admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-01-28 19:00:57 +00:00
parent 6b06814399
commit 39b6386e0c
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
9 changed files with 825 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
2024/12xxx/CVE-2024-12085.json
View File

@ -133,6 +133,27 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:3.2.3-19.el9_2.1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support",
"version": {
@ -213,6 +234,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:0714"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:0774",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:0774"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-12085",
"refsource": "MISC",

18
2024/13xxx/CVE-2024-13775.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13775",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

351
2024/23xxx/CVE-2024-23138.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\n"
"value": "A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
]
},
@ -35,13 +35,338 @@
"vendor_name": "Autodesk",
"product": {
"product_data": [
{
"product_name": "AutoCAD",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.3"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.5"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.4"
},
{
"version_affected": "<",
"version_name": "2021",
"version_value": "2021.1.4"
}
]
}
},
{
"product_name": "AutoCAD Architecture",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.3"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.5"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.4"
},
{
"version_affected": "<",
"version_name": "2021",
"version_value": "2021.1.4"
}
]
}
},
{
"product_name": "AutoCAD Electrical",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.3"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.5"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.4"
},
{
"version_affected": "<",
"version_name": "2021",
"version_value": "2021.1.4"
}
]
}
},
{
"product_name": "AutoCAD Mechanical",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.3"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.5"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.4"
},
{
"version_affected": "<",
"version_name": "2021",
"version_value": "2021.1.4"
}
]
}
},
{
"product_name": "AutoCAD MEP",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.3"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.5"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.4"
},
{
"version_affected": "<",
"version_name": "2021",
"version_value": "2021.1.4"
}
]
}
},
{
"product_name": "AutoCAD Plant 3D",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.3"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.5"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.4"
},
{
"version_affected": "<",
"version_name": "2021",
"version_value": "2021.1.4"
}
]
}
},
{
"product_name": "Civil 3D",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.3"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.5"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.4"
},
{
"version_affected": "<",
"version_name": "2021",
"version_value": "2021.1.4"
}
]
}
},
{
"product_name": "Advance Steel",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.3"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.5"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.4"
},
{
"version_affected": "<",
"version_name": "2021",
"version_value": "2021.1.4"
}
]
}
},
{
"product_name": "AutoCAD MAP 3D",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.3"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.5"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.4"
},
{
"version_affected": "<",
"version_name": "2021",
"version_value": "2021.1.4"
}
]
}
},
{
"product_name": "AutoCAD LT",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.3"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.5"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.4"
},
{
"version_affected": "<",
"version_name": "2021",
"version_value": "2021.1.4"
}
]
}
},
{
"product_name": "AutoCAD Mac",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.3"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.5"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.4.1"
}
]
}
},
{
"product_name": "AutoCAD LT for Mac",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.3"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.5"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.4.1"
}
]
}
},
{
"product_name": "DWG TrueView",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2023"
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.3"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.5"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.4"
}
]
}
@ -62,9 +387,27 @@
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}
}

7
2024/9xxx/CVE-2024-9500.json
View File

@ -40,8 +40,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.10.0.17"
"version_affected": "<",
"version_name": "2.10.0.17",
"version_value": "2.10.0.20"
}
]
}
@ -65,7 +66,7 @@
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [

75
2025/0xxx/CVE-2025-0631.json
View File

@ -1,18 +1,83 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0631",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "PSIRT@rockwellautomation.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Credential Exposure Vulnerability exists in the above-mentioned product and version. The vulnerability is due to using HTTP resulting in credentials being sent in clear text."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-319 Cleartext Transmission of Sensitive Information",
"cweId": "CWE-319"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Rockwell Automation",
"product": {
"product_data": [
{
"product_name": "PowerFlex 755",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "<=16.002.279"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1717.html",
"refsource": "MISC",
"name": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1717.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "INTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to v20.3.407"
}
],
"value": "Upgrade to v20.3.407"
}
]
}

108
2025/0xxx/CVE-2025-0783.json
View File

@ -1,17 +1,117 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0783",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as problematic, was found in pankajindevops scale up to 20241113. This affects an unknown part of the component API Endpoint. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable."
},
{
"lang": "deu",
"value": "Es wurde eine problematische Schwachstelle in pankajindevops scale bis 20241113 gefunden. Es geht dabei um eine nicht klar definierte Funktion der Komponente API Endpoint. Durch das Beeinflussen mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Dieses Produkt setzt Rolling Releases ein. Aus diesem Grund sind Details zu betroffenen oder zu aktualisierende Versionen nicht verf\u00fcgbar."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Controls",
"cweId": "CWE-284"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Incorrect Privilege Assignment",
"cweId": "CWE-266"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "pankajindevops",
"product": {
"product_data": [
{
"product_name": "scale",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20241113"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.293907",
"refsource": "MISC",
"name": "https://vuldb.com/?id.293907"
},
{
"url": "https://vuldb.com/?ctiid.293907",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.293907"
},
{
"url": "https://vuldb.com/?submit.480350",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.480350"
},
{
"url": "https://docs.google.com/document/d/1FCJveTlXtJd8EJRW2-LXwuhno92JaVt3_98Iqrdoc6M/edit?tab=t.0#heading=h.bbpri264qnth",
"refsource": "MISC",
"name": "https://docs.google.com/document/d/1FCJveTlXtJd8EJRW2-LXwuhno92JaVt3_98Iqrdoc6M/edit?tab=t.0#heading=h.bbpri264qnth"
},
{
"url": "https://drive.google.com/file/d/1KqzS5bMyPtgO9eIk_-que50tZU097RVi/view",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/1KqzS5bMyPtgO9eIk_-que50tZU097RVi/view"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

78
2025/22xxx/CVE-2025-22217.json
View File

@ -1,17 +1,87 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-22217",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Avi Load Balancer contains an unauthenticated blind SQL Injection vulnerability which was privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products.\u00a0\n\nA malicious user with network access may be able to use specially crafted SQL queries to gain database access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "N/A",
"product": {
"product_data": [
{
"product_name": "VMware AVI Load Balancer",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "VMware AVI Load Balancer 30.1.x and VMware AVI Load Balancer 30.2.x and"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25346",
"refsource": "MISC",
"name": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25346"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
]
}

104
2025/24xxx/CVE-2025-24478.json
View File

@ -1,18 +1,112 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-24478",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "PSIRT@rockwellautomation.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A denial-of-service vulnerability exists in the affected products. The vulnerability could allow a remote, non-privileged user to send malicious requests resulting in a major nonrecoverable fault causing a denial-of-service."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-755 Improper Handling of Exceptional Conditions",
"cweId": "CWE-755"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Rockwell Automation",
"product": {
"product_data": [
{
"product_name": "1756-L8zS3 / 1756-L3zS3",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "33.011"
},
{
"version_affected": "=",
"version_value": "33.012"
},
{
"version_affected": "=",
"version_value": "33.015"
},
{
"version_affected": "=",
"version_value": "34.011"
},
{
"version_affected": "=",
"version_value": "35.011"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1718.html",
"refsource": "MISC",
"name": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1718.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<span style=\"background-color: rgb(255, 255, 255);\">Restrict Access to the task object via CIP Security and Hard Run.</span><br>"
}
],
"value": "Restrict Access to the task object via CIP Security and Hard Run."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<span style=\"background-color: rgb(255, 255, 255);\">Upgrade to the following versions: </span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">V33.017, V34.014, V35.013, V36.011.</span><br>"
}
],
"value": "Upgrade to the following versions: \u00a0V33.017, V34.014, V35.013, V36.011."
}
]
}

88
2025/24xxx/CVE-2025-24479.json
View File

@ -1,18 +1,96 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-24479",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "PSIRT@rockwellautomation.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Local Code Execution Vulnerability exists in the product and version listed above. The vulnerability is due to a default setting in Windows and allows access to the Command Prompt as a higher privileged user."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863 Incorrect Authorization",
"cweId": "CWE-863"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Rockwell Automation",
"product": {
"product_data": [
{
"product_name": "FactoryTalk View Machine Edition",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "<V15"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1719.html",
"refsource": "MISC",
"name": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1719.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>Control physical access to the system</p>\n\n<br>"
}
],
"value": "Control physical access to the system"
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<span style=\"background-color: rgb(255, 255, 255);\">Upgrade to V15.00 or apply patch in AID 1152309</span><br>"
}
],
"value": "Upgrade to V15.00 or apply patch in AID 1152309"
}
]
}