admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-07-08T18:00:12.780009+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-07-08 18:03:48 +00:00
parent cdebead738
commit 040347d9c7
886 changed files with 19660 additions and 2915 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CVE-2011/CVE-2011-52xx/CVE-2011-5280.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2011-5280",
"sourceIdentifier": "cve@mitre.org",
"published": "2014-06-02T15:55:07.807",
"lastModified": "2025-04-12T10:46:40.837",
"lastModified": "2025-07-08T17:33:43.070",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
@ -63,13 +63,13 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rom_walton:boinc:6.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F804F55D-D23F-4ADD-8245-C855D6C87CA2"
"criteria": "cpe:2.3:a:universityofcalifornia:boinc_client:6.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01464AAC-49E5-4224-9C0E-E7F7C46CD11D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rom_walton:boinc:6.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F91D11C0-A1CC-430B-8FE6-490C9A1E0682"
"criteria": "cpe:2.3:a:universityofcalifornia:boinc_client:6.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE986A5-B8D0-460D-8172-8EA0D58060D1"
}
]
}

48
CVE-2012/CVE-2012-58xx/CVE-2012-5861.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2012-5861",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2012-11-23T12:09:58.367",
"lastModified": "2025-04-11T00:51:21.963",
"lastModified": "2025-07-08T16:15:25.743",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities on the Sinapsi eSolar Light Photovoltaic System Monitor (aka Schneider Electric Ezylog photovoltaic SCADA management server), Sinapsi eSolar, and Sinapsi eSolar DUO with firmware before 2.0.2870_2.2.12 allow remote attackers to execute arbitrary SQL commands via (1) the inverterselect parameter in a primo action to dettagliinverter.php or (2) the lingua parameter to changelanguagesession.php."
"value": "These Sinapsi devices do not check the validity of the data before \nexecuting queries. By accessing the SQL table of certain pages that do \nnot require authentication within the device, attackers can leak \ninformation from the device. This could allow the attacker to compromise\n confidentiality."
},
{
"lang": "es",
@ -17,6 +17,29 @@
],
"metrics": {
"cvssMetricV2": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"baseScore": 7.8,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
},
{
"source": "nvd@nist.gov",
"type": "Primary",
@ -44,7 +67,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
@ -52,6 +75,16 @@
"value": "CWE-89"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
@ -114,14 +147,11 @@
"source": "ics-cert@hq.dhs.gov"
},
{
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-325-01.pdf",
"source": "ics-cert@hq.dhs.gov",
"tags": [
"US Government Resource"
]
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80200",
"source": "ics-cert@hq.dhs.gov"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80201",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-12-325-01",
"source": "ics-cert@hq.dhs.gov"
},
{

48
CVE-2012/CVE-2012-58xx/CVE-2012-5862.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2012-5862",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2012-11-23T12:09:58.430",
"lastModified": "2025-04-11T00:51:21.963",
"lastModified": "2025-07-08T16:15:26.580",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "login.php on the Sinapsi eSolar Light Photovoltaic System Monitor (aka Schneider Electric Ezylog photovoltaic SCADA management server), Sinapsi eSolar, and Sinapsi eSolar DUO with firmware before 2.0.2870_2.2.12 establishes multiple hardcoded accounts, which makes it easier for remote attackers to obtain administrative access by leveraging a (1) cleartext password or (2) password hash contained in this script, as demonstrated by a password of astridservice or 36e44c9b64."
"value": "These Sinapsi devices\nstore hard-coded passwords in the PHP file of the device. By using the \nhard-coded passwords in the device, attackers can log into the device \nwith administrative privileges. This could allow the attacker to have \nunauthorized access."
},
{
"lang": "es",
@ -17,6 +17,29 @@
],
"metrics": {
"cvssMetricV2": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"baseScore": 10.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
},
{
"source": "nvd@nist.gov",
"type": "Primary",
@ -44,8 +67,18 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-259"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -114,14 +147,11 @@
"source": "ics-cert@hq.dhs.gov"
},
{
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-325-01.pdf",
"source": "ics-cert@hq.dhs.gov",
"tags": [
"US Government Resource"
]
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80200",
"source": "ics-cert@hq.dhs.gov"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80200",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-12-325-01",
"source": "ics-cert@hq.dhs.gov"
},
{

48
CVE-2012/CVE-2012-58xx/CVE-2012-5863.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2012-5863",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2012-11-23T12:09:58.477",
"lastModified": "2025-04-11T00:51:21.963",
"lastModified": "2025-07-08T16:15:26.747",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ping.php on the Sinapsi eSolar Light Photovoltaic System Monitor (aka Schneider Electric Ezylog photovoltaic SCADA management server), Sinapsi eSolar, and Sinapsi eSolar DUO with firmware before 2.0.2870_2.2.12 allows remote attackers to execute arbitrary commands via shell metacharacters in the ip_dominio parameter."
"value": "These Sinapsi devices do not check for special elements in commands sent \nto the system. By accessing certain pages with administrative privileges\n that do not require authentication within the device, attackers can \nexecute arbitrary, unexpected, or dangerous commands directly onto the \noperating system."
},
{
"lang": "es",
@ -17,6 +17,29 @@
],
"metrics": {
"cvssMetricV2": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"baseScore": 10.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
},
{
"source": "nvd@nist.gov",
"type": "Primary",
@ -44,8 +67,18 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -114,14 +147,11 @@
"source": "ics-cert@hq.dhs.gov"
},
{
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-325-01.pdf",
"source": "ics-cert@hq.dhs.gov",
"tags": [
"US Government Resource"
]
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80200",
"source": "ics-cert@hq.dhs.gov"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80202",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-12-325-01",
"source": "ics-cert@hq.dhs.gov"
},
{

48
CVE-2012/CVE-2012-58xx/CVE-2012-5864.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2012-5864",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2012-11-23T12:09:58.540",
"lastModified": "2025-04-11T00:51:21.963",
"lastModified": "2025-07-08T16:15:26.917",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The management web pages on the Sinapsi eSolar Light Photovoltaic System Monitor (aka Schneider Electric Ezylog photovoltaic SCADA management server), Sinapsi eSolar, and Sinapsi eSolar DUO with firmware before 2.0.2870_2.2.12 do not require authentication, which allows remote attackers to obtain administrative access via a direct request, as demonstrated by a request to ping.php."
"value": "These Sinapsi devices \ndo not check if users that visit pages within the device have properly \nauthenticated. By directly visiting the pages within the device, \nattackers can gain unauthorized access with administrative privileges."
},
{
"lang": "es",
@ -17,6 +17,29 @@
],
"metrics": {
"cvssMetricV2": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
"baseScore": 9.4,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "NONE"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 9.2,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
},
{
"source": "nvd@nist.gov",
"type": "Primary",
@ -44,8 +67,18 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -114,14 +147,11 @@
"source": "ics-cert@hq.dhs.gov"
},
{
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-325-01.pdf",
"source": "ics-cert@hq.dhs.gov",
"tags": [
"US Government Resource"
]
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80200",
"source": "ics-cert@hq.dhs.gov"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80203",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-12-325-01",
"source": "ics-cert@hq.dhs.gov"
},
{

6
CVE-2013/CVE-2013-20xx/CVE-2013-2018.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2013-2018",
"sourceIdentifier": "secalert@redhat.com",
"published": "2020-02-20T00:15:10.520",
"lastModified": "2024-11-21T01:50:52.380",
"lastModified": "2025-07-08T17:31:12.700",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -85,8 +85,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:berkeley:boinc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9901A926-E8AD-44E7-AB44-B1A5888F9DC3"
"criteria": "cpe:2.3:a:universityofcalifornia:boinc_client:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A050C594-976D-4492-8DFA-B4BAFCDCF08A"
}
]
}

10
CVE-2013/CVE-2013-20xx/CVE-2013-2019.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2013-2019",
"sourceIdentifier": "secalert@redhat.com",
"published": "2014-06-02T15:55:09.700",
"lastModified": "2025-04-12T10:46:40.837",
"lastModified": "2025-07-08T17:33:43.070",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
@ -63,13 +63,13 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rom_walton:boinc:6.10.58:*:*:*:*:*:*:*",
"matchCriteriaId": "1FFD3AD2-E8F0-44EB-98DB-30500FF24A31"
"criteria": "cpe:2.3:a:universityofcalifornia:boinc_client:6.10.58:*:*:*:*:*:*:*",
"matchCriteriaId": "51305A0A-F2A8-4A87-B8A3-BFC4CA2186A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rom_walton:boinc:6.12.34:*:*:*:*:*:*:*",
"matchCriteriaId": "B9457F54-5861-4CC5-BFA4-B419E3DC61DA"
"criteria": "cpe:2.3:a:universityofcalifornia:boinc_client:6.12.34:*:*:*:*:*:*:*",
"matchCriteriaId": "50880F6C-D23E-4E75-92DD-A686841C0CC6"
}
]
}

638
CVE-2013/CVE-2013-22xx/CVE-2013-2298.json
View File

File diff suppressed because it is too large Load Diff

6
CVE-2013/CVE-2013-73xx/CVE-2013-7386.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2013-7386",
"sourceIdentifier": "cve@mitre.org",
"published": "2014-06-02T15:55:11.060",
"lastModified": "2025-04-12T10:46:40.837",
"lastModified": "2025-07-08T17:26:58.807",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
@ -63,8 +63,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rom_walton:boinc:7.2.33:*:*:*:*:*:*:*",
"matchCriteriaId": "5B76EAC5-808A-4CDA-A495-A3EFA0BD8379"
"criteria": "cpe:2.3:a:universityofcalifornia:boinc_client:7.2.33:*:*:*:*:*:*:*",
"matchCriteriaId": "4DC297C0-068D-4168-AA30-30475C89BC33"
}
]
}

39
CVE-2023/CVE-2023-421xx/CVE-2023-42101.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42101",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T03:15:47.643",
"lastModified": "2024-11-21T08:22:16.603",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T16:09:30.893",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1450/",
"source": "zdi-disclosures@trendmicro.com"
},
"nodes": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1450/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashlar:cobalt:1204.61:*:*:*:*:*:*:*",
"matchCriteriaId": "3E29B6E8-193C-4BF9-89F0-5B6C31D61E54"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1450/",
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1450/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

39
CVE-2023/CVE-2023-421xx/CVE-2023-42102.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42102",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T03:15:47.810",
"lastModified": "2024-11-21T08:22:16.730",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T16:09:41.143",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1451/",
"source": "zdi-disclosures@trendmicro.com"
},
"nodes": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1451/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashlar:cobalt:1204.61:*:*:*:*:*:*:*",
"matchCriteriaId": "3E29B6E8-193C-4BF9-89F0-5B6C31D61E54"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1451/",
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1451/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

39
CVE-2023/CVE-2023-421xx/CVE-2023-42103.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42103",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T03:15:47.983",
"lastModified": "2024-11-21T08:22:16.850",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T16:09:56.370",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1452/",
"source": "zdi-disclosures@trendmicro.com"
},
"nodes": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1452/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashlar:cobalt:1204.62:*:*:*:*:*:*:*",
"matchCriteriaId": "679E0CCA-2CD7-49AC-AF27-A290401F0FB5"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1452/",
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1452/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

39
CVE-2023/CVE-2023-421xx/CVE-2023-42104.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42104",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T03:15:48.163",
"lastModified": "2024-11-21T08:22:16.970",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T16:10:03.773",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1453/",
"source": "zdi-disclosures@trendmicro.com"
},
"nodes": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1453/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashlar:cobalt:1204.61:*:*:*:*:*:*:*",
"matchCriteriaId": "3E29B6E8-193C-4BF9-89F0-5B6C31D61E54"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1453/",
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1453/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-421xx/CVE-2023-42105.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42105",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T03:15:48.333",
"lastModified": "2024-11-21T08:22:17.100",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T16:14:38.037",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1454/",
"source": "zdi-disclosures@trendmicro.com"
},
"nodes": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1454/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashlar:cobalt:1204.61:*:*:*:*:*:*:*",
"matchCriteriaId": "3E29B6E8-193C-4BF9-89F0-5B6C31D61E54"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1454/",
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1454/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-444xx/CVE-2023-44431.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44431",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T03:15:57.980",
"lastModified": "2024-11-21T08:25:53.367",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-07-08T16:17:35.780",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1900/",
"source": "zdi-disclosures@trendmicro.com"
},
"nodes": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1900/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bluez:bluez:5.66:*:*:*:*:*:*:*",
"matchCriteriaId": "6C2EBB50-D125-411C-84DB-4E5EFEDCFA6B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1900/",
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1900/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-502xx/CVE-2023-50229.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50229",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T03:16:11.680",
"lastModified": "2024-11-21T08:36:42.623",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-07-08T16:28:15.657",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,22 +73,53 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/bluez/bluez/commit/5ab5352531a9cc7058cce569607f3a6831464443",
"source": "zdi-disclosures@trendmicro.com"
},
"nodes": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1811/",
"source": "zdi-disclosures@trendmicro.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://github.com/bluez/bluez/commit/5ab5352531a9cc7058cce569607f3a6831464443",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1811/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:bluez:bluez:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.66",
"versionEndExcluding": "5.70",
"matchCriteriaId": "C96CCF8B-7E76-4B4B-BAE5-535D88AC1956"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/bluez/bluez/commit/5ab5352531a9cc7058cce569607f3a6831464443",
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1811/",
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/bluez/bluez/commit/5ab5352531a9cc7058cce569607f3a6831464443",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1811/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-502xx/CVE-2023-50230.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50230",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T03:16:11.853",
"lastModified": "2024-11-21T08:36:42.750",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-07-08T16:28:02.977",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,22 +73,53 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/bluez/bluez/commit/5ab5352531a9cc7058cce569607f3a6831464443",
"source": "zdi-disclosures@trendmicro.com"
},
"nodes": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1812/",
"source": "zdi-disclosures@trendmicro.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://github.com/bluez/bluez/commit/5ab5352531a9cc7058cce569607f3a6831464443",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1812/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:bluez:bluez:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.66",
"versionEndExcluding": "5.70",
"matchCriteriaId": "C96CCF8B-7E76-4B4B-BAE5-535D88AC1956"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/bluez/bluez/commit/5ab5352531a9cc7058cce569607f3a6831464443",
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1812/",
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/bluez/bluez/commit/5ab5352531a9cc7058cce569607f3a6831464443",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1812/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-507xx/CVE-2023-50786.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50786",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-05T04:15:24.373",
"lastModified": "2025-07-07T19:15:22.473",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:53.607",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2023/CVE-2023-512xx/CVE-2023-51232.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-51232",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T14:15:23.140",
"lastModified": "2025-07-07T16:15:21.693",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory Traversal vulnerability in dagster-webserver Dagster thru 1.5.11 allows remote attackers to obtain sensitive information via crafted request to the /logs endpoint. This may be restricted to certain file names that start with a dot ('.')."
},
{
"lang": "es",
"value": "Vulnerabilidad de Directory Traversal en dagster-webserver Dagster thru 1.5.11 que permite a atacantes remotos obtener informaci\u00f3n confidencial mediante una solicitud manipulada al endpoint /logs. Esto puede estar restringido a ciertos nombres de archivo que empiezan con un punto ('.')."
}
],
"metrics": {},

61
CVE-2023/CVE-2023-515xx/CVE-2023-51589.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51589",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T03:16:19.230",
"lastModified": "2024-11-21T08:38:26.553",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-07-08T16:27:54.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1904/",
"source": "zdi-disclosures@trendmicro.com"
},
"nodes": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1904/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bluez:bluez:5.66:*:*:*:*:*:*:*",
"matchCriteriaId": "6C2EBB50-D125-411C-84DB-4E5EFEDCFA6B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1904/",
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1904/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-515xx/CVE-2023-51592.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51592",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T03:16:19.747",
"lastModified": "2024-11-21T08:38:26.907",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-07-08T16:27:47.370",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1905/",
"source": "zdi-disclosures@trendmicro.com"
},
"nodes": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1905/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bluez:bluez:5.66:*:*:*:*:*:*:*",
"matchCriteriaId": "6C2EBB50-D125-411C-84DB-4E5EFEDCFA6B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1905/",
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1905/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-515xx/CVE-2023-51594.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51594",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T03:16:20.123",
"lastModified": "2024-11-21T08:38:27.157",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-07-08T16:27:33.363",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1901/",
"source": "zdi-disclosures@trendmicro.com"
},
"nodes": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1901/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bluez:bluez:5.66:*:*:*:*:*:*:*",
"matchCriteriaId": "6C2EBB50-D125-411C-84DB-4E5EFEDCFA6B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1901/",
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1901/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

39
CVE-2023/CVE-2023-515xx/CVE-2023-51596.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51596",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T03:16:20.460",
"lastModified": "2024-11-21T08:38:27.397",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-07-08T16:27:02.940",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1902/",
"source": "zdi-disclosures@trendmicro.com"
},
"nodes": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1902/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bluez:bluez:5.66:*:*:*:*:*:*:*",
"matchCriteriaId": "6C2EBB50-D125-411C-84DB-4E5EFEDCFA6B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1902/",
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1902/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-522xx/CVE-2023-52236.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-52236",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:23.750",
"lastModified": "2025-07-08T11:15:23.750",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions), RUGGEDCOM i802 (All versions), RUGGEDCOM i803 (All versions), RUGGEDCOM M2100 (All versions), RUGGEDCOM M2200 (All versions), RUGGEDCOM M969 (All versions), RUGGEDCOM RMC30 (All versions), RUGGEDCOM RMC8388 V4.X (All versions), RUGGEDCOM RMC8388 V5.X (All versions < V5.10.0), RUGGEDCOM RP110 (All versions), RUGGEDCOM RS1600 (All versions), RUGGEDCOM RS1600F (All versions), RUGGEDCOM RS1600T (All versions), RUGGEDCOM RS400 (All versions), RUGGEDCOM RS401 (All versions), RUGGEDCOM RS416 (All versions), RUGGEDCOM RS416P (All versions), RUGGEDCOM RS416Pv2 V4.X (All versions), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.10.0), RUGGEDCOM RS416v2 V4.X (All versions), RUGGEDCOM RS416v2 V5.X (All versions < V5.10.0), RUGGEDCOM RS8000 (All versions), RUGGEDCOM RS8000A (All versions), RUGGEDCOM RS8000H (All versions), RUGGEDCOM RS8000T (All versions), RUGGEDCOM RS900 (All versions), RUGGEDCOM RS900 (32M) V4.X (All versions), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900G (All versions), RUGGEDCOM RS900G (32M) V4.X (All versions), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900GP (All versions), RUGGEDCOM RS900L (All versions), RUGGEDCOM RS900M-GETS-C01 (All versions), RUGGEDCOM RS900M-GETS-XX (All versions), RUGGEDCOM RS900M-STND-C01 (All versions), RUGGEDCOM RS900M-STND-XX (All versions), RUGGEDCOM RS900W (All versions), RUGGEDCOM RS910 (All versions), RUGGEDCOM RS910L (All versions), RUGGEDCOM RS910W (All versions), RUGGEDCOM RS920L (All versions), RUGGEDCOM RS920W (All versions), RUGGEDCOM RS930L (All versions), RUGGEDCOM RS930W (All versions), RUGGEDCOM RS940G (All versions), RUGGEDCOM RS969 (All versions), RUGGEDCOM RSG2100 (All versions), RUGGEDCOM RSG2100 (32M) V4.X (All versions), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100P (All versions), RUGGEDCOM RSG2100P (32M) V4.X (All versions), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2200 (All versions), RUGGEDCOM RSG2288 V4.X (All versions), RUGGEDCOM RSG2288 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300 V4.X (All versions), RUGGEDCOM RSG2300 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300P V4.X (All versions), RUGGEDCOM RSG2300P V5.X (All versions < V5.10.0), RUGGEDCOM RSG2488 V4.X (All versions), RUGGEDCOM RSG2488 V5.X (All versions < V5.10.0), RUGGEDCOM RSG907R (All versions < V5.10.0), RUGGEDCOM RSG908C (All versions < V5.10.0), RUGGEDCOM RSG909R (All versions < V5.10.0), RUGGEDCOM RSG910C (All versions < V5.10.0), RUGGEDCOM RSG920P V4.X (All versions), RUGGEDCOM RSG920P V5.X (All versions < V5.10.0), RUGGEDCOM RSL910 (All versions < V5.10.0), RUGGEDCOM RST2228 (All versions < V5.10.0), RUGGEDCOM RST2228P (All versions < V5.10.0), RUGGEDCOM RST916C (All versions < V5.10.0), RUGGEDCOM RST916P (All versions < V5.10.0). The affected products support insecure cryptographic algorithms. An attacker could leverage these legacy algorithms to achieve a man-in-the-middle attack or impersonate communicating parties."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en RUGGEDCOM i800 (Todas las versiones), RUGGEDCOM i801 (Todas las versiones), RUGGEDCOM i802 (Todas las versiones), RUGGEDCOM i803 (Todas las versiones), RUGGEDCOM M2100 (Todas las versiones), RUGGEDCOM M2200 (Todas las versiones), RUGGEDCOM M969 (Todas las versiones), RUGGEDCOM RMC30 (Todas las versiones), RUGGEDCOM RMC8388 V4.X (Todas las versiones), RUGGEDCOM RMC8388 V5.X (Todas las versiones &lt; V5.10.0), RUGGEDCOM RP110 (Todas las versiones), RUGGEDCOM RS1600 (Todas las versiones), RUGGEDCOM RS1600F (Todas las versiones), RUGGEDCOM RS1600T (Todas las versiones), RUGGEDCOM RS400 (Todas las versiones), RUGGEDCOM RS401 (Todas las versiones), RUGGEDCOM RS416 (Todas las versiones), RUGGEDCOM RS416P (Todas las versiones), RUGGEDCOM RS416Pv2 V4.X (Todas las versiones), RUGGEDCOM RS416Pv2 V5.X (Todas las versiones &lt; V5.10.0), RUGGEDCOM RS416v2 V4.X (Todas las versiones), RUGGEDCOM RS416v2 V5.X (Todas las versiones &lt; V5.10.0), RUGGEDCOM RS8000 (Todas las versiones), RUGGEDCOM RS8000A (Todas las versiones), RUGGEDCOM RS8000H (Todas las versiones), RUGGEDCOM RS8000T (Todas las versiones), RUGGEDCOM RS900 (Todas las versiones), RUGGEDCOM RS900 (32M) V4.X (Todas las versiones), RUGGEDCOM RS900 (32M) V5.X (Todas las versiones &lt; V5.10.0), RUGGEDCOM RS900G (Todas las versiones), RUGGEDCOM RS900G (32M) V4.X (Todas las versiones), RUGGEDCOM RS900G (32M) V5.X (Todas las versiones &lt; V5.10.0), RUGGEDCOM RS900GP (Todas las versiones), RUGGEDCOM RS900L (Todas las versiones), RUGGEDCOM RS900M-GETS-C01 (Todas las versiones), RUGGEDCOM RS900M-GETS-XX (Todas las versiones), RUGGEDCOM RS900M-STND-C01 (Todas las versiones), RUGGEDCOM RS900M-STND-XX (Todas las versiones), RUGGEDCOM RS900W (Todas las versiones), RUGGEDCOM RS910 (Todas las versiones), RUGGEDCOM RS910L (Todas las versiones), RUGGEDCOM RS910W (Todas las versiones), RUGGEDCOM RS920L (Todas las versiones), RUGGEDCOM RS920W (Todas las versiones), RUGGEDCOM RS930L (Todas las versiones), RUGGEDCOM RS930W (Todas las versiones), RUGGEDCOM RS940G (Todas las versiones), RUGGEDCOM RS969 (Todas las versiones), RUGGEDCOM RSG2100 (Todas las versiones), RUGGEDCOM RSG2100 (32M) V4.X (Todas las versiones), RUGGEDCOM RSG2100 (32M) V5.X (Todas las versiones &lt; V5.10.0), RUGGEDCOM RSG2100P (Todas las versiones), RUGGEDCOM RSG2100P (32M) V4.X (Todas las versiones), RUGGEDCOM RSG2100P (32M) V5.X (Todas las versiones &lt; V5.10.0), RUGGEDCOM RSG2200 (Todas las versiones), RUGGEDCOM RSG2288 V4.X (Todas las versiones versiones), RUGGEDCOM RSG2288 V5.X (Todas las versiones &lt; V5.10.0), RUGGEDCOM RSG2300 V4.X (Todas las versiones), RUGGEDCOM RSG2300 V5.X (Todas las versiones &lt; V5.10.0), RUGGEDCOM RSG2300P V4.X (Todas las versiones), RUGGEDCOM RSG2300P V5.X (Todas las versiones &lt; V5.10.0), RUGGEDCOM RSG2488 V4.X (Todas las versiones), RUGGEDCOM RSG2488 V5.X (Todas las versiones &lt; V5.10.0), RUGGEDCOM RSG907R (Todas las versiones &lt; V5.10.0), RUGGEDCOM RSG908C (Todas las versiones &lt; V5.10.0), RUGGEDCOM RSG909R (Todas las versiones &lt; V5.10.0), RUGGEDCOM RSG910C (Todas las versiones &lt; V5.10.0), RUGGEDCOM RSG920P V4.X (Todas las versiones), RUGGEDCOM RSG920P V5.X (Todas las versiones &lt; V5.10.0), RUGGEDCOM RSL910 (Todas las versiones &lt; V5.10.0), RUGGEDCOM RST2228 (Todas las versiones &lt; V5.10.0), RUGGEDCOM RST2228P (Todas las versiones &lt; V5.10.0), RUGGEDCOM RST916C (Todas las versiones &lt; V5.10.0), RUGGEDCOM RST916P (Todas las versiones &lt; V5.10.0). Los productos afectados admiten algoritmos criptogr\u00e1ficos inseguros. Un atacante podr\u00eda aprovechar estos algoritmos heredados para realizar un ataque de intermediario o suplantar la identidad de las partes que se comunican."
}
],
"metrics": {

53
CVE-2024/CVE-2024-100xx/CVE-2024-10019.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10019",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:14.230",
"lastModified": "2025-03-20T10:15:14.230",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T16:32:39.380",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,10 +73,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/3cf80890-2d8a-4fc7-8e0e-6d4bf648b3ea",
"source": "security@huntr.dev"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lollms:lollms_web_ui:12:*:*:*:*:*:*:*",
"matchCriteriaId": "13C2AF1C-0ECA-4677-8686-A1F6F67A5E0B"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/3cf80890-2d8a-4fc7-8e0e-6d4bf648b3ea",
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

31
CVE-2024/CVE-2024-100xx/CVE-2024-10047.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10047",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:14.360",
"lastModified": "2025-03-20T10:15:14.360",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T16:28:09.237",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/69c3a27c-bd93-4aff-a46b-56798f28a3ce",
"source": "security@huntr.dev"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lollms:lollms_web_ui:9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "225B2535-8D51-4F5C-816B-46D755605CE1"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/69c3a27c-bd93-4aff-a46b-56798f28a3ce",
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-119xx/CVE-2024-11937.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11937",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-07-04T08:15:24.900",
"lastModified": "2025-07-04T08:15:24.900",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:53.607",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

41
CVE-2024/CVE-2024-127xx/CVE-2024-12766.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12766",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:30.000",
"lastModified": "2025-03-20T14:15:18.387",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T16:24:32.990",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,39 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/a143a2e2-1293-4dec-b875-3312584bd2b1",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/a143a2e2-1293-4dec-b875-3312584bd2b1",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lollms:lollms_web_ui:13:*:*:*:*:*:*:*",
"matchCriteriaId": "33B0BD9C-2312-401C-9E7F-C3E614A336A3"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/a143a2e2-1293-4dec-b875-3312584bd2b1",
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://huntr.com/bounties/a143a2e2-1293-4dec-b875-3312584bd2b1",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

8
CVE-2024/CVE-2024-251xx/CVE-2024-25176.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-25176",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T17:15:27.247",
"lastModified": "2025-07-07T17:15:27.247",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LuaJIT through 2.1 has a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c."
},
{
"lang": "es",
"value": "LuaJIT hasta 2.1 tiene un desbordamiento de b\u00fafer de pila en lj_strfmt_wfnum en lj_strfmt_num.c."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-251xx/CVE-2024-25177.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-25177",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T17:15:27.403",
"lastModified": "2025-07-07T17:15:27.403",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LuaJIT through 2.1 has an unsinking of IR_FSTORE for NULL metatable, which leads to Denial of Service (DoS)."
},
{
"lang": "es",
"value": "LuaJIT hasta 2.1 tiene un deshundimiento de IR_FSTORE para metatabla NULL, lo que conduce a una denegaci\u00f3n de servicio (DoS)."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-251xx/CVE-2024-25178.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-25178",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T17:15:27.527",
"lastModified": "2025-07-07T17:15:27.527",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LuaJIT through 2.1 has an out-of-bounds read in the stack-overflow handler in lj_state.c"
},
{
"lang": "es",
"value": "LuaJIT hasta la versi\u00f3n 2.1 tiene una lectura fuera de los l\u00edmites en el controlador de desbordamiento de pila en lj_state.c"
}
],
"metrics": {},

8
CVE-2024/CVE-2024-318xx/CVE-2024-31853.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-31853",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:23.997",
"lastModified": "2025-07-08T11:15:23.997",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check the extended key usage attribute of that device's certificate.\r\nThis could allow an attacker to execute an on-path network (MitM) attack."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SICAM TOOLBOX II (todas las versiones anteriores a V07.11). Al establecer una conexi\u00f3n HTTPS con el servidor TLS de un dispositivo administrado, la aplicaci\u00f3n afectada no comprueba el atributo de uso de clave extendida del certificado de dicho dispositivo. Esto podr\u00eda permitir que un atacante ejecute un ataque de red en ruta (MitM)."
}
],
"metrics": {

8
CVE-2024/CVE-2024-318xx/CVE-2024-31854.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-31854",
"sourceIdentifier": "productcert@siemens.com",
"published": "2025-07-08T11:15:24.180",
"lastModified": "2025-07-08T11:15:24.180",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check device's certificate common name against an expected value.\r\nThis could allow an attacker to execute an on-path network (MitM) attack."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SICAM TOOLBOX II (todas las versiones anteriores a V07.11). Al establecer una conexi\u00f3n HTTPS con el servidor TLS de un dispositivo administrado, la aplicaci\u00f3n afectada no compara el nombre com\u00fan del certificado del dispositivo con el valor esperado. Esto podr\u00eda permitir que un atacante ejecute un ataque de red en ruta (MitM)."
}
],
"metrics": {

44
CVE-2024/CVE-2024-363xx/CVE-2024-36348.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2024-36348",
"sourceIdentifier": "psirt@amd.com",
"published": "2025-07-08T17:15:31.200",
"lastModified": "2025-07-08T17:15:31.200",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"baseScore": 3.8,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.0,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html",
"source": "psirt@amd.com"
}
]
}

44
CVE-2024/CVE-2024-363xx/CVE-2024-36349.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2024-36349",
"sourceIdentifier": "psirt@amd.com",
"published": "2025-07-08T17:15:31.400",
"lastModified": "2025-07-08T17:15:31.400",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"baseScore": 3.8,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.0,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html",
"source": "psirt@amd.com"
}
]
}

44
CVE-2024/CVE-2024-363xx/CVE-2024-36350.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2024-36350",
"sourceIdentifier": "psirt@amd.com",
"published": "2025-07-08T17:15:31.563",
"lastModified": "2025-07-08T17:15:31.563",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.1,
"impactScore": 4.0
}
]
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html",
"source": "psirt@amd.com"
}
]
}

44
CVE-2024/CVE-2024-363xx/CVE-2024-36357.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2024-36357",
"sourceIdentifier": "psirt@amd.com",
"published": "2025-07-08T17:15:31.723",
"lastModified": "2025-07-08T17:15:31.723",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.1,
"impactScore": 4.0
}
]
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html",
"source": "psirt@amd.com"
}
]
}

8
CVE-2024/CVE-2024-376xx/CVE-2024-37656.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-37656",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T18:15:25.120",
"lastModified": "2025-07-07T18:15:25.120",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via the insufficient URL parameter verification in bbs/logout.php."
},
{
"lang": "es",
"value": "Una vulnerabilidad de redirecci\u00f3n abierta en gnuboard5 v.5.5.16 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s de la verificaci\u00f3n insuficiente del par\u00e1metro URL en bbs/logout.php."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-376xx/CVE-2024-37657.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-37657",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T18:15:25.233",
"lastModified": "2025-07-07T18:15:25.233",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via thebbs/login.php component."
},
{
"lang": "es",
"value": "Una vulnerabilidad de redirecci\u00f3n abierta en gnuboard5 v.5.5.16 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del componente bbs/login.php."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-376xx/CVE-2024-37658.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-37658",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-07-07T18:15:25.340",
"lastModified": "2025-07-07T18:15:25.340",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via the bbs/member_confirm.php."
},
{
"lang": "es",
"value": "Una vulnerabilidad de redirecci\u00f3n abierta en gnuboard5 v.5.5.16 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s de bbs/member_confirm.php."
}
],
"metrics": {},

76
CVE-2024/CVE-2024-431xx/CVE-2024-43186.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43186",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-03-29T00:15:23.620",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T17:28:18.497",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -51,10 +71,54 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.ibm.com/support/pages/node/7184980",
"source": "psirt@us.ibm.com"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.7",
"versionEndExcluding": "11.7.1",
"matchCriteriaId": "C8544C8A-580A-4A26-8731-0511ADC66F36"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7184980",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2024/CVE-2024-431xx/CVE-2024-43190.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-43190",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-07-07T18:15:25.440",
"lastModified": "2025-07-07T18:15:25.440",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Engineering Requirements Management DOORS 9.7.2.9, under certain configurations, could allow a remote attacker to obtain password reset instructions of a legitimate user using man in the middle techniques."
},
{
"lang": "es",
"value": "IBM Engineering Requirements Management DOORS 9.7.2.9, bajo ciertas configuraciones, podr\u00eda permitir que un atacante remoto obtenga instrucciones de restablecimiento de contrase\u00f1a de un usuario leg\u00edtimo utilizando t\u00e9cnicas de intermediario."
}
],
"metrics": {

8
CVE-2024/CVE-2024-433xx/CVE-2024-43334.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-43334",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-07-07T10:15:25.593",
"lastModified": "2025-07-07T10:15:25.593",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gavias Halpes allows Reflected XSS.This issue affects Halpes: from n/a before 1.2.5."
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Gavias Halpes permite XSS reflejado. Este problema afecta a Halpes: desde n/a hasta 1.2.5."
}
],
"metrics": {

6
CVE-2024/CVE-2024-436xx/CVE-2024-43614.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-43614",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-10-08T18:15:29.623",
"lastModified": "2024-10-21T20:50:38.370",
"vulnStatus": "Analyzed",
"lastModified": "2025-07-08T16:15:45.507",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Defender for Endpoint for Linux Spoofing Vulnerability"
"value": "Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally."
},
{
"lang": "es",

31
CVE-2024/CVE-2024-495xx/CVE-2024-49563.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49563",
"sourceIdentifier": "security_alert@emc.com",
"published": "2025-03-28T02:15:13.510",
"lastModified": "2025-03-28T18:11:40.180",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-07-08T16:25:00.350",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:unity_operating_environment:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.5.0.0.5.259",
"matchCriteriaId": "F0F4FF8F-1F14-4E5F-ADBD-AEA2C8494BE4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

31
CVE-2024/CVE-2024-495xx/CVE-2024-49564.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49564",
"sourceIdentifier": "security_alert@emc.com",
"published": "2025-03-28T02:15:13.670",
"lastModified": "2025-03-28T18:11:40.180",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-07-08T16:33:22.117",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:unity_operating_environment:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.5.0.0.5.259",
"matchCriteriaId": "F0F4FF8F-1F14-4E5F-ADBD-AEA2C8494BE4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

31
CVE-2024/CVE-2024-495xx/CVE-2024-49565.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49565",
"sourceIdentifier": "security_alert@emc.com",
"published": "2025-03-28T02:15:13.810",
"lastModified": "2025-03-28T18:11:40.180",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-07-08T16:33:18.680",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:unity_operating_environment:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.5.0.0.5.259",
"matchCriteriaId": "F0F4FF8F-1F14-4E5F-ADBD-AEA2C8494BE4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-496xx/CVE-2024-49601.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49601",
"sourceIdentifier": "security_alert@emc.com",
"published": "2025-03-28T03:15:16.650",
"lastModified": "2025-03-28T18:11:40.180",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-07-08T16:33:01.010",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -51,10 +71,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:unity_operating_environment:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.5.0.0.5.259",
"matchCriteriaId": "F0F4FF8F-1F14-4E5F-ADBD-AEA2C8494BE4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-529xx/CVE-2024-52965.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-52965",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-07-08T15:15:22.313",
"lastModified": "2025-07-08T15:15:22.313",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-530xx/CVE-2024-53009.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53009",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2025-07-08T13:15:28.460",
"lastModified": "2025-07-08T13:15:28.460",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

60
CVE-2024/CVE-2024-555xx/CVE-2024-55551.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55551",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-19T14:15:37.733",
"lastModified": "2025-04-02T14:15:46.250",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T16:44:23.807",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -81,22 +81,52 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://docs.exasol.com/db/7.1/release_notes_drivers_jdbc/24.2.1.htm",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://docs.exasol.com/db/latest/connect_exasol/drivers/jdbc.htm",
"source": "cve@mitre.org"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://gist.github.com/azraelxuemo/9565ec9219e0c3e9afd5474904c39d0f",
"source": "cve@mitre.org"
},
{
"url": "https://www.blackhat.com/eu-24/briefings/schedule/index.html#a-novel-attack-surface-java-authentication-and-authorization-service-jaas-42179",
"source": "cve@mitre.org"
"vulnerable": true,
"criteria": "cpe:2.3:a:exasol:jdbc_driver:*:*:*:*:*:*:*:*",
"versionEndExcluding": "24.2.1",
"matchCriteriaId": "6A0D6AC6-6253-49C4-AE3E-A5E7E16F22F8"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.exasol.com/db/7.1/release_notes_drivers_jdbc/24.2.1.htm",
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://docs.exasol.com/db/latest/connect_exasol/drivers/jdbc.htm",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://gist.github.com/azraelxuemo/9565ec9219e0c3e9afd5474904c39d0f",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.blackhat.com/eu-24/briefings/schedule/index.html#a-novel-attack-surface-java-authentication-and-authorization-service-jaas-42179",
"source": "cve@mitre.org",
"tags": [
"Technical Description"
]
}
]
}

4
CVE-2024/CVE-2024-555xx/CVE-2024-55599.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55599",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-07-08T15:15:23.870",
"lastModified": "2025-07-08T15:15:23.870",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

76
CVE-2024/CVE-2024-558xx/CVE-2024-55895.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55895",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-03-29T13:15:40.410",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T17:22:06.477",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -51,10 +71,54 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.ibm.com/support/pages/node/7185450",
"source": "psirt@us.ibm.com"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.7",
"versionEndExcluding": "11.7.1",
"matchCriteriaId": "C8544C8A-580A-4A26-8731-0511ADC66F36"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7185450",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

31
CVE-2024/CVE-2024-559xx/CVE-2024-55965.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55965",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-26T21:15:23.063",
"lastModified": "2025-03-27T16:45:27.850",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T17:35:30.287",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/appsmithorg/appsmith/security/advisories/GHSA-794x-gm8v-2wj6",
"source": "cve@mitre.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:appsmith:appsmith:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.51",
"matchCriteriaId": "76EC9A47-0E39-4CA8-AB1A-74F4CF8CEECF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/appsmithorg/appsmith/security/advisories/GHSA-794x-gm8v-2wj6",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

8
CVE-2024/CVE-2024-581xx/CVE-2024-58117.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-58117",
"sourceIdentifier": "psirt@huawei.com",
"published": "2025-07-07T03:15:26.393",
"lastModified": "2025-07-07T03:15:26.393",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack overflow risk when vector images are parsed during file preview\nImpact: Successful exploitation of this vulnerability may affect the file preview function."
},
{
"lang": "es",
"value": "Riesgo de desbordamiento de pila cuando se analizan im\u00e1genes vectoriales durante la vista previa del archivo Impacto: la explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la funci\u00f3n de vista previa del archivo."
}
],
"metrics": {

60
CVE-2024/CVE-2024-581xx/CVE-2024-58128.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58128",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-28T22:15:17.197",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T17:31:44.517",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
@ -51,14 +71,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/MISP/MISP/commit/33a1eb66408e16a7535b2bae48303efd9501a26a",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://github.com/MISP/MISP/releases/tag/v2.4.193",
"source": "cve@mitre.org"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:misp:misp:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.4.193",
"matchCriteriaId": "D38831B2-94AF-41A5-956B-D9EBE0EC177C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/MISP/MISP/commit/33a1eb66408e16a7535b2bae48303efd9501a26a",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/MISP/MISP/releases/tag/v2.4.193",
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

60
CVE-2024/CVE-2024-581xx/CVE-2024-58129.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58129",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-28T22:15:17.333",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T17:30:50.003",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
@ -51,14 +71,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/MISP/MISP/commit/09a43870e733f79ffa33753ddc7bce3cbb5a5647",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://github.com/MISP/MISP/releases/tag/v2.4.193",
"source": "cve@mitre.org"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:misp:misp:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.4.193",
"matchCriteriaId": "D38831B2-94AF-41A5-956B-D9EBE0EC177C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/MISP/MISP/commit/09a43870e733f79ffa33753ddc7bce3cbb5a5647",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/MISP/MISP/releases/tag/v2.4.193",
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

53
CVE-2024/CVE-2024-69xx/CVE-2024-6986.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6986",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:34.860",
"lastModified": "2025-03-20T10:15:34.860",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T16:14:33.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,10 +73,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/83e9bde1-40b2-49e9-be1c-bc1498eb8ebd",
"source": "security@huntr.dev"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lollms:lollms_web_ui:9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D9177E7C-9C27-4C3C-AC97-7F277FEEC725"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/83e9bde1-40b2-49e9-be1c-bc1498eb8ebd",
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

31
CVE-2024/CVE-2024-70xx/CVE-2024-7058.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7058",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:36.340",
"lastModified": "2025-03-20T10:15:36.340",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T16:10:59.790",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/148fce03-0f5a-4939-b636-b7f9848765e4",
"source": "security@huntr.dev"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lollms:lollms_web_ui:10:*:*:*:*:*:*:*",
"matchCriteriaId": "5622185E-495B-47D8-BFB9-35A2EEC3A0B8"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/148fce03-0f5a-4939-b636-b7f9848765e4",
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2024/CVE-2024-75xx/CVE-2024-7577.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7577",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-03-29T00:15:24.257",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T17:26:02.110",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.7,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -51,10 +71,54 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.ibm.com/support/pages/node/7185020",
"source": "psirt@us.ibm.com"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.7",
"versionEndExcluding": "11.7.1",
"matchCriteriaId": "C8544C8A-580A-4A26-8731-0511ADC66F36"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7185020",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

40
CVE-2024/CVE-2024-85xx/CVE-2024-8581.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8581",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:43.350",
"lastModified": "2025-03-20T10:15:43.350",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T16:05:51.403",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/parisneo/lollms-webui/commit/dcc078cbe20d2a9640b0942a622134b0e3fa6e48",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/67ead5b9-8149-4001-a1cd-ac648cb7b414",
"source": "security@huntr.dev"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lollms:lollms_web_ui:12:*:*:*:*:*:*:*",
"matchCriteriaId": "13C2AF1C-0ECA-4677-8686-A1F6F67A5E0B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/parisneo/lollms-webui/commit/dcc078cbe20d2a9640b0942a622134b0e3fa6e48",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/67ead5b9-8149-4001-a1cd-ac648cb7b414",
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-94xx/CVE-2024-9453.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9453",
"sourceIdentifier": "secalert@redhat.com",
"published": "2025-07-04T09:15:24.537",
"lastModified": "2025-07-04T09:15:24.537",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:53.607",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

56
CVE-2025/CVE-2025-02xx/CVE-2025-0292.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-0292",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2025-07-08T16:15:50.543",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SSRF in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to access internal network services."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

56
CVE-2025/CVE-2025-02xx/CVE-2025-0293.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-0293",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2025-07-08T16:15:51.727",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CLRF injection in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to write to a protected configuration file on disk."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-93"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

64
CVE-2025/CVE-2025-06xx/CVE-2025-0666.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0666",
"sourceIdentifier": "vulnerability@ncsc.ch",
"published": "2025-05-07T08:15:14.910",
"lastModified": "2025-05-07T14:15:39.450",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T16:44:16.057",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
@ -73,14 +95,40 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2025_01_CSNC-2025-002_BOINC_multiple_XSS.txt",
"source": "vulnerability@ncsc.ch"
},
"nodes": [
{
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2025_01_CSNC-2025-002_BOINC_multiple_XSS.txt",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:universityofcalifornia:boinc_server:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.4.7",
"matchCriteriaId": "4D494BC2-675C-4EB3-A82A-CF9F45A23328"
}
]
}
]
}
],
"references": [
{
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2025_01_CSNC-2025-002_BOINC_multiple_XSS.txt",
"source": "vulnerability@ncsc.ch",
"tags": [
"Third Party Advisory",
"Exploit"
]
},
{
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2025_01_CSNC-2025-002_BOINC_multiple_XSS.txt",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Third Party Advisory",
"Exploit"
]
}
]
}

64
CVE-2025/CVE-2025-06xx/CVE-2025-0667.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0667",
"sourceIdentifier": "vulnerability@ncsc.ch",
"published": "2025-05-07T08:15:15.057",
"lastModified": "2025-05-07T14:15:39.550",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T16:48:19.440",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
@ -73,14 +95,40 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2025_02_CSNC-2025-003_BOINC_stored_XSS.txt",
"source": "vulnerability@ncsc.ch"
},
"nodes": [
{
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2025_02_CSNC-2025-003_BOINC_stored_XSS.txt",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:universityofcalifornia:boinc_server:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.4.7",
"matchCriteriaId": "4D494BC2-675C-4EB3-A82A-CF9F45A23328"
}
]
}
]
}
],
"references": [
{
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2025_02_CSNC-2025-003_BOINC_stored_XSS.txt",
"source": "vulnerability@ncsc.ch",
"tags": [
"Third Party Advisory",
"Exploit"
]
},
{
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2025_02_CSNC-2025-003_BOINC_stored_XSS.txt",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Third Party Advisory",
"Exploit"
]
}
]
}

64
CVE-2025/CVE-2025-06xx/CVE-2025-0668.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0668",
"sourceIdentifier": "vulnerability@ncsc.ch",
"published": "2025-05-07T08:15:15.207",
"lastModified": "2025-05-07T14:15:39.637",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T16:47:25.000",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
@ -73,14 +95,40 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2025_03_CSNC-2025-004_BOINC_multiple_SQLi.txt",
"source": "vulnerability@ncsc.ch"
},
"nodes": [
{
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2025_03_CSNC-2025-004_BOINC_multiple_SQLi.txt",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:universityofcalifornia:boinc_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.4.5",
"matchCriteriaId": "57B6CBF2-F5C6-4820-9286-A98A3A72BC9D"
}
]
}
]
}
],
"references": [
{
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2025_03_CSNC-2025-004_BOINC_multiple_SQLi.txt",
"source": "vulnerability@ncsc.ch",
"tags": [
"Third Party Advisory",
"Exploit"
]
},
{
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2025_03_CSNC-2025-004_BOINC_multiple_SQLi.txt",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Third Party Advisory",
"Exploit"
]
}
]
}

64
CVE-2025/CVE-2025-06xx/CVE-2025-0669.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0669",
"sourceIdentifier": "vulnerability@ncsc.ch",
"published": "2025-05-07T08:15:15.340",
"lastModified": "2025-05-07T14:15:39.767",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T16:48:58.790",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
@ -73,14 +95,40 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2025_04_CSNC-2025-005_BOINC_CSRF.txt",
"source": "vulnerability@ncsc.ch"
},
"nodes": [
{
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2025_04_CSNC-2025-005_BOINC_CSRF.txt",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:universityofcalifornia:boinc_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.4.3",
"matchCriteriaId": "B1B8343D-727D-4817-9548-2118BCF511DB"
}
]
}
]
}
],
"references": [
{
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2025_04_CSNC-2025-005_BOINC_CSRF.txt",
"source": "vulnerability@ncsc.ch",
"tags": [
"Third Party Advisory",
"Exploit"
]
},
{
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2025_04_CSNC-2025-005_BOINC_CSRF.txt",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Third Party Advisory",
"Exploit"
]
}
]
}

8
CVE-2025/CVE-2025-13xx/CVE-2025-1351.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-1351",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-07-07T17:15:27.693",
"lastModified": "2025-07-07T17:15:27.693",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Storage Virtualize 8.5, 8.6, and 8.7 products could allow a user to escalate their privileges to that of another user logging in at the same time due to a race condition in the login function."
},
{
"lang": "es",
"value": "Los productos IBM Storage Virtualize 8.5, 8.6 y 8.7 podr\u00edan permitir que un usuario aumente sus privilegios a los de otro usuario que inicie sesi\u00f3n al mismo tiempo debido a una condici\u00f3n de ejecuci\u00f3n en la funci\u00f3n de inicio de sesi\u00f3n."
}
],
"metrics": {

60
CVE-2025/CVE-2025-17xx/CVE-2025-1770.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-1770",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-20T06:15:22.903",
"lastModified": "2025-03-20T06:15:22.903",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-07-08T16:38:54.230",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,22 +51,52 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-event-solution/tags/4.0.24/widgets/events-calendar/events-calendar.php#L715",
"source": "security@wordfence.com"
},
"nodes": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-event-solution/tags/4.0.24/widgets/upcoming-event-tab/style/tab-1.php#L53",
"source": "security@wordfence.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3257023/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5f24baee-7003-449b-9072-d95fa1e26c8f?source=cve",
"source": "security@wordfence.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:themewinter:eventin:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.0.25",
"matchCriteriaId": "83E51B23-6F8A-478C-AF23-391D5E7EC252"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-event-solution/tags/4.0.24/widgets/events-calendar/events-calendar.php#L715",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-event-solution/tags/4.0.24/widgets/upcoming-event-tab/style/tab-1.php#L53",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3257023/",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5f24baee-7003-449b-9072-d95fa1e26c8f?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

796
CVE-2025/CVE-2025-202xx/CVE-2025-20202.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20202",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-05-07T18:15:41.063",
"lastModified": "2025-05-08T14:39:09.683",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-07-08T17:17:00.210",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,12 +49,802 @@
"value": "CWE-805"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6BD18B-B9BD-452F-986E-16A6668E46B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "D136D2BC-FFB5-4912-A3B1-BD96148CB9A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "A22256FE-431C-4AD9-9E7F-7EAC2D81B1B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "5CD5B3AB-27C2-4055-A3B7-0112D089FDA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "04081A51-E08F-4114-9276-584E836181D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "ADED0D82-2A4D-4235-BFAC-5EE2D862B652"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1f:*:*:*:*:*:*:*",
"matchCriteriaId": "62A46516-CEB7-48D4-879B-341963A1FA31"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1g:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EF98FA-6DF9-4935-9639-143E08462BC4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "763664F5-E6CD-4936-B2F8-C5E2D5EA7BB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A443E93-6C4B-4F86-BA7C-7C2A929E795A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6ECEDD9D-6517-44BA-A95F-D1D5488C0E41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E91F8704-6DAD-474A-84EA-04E4AF7BB9B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "314C7763-A64D-4023-9F3F-9A821AE4151F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "5820D71D-FC93-45AA-BC58-A26A1A39C936"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "DB26AE0F-85D8-4EAB-B9BD-457DD81FF0FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B53E377A-0296-4D7A-B97C-576B0026543D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C98DED36-D4B5-48D6-964E-EEEE97936700"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD98C9E8-3EA6-4160-970D-37C389576516"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEFEDA-B01A-480B-B03D-7ED5D08E4B67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "9027A528-2588-4C06-810B-5BB313FE4323"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "7745ED34-D59D-49CC-B174-96BCA03B3374"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "19AF4CF3-6E79-4EA3-974D-CD451A192BA9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "313BD54C-073C-4F27-82D5-C99EFC3A20F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "93B96E01-3777-4C33-9225-577B469A6CE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1z1:*:*:*:*:*:*:*",
"matchCriteriaId": "D18B32E3-6B33-4E3D-879A-82E2F0BFC906"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1z2:*:*:*:*:*:*:*",
"matchCriteriaId": "46E37204-FC9A-4397-AFA4-9CAC7A116D55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5019B59-508E-40B0-9C92-2C26F58E2FBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "443D78BA-A3DA-4D1F-A4DF-2F426DC6B841"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "1986DB1F-AD0A-42FE-8EC8-F18BA1AD4F99"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D5750264-2990-4942-85F4-DB9746C5CA2B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "02352FD8-2A7B-41BD-9E4A-F312ABFDF3EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "B9173AD6-6658-4267-AAA7-D50D0B657528"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F02EE9D-45B1-43D6-B05D-6FF19472216B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1DBBCD-4C5A-43BB-8FB0-6F1AF99ED0D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8FCB9440-F470-45D1-AAFA-01FB5D76B600"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "3F66ECFE-B631-47AE-995F-024A4E586A85"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "3BBFDD70-7AF3-47AE-94CA-56C19F2D6234"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5B736F09-3B51-4B2A-92F6-602847001F15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "2F58A94E-B050-4EFA-84BA-43B11BA22E77"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E864BB1-FD23-4AB3-9138-5FD8B62EAF5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "838D6C2D-C131-4A9C-AAE5-5BF38E637E4B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "37D5E77B-687D-4AE7-95B8-0AB56AF5DAD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "91EF2384-9939-4F86-8A0F-7CB7034980E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.10a:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E51B09-D66D-4AE8-AF96-AEDE54A7C209"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.11:*:*:*:*:*:*:*",
"matchCriteriaId": "AF595930-44E0-41FD-A0EF-C8E301E6585B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.12:*:*:*:*:*:*:*",
"matchCriteriaId": "5F621724-9BA3-4D47-AAB8-08D7A541EBDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E306B09C-CB48-4067-B60C-5F738555EEAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD446C51-E713-4E46-8328-0A0477D140D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF0DD16-D76A-45EA-B01A-20C71AEFA3B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDD0CEC-4A19-438D-B2A1-8664A1D8F3C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8B4D4659-A304-459F-8AB3-ED6D84B44C0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B51FA707-8DB1-4596-9122-D4BFEF17F400"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*",
"matchCriteriaId": "C04DF35A-1B6F-420A-8D84-74EB41BF3700"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*",
"matchCriteriaId": "211CC9B2-6108-4C50-AB31-DC527C43053E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "75CCB5F1-27F5-4FF9-8389-0A9ABCF7F070"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08DCCBA3-82D2-4444-B5D3-E5FC58D024F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "128F95D7-E49F-4B36-8F47-823C0298449E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "E21B3881-37E9-4C00-9336-12C9C28D1B61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "E54599DB-A85E-4EEA-9985-2CBF90E28A08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "4046C325-7EDB-4C95-AA98-541BEC8F9E0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B70A3D-CBE1-4218-A7B4-F85741A57BD7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B270A04-9961-4E99-806B-441CD674AFBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "1360069D-0358-4746-8C3F-44C2A40988D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DD2403-113B-4100-8BD4-90E1927E6648"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF73937-BCE2-4BEF-B4B0-83212DA4A6C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "2DDB1E60-C2A9-4570-BE80-F3D478A53738"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "9841799A-87E2-46AE-807A-824981EAB35A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4c:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEF022B-271F-4017-B74B-82748D5EBA01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6B2902D8-3A7B-4C47-9BC6-8CA4C580A346"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "8871B890-78F4-4D9D-AEFF-6A393493C51E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "9E489AC5-A445-44FF-AA85-F0915577384E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "917BA05C-2A18-4C68-B508-85C2B5A94416"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "06337791-7D8D-4EAA-BACC-4E270F377B3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "336A8630-653C-4E28-8DE1-76CDD8573980"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1767AE-7D9F-4BAA-90E1-CF8314CD0B53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A6B707B-4543-41F1-83DF-49A93BF56FB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8F611B-D347-4A21-90E6-56CF4D8A35A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A92CE4-B4B0-4C14-AE11-8DFE511406F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "274E3E6F-4280-4EAE-B102-1BE57FE1F1D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "46B52A51-51DB-4A12-AB1D-8D9605226599"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "938B0720-8CA7-43BA-9708-5CE9EC7A565A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BE7166-DBD3-4CE6-A14A-725FE896B85E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE62C4B-7C06-4907-BADE-416C1618D2D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "0C60DF3F-DBD9-4BBF-812E-4BB0C47BDF3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "26FEE2E2-DD85-4006-8895-0BDA04E8EE4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CD237B-2843-4D37-87D7-AE6D1A53458A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "1B80614B-6362-45F0-B305-2F137B053DCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "47B20C7E-1C9C-4EF4-91E4-388643C4B9C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1z1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7966A0-D84D-47F7-AED9-D041BCDA6703"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "04D19D8C-FACF-49B4-BA99-CC3A3FDADAFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0B78942C-BEE1-4D18-9075-8E1D991BF621"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "5B306D35-4A13-4D23-8EC2-D000E8ADCDA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9F21093D-1036-4F6B-B90F-ACE1EF99EA33"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "280D24C6-A2BF-46E8-B512-6A3FA7833922"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "1F903F51-ABF4-49B0-A5BA-A6B51F79666F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F244E7-8EE9-4E58-83FA-EEDD3C8F792D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "5238B1D1-740D-4B37-A0CB-1B3343E55D05"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "27E0750C-A622-49D6-A8EF-B59E2F8F1912"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2258D93E-71AA-4964-A5DF-008E3479F2A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "608ACC60-143B-4835-B6AC-E6C3111B4078"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38B87B17-C653-40AC-8AE4-066BB1123C88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "9012A66E-82C4-4ACF-A4BB-37EC54B87B50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "9C945710-7DC3-43D9-9FBE-F2A1B8666C73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "849C6FF1-F7C0-4021-BCA2-A791C87E4F37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7592C7E3-3735-425F-A276-9EE03224CD5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1103BE75-EB64-4A9A-801E-EDE6A1F861F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0C2129-8149-4362-827C-A5494C9D398B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "7452C7E9-6241-42C5-9A7F-13C0BD38A2B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "38C48FC4-5362-4B61-8B8C-7CAFFB81045E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC43383-DF99-4D38-A220-0A202623B36A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E6CD08-EC7E-42C1-B2C2-CA5E154545A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "DE62DC68-E882-49E7-AAD2-2F73637FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1y1:*:*:*:*:*:*:*",
"matchCriteriaId": "57CD29C9-C629-48B0-ABDD-CEC3DEB6FB11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D197445E-EC12-429C-BDD4-F63FA5C1B3E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "BD27DF50-9E81-4EC5-BA73-513F1DFB972C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "51EA3EAA-A379-467E-AF9A-FCFBACAE49C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "4FC63AAF-758F-4A70-9738-96E75A0A1DDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E67BE408-8DCF-491F-9EA9-E368565C1B49"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CFE98A-FBA5-4837-BBD9-3C875ECEBF1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "36A5F20F-3F38-4FB9-B49D-28569EB1A763"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2264D7-5E89-4F50-B948-FAB41D07C8BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB8368D-B9F9-4679-8154-1174E140CA17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5e:*:*:*:*:*:*:*",
"matchCriteriaId": "78EEDF40-2CDA-4147-A9F2-A5F4B8FF35EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5f:*:*:*:*:*:*:*",
"matchCriteriaId": "40CEA4FC-B946-4D54-A45B-686FC02D5411"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42FAEC29-D754-49D6-85F1-F5DDFAF6E80F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE76032-948F-444F-BA5D-72A34D1CD382"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "9A965A2A-129C-45C3-BCB1-2860F583D020"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F313F2EC-F3D6-4639-934C-402DDA3DA806"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFB2CA6-8332-4E4D-BDB4-C3B770D3AD6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.99sw:*:*:*:*:*:*:*",
"matchCriteriaId": "6F7C157F-5569-4072-805F-7AF598F6B56F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1BF0778B-015D-481B-BAC0-40667F3453D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEBC0EB-0DBB-4530-AFC4-AA0036469656"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "66D0DB87-6BB7-4FCF-BF20-6D4D48D72B79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A766E7-CF3C-4529-AFA4-D780059A66BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "46B7F7EA-6512-433F-B1E4-B2F889427464"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "63527910-7F55-4D40-BFE7-D497C91C334D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1z1:*:*:*:*:*:*:*",
"matchCriteriaId": "6EACA43F-64DB-496B-A6B1-DB9FAF6606EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EE165207-A066-44C1-B78A-6EFD80023204"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF792BC-C270-4294-8E4E-71FAC3ACFCF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1098FCEA-6A9F-4634-A0EF-EC55ABCCEA3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "53B97B06-206B-42F0-B68F-5C5136EAD2B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6281EB0F-EE0E-4B06-A7A1-29460A98A8CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "07650346-67D7-4805-BF81-BB145304CC87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "9C6C0D21-ABD5-42F1-B04B-745CA6115D07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8577AF01-F2C7-48D3-AB0B-78BD63A60029"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.13.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0D2D94-6470-4E4B-A1B1-0124F92AA793"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31789E98-7C8D-4C5A-8A3F-FC9AFE9A248C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.14.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A62648B-3273-4D75-8533-A5CBE1B1BCE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0174C08C-8846-45AE-83ED-E9964348FA28"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "E73D685D-A002-4D82-9B4C-1D6B5C0B0320"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED4E436-D338-4014-967D-9FE449518191"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "D66E9FE8-DD32-4D0A-BB80-E690F5299F45"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-cdp-dos-fpeks9K",
"source": "psirt@cisco.com"
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2025/CVE-2025-203xx/CVE-2025-20300.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-20300",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-07-07T18:15:25.660",
"lastModified": "2025-07-07T18:15:25.660",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.6, and 9.1.9 and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408.112, and 9.2.2406.119, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles, and has read-only access to a specific alert, could suppress that alert when it triggers. See [Define alert suppression groups to throttle sets of similar alerts](https://help.splunk.com/en/splunk-enterprise/alert-and-respond/alerting-manual/9.4/manage-alert-trigger-conditions-and-throttling/define-alert-suppression-groups-to-throttle-sets-of-similar-alerts)."
},
{
"lang": "es",
"value": "En las versiones de Splunk Enterprise anteriores a 9.4.2, 9.3.5, 9.2.6 y 9.1.9, y de Splunk Cloud Platform anteriores a 9.3.2411.103, 9.3.2408.112 y 9.2.2406.119, un usuario con pocos privilegios que no tenga los roles de administrador ni de experto de Splunk y que tenga acceso de solo lectura a una alerta espec\u00edfica podr\u00eda suprimirla al activarse. Consulte [Definir grupos de supresi\u00f3n de alertas para limitar conjuntos de alertas similares](https://help.splunk.com/en/splunk-enterprise/alert-and-respond/alerting-manual/9.4/manage-alert-trigger-conditions-and-throttling/define-alert-suppression-groups-to-throttle-sets-of-similar-alerts)."
}
],
"metrics": {

8
CVE-2025/CVE-2025-203xx/CVE-2025-20319.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-20319",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-07-07T18:15:25.830",
"lastModified": "2025-07-07T18:15:25.830",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a user who holds a role that contains the high-privilege capability `edit_scripted` and `list_inputs` capability , could perform a remote command execution due to improper user input sanitization on the scripted input files.<br><br>See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) and [Setting up a scripted input ](https://docs.splunk.com/Documentation/Splunk/9.4.2/AdvancedDev/ScriptSetup)for more information."
},
{
"lang": "es",
"value": "En las versiones de Splunk Enterprise anteriores a 9.4.3, 9.3.5, 9.2.7 y 9.1.10, un usuario que tenga un rol que contenga la capacidad de alto privilegio `edit_scripted` y la capacidad `list_inputs` podr\u00eda realizar una ejecuci\u00f3n remota de comandos debido a una depuraci\u00f3n incorrecta de la entrada del usuario en los archivos de entrada con capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) and [Setting up a scripted input ](https://docs.splunk.com/Documentation/Splunk/9.4.2/AdvancedDev/ScriptSetup)for more information. "
}
],
"metrics": {

8
CVE-2025/CVE-2025-203xx/CVE-2025-20320.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-20320",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-07-07T18:15:25.987",
"lastModified": "2025-07-07T18:15:25.987",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.107, 9.3.2408.117, and 9.2.2406.121, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a malicious payload through the `User Interface - Views` configuration page that could potentially lead to a denial of service (DoS).The user could cause the DoS by exploiting a path traversal vulnerability that allows for deletion of arbitrary files within a Splunk directory. The vulnerability requires the low-privileged user to phish the administrator-level victim by tricking them into initiating a request within their browser. The low-privileged user should not be able to exploit the vulnerability at will."
},
{
"lang": "es",
"value": "En las versiones de Splunk Enterprise anteriores a 9.4.3, 9.3.5, 9.2.7 y 9.1.10, y de Splunk Cloud Platform anteriores a 9.3.2411.107, 9.3.2408.117 y 9.2.2406.121, un usuario con privilegios bajos que no tenga los roles de administrador o de alto nivel de Splunk podr\u00eda manipular un payload malicioso a trav\u00e9s de la p\u00e1gina de configuraci\u00f3n \"Interfaz de usuario - Vistas\", lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS). El usuario podr\u00eda causar la denegaci\u00f3n de servicio (DoS) explotando una vulnerabilidad de path traversal que permite la eliminaci\u00f3n de archivos arbitrarios dentro de un directorio de Splunk. La vulnerabilidad requiere que el usuario con privilegios bajos suplante a la v\u00edctima con nivel de administrador, enga\u00f1\u00e1ndola para que inicie una solicitud en su navegador. El usuario con privilegios bajos no deber\u00eda poder explotar la vulnerabilidad a voluntad."
}
],
"metrics": {

8
CVE-2025/CVE-2025-203xx/CVE-2025-20321.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-20321",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-07-07T18:15:26.143",
"lastModified": "2025-07-07T18:15:26.143",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.114, and 9.2.2406.119, an unauthenticated attacker can send a specially-crafted SPL search that could change the membership state in a Splunk Search Head Cluster (SHC) through a Cross-Site Request Forgery (CSRF), potentially leading to the removal of the captain or a member of the SHC.<br><br>The vulnerability requires the attacker to phish the administrator-level victim by tricking them into initiating a request within their browser. The attacker should not be able to exploit the vulnerability at will."
},
{
"lang": "es",
"value": "En las versiones de Splunk Enterprise anteriores a 9.4.3, 9.3.5, 9.2.7 y 9.1.10, y de Splunk Cloud Platform anteriores a 9.3.2411.104, 9.3.2408.114 y 9.2.2406.119, un atacante no autenticado puede enviar una b\u00fasqueda SPL especialmente manipulada que podr\u00eda cambiar el estado de membres\u00eda en un Cl\u00faster de Cabeza de B\u00fasqueda (SHC) de Splunk mediante un Cross-Site Request Forgery (CSRF), lo que podr\u00eda provocar la eliminaci\u00f3n del capit\u00e1n o de un miembro del SHC.<br><br>La vulnerabilidad requiere que el atacante suplante a la v\u00edctima con nivel de administrador, enga\u00f1\u00e1ndola para que inicie una solicitud desde su navegador. El atacante no deber\u00eda poder explotar la vulnerabilidad a voluntad."
}
],
"metrics": {

8
CVE-2025/CVE-2025-203xx/CVE-2025-20322.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-20322",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-07-07T18:15:26.307",
"lastModified": "2025-07-07T18:15:26.307",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, an unauthenticated attacker could send a specially-crafted SPL search command that could trigger a rolling restart in the Search Head Cluster through a Cross-Site Request Forgery (CSRF), potentially leading to a denial of service (DoS).<br><br>The vulnerability requires the attacker to phish the administrator-level victim by tricking them into initiating a request within their browser. The attacker should not be able to exploit the vulnerability at will.<br><br>See [How rolling restart works](https://docs.splunk.com/Documentation/Splunk/9.4.2/DistSearch/RestartSHC) for more information."
},
{
"lang": "es",
"value": "En las versiones de Splunk Enterprise anteriores a 9.4.3, 9.3.5, 9.2.7 y 9.1.10, y Splunk Cloud Platform anteriores a 9.3.2411.104, 9.3.2408.113 y 9.2.2406.119, un atacante no autenticado podr\u00eda enviar un comando de b\u00fasqueda SPL especialmente manipulado que podr\u00eda desencadenar un reinicio progresivo en el cl\u00faster del cabezal de b\u00fasqueda a trav\u00e9s de un Cross-Site Request Forgery (CSRF), lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS).<br><br>La vulnerabilidad requiere que el atacante suplante de identidad (phishing) a la v\u00edctima de nivel de administrador enga\u00f1\u00e1ndola para que inicie una solicitud dentro de su navegador. El atacante no deber\u00eda poder explotar la vulnerabilidad a voluntad.<br><br>Consulte [C\u00f3mo funciona el reinicio continuo](https://docs.splunk.com/Documentation/Splunk/9.4.2/DistSearch/RestartSHC) para obtener m\u00e1s informaci\u00f3n."
}
],
"metrics": {

8
CVE-2025/CVE-2025-203xx/CVE-2025-20323.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-20323",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-07-07T18:15:26.470",
"lastModified": "2025-07-07T18:15:26.470",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could turn off the scheduled search `Bucket Copy Trigger` within the Splunk Archiver application. This is because of missing access controls in the saved searches for this app."
},
{
"lang": "es",
"value": "En versiones de Splunk Enterprise anteriores a 9.4.3, 9.3.5, 9.2.7 y 9.1.10, un usuario con privilegios bajos que no tenga los roles de \"admin\" o \"power\" de Splunk podr\u00eda desactivar la b\u00fasqueda programada \"Bucket Copy Trigger\" en la aplicaci\u00f3n Splunk Archiver. Esto se debe a la falta de controles de acceso en las b\u00fasquedas guardadas de esta aplicaci\u00f3n."
}
],
"metrics": {

8
CVE-2025/CVE-2025-203xx/CVE-2025-20324.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-20324",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-07-07T18:15:26.633",
"lastModified": "2025-07-07T18:15:26.633",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.7, and 9.1.10 and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could create or overwrite [system source type](https://help.splunk.com/en/splunk-enterprise/get-started/get-data-in/9.2/configure-source-types/create-source-types) configurations by sending a specially-crafted payload to the `/servicesNS/nobody/search/admin/sourcetypes/` REST endpoint on the Splunk management port."
},
{
"lang": "es",
"value": "En las versiones de Splunk Enterprise anteriores a 9.4.2, 9.3.5, 9.2.7 y 9.1.10 y Splunk Cloud Platform anteriores a 9.3.2411.104, 9.3.2408.113 y 9.2.2406.119, un usuario con privilegios bajos que no tenga los roles de \"administrador\" o \"poder\" de Splunk podr\u00eda crear o sobrescribir configuraciones de [tipo de origen del sistema](https://help.splunk.com/en/splunk-enterprise/get-started/get-data-in/9.2/configure-source-types/create-source-types) enviando un payload especialmente manipulada al endpoint REST `/servicesNS/nobody/search/admin/sourcetypes/` en el puerto de administraci\u00f3n de Splunk."
}
],
"metrics": {

8
CVE-2025/CVE-2025-203xx/CVE-2025-20325.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-20325",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-07-07T18:15:26.793",
"lastModified": "2025-07-07T18:15:26.793",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:34.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408.113, and 9.2.2406.119, the software potentially exposes the search head cluster [splunk.secret](https://help.splunk.com/en/splunk-enterprise/administer/manage-users-and-security/9.4/install-splunk-enterprise-securely/deploy-secure-passwords-across-multiple-servers) key. This exposure could happen if you have a Search Head cluster and you configure the Splunk Enterprise\u00a0`SHCConfig`\u00a0log channel at the DEBUG logging level in the clustered deployment. <br><br>The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. <br><br>See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities), [Deploy a search head cluster](https://help.splunk.com/en/splunk-enterprise/administer/distributed-search/9.4/deploy-search-head-clustering/deploy-a-search-head-cluster), [Deploy secure passwords across multiple servers](https://help.splunk.com/en/splunk-enterprise/administer/manage-users-and-security/9.4/install-splunk-enterprise-securely/deploy-secure-passwords-across-multiple-servers) and [Set a security key for the search head cluster](https://help.splunk.com/splunk-enterprise/administer/distributed-search/9.4/configure-search-head-clustering/set-a-security-key-for-the-search-head-cluster#id_2c54937a_736c_47b5_9485_67e9e390acfa__Set_a_security_key_for_the_search_head_cluster) for more information."
},
{
"lang": "es",
"value": "En las versiones de Splunk Enterprise anteriores a 9.4.3, 9.3.5, 9.2.7 y 9.1.10, y de Splunk Cloud Platform anteriores a 9.3.2411.103, 9.3.2408.113 y 9.2.2406.119, el software podr\u00eda exponer la clave del cl\u00faster de cabezales de b\u00fasqueda [splunk.secret](https://help.splunk.com/en/splunk-enterprise/administer/manage-users-and-security/9.4/install-splunk-enterprise-securely/deploy-secure-passwords-across-multiple-servers). Esta exposici\u00f3n podr\u00eda ocurrir si tiene un cl\u00faster de cabezales de b\u00fasqueda y configura el canal de registro `SHCConfig` de Splunk Enterprise en el nivel de registro DEBUG de la implementaci\u00f3n en cl\u00faster. <br><br>La vulnerabilidad requerir\u00eda acceso local a los archivos de registro o acceso administrativo a los \u00edndices internos, que, por defecto, solo recibe el rol de administrador. Revise los roles y las capacidades de su instancia y restrinja el acceso a los \u00edndices internos a los roles de administrador. <br><br>See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities), [Deploy a search head cluster](https://help.splunk.com/en/splunk-enterprise/administer/distributed-search/9.4/deploy-search-head-clustering/deploy-a-search-head-cluster), [Deploy secure passwords across multiple servers](https://help.splunk.com/en/splunk-enterprise/administer/manage-users-and-security/9.4/install-splunk-enterprise-securely/deploy-secure-passwords-across-multiple-servers) and [Set a security key for the search head cluster](https://help.splunk.com/splunk-enterprise/administer/distributed-search/9.4/configure-search-head-clustering/set-a-security-key-for-the-search-head-cluster#id_2c54937a_736c_47b5_9485_67e9e390acfa__Set_a_security_key_for_the_search_head_cluster) for more information. "
}
],
"metrics": {

4
CVE-2025/CVE-2025-206xx/CVE-2025-20680.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20680",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-07-08T03:15:26.423",
"lastModified": "2025-07-08T14:15:24.853",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2025/CVE-2025-206xx/CVE-2025-20681.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20681",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-07-08T03:15:27.260",
"lastModified": "2025-07-08T14:15:25.033",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2025/CVE-2025-206xx/CVE-2025-20682.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20682",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-07-08T03:15:27.407",
"lastModified": "2025-07-08T14:15:25.190",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2025/CVE-2025-206xx/CVE-2025-20683.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20683",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-07-08T03:15:27.550",
"lastModified": "2025-07-08T14:15:25.357",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2025/CVE-2025-206xx/CVE-2025-20684.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20684",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-07-08T03:15:27.690",
"lastModified": "2025-07-08T14:15:25.517",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

14
CVE-2025/CVE-2025-206xx/CVE-2025-20685.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20685",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-07-08T03:15:27.833",
"lastModified": "2025-07-08T14:15:25.683",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -22,10 +22,10 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
@ -34,7 +34,7 @@
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]

14
CVE-2025/CVE-2025-206xx/CVE-2025-20686.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20686",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-07-08T03:15:27.987",
"lastModified": "2025-07-08T14:15:25.843",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -22,10 +22,10 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
@ -34,7 +34,7 @@
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]

4
CVE-2025/CVE-2025-206xx/CVE-2025-20687.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20687",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-07-08T03:15:28.143",
"lastModified": "2025-07-08T14:15:26.030",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2025/CVE-2025-206xx/CVE-2025-20688.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20688",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-07-08T03:15:28.350",
"lastModified": "2025-07-08T15:15:24.217",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2025/CVE-2025-206xx/CVE-2025-20689.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20689",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-07-08T03:15:28.503",
"lastModified": "2025-07-08T15:15:24.447",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2025/CVE-2025-206xx/CVE-2025-20690.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20690",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-07-08T03:15:28.653",
"lastModified": "2025-07-08T15:15:24.643",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2025/CVE-2025-206xx/CVE-2025-20691.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20691",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-07-08T03:15:28.807",
"lastModified": "2025-07-08T15:15:24.843",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2025/CVE-2025-206xx/CVE-2025-20692.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20692",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-07-08T03:15:28.950",
"lastModified": "2025-07-08T15:15:25.050",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2025/CVE-2025-206xx/CVE-2025-20693.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20693",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-07-08T03:15:29.100",
"lastModified": "2025-07-08T15:15:25.233",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2025/CVE-2025-206xx/CVE-2025-20694.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20694",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-07-08T03:15:29.250",
"lastModified": "2025-07-08T15:15:25.393",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2025/CVE-2025-206xx/CVE-2025-20695.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20695",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-07-08T03:15:29.433",
"lastModified": "2025-07-08T14:15:26.193",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2025/CVE-2025-209xx/CVE-2025-20982.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-20982",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:24.733",
"lastModified": "2025-07-08T11:15:24.733",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory."
},
{
"lang": "es",
"value": "La escritura fuera de los l\u00edmites en la configuraci\u00f3n de autenticaci\u00f3n secreta en el trustlet de KnoxVault anterior a SMR Jul-2025 Release 1 permite que atacantes privilegiados locales escriban fuera de los l\u00edmites de la memoria."
}
],
"metrics": {

8
CVE-2025/CVE-2025-209xx/CVE-2025-20983.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-20983",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:24.873",
"lastModified": "2025-07-08T11:15:24.873",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory."
},
{
"lang": "es",
"value": "La escritura fuera de los l\u00edmites en la verificaci\u00f3n de secretos de autenticaci\u00f3n en el trustlet de KnoxVault antes de la versi\u00f3n 1 de SMR de julio de 2025 permite que atacantes privilegiados locales escriban en memoria fuera de los l\u00edmites."
}
],
"metrics": {

8
CVE-2025/CVE-2025-209xx/CVE-2025-20997.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-20997",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:25.000",
"lastModified": "2025-07-08T11:15:25.000",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch."
},
{
"lang": "es",
"value": "El permiso predeterminado incorrecto en Framework para Galaxy Watch anterior a SMR Jul-2025 Release 1 permite que atacantes locales restablezcan alguna configuraci\u00f3n de Galaxy Watch."
}
],
"metrics": {

8
CVE-2025/CVE-2025-209xx/CVE-2025-20998.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-20998",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:25.137",
"lastModified": "2025-07-08T11:15:25.137",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number."
},
{
"lang": "es",
"value": "El control de acceso inadecuado en SamsungAccount para Galaxy Watch anterior a SMR Jul-2025 Release 1 permite que atacantes locales accedan al n\u00famero de tel\u00e9fono."
}
],
"metrics": {

8
CVE-2025/CVE-2025-209xx/CVE-2025-20999.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-20999",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2025-07-08T11:15:25.267",
"lastModified": "2025-07-08T11:15:25.267",
"vulnStatus": "Received",
"lastModified": "2025-07-08T16:18:14.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper authorization in accessing saved Wi-Fi password for Galaxy Tablet prior to SMR Jul-2025 Release 1 allows secondary users to access owner's saved Wi-Fi password."
},
{
"lang": "es",
"value": "La autorizaci\u00f3n incorrecta para acceder a la contrase\u00f1a de Wi-Fi guardada para Galaxy Tablet anterior a la versi\u00f3n 1 de SMR de julio de 2025 permite que usuarios secundarios accedan a la contrase\u00f1a de Wi-Fi guardada del propietario."
}
],
"metrics": {

Some files were not shown because too many files have changed in this diff Show More