admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-02-10 21:00:37 +00:00
parent 94f8db1424
commit bf1bedfc56
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
26 changed files with 1303 additions and 306 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2024/11xxx/CVE-2024-11422.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},

2
2024/12xxx/CVE-2024-12191.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},

2
2024/12xxx/CVE-2024-12192.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted DWF file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted DWF file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},

2
2024/12xxx/CVE-2024-12193.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},

2
2024/12xxx/CVE-2024-12197.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},

2
2024/12xxx/CVE-2024-12198.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},

2
2024/12xxx/CVE-2024-12199.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},

2
2024/12xxx/CVE-2024-12200.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},

2
2024/12xxx/CVE-2024-12671.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},

18
2024/13xxx/CVE-2024-13854.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13854",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/13xxx/CVE-2024-13855.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13855",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

2
2024/23xxx/CVE-2024-23139.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "An Out-Of-Bounds Write Vulnerability in Autodesk FBX Review version 1.5.3.0 and prior may lead to code execution or information disclosure through maliciously crafted ActionScript Byte Code \u201cABC\u201d files. ABC files are created by the Flash compiler and contain executable code. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
"value": "A maliciously crafted ABC file, when parsed through Autodesk FBX, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},

258
2024/23xxx/CVE-2024-23150.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted PRT file, when parsed in odxug_dll.dll through Autodesk applications, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted PRT file, when parsed in odxug_dll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},
@ -36,12 +36,244 @@
"product": {
"product_data": [
{
"product_name": "AutoCAD, Advance Steel and Civil 3D",
"product_name": "AutoCAD",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2024"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD Architecture",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD Electrical",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD Mechanical",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD MEP",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD Plant 3D",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "Civil 3D",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "Advance Steel",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD MAP 3D",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
@ -66,5 +298,23 @@
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}
}

258
2024/23xxx/CVE-2024-23151.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted 3DM file, when parsed in ASMkern229A.dll through Autodesk applications, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted 3DM file, when parsed in ASMkern229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},
@ -36,12 +36,244 @@
"product": {
"product_data": [
{
"product_name": "AutoCAD, Advance Steel and Civil 3D",
"product_name": "AutoCAD",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2024"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD Architecture",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD Electrical",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD Mechanical",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD MEP",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD Plant 3D",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "Civil 3D",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "Advance Steel",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD MAP 3D",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
@ -66,5 +298,23 @@
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}
}

258
2024/36xxx/CVE-2024-36999.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},
@ -36,12 +36,244 @@
"product": {
"product_data": [
{
"product_name": "AutoCAD, Advance Steel and Civil 3D",
"product_name": "AutoCAD",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2024"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD Architecture",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD Electrical",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD Mechanical",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD MEP",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD Plant 3D",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "Civil 3D",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "Advance Steel",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
},
{
"product_name": "AutoCAD MAP 3D",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.5"
},
{
"version_affected": "<",
"version_name": "2023",
"version_value": "2023.1.6"
},
{
"version_affected": "<",
"version_name": "2022",
"version_value": "2022.1.5"
}
]
}
@ -66,5 +298,23 @@
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}
}

134
2024/7xxx/CVE-2024-7305.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted DWF file, when parsed in AdDwfPdk.dll through Autodesk AutoCAD, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted DWF file, when parsed in AdDwfPdk.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},
@ -40,12 +40,14 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "=",
"version_value": "2024"
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.6"
}
]
}
@ -55,12 +57,14 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "=",
"version_value": "2024"
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.6"
}
]
}
@ -70,12 +74,14 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "=",
"version_value": "2024"
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.6"
}
]
}
@ -85,12 +91,14 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "=",
"version_value": "2024"
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.6"
}
]
}
@ -100,12 +108,14 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "=",
"version_value": "2024"
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.6"
}
]
}
@ -115,12 +125,14 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "=",
"version_value": "2024"
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.6"
}
]
}
@ -130,12 +142,14 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "=",
"version_value": "2024"
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.6"
}
]
}
@ -145,12 +159,14 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "=",
"version_value": "2024"
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.6"
}
]
}
@ -160,12 +176,14 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "=",
"version_value": "2024"
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.6"
}
]
}
@ -175,12 +193,46 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1"
},
{
"version_affected": "=",
"version_value": "2024"
"version_affected": "<",
"version_name": "2024",
"version_value": "2024.1.6"
}
]
}
},
{
"product_name": "AutoCAD Map 3D",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "2025.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThanOrEqual": "2024.1.6",
"status": "affected",
"version": "2024",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}

2
2024/7xxx/CVE-2024-7671.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},

2
2024/7xxx/CVE-2024-7672.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},

2
2024/7xxx/CVE-2024-7991.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},

2
2024/7xxx/CVE-2024-7993.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted PDF file, when parsed through Autodesk Revit, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},

122
2024/8xxx/CVE-2024-8593.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted CATPART file when parsed in ASMKERN230A.dll through Autodesk AutoCAD can force a Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted CATPART file, when parsed in ASMKERN230A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},
@ -40,18 +40,9 @@
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "2025.1.1",
"status": "unaffected",
"version": "2025",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -61,18 +52,9 @@
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "2025.1.1",
"status": "unaffected",
"version": "2025",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -82,18 +64,9 @@
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "2025.1.1",
"status": "unaffected",
"version": "2025",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -103,18 +76,9 @@
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "2025.1.1",
"status": "unaffected",
"version": "2025",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -124,18 +88,9 @@
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "2025.1.1",
"status": "unaffected",
"version": "2025",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -145,18 +100,9 @@
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "2025.1.1",
"status": "unaffected",
"version": "2025",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -166,18 +112,9 @@
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "2025.1.1",
"status": "unaffected",
"version": "2025",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -194,18 +131,9 @@
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "2025.1.1",
"status": "unaffected",
"version": "2025",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}

122
2024/8xxx/CVE-2024-8596.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force an Out-of-Bound Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},
@ -40,18 +40,9 @@
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "2025.1.1",
"status": "unaffected",
"version": "2025",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -61,18 +52,9 @@
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "2025.1.1",
"status": "unaffected",
"version": "2025",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -82,18 +64,9 @@
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "2025.1.1",
"status": "unaffected",
"version": "2025",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -103,18 +76,9 @@
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "2025.1.1",
"status": "unaffected",
"version": "2025",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -124,18 +88,9 @@
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "2025.1.1",
"status": "unaffected",
"version": "2025",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -145,18 +100,9 @@
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "2025.1.1",
"status": "unaffected",
"version": "2025",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -166,18 +112,9 @@
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "2025.1.1",
"status": "unaffected",
"version": "2025",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -194,18 +131,9 @@
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "2025.1.1",
"status": "unaffected",
"version": "2025",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}

82
2024/9xxx/CVE-2024-9996.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
"value": "A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
]
},
@ -40,8 +40,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -51,8 +52,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -62,8 +64,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -73,8 +76,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -84,8 +88,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -95,8 +100,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -106,8 +112,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -117,8 +124,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -128,8 +136,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -139,8 +148,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -150,8 +160,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -161,8 +172,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -172,8 +184,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -183,8 +196,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -194,8 +208,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}
@ -212,8 +227,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2025"
"version_affected": "<",
"version_name": "2025",
"version_value": "2025.1.1"
}
]
}

98
2025/1xxx/CVE-2025-1002.json
View File

@ -1,17 +1,107 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-1002",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "MicroDicom DICOM Viewer\u00a0version 2024.03\n\nfails to adequately verify the update server's certificate, which could make it possible for attackers in a privileged network position to alter network traffic and carry out a machine-in-the-middle (MITM) attack. This allows the attackers to modify the server's response and deliver a malicious update to the user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295 Improper Certificate Validation",
"cweId": "CWE-295"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MicroDicom",
"product": {
"product_data": [
{
"product_name": "DICOM Viewer",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2024.03"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-037-01",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-037-01"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "ICSMA-25-037-01",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<span style=\"background-color: rgb(255, 255, 255);\">MicroDicom recommends users upgrade to DICOM Viewer version </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.microdicom.com/downloads.html\">2025.1</a><span style=\"background-color: rgb(255, 255, 255);\">.</span>\n\n<br>"
}
],
"value": "MicroDicom recommends users upgrade to DICOM Viewer version 2025.1 https://www.microdicom.com/downloads.html ."
}
],
"credits": [
{
"lang": "en",
"value": "Sharon Brizinov of Claroty Team82 reported this vulnerability to CISA."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
]
}

109
2025/1xxx/CVE-2025-1155.json
View File

@ -1,17 +1,118 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-1155",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. This affects an unknown part of the file /stores of the component Your Location Search. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. It is planned to remove this page in the long term."
},
{
"lang": "deu",
"value": "Es wurde eine problematische Schwachstelle in Webkul QloApps 1.6.1 gefunden. Betroffen hiervon ist ein unbekannter Ablauf der Datei /stores der Komponente Your Location Search. Mittels Manipulieren mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting",
"cweId": "CWE-79"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Code Injection",
"cweId": "CWE-94"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Webkul",
"product": {
"product_data": [
{
"product_name": "QloApps",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.6.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.295059",
"refsource": "MISC",
"name": "https://vuldb.com/?id.295059"
},
{
"url": "https://vuldb.com/?ctiid.295059",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.295059"
},
{
"url": "https://vuldb.com/?submit.492777",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.492777"
},
{
"url": "https://github.com/mano257200/Qloapp-XSS-Vulnerability/tree/main",
"refsource": "MISC",
"name": "https://github.com/mano257200/Qloapp-XSS-Vulnerability/tree/main"
}
]
},
"credits": [
{
"lang": "en",
"value": "Mahendravarman (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 4.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N"
}
]
}

104
2025/1xxx/CVE-2025-1156.json
View File

@ -1,17 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-1156",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been found in Pix Software Vivaz 6.0.10 and classified as critical. This vulnerability affects unknown code of the file /servlet?act=login. The manipulation of the argument usuario leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "In Pix Software Vivaz 6.0.10 wurde eine kritische Schwachstelle gefunden. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei /servlet?act=login. Durch das Manipulieren des Arguments usuario mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection",
"cweId": "CWE-89"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Injection",
"cweId": "CWE-74"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Pix Software",
"product": {
"product_data": [
{
"product_name": "Vivaz",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "6.0.10"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.295060",
"refsource": "MISC",
"name": "https://vuldb.com/?id.295060"
},
{
"url": "https://vuldb.com/?ctiid.295060",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.295060"
},
{
"url": "https://vuldb.com/?submit.493482",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.493482"
}
]
},
"credits": [
{
"lang": "en",
"value": "Stux (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 7.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
}
]
}