diff --git a/cves.json b/cves.json
index 160b9d0298..b5bbba72c0 100644
--- a/cves.json
+++ b/cves.json
@@ -1639,7 +1639,7 @@
 {"ID":"CVE-2022-22242","Info":{"Name":"Juniper Web Device Manager - Cross-Site Scripting","Severity":"medium","Description":"Juniper Web Device Manager (J-Web) in Junos OS contains a cross-site scripting vulnerability. This can allow an unauthenticated attacker to run malicious scripts reflected off J-Web to the victim's browser in the context of their session within J-Web, which can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue affects all versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R2-S7, 19.4R3-S8; 20.1 versions prior to 20.1R3-S5; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R2.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-22242.yaml"}
 {"ID":"CVE-2022-22536","Info":{"Name":"SAP Memory Pipes (MPI) Desynchronization","Severity":"critical","Description":"SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable to request smuggling and request concatenation attacks. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2022/CVE-2022-22536.yaml"}
 {"ID":"CVE-2022-22733","Info":{"Name":"Apache ShardingSphere ElasticJob-UI privilege escalation","Severity":"medium","Description":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache ShardingSphere ElasticJob-UI allows an attacker who has guest account to do privilege escalation. This issue affects Apache ShardingSphere ElasticJob-UI Apache ShardingSphere ElasticJob-UI 3.x version 3.0.0 and prior versions.\n","Classification":{"CVSSScore":"6.5"}},"file_path":"http/cves/2022/CVE-2022-22733.yaml"}
-{"ID":"CVE-2022-22897","Info":{"Name":"PrestaShop Ap Pagebuilder \u003c= 2.4.4 SQL Injection","Severity":"critical","Description":"A SQL injection vulnerability in the product_all_one_img and image_product parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-22897.yaml"}
+{"ID":"CVE-2022-22897","Info":{"Name":"PrestaShop AP Pagebuilder \u003c= 2.4.4 - SQL Injection","Severity":"critical","Description":"A SQL injection vulnerability in the product_all_one_img and image_product parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-22897.yaml"}
 {"ID":"CVE-2022-2290","Info":{"Name":"Trilium \u003c0.52.4 - Cross-Site Scripting","Severity":"medium","Description":"Trilium prior to 0.52.4, 0.53.1-beta contains a cross-site scripting vulnerability which can allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-2290.yaml"}
 {"ID":"CVE-2022-22947","Info":{"Name":"Spring Cloud Gateway Code Injection","Severity":"critical","Description":"Applications using Spring Cloud Gateway prior to 3.1.1+ and 3.0.7+ are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2022/CVE-2022-22947.yaml"}
 {"ID":"CVE-2022-22954","Info":{"Name":"VMware Workspace ONE Access - Server-Side Template Injection","Severity":"critical","Description":"VMware Workspace ONE Access is susceptible to a remote code execution vulnerability due to a server-side template injection flaw. An unauthenticated attacker with network access could exploit this vulnerability by sending a specially crafted request to a vulnerable VMware Workspace ONE or Identity Manager.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-22954.yaml"}
@@ -2181,6 +2181,7 @@
 {"ID":"CVE-2023-35844","Info":{"Name":"Lightdash version \u003c= 0.510.3 Arbitrary File Read","Severity":"high","Description":"packages/backend/src/routers in Lightdash before 0.510.3\nhas insecure file endpoints, e.g., they allow .. directory\ntraversal and do not ensure that an intended file extension\n(.csv or .png) is used.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-35844.yaml"}
 {"ID":"CVE-2023-35885","Info":{"Name":"Cloudpanel 2 \u003c 2.3.1 - Remote Code Execution","Severity":"critical","Description":"CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-35885.yaml"}
 {"ID":"CVE-2023-36144","Info":{"Name":"Intelbras Switch - Information Disclosure","Severity":"high","Description":"An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the device, exposing critical information about the device configuration.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-36144.yaml"}
+{"ID":"CVE-2023-36284","Info":{"Name":"QloApps 1.6.0 - SQL Injection","Severity":"high","Description":"An unauthenticated Time-Based SQL injection found in Webkul QloApps 1.6.0 via GET parameters date_from, date_to, and id_product allows a remote attacker to retrieve the contents of an entire database.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-36284.yaml"}
 {"ID":"CVE-2023-36287","Info":{"Name":"Webkul QloApps 1.6.0 - Cross-site Scripting","Severity":"medium","Description":"An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user's session cookie and then impersonate that user via POST controller parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-36287.yaml"}
 {"ID":"CVE-2023-36289","Info":{"Name":"Webkul QloApps 1.6.0 - Cross-site Scripting","Severity":"medium","Description":"An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user's session cookie and then impersonate that user via POST email_create and back parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-36289.yaml"}
 {"ID":"CVE-2023-36306","Info":{"Name":"Adiscon LogAnalyzer v.4.1.13 - Cross-Site Scripting","Severity":"medium","Description":"A Cross Site Scripting (XSS) vulnerability in Adiscon Aiscon LogAnalyzer through 4.1.13 allows a remote attacker to execute arbitrary code via the asktheoracle.php\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-36306.yaml"}
@@ -2274,6 +2275,7 @@
 {"ID":"CVE-2023-44813","Info":{"Name":"mooSocial v.3.1.8 - Cross-Site Scripting","Severity":"medium","Description":"Cross-Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the mode parameter of the invite friend login function.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-44813.yaml"}
 {"ID":"CVE-2023-4521","Info":{"Name":"Import XML and RSS Feeds \u003c 2.1.5 - Unauthenticated RCE","Severity":"critical","Description":"The Import XML and RSS Feeds WordPress plugin before 2.1.5 allows unauthenticated attackers to execute arbitrary commands via a web shell.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-4521.yaml"}
 {"ID":"CVE-2023-45375","Info":{"Name":"PrestaShop PireosPay - SQL Injection","Severity":"high","Description":"In the module “PireosPay” (pireospay) up to version 1.7.9 from 01generator.com for PrestaShop, a guest can perform SQL injection in affected versions.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2023/CVE-2023-45375.yaml"}
+{"ID":"CVE-2023-4542","Info":{"Name":"D-Link DAR-8000-10 - Command Injection","Severity":"critical","Description":"D-Link DAR-8000-10 version has an operating system command injection vulnerability. The vulnerability originates from the parameter id of the file /app/sys1.php which can lead to operating system command injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-4542.yaml"}
 {"ID":"CVE-2023-4547","Info":{"Name":"SPA-Cart eCommerce CMS 1.9.0.3 - Cross-Site Scripting","Severity":"medium","Description":"A vulnerability was found in SPA-Cart eCommerce CMS 1.9.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search. The manipulation of the argument filter[brandid]/filter[price] leads to cross site scripting. The attack may be launched remotely. VDB-238058 is the identifier assigned to this vulnerability.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-4547.yaml"}
 {"ID":"CVE-2023-45542","Info":{"Name":"MooSocial 3.1.8 - Cross-Site Scripting","Severity":"medium","Description":"A reflected cross-site scripting (XSS) vulnerability exisits in the q parameter on search function of mooSocial v3.1.8 which allows attackers to steal user's session cookies and impersonate their account via a crafted URL.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-45542.yaml"}
 {"ID":"CVE-2023-45671","Info":{"Name":"Frigate \u003c 0.13.0 Beta 3 - Cross-Site Scripting","Severity":"medium","Description":"Frigate is an open source network video recorder. Before version 0.13.0 Beta 3, there is a reflected cross-site scripting vulnerability in any API endpoints reliant on the `/\u003ccamera_name\u003e` base path as values provided for the path are not sanitized. Exploiting this vulnerability requires the attacker to both know very specific information about a user's Frigate server and requires an authenticated user to be tricked into clicking a specially crafted link to their Frigate instance. This vulnerability could exploited by an attacker under the following circumstances: Frigate publicly exposed to the internet (even with authentication); attacker knows the address of a user's Frigate instance; attacker crafts a specialized page which links to the user's Frigate instance; attacker finds a way to get an authenticated user to visit their specialized page and click the button/link. As the reflected values included in the URL are not sanitized or escaped, this permits execution arbitrary Javascript payloads. Version 0.13.0 Beta 3 contains a patch for this issue.\n","Classification":{"CVSSScore":"4.7"}},"file_path":"http/cves/2023/CVE-2023-45671.yaml"}
@@ -2322,6 +2324,7 @@
 {"ID":"CVE-2023-6023","Info":{"Name":"VertaAI ModelDB - Path Traversal","Severity":"high","Description":"The endpoint \"/api/v1/artifact/getArtifact?artifact_path=\" is vulnerable to path traversal. The main cause of this vulnerability is due to the lack of validation and sanitization of the artifact_path parameter.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-6023.yaml"}
 {"ID":"CVE-2023-6038","Info":{"Name":"H2O ImportFiles - Local File Inclusion","Severity":"high","Description":"An attacker is able to read any file on the server hosting the H2O dashboard without any authentication.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-6038.yaml"}
 {"ID":"CVE-2023-6063","Info":{"Name":"WP Fastest Cache 1.2.2 - Unauthenticated SQL Injection","Severity":"high","Description":"The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-6063.yaml"}
+{"ID":"CVE-2023-6065","Info":{"Name":"Quttera Web Malware Scanner \u003c= 3.4.1.48 - Sensitive Data Exposure","Severity":"medium","Description":"The Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 doesn't restrict access to detailed scan logs, which allows a malicious actor to discover local paths and portions of the site's code\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2023/CVE-2023-6065.yaml"}
 {"ID":"CVE-2023-6114","Info":{"Name":"Duplicator \u003c 1.5.7.1; Duplicator Pro \u003c 4.5.14.2 - Unauthenticated Sensitive Data Exposure","Severity":"high","Description":"The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2 does not disallow listing the `backups-dup-lite/tmp` directory (or the `backups-dup-pro/tmp` directory in the Pro version), which temporarily stores files containing sensitive data. When directory listing is enabled in the web server, this allows unauthenticated attackers to discover and access these sensitive files, which include a full database dump and a zip archive of the site.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-6114.yaml"}
 {"ID":"CVE-2023-6360","Info":{"Name":"WordPress My Calendar \u003c3.4.22 - SQL Injection","Severity":"critical","Description":"WordPress My Calendar plugin versions before 3.4.22 are vulnerable to an unauthenticated SQL injection within the 'from' and 'to' parameters of the '/my-calendar/v1/events' REST route.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-6360.yaml"}
 {"ID":"CVE-2023-6379","Info":{"Name":"OpenCMS 14 \u0026 15 - Cross Site Scripting","Severity":"medium","Description":"Cross-site scripting (XSS) vulnerability in Alkacon Software Open CMS, affecting versions 14 and 15 of the 'Mercury' template.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-6379.yaml"}
@@ -2338,6 +2341,7 @@
 {"ID":"CVE-2023-6977","Info":{"Name":"Mlflow \u003c2.8.0 - Local File Inclusion","Severity":"high","Description":"Mlflow before 2.8.0 is susceptible to local file inclusion due to path traversal in GitHub repository mlflow/mlflow. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-6977.yaml"}
 {"ID":"CVE-2023-6989","Info":{"Name":"Shield Security WP Plugin \u003c= 18.5.9 - Local File Inclusion","Severity":"critical","Description":"The Shield Security Smart Bot Blocking \u0026 Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the render_action_template parameter. This makes it possible for unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-6989.yaml"}
 {"ID":"CVE-2023-7028","Info":{"Name":"GitLab - Account Takeover via Password Reset","Severity":"critical","Description":"An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2023/CVE-2023-7028.yaml"}
+{"ID":"CVE-2024-0195","Info":{"Name":"SpiderFlow Crawler Platform - Remote Code Execution","Severity":"critical","Description":"A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249510 is the identifier assigned to this vulnerability.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-0195.yaml"}
 {"ID":"CVE-2024-0200","Info":{"Name":"Github Enterprise Authenticated Remote Code Execution","Severity":"critical","Description":"An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into an account on the GHES instance with the organization owner role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.13, 3.9.8, 3.10.5, and 3.11.3.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-0200.yaml"}
 {"ID":"CVE-2024-0204","Info":{"Name":"Fortra GoAnywhere MFT - Authentication Bypass","Severity":"critical","Description":"Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-0204.yaml"}
 {"ID":"CVE-2024-0235","Info":{"Name":"EventON (Free \u003c 2.2.8, Premium \u003c 4.5.5) - Information Disclosure","Severity":"medium","Description":"The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorization in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-0235.yaml"}
@@ -2398,11 +2402,13 @@
 {"ID":"CVE-2024-32640","Info":{"Name":"Mura/Masa CMS - SQL Injection","Severity":"critical","Description":"The Mura/Masa CMS is vulnerable to SQL Injection.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-32640.yaml"}
 {"ID":"CVE-2024-32651","Info":{"Name":"Change Detection - Server Side Template Injection","Severity":"critical","Description":"A Server Side Template Injection in changedetection.io caused by usage of unsafe functions of Jinja2 allows Remote Command Execution on the server host.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2024/CVE-2024-32651.yaml"}
 {"ID":"CVE-2024-3273","Info":{"Name":"D-Link Network Attached Storage - Command Injection and Backdoor Account","Severity":"high","Description":"UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.\n","Classification":{"CVSSScore":"7.3"}},"file_path":"http/cves/2024/CVE-2024-3273.yaml"}
+{"ID":"CVE-2024-33288","Info":{"Name":"Prison Management System - SQL Injection Authentication Bypass","Severity":"high","Description":"Sql injection vulnerability was found on the login page in Prison Management System\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-33288.yaml"}
 {"ID":"CVE-2024-33575","Info":{"Name":"User Meta WP Plugin \u003c 3.1 - Sensitive Information Exposure","Severity":"medium","Description":"The User Meta is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0 via the /views/debug.php file. This makes it possible for unauthenticated attackers, with to extract sensitive configuration data.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-33575.yaml"}
 {"ID":"CVE-2024-33724","Info":{"Name":"SOPlanning 1.52.00 Cross Site Scripting","Severity":"medium","Description":"SOPlanning v1.52.00 is vulnerable to XSS via the 'groupe_id' parameters a remote unautheticated attacker can hijack the admin account or other users. The remote attacker can hijack a users session or credentials and perform a takeover of the entire platform.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-33724.yaml"}
 {"ID":"CVE-2024-3400","Info":{"Name":"GlobalProtect - OS Command Injection","Severity":"critical","Description":"A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2024/CVE-2024-3400.yaml"}
 {"ID":"CVE-2024-4040","Info":{"Name":"CrushFTP VFS - Sandbox Escape LFR","Severity":"critical","Description":"VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS Sandbox.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2024/CVE-2024-4040.yaml"}
 {"ID":"CVE-2024-4348","Info":{"Name":"osCommerce v4.0 - Cross-site Scripting","Severity":"medium","Description":"A vulnerability, which was classified as problematic, was found in osCommerce 4. Affected is an unknown function of the file /catalog/all-products. The manipulation of the argument cat leads to cross site scripting. It is possible to launch the attack remotely.\n","Classification":{"CVSSScore":"4.3"}},"file_path":"http/cves/2024/CVE-2024-4348.yaml"}
+{"ID":"CVE-2024-4956","Info":{"Name":"Sonatype Nexus Repository Manager 3 - Local File Inclusion","Severity":"high","Description":"Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-4956.yaml"}
 {"ID":"CVE-2001-1473","Info":{"Name":"Deprecated SSHv1 Protocol Detection","Severity":"high","Description":"SSHv1 is deprecated and has known cryptographic issues.","Classification":{"CVSSScore":"7.5"}},"file_path":"network/cves/2001/CVE-2001-1473.yaml"}
 {"ID":"CVE-2011-2523","Info":{"Name":"VSFTPD 2.3.4 - Backdoor Command Execution","Severity":"critical","Description":"VSFTPD v2.3.4 had a serious backdoor vulnerability allowing attackers to execute arbitrary commands on the server with root-level access. The backdoor was triggered by a specific string of characters in a user login request, which allowed attackers to execute any command they wanted.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"network/cves/2011/CVE-2011-2523.yaml"}
 {"ID":"CVE-2015-3306","Info":{"Name":"ProFTPd - Remote Code Execution","Severity":"critical","Description":"ProFTPD 1.3.5 contains a remote code execution vulnerability via the mod_copy module which allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.","Classification":{"CVSSScore":"10"}},"file_path":"network/cves/2015/CVE-2015-3306.yaml"}
diff --git a/cves.json-checksum.txt b/cves.json-checksum.txt
index 341b934c1f..a8bbfdcf41 100644
--- a/cves.json-checksum.txt
+++ b/cves.json-checksum.txt
@@ -1 +1 @@
-6cee9d81045ba3fb25589784532a78e4
+2ecfbdb4298145f0427a7bc3f0ccd192