admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-10-09T16:00:24.936823+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-10-09 16:03:27 +00:00
parent d00a058b64
commit 004393da16
116 changed files with 7346 additions and 526 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2016/CVE-2016-34xx/CVE-2016-3427.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-3427",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2016-04-21T11:00:21.667",
"lastModified": "2024-10-08T15:35:00.827",
"vulnStatus": "Modified",
"lastModified": "2024-10-09T14:41:20.383",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2023-05-12",
"cisaActionDue": "2023-06-02",

12
CVE-2021/CVE-2021-16xx/CVE-2021-1647.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-1647",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-01-12T20:15:30.727",
"lastModified": "2024-10-08T17:15:15.817",
"vulnStatus": "Modified",
"lastModified": "2024-10-09T14:40:17.447",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2021-11-03",
"cisaActionDue": "2021-11-17",
@ -95,7 +95,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}
@ -252,7 +252,11 @@
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1647",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

9
CVE-2022/CVE-2022-316xx/CVE-2022-31696.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-31696",
"sourceIdentifier": "security@vmware.com",
"published": "2022-12-13T16:15:19.733",
"lastModified": "2023-08-08T14:21:49.707",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-09T14:05:54.210",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -107,11 +107,6 @@
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E62468B0-963B-4035-81CA-86F5273A33F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.76:*:*:*:*:*:*:*",
"matchCriteriaId": "76DFFA60-1A30-42CC-9CB6-44B65B461E50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",

33
CVE-2022/CVE-2022-428xx/CVE-2022-42826.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-42826",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-02-27T20:15:12.537",
"lastModified": "2023-05-30T06:15:28.610",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-09T14:11:51.867",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -58,6 +58,12 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.1",
"matchCriteriaId": "1E24164C-68FC-4038-9FE4-5A7841DD092C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
@ -75,12 +81,22 @@
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0",
"matchCriteriaId": "71E032AD-F827-4944-9699-BB1E6D4233FC"
},
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.1",
"matchCriteriaId": "C568A90E-50DF-4E74-A8BB-A2532CE40497"
"criteria": "cpe:2.3:a:webkitgtk:webkitgtk\\+:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.40.1",
"matchCriteriaId": "57790ABD-E90D-457D-AB3B-FF281C8E5306"
}
]
}
@ -90,7 +106,10 @@
"references": [
{
"url": "https://security.gentoo.org/glsa/202305-32",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213488",

22
CVE-2022/CVE-2022-471xx/CVE-2022-47184.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47184",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-14T08:15:08.633",
"lastModified": "2023-06-30T02:15:08.723",
"lastModified": "2024-10-09T14:35:01.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

16
CVE-2023/CVE-2023-279xx/CVE-2023-27932.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27932",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:17.247",
"lastModified": "2023-07-27T04:15:17.383",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-09T14:25:54.770",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -54,6 +54,12 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.4",
"matchCriteriaId": "EE589B89-C395-4840-9EE5-B644EC1C637C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
@ -72,12 +78,6 @@
"versionEndExcluding": "13.3",
"matchCriteriaId": "F58DAF22-8807-445A-AD05-8510829526CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.4",
"matchCriteriaId": "6DA0FC30-9F3F-4A41-9350-BD296D9B836F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",

34
CVE-2023/CVE-2023-310xx/CVE-2023-31048.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31048",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-12T17:15:07.867",
"lastModified": "2023-12-18T14:51:21.633",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-09T14:35:02.490",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-209"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-209"
}
]
}
],
"configurations": [

24
CVE-2023/CVE-2023-314xx/CVE-2023-31469.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31469",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-23T08:15:09.220",
"lastModified": "2023-07-05T13:21:25.333",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-09T15:35:05.020",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

16
CVE-2023/CVE-2023-324xx/CVE-2023-32423.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32423",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.677",
"lastModified": "2023-07-27T04:15:37.870",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-09T14:26:48.320",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -54,6 +54,12 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "21B2F081-D602-4C84-8343-6327B23176D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
@ -73,12 +79,6 @@
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "3038D217-F7EF-4663-A4CC-74DBF0CCB595"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",

22
CVE-2023/CVE-2023-339xx/CVE-2023-33933.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33933",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-14T08:15:09.323",
"lastModified": "2023-06-30T02:15:09.060",
"lastModified": "2024-10-09T14:35:03.540",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

24
CVE-2023/CVE-2023-343xx/CVE-2023-34340.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34340",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-21T08:15:10.740",
"lastModified": "2023-06-28T12:43:31.883",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-09T15:35:05.370",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},

34
CVE-2023/CVE-2023-349xx/CVE-2023-34981.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34981",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-21T11:15:09.410",
"lastModified": "2023-07-21T19:20:13.337",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-09T15:35:05.653",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-403xx/CVE-2023-40300.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40300",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-07T18:15:07.597",
"lastModified": "2023-12-12T18:55:01.573",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-09T14:35:05.110",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-798"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"configurations": [

24
CVE-2023/CVE-2023-404xx/CVE-2023-40446.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40446",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-12-12T01:15:10.360",
"lastModified": "2023-12-13T20:56:06.690",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-09T14:35:05.897",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},

12
CVE-2023/CVE-2023-404xx/CVE-2023-40453.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-40453",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-07T04:20:15.030",
"lastModified": "2024-08-02T19:15:48.283",
"lastModified": "2024-10-09T15:35:08.173",
"vulnStatus": "Modified",
"cveTags": [
{
@ -56,6 +56,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-116"
}
]
}
],
"configurations": [

13
CVE-2023/CVE-2023-422xx/CVE-2023-42282.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42282",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-08T17:15:10.840",
"lastModified": "2024-07-03T22:15:02.190",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-09T15:14:21.817",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,8 +61,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fedorindutny:ip:*:*:*:*:*:node.js:*:*",
"versionEndIncluding": "1.1.8",
"matchCriteriaId": "5E811BCA-8109-4EA6-ACCC-7D7A6BCD6BB1"
"versionEndExcluding": "1.1.9",
"matchCriteriaId": "3117142B-3F19-42D1-8A43-EEE2ECA4BA6E"
},
{
"vulnerable": true,
@ -107,7 +107,10 @@
},
{
"url": "https://www.bleepingcomputer.com/news/security/dev-rejects-cve-severity-makes-his-github-repo-read-only/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage"
]
}
]
}

24
CVE-2023/CVE-2023-429xx/CVE-2023-42903.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42903",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-12-12T01:15:11.950",
"lastModified": "2023-12-13T19:53:01.920",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-09T14:35:06.137",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},

34
CVE-2023/CVE-2023-433xx/CVE-2023-43364.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43364",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-12T18:15:22.887",
"lastModified": "2023-12-14T21:15:15.067",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-09T14:35:06.480",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-74"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

31
CVE-2023/CVE-2023-453xx/CVE-2023-45361.json
View File

@ -2,16 +2,43 @@
"id": "CVE-2023-45361",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-09T06:15:13.203",
"lastModified": "2024-10-09T06:15:13.203",
"lastModified": "2024-10-09T14:35:07.353",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in VectorComponentUserLinks.php in the Vector Skin component in MediaWiki before 1.39.5 and 1.40.x before 1.40.1. vector-intro-page MalformedTitleException is uncaught if it is not a valid title, leading to incorrect web pages."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en VectorComponentUserLinks.php en el componente Vector Skin en MediaWiki anterior a 1.39.5 y 1.40.x anterior a 1.40.1. vector-intro-page MalformedTitleException no se detecta si no es un t\u00edtulo v\u00e1lido, lo que genera p\u00e1ginas web incorrectas."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/skins/Vector/+/2a452b7e2562cba32b8a17bc91dc5abb531f0a1c",

60
CVE-2023/CVE-2023-458xx/CVE-2023-45802.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45802",
"sourceIdentifier": "security@apache.org",
"published": "2023-10-23T07:15:11.330",
"lastModified": "2024-06-10T17:16:14.907",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-09T14:30:34.180",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -41,8 +41,18 @@
},
"weaknesses": [
{
"source": "security@apache.org",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
},
{
"source": "security@apache.org",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -61,8 +71,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.4.17",
"versionEndExcluding": "2.4.58",
"matchCriteriaId": "98328F29-DA83-4BEE-B8A8-D1C4AF224497"
"matchCriteriaId": "85E65FF1-36DF-4D43-8F99-676B7D43EE24"
}
]
}
@ -74,10 +85,35 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
@ -94,11 +130,18 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/",
@ -109,7 +152,10 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0011/",

31
CVE-2023/CVE-2023-465xx/CVE-2023-46586.json
View File

@ -2,16 +2,43 @@
"id": "CVE-2023-46586",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-09T06:15:13.447",
"lastModified": "2024-10-09T06:15:13.447",
"lastModified": "2024-10-09T14:35:07.683",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 (before 1.0) lacks '\\0' termination of the path for CGI scripts because strncpy is misused."
},
{
"lang": "es",
"value": "cgi.c en weborf .0.17, 0.18, 0.19 y 0.20 (antes de 1.0) carece de la terminaci\u00f3n '\\0' en la ruta para scripts CGI porque strncpy se usa incorrectamente."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://github.com/ltworf/weborf/commit/49824204add55aab0568d90a6b1e7c822d32120d",

32
CVE-2023/CVE-2023-483xx/CVE-2023-48398.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-48398",
"sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2023-12-08T16:15:16.617",
"lastModified": "2024-03-12T21:15:55.977",
"lastModified": "2024-10-09T15:35:08.890",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-486xx/CVE-2023-48641.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48641",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-12T08:15:07.693",
"lastModified": "2023-12-15T14:28:15.560",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-09T14:35:07.850",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-639"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"configurations": [

24
CVE-2023/CVE-2023-488xx/CVE-2023-48841.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48841",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-07T07:15:12.717",
"lastModified": "2023-12-09T04:46:16.773",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-09T15:35:09.740",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

32
CVE-2023/CVE-2023-493xx/CVE-2023-49355.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49355",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-11T07:15:07.003",
"lastModified": "2023-12-20T09:15:07.220",
"lastModified": "2024-10-09T15:35:09.920",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

24
CVE-2023/CVE-2023-494xx/CVE-2023-49460.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49460",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-07T20:15:38.140",
"lastModified": "2023-12-11T17:32:51.353",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-09T14:35:08.690",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

34
CVE-2023/CVE-2023-494xx/CVE-2023-49492.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49492",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-07T16:15:07.587",
"lastModified": "2023-12-12T18:21:17.307",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-09T15:35:10.710",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

24
CVE-2023/CVE-2023-499xx/CVE-2023-49958.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49958",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-07T13:15:07.833",
"lastModified": "2023-12-13T13:53:04.123",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-09T15:35:11.470",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

32
CVE-2023/CVE-2023-499xx/CVE-2023-49990.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49990",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-12T14:15:07.553",
"lastModified": "2024-01-19T04:15:08.763",
"lastModified": "2024-10-09T14:35:09.040",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

271
CVE-2023/CVE-2023-56xx/CVE-2023-5633.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5633",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-23T22:15:09.430",
"lastModified": "2024-07-24T16:15:05.527",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-09T14:43:26.870",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -91,8 +91,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6",
"matchCriteriaId": "9D42A7C6-CE38-4D73-B7AC-615F6D53F783"
"versionStartIncluding": "6.1.13",
"versionEndExcluding": "6.1.75",
"matchCriteriaId": "B91950D6-83A3-41D3-8739-9DD8A03F7CE6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.5.8",
"matchCriteriaId": "AD4E15B4-2591-4A3A-B2A2-7FEAECD5027D"
},
{
"vulnerable": true,
@ -118,6 +126,11 @@
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc5:*:*:*:*:*:*",
"matchCriteriaId": "E7C78D0A-C4A2-4D41-B726-8979E33AD0F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc6:*:*:*:*:*:*",
"matchCriteriaId": "E114E9DD-F7E1-40CC-AAD5-F14E586CB2E6"
}
]
}
@ -129,6 +142,96 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93A089E2-D66E-455C-969A-3140D991BAF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2ABBAA9E-CCBA-480B-ABB5-454448D91262"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F9812B09-CC24-43F5-98E8-6D9EFE026E8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "936B046D-ADEB-4701-8957-AC28CFA9C5C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4B0BD8-527F-4728-A64B-F8F06D5EDEC5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:8.0_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "D206176C-6B2B-4BED-A3A2-AE39A41CB3C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "910C9542-26FC-4635-9351-128727971830"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.8_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "547DCB0A-32F0-4BC9-BCA4-EA50064DA5D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "09AAD850-019A-46B8-A5A1-845DE048D30A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "88F9EB73-1F19-4BD9-AB19-36F9F1A5156E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3C5EAE-267F-410F-8AFA-8F5B68A9E617"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "86034E5B-BCDD-4AFD-A460-38E790F608F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "35232613-B8B5-4F4D-A6CD-3823C6666534"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "F791F846-7762-40E0-9056-032FD10F2046"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "7B3D7389-35C1-48C4-A9EC-2564842723C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "C9795CF6-CBEB-4FE4-BAAC-D9D514C6B5B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "C2ED1251-245C-4390-8964-DDCAD54A8957"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "03A1BB59-4BE6-4339-ABB7-C18B7D899FB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
@ -138,6 +241,136 @@
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B03506D7-0FCD-47B7-90F6-DDEEB5C5A733"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "5A47EF78-A5B6-4B89-8B74-EEB0647C549F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "213593D4-EB5A-4A1B-BDF3-3F043C5F6A6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "9A879F9F-F087-45D4-BD65-2990276477D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "01363FFA-F7A6-43FC-8D47-E67F95410095"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "32AF225E-94C0-4D07-900C-DD868C05F554"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "FB056B47-1F45-4CE4-81F6-872F66C24C29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "22C65F53-D624-48A9-A9B7-4C78A31E19F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "26041661-0280-4544-AA0A-BC28FCED4699"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "F843B777-5C64-4CAE-80D6-89DC2C9515B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "23D471AC-7DCA-4425-AD91-E5D928753A8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "99952557-C766-4B9E-8BF5-DBBA194349FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3CBA5D-9E5D-4C46-B37E-7BB35BE8DADB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5487EF77-D23A-4CC0-851C-E330B4485D8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8173AF8-110D-4503-AA50-1BA4F79622E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "782C86CD-1B68-410A-A096-E5170AD24DA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D583DDD-E84D-4180-A339-5467540DB9EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D345D3-108A-4551-A112-5EE51991411A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "12A809B2-2771-4780-9E0D-6A7B4A534CFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6A25CB-907A-4D05-8460-A2488938A8BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CA946D-1665-4874-9D41-C7D963DD1F56"
}
]
}
@ -147,27 +380,45 @@
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:0113",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0134",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0461",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1404",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4823",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4831",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5633",

84
CVE-2023/CVE-2023-59xx/CVE-2023-5992.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5992",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-31T14:15:48.147",
"lastModified": "2024-09-03T17:15:14.487",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-09T15:07:19.680",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -91,8 +91,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opensc_project:opensc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.24.0",
"matchCriteriaId": "A3EB32A5-0147-4801-8E71-C881624EE6B9"
"versionEndExcluding": "0.25.0",
"matchCriteriaId": "835E7B28-6A13-42E4-A819-39920F9970B5"
}
]
}
@ -118,6 +118,66 @@
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B03506D7-0FCD-47B7-90F6-DDEEB5C5A733"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "5A47EF78-A5B6-4B89-8B74-EEB0647C549F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "01363FFA-F7A6-43FC-8D47-E67F95410095"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "32AF225E-94C0-4D07-900C-DD868C05F554"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "FB056B47-1F45-4CE4-81F6-872F66C24C29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "F843B777-5C64-4CAE-80D6-89DC2C9515B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3CBA5D-9E5D-4C46-B37E-7BB35BE8DADB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D345D3-108A-4551-A112-5EE51991411A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4AEBCB-B1E6-4A6A-9E8C-DDC5A003BCB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.4_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "3C30F155-DF7D-4195-92D9-A5B80407228D"
}
]
}
@ -127,11 +187,17 @@
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:0966",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0967",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5992",
@ -156,7 +222,11 @@
},
{
"url": "https://www.usenix.org/system/files/usenixsecurity24-shagam.pdf",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Technical Description"
]
}
]
}

70
CVE-2023/CVE-2023-60xx/CVE-2023-6081.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6081",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:08.063",
"lastModified": "2024-02-12T17:31:21.670",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-09T14:57:16.107",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,75 @@
"value": "El complemento chartjs de WordPress hasta 2023.2 no sanitiza ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting Almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n multisitio)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chartjs_project:chartjs:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2023.2",
"matchCriteriaId": "516DADB6-90E0-4460-9BF8-39E83AEA6141"
}
]
}
]
}
],
"references": [
{
"url": "https://lynk.nl/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://wpscan.com/vulnerability/5f011911-5fd1-46d9-b468-3062b4ec6f1e/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-60xx/CVE-2023-6082.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6082",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:08.120",
"lastModified": "2024-07-03T01:44:19.650",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-09T14:57:13.950",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -39,14 +59,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chartjs_project:chartjs:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2023.2",
"matchCriteriaId": "516DADB6-90E0-4460-9BF8-39E83AEA6141"
}
]
}
]
}
],
"references": [
{
"url": "https://lynk.nl/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://wpscan.com/vulnerability/c3d43aac-66c8-4218-b3f0-5256f895eda3/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-65xx/CVE-2023-6591.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6591",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:08.337",
"lastModified": "2024-02-12T17:31:21.670",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-09T15:39:22.323",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,68 @@
"value": "El complemento Popup Box de WordPress anterior a 20.9.0 no sanitiza ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir a usuarios con altos privilegios, como el administrador, realizar ataques de Cross-Site Scripting incluso cuando unfiltered_html no est\u00e1 permitido."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ays-pro:popup_box:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "20.9.0",
"matchCriteriaId": "C61AEA2F-5C51-4910-B807-C69538008BB0"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/f296de1c-b70b-4829-aba7-4afa24f64c51/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-72xx/CVE-2023-7233.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7233",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:08.390",
"lastModified": "2024-02-12T17:31:21.670",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-09T15:13:58.453",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,68 @@
"value": "El complemento GigPress de WordPress hasta la versi\u00f3n 2.3.29 no sanitiza ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting Almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n multisitio)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tri:gigpress:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.3.29",
"matchCriteriaId": "BFC8C793-4850-49EC-8CEA-9B75D3F7E3F4"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/585cb2f2-7adc-431f-89d4-4e947f16af18/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

65
CVE-2024/CVE-2024-05xx/CVE-2024-0566.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0566",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-12T16:15:08.673",
"lastModified": "2024-02-12T17:31:21.670",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-09T15:23:20.433",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,68 @@
"value": "El complemento Smart Manager de WordPress anterior a 8.28.0 no sanitiza ni escapa adecuadamente un par\u00e1metro antes de usarlo en una declaraci\u00f3n SQL, lo que genera una inyecci\u00f3n de SQL explotable por usuarios con privilegios elevados, como el administrador."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:storeapps:smart_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "8.28.0",
"matchCriteriaId": "87E30D76-C86F-441D-9954-81E321023265"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/ca83db95-4a08-4615-aa8d-016022404c32/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

49
CVE-2024/CVE-2024-11xx/CVE-2024-1157.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1157",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-13T10:15:08.433",
"lastModified": "2024-02-13T14:01:00.987",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-09T15:20:50.540",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,18 +39,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bold-themes:bold_page_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.8.1",
"matchCriteriaId": "122FB828-4F7B-4059-B9C1-B6CDC7DA54A6"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/bold-page-builder/trunk/content_elements/bt_bb_button/bt_bb_button.php#L161",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3034441%40bold-page-builder&new=3034441%40bold-page-builder&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e166a7db-45f7-4a0d-9966-dbec9ade204a?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

21
CVE-2024/CVE-2024-215xx/CVE-2024-21591.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21591",
"sourceIdentifier": "sirt@juniper.net",
"published": "2024-01-12T01:15:46.697",
"lastModified": "2024-02-10T00:15:07.937",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-09T14:47:40.580",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -506,8 +506,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r3s1:*:*:*:*:*:*",
"matchCriteriaId": "0B5A3193-CAB9-4BA8-AF4E-806F803996E1"
"criteria": "cpe:2.3:o:juniper:junos:22.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "8BCDE58C-80CC-4C5A-9667-8A4468D8D76C"
},
{
"vulnerable": true,
@ -538,11 +538,6 @@
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "7E5688D6-DCA4-4550-9CD1-A3D792252129"
}
]
}
@ -552,7 +547,11 @@
"references": [
{
"url": "https://curesec.com/blog/article/CVE-2024-21591_Juniper_Remote_Code_Exec.html",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://supportportal.juniper.net/JSA75729",
@ -565,7 +564,7 @@
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
"Third Party Advisory"
]
}
]

18
CVE-2024/CVE-2024-246xx/CVE-2024-24697.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24697",
"sourceIdentifier": "security@zoom.us",
"published": "2024-02-14T00:15:47.770",
"lastModified": "2024-10-04T14:08:53.490",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-09T15:22:48.937",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -22,19 +22,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.8,
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
@ -90,9 +90,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:meeting_sdk:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "5.17.0",
"matchCriteriaId": "C7E3AECA-495C-4C31-9747-3186CAE732D0"
"matchCriteriaId": "ED921F3E-F076-4037-BAE9-53BDC04F2A4C"
},
{
"vulnerable": true,

43
CVE-2024/CVE-2024-252xx/CVE-2024-25282.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-25282",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-09T04:15:07.287",
"lastModified": "2024-10-09T04:15:07.287",
"lastModified": "2024-10-09T15:35:11.880",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "3DSecure 2.0 allows XSS in its 3DSMethod Authentication via a modified params parameter in a /rest/online request with a /redirect?action=challenge&txn= substring."
},
{
"lang": "es",
"value": "3DSecure 2.0 permite XSS en su autenticaci\u00f3n 3DSMethod a trav\u00e9s de un par\u00e1metro params modificado en una solicitud /rest/online con una subcadena /redirect?action=challenge&txn=."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://pagosonline.redsys.es/funcionalidades-autenticacion3DS.html",

43
CVE-2024/CVE-2024-252xx/CVE-2024-25283.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-25283",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-09T04:15:07.483",
"lastModified": "2024-10-09T04:15:07.483",
"lastModified": "2024-10-09T15:35:12.690",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "3DSecure 2.0 allows reflected XSS in the 3DS Authorization Challenge via a modified params parameter in a /rest/online request with a /redirect?action=challenge&txn= substring."
},
{
"lang": "es",
"value": "3DSecure 2.0 permite XSS reflejado en el desaf\u00edo de autorizaci\u00f3n 3DS a trav\u00e9s de un par\u00e1metro params modificado en una solicitud /rest/online con una subcadena /redirect?action=challenge&txn=."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://pagosonline.redsys.es/funcionalidades-autenticacion3DS.html",

43
CVE-2024/CVE-2024-252xx/CVE-2024-25284.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-25284",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-09T04:15:07.597",
"lastModified": "2024-10-09T04:15:07.597",
"lastModified": "2024-10-09T15:35:13.433",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "3DSecure 2.0 allows reflected XSS in the 3DS Authorization Method via the threeDsMethod.jsp threeDSMethodData parameter."
},
{
"lang": "es",
"value": "3DSecure 2.0 permite XSS reflejado en el m\u00e9todo de autorizaci\u00f3n 3DS a trav\u00e9s del par\u00e1metro threeDSMethodData de threeDsMethod.jsp."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://pagosonline.redsys.es/funcionalidades-autenticacion3DS.html",

43
CVE-2024/CVE-2024-252xx/CVE-2024-25286.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-25286",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-09T04:15:07.880",
"lastModified": "2024-10-09T04:15:07.880",
"lastModified": "2024-10-09T15:35:14.180",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "3DSecure 2.0 allows CSRF in the Authorization Method via modified Origin and Referer HTTP headers."
},
{
"lang": "es",
"value": "3DSecure 2.0 permite CSRF en el m\u00e9todo de autorizaci\u00f3n a trav\u00e9s de encabezados HTTP Origin y Referer modificados."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://seclists.org/fulldisclosure/2024/Sep/31",

43
CVE-2024/CVE-2024-258xx/CVE-2024-25885.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-25885",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-08T18:15:05.423",
"lastModified": "2024-10-08T18:15:05.423",
"lastModified": "2024-10-09T15:35:14.920",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in the getcolor function in utils.py of xhtml2pdf v0.2.13 allows attackers to cause a Regular expression Denial of Service (ReDOS) via supplying a crafted string."
},
{
"lang": "es",
"value": "Un problema en la funci\u00f3n getcolor en utils.py de xhtml2pdf v0.2.13 permite a los atacantes provocar una denegaci\u00f3n de servicio de expresi\u00f3n regular (ReDOS) mediante el suministro de una cadena manipulada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://dirk.com",

27
CVE-2024/CVE-2024-281xx/CVE-2024-28168.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-28168",
"sourceIdentifier": "security@apache.org",
"published": "2024-10-09T12:15:02.850",
"lastModified": "2024-10-09T12:15:02.850",
"lastModified": "2024-10-09T14:35:10.237",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,30 @@
"value": "Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Apache XML Graphics FOP.\n\nThis issue affects Apache XML Graphics FOP: 2.9.\n\nUsers are recommended to upgrade to version 2.10, which fixes the issue."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@apache.org",

70
CVE-2024/CVE-2024-304xx/CVE-2024-30472.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30472",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-06-13T12:15:10.410",
"lastModified": "2024-06-13T18:35:19.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-09T14:12:54.947",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "security_alert@emc.com",
"type": "Secondary",
@ -41,8 +61,18 @@
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security_alert@emc.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,10 +81,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:telemetry_dashboard:1.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "956FF6F5-3C99-4783-B4AE-FD4CC949F97D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:dell:thinos:2402:*:*:*:*:*:*:*",
"matchCriteriaId": "ECA47B8D-21C0-4AF5-B975-DE6DA9D73FC1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000225289/dsa-2024-229",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2024/CVE-2024-35xx/CVE-2024-3504.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3504",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-06-06T18:15:17.980",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-09T15:27:06.437",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -40,6 +62,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
@ -51,14 +83,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lunary:lunary:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.7",
"matchCriteriaId": "E6989773-CA2D-46FD-AEA6-E6D6F2C01B17"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/lunary-ai/lunary/commit/f7507f0949f6634f725ebb8da37c44f76542901f",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/97958fe4-be21-4b63-966f-8337c72c8e28",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-371xx/CVE-2024-37156.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37156",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-06-06T16:15:13.493",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-09T15:08:29.647",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -55,14 +85,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sulu:suluformbundle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.5.3",
"matchCriteriaId": "ADD6AF29-6FC2-45FC-8277-F25A53AD86F5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sulu/SuluFormBundle/commit/3f341b71a7309cbc8fd2c5bff894c654d1679b17",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/sulu/SuluFormBundle/security/advisories/GHSA-rrvc-c7xg-7cf3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-41xx/CVE-2024-4194.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4194",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-06T02:15:53.453",
"lastModified": "2024-06-06T14:17:35.017",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-09T15:36:58.887",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
@ -39,18 +59,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:essentialplugin:album_and_image_gallery_plus_lightbox:*:*:*:*:free:wordpress:*:*",
"versionEndExcluding": "2.1",
"matchCriteriaId": "2EA1A7DD-A95B-4C37-BE3B-A06FE0C0DF88"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/album-and-image-gallery-plus-lightbox/trunk/includes/shortcode/aigpl-gallery-album-slider.php#L207",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/album-and-image-gallery-plus-lightbox/trunk/includes/shortcode/aigpl-gallery-album.php#L185",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4822f1c7-3f83-416c-8957-17e4b53d7e69?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

152
CVE-2024/CVE-2024-423xx/CVE-2024-42308.json
View File

@ -2,157 +2,15 @@
"id": "CVE-2024-42308",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-17T09:15:10.920",
"lastModified": "2024-09-03T13:56:44.633",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-09T14:15:05.227",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check for NULL pointer\n\n[why & how]\nNeed to make sure plane_state is initialized\nbefore accessing its members.\n\n(cherry picked from commit 295d91cbc700651782a60572f83c24861607b648)"
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drm/amd/display: Verifique el puntero NULL [por qu\u00e9 y c\u00f3mo] Es necesario asegurarse de que plane_state est\u00e9 inicializado antes de acceder a sus miembros. (cereza escogida del commit 295d91cbc700651782a60572f83c24861607b648)"
"value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.282",
"matchCriteriaId": "9B9D49AA-E82F-497B-A047-F07DF6F16995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.224",
"matchCriteriaId": "5CCEDF13-293D-4E64-B501-4409D0365AFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.165",
"matchCriteriaId": "B4E2B568-3171-41DE-B519-F2B1A3600D94"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.103",
"matchCriteriaId": "E45EAC72-8329-4F99-8276-86AF9BB3496A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.44",
"matchCriteriaId": "CC912330-6B41-4C6B-99AF-F3857FBACB6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.3",
"matchCriteriaId": "92D388F2-1EAF-4CFA-AC06-5B26D762EA7D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/185616085b12e651cdfd11ef00d1449f54552d89",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4ab68e168ae1695f7c04fae98930740aaf7c50fa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4ccd37085976ea5d3c499b1e6d0b3f4deaf2cd5a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6b5ed0648213e9355cc78f4a264d9afe8536d692",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/71dbf95359347c2ecc5a6dfc02783fcfccb2e9fb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9ce89824ff04d261fc855e0ca6e6025251d9fa40",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f068494430d15b5fc551ac928de9dac7e5e27602",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
"metrics": {},
"references": []
}

1750
CVE-2024/CVE-2024-430xx/CVE-2024-43047.json
View File

File diff suppressed because it is too large Load Diff

80
CVE-2024/CVE-2024-449xx/CVE-2024-44950.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44950",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-04T19:15:30.100",
"lastModified": "2024-09-05T12:53:21.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-09T14:21:16.773",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,85 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: serial: sc16is7xx: se corrige el acceso FIFO no v\u00e1lido con un conjunto de registros especiales. Al habilitar el acceso al conjunto de registros especiales, pueden producirse interrupciones de RHR y tiempo de espera del receptor. En este caso, el controlador IRQ intentar\u00e1 leer desde el FIFO a trav\u00e9s del registro RHR en la direcci\u00f3n 0x00, pero la direcci\u00f3n 0x00 est\u00e1 asignada al registro DLL, lo que da como resultado una lectura FIFO err\u00f3nea. Ejemplo de gr\u00e1fico de llamadas: sc16is7xx_startup(): entrada sc16is7xx_ms_proc(): entrada sc16is7xx_set_termios(): entrada sc16is7xx_set_baud(): DLH/DLL = $009C --> acceder al conjunto de registros especiales sc16is7xx_port_irq() entrada --> IIR es 0x0C sc16is7xx_handle_rx() entrada sc16is7xx_fifo_read(): --> no se puede acceder a FIFO (RHR) porque est\u00e1 asignado a DLL (LCR=LCR_CONF_MODE_A) sc16is7xx_set_baud(): salida --> Restaurar el acceso al conjunto de registros generales Solucione el problema reclamando el mutex efr_lock al acceder al conjunto de registros especiales."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.16",
"versionEndExcluding": "6.10.5",
"matchCriteriaId": "2AAEF74C-138D-4D04-8AD8-163EB2A9720E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/6a6730812220a9a5ce4003eb347da1ee5abd06b0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7d3b793faaab1305994ce568b59d61927235f57b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

101
CVE-2024/CVE-2024-449xx/CVE-2024-44951.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44951",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-04T19:15:30.153",
"lastModified": "2024-09-05T12:53:21.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-09T14:27:43.973",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,106 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: serial: sc16is7xx: fix TX fifo democracy A veces, cuando se recibe un paquete en el canal A casi al mismo tiempo que se va a transmitir un paquete en el canal B, observamos con un analizador l\u00f3gico que el paquete recibido en el canal A se transmite en el canal B. En otras palabras, los datos del b\u00fafer de Tx en el canal B est\u00e1n da\u00f1ados con datos del canal A. El problema apareci\u00f3 desde el commit 4409df5866b7 (\"serial: sc16is7xx: change EFR lock to operate on each channels\"), que cambi\u00f3 el bloqueo de EFR para que funcione en cada canal en lugar de en todo el chip. Este commit ha introducido una regresi\u00f3n, porque el bloqueo de EFR se utiliza no solo para proteger el acceso a los registros de EFR, sino tambi\u00e9n, de una forma muy oscura y no documentada, para proteger el acceso al b\u00fafer de datos, que es compartido por los manejadores de Tx y Rx, pero tambi\u00e9n por cada canal del IC. Primero, solucione esta regresi\u00f3n cambiando a kfifo_out_linear_ptr() en sc16is7xx_handle_tx() para eliminar la necesidad de un b\u00fafer Rx/Tx compartido. En segundo lugar, reemplace el b\u00fafer Rx por chip con un b\u00fafer Rx separado para cada canal."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1.76",
"versionEndExcluding": "6.2",
"matchCriteriaId": "9FE19A5C-D7A4-4995-BEE0-2B2E5B46EAC6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6.15",
"versionEndExcluding": "6.7",
"matchCriteriaId": "61253639-4FB4-4953-A092-ED155EAB1548"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7.3",
"versionEndExcluding": "6.8",
"matchCriteriaId": "20F5F360-294D-4182-AC38-2F032FA57B3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.10.5",
"matchCriteriaId": "48E239A0-A959-4FAB-8475-D045FED3DDA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/09cfe05e9907f3276887a20e267cc40e202f4fdd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/133f4c00b8b2bfcacead9b81e7e8edfceb4b06c4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

114
CVE-2024/CVE-2024-449xx/CVE-2024-44991.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44991",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-04T20:15:08.150",
"lastModified": "2024-09-05T12:53:21.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-09T14:36:15.790",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,123 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tcp: evitar la ejecuci\u00f3n concurrente de tcp_sk_exit_batch Es posible que dos subprocesos llamen a tcp_sk_exit_batch() simult\u00e1neamente, una vez desde la cola de trabajo cleanup_net, otra desde una tarea que no pudo clonar una nueva netns. En el \u00faltimo caso, el desenrollado de errores llama a los controladores de salida en orden inverso para las netns \"fallidas\". tcp_sk_exit_batch() llama a tcp_twsk_purge(). El problema es que desde el commit b099ce2602d8 (\"net: Batch inet_twsk_purge\"), esta funci\u00f3n recoge twsk en cualquier netn moribundo, no solo en el que se pasa a trav\u00e9s de la lista exit_batch. Esto significa que el desenrollado de errores de setup_net() puede \"robar\" y destruir los sockets timewait que pertenecen a las netns que salen. Esto permite que el trabajador de salida netns proceda a llamar a WARN_ON_ONCE(!refcount_dec_and_test(&net->ipv4.tcp_death_row.tw_refcount)); sin la transici\u00f3n esperada de 1 -> 0, que luego falla. Al mismo tiempo, la ruta de desenrollado de error que tambi\u00e9n est\u00e1 ejecutando inet_twsk_purge() tambi\u00e9n se mostrar\u00e1: ADVERTENCIA: .. en lib/refcount.c:31 refcount_warn_saturate+0x1ed/0x210 ... refcount_dec include/linux/refcount.h:351 [en l\u00ednea] inet_twsk_kill+0x758/0x9c0 net/ipv4/inet_timewait_sock.c:70 inet_twsk_deschedule_put net/ipv4/inet_timewait_sock.c:221 inet_twsk_purge+0x725/0x890 net/ipv4/inet_timewait_sock.c:304 tcp_sk_exit_batch+0x1c/0x170 net/ipv4/tcp_ipv4.c:3522 ops_exit_list+0x128/0x180 net/core/net_namespace.c:178 setup_net+0x714/0xb40 net/core/net_namespace.c:375 copy_net_ns+0x2f0/0x670 net/core/net_namespace.c:508 create_new_namespaces+0x3ea/0xb10 kernel/nsproxy.c:110 ... porque refcount_dec() de tw_refcount cay\u00f3 inesperadamente a 0. Esto no parece un error real (no se perdieron sockets tw y no veo un use-after-free) sino un disparador err\u00f3neo de la comprobaci\u00f3n de depuraci\u00f3n. Agregue un mutex para forzar un orden estricto: la tarea que llama a tcp_twsk_purge() impide que otra tarea realice _dec_and_test final antes de que el propietario del mutex haya eliminado todos los sockets tw de los netn moribundos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1",
"versionEndExcluding": "6.1.107",
"matchCriteriaId": "8D4DE0F9-B1B3-4577-84CD-11CF847ABCE6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/565d121b69980637f040eb4d84289869cdaabedf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/99580ae890ec8bd98b21a2a9c6668f8f1555b62e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e3d9de3742f4d5c47ae35f888d3023a5b54fcd2f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f6fd2dbf584a4047ba88d1369ff91c9851261ec1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

97
CVE-2024/CVE-2024-450xx/CVE-2024-45001.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45001",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-04T20:15:08.710",
"lastModified": "2024-09-05T12:53:21.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-09T14:49:39.953",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,104 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: mana: Fix RX buf alloc_size adjustment and atomic op panic El b\u00fafer RX alloc_size del controlador MANA se pasa a napi_build_skb() para crear SKB. skb_shinfo(skb) se encuentra al final de skb, y su alineaci\u00f3n se ve afectada por el alloc_size pasado a napi_build_skb(). El tama\u00f1o debe estar alineado correctamente para un mejor rendimiento y operaciones at\u00f3micas. De lo contrario, en la CPU ARM64, para ciertas configuraciones de MTU como 4000, las operaciones at\u00f3micas pueden entrar en p\u00e1nico en skb_shinfo(skb)->dataref debido a un error de alineaci\u00f3n. Para corregir este error, agregue la alineaci\u00f3n adecuada al c\u00e1lculo alloc_size. Informaci\u00f3n de p\u00e1nico de muestra: [253.298819] No se puede manejar la solicitud de paginaci\u00f3n del n\u00facleo en la direcci\u00f3n virtual ffff000129ba5cce [253.300900] Informaci\u00f3n de aborto de memoria: [253.301760] ESR = 0x0000000096000021 [253.302825] EC = 0x25: DABT (EL actual), IL = 32 bits [253.304268] SET = 0, FnV = 0 [253.305172] EA = 0, S1PTW = 0 [253.306103] FSC = 0x21: error de alineaci\u00f3n Rastreo de llamada: __skb_clone+0xfc/0x198 skb_clone+0x78/0xe0 raw6_local_deliver+0xfc/0x228 ip6_protocol_deliver_rcu+0x80/0x500 ip6_input_finish+0x48/0x80 ip6_input+0x48/0xc0 ip6_sublist_rcv_finish+0x50/0x78 ip6_sublist_rcv+0x1cc/0x2b8 ipv6_list_rcv+0x100/0x150 __netif_receive_skb_list_core+0x180/0x220 netif_receive_skb_list_internal+0x198/0x2a8 __napi_poll+0x138/0x250 net_rx_action+0x148/0x330 manejar_softirqs+0x12c/0x3a0"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "EFA932A8-AACF-430D-AFBC-9A93F0749D68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/32316f676b4ee87c0404d333d248ccf777f739bc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/65f20b174ec0172f2d6bcfd8533ab9c9e7e347fa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e6bea6a45f8a401f3d5a430bc81814f0cc8848cf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

147
CVE-2024/CVE-2024-450xx/CVE-2024-45003.json
View File

@ -2,48 +2,173 @@
"id": "CVE-2024-45003",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-04T20:15:08.823",
"lastModified": "2024-09-15T18:15:35.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-09T15:07:31.027",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfs: Don't evict inode under the inode lru traversing context\n\nThe inode reclaiming process(See function prune_icache_sb) collects all\nreclaimable inodes and mark them with I_FREEING flag at first, at that\ntime, other processes will be stuck if they try getting these inodes\n(See function find_inode_fast), then the reclaiming process destroy the\ninodes by function dispose_list(). Some filesystems(eg. ext4 with\nea_inode feature, ubifs with xattr) may do inode lookup in the inode\nevicting callback function, if the inode lookup is operated under the\ninode lru traversing context, deadlock problems may happen.\n\nCase 1: In function ext4_evict_inode(), the ea inode lookup could happen\n if ea_inode feature is enabled, the lookup process will be stuck\n\tunder the evicting context like this:\n\n 1. File A has inode i_reg and an ea inode i_ea\n 2. getfattr(A, xattr_buf) // i_ea is added into lru // lru->i_ea\n 3. Then, following three processes running like this:\n\n PA PB\n echo 2 > /proc/sys/vm/drop_caches\n shrink_slab\n prune_dcache_sb\n // i_reg is added into lru, lru->i_ea->i_reg\n prune_icache_sb\n list_lru_walk_one\n inode_lru_isolate\n i_ea->i_state |= I_FREEING // set inode state\n inode_lru_isolate\n __iget(i_reg)\n spin_unlock(&i_reg->i_lock)\n spin_unlock(lru_lock)\n rm file A\n i_reg->nlink = 0\n iput(i_reg) // i_reg->nlink is 0, do evict\n ext4_evict_inode\n ext4_xattr_delete_inode\n ext4_xattr_inode_dec_ref_all\n ext4_xattr_inode_iget\n ext4_iget(i_ea->i_ino)\n iget_locked\n find_inode_fast\n __wait_on_freeing_inode(i_ea) ----\u2192 AA deadlock\n dispose_list // cannot be executed by prune_icache_sb\n wake_up_bit(&i_ea->i_state)\n\nCase 2: In deleted inode writing function ubifs_jnl_write_inode(), file\n deleting process holds BASEHD's wbuf->io_mutex while getting the\n\txattr inode, which could race with inode reclaiming process(The\n reclaiming process could try locking BASEHD's wbuf->io_mutex in\n\tinode evicting function), then an ABBA deadlock problem would\n\thappen as following:\n\n 1. File A has inode ia and a xattr(with inode ixa), regular file B has\n inode ib and a xattr.\n 2. getfattr(A, xattr_buf) // ixa is added into lru // lru->ixa\n 3. Then, following three processes running like this:\n\n PA PB PC\n echo 2 > /proc/sys/vm/drop_caches\n shrink_slab\n prune_dcache_sb\n // ib and ia are added into lru, lru->ixa->ib->ia\n prune_icache_sb\n list_lru_walk_one\n inode_lru_isolate\n ixa->i_state |= I_FREEING // set inode state\n inode_lru_isolate\n __iget(ib)\n spin_unlock(&ib->i_lock)\n spin_unlock(lru_lock)\n rm file B\n ib->nlink = 0\n rm file A\n iput(ia)\n ubifs_evict_inode(ia)\n ubifs_jnl_delete_inode(ia)\n ubifs_jnl_write_inode(ia)\n make_reservation(BASEHD) // Lock wbuf->io_mutex\n ubifs_iget(ixa->i_ino)\n iget_locked\n find_inode_fast\n __wait_on_freeing_inode(ixa)\n | iput(ib) // ib->nlink is 0, do evict\n | ubifs_evict_inode\n | ubifs_jnl_delete_inode(ib)\n \u2193 ubifs_jnl_write_inode\n ABBA deadlock \u2190-----make_reservation(BASEHD)\n dispose_list // cannot be executed by prune_icache_sb\n wake_up_bit(&ixa->i_state)\n\nFix the possible deadlock by using new inode state flag I_LRU_ISOLATING\nto pin the inode in memory while inode_lru_isolate(\n---truncated---"
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfs: Don't evict inode under the inode lru traversing context\n\nThe inode reclaiming process(See function prune_icache_sb) collects all\nreclaimable inodes and mark them with I_FREEING flag at first, at that\ntime, other processes will be stuck if they try getting these inodes\n(See function find_inode_fast), then the reclaiming process destroy the\ninodes by function dispose_list(). Some filesystems(eg. ext4 with\nea_inode feature, ubifs with xattr) may do inode lookup in the inode\nevicting callback function, if the inode lookup is operated under the\ninode lru traversing context, deadlock problems may happen.\n\nCase 1: In function ext4_evict_inode(), the ea inode lookup could happen\n if ea_inode feature is enabled, the lookup process will be stuck\n\tunder the evicting context like this:\n\n 1. File A has inode i_reg and an ea inode i_ea\n 2. getfattr(A, xattr_buf) // i_ea is added into lru // lru->i_ea\n 3. Then, following three processes running like this:\n\n PA PB\n echo 2 > /proc/sys/vm/drop_caches\n shrink_slab\n prune_dcache_sb\n // i_reg is added into lru, lru->i_ea->i_reg\n prune_icache_sb\n list_lru_walk_one\n inode_lru_isolate\n i_ea->i_state |= I_FREEING // set inode state\n inode_lru_isolate\n __iget(i_reg)\n spin_unlock(&i_reg->i_lock)\n spin_unlock(lru_lock)\n rm file A\n i_reg->nlink = 0\n iput(i_reg) // i_reg->nlink is 0, do evict\n ext4_evict_inode\n ext4_xattr_delete_inode\n ext4_xattr_inode_dec_ref_all\n ext4_xattr_inode_iget\n ext4_iget(i_ea->i_ino)\n iget_locked\n find_inode_fast\n __wait_on_freeing_inode(i_ea) ----? AA deadlock\n dispose_list // cannot be executed by prune_icache_sb\n wake_up_bit(&i_ea->i_state)\n\nCase 2: In deleted inode writing function ubifs_jnl_write_inode(), file\n deleting process holds BASEHD's wbuf->io_mutex while getting the\n\txattr inode, which could race with inode reclaiming process(The\n reclaiming process could try locking BASEHD's wbuf->io_mutex in\n\tinode evicting function), then an ABBA deadlock problem would\n\thappen as following:\n\n 1. File A has inode ia and a xattr(with inode ixa), regular file B has\n inode ib and a xattr.\n 2. getfattr(A, xattr_buf) // ixa is added into lru // lru->ixa\n 3. Then, following three processes running like this:\n\n PA PB PC\n echo 2 > /proc/sys/vm/drop_caches\n shrink_slab\n prune_dcache_sb\n // ib and ia are added into lru, lru->ixa->ib->ia\n prune_icache_sb\n list_lru_walk_one\n inode_lru_isolate\n ixa->i_state |= I_FREEING // set inode state\n inode_lru_isolate\n __iget(ib)\n spin_unlock(&ib->i_lock)\n spin_unlock(lru_lock)\n rm file B\n ib->nlink = 0\n rm file A\n iput(ia)\n ubifs_evict_inode(ia)\n ubifs_jnl_delete_inode(ia)\n ubifs_jnl_write_inode(ia)\n make_reservation(BASEHD) // Lock wbuf->io_mutex\n ubifs_iget(ixa->i_ino)\n iget_locked\n find_inode_fast\n __wait_on_freeing_inode(ixa)\n | iput(ib) // ib->nlink is 0, do evict\n | ubifs_evict_inode\n | ubifs_jnl_delete_inode(ib)\n ? ubifs_jnl_write_inode\n ABBA deadlock ?-----make_reservation(BASEHD)\n dispose_list // cannot be executed by prune_icache_sb\n wake_up_bit(&ixa->i_state)\n\nFix the possible deadlock by using new inode state flag I_LRU_ISOLATING\nto pin the inode in memory while inode_lru_isolate(\n---truncated---"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: vfs: No desalojar inodo bajo el contexto de recorrido lru de inodo El proceso de recuperaci\u00f3n de inodo (ver funci\u00f3n prune_icache_sb) recopila todos los inodos recuperables y los marca con el indicador I_FREEING al principio, en ese momento, otros procesos se atascar\u00e1n si intentan obtener estos inodos (ver funci\u00f3n find_inode_fast), luego el proceso de recuperaci\u00f3n destruye los inodos mediante la funci\u00f3n dispose_list(). Algunos sistemas de archivos (por ejemplo, ext4 con la funci\u00f3n ea_inode, ubifs con xattr) pueden realizar una b\u00fasqueda de inodo en la funci\u00f3n de devoluci\u00f3n de llamada de expulsi\u00f3n de inodo, si la b\u00fasqueda de inodo se opera bajo el contexto de recorrido lru de inodo, pueden ocurrir problemas de interbloqueo. Caso 1: En la funci\u00f3n ext4_evict_inode(), la b\u00fasqueda de inodo ea podr\u00eda ocurrir si la caracter\u00edstica ea_inode est\u00e1 habilitada, el proceso de b\u00fasqueda se quedar\u00e1 atascado bajo el contexto de desalojo de esta manera: 1. El archivo A tiene un inodo i_reg y un inodo ea i_ea 2. getfattr(A, xattr_buf) // i_ea se agrega a lru // lru->i_ea 3. Luego, los siguientes tres procesos se ejecutan de esta manera: PA PB echo 2 > /proc/sys/vm/drop_caches shrink_slab prune_dcache_sb // i_reg se agrega a lru, lru->i_ea->i_reg prune_icache_sb list_lru_walk_one inode_lru_isolate i_ea->i_state |= I_FREEING // establece el estado del inodo inode_lru_isolate __iget(i_reg) spin_unlock(&i_reg->i_lock) spin_unlock(lru_lock) rm archivo A i_reg->nlink = 0 iput(i_reg) // i_reg->nlink es 0, desalojar ext4_evict_inode ext4_xattr_delete_inode ext4_xattr_inode_dec_ref_all ext4_xattr_inode_iget ext4_iget(i_ea->i_ino) iget_locked find_inode_fast __wait_on_freeing_inode(i_ea) ----? Bloqueo AA dispose_list // no puede ser ejecutado por prune_icache_sb wake_up_bit(&i_ea->i_state) Caso 2: En la funci\u00f3n de escritura de inodo eliminado ubifs_jnl_write_inode(), el proceso de eliminaci\u00f3n de archivo retiene BASEHD wbuf->io_mutex mientras obtiene el inodo xattr, que podr\u00eda competir con el proceso de recuperaci\u00f3n de inodo (el proceso de recuperaci\u00f3n podr\u00eda intentar bloquear wbuf->io_mutex de BASEHD en la funci\u00f3n de desalojo de inodo), entonces ocurrir\u00eda un problema de bloqueo ABBA de la siguiente manera: 1. El archivo A tiene un inodo ia y un xattr (con un inodo ixa), el archivo B normal tiene un inodo ib y un xattr. 2. getfattr(A, xattr_buf) // ixa se agrega a lru // lru->ixa 3. Luego, los siguientes tres procesos se ejecutan de esta manera: PA PB PC echo 2 > /proc/sys/vm/drop_caches shrink_slab prune_dcache_sb // ib e ia se agregan a lru, lru->ixa->ib->ia prune_icache_sb list_lru_walk_one inode_lru_isolate ixa->i_state |= I_FREEING // establece el estado del inodo inode_lru_isolate __iget(ib) spin_unlock(&ib->i_lock) spin_unlock(lru_lock) rm archivo B ib->nlink = 0 rm archivo A iput(ia) ubifs_evict_inode(ia) ubifs_jnl_delete_inode(ia) ubifs_jnl_write_inode(ia) make_reservation(BASEHD) // Bloquear wbuf->io_mutex ubifs_iget(ixa->i_ino) iget_locked find_inode_fast __wait_on_freeing_inode(ixa) | iput(ib) // ib->nlink es 0, desalojar | ubifs_evict_inode | ubifs_jnl_delete_inode(ib) ? ubifs_jnl_write_inode Bloqueo ABBA ?-----make_reservation(BASEHD) dispose_list // no puede ser ejecutado por prune_icache_sb wake_up_bit(&ixa->i_state) Corrija el posible bloqueo utilizando el nuevo indicador de estado de inodo I_LRU_ISOLATING para fijar el inodo en la memoria mientras inode_lru_isolate( ---truncado---"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.13",
"versionEndExcluding": "5.4.283",
"matchCriteriaId": "233C3D30-5FAC-4A42-AEF4-308BEE3563D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.225",
"matchCriteriaId": "C57B46A9-B105-4792-8481-1870DEFB436A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.166",
"matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.107",
"matchCriteriaId": "53954FF8-CB48-4302-BC4C-9DA7A88F44A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/03880af02a78bc9a98b5a581f529cf709c88a9b8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2a0629834cd82f05d424bbc193374f9a43d1f87d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3525ad25240dfdd8c78f3470911ed10aa727aa72",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/437741eba63bf4e437e2beb5583f8633556a2b98",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9063ab49c11e9518a3f2352434bb276cc8134c5f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b9bda5f6012dd00372f3a06a82ed8971a4c57c32",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cda54ec82c0f9d05393242b20b13f69b083f7e88",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

85
CVE-2024/CVE-2024-450xx/CVE-2024-45004.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45004",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-04T20:15:08.890",
"lastModified": "2024-09-05T12:53:21.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-09T15:19:15.813",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,90 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: KEYS: trusted: dcp: fix leak of blob encrypted key Las claves confiables abren el blob de la clave al cargar, pero mantienen la carga sellada en el campo blob para que cada lectura posterior (exportaci\u00f3n) simplemente convierta este campo a hexadecimal y lo env\u00ede al espacio de usuario. Con claves confiables basadas en DCP, desciframos la clave de cifrado de blob (BEK) en el kernel debido a limitaciones de hardware y luego desciframos el payload del blob. El descifrado de BEK se realiza en el lugar, lo que significa que el campo blob de la clave confiable se modifica y, en consecuencia, contiene la BEK en texto plano. Cada lectura posterior de esa clave env\u00eda la BEK en texto plano en lugar de la BEK cifrada al espacio de usuario. Este problema solo ocurre cuando se importa una clave confiable basada en DCP y luego se vuelve a exportar. Esto rara vez deber\u00eda suceder, ya que los casos de uso comunes son crear una nueva clave confiable y exportarla, o importar un blob de clave y luego simplemente usarlo sin exportarlo nuevamente. Solucione este problema realizando el descifrado y cifrado de BEK en un b\u00fafer dedicado. Adem\u00e1s, borre siempre el b\u00fafer de BEK de texto plano para evitar la fuga de la clave a trav\u00e9s de la memoria no inicializada."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.10",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "E55C1263-DF43-41EF-8DA8-2BA68DF4FFFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0e28bf61a5f9ab30be3f3b4eafb8d097e39446bb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9e3b266afcfe4294e84496f50f006f029d3100db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

97
CVE-2024/CVE-2024-450xx/CVE-2024-45005.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45005",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-04T20:15:08.940",
"lastModified": "2024-09-05T12:53:21.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-09T15:30:03.767",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,104 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: KVM: s390: soluciona el problema de intercepci\u00f3n de validez cuando gisa est\u00e1 desactivado Podemos encontrarnos con una validez de SIE si gisa se ha deshabilitado mediante el uso del par\u00e1metro del kernel \"kvm.use_gisa=0\" o configurando el atributo sysfs relacionado en N (echo N >/sys/module/kvm/parameters/use_gisa). La validez es causada por un valor no v\u00e1lido en la designaci\u00f3n gisa del bloque de control SIE. Esto sucede porque pasamos el origen gisa no inicializado a virt_to_phys() antes de escribirlo en la designaci\u00f3n gisa. Para solucionar esto, devolvemos 0 en kvm_s390_get_gisa_desc() si el origen es 0. kvm_s390_get_gisa_desc() se utiliza para determinar qu\u00e9 designaci\u00f3n gisa establecer en el bloque de control SIE. Un valor de 0 en la designaci\u00f3n gisa deshabilita el uso de gisa. El problema aparece en el kernel del host con el siguiente mensaje del kernel tan pronto como se intenta iniciar un nuevo invitado kvm. kvm: interceptaci\u00f3n de validez no controlada 0x1011 WARNING: CPU: 0 PID: 781237 at arch/s390/kvm/intercept.c:101 kvm_handle_sie_intercept+0x42e/0x4d0 [kvm] Modules linked in: vhost_net tap tun xt_CHECKSUM xt_MASQUERADE xt_conntrack ipt_REJECT xt_tcpudp nft_compat x_tables nf_nat_tftp nf_conntrack_tftp vfio_pci_core irqbypass vhost_vsock vmw_vsock_virtio_transport_common vsock vhost vhost_iotlb kvm nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables sunrpc mlx5_ib ib_uverbs ib_core mlx5_core uvdevice s390_trng eadm_sch vfio_ccw zcrypt_cex4 mdev vfio_iommu_type1 vfio sch_fq_codel drm i2c_core loop drm_panel_orientation_quirks configfs nfnetlink lcs ctcm fsm dm_service_time ghash_s390 prng chacha_s390 libchacha aes_s390 des_s390 libdes sha3_512_s390 sha3_256_s390 sha512_s390 sha256_s390 sha1_s390 sha_common dm_mirror dm_region_hash dm_log zfcp scsi_transport_fc scsi_dh_rdac scsi_dh_emc scsi_dh_alua pkey zcrypt dm_multipath rng_core autofs4 [last unloaded: vfio_pci] CPU: 0 PID: 781237 Comm: CPU 0/KVM Not tainted 6.10.0-08682-gcad9f11498ea #6 Hardware name: IBM 3931 A01 701 (LPAR) Krnl PSW : 0704c00180000000 000003d93deb0122 (kvm_handle_sie_intercept+0x432/0x4d0 [kvm]) R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:0 PM:0 RI:0 EA:3 Krnl GPRS: 000003d900000027 000003d900000023 0000000000000028 000002cd00000000 000002d063a00900 00000359c6daf708 00000000000bebb5 0000000000001eff 000002cfd82e9000 000002cfd80bc000 0000000000001011 000003d93deda412 000003ff8962df98 000003d93de77ce0 000003d93deb011e 00000359c6daf960 Krnl Code: 000003d93deb0112: c020fffe7259 larl %r2,000003d93de7e5c4 000003d93deb0118: c0e53fa8beac brasl %r14,000003d9bd3c7e70 #000003d93deb011e: af000000 mc 0,0 >000003d93deb0122: a728ffea lhi %r2,-22 000003d93deb0126: a7f4fe24 brc 15,000003d93deafd6e 000003d93deb012a: 9101f0b0 tm 176(%r15),1 000003d93deb012e: a774fe48 brc 7,000003d93deafdbe 000003d93deb0132: 40a0f0ae sth %r10,174(%r15) Call Trace: [<000003d93deb0122>] kvm_handle_sie_intercept+0x432/0x4d0 [kvm] ([<000003d93deb011e>] kvm_handle_sie_intercept+0x42e/0x4d0 [kvm]) [<000003d93deacc10>] vcpu_post_run+0x1d0/0x3b0 [kvm] [<000003d93deaceda>] __vcpu_run+0xea/0x2d0 [kvm] [<000003d93dead9da>] kvm_arch_vcpu_ioctl_run+0x16a/0x430 [kvm] [<000003d93de93ee0>] kvm_vcpu_ioctl+0x190/0x7c0 [kvm] [<000003d9bd728b4e>] vfs_ioctl+0x2e/0x70 [<000003d9bd72a092>] __s390x_sys_ioctl+0xc2/0xd0 [<000003d9be0e9222>] __do_syscall+0x1f2/0x2e0 [<000003d9be0f9a90>] system_call+0x70/0x98 Last Breaking-Event-Address: [<000003d9bd3c7f58>] __warn_printk+0xe8/0xf0"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.48",
"matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/027ac3c5092561bccce09b314a73a1c167117ef6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/051c0a558154174cfcea301a386e4c91ade83ce1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5a44bb061d04b0306f2aa8add761d86d152b9377",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

56
CVE-2024/CVE-2024-451xx/CVE-2024-45136.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45136",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-10-09T15:15:13.163",
"lastModified": "2024-10-09T15:15:13.163",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "InCopy versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker. An attacker could exploit this vulnerability by uploading a malicious file which can then be executed on the server. Exploitation of this issue requires user interaction."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/incopy/apsb24-79.html",
"source": "psirt@adobe.com"
}
]
}

56
CVE-2024/CVE-2024-451xx/CVE-2024-45137.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45137",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-10-09T15:15:13.373",
"lastModified": "2024-10-09T15:15:13.373",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "InDesign Desktop versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by uploading a malicious file which, when executed, could run arbitrary code in the context of the server. Exploitation of this issue requires user interaction."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/incopy/apsb24-79.html",
"source": "psirt@adobe.com"
}
]
}

56
CVE-2024/CVE-2024-451xx/CVE-2024-45138.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45138",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-10-09T14:15:05.723",
"lastModified": "2024-10-09T14:15:05.723",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Stager versions 3.0.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html",
"source": "psirt@adobe.com"
}
]
}

56
CVE-2024/CVE-2024-451xx/CVE-2024-45139.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45139",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-10-09T14:15:05.947",
"lastModified": "2024-10-09T14:15:05.947",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html",
"source": "psirt@adobe.com"
}
]
}

56
CVE-2024/CVE-2024-451xx/CVE-2024-45140.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45140",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-10-09T14:15:06.167",
"lastModified": "2024-10-09T14:15:06.167",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html",
"source": "psirt@adobe.com"
}
]
}

56
CVE-2024/CVE-2024-451xx/CVE-2024-45141.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45141",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-10-09T14:15:06.380",
"lastModified": "2024-10-09T14:15:06.380",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html",
"source": "psirt@adobe.com"
}
]
}

56
CVE-2024/CVE-2024-451xx/CVE-2024-45142.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45142",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-10-09T14:15:06.583",
"lastModified": "2024-10-09T14:15:06.583",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Stager versions 3.0.3 and earlier are affected by a Write-what-where Condition vulnerability that could allow an attacker to execute arbitrary code in the context of the current user. This vulnerability allows an attacker to write a controlled value to an arbitrary memory location, potentially leading to code execution. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-123"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html",
"source": "psirt@adobe.com"
}
]
}

56
CVE-2024/CVE-2024-451xx/CVE-2024-45143.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45143",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-10-09T14:15:06.783",
"lastModified": "2024-10-09T14:15:06.783",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html",
"source": "psirt@adobe.com"
}
]
}

56
CVE-2024/CVE-2024-451xx/CVE-2024-45144.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45144",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-10-09T14:15:06.973",
"lastModified": "2024-10-09T14:15:06.973",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html",
"source": "psirt@adobe.com"
}
]
}

56
CVE-2024/CVE-2024-451xx/CVE-2024-45152.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45152",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-10-09T14:15:07.183",
"lastModified": "2024-10-09T14:15:07.183",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html",
"source": "psirt@adobe.com"
}
]
}

43
CVE-2024/CVE-2024-451xx/CVE-2024-45179.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-45179",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-09T04:15:09.487",
"lastModified": "2024-10-09T04:15:09.487",
"lastModified": "2024-10-09T14:35:11.783",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to insufficient input validation, the C-MOR web interface is vulnerable to OS command injection attacks. It was found out that different functionality is vulnerable to OS command injection attacks, for example for generating new X.509 certificates, or setting the time zone. These OS command injection vulnerabilities in the script generatesslreq.pml can be exploited as a low-privileged authenticated user to execute commands in the context of the Linux user www-data via shell metacharacters in HTTP POST data (e.g., the city parameter). The OS command injection vulnerability in the script settimezone.pml or setdatetime.pml (e.g., via the year parameter) requires an administrative user for the C-MOR web interface. By also exploiting a privilege-escalation vulnerability, it is possible to execute commands on the C-MOR system with root privileges."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en za-internet C-MOR Video Surveillance 5.2401 y 6.00PL01. Debido a una validaci\u00f3n de entrada insuficiente, la interfaz web de C-MOR es vulnerable a ataques de inyecci\u00f3n de comandos del SO. Se descubri\u00f3 que diferentes funciones son vulnerables a ataques de inyecci\u00f3n de comandos del SO, por ejemplo, para generar nuevos certificados X.509 o configurar la zona horaria. Estas vulnerabilidades de inyecci\u00f3n de comandos del SO en el script generatesslreq.pml se pueden explotar como un usuario autenticado con privilegios bajos para ejecutar comandos en el contexto del usuario Linux www-data a trav\u00e9s de metacaracteres de shell en datos HTTP POST (por ejemplo, el par\u00e1metro city). La vulnerabilidad de inyecci\u00f3n de comandos del SO en el script settimezone.pml o setdatetime.pml (por ejemplo, a trav\u00e9s del par\u00e1metro year) requiere un usuario administrativo para la interfaz web de C-MOR. Al explotar tambi\u00e9n una vulnerabilidad de escalada de privilegios, es posible ejecutar comandos en el sistema C-MOR con privilegios de root."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1289"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-030.txt",

6
CVE-2024/CVE-2024-453xx/CVE-2024-45394.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-45394",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-03T21:15:16.350",
"lastModified": "2024-09-17T13:26:42.567",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-09T15:15:13.600",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authenticator is a browser extensions that generates two-step verification codes. In versions 7.0.0 and below, encryption keys for user data were stored encrypted at-rest using only AES-256 and the EVP_BytesToKey KDF. Therefore, attackers with a copy of a user's data are able to brute-force the user's encryption key. Users on version 8.0.0 and above are automatically migrated away from the weak encoding on first login. Users should destroy encrypted backups made with versions prior to 8.0.0."
"value": "Authenticator is a browser extension that generates two-step verification codes. In versions 7.0.0 and below, encryption keys for user data were stored encrypted at-rest using only AES-256 and the EVP_BytesToKey KDF. Therefore, attackers with a copy of a user's data are able to brute-force the user's encryption key. Users on version 8.0.0 and above are automatically migrated away from the weak encoding on first login. Users should destroy encrypted backups made with versions prior to 8.0.0."
},
{
"lang": "es",

21
CVE-2024/CVE-2024-462xx/CVE-2024-46237.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-46237",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-09T14:15:07.393",
"lastModified": "2024-10-09T14:15:07.393",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) via the patname, pataddress, and medhis parameters in doctor/add-patient.php and doctor/edit-patient.php."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/npemma2/PHP_Gurukul_Hospital_Management_System_XSS",
"source": "cve@mitre.org"
}
]
}

43
CVE-2024/CVE-2024-464xx/CVE-2024-46410.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-46410",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-08T18:15:30.480",
"lastModified": "2024-10-08T18:15:30.480",
"lastModified": "2024-10-09T15:35:16.780",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PublicCMS V4.0.202406.d was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted script to the Category Managment feature"
},
{
"lang": "es",
"value": "Se descubri\u00f3 que PublicCMS V4.0.202406.d conten\u00eda una vulnerabilidad de Cross-site Scripting (XSS) a trav\u00e9s de una secuencia de comandos manipulada para la funci\u00f3n de administraci\u00f3n de categor\u00edas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://gitee.com/sanluan/PublicCMS",

137
CVE-2024/CVE-2024-468xx/CVE-2024-46832.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46832",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-27T13:15:15.517",
"lastModified": "2024-09-30T12:45:57.823",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-09T15:51:20.700",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,150 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: MIPS: cevt-r4k: No llame a get_c0_compare_int si el irq del temporizador est\u00e1 instalado Esto evita la advertencia: [ 0.118053] ERROR: funci\u00f3n inactiva llamada desde un contexto no v\u00e1lido en kernel/locking/mutex.c:283 Causado por get_c0_compare_int en la CPU secundaria. Tambi\u00e9n omitimos guardar el n\u00famero de IRQ en struct clock_event_device *cd ya que nunca lo usa el n\u00facleo clockevent, seg\u00fan los comentarios, solo est\u00e1 destinado a \"dispositivos locales que no sean de CPU\"."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.226",
"matchCriteriaId": "2C67534D-8BBC-4069-8DEA-62295B16358C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.167",
"matchCriteriaId": "043405A4-25FE-45D4-A7BB-2A0C3B7D17C1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.110",
"matchCriteriaId": "6B1A95FC-7E7E-428B-BB59-F76640C652AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.51",
"matchCriteriaId": "E4529134-BAC4-4776-840B-304009E181A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.10",
"matchCriteriaId": "ACDEE48C-137A-4731-90D0-A675865E1BED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/189d3ed3b25beee26ffe2abed278208bece13f52",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/32ee0520159f1e8c2d6597c19690df452c528f30",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/50f2b98dc83de7809a5c5bf0ccf9af2e75c37c13",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b1d2051373bfc65371ce4ac8911ed984d0178c98",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d3ff0f98a52f0aafe35aa314d1c442f4318be3db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e6cd871627abbb459d0ff6521d6bb9cf9d9f7522",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

84
CVE-2024/CVE-2024-468xx/CVE-2024-46833.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46833",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-27T13:15:15.593",
"lastModified": "2024-09-30T12:45:57.823",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-09T15:54:38.123",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: hns3: void array out of bound when loop tnl_num Cuando se consulta reg inf de SSU, se repite tnl_num veces. Sin embargo, tnl_num proviene del hardware y la longitud de la matriz es un valor fijo. Para anular la matriz fuera de los l\u00edmites, aseg\u00farese de que el tiempo de repetici\u00f3n no sea mayor que la longitud de la matriz"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-129"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10.10",
"matchCriteriaId": "75C6119D-9E8D-431D-813F-FE84579072CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/86db7bfb06704ef17340eeae71c832f21cfce35c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c33a9806dc806bcb4a31dc71fb06979219181ad4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

69
CVE-2024/CVE-2024-468xx/CVE-2024-46834.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46834",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-27T13:15:15.660",
"lastModified": "2024-09-30T12:45:57.823",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-09T15:57:03.037",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,74 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ethtool: error cerrado si no podemos obtener el canal m\u00e1ximo usado en las tablas de indirecci\u00f3n. El commit 0d1b7d6c9274 (\"bnxt: corregir fallos al reducir el recuento de anillos con contextos RSS activos\") demuestra que permitir que la tabla de indirecci\u00f3n contenga canales con identificadores fuera de los l\u00edmites puede provocar fallos. Actualmente, la comprobaci\u00f3n del canal m\u00e1ximo en el n\u00facleo se omite si el controlador no puede obtener la tabla de indirecci\u00f3n o cuando no podemos asignar memoria. Ambas condiciones deber\u00edan ser extremadamente raras, pero si ocurren, debemos intentar ser seguros y fallar el cambio de canal."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10.10",
"matchCriteriaId": "75C6119D-9E8D-431D-813F-FE84579072CB"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/101737d8b88dbd4be6010bac398fe810f1950036",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2899d58462ba868287d6ff3acad3675e7adf934f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

93
CVE-2024/CVE-2024-468xx/CVE-2024-46836.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46836",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-27T13:15:15.780",
"lastModified": "2024-09-30T12:45:57.823",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-09T15:47:55.187",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,102 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: gadget: aspeed_udc: validar \u00edndice de endpoint para ast udc Debemos verificar el l\u00edmite de la matriz para asegurarnos de que el host no pueda manipular el \u00edndice para que apunte m\u00e1s all\u00e1 de la matriz de endpoints. Se encontr\u00f3 mediante an\u00e1lisis est\u00e1tico."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-129"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.110",
"matchCriteriaId": "4B07FE1B-3332-4F75-AABA-811FFB530187"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.51",
"matchCriteriaId": "E4529134-BAC4-4776-840B-304009E181A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.10",
"matchCriteriaId": "ACDEE48C-137A-4731-90D0-A675865E1BED"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/31bd4fab49c0adc6228848357c1b1df9395858af",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6fe9ca2ca389114c8da66e534c18273497843e8a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b2a50ffdd1a079869a62198a8d1441355c513c7c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ee0d382feb44ec0f445e2ad63786cd7f3f6a8199",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

100
CVE-2024/CVE-2024-468xx/CVE-2024-46837.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46837",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-27T13:15:15.850",
"lastModified": "2024-09-30T12:45:57.823",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-09T15:37:51.653",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,105 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/panthor: Restringir altas prioridades en group_create Permit\u00edamos que cualquier usuario creara un grupo de alta prioridad sin ninguna verificaci\u00f3n de permisos. Como resultado, esto permit\u00eda una posible denegaci\u00f3n de servicio. Ahora solo permitimos que el maestro DRM o los usuarios con la capacidad CAP_SYS_NICE establezcan prioridades m\u00e1s altas que PANTHOR_GROUP_PRIORITY_MEDIUM. Como el \u00fanico usuario de esa uAPI vive en Mesa y codifica un valor de MEDIUM [1], esto deber\u00eda ser seguro de hacer. Adem\u00e1s, como esas verificaciones se realizan en el nivel ioctl, panthor_group_create ahora solo verifica la validez del nivel de prioridad. [1]https://gitlab.freedesktop.org/mesa/mesa/-/blob/f390835074bdf162a63deb0311d1a6de527f9f89/src/gallium/drivers/panfrost/pan_csf.c#L1038"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.10",
"versionEndExcluding": "6.10.10",
"matchCriteriaId": "D16659A9-BECD-4E13-8994-B096652762E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc6:*:*:*:*:*:*",
"matchCriteriaId": "B77A9280-37E6-49AD-B559-5B23A3B1DC3D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/33eb0344e186a2bcc257c6c5a6e65c1cb42adb4a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5f7762042f8a5377bd8a32844db353c0311a7369",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

112
CVE-2024/CVE-2024-468xx/CVE-2024-46838.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46838",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-27T13:15:15.920",
"lastModified": "2024-09-30T12:45:57.823",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-09T15:35:40.827",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,119 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: userfaultfd: no ejecutar BUG_ON() si khugepaged extrae nuestra tabla de p\u00e1ginas Dado que khugepaged se modific\u00f3 para permitir la extracci\u00f3n de tablas de p\u00e1ginas en asignaciones de archivos sin mantener el bloqueo mmap, estos BUG_ON() son incorrectos: desh\u00e1gase de ellos. Tambi\u00e9n podr\u00edamos eliminar el bloque \"if (unlikely(...))\" anterior, pero entonces podr\u00edamos llegar a pte_offset_map_lock() con p\u00e1ginas transhuge no solo para asignaciones de archivos sino tambi\u00e9n para asignaciones an\u00f3nimas, lo que probablemente estar\u00eda bien, pero creo que no es necesariamente lo esperado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.51",
"matchCriteriaId": "25B5F323-C9C2-4F67-BF42-0C5BDD860576"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.10",
"matchCriteriaId": "ACDEE48C-137A-4731-90D0-A675865E1BED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc6:*:*:*:*:*:*",
"matchCriteriaId": "B77A9280-37E6-49AD-B559-5B23A3B1DC3D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4828d207dc5161dc7ddf9a4f6dcfd80c7dd7d20a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4a594acc12d5954cdc71d4450a386748bf3d136a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/db978287e908d48b209e374b00d847b2d785e0a9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

25
CVE-2024/CVE-2024-468xx/CVE-2024-46870.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46870",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T14:15:07.463",
"lastModified": "2024-10-09T14:15:07.463",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Disable DMCUB timeout for DCN35\n\n[Why]\nDMCUB can intermittently take longer than expected to process commands.\n\nOld ASIC policy was to continue while logging a diagnostic error - which\nworks fine for ASIC without IPS, but with IPS this could lead to a race\ncondition where we attempt to access DCN state while it's inaccessible,\nleading to a system hang when the NIU port is not disabled or register\naccesses that timeout and the display configuration in an undefined\nstate.\n\n[How]\nWe need to investigate why these accesses take longer than expected, but\nfor now we should disable the timeout on DCN35 to avoid this race\ncondition. Since the waits happen only at lower interrupt levels the\nrisk of taking too long at higher IRQ and causing a system watchdog\ntimeout are minimal."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/31c254c9cd4b122a10db297124f867107a696d83",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7c70e60fbf4bff1123f0e8d5cb1ae71df6164d7f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-468xx/CVE-2024-46871.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-46871",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T14:15:07.533",
"lastModified": "2024-10-09T14:15:07.533",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX\n\n[Why & How]\nIt actually exposes '6' types in enum dmub_notification_type. Not 5. Using smaller\nnumber to create array dmub_callback & dmub_thread_offload has potential to access\nitem out of array bound. Fix it."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/800a5ab673c4a61ca220cce177386723d91bdb37",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9f404b0bc2df3880758fb3c3bc7496f596f347d7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ad28d7c3d989fc5689581664653879d664da76f0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c592b6355b9b57b8e59fc5978ce1e14f64488a98",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

56
CVE-2024/CVE-2024-474xx/CVE-2024-47421.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-47421",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-10-09T15:15:13.977",
"lastModified": "2024-10-09T15:15:13.977",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/framemaker/apsb24-82.html",
"source": "psirt@adobe.com"
}
]
}

56
CVE-2024/CVE-2024-474xx/CVE-2024-47422.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-47422",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-10-09T15:15:14.190",
"lastModified": "2024-10-09T15:15:14.190",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious path into the search directories, which the application could unknowingly execute. This could allow the attacker to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-426"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/framemaker/apsb24-82.html",
"source": "psirt@adobe.com"
}
]
}

56
CVE-2024/CVE-2024-474xx/CVE-2024-47423.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-47423",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-10-09T15:15:14.393",
"lastModified": "2024-10-09T15:15:14.393",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by uploading a malicious file which can be automatically processed or executed by the system. Exploitation of this issue requires user interaction."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/framemaker/apsb24-82.html",
"source": "psirt@adobe.com"
}
]
}

56
CVE-2024/CVE-2024-474xx/CVE-2024-47424.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-47424",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-10-09T15:15:14.600",
"lastModified": "2024-10-09T15:15:14.600",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/framemaker/apsb24-82.html",
"source": "psirt@adobe.com"
}
]
}

56
CVE-2024/CVE-2024-474xx/CVE-2024-47425.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-47425",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-10-09T15:15:14.800",
"lastModified": "2024-10-09T15:15:14.800",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-191"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/framemaker/apsb24-82.html",
"source": "psirt@adobe.com"
}
]
}

29
CVE-2024/CVE-2024-476xx/CVE-2024-47658.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-47658",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T14:15:07.603",
"lastModified": "2024-10-09T14:15:07.603",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: stm32/cryp - call finalize with bh disabled\n\nThe finalize operation in interrupt mode produce a produces a spinlock\nrecursion warning. The reason is the fact that BH must be disabled\nduring this process."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/56ddb9aa3b324c2d9645b5a7343e46010cf3f6ce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5d734665cd5d93270731e0ff1dd673fec677f447",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d93a2f86b0a998aa1f0870c85a2a60a0771ef89a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-476xx/CVE-2024-47659.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-47659",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T14:15:07.660",
"lastModified": "2024-10-09T14:15:07.660",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmack: tcp: ipv4, fix incorrect labeling\n\nCurrently, Smack mirrors the label of incoming tcp/ipv4 connections:\nwhen a label 'foo' connects to a label 'bar' with tcp/ipv4,\n'foo' always gets 'foo' in returned ipv4 packets. So,\n1) returned packets are incorrectly labeled ('foo' instead of 'bar')\n2) 'bar' can write to 'foo' without being authorized to write.\n\nHere is a scenario how to see this:\n\n* Take two machines, let's call them C and S,\n with active Smack in the default state\n (no settings, no rules, no labeled hosts, only builtin labels)\n\n* At S, add Smack rule 'foo bar w'\n (labels 'foo' and 'bar' are instantiated at S at this moment)\n\n* At S, at label 'bar', launch a program\n that listens for incoming tcp/ipv4 connections\n\n* From C, at label 'foo', connect to the listener at S.\n (label 'foo' is instantiated at C at this moment)\n Connection succeedes and works.\n\n* Send some data in both directions.\n* Collect network traffic of this connection.\n\nAll packets in both directions are labeled with the CIPSO\nof the label 'foo'. Hence, label 'bar' writes to 'foo' without\nbeing authorized, and even without ever being known at C.\n\nIf anybody cares: exactly the same happens with DCCP.\n\nThis behavior 1st manifested in release 2.6.29.4 (see Fixes below)\nand it looks unintentional. At least, no explanation was provided.\n\nI changed returned packes label into the 'bar',\nto bring it into line with the Smack documentation claims."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0776bcf9cb6de46fdd94d10118de1cf9b05f83b9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0aea09e82eafa50a373fc8a4b84c1d4734751e2c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2fe209d0ad2e2729f7e22b9b31a86cc3ff0db550",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4be9fd15c3c88775bdf6fa37acabe6de85beebff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5b4b304f196c070342e32a4752e1fa2e22fc0671",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a948ec993541db4ef392b555c37a1186f4d61670",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d3703fa94116fed91f64c7d1c7d284fb4369070f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d3f56c653c65f170b172d3c23120bc64ada645d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2024/CVE-2024-476xx/CVE-2024-47660.json Normal file
View File

@ -0,0 +1,41 @@
{
"id": "CVE-2024-47660",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T14:15:07.730",
"lastModified": "2024-10-09T14:15:07.730",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfsnotify: clear PARENT_WATCHED flags lazily\n\nIn some setups directories can have many (usually negative) dentries.\nHence __fsnotify_update_child_dentry_flags() function can take a\nsignificant amount of time. Since the bulk of this function happens\nunder inode->i_lock this causes a significant contention on the lock\nwhen we remove the watch from the directory as the\n__fsnotify_update_child_dentry_flags() call from fsnotify_recalc_mask()\nraces with __fsnotify_update_child_dentry_flags() calls from\n__fsnotify_parent() happening on children. This can lead upto softlockup\nreports reported by users.\n\nFix the problem by calling fsnotify_update_children_dentry_flags() to\nset PARENT_WATCHED flags only when parent starts watching children.\n\nWhen parent stops watching children, clear false positive PARENT_WATCHED\nflags lazily in __fsnotify_parent() for each accessed child."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/172e422ffea20a89bfdc672741c1aad6fbb5044e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3f3ef1d9f66b93913ce2171120d9226b55acd41d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7ef1d2e240c32b1f337a37232d037b07e3919e1a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d8c42405fc3507cc43ba7e4986a773c3fc633f6e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f9a48bc3dd9099935751458a5bbbea4b7c28abc8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fc1b1e135c3f72382f792e6c319fc088d5523ad5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-476xx/CVE-2024-47661.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-47661",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.020",
"lastModified": "2024-10-09T15:15:15.020",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid overflow from uint32_t to uint8_t\n\n[WHAT & HOW]\ndmub_rb_cmd's ramping_boundary has size of uint8_t and it is assigned\n0xFFFF. Fix it by changing it to uint8_t with value of 0xFF.\n\nThis fixes 2 INTEGER_OVERFLOW issues reported by Coverity."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/30d1b783b6eeaf49d311a072c70d618d993d01ec",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d6b54900c564e35989cf6813e4071504fa0a90e0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2024/CVE-2024-476xx/CVE-2024-47662.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-47662",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.080",
"lastModified": "2024-10-09T15:15:15.080",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Remove register from DCN35 DMCUB diagnostic collection\n\n[Why]\nThese registers should not be read from driver and triggering the\nsecurity violation when DMCUB work times out and diagnostics are\ncollected blocks Z8 entry.\n\n[How]\nRemove the register read from DCN35."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/466423c6dd8af23ebb3a69d43434d01aed0db356",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/eba4b2a38ccdf074a053834509545703d6df1d57",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-476xx/CVE-2024-47663.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-47663",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.150",
"lastModified": "2024-10-09T15:15:15.150",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: iio: frequency: ad9834: Validate frequency parameter value\n\nIn ad9834_write_frequency() clk_get_rate() can return 0. In such case\nad9834_calc_freqreg() call will lead to division by zero. Checking\n'if (fout > (clk_freq / 2))' doesn't protect in case of 'fout' is 0.\nad9834_write_frequency() is called from ad9834_write(), where fout is\ntaken from text buffer, which can contain any value.\n\nModify parameters checking.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0e727707a239d5c519fc9abc2f0fd913516a7e47",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3ba9abfcaa9e16bb91ed7e0e2b42e94a157a953e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/41cc91e3138fe52f8da92a81bebcd0e6cf488c53",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8961b245e8f92bccbaacfbbdf69eba60e3e7c227",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b48aa991758999d4e8f9296c5bbe388f293ef465",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d8b09a5edc4a634373158c1a405491de3c52e58a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dc12e49f970b08d8b007b8981b97e2eb93c0e89d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-476xx/CVE-2024-47664.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-47664",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.223",
"lastModified": "2024-10-09T15:15:15.223",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware\n\nIf the value of max_speed_hz is 0, it may cause a division by zero\nerror in hisi_calc_effective_speed().\nThe value of max_speed_hz is provided by firmware.\nFirmware is generally considered as a trusted domain. However, as\ndivision by zero errors can cause system failure, for defense measure,\nthe value of max_speed is validated here. So 0 is regarded as invalid\nand an error code is returned."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/16ccaf581da4fcf1e4d66086cf37263f9a656d43",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5127c42c77de18651aa9e8e0a3ced190103b449c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ee73a15d4a8ce8fb02d7866f7cf78fcdd16f0fcc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-476xx/CVE-2024-47665.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-47665",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.290",
"lastModified": "2024-10-09T15:15:15.290",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup\n\nDefinitely condition dma_get_cache_alignment * defined value > 256\nduring driver initialization is not reason to BUG_ON(). Turn that to\ngraceful error out with -EINVAL."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2666085335bdfedf90d91f4071490ad3980be785",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5a022269abb22809f2a174b90f200fc4b9526058",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8a2be2f1db268ec735419e53ef04ca039fc027dc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cacb76df247a7cd842ff29755a523b1cba6c0508",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e2d14bfda9eb5393f8a17008afe2aa7fe0a29815",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-476xx/CVE-2024-47666.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-47666",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.353",
"lastModified": "2024-10-09T15:15:15.353",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: pm80xx: Set phy->enable_completion only when we wait for it\n\npm8001_phy_control() populates the enable_completion pointer with a stack\naddress, sends a PHY_LINK_RESET / PHY_HARD_RESET, waits 300 ms, and\nreturns. The problem arises when a phy control response comes late. After\n300 ms the pm8001_phy_control() function returns and the passed\nenable_completion stack address is no longer valid. Late phy control\nresponse invokes complete() on a dangling enable_completion pointer which\nleads to a kernel crash."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/7b1d779647afaea9185fa2f150b1721e7c1aae89",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e4f949ef1516c0d74745ee54a0f4882c1f6c7aea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f14d3e1aa613311c744af32d75125e95fc8ffb84",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-476xx/CVE-2024-47667.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-47667",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.430",
"lastModified": "2024-10-09T15:15:15.430",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0)\n\nErrata #i2037 in AM65x/DRA80xM Processors Silicon Revision 1.0\n(SPRZ452D_July 2018_Revised December 2019 [1]) mentions when an\ninbound PCIe TLP spans more than two internal AXI 128-byte bursts,\nthe bus may corrupt the packet payload and the corrupt data may\ncause associated applications or the processor to hang.\n\nThe workaround for Errata #i2037 is to limit the maximum read\nrequest size and maximum payload size to 128 bytes. Add workaround\nfor Errata #i2037 here.\n\nThe errata and workaround is applicable only to AM65x SR 1.0 and\nlater versions of the silicon will have this fixed.\n\n[1] -> https://www.ti.com/lit/er/sprz452i/sprz452i.pdf"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/135843c351c08df72bdd4b4ebea53c8052a76881",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/576d0fb6f8d4bd4695e70eee173a1b9c7bae9572",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/86f271f22bbb6391410a07e08d6ca3757fda01fa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/af218c803fe298ddf00abef331aa526b20d7ea61",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cfb006e185f64edbbdf7869eac352442bc76b8f6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dd47051c76c8acd8cb983f01b4d1265da29cb66a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ebbdbbc580c1695dec283d0ba6448729dc993246",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

45
CVE-2024/CVE-2024-476xx/CVE-2024-47668.json Normal file
View File

@ -0,0 +1,45 @@
{
"id": "CVE-2024-47668",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.513",
"lastModified": "2024-10-09T15:15:15.513",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()\n\nIf we need to increase the tree depth, allocate a new node, and then\nrace with another thread that increased the tree depth before us, we'll\nstill have a preallocated node that might be used later.\n\nIf we then use that node for a new non-root node, it'll still have a\npointer to the old root instead of being zeroed - fix this by zeroing it\nin the cmpxchg failure path."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0f078f8ca93b28a34e20bd050f12cd4efeee7c0f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0f27f4f445390cb7f73d4209cb2bf32834dc53da",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/99418ec776a39609f50934720419e0b464ca2283",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ad5ee9feebc2eb8cfc76ed74a2d6e55343b0e169",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b2f11c6f3e1fc60742673b8675c95b78447f3dae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d942e855324a60107025c116245095632476613e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ebeff038744c498a036e7a92eb8e433ae0a386d7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

49
CVE-2024/CVE-2024-476xx/CVE-2024-47669.json Normal file
View File

@ -0,0 +1,49 @@
{
"id": "CVE-2024-47669",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.590",
"lastModified": "2024-10-09T15:15:15.590",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix state management in error path of log writing function\n\nAfter commit a694291a6211 (\"nilfs2: separate wait function from\nnilfs_segctor_write\") was applied, the log writing function\nnilfs_segctor_do_construct() was able to issue I/O requests continuously\neven if user data blocks were split into multiple logs across segments,\nbut two potential flaws were introduced in its error handling.\n\nFirst, if nilfs_segctor_begin_construction() fails while creating the\nsecond or subsequent logs, the log writing function returns without\ncalling nilfs_segctor_abort_construction(), so the writeback flag set on\npages/folios will remain uncleared. This causes page cache operations to\nhang waiting for the writeback flag. For example,\ntruncate_inode_pages_final(), which is called via nilfs_evict_inode() when\nan inode is evicted from memory, will hang.\n\nSecond, the NILFS_I_COLLECTED flag set on normal inodes remain uncleared. \nAs a result, if the next log write involves checkpoint creation, that's\nfine, but if a partial log write is performed that does not, inodes with\nNILFS_I_COLLECTED set are erroneously removed from the \"sc_dirty_files\"\nlist, and their data and b-tree blocks may not be written to the device,\ncorrupting the block mapping.\n\nFix these issues by uniformly calling nilfs_segctor_abort_construction()\non failure of each step in the loop in nilfs_segctor_do_construct(),\nhaving it clean up logs and segment usages according to progress, and\ncorrecting the conditions for calling nilfs_redirty_inodes() to ensure\nthat the NILFS_I_COLLECTED flag is cleared."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/036441e8438b29111fa75008f0ce305fb4e83c0a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0a1a961bde4351dc047ffdeb2f1311ca16a700cc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/30562eff4a6dd35c4b5be9699ef61ad9f5f20a06",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3e349d7191f0688fc9808ef24fd4e4b4ef5ca876",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/40a2757de2c376ef8a08d9ee9c81e77f3c750adf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6576dd6695f2afca3f4954029ac4a64f82ba60ab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/74866c16ea2183f52925fa5d76061a1fe7f7737b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/efdde00d4a1ef10bb71e09ebc67823a3d3ad725b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-476xx/CVE-2024-47670.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-47670",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.673",
"lastModified": "2024-10-09T15:15:15.673",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: add bounds checking to ocfs2_xattr_find_entry()\n\nAdd a paranoia check to make sure it doesn't stray beyond valid memory\nregion containing ocfs2 xattr entries when scanning for a match. It will\nprevent out-of-bound access in case of crafted images."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1f6e167d6753fe3ea493cdc7f7de8d03147a4d39",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8e7bef408261746c160853fc27df3139659f5f77",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9b32539590a8e6400ac2f6e7cf9cbb8e08711a2f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9e3041fecdc8f78a5900c3aa51d3d756e73264d6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-476xx/CVE-2024-47671.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-47671",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.753",
"lastModified": "2024-10-09T15:15:15.753",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usbtmc: prevent kernel-usb-infoleak\n\nThe syzbot reported a kernel-usb-infoleak in usbtmc_write,\nwe need to clear the structure before filling fields."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/51297ef7ad7824ad577337f273cd092e81a9fa08",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/625fa77151f00c1bd00d34d60d6f2e710b3f9aad",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6c7fc36da021b13c34c572a26ba336cd102418f8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ba6269e187aa1b1f20faf3c458831a0d6350304b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e872738e670ddd63e19f22d0d784f0bdf26ecba5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-476xx/CVE-2024-47672.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-47672",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.827",
"lastModified": "2024-10-09T15:15:15.827",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead\n\nThere is a WARNING in iwl_trans_wait_tx_queues_empty() (that was\nrecently converted from just a message), that can be hit if we\nwait for TX queues to become empty after firmware died. Clearly,\nwe can't expect anything from the firmware after it's declared dead.\n\nDon't call iwl_trans_wait_tx_queues_empty() in this case. While it could\nbe a good idea to stop the flow earlier, the flush functions do some\nmaintenance work that is not related to the firmware, so keep that part\nof the code running even when the firmware is not running.\n\n[edit commit message]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1b0cd832c9607f41f84053b818e0b7908510a3b9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3a84454f5204718ca5b4ad2c1f0bf2031e2403d1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4d0a900ec470d392476c428875dbf053f8a0ae5e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7188b7a72320367554b76d8f298417b070b05dd3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

Some files were not shown because too many files have changed in this diff Show More