jramos/cve-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7ea4ceb8df1197b8e72503b755437b779da59193
cve-dashboard/cve_database.db

292 lines
140 KiB
Plaintext
Raw Normal View History

Add admin page overhaul and compliance schema drift check specs, compliance upload improvements, drift checker helper
2026-04-20 20:12:12 +00:00
SQLite format 3@ <00>#<00>.r<><0F><0F>  <09> x 5<08><08>T<07><07><03>~<03>t'<00><00>/Cindexsqlite_autoindex_sessions_1sessionsU1qindexidx_users_usernameusersCREATE INDEX idx_users_username ON users(username)<29>s<01>EtableusersusersCREATE TABLE users (
id INTEGER PRIMARY KEY AUTOINCREMENT,
username VARCHAR(50) UNIQUE NOT NULL,
email VARCHAR(255) UNIQUE NOT NULL,
password_hash VARCHAR(255) NOT NULL,
role VARCHAR(20) NOT NULL DEFAULT 'viewer',
is_active BOOLEAN DEFAULT 1,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
last_login TIMESTAMP,
CHECK (role IN ('admin', 'editor', 'viewer'))
))=indexsqlite_autoindex_users_2users)=indexsqlite_autoindex_users_1users<0F>c 33<08>qviewcve_document_statuscve_document_statusCREATE VIEW cve_document_status AS
SELECT
c.id as record_id,
c.cve_id,
c.vendor,
c.severity,
c.status,
COUNT(DISTINCT d.id) as total_documents,
COUNT(DISTINCT CASE WHEN d.type = 'advisory' THEN d.id END) as advisory_count,
COUNT(DISTINCT CASE WHEN d.type = 'email' THEN d.id END) as email_count,
COUNT(DISTINCT CASE WHEN d.type = 'screenshot' THEN d.id END) as screenshot_count,
CASE
WHEN COUNT(DISTINCT CASE WHEN d.type = 'advisory' THEN d.id END) > 0
THEN 'Complete'
ELSE 'Missing Required Docs'
END as compliance_status
FROM cves c
LEFT JOIN documents d ON c.cve_id = d.cve_id AND c.vendor = d.vendor
GROUP BY c.id, c.cve_id, c.vendor, c.severity, c.statusM %eindexidx_doc_typedocuments CREATE INDEX idx_doc_type ON documents(type)S )mindexidx_doc_vendordocuments CREATE INDEX idx_doc_vendor ON documents(vendor)S
)mindexidx_doc_cve_iddocuments CREATE INDEX idx_doc_cve_id ON documents(cve_id)A ![indexidx_statuscves
CREATE INDEX idx_status ON cves(status)G%cindexidx_severitycves CREATE INDEX idx_severity ON cves(severity)A![indexidx_vendorcvesCREATE INDEX idx_vendor ON cves(vendor)A![indexidx_cve_idcvesCREATE INDEX idx_cve_id ON cves(cve_id)<29>I11<01>=tablerequired_documentsrequired_documentsCREATE TABLE required_documents (
id INTEGER PRIMARY KEY AUTOINCREMENT,
vendor VARCHAR(100) NOT NULL,
document_type VARCHAR(50) NOT NULL,
is_mandatory BOOLEAN DEFAULT 1,
description TEXT
)<29>Y<01>tabledocumentsdocumentsCREATE TABLE documents (
id INTEGER PRIMARY KEY AUTOINCREMENT,
cve_id VARCHAR(20) NOT NULL,
vendor VARCHAR(100) NOT NULL,
name VARCHAR(255) NOT NULL,
type VARCHAR(50) NOT NULL,
file_path VARCHAR(500) NOT NULL,
file_size VARCHAR(20),
mime_type VARCHAR(100),
uploaded_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
notes TEXT,
FOREIGN KEY (cve_id) REFERENCES cves(cve_id) ON DELETE CASCADE
)P++Ytablesqlite_sequencesqlite_sequenceCREATE TABLE sqlite_sequence(name,seq)<29><01>tablecvescvesCREATE TABLE cves (
id INTEGER PRIMARY KEY AUTOINCREMENT,
cve_id VARCHAR(20) NOT NULL,
vendor VARCHAR(100) NOT NULL,
severity VARCHAR(20) NOT NULL,
description TEXT,
published_date DATE,
status VARCHAR(50) DEFAULT 'Open',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
UNIQUE(cve_id, vendor)
)';indexsqlite_autoindex_cves_1cves <0F>#<0F> <0C> k \<07><00><07><06><06>;<05><05>+<03><01><01><01><00>\ '<1D>!33CVE-2015-7871JuniperCriticalCrypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.2017-08-07Open2026-01-30 18:04:072026-02-09 17:12:57W
'!33CVE-2024-6387JuniperHigh 2026-02-09Open2026-02-09 15:33:572026-02-09 15:33:57<35> '<15>!33CVE-2024-6387CiscoHighA signal handler race condition was found in sshd, where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then the sshd SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog()2026-02-06Open2026-02-06 23:09:082026-02-06 23:09:08<30> )<19>!33CVE-2024-39894CiscoMediumA signal handler race condition was found in sshd, where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then the sshd SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog()2026-02-06Open2026-02-06 22:30:192026-02-06 22:30:19Y
)!33CVE-2025-32433HarmonicHigh 2026-01-30Open2026-01-30 22:13:402026-01-30 22:13:40Y
)!33CVE-2024-38475HarmonicHigh 2026-01-30Open2026-01-30 22:11:542026-01-30 22:11:54X
)!33CVE-2023-44487JuniperHigh 2026-01-30Open2026-01-30 22:05:532026-01-30 22:05:53X
)!33CVE-2023-38408JuniperHigh 2026-01-30Open2026-01-30 21:50:522026-01-30 21:50:52W
)!33CVE-2023-38408VecimaHigh 2026-01-30Open2026-01-30 21:50:052026-01-30 21:50:05W
)!33CVE-2023-38408FalconHigh 2026-01-30Open2026-01-30 21:48:392026-01-30 21:48:39
X)!33CVE-2023-25690CiscoHigh 2026-01-30Open2026-01-30 21:43:282026-01-30 21:43:28W
'!33CVE-2023-3824JuniperHigh 2026-01-30Open2026-01-30 21:37:542026-01-30 21:37:54<35>a '<15>#!33CVE-2013-4786FalconHighThe IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC.2013-07-08Open2026-01-30 17:52:072026-02-09 17:12:57<35>) '<15>1!33CVE-2011-4862AvocentHighBuffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.2011-12-25Open2026-01-30 17:49:572026-02-09 17:12:5757a)<19>U!33CVE-2018-15473JuniperMediumCVE-2018-15473 is a vulnerability in OpenSSH versions up<75>] )<19>!33CVE-2018-15473JuniperMediumOpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.2018-08-17Open2026-01-28 19:20:282026-02-09 17:12:57U
)!33CVE-2023-38408CasaHigh 2026-01-28Open2026-01-28 18:34:012026-01-28 18:34:01<30>I )<15>s!33CVE-2023-38408CiscoHighCVE-2023-38408 is a critical vulnerability in the PKCS#11 feature of ssh-agent within OpenSSH versions prior to 9.3p2. This flaw arises from an insufficiently trustworthy search path, which can lead to remote code execution (RCE) when an agent is forwarded to an attacker-controlled system. The issue stems from an incomplete fix for a prior vulnerability, CVE-2016-100092026-01-28Open2026-01-28 18:33:022026-01-28 18:33:02<30>
/a!33CVE-2024-SAMPLE-1CiscoHighSample remote code execution vulnerability2024-01-15Open2026-01-28 16:04:462026-01-28 16:04:46<34>

/a!33CVE-2024-SAMPLE-1MicrosoftCriticalSample remote code execution vulnerability2024-01-15Open2026-01-28 16:04:462026-01-28 16:"
 <0A>_F,y<0E><0F><0F><0E><0E><0E><0E>s>& <0A>WWWW'CVE-2024-6387Juniper<0F>CVE-2024-87Juniper'CVE-2024-6387Cisco)CVE-2024-39894Cisco)CVE-2025-32433Harmonic)CVE-2024-38475Harmonic)CVE-2023-44487Juniper)CVE-2023-38408Juniper )CVE-2023-38408Vecima )CVE-2023-38408Falcon )CVE-2023-25690Cisco
'CVE-2023-3824Juniper 'CVE-2015-7871Juniper'CVE-2013-4786Falcon'CVE-2011-4862Avocent)CVE-2018-15473Juniper)CVE-2023-38408Casa)CVE-2023-38408Cisco;CVE-2024-SAMPLE-1Cisco CVE-2024-SAMPLE-1Microsoft <0F><0F><0F><0F><0F><0F><0F><0F>
<EFBFBD> <09>e*[a<02>_<00>+ )<1B>1<17> =3CVE-2023-38408JuniperJUNIPER EXTERNAL Re Question regarding QFXACX vulnerability to CVE-2023-38408.msgemailuploads/CVE-2023-38408/Juniper/1769809877252-JUNIPER EXTERNAL Re Question regarding QFXACX vulnerability to CVE-2023-38408.msg62.50 KBapplication/octet-stream2026-01-30 21:51:17<31>Q )_<1D>7+3CVE-2023-38408VecimaVecima VBS Products - CVE-2023-38408.pdfadvisoryuploads/CVE-2023-38408/Vecima/1769809826006-Vecima VBS Products - CVE-2023-38408.pdf359.72 KBapplication/pdf2026-01-30 21:50:26<32>w )<17>W=3CVE-2023-38408Falcon_EXTERNAL_ CVEs detected on servers dedicated for FVS.msgemailuploads/CVE-2023-38408/Falcon/1769809761373-_EXTERNAL_ CVEs detected on servers dedicated for FVS.msg142.50 KBapplication/octet-stream2026-01-30 21:49:21<32>L )W<17>-=3CVE-2023-38408CiscoCISCO EXTERNAL Re CVE-2023-38408.msgemailuploads/CVE-2023-38408/Cisco/1769809637194-CISCO EXTERNAL Re CVE-2023-38408.msg44.50 KBapplication/octet-stream2026-01-30 21:47:17<31>X )]<17>337CVE-2023-25690Ciscod83e8dae-0765-4282-9baa-7da599af3c9f.PNGotheruploads/CVE-2023-25690/Cisco/1769809468697-d83e8dae-0765-4282-9baa-7da599af3c9f.PNG69.92 KBimage/png2026-01-30 21:44:28affected devices list<73>
)<17>%<1D>{+3CVE-2023-25690CiscoCVE-2023-25690 -Cisco NX-OS Software CLI Command Injection Vulnerability.pdfadvisoryuploads/CVE-2023-25690/Cisco/1769809434901-CVE-2023-25690 -Cisco NX-OS Software CLI Command Injection Vulnerability.pdf164.75 KBapplication/pdf2026-01-30 21:43:55<35>D '<1B>Q<1D>)+3CVE-2023-3824Juniper2024-10 Security Bulletin_ Junos OS_ J-Web_ Multiple vulnerabilities resolved in PHP software_.pdfBulletinuploads/CVE-2023-3824/Juniper/1769809114084-2024-10 Security Bulletin_ Junos OS_ J-Web_ Multiple vulnerabilities resolved in PHP software_.pdf115.06 KBapplication/pdf2026-01-30 21:38:34<33>@ '<1B>M<1D>%+3CVE-2015-7871Juniper2024-05 Reference Advisory_ Junos OS and Junos OS Evolved_ Multiple CVEs reported in OpenSSH.pdfadvisoryuploads/CVE-2015-7871/Juniper/1769796312213-2024-05 Reference Advisory_ Junos OS and Junos OS Evolved_ Multiple CVEs reported in OpenSSH.pdf228.85 KBapplication/pdf2026-01-30 18:05:12<31>: '<1B>G<1D>+3CVE-2015-7871Juniper2015-10 Out of Cycle Security Bulletin_ NTP.org announcement of multiple vulnerabilities_.pdfBulletinuploads/CVE-2015-7871/Juniper/1769796292852-2015-10 Out of Cycle Security Bulletin_ NTP.org announcement of multiple vulnerabilities_.pdf125.11 KBapplication/pdf2026-01-30 18:04:53<35>u '<17>U=3CVE-2013-4786Falcon_EXTERNAL_ CVEs detected on servers dedicated for FVS.msgemailuploads/CVE-2013-4786/Falcon/1769795581596-_EXTERNAL_ CVEs detected on servers dedicated for FVS.msg142.50 KBapplication/octet-stream2026-01-30 17:53:01<30> '-!<21>3CVE-2013-4786Falconvendor-webex.pngscreenshotuploads/CVE-2013-4786/Falcon/1769795558046-vendor-webex.png61.60 KBimage/png2026-01-30 17:52:38<33>G 'U<1D>-+3CVE-2011-4862AvocentACS 6000 Release Notes_v2_4_0_26.pdfadvisoryuploads/CVE-2011-4862/Avocent/1769795426570-ACS 6000 Release Notes_v2_4_0_26.pdf246.90 KBapplication/pdf2026-01-30 17:50:26<32> )<1B><1D>]=3CVE-2018-15473JuniperRe EXTERNAL Re Juniper vulnerabilities (CVE-2018-15473).msgadvisoryuploads/CVE-2018-15473/Juniper/1769628097293-Re EXTERNAL Re Juniper vulnerabilities (CVE-2018-15473).msg82.50 KBapplication/octet-stream2026-01-28 19:21:37<33>o )u<17>O=3CVE-2018-15473Juniper_EXTERNAL_ Re_ Juniper CVE-2018-15473 Discussion.msgemailuploads/CVE-2018-15473/Juniper/1769628071623-_EXTERNAL_ Re_ Juniper CVE-2018-15473 Discussion.msg146.50 KBapplication/octet-stream2026-01-28 19:21:11<31>F )]<1D>33CVE-2023-38408Cisco262597a6-90af-4cd8-9f96-9ab09b068a5b.PNGadvisoryuploads/CVE-2023-38408/Cisco/1769625210462-262597a6-90af-4cd8-9f96-9ab09b068a5b.PNG50.89 KBimage/png2026-01-28 18: <0E><0F><0F>b7 <0E>
<0E><0E><0F>xf<0F>AT<0F><0F>.<0E><0E><0E><0E><0E><0E><0E><0E><0E>'CVE-2024-6387<0F>CVE-2024-87'CVE-2024-6387)CVE-2024-39894)CVE-2025-32433)CVE-2024-38475)CVE-2023-44487)CVE-2023-38408 )CVE-2023-38408 )CVE-2023-38408 )CVE-2023-25690
'CVE-2023-3824 'CVE-2015-7871'CVE-2013-4786'CVE-2011-4862)CVE-2018-15473)CVE-2023-38408)CVE-2023-38408+CVE-2024-SAMPLE-1CVE-2024-SAMPLE-1
)<0F><0F><0F><0F>?5<0F><0F>VI<0F><0F><0F>oc{{{{ Juniper<0F> Juniper Cisco Cisco Harmonic Harmonic Juniper Juniper
Vecima
Falcon Cisco
Juniper Juniper
Falcon Avocent JuniperCasa CiscoCisco Microsoft
i<0F><0F>6<0F>)<0F><0F>nL<0F>{^UC<0F><0F><0F>^ Critical Critical Critical
CriticalHighHighHighHighm<0F>H CriticalHigh Critical H Critical CriticalH Critical High<0F> Medium
Medium<0F>H CriticalHigh Critical
VM<0F><0F><0F><0F><0F><0F><0F><0F><0F><0F><0F><0F>zqh_MMMMOpen<0F> OpenOpenOpenOpenOpenOpenOpen Open Open Open
Open OpenOpenOpenOpenOpenOpenOpenOpen
g<0F><0F><0F><0F>n<0F><0F>I6\<0F>#<0E><0E><0E><0E><0E>yg<0E><0E><0E>#CVE-2024-87'CVE-2024-6387'CVE-2024-6387)CVE-2024-39894)CVE-2025-32433)CVE-2025-32433)CVE-2024-38475)CVE-2023-44487)CVE-2023-38408)CVE-2023-38408)CVE-2023-38408 )CVE-2023-38408 )CVE-2023-25690 )CVE-2023-25690
'CVE-2023-3824 'CVE-2015-7871'CVE-2015-7871'CVE-2013-4786'CVE-2013-4786'CVE-2011-4862)CVE-2018-15473)CVE-2018-15473) CVE-2023-38408
<0F><0F><0F><0F>{<0F><0F>p@3&<0F><0F><0F><0F><0F>YMee Juniper Juniper Cisco Cisco Harmonic Harmonic Harmonic Juniper Juniper
Vecima
Falcon Cisco Cisco Cisco
Juniper Juniper Juniper
Falcon
Falcon Avocent Juniper Juniper Cisco
<0E><0F><0F><0F><0F><0F><0F><0F>X4' <0E>A<0F><0F>oeNy<0F><0F> advisory advisory advisory advisory advisory advisory advisory bulletin email advisory email email other advisory
Bulletin advisory Bulletin email!screenshot advisory advisory email  advisory  <0A>x<0E><0E> <0A><00>
=<3D> 33jramosjordan.ramos@charter.com$2b$10$jRygBtfBvFz84nyj.r.vxu934tWPS26gZmQSCmVLJUxsxU2S54FWyadmin2026-01-30 18:55:232026-02-09 15:26:57q
!<21> 3readonlyNa@na.com3$2b$10$y7qYkz4z/7uCTpwBUQBHH.poatUnSPtESuscmhM8pnSE.BJN0rbFiviewer2026-01-30 18:49:32<33>
K<> 3ulyulyssees.soudachahn@charter.com$2b$10$TJqMbwj52Z9qhRRxGJZ/Y.NmbvAy7vmZkrizVs5FPDN5CBRCJ7nZeeditor2026-01-30 18:47:34<33>
+<2B> 33adminadmin@localhost$2b$10$hw5fR8X0Nk.08TmELQDP5eKa/NwzKpiIx9hfZrBgQQZrS.R2jJz0yadmin2026-01-30 15:51:342026-01-30 15:52:57
<0F><0F><0F><0F><0F>
jramos readonlyuly admin
<0F><0F><0F><0F><0F>=jordan.ramos@charter.com!Na@na.com3#Kulyssees.soudachahn@charter.com+ admin@localhost
<0F><0F><0F><0F><0F>
jramos readonlyuly admin ,<0F><0E>,s<00> =34506d550aacff8873f480e57f12b1dd21a4f41cf9b8846de07c94d700abfc6582026-02-10T15:26:57.750Z2026-02-09 15:26:57s<00> =3a52e826a8b34e13f0df1ea18b33407f1464e48320beb94a18e81281e1a39a1552026-02-07T22:27:09.224Z2026-02-06 22:27:09s<00> =30b1641d1c36cf850b03c4a914342b1e9c96894a96997967d8c69a083c1af62dc2026-02-03T16:38:31.281Z2026-02-02 16:38:31s<00> =39e78d0bff2394a49b6b74e6604947d7799f3cf010be2a6717d9ce2962af499a420
<0E>t<0E><0F>.E<04> 4506d550aacff8873f480e57f12b1dd21a4f41cf9b8846de07c94d700abfc658E<04> a52e826a8b34e13f0df1ea18b33407f1464e48320beb94a18e81281e1a39a155E<04> 0b1641d1c36cf850b03c4a914342b1e9c96894a96997967d8c69a083c1af62dcE<04> 9e78d0bff2394a49b6b74e6604947d7799f3cf010be2a6717d9ce2962af499a4
id INTEGER PRIMARY KEY AUTOINCREMENT,
username VARCHAR(50) UNIQUE NOT NULL,
email VARCHAR(255) UNIQUE NOT NULL,
password_hash VARCHAR(255) NOT NULL,
role VARCHAR(20) NOT NULL DEFAULT 'viewer',
is_active BOOLEAN DEFAULT 1,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
last_login TIMESTAMP,
CHECK (role IN ('admin', 'editor', 'viewer'))
)<0F><=indexsqlite_autoindex_users_2users)=indexsqlite_autoindex_users_1users<0F>c 33<08>qviewcve_document_statuscve_document_statusCREATE VIEW cve_document_status AS
SELECT
c.id as record_id,
c.cve_id,
c.vendor,
c.severity,
c.status,
COUNT(DISTINCT d.id) as total_documents,
COUNT(DISTINCT CASE WHEN d.type = 'advisory' THEN d.id END) as advisory_count,
COUNT(DISTINCT CASE WHEN d.type = 'email' THEN d.id END) as email_count,
COUNT(DISTINCT CASE WHEN d.type = 'screenshot' THEN d.id END) as screenshot_count,
CASE
WHEN COUNT(DISTINCT CASE WHEN d.type = 'advisory' THEN d.id END) > 0
THEN 'Complete'
ELSE 'Missing Required Docs'
END as compliance_status
FROM cves c
LEFT JOIN documents d ON c.cve_id = d.cve_id AND c.vendor = d.vendor
GROUP BY c.id, c.cve_id, c.vendor, c.severity, c.statusM %eindexidx_doc_typedocuments CREATE INDEX idx_doc_type ON documents(type)S )mindexidx_doc_vendordocuments CREATE INDEX idx_doc_vendor ON documents(vendor)S
)mindexidx_doc_cve_iddocuments CREATE INDEX idx_doc_cve_id ON documents(cve_id)A ![indexidx_statuscves
CREATE INDEX idx_status ON cves(status)G%cindexidx_severitycves CREATE INDEX idx_severity ON cves(severity)A![indexidx_vendorcvesCREATE INDEX idx_vendor ON cves(vendor)A![indexidx_cve_idcvesCREATE INDEX idx_cve_id ON cves(cve_id)<29>I11<01>=tablerequired_documentsrequired_documentsCREATE TABLE required_documents (
id INTEGER PRIMARY KEY AUTOINCREMENT,
vendor VARCHAR(100) NOT NULL,
document_type VARCHAR(50) NOT NULL,
is_mandatory BOOLEAN DEFAULT 1,
description TEXT
)<29>Y<01>tabledocumentsdocumentsCREATE TABLE documents (
id INTEGER PRIMARY KEY AUTOINCREMENT,
cve_id VARCHAR(20) NOT NULL,
vendor VARCHAR(100) NOT NULL,
name VARCHAR(255) NOT NULL,
type VARCHAR(50) NOT NULL,
file_path VARCHAR(500) NOT NULL,
file_size VARCHAR(20),
mime_type VARCHAR(100),
uploaded_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
notes TEXT,
FOREIGN KEY (cve_id) REFERENCES cves(cve_id) ON DELETE CASCADE
)P++Ytablesqlite_sequencesqlite_sequenceCREATE TABLE sqlite_sequence(name,seq)<29><01>tablecvescvesCREATE TABLE cves (
id INTEGER PRIMARY KEY AUTOINCREMENT,
cve_id VARCHAR(20) NOT NULL,
vendor VARCHAR(100) NOT NULL,
severity VARCHAR(20) NOT NULL,
description TEXT,
published_date DATE,
status VARCHAR(50) DEFAULT 'Open',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
UNIQUE(cve_id, vendor)
)';indexsqlite_autoindex_cves_1cves 
$ <09> <09> w<07><07>^<06><06> e<04>8<03>r
f5!<01>indexidx_audit_created_ataudit_logsCREATE INDEX idx_audit_created_at ON audit_logs(created_at)i7!<01>indexidx_audit_entity_typeaudit_logsCREATE INDEX idx_audit_entity_type ON audit_logs(entity_type)Y-!sindexidx_audit_actionaudit_logsCREATE INDEX idx_audit_action ON audit_logs(action)\/!windexidx_audit_user_idaudit_logsCREATE INDEX idx_audit_user_id ON audit_logs(user_id)<29>!!<01>Otableaudit_logsaudit_logsCREATE TABLE audit_logs (
id INTEGER PRIMARY KEY AUTOINCREMENT,
user_id INTEGER,
username VARCHAR(50) NOT NULL,
action VARCHAR(50) NOT NULL,
entity_type VARCHAR(50) NOT NULL,
entity_id VARCHAR(100),
details TEXT,
ip_address VARCHAR(45),
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
)a5indexidx_sessions_expiressessionsCREATE INDEX idx_sessions_expires ON sessions(expires_at)^5yindexidx_sessions_user_idsessionsCREATE INDEX idx_sessions_user_id ON sessions(user_id)h;<01>indexidx_sessions_session_idsessionsCREATE INDEX idx_sessions_session_id ON sessions(session_id)/Cindexsqlite_autoindex_sessions_1sessions<13>{<01>ItablesessionssessionsCREATE TABLE sessions (
id INTEGER PRIMARY KEY AUTOINCREMENT,
session_id VARCHAR(255) UNIQUE NOT NULL,
user_id INTEGER NOT NULL,
expires_at TIMESTAMP NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
)U1qindexidx_users_usernameusersCREATE INDEX idx_users_username ON users(username))=indexsqlite_autoindex_users_2users)=indexsqlite_autoindex_users_1users<0F>s<01>EtableusersusersCREATE TABLE users (
id INTEGER PRIMARY KEY AUTOINCREMENT,
username VARCHAR(50) UNIQUE NOT NULL,
email VARCHAR(255) UNIQUE NOT NULL,
password_hash VARCHAR(255) NOT NULL,
role VARCHAR(20) NOT NULL DEFAULT 'viewer',
is_active BOOLEAN DEFAULT 1,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
last_login TIMESTAMP,
CHECK (role IN ('admin', 'editor', 'viewer'))
)K33<08>qviewcve_document_statuscve_document_statusCREATE VIEW cve<00>33<08>[viewcve_document_statuscve_document_statusCREATE VIEW cve_document_status AS
SELECT
c.id as record_id,
c.cve_id,
c.vendor,
c.severity,
c.status,
COUNT(DISTINCT d.id) as total_documents,
COUNT(DISTINCT CASE WHEN d.type = 'advisory' THEN d.id END) as advisory_count,
COUNT(DISTINCT CASE WHEN d.type = 'email' THEN d.id END) as email_count,
COUNT(DISTINCT CASE WHEN d.type = 'screenshot' THEN d.id END) as screenshot_count,
CASE
WHEN COUNT(DISTINCT CASE WHEN d.type = 'advisory' THEN d.id END) > 0
THEN 'Complete'
ELSE 'Missing Required Docs'
END as compliance_status
FROM cves c
LEFT JOIN documents d ON c.cve_id = d.cve_id AND c.vendor = d.vendor
GROUP BY c.id, c.cve_id, c.vendor, c.severity, c.status
<0E>t<0E><0F>.E<04> 4506d550aacff8873f480e57f12b1dd21a4f41cf9b8846de07c94d700abfc658E<04> a52e826a8b34e13f0df1ea18b33407f1464e48320beb94a18e81281e1a39a155E<04> 0b1641d1c36cf850b03c4a914342b1e9c96894a96997967d8c69a083c1af62dcE<04> 9e78d0bff2394a49b6b74e6604947d7799f3cf010be2a6717d9ce2962af499a4
<0F><0F><0F><0F><0F>
<0F><0F><0F><0F><0F>=2026-02-10T15:26:57.750Z=2026-02-07T22:27:09.224Z=2026-02-03T16:38:31.281Z=2026-01-31T19:37:05.000Z
<EFBFBD>
/ g<08>4<07><06>`l<04>-<03><02><01><01>A<00>y
!)Y53jramoscve_createcveCVE-2024-39894{"vendor":"Cisco","severity":"Medium"}::ffff:142.136.2.1092026-02-06 22:30:19Q
-53jramosloginauth{"role":"admin"}::ffff:142.136.2.1092026-02-06 22:27:09Q
-53jramosloginauth{"role":"admin"}::ffff:142.136.2.1092026-02-02 16:38:31<33>O +)<29>s13jramosdocument_uploaddocumentCVE-2025-32433{"vendor":"Harmonic","type":"advisory","filename":"Re_ _EXTERNAL_ RE_ Request for Information AA_HARMONI-2057.msg"}::ffff:10.54.46.392026-01-30 22:14:32<33>w +)<29>C13jramosdocument_uploaddocumentCVE-2025-32433{"vendor":"Harmonic","type":"advisory","filename":"Multiple Cisco Products Unauthenticated Remote Code Execution in Erlang_OTP SSH Server_ April 2025.pdf"}::ffff:10.54.46.392026-01-30 22:14:10x
!)[13jramoscve_createcveCVE-2025-32433{"vendor":"Harmonic","severity":"High"}::ffff:10.54.46.392026-01-30 22:13:40<34>B +)<29>Y13jramosdocument_uploaddocumentCVE-2024-38475{"vendor":"Harmonic","type":"advisory","filename":"Harmonic-vCMTS MISC SCAN (SECURITY-10313) PDF.pdf"}::ffff:10.54.46.392026-01-30 22:12:25x
!)[13jramoscve_createcveCVE-2024-38475{"vendor":"Harmonic","severity":"High"}::ffff:10.54.46.392026-01-30 22:11:54<35>q +)<29>713jramosdocument_uploaddocumentCVE-2023-44487{"vendor":"Juniper","type":"bulletin","filename":"2024-10 Security Bulletin_ Junos OS_ Multiple vulnerabilities in OSS component nginx resolved.pdf"}::ffff:10.54.46.392026-01-30 22:06:26w
!)Y13jramoscve_createcveCVE-2023-44487{"vendor":"Juniper","severity":"High"}::ffff:10.54.46.392026-01-30 22:05:53<35>_ +)<29>13jramosdocument_uploaddocumentCVE-2023-38408{"vendor":"Juniper","type":"email","filename":"JUNIPER EXTERNAL Re Question regarding QFXACX vulnerability to CVE-2023-38408.msg"}::ffff:10.54.46.392026-01-30 21:51:17w
!)Y13jramoscve_createcveCVE-2023-38408{"vendor":"Juniper","severity":"High"}::ffff:10.54.46.392026-01-30 21:50:52<35>8 +)<29>E13jramosdocument_uploaddocumentCVE-2023-38408{"vendor":"Vecima","type":"advisory","filename":"Vecima VBS Products - CVE-2023-38408.pdf"}::ffff:10.54.46.392026-01-30 21:50:26v
!)W13jramoscve_createcveCVE-2023-38408{"vendor":"Vecima","severity":"High"}::ffff:10.54.46.392026-01-30 21:50:05<30>E +)<29>_13jramosdocument_uploaddocumentCVE-2023-38408{"vendor":"Falcon","type":"email","filename":"_EXTERNAL_ CVEs detected on servers dedicated for FVS.msg"}::ffff:10.54.46.392026-01-30 21:49:21v
!)W13jramoscve_createcveCVE-2023-38408{"vendor":"Falcon","severity":"High"}::ffff:10.54.46.392026-01-30 21:48:39<33>0 +)<29>513jramosdocument_uploaddocumentCVE-2023-38408{"vendor":"Cisco","type":"email","filename":"CISCO EXTERNAL Re CVE-2023-38408.msg"}::ffff:10.54.46.392026-01-30 21:47:17<31>3 +)<29>;13jramosdocument_uploaddocumentCVE-2023-25690{"vendor":"Cisco","type":"other","filename":"d83e8dae-0765-4282-9baa-7da599af3c9f.PNG"}::ffff:10.54.46.392026-01-30 21:44:28<32>Z +)<29> 13jramosdocument_uploaddocumentCVE-2023-25690{"vendor":"Cisco","type":"advisory","filename":"CVE-2023-25690 -Cisco NX-OS Software CLI Command Injection Vulnerability.pdf"}::ffff:10.54.46.392026-01-30 21:43:55u
!)U13jramoscve_createcveCVE-2023-25690{"vendor":"Cisco","severity":"High"}::ffff:10.54.46.392026-01-30 21:43:28<32>q +'<27>913jramosdocument_uploaddocumentCVE-2023-3824{"vendor":"Juniper","type":"Bulletin","filename":"2024-10 Security Bulletin_ Junos OS_ J-Web_ Multiple vulnerabilities resolved in PHP software_.pdf"}::ffff:10.54.46.392026-01-30 21:38:34v
!'Y13jramoscve_createcveCVE-2023-3824{"vendor":"Juniper","severity":"High"}::ffff:10.54.46.392026-01-30 21:37:54<35> #<0F>713jramosuser_updateuser1{"username":"admin","email":"admin@localhost","role":"admin","password_changed":true}::ffff:10.54.46.392026-01-30 19:37:27O
-13jramosloginauth{"role":"admin"}::ffff:10.54.46.392026-01-30 19:37:05>
13adminlogoutauth::ffff:10.54.46.392026-01-30 19: 
$*<0F><0F><0F><0F><0F><0F><0F><0F><0F><0F><0F><0F><0F><0F><0F><0F><0F><0F><0F><0F><0F>~xrlf`ZTNHB<60*$#"!    
 
$ <0A><0F><0F>_<<0E><0E><0E>eB <0A> <0A> <0A><0F><0F><0F>nK(<0E><0E><0E><0E>Q. <0A> <0A><0F>~t$<0F><0F>!cve_delete$%cve_nvd_sync#!cve_delete"+document_upload!+document_upload !cve_create!cve_create login+document_upload!cve_create+document_upload!cve_create login login+document_upload+document_upload!cve_create+document_upload!cve_create+document_upload!cve_create+document_upload!cve_create+document_upload !cve_create +document_upload !cve_create
+document_upload +document_upload+document_upload!cve_create+document_upload!cve_create#user_update login  logout
$<0E><0F><0F><0E><0F><0F><0F><0F>p[F1<0E><0E><0E><0E><0E><0E><0E><0F><0F><0F><0F><0F>xcN9$<0E><0E><0E><0E><0F>cve$cve#cve" document! document cvecveauth documentcve documentcveauthauth document documentcve documentcve documentcve documentcve document cve document cve
document document documentcve documentcveuserauth auth
$ <0C><0F><0F><0F><0F><0F>qYA)<0E><0E><0E><0E><0E><0E>iQ9! <0A> <0A> <0A> <0A> <0A> y a I 1   <0C> <0C> <0C> <0C>32026-02-09 17:13:06$32026-02-09 17:12:57#32026-02-09 17:11:09"32026-02-09 17:09:20!32026-02-09 15:41:16 32026-02-09 15:33:5732026-02-09 15:32:5132026-02-09 15:26:5732026-02-06 23:09:3032026-02-06 23:09:0832026-02-06 22:30:3732026-02-06 22:30:1932026-02-06 22:27:0932026-02-02 16:38:3132026-01-30 22:14:3232026-01-30 22:14:1032026-01-30 22:13:4032026-01-30 22:12:2532026-01-30 22:11:5432026-01-30 22:06:2632026-01-30 22:05:5332026-01-30 21:51:1732026-01-30 21:50:5232026-01-30 21:50:26 32026-01-30 21:50:05 32026-01-30 21:49:21 32026-01-30 21:48:39
32026-01-30 21:47:17 32026-01-30 21:44:2832026-01-30 21:43:5532026-01-30 21:43:2832026-01-30 21:38:3432026-01-30 21:37:5432026-01-30 19:37:2732026-01-30 19:37:053 2026-01-30 19:37:00 _7E B x <0B>
<EFBFBD> <09>e*[a<02>_<00>+ )<1B>1<17> =3CVE-2023-38408JuniperJUNIPER EXTERNAL Re Question regarding QFXACX vulnerability to CVE-2023-38408.msgemailuploads/CVE-2023-38408/Juniper/1769809877252-JUNIPER EXTERNAL Re Question regarding QFXACX vulnerability to CVE-2023-38408.msg62.50 KBapplication/octet-stream2026-01-30 21:51:17<31>Q )_<1D>7+3CVE-2023-38408VecimaVecima VBS Products - CVE-2023-38408.pdfadvisoryuploads/CVE-2023-38408/Vecima/1769809826006-Vecima VBS Products - CVE-2023-38408.pdf359.72 KBapplication/pdf2026-01-30 21:50:26<32>w )<17>W=3CVE-2023-38408Falcon_EXTERNAL_ CVEs detected on servers dedicated for FVS.msgemailuploads/CVE-2023-38408/Falcon/1769809761373-_EXTERNAL_ CVEs detected on servers dedicated for FVS.msg142.50 KBapplication/octet-stream2026-01-30 21:49:21<32>L )W<17>-=3CVE-2023-38408CiscoCISCO EXTERNAL Re CVE-2023-38408.msgemailuploads/CVE-2023-38408/Cisco/1769809637194-CISCO EXTERNAL Re CVE-2023-38408.msg44.50 KBapplication/octet-stream2026-01-30 21:47:17<31>X )]<17>337CVE-2023-25690Ciscod83e8dae-0765-4282-9baa-7da599af3c9f.PNGotheruploads/CVE-2023-25690/Cisco/1769809468697-d83e8dae-0765-4282-9baa-7da599af3c9f.PNG69.92 KBimage/png2026-01-30 21:44:28affected devices list<73>
)<17>%<1D>{+3CVE-2023-25690CiscoCVE-2023-25690 -Cisco NX-OS Software CLI Command Injection Vulnerability.pdfadvisoryuploads/CVE-2023-25690/Cisco/1769809434901-CVE-2023-25690 -Cisco NX-OS Software CLI Command Injection Vulnerability.pdf164.75 KBapplication/pdf2026-01-30 21:43:55<35>D '<1B>Q<1D>)+3CVE-2023-3824Juniper2024-10 Security Bulletin_ Junos OS_ J-Web_ Multiple vulnerabilities resolved in PHP software_.pdfBulletinuploads/CVE-2023-3824/Juniper/1769809114084-2024-10 Security Bulletin_ Junos OS_ J-Web_ Multiple vulnerabilities resolved in PHP software_.pdf115.06 KBapplication/pdf2026-01-30 21:38:34<33>@ '<1B>M<1D>%+3CVE-2015-7871Juniper2024-05 Reference Advisory_ Junos OS and Junos OS Evolved_ Multiple CVEs reported in OpenSSH.pdfadvisoryuploads/CVE-2015-7871/Juniper/1769796312213-2024-05 Reference Advisory_ Junos OS and Junos OS Evolved_ Multiple CVEs reported in OpenSSH.pdf228.85 KBapplication/pdf2026-01-30 18:05:12<31>: '<1B>G<1D>+3CVE-2015-7871Juniper2015-10 Out of Cycle Security Bulletin_ NTP.org announcement of multiple vulnerabilities_.pdfBulletinuploads/CVE-2015-7871/Juniper/1769796292852-2015-10 Out of Cycle Security Bulletin_ NTP.org announcement of multiple vulnerabilities_.pdf125.11 KBapplication/pdf2026-01-30 18:04:53<35>u '<17>U=3CVE-2013-4786Falcon_EXTERNAL_ CVEs detected on servers dedicated for FVS.msgemailuploads/CVE-2013-4786/Falcon/1769795581596-_EXTERNAL_ CVEs detected on servers dedicated for FVS.msg142.50 KBapplication/octet-stream2026-01-30 17:53:01<30> '-!<21>3CVE-2013-4786Falconvendor-webex.pngscreenshotuploads/CVE-2013-4786/Falcon/1769795558046-vendor-webex.png61.60 KBimage/png2026-01-30 17:52:38<33>G 'U<1D>-+3CVE-2011-4862AvocentACS 6000 Release Notes_v2_4_0_26.pdfadvisoryuploads/CVE-2011-4862/Avocent/1769795426570-ACS 6000 Release Notes_v2_4_0_26.pdf246.90 KBapplication/pdf2026-01-30 17:50:26<32> )<1B><1D>]=3CVE-2018-15473JuniperRe EXTERNAL Re Juniper vulnerabilities (CVE-2018-15473).msgadvisoryuploads/CVE-2018-15473/Juniper/1769628097293-Re EXTERNAL Re Juniper vulnerabilities (CVE-2018-15473).msg82.50 KBapplication/octet-stream2026-01-28 19:21:37<33>o )u<17>O=3CVE-2018-15473Juniper_EXTERNAL_ Re_ Juniper CVE-2018-15473 Discussion.msgemailuploads/CVE-2018-15473/Juniper/1769628071623-_EXTERNAL_ Re_ Juniper CVE-2018-15473 Discussion.msg146.50 KBapplication/octet-stream2026-01-28 19:21:11<31>F )]<1D>33CVE-2023-38408Cisco262597a6-90af-4cd8-9f96-9ab09b068a5b.PNGadvisoryuploads/CVE-2023-38408/Cisco/1769625210462-262597a6-90af-4cd8-9f96-9ab09b068a5b.PNG50.89 KBimage/png2026-01-28 18:33:30 y<0E> <0A> } q
$<08>y*<00>L #<1B>]<1D>1+3CVE-2024-87Juniper2025-08 Updated Reference Advisory_ Junos OS and Junos OS Evolved_ Multiple CVEs reported in OpenSSH.pdfadvisoryuploads/CVE-2024-87/Juniper/1770656960160-2025-08 Updated Reference Advisory_ Junos OS and Junos OS Evolved_ Multiple CVEs reported in OpenSSH.pdf328.67 KBapplication/pdf2026-02-09 17:09:20<32>P '<1B>]<1D>5+3CVE-2024-6387Juniper2025-08 Updated Reference Advisory_ Junos OS and Junos OS Evolved_ Multiple CVEs reported in OpenSSH.pdfadvisoryuploads/CVE-2024-6387/Juniper/1770651676304-2025-08 Updated Reference Advisory_ Junos OS and Junos OS Evolved_ Multiple CVEs reported in OpenSSH.pdf328.67 KBapplication/pdf2026-02-09 15:41:16<31>U '<17>Y<1D>-+3'CVE-2024-6387CiscoMultiple Cisco Products Unauthenticated Remote Code Execution in Erlang_OTP SSH Server_ April 2025.pdfadvisoryuploads/CVE-2024-6387/Cisco/1770419369680-Multiple Cisco Products Unauthenticated Remote Code Execution in Erlang_OTP SSH Server_ April 2025.pdf338.57 KBapplication/pdf2026-02-06 23:09:30for FP Status<75>J )<17>Y<1D>/+3CVE-2024-39894CiscoMultiple Cisco Products Unauthenticated Remote Code Execution in Erlang_OTP SSH Server_ April 2025.pdfadvisoryuploads/CVE-2024-39894/Cisco/1770417037130-Multiple Cisco Products Unauthenticated Remote Code Execution in Erlang_OTP SSH Server_ April 2025.pdf338.57 KBapplication/pdf2026-02-06 22:30:37<33>  )<1D> <1D>e=3CVE-2025-32433HarmonicRe_ _EXTERNAL_ RE_ Request for Information AA_HARMONI-2057.msgadvisoryuploads/CVE-2025-32433/Harmonic/1769811272023-Re_ _EXTERNAL_ RE_ Request for Information AA_HARMONI-2057.msg308.00 KBapplication/octet-stream2026-01-30 22:14:32<33>P )<1D>Y<1D>5+3CVE-2025-32433HarmonicMultiple Cisco Products Unauthenticated Remote Code Execution in Erlang_OTP SSH Server_ April 2025.pdfadvisoryuploads/CVE-2025-32433/Harmonic/1769811250311-Multiple Cisco Products Unauthenticated Remote Code Execution in Erlang_OTP SSH Server_ April 2025.pdf338.57 KBapplication/pdf2026-01-30 22:14:10<31>f )o<1D>K!+3CVE-2024-38475HarmonicHarmonic-vCMTS MISC SCAN (SECURITY-10313) PDF.pdfadvisoryuploads/CVE-2024-38475/Harmonic/1769811144660-Harmonic-vCMTS MISC SCAN (SECURITY-10313) PDF.pdf1310.02 KBapplication/pdf2026-01-30 22:12:25<32>D )<1B>O<1D>)+3CVE-2023-44487Juniper2024-10 Security Bulletin_ Junos OS_ Multiple vulnerabilities in OSS component nginx resolved.pdfbulletinuploads/CVE-2023-44487/Juniper/1769810785900-2024-10 Security Bulletin_ Junos OS_ Multiple vulnerabilities in OSS component nginx resolved.pdf139.58 KBapplication/pdf2026-01-30 22:06:26 <00><0F>o<0E>X
<EFBFBD>
/ g<08>4<07><06>`l<04>-<03><02><01><01>A<00>y
!)Y53jramoscve_createcveCVE-2024-39894{"vendor":"Cisco","severity":"Medium"}::ffff:142.136.2.1092026-02-06 22:30:19Q
-53jramosloginauth{"role":"admin"}::ffff:142.136.2.1092026-02-06 22:27:09Q
-53jramosloginauth{"role":"admin"}::ffff:142.136.2.1092026-02-02 16:38:31<33>O +)<29>s13jramosdocument_uploaddocumentCVE-2025-32433{"vendor":"Harmonic","type":"advisory","filename":"Re_ _EXTERNAL_ RE_ Request for Information AA_HARMONI-2057.msg"}::ffff:10.54.46.392026-01-30 22:14:32<33>w +)<29>C13jramosdocument_uploaddocumentCVE-2025-32433{"vendor":"Harmonic","type":"advisory","filename":"Multiple Cisco Products Unauthenticated Remote Code Execution in Erlang_OTP SSH Server_ April 2025.pdf"}::ffff:10.54.46.392026-01-30 22:14:10x
!)[13jramoscve_createcveCVE-2025-32433{"vendor":"Harmonic","severity":"High"}::ffff:10.54.46.392026-01-30 22:13:40<34>B +)<29>Y13jramosdocument_uploaddocumentCVE-2024-38475{"vendor":"Harmonic","type":"advisory","filename":"Harmonic-vCMTS MISC SCAN (SECURITY-10313) PDF.pdf"}::ffff:10.54.46.392026-01-30 22:12:25x
!)[13jramoscve_createcveCVE-2024-38475{"vendor":"Harmonic","severity":"High"}::ffff:10.54.46.392026-01-30 22:11:54<35>q +)<29>713jramosdocument_uploaddocumentCVE-2023-44487{"vendor":"Juniper","type":"bulletin","filename":"2024-10 Security Bulletin_ Junos OS_ Multiple vulnerabilities in OSS component nginx resolved.pdf"}::ffff:10.54.46.392026-01-30 22:06:26w
!)Y13jramoscve_createcveCVE-2023-44487{"vendor":"Juniper","severity":"High"}::ffff:10.54.46.392026-01-30 22:05:53<35>_ +)<29>13jramosdocument_uploaddocumentCVE-2023-38408{"vendor":"Juniper","type":"email","filename":"JUNIPER EXTERNAL Re Question regarding QFXACX vulnerability to CVE-2023-38408.msg"}::ffff:10.54.46.392026-01-30 21:51:17w
!)Y13jramoscve_createcveCVE-2023-38408{"vendor":"Juniper","severity":"High"}::ffff:10.54.46.392026-01-30 21:50:52<35>8 +)<29>E13jramosdocument_uploaddocumentCVE-2023-38408{"vendor":"Vecima","type":"advisory","filename":"Vecima VBS Products - CVE-2023-38408.pdf"}::ffff:10.54.46.392026-01-30 21:50:26v
!)W13jramoscve_createcveCVE-2023-38408{"vendor":"Vecima","severity":"High"}::ffff:10.54.46.392026-01-30 21:50:05<30>E +)<29>_13jramosdocument_uploaddocumentCVE-2023-38408{"vendor":"Falcon","type":"email","filename":"_EXTERNAL_ CVEs detected on servers dedicated for FVS.msg"}::ffff:10.54.46.392026-01-30 21:49:21v
!)W13jramoscve_createcveCVE-2023-38408{"vendor":"Falcon","severity":"High"}::ffff:10.54.46.392026-01-30 21:48:39<33>0 +)<29>513jramosdocument_uploaddocumentCVE-2023-38408{"vendor":"Cisco","type":"email","filename":"CISCO EXTERNAL Re CVE-2023-38408.msg"}::ffff:10.54.46.392026-01-30 21:47:17<31>3 +)<29>;13jramosdocument_uploaddocumentCVE-2023-25690{"vendor":"Cisco","type":"other","filename":"d83e8dae-0765-4282-9baa-7da599af3c9f.PNG"}::ffff:10.54.46.392026-01-30 21:44:28<32>Z +)<29> 13jramosdocument_uploaddocumentCVE-2023-25690{"vendor":"Cisco","type":"advisory","filename":"CVE-2023-25690 -Cisco NX-OS Software CLI Command Injection Vulnerability.pdf"}::ffff:10.54.46.392026-01-30 21:43:55u
!)U13jramoscve_createcveCVE-2023-25690{"vendor":"Cisco","severity":"High"}::ffff:10.54.46.392026-01-30 21:43:28<32>q +'<27>913jramosdocument_uploaddocumentCVE-2023-3824{"vendor":"Juniper","type":"Bulletin","filename":"2024-10 Security Bulletin_ Junos OS_ J-Web_ Multiple vulnerabilities resolved in PHP software_.pdf"}::ffff:10.54.46.392026-01-30 21:38:34v
!'Y13jramoscve_createcveCVE-2023-3824{"vendor":"Juniper","severity":"High"}::ffff:10.54.46.392026-01-30 21:37:54<35> #<0F>713jramosuser_updateuser1{"username":"admin","email":"admin@localhost","role":"admin","password_changed":true}::ffff:10.54.46.392026-01-30 19:37:27O
-13jramosloginauth{"role":"admin"}::ffff:10.54.46.392026-01-30 19:37:05>
13adminlogoutauth::ffff:10.54.46.392026-01-30 19:37:00 <0E> <0A> D <0C> R V
\ <09><08><00>$ !/<2F> 53jramoscve_deletecveCVE-2024-SAMPLE-1{"type":"all_vendors","vendors":["Microsoft","Cisco"],"count":2}::ffff:142.136.2.1092026-02-09 17:13:06<30>'# %<00>K53jramoscve_nvd_synccve{"count":17,"cve_ids":["CVE-2011-4862","CVE-2013-4786","CVE-2015-7871","CVE-2018-15473","CVE-2023-25690","CVE-2023-3824","CVE-2023-38408","CVE-2023-44487","CVE-2024-38475","CVE-2024-39894","CVE-2024-6387","CVE-2025-32433"]}::ffff:142.136.2.1092026-02-09 17:12:57<35>" !#<23>53jramoscve_deletecveCVE-2024-87{"type":"single_vendor","vendor":"Juniper","severity":"High"}::ffff:142.136.2.1092026-02-09 17:11:09<30>w! +#<23>E53jramosdocument_uploaddocumentCVE-2024-87{"vendor":"Juniper","type":"advisory","filename":"2025-08 Updated Reference Advisory_ Junos OS and Junos OS Evolved_ Multiple CVEs reported in OpenSSH.pdf"}::ffff:142.136.2.1092026-02-09 17:09:20<32>y +'<27>E53jramosdocument_uploaddocumentCVE-2024-6387{"vendor":"Juniper","type":"advisory","filename":"2025-08 Updated Reference Advisory_ Junos OS and Junos OS Evolved_ Multiple CVEs reported in OpenSSH.pdf"}::ffff:142.136.2.1092026-02-09 15:41:16x
!'Y53jramoscve_createcveCVE-2024-6387{"vendor":"Juniper","severity":"High"}::ffff:142.136.2.1092026-02-09 15:33:57v
!#Y53jramoscve_createcveCVE-2024-87{"vendor":"Juniper","severity":"High"}::ffff:142.136.2.1092026-02-09 15:32:51Q
-53jramosloginauth{"role":"admin"}::ffff:142.136.2.1092026-02-09 15:26:57<35>u +'<27>=53jramosdocument_uploaddocumentCVE-2024-6387{"vendor":"Cisco","type":"advisory","filename":"Multiple Cisco Products Unauthenticated Remote Code Execution in Erlang_OTP SSH Server_ April 2025.pdf"}::ffff:142.136.2.1092026-02-06 23:09:30v
!'U53jramoscve_createcveCVE-2024-6387{"vendor":"Cisco","severity":"High"}::ffff:142.136.2.1092026-02-06 23:09:08<30>v +)<29>=53jramosdocument_uploaddocumentCVE-2024-39894{"vendor":"Cisco","type":"advisory","filename":"Multiple Cisco Products Unauthenticated Remote Code Execution in Erlang_OTP SSH Server_ April 2025.pdf"}::ffff:142.136.2.1092026-02-06 22:30:37 <0E>; >; <0B>
2<08><07><06><02><02><02><00>, )<1D>3!33CVE-2023-38408CasaCriticalThe PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.2023-07-20Open2026-01-28 18:34:012026-02-09 17:12:57<35>!
)<1D>!33CVE-2023-25690CiscoCriticalSome mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.
Configurations are affected when mod_proxy is enabled along with some form of RewriteRule
or ProxyPassMatch in which a non-specific pattern matches
some portion of the user-supplied request-target (URL) data and is then
re-inserted into the proxied request-target using variable
substitution. For example, something like:
RewriteEngine on
RewriteRule "^/here/(.*)" "http://example.com:8080/elsewhere?$1"; [P]
ProxyPassReverse /here/ http://example.com:8080/
Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.2023-03-07Open2026-01-30 21:43:282026-02-09 17:12:57<35>^ '<1D>!33CVE-2023-3824JuniperCriticalIn PHP version 8.0.* before 8.0.30,  8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.2023-08-11Open2026-01-30 21:37:542026-02-09 17:12:57<35>\ '<1D>!33CVE-2015-7871JuniperCriticalCrypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.2017-08-07Open2026-01-30 18:04:072026-02-09 17:12:57<35>a '<15>#!33CVE-2013-4786FalconHighThe IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC.2013-07-08Open2026-01-30 17:52:072026-02-09 17:12:57<35>) '<15>1!33CVE-2011-4862AvocentHighBuffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.2011-12-25Open2026-01-30 17:49:572026-02-09 17:12:57<35>] )<19>!33CVE-2018-15473JuniperMediumOpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.2018-08-17Open2026-01-28 19:20:282026-02-09 17:12:57<35>- )<1D>3!33CVE-2023-38408CiscoCriticalThe PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.2023-07-20Open2026-01-28 18:33:022026-02-09 17:12:57/a!33CVE-2024-SAMPLE-1CiscoHighSample remote code execution vulnerability2024-01-15Open2026-01-28 16:04:462026-01-28 16:04:46<00>/a!33CVE-2024-SAMPLE-1MicrosoftCriticalSample remote code execution vulnerability2024-01-15Open2026-01-28 16:04:462026-01-28 16:04:46 /
s<08><0E>N/ <0A> $<02><00>% )<1D>!33CVE-2025-32433HarmonicCriticalErlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.2025-04-16Open2026-01-30 22:13:402026-02-09 17:12:57<35>t '<15>G!33CVE-2024-6387JuniperHighA security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.2024-07-01Open2026-02-09 15:33:572026-02-09 17:12:57<35>? )<1D>Q!33CVE-2024-38475HarmonicCriticalImproper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure.
Substitutions in server context that use a backreferences or variables as the first segment of the substitution are affected.  Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained.2024-07-01Open2026-01-30 22:11:542026-02-09 17:12:57<35>/ )<1D>3!33CVE-2023-38408JuniperCriticalThe PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.2023-07-20Open2026-01-30 21:50:522026-02-09 17:12:57<35>. )<1D>3!33CVE-2023-38408VecimaCriticalThe PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.2023-07-20Open2026-01-30 21:50:052026-02-09 17:12:57<35>. )<1D>3!33CVE-2023-38408FalconCriticalThe PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.2023-07-20Open2026-01-30 21:48:392026-02-09 17:12:57<35>r '<15>G!33CVE-2024-6387CiscoHighA security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.2024-07-01Open2026-02-06 23:09:082026-02-09 17:12:57<35>G )<15>o!33CVE-2024-39894CiscoHighOpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur.2024-07-02Open2026-02-06 22:30:192026-02-09 17:12:57<35> )<15>!33CVE-2023-44487JuniperHighThe HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.2023-10-10Open2026-01-30 22:05:532026-02-09 17:12:57
Reference in New Issue Copy Permalink