Jacob Baines

This currently looks wacky. It's meant to return true if it's `ok` but receiving variables seem to be `err` which is obviously confusing. https://github.com/vulncheck-oss/go-exploit/blob/c3034af6e09ebf3ce7d442e19654f92081969509/protocol/httphelper.go#L226

The CISA ADP has the wrong CPE/vendor/product for CVE-2023-6892. The vendor and product should be wpfactory and ean_for_woocommerce respectively. This is a different product from woocommerce: 1. https://wordpress.org/plugins/ean-for-woocommerce/#description 2. https://wordpress.org/plugins/woocommerce/...

CVE-2023-28330 is another vulnerability that the CISA ADP attributes to Linux/Linux Kernel, when it should in fact be [Moodle](https://moodle.org/mod/forum/discuss.php?d=445062). Additionally, the `versions` arrays are wrong. The CNA provided, as far...

CVE-2023-25399 [reportedly](https://web.archive.org/web/20230706040445/http://www.square16.org/achievement/cve-2023-25399/) affects SciPy before 1.10.0. The `versions` array didn't properly express this. Using `"lessThan":"1.10.0"` (which CISA already had) with `"version":"0"`, I believe, is the preferred way to describe the...

CVE-2023-5002 is a vulnerability affecting [pgAdmin](https://github.com/pgadmin-org/pgadmin4/issues/6763). Currently, CISA ADP indicates the vulnerability is associated with the Linux kernel. Additionally, according to Red Hat's [bugzilla](https://bugzilla.redhat.com/show_bug.cgi?id=2239164) and the pgAdmin [issue](https://github.com/pgadmin-org/pgadmin4/issues/6763), this was...

Looking at CVE-2024-5245, I saw the CISA ADP had, what I thought to be, a questionable version string. ```json "affected": [ { "cpes": [ "cpe:2.3:a:netgear:prosafe_network_management_system:1.7.0.34:*:*:*:*:*:*:*" ], "vendor": "netgear", "product": "prosafe_network_management_system",...

Automated changes by [create-pull-request](https://github.com/peter-evans/create-pull-request) GitHub action