebbbeb9864f16825c369f1ca3,2024-11-19T17:05:08.270000 -CVE-2024-8980,0,0,b0ecf135eeb13495ce2e6cb1feb5da705504744f02ef52ec074ceb0697c41a2f,2024-10-30T14:46:14.127000 +CVE-2024-8980,0,1,f21e1b5a085b95548892c69cb9e71b81f9ad3987b25a3b637ff6f5bc1ea3182e,2024-12-10T21:07:09.857000 CVE-2024-8981,0,0,ab731ebe09d14b423954c8d1c309f529eca9637e35f5ff7d59615aebbb87cece,2024-10-04T13:51:25.567000 CVE-2024-8983,0,0,27bd060291bf8fbf2987becf30df5e9011a78deda3d7b017aa5acbc337d382f1,2024-10-10T12:57:21.987000 CVE-2024-8985,0,0,2747a15c007aed3b55062332e399a5ed9dbfdc53f9e2cb4a2cbced1eaac1da1a,2024-11-13T17:01:16.850000 @@ -272865,7 +273018,7 @@ CVE-2024-9839,0,0,57bea8403f5cc48dea698cfdd728b58122c5ab953b09fd7bbfa276adce1153 CVE-2024-9841,0,0,c53d88eafada925ed527f104c1b1b1199a9f5255a50ee9eb8941cdbc1ee0bb15,2024-11-13T19:34:26.237000 CVE-2024-9842,0,0,401514bda8111953e3c87d696ebe17147d50fe0193b7bd342e8f5a2f91a2c84d,2024-11-13T17:01:58.603000 CVE-2024-9843,0,0,87995b35b7ca864fee74129f3dfad5bf38de372e00678c6a2a361bfe2c95d461,2024-11-13T17:01:58.603000 -CVE-2024-9844,1,1,9f5accdc865e1585713af7fca166a37605dcc88fd3d83360b135a809845dc0ad,2024-12-10T19:15:31.607000 +CVE-2024-9844,0,0,9f5accdc865e1585713af7fca166a37605dcc88fd3d83360b135a809845dc0ad,2024-12-10T19:15:31.607000 CVE-2024-9846,0,0,5a29335b18c23f96eafa12a0012dbfa40c39c1cc47deb5473e372f76f16fe2df,2024-11-06T14:58:04.160000 CVE-2024-9848,0,0,148772454ae4a112a7436067b81ee2ac8c78d3a83ad8a189df162c230ac91d15,2024-10-22T16:42:25.867000 CVE-2024-9849,0,0,c9c7b4f6b31937a5425e02b6f2d865ca15961d24fdb3efd7477da376d32caee1,2024-11-18T17:11:17.393000