Advisory Database Sync

advisories/unreviewed/2023/11/GHSA-62r6-m6fg-p4wj/GHSA-62r6-m6fg-p4wj.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-62r6-m6fg-p4wj",
-  "modified": "2023-11-14T21:31:00Z",
+  "modified": "2024-05-16T21:31:55Z",
   "published": "2023-11-14T21:31:00Z",
   "aliases": [
     "CVE-2022-42879"
@@ -24,6 +24,10 @@
     {
       "type": "WEB",
       "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00864.html"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01020.html"
     }
   ],
   "database_specific": {

advisories/unreviewed/2023/11/GHSA-q69f-x478-xp8g/GHSA-q69f-x478-xp8g.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-q69f-x478-xp8g",
-  "modified": "2023-11-14T21:31:01Z",
+  "modified": "2024-05-16T21:31:55Z",
   "published": "2023-11-14T21:31:01Z",
   "aliases": [
     "CVE-2023-25952"
@@ -24,6 +24,10 @@
     {
       "type": "WEB",
       "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00864.html"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01020.html"
     }
   ],
   "database_specific": {

advisories/unreviewed/2023/11/GHSA-r4ch-3qw4-35q9/GHSA-r4ch-3qw4-35q9.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-r4ch-3qw4-35q9",
-  "modified": "2023-11-14T21:31:01Z",
+  "modified": "2024-05-16T21:31:55Z",
   "published": "2023-11-14T21:31:01Z",
   "aliases": [
     "CVE-2023-29165"
@@ -24,6 +24,10 @@
     {
       "type": "WEB",
       "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00864.html"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01020.html"
     }
   ],
   "database_specific": {

advisories/unreviewed/2023/11/GHSA-w7qf-3h78-55fp/GHSA-w7qf-3h78-55fp.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-w7qf-3h78-55fp",
-  "modified": "2023-11-14T21:31:01Z",
+  "modified": "2024-05-16T21:31:55Z",
   "published": "2023-11-14T21:31:01Z",
   "aliases": [
     "CVE-2023-27305"
@@ -24,6 +24,10 @@
     {
       "type": "WEB",
       "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00864.html"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01020.html"
     }
   ],
   "database_specific": {

advisories/unreviewed/2024/03/GHSA-8rjr-8h65-297v/GHSA-8rjr-8h65-297v.json

@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-8rjr-8h65-297v",
-  "modified": "2024-03-25T12:30:52Z",
+  "modified": "2024-05-16T21:31:56Z",
   "published": "2024-03-25T12:30:52Z",
   "aliases": [
     "CVE-2021-47173"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc/uss720: fix memory leak in uss720_probe\n\nuss720_probe forgets to decrease the refcount of usbdev in uss720_probe.\nFix this by decreasing the refcount of usbdev by usb_put_dev.\n\nBUG: memory leak\nunreferenced object 0xffff888101113800 (size 2048):\n  comm \"kworker/0:1\", pid 7, jiffies 4294956777 (age 28.870s)\n  hex dump (first 32 bytes):\n    ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00  ....1...........\n    00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00  ................\n  backtrace:\n    [<ffffffff82b8e822>] kmalloc include/linux/slab.h:554 [inline]\n    [<ffffffff82b8e822>] kzalloc include/linux/slab.h:684 [inline]\n    [<ffffffff82b8e822>] usb_alloc_dev+0x32/0x450 drivers/usb/core/usb.c:582\n    [<ffffffff82b98441>] hub_port_connect drivers/usb/core/hub.c:5129 [inline]\n    [<ffffffff82b98441>] hub_port_connect_change drivers/usb/core/hub.c:5363 [inline]\n    [<ffffffff82b98441>] port_event drivers/usb/core/hub.c:5509 [inline]\n    [<ffffffff82b98441>] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591\n    [<ffffffff81259229>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275\n    [<ffffffff81259b19>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421\n    [<ffffffff81261228>] kthread+0x178/0x1b0 kernel/kthread.c:292\n    [<ffffffff8100227f>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
   ],
   "affected": [
 
@@ -53,9 +56,9 @@
   ],
   "database_specific": {
     "cwe_ids": [
-
+      "CWE-401"
     ],
-    "severity": null,
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2024-03-25T10:15:09Z"

advisories/unreviewed/2024/03/GHSA-9vg5-4v4q-375p/GHSA-9vg5-4v4q-375p.json

@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-9vg5-4v4q-375p",
-  "modified": "2024-03-25T12:30:52Z",
+  "modified": "2024-05-16T21:31:56Z",
   "published": "2024-03-25T12:30:52Z",
   "aliases": [
     "CVE-2021-47171"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: fix memory leak in smsc75xx_bind\n\nSyzbot reported memory leak in smsc75xx_bind().\nThe problem was is non-freed memory in case of\nerrors after memory allocation.\n\nbacktrace:\n  [<ffffffff84245b62>] kmalloc include/linux/slab.h:556 [inline]\n  [<ffffffff84245b62>] kzalloc include/linux/slab.h:686 [inline]\n  [<ffffffff84245b62>] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460\n  [<ffffffff82b5b2e6>] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
   ],
   "affected": [
 
@@ -53,9 +56,9 @@
   ],
   "database_specific": {
     "cwe_ids": [
-
+      "CWE-401"
     ],
-    "severity": null,
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2024-03-25T10:15:08Z"

advisories/unreviewed/2024/03/GHSA-w5g2-4rxc-h7x8/GHSA-w5g2-4rxc-h7x8.json

@@ -1,14 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-w5g2-4rxc-h7x8",
-  "modified": "2024-04-04T15:30:33Z",
+  "modified": "2024-05-16T21:31:56Z",
   "published": "2024-03-25T12:30:52Z",
   "aliases": [
     "CVE-2021-47179"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()\n\nCommit de144ff4234f changes _pnfs_return_layout() to call\npnfs_mark_matching_lsegs_return() passing NULL as the struct\npnfs_layout_range argument. Unfortunately,\npnfs_mark_matching_lsegs_return() doesn't check if we have a value here\nbefore dereferencing it, causing an oops.\n\nI'm able to hit this crash consistently when running connectathon basic\ntests on NFS v4.1/v4.2 against Ontap.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
   ],
   "affected": [
 
@@ -49,9 +52,9 @@
   ],
   "database_specific": {
     "cwe_ids": [
-
+      "CWE-476"
     ],
-    "severity": null,
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2024-03-25T10:15:09Z"

advisories/unreviewed/2024/04/GHSA-24g5-r7q6-hhmg/GHSA-24g5-r7q6-hhmg.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-24g5-r7q6-hhmg",
-  "modified": "2024-04-12T15:37:22Z",
+  "modified": "2024-05-16T21:31:56Z",
   "published": "2024-04-12T15:37:21Z",
   "aliases": [
     "CVE-2024-21605"

advisories/unreviewed/2024/04/GHSA-474g-v543-635g/GHSA-474g-v543-635g.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-474g-v543-635g",
-  "modified": "2024-04-12T15:37:22Z",
+  "modified": "2024-05-16T21:31:56Z",
   "published": "2024-04-12T15:37:22Z",
   "aliases": [
     "CVE-2024-30409"

advisories/unreviewed/2024/04/GHSA-53r8-h9fr-mwc7/GHSA-53r8-h9fr-mwc7.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-53r8-h9fr-mwc7",
-  "modified": "2024-04-12T15:37:21Z",
+  "modified": "2024-05-16T21:31:56Z",
   "published": "2024-04-12T15:37:21Z",
   "aliases": [
     "CVE-2024-21590"

advisories/unreviewed/2024/04/GHSA-6gj8-fxh3-h3j9/GHSA-6gj8-fxh3-h3j9.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6gj8-fxh3-h3j9",
-  "modified": "2024-04-12T15:37:22Z",
+  "modified": "2024-05-16T21:31:57Z",
   "published": "2024-04-12T15:37:22Z",
   "aliases": [
     "CVE-2024-30405"
@@ -25,6 +25,10 @@
       "type": "WEB",
       "url": "https://supportportal.juniper.net/JSA79105"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
+    },
     {
       "type": "WEB",
       "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:Y/R:A/V:D/RE:L/U:Green"

advisories/unreviewed/2024/04/GHSA-6rj9-5jww-q88j/GHSA-6rj9-5jww-q88j.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6rj9-5jww-q88j",
-  "modified": "2024-04-12T15:37:22Z",
+  "modified": "2024-05-16T21:31:56Z",
   "published": "2024-04-12T15:37:22Z",
   "aliases": [
     "CVE-2024-21618"
@@ -25,6 +25,10 @@
       "type": "WEB",
       "url": "https://supportportal.juniper.net/JSA75759"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
+    },
     {
       "type": "WEB",
       "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"

advisories/unreviewed/2024/04/GHSA-6w3v-8x64-r348/GHSA-6w3v-8x64-r348.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6w3v-8x64-r348",
-  "modified": "2024-05-14T15:32:50Z",
+  "modified": "2024-05-16T21:31:56Z",
   "published": "2024-04-12T15:37:22Z",
   "aliases": [
     "CVE-2024-21610"

advisories/unreviewed/2024/04/GHSA-6w72-x59c-h2c9/GHSA-6w72-x59c-h2c9.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6w72-x59c-h2c9",
-  "modified": "2024-04-12T18:33:26Z",
+  "modified": "2024-05-16T21:31:57Z",
   "published": "2024-04-12T18:33:26Z",
   "aliases": [
     "CVE-2024-30390"

advisories/unreviewed/2024/04/GHSA-76fc-hwwm-wmhg/GHSA-76fc-hwwm-wmhg.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-76fc-hwwm-wmhg",
-  "modified": "2024-04-12T18:33:26Z",
+  "modified": "2024-05-16T21:31:57Z",
   "published": "2024-04-12T18:33:26Z",
   "aliases": [
     "CVE-2024-30384"
@@ -21,6 +21,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30384"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
+    },
     {
       "type": "WEB",
       "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"

advisories/unreviewed/2024/04/GHSA-8vc5-fgcg-4vh9/GHSA-8vc5-fgcg-4vh9.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-8vc5-fgcg-4vh9",
-  "modified": "2024-04-12T18:33:27Z",
+  "modified": "2024-05-16T21:31:57Z",
   "published": "2024-04-12T18:33:27Z",
   "aliases": [
     "CVE-2024-30402"
@@ -25,6 +25,10 @@
       "type": "WEB",
       "url": "https://supportportal.juniper.net/JSA79180"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
+    },
     {
       "type": "WEB",
       "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"

advisories/unreviewed/2024/04/GHSA-96r2-52xr-8x9x/GHSA-96r2-52xr-8x9x.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-96r2-52xr-8x9x",
-  "modified": "2024-04-12T15:37:22Z",
+  "modified": "2024-05-16T21:31:57Z",
   "published": "2024-04-12T15:37:22Z",
   "aliases": [
     "CVE-2024-30410"

advisories/unreviewed/2024/04/GHSA-99g6-3hjh-hcxr/GHSA-99g6-3hjh-hcxr.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-99g6-3hjh-hcxr",
-  "modified": "2024-04-12T15:37:22Z",
+  "modified": "2024-05-16T21:31:56Z",
   "published": "2024-04-12T15:37:22Z",
   "aliases": [
     "CVE-2024-30395"
@@ -25,6 +25,10 @@
       "type": "WEB",
       "url": "https://supportportal.juniper.net/JSA79095"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
+    },
     {
       "type": "WEB",
       "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"

advisories/unreviewed/2024/04/GHSA-chjj-m6f7-j5g6/GHSA-chjj-m6f7-j5g6.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-chjj-m6f7-j5g6",
-  "modified": "2024-04-12T15:37:21Z",
+  "modified": "2024-05-16T21:31:56Z",
   "published": "2024-04-12T15:37:21Z",
   "aliases": [
     "CVE-2024-21593"
@@ -25,6 +25,10 @@
       "type": "WEB",
       "url": "https://supportportal.juniper.net/JSA75732"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
+    },
     {
       "type": "WEB",
       "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"

advisories/unreviewed/2024/04/GHSA-fhrq-x65x-r754/GHSA-fhrq-x65x-r754.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-fhrq-x65x-r754",
-  "modified": "2024-04-12T15:37:22Z",
+  "modified": "2024-05-16T21:31:56Z",
   "published": "2024-04-12T15:37:22Z",
   "aliases": [
     "CVE-2024-21615"

advisories/unreviewed/2024/04/GHSA-fwcw-wmg8-r4vq/GHSA-fwcw-wmg8-r4vq.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-fwcw-wmg8-r4vq",
-  "modified": "2024-04-12T18:33:26Z",
+  "modified": "2024-05-16T21:31:57Z",
   "published": "2024-04-12T18:33:26Z",
   "aliases": [
     "CVE-2024-30388"
@@ -21,6 +21,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30388"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
+    },
     {
       "type": "WEB",
       "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"

advisories/unreviewed/2024/04/GHSA-gfmf-6ghh-gjwr/GHSA-gfmf-6ghh-gjwr.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-gfmf-6ghh-gjwr",
-  "modified": "2024-04-15T15:30:51Z",
+  "modified": "2024-05-16T21:31:57Z",
   "published": "2024-04-12T18:33:27Z",
   "aliases": [
     "CVE-2024-30397"
@@ -25,6 +25,10 @@
       "type": "WEB",
       "url": "https://supportportal.juniper.net/JSA79179"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
+    },
     {
       "type": "WEB",
       "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"