From 08e337155a5d69a61ceb60858cbcf24c5c6c6f0d Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 21 Jan 2025 17:04:09 +0000 Subject: [PATCH] Auto-Update: 2025-01-21T17:00:40.320556+00:00 --- CVE-2008/CVE-2008-71xx/CVE-2008-7109.json | 32 ++- CVE-2009/CVE-2009-00xx/CVE-2009-0082.json | 24 +- CVE-2009/CVE-2009-01xx/CVE-2009-0130.json | 24 +- CVE-2009/CVE-2009-05xx/CVE-2009-0554.json | 24 +- CVE-2009/CVE-2009-15xx/CVE-2009-1532.json | 34 ++- CVE-2009/CVE-2009-19xx/CVE-2009-1936.json | 32 ++- CVE-2009/CVE-2009-21xx/CVE-2009-2168.json | 22 +- CVE-2009/CVE-2009-24xx/CVE-2009-2416.json | 32 ++- CVE-2009/CVE-2009-24xx/CVE-2009-2494.json | 34 ++- CVE-2009/CVE-2009-28xx/CVE-2009-2857.json | 32 ++- CVE-2018/CVE-2018-93xx/CVE-2018-9387.json | 43 +++- CVE-2018/CVE-2018-94xx/CVE-2018-9401.json | 43 +++- CVE-2018/CVE-2018-94xx/CVE-2018-9405.json | 43 +++- CVE-2018/CVE-2018-94xx/CVE-2018-9461.json | 43 +++- CVE-2018/CVE-2018-94xx/CVE-2018-9464.json | 43 +++- CVE-2023/CVE-2023-232xx/CVE-2023-23299.json | 12 +- CVE-2024/CVE-2024-07xx/CVE-2024-0795.json | 66 +++++- CVE-2024/CVE-2024-11xx/CVE-2024-1169.json | 84 ++++++- CVE-2024/CVE-2024-11xx/CVE-2024-1170.json | 84 ++++++- CVE-2024/CVE-2024-17xx/CVE-2024-1720.json | 84 ++++++- CVE-2024/CVE-2024-17xx/CVE-2024-1761.json | 74 +++++- CVE-2024/CVE-2024-20xx/CVE-2024-2021.json | 75 +++++- CVE-2024/CVE-2024-20xx/CVE-2024-2022.json | 75 +++++- CVE-2024/CVE-2024-228xx/CVE-2024-22889.json | 61 ++++- CVE-2024/CVE-2024-240xx/CVE-2024-24098.json | 71 +++++- CVE-2024/CVE-2024-258xx/CVE-2024-25865.json | 72 +++++- CVE-2024/CVE-2024-275xx/CVE-2024-27561.json | 63 ++++- CVE-2024/CVE-2024-275xx/CVE-2024-27563.json | 63 ++++- CVE-2024/CVE-2024-275xx/CVE-2024-27564.json | 67 +++++- CVE-2024/CVE-2024-275xx/CVE-2024-27565.json | 67 +++++- CVE-2024/CVE-2024-277xx/CVE-2024-27765.json | 66 +++++- CVE-2024/CVE-2024-279xx/CVE-2024-27913.json | 71 +++++- CVE-2024/CVE-2024-279xx/CVE-2024-27929.json | 71 +++++- CVE-2024/CVE-2024-29xx/CVE-2024-2966.json | 74 +++++- CVE-2024/CVE-2024-319xx/CVE-2024-31981.json | 119 +++++++++- CVE-2024/CVE-2024-319xx/CVE-2024-31982.json | 131 +++++++++-- CVE-2024/CVE-2024-319xx/CVE-2024-31983.json | 134 ++++++++++- CVE-2024/CVE-2024-319xx/CVE-2024-31984.json | 161 +++++++++++-- CVE-2024/CVE-2024-319xx/CVE-2024-31986.json | 119 +++++++++- CVE-2024/CVE-2024-319xx/CVE-2024-31987.json | 121 +++++++++- CVE-2024/CVE-2024-325xx/CVE-2024-32555.json | 56 +++++ CVE-2024/CVE-2024-327xx/CVE-2024-32794.json | 52 ++++- CVE-2024/CVE-2024-343xx/CVE-2024-34355.json | 83 ++++++- CVE-2024/CVE-2024-347xx/CVE-2024-34716.json | 73 +++++- CVE-2024/CVE-2024-347xx/CVE-2024-34717.json | 71 +++++- CVE-2024/CVE-2024-371xx/CVE-2024-37164.json | 75 +++++- CVE-2024/CVE-2024-373xx/CVE-2024-37306.json | 75 +++++- CVE-2024/CVE-2024-38xx/CVE-2024-3863.json | 111 ++++++++- CVE-2024/CVE-2024-38xx/CVE-2024-3872.json | 62 ++++- CVE-2024/CVE-2024-38xx/CVE-2024-3875.json | 111 ++++++++- CVE-2024/CVE-2024-38xx/CVE-2024-3876.json | 111 ++++++++- CVE-2024/CVE-2024-38xx/CVE-2024-3877.json | 111 ++++++++- CVE-2024/CVE-2024-38xx/CVE-2024-3878.json | 111 ++++++++- CVE-2024/CVE-2024-41xx/CVE-2024-4166.json | 111 ++++++++- CVE-2024/CVE-2024-41xx/CVE-2024-4167.json | 111 ++++++++- CVE-2024/CVE-2024-41xx/CVE-2024-4168.json | 111 ++++++++- CVE-2024/CVE-2024-41xx/CVE-2024-4169.json | 111 ++++++++- CVE-2024/CVE-2024-41xx/CVE-2024-4170.json | 111 ++++++++- CVE-2024/CVE-2024-41xx/CVE-2024-4196.json | 62 ++++- CVE-2024/CVE-2024-41xx/CVE-2024-4197.json | 62 ++++- CVE-2024/CVE-2024-453xx/CVE-2024-45393.json | 64 +++++- CVE-2024/CVE-2024-471xx/CVE-2024-47115.json | 41 +++- CVE-2024/CVE-2024-493xx/CVE-2024-49300.json | 56 +++++ CVE-2024/CVE-2024-493xx/CVE-2024-49303.json | 56 +++++ CVE-2024/CVE-2024-493xx/CVE-2024-49333.json | 56 +++++ CVE-2024/CVE-2024-496xx/CVE-2024-49655.json | 56 +++++ CVE-2024/CVE-2024-496xx/CVE-2024-49666.json | 56 +++++ CVE-2024/CVE-2024-496xx/CVE-2024-49688.json | 56 +++++ CVE-2024/CVE-2024-496xx/CVE-2024-49699.json | 56 +++++ CVE-2024/CVE-2024-497xx/CVE-2024-49700.json | 56 +++++ CVE-2024/CVE-2024-506xx/CVE-2024-50633.json | 47 +++- CVE-2024/CVE-2024-518xx/CVE-2024-51818.json | 56 +++++ CVE-2024/CVE-2024-518xx/CVE-2024-51888.json | 56 +++++ CVE-2024/CVE-2024-519xx/CVE-2024-51919.json | 56 +++++ CVE-2024/CVE-2024-538xx/CVE-2024-53829.json | 56 +++++ CVE-2024/CVE-2024-547xx/CVE-2024-54724.json | 39 +++- CVE-2024/CVE-2024-562xx/CVE-2024-56277.json | 56 +++++ CVE-2024/CVE-2024-569xx/CVE-2024-56990.json | 21 ++ CVE-2024/CVE-2024-569xx/CVE-2024-56997.json | 21 ++ CVE-2024/CVE-2024-569xx/CVE-2024-56998.json | 21 ++ CVE-2024/CVE-2024-570xx/CVE-2024-57036.json | 21 ++ CVE-2024/CVE-2024-579xx/CVE-2024-57939.json | 33 +++ CVE-2024/CVE-2024-579xx/CVE-2024-57940.json | 33 +++ CVE-2024/CVE-2024-579xx/CVE-2024-57941.json | 25 ++ CVE-2024/CVE-2024-579xx/CVE-2024-57942.json | 25 ++ CVE-2024/CVE-2024-579xx/CVE-2024-57943.json | 25 ++ CVE-2024/CVE-2024-579xx/CVE-2024-57944.json | 25 ++ CVE-2024/CVE-2024-579xx/CVE-2024-57945.json | 29 +++ CVE-2024/CVE-2024-579xx/CVE-2024-57946.json | 45 ++++ CVE-2024/CVE-2024-73xx/CVE-2024-7344.json | 116 +++++++++- CVE-2025/CVE-2025-03xx/CVE-2025-0377.json | 56 +++++ CVE-2025/CVE-2025-05xx/CVE-2025-0532.json | 14 +- CVE-2025/CVE-2025-05xx/CVE-2025-0590.json | 31 ++- CVE-2025/CVE-2025-216xx/CVE-2025-21656.json | 29 +++ CVE-2025/CVE-2025-216xx/CVE-2025-21657.json | 25 ++ CVE-2025/CVE-2025-216xx/CVE-2025-21658.json | 29 +++ CVE-2025/CVE-2025-216xx/CVE-2025-21659.json | 25 ++ CVE-2025/CVE-2025-216xx/CVE-2025-21660.json | 33 +++ CVE-2025/CVE-2025-216xx/CVE-2025-21661.json | 25 ++ CVE-2025/CVE-2025-216xx/CVE-2025-21662.json | 33 +++ CVE-2025/CVE-2025-216xx/CVE-2025-21663.json | 29 +++ CVE-2025/CVE-2025-216xx/CVE-2025-21664.json | 33 +++ CVE-2025/CVE-2025-222xx/CVE-2025-22262.json | 56 +++++ CVE-2025/CVE-2025-223xx/CVE-2025-22311.json | 56 +++++ CVE-2025/CVE-2025-223xx/CVE-2025-22318.json | 56 +++++ CVE-2025/CVE-2025-223xx/CVE-2025-22322.json | 56 +++++ CVE-2025/CVE-2025-225xx/CVE-2025-22553.json | 56 +++++ CVE-2025/CVE-2025-227xx/CVE-2025-22706.json | 56 +++++ CVE-2025/CVE-2025-227xx/CVE-2025-22709.json | 56 +++++ CVE-2025/CVE-2025-227xx/CVE-2025-22710.json | 56 +++++ CVE-2025/CVE-2025-227xx/CVE-2025-22711.json | 56 +++++ CVE-2025/CVE-2025-227xx/CVE-2025-22716.json | 56 +++++ CVE-2025/CVE-2025-227xx/CVE-2025-22717.json | 56 +++++ CVE-2025/CVE-2025-227xx/CVE-2025-22718.json | 56 +++++ CVE-2025/CVE-2025-227xx/CVE-2025-22719.json | 56 +++++ CVE-2025/CVE-2025-227xx/CVE-2025-22723.json | 56 +++++ CVE-2025/CVE-2025-227xx/CVE-2025-22727.json | 56 +++++ CVE-2025/CVE-2025-227xx/CVE-2025-22732.json | 56 +++++ CVE-2025/CVE-2025-227xx/CVE-2025-22733.json | 56 +++++ CVE-2025/CVE-2025-227xx/CVE-2025-22735.json | 56 +++++ CVE-2025/CVE-2025-227xx/CVE-2025-22763.json | 56 +++++ CVE-2025/CVE-2025-228xx/CVE-2025-22825.json | 56 +++++ CVE-2025/CVE-2025-230xx/CVE-2025-23086.json | 39 +++- CVE-2025/CVE-2025-232xx/CVE-2025-23218.json | 30 ++- CVE-2025/CVE-2025-232xx/CVE-2025-23219.json | 30 ++- CVE-2025/CVE-2025-232xx/CVE-2025-23220.json | 30 ++- CVE-2025/CVE-2025-239xx/CVE-2025-23997.json | 56 +++++ CVE-2025/CVE-2025-239xx/CVE-2025-23998.json | 56 +++++ CVE-2025/CVE-2025-240xx/CVE-2025-24001.json | 56 +++++ CVE-2025/CVE-2025-240xx/CVE-2025-24011.json | 64 ++++++ CVE-2025/CVE-2025-240xx/CVE-2025-24012.json | 60 +++++ CVE-2025/CVE-2025-240xx/CVE-2025-24017.json | 64 ++++++ README.md | 79 +++++-- _state.csv | 240 ++++++++++++-------- 134 files changed, 7519 insertions(+), 497 deletions(-) create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32555.json create mode 100644 CVE-2024/CVE-2024-493xx/CVE-2024-49300.json create mode 100644 CVE-2024/CVE-2024-493xx/CVE-2024-49303.json create mode 100644 CVE-2024/CVE-2024-493xx/CVE-2024-49333.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49655.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49666.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49688.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49699.json create mode 100644 CVE-2024/CVE-2024-497xx/CVE-2024-49700.json create mode 100644 CVE-2024/CVE-2024-518xx/CVE-2024-51818.json create mode 100644 CVE-2024/CVE-2024-518xx/CVE-2024-51888.json create mode 100644 CVE-2024/CVE-2024-519xx/CVE-2024-51919.json create mode 100644 CVE-2024/CVE-2024-538xx/CVE-2024-53829.json create mode 100644 CVE-2024/CVE-2024-562xx/CVE-2024-56277.json create mode 100644 CVE-2024/CVE-2024-569xx/CVE-2024-56990.json create mode 100644 CVE-2024/CVE-2024-569xx/CVE-2024-56997.json create mode 100644 CVE-2024/CVE-2024-569xx/CVE-2024-56998.json create mode 100644 CVE-2024/CVE-2024-570xx/CVE-2024-57036.json create mode 100644 CVE-2024/CVE-2024-579xx/CVE-2024-57939.json create mode 100644 CVE-2024/CVE-2024-579xx/CVE-2024-57940.json create mode 100644 CVE-2024/CVE-2024-579xx/CVE-2024-57941.json create mode 100644 CVE-2024/CVE-2024-579xx/CVE-2024-57942.json create mode 100644 CVE-2024/CVE-2024-579xx/CVE-2024-57943.json create mode 100644 CVE-2024/CVE-2024-579xx/CVE-2024-57944.json create mode 100644 CVE-2024/CVE-2024-579xx/CVE-2024-57945.json create mode 100644 CVE-2024/CVE-2024-579xx/CVE-2024-57946.json create mode 100644 CVE-2025/CVE-2025-03xx/CVE-2025-0377.json create mode 100644 CVE-2025/CVE-2025-216xx/CVE-2025-21656.json create mode 100644 CVE-2025/CVE-2025-216xx/CVE-2025-21657.json create mode 100644 CVE-2025/CVE-2025-216xx/CVE-2025-21658.json create mode 100644 CVE-2025/CVE-2025-216xx/CVE-2025-21659.json create mode 100644 CVE-2025/CVE-2025-216xx/CVE-2025-21660.json create mode 100644 CVE-2025/CVE-2025-216xx/CVE-2025-21661.json create mode 100644 CVE-2025/CVE-2025-216xx/CVE-2025-21662.json create mode 100644 CVE-2025/CVE-2025-216xx/CVE-2025-21663.json create mode 100644 CVE-2025/CVE-2025-216xx/CVE-2025-21664.json create mode 100644 CVE-2025/CVE-2025-222xx/CVE-2025-22262.json create mode 100644 CVE-2025/CVE-2025-223xx/CVE-2025-22311.json create mode 100644 CVE-2025/CVE-2025-223xx/CVE-2025-22318.json create mode 100644 CVE-2025/CVE-2025-223xx/CVE-2025-22322.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22553.json create mode 100644 CVE-2025/CVE-2025-227xx/CVE-2025-22706.json create mode 100644 CVE-2025/CVE-2025-227xx/CVE-2025-22709.json create mode 100644 CVE-2025/CVE-2025-227xx/CVE-2025-22710.json create mode 100644 CVE-2025/CVE-2025-227xx/CVE-2025-22711.json create mode 100644 CVE-2025/CVE-2025-227xx/CVE-2025-22716.json create mode 100644 CVE-2025/CVE-2025-227xx/CVE-2025-22717.json create mode 100644 CVE-2025/CVE-2025-227xx/CVE-2025-22718.json create mode 100644 CVE-2025/CVE-2025-227xx/CVE-2025-22719.json create mode 100644 CVE-2025/CVE-2025-227xx/CVE-2025-22723.json create mode 100644 CVE-2025/CVE-2025-227xx/CVE-2025-22727.json create mode 100644 CVE-2025/CVE-2025-227xx/CVE-2025-22732.json create mode 100644 CVE-2025/CVE-2025-227xx/CVE-2025-22733.json create mode 100644 CVE-2025/CVE-2025-227xx/CVE-2025-22735.json create mode 100644 CVE-2025/CVE-2025-227xx/CVE-2025-22763.json create mode 100644 CVE-2025/CVE-2025-228xx/CVE-2025-22825.json create mode 100644 CVE-2025/CVE-2025-239xx/CVE-2025-23997.json create mode 100644 CVE-2025/CVE-2025-239xx/CVE-2025-23998.json create mode 100644 CVE-2025/CVE-2025-240xx/CVE-2025-24001.json create mode 100644 CVE-2025/CVE-2025-240xx/CVE-2025-24011.json create mode 100644 CVE-2025/CVE-2025-240xx/CVE-2025-24012.json create mode 100644 CVE-2025/CVE-2025-240xx/CVE-2025-24017.json diff --git a/CVE-2008/CVE-2008-71xx/CVE-2008-7109.json b/CVE-2008/CVE-2008-71xx/CVE-2008-7109.json index 89731bffdce..f76095f906e 100644 --- a/CVE-2008/CVE-2008-71xx/CVE-2008-7109.json +++ b/CVE-2008/CVE-2008-71xx/CVE-2008-7109.json @@ -2,7 +2,7 @@ "id": "CVE-2008-7109", "sourceIdentifier": "cve@mitre.org", "published": "2009-08-28T15:30:00.280", - "lastModified": "2024-11-21T00:58:17.817", + "lastModified": "2025-01-21T16:15:07.623", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -74,6 +94,16 @@ "value": "CWE-863" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] } ], "configurations": [ diff --git a/CVE-2009/CVE-2009-00xx/CVE-2009-0082.json b/CVE-2009/CVE-2009-00xx/CVE-2009-0082.json index a374bc18eb7..a7d3470c391 100644 --- a/CVE-2009/CVE-2009-00xx/CVE-2009-0082.json +++ b/CVE-2009/CVE-2009-00xx/CVE-2009-0082.json @@ -2,7 +2,7 @@ "id": "CVE-2009-0082", "sourceIdentifier": "secure@microsoft.com", "published": "2009-03-10T20:30:01.483", - "lastModified": "2024-11-21T00:59:00.933", + "lastModified": "2025-01-21T16:15:08.470", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -16,6 +16,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", diff --git a/CVE-2009/CVE-2009-01xx/CVE-2009-0130.json b/CVE-2009/CVE-2009-01xx/CVE-2009-0130.json index 98c311328ae..cd000b15af0 100644 --- a/CVE-2009/CVE-2009-01xx/CVE-2009-0130.json +++ b/CVE-2009/CVE-2009-01xx/CVE-2009-0130.json @@ -2,7 +2,7 @@ "id": "CVE-2009-0130", "sourceIdentifier": "cve@mitre.org", "published": "2009-01-15T17:30:00.640", - "lastModified": "2024-11-21T00:59:07.410", + "lastModified": "2025-01-21T16:15:08.717", "vulnStatus": "Modified", "cveTags": [ { @@ -23,6 +23,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", diff --git a/CVE-2009/CVE-2009-05xx/CVE-2009-0554.json b/CVE-2009/CVE-2009-05xx/CVE-2009-0554.json index 3bde90877dc..5aa8419baa1 100644 --- a/CVE-2009/CVE-2009-05xx/CVE-2009-0554.json +++ b/CVE-2009/CVE-2009-05xx/CVE-2009-0554.json @@ -2,7 +2,7 @@ "id": "CVE-2009-0554", "sourceIdentifier": "secure@microsoft.com", "published": "2009-04-15T08:00:00.687", - "lastModified": "2024-11-21T01:00:18.450", + "lastModified": "2025-01-21T16:15:08.967", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -16,6 +16,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", diff --git a/CVE-2009/CVE-2009-15xx/CVE-2009-1532.json b/CVE-2009/CVE-2009-15xx/CVE-2009-1532.json index 1a558c39aed..273d59ebdfc 100644 --- a/CVE-2009/CVE-2009-15xx/CVE-2009-1532.json +++ b/CVE-2009/CVE-2009-15xx/CVE-2009-1532.json @@ -2,7 +2,7 @@ "id": "CVE-2009-1532", "sourceIdentifier": "secure@microsoft.com", "published": "2009-06-10T18:30:00.530", - "lastModified": "2024-11-21T01:02:41.780", + "lastModified": "2025-01-21T16:15:09.300", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -16,6 +16,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -52,6 +74,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ diff --git a/CVE-2009/CVE-2009-19xx/CVE-2009-1936.json b/CVE-2009/CVE-2009-19xx/CVE-2009-1936.json index be9663137a2..f12477ebf14 100644 --- a/CVE-2009/CVE-2009-19xx/CVE-2009-1936.json +++ b/CVE-2009/CVE-2009-19xx/CVE-2009-1936.json @@ -2,7 +2,7 @@ "id": "CVE-2009-1936", "sourceIdentifier": "cve@mitre.org", "published": "2009-06-05T18:30:00.187", - "lastModified": "2024-11-21T01:03:44.170", + "lastModified": "2025-01-21T16:15:09.737", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -74,6 +94,16 @@ "value": "CWE-22" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] } ], "configurations": [ diff --git a/CVE-2009/CVE-2009-21xx/CVE-2009-2168.json b/CVE-2009/CVE-2009-21xx/CVE-2009-2168.json index 007db66d1b9..492227ff96c 100644 --- a/CVE-2009/CVE-2009-21xx/CVE-2009-2168.json +++ b/CVE-2009/CVE-2009-21xx/CVE-2009-2168.json @@ -2,7 +2,7 @@ "id": "CVE-2009-2168", "sourceIdentifier": "cve@mitre.org", "published": "2009-06-22T20:30:00.327", - "lastModified": "2024-11-21T01:04:17.133", + "lastModified": "2025-01-21T16:15:10.100", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2009/CVE-2009-24xx/CVE-2009-2416.json b/CVE-2009/CVE-2009-24xx/CVE-2009-2416.json index f910d63f764..f109f112643 100644 --- a/CVE-2009/CVE-2009-24xx/CVE-2009-2416.json +++ b/CVE-2009/CVE-2009-24xx/CVE-2009-2416.json @@ -2,7 +2,7 @@ "id": "CVE-2009-2416", "sourceIdentifier": "secalert@redhat.com", "published": "2009-08-11T18:30:00.983", - "lastModified": "2024-11-21T01:04:49.253", + "lastModified": "2025-01-21T16:15:10.397", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ], "cvssMetricV2": [ @@ -74,6 +94,16 @@ "value": "CWE-416" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] } ], "configurations": [ diff --git a/CVE-2009/CVE-2009-24xx/CVE-2009-2494.json b/CVE-2009/CVE-2009-24xx/CVE-2009-2494.json index 646e58e62db..f5573adeeca 100644 --- a/CVE-2009/CVE-2009-24xx/CVE-2009-2494.json +++ b/CVE-2009/CVE-2009-24xx/CVE-2009-2494.json @@ -2,7 +2,7 @@ "id": "CVE-2009-2494", "sourceIdentifier": "secure@microsoft.com", "published": "2009-08-12T17:30:00.750", - "lastModified": "2024-11-21T01:05:00.813", + "lastModified": "2025-01-21T16:15:10.823", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -16,6 +16,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -52,6 +74,16 @@ "value": "CWE-94" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] } ], "configurations": [ diff --git a/CVE-2009/CVE-2009-28xx/CVE-2009-2857.json b/CVE-2009/CVE-2009-28xx/CVE-2009-2857.json index 86c94b92dd2..b1734ccaf41 100644 --- a/CVE-2009/CVE-2009-28xx/CVE-2009-2857.json +++ b/CVE-2009/CVE-2009-28xx/CVE-2009-2857.json @@ -2,7 +2,7 @@ "id": "CVE-2009-2857", "sourceIdentifier": "cve@mitre.org", "published": "2009-08-19T17:30:01.170", - "lastModified": "2024-11-21T01:05:54.947", + "lastModified": "2025-01-21T16:15:11.127", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ], "cvssMetricV2": [ @@ -74,6 +94,16 @@ "value": "CWE-667" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] } ], "configurations": [ diff --git a/CVE-2018/CVE-2018-93xx/CVE-2018-9387.json b/CVE-2018/CVE-2018-93xx/CVE-2018-9387.json index 03301240bb5..99a43acc49c 100644 --- a/CVE-2018/CVE-2018-93xx/CVE-2018-9387.json +++ b/CVE-2018/CVE-2018-93xx/CVE-2018-9387.json @@ -2,16 +2,55 @@ "id": "CVE-2018-9387", "sourceIdentifier": "security@android.com", "published": "2025-01-18T00:15:23.930", - "lastModified": "2025-01-18T00:15:23.930", + "lastModified": "2025-01-21T16:15:11.453", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In multiple functions of mnh-sm.c, there is a possible way to trigger a heap overflow due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En multiple functions de mnh-sm.c, existe una forma posible de provocar un desbordamiento de mont\u00f3n debido a un desbordamiento de enteros. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2018-06-01", diff --git a/CVE-2018/CVE-2018-94xx/CVE-2018-9401.json b/CVE-2018/CVE-2018-94xx/CVE-2018-9401.json index c376eb7c9c6..15e3831db7b 100644 --- a/CVE-2018/CVE-2018-94xx/CVE-2018-9401.json +++ b/CVE-2018/CVE-2018-94xx/CVE-2018-9401.json @@ -2,16 +2,55 @@ "id": "CVE-2018-9401", "sourceIdentifier": "security@android.com", "published": "2025-01-18T00:15:24.707", - "lastModified": "2025-01-18T00:15:24.707", + "lastModified": "2025-01-21T16:15:11.637", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In many locations, there is a possible way to access kernel memory in user space due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En muchas ubicaciones, existe una forma posible de acceder a la memoria del n\u00facleo en el espacio de usuario debido a una verificaci\u00f3n de los l\u00edmites incorrecta. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2018-06-01", diff --git a/CVE-2018/CVE-2018-94xx/CVE-2018-9405.json b/CVE-2018/CVE-2018-94xx/CVE-2018-9405.json index 0114b64b278..91028882e27 100644 --- a/CVE-2018/CVE-2018-94xx/CVE-2018-9405.json +++ b/CVE-2018/CVE-2018-94xx/CVE-2018-9405.json @@ -2,16 +2,55 @@ "id": "CVE-2018-9405", "sourceIdentifier": "security@android.com", "published": "2025-01-18T00:15:24.807", - "lastModified": "2025-01-18T00:15:24.807", + "lastModified": "2025-01-21T16:15:11.810", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In BnDmAgent::onTransact of dm_agent.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En BnDmAgent::onTransact de dm_agent.cpp, existe una posible escritura fuera de los l\u00edmites debido a una neutra. Esto podr\u00eda provocar una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2018-06-01", diff --git a/CVE-2018/CVE-2018-94xx/CVE-2018-9461.json b/CVE-2018/CVE-2018-94xx/CVE-2018-9461.json index f29c67962ff..aaaa0adc258 100644 --- a/CVE-2018/CVE-2018-94xx/CVE-2018-9461.json +++ b/CVE-2018/CVE-2018-94xx/CVE-2018-9461.json @@ -2,16 +2,55 @@ "id": "CVE-2018-9461", "sourceIdentifier": "security@android.com", "published": "2025-01-18T00:15:25.043", - "lastModified": "2025-01-18T00:15:25.043", + "lastModified": "2025-01-21T16:15:11.970", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In onAttachFragment of ShareIntentActivity.java, there is a possible way for an app to read files in the messages app due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En onAttachFragment de ShareIntentActivity.java, existe una forma posible de que una aplicaci\u00f3n lea archivos en la aplicaci\u00f3n de mensajes debido a una condici\u00f3n ejecuci\u00f3n. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.0, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2018-08-01", diff --git a/CVE-2018/CVE-2018-94xx/CVE-2018-9464.json b/CVE-2018/CVE-2018-94xx/CVE-2018-9464.json index 1d92cb82e09..9242a87d9ef 100644 --- a/CVE-2018/CVE-2018-94xx/CVE-2018-9464.json +++ b/CVE-2018/CVE-2018-94xx/CVE-2018-9464.json @@ -2,16 +2,55 @@ "id": "CVE-2018-9464", "sourceIdentifier": "security@android.com", "published": "2025-01-18T00:15:25.163", - "lastModified": "2025-01-18T00:15:25.163", + "lastModified": "2025-01-21T16:15:12.133", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In multiple locations, there is a possible way to read protected files due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En varias ubicaciones, existe una forma posible de leer archivos protegidos debido a la falta de una verificaci\u00f3n de permisos. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2018-08-01", diff --git a/CVE-2023/CVE-2023-232xx/CVE-2023-23299.json b/CVE-2023/CVE-2023-232xx/CVE-2023-23299.json index 53c2099e4e5..e1a5108ed3e 100644 --- a/CVE-2023/CVE-2023-232xx/CVE-2023-23299.json +++ b/CVE-2023/CVE-2023-232xx/CVE-2023-23299.json @@ -2,7 +2,7 @@ "id": "CVE-2023-23299", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-23T20:15:09.330", - "lastModified": "2024-11-21T07:45:57.840", + "lastModified": "2025-01-21T15:15:10.590", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -45,6 +45,16 @@ "value": "NVD-CWE-noinfo" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0795.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0795.json index 53acc0bc122..039d01af8b7 100644 --- a/CVE-2024/CVE-2024-07xx/CVE-2024-0795.json +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0795.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0795", "sourceIdentifier": "security@huntr.dev", "published": "2024-03-02T22:15:49.813", - "lastModified": "2024-11-21T08:47:23.423", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T15:06:36.627", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -16,6 +16,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -51,22 +73,54 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mintplexlabs:anythingllm:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.0.0", + "matchCriteriaId": "0D667E32-5A5C-479C-BB81-47F3BCA38C13" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/mintplex-labs/anything-llm/commit/9a237db3d1f66cdbcf5079599258f5fb251c5564", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.com/bounties/f69e3307-7b44-4776-ac60-2990990723ec", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/mintplex-labs/anything-llm/commit/9a237db3d1f66cdbcf5079599258f5fb251c5564", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.com/bounties/f69e3307-7b44-4776-ac60-2990990723ec", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-11xx/CVE-2024-1169.json b/CVE-2024/CVE-2024-11xx/CVE-2024-1169.json index 419883c7199..7d4bba0bca0 100644 --- a/CVE-2024/CVE-2024-11xx/CVE-2024-1169.json +++ b/CVE-2024/CVE-2024-11xx/CVE-2024-1169.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1169", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-07T11:15:06.943", - "lastModified": "2024-11-21T08:49:57.153", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:59:48.077", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,33 +36,101 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:themekraft:post_form:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.8.8", + "matchCriteriaId": "0E5E7917-79DC-4AF6-A0B8-2E052BEAAE7A" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/buddyforms/trunk/includes/functions.php#L1466", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3046092/buddyforms/trunk/includes/functions.php?contextall=1&old=3023795&old_path=%2Fbuddyforms%2Ftrunk%2Fincludes%2Ffunctions.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6d14a90d-65ea-45da-956b-0735e2e2b538?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/buddyforms/trunk/includes/functions.php#L1466", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3046092/buddyforms/trunk/includes/functions.php?contextall=1&old=3023795&old_path=%2Fbuddyforms%2Ftrunk%2Fincludes%2Ffunctions.php", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6d14a90d-65ea-45da-956b-0735e2e2b538?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-11xx/CVE-2024-1170.json b/CVE-2024/CVE-2024-11xx/CVE-2024-1170.json index 09e9f7dd1d7..ca5d24bde6c 100644 --- a/CVE-2024/CVE-2024-11xx/CVE-2024-1170.json +++ b/CVE-2024/CVE-2024-11xx/CVE-2024-1170.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1170", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-07T11:15:07.643", - "lastModified": "2024-11-21T08:49:57.283", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:58:56.397", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,33 +36,101 @@ }, "exploitabilityScore": 3.9, "impactScore": 4.2 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.2 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:themekraft:post_form:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.8.8", + "matchCriteriaId": "0E5E7917-79DC-4AF6-A0B8-2E052BEAAE7A" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/buddyforms/trunk/includes/functions.php#L1493", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3046092/buddyforms/trunk?contextall=1&old=3031945&old_path=%2Fbuddyforms%2Ftrunk#file7", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/380c646c-fd95-408a-89eb-3e646768bbc5?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/buddyforms/trunk/includes/functions.php#L1493", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3046092/buddyforms/trunk?contextall=1&old=3031945&old_path=%2Fbuddyforms%2Ftrunk#file7", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/380c646c-fd95-408a-89eb-3e646768bbc5?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-17xx/CVE-2024-1720.json b/CVE-2024/CVE-2024-17xx/CVE-2024-1720.json index 43d5fab0097..b8c702b23ff 100644 --- a/CVE-2024/CVE-2024-17xx/CVE-2024-1720.json +++ b/CVE-2024/CVE-2024-17xx/CVE-2024-1720.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1720", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-07T06:15:50.630", - "lastModified": "2024-11-21T08:51:09.613", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:55:34.067", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,33 +36,101 @@ }, "exploitabilityScore": 1.6, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpuserregistration:user_registration_\\&_membership:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.1.5", + "matchCriteriaId": "8CE9F090-B5CE-4D9C-A1C9-5F9ECD078B33" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/user-registration/trunk/includes/class-ur-shortcodes.php#L288", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3045419/user-registration/trunk/includes/class-ur-shortcodes.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/62b809dc-4089-4822-8aeb-7049fcfe376e?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/user-registration/trunk/includes/class-ur-shortcodes.php#L288", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3045419/user-registration/trunk/includes/class-ur-shortcodes.php", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/62b809dc-4089-4822-8aeb-7049fcfe376e?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-17xx/CVE-2024-1761.json b/CVE-2024/CVE-2024-17xx/CVE-2024-1761.json index 9ef1201c3f6..f3f6c733959 100644 --- a/CVE-2024/CVE-2024-17xx/CVE-2024-1761.json +++ b/CVE-2024/CVE-2024-17xx/CVE-2024-1761.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1761", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-07T05:15:54.140", - "lastModified": "2024-11-21T08:51:15.300", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:53:47.587", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,25 +36,87 @@ }, "exploitabilityScore": 3.1, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ninjateam:wp_chat_app:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.6.1", + "matchCriteriaId": "DA248324-7961-40CC-A998-665661C74CE5" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3044368%40wp-whatsapp%2Ftrunk&old=3029885%40wp-whatsapp%2Ftrunk&sfp_email=&sfph_mail=#file4", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/85a94f32-e1e5-48ea-822e-c54d0592da28?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3044368%40wp-whatsapp%2Ftrunk&old=3029885%40wp-whatsapp%2Ftrunk&sfp_email=&sfph_mail=#file4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/85a94f32-e1e5-48ea-822e-c54d0592da28?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-20xx/CVE-2024-2021.json b/CVE-2024/CVE-2024-20xx/CVE-2024-2021.json index fb2cdba57a1..25226f04027 100644 --- a/CVE-2024/CVE-2024-20xx/CVE-2024-2021.json +++ b/CVE-2024/CVE-2024-20xx/CVE-2024-2021.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2021", "sourceIdentifier": "cna@vuldb.com", "published": "2024-03-01T00:15:52.070", - "lastModified": "2024-11-21T09:08:49.797", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T15:01:00.477", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -76,30 +96,69 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netentsec:application_security_gateway:6.3:*:*:*:*:*:*:*", + "matchCriteriaId": "7A708923-EF5F-4F53-86F3-DF0366E6FB58" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/dtxharry/cve/blob/main/cve.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.255300", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.255300", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://github.com/dtxharry/cve/blob/main/cve.md", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.255300", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.255300", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-20xx/CVE-2024-2022.json b/CVE-2024/CVE-2024-20xx/CVE-2024-2022.json index 8a3971d7aff..5072f55b332 100644 --- a/CVE-2024/CVE-2024-20xx/CVE-2024-2022.json +++ b/CVE-2024/CVE-2024-20xx/CVE-2024-2022.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2022", "sourceIdentifier": "cna@vuldb.com", "published": "2024-03-01T00:15:52.290", - "lastModified": "2024-11-21T09:08:50.000", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T15:06:02.787", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -76,30 +96,69 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netentsec:application_security_gateway:6.3:*:*:*:*:*:*:*", + "matchCriteriaId": "7A708923-EF5F-4F53-86F3-DF0366E6FB58" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/zouzuo1994321/cve/blob/main/cve.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.255301", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.255301", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://github.com/zouzuo1994321/cve/blob/main/cve.md", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.255301", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.255301", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-228xx/CVE-2024-22889.json b/CVE-2024/CVE-2024-228xx/CVE-2024-22889.json index 882d53bb610..a8b420def07 100644 --- a/CVE-2024/CVE-2024-228xx/CVE-2024-22889.json +++ b/CVE-2024/CVE-2024-228xx/CVE-2024-22889.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22889", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-06T00:15:52.633", - "lastModified": "2024-11-21T08:56:44.683", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:53:16.990", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,14 +81,37 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:plone:plone:6.0.9:*:*:*:*:*:*:*", + "matchCriteriaId": "DE0E44CB-496D-4CCF-AEE3-A8013D0092B0" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/shenhav12/CVE-2024-22889-Plone-v6.0.9", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/shenhav12/CVE-2024-22889-Plone-v6.0.9", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-240xx/CVE-2024-24098.json b/CVE-2024/CVE-2024-240xx/CVE-2024-24098.json index 865861fb298..e504ec53d2a 100644 --- a/CVE-2024/CVE-2024-240xx/CVE-2024-24098.json +++ b/CVE-2024/CVE-2024-240xx/CVE-2024-24098.json @@ -2,8 +2,8 @@ "id": "CVE-2024-24098", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-05T16:15:49.290", - "lastModified": "2024-11-21T08:58:54.873", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T15:07:45.900", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,22 +81,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fabianros:scholars_tracking_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "A1ABFE94-859C-4763-AF6F-3278761A395A" + } + ] + } + ] + } + ], "references": [ { "url": "https://code-projects.org/scholars-tracking-system-in-php-with-source-code/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/ASR511-OO7/CVE-2024-24098/blob/main/CVE-13", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://code-projects.org/scholars-tracking-system-in-php-with-source-code/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://github.com/ASR511-OO7/CVE-2024-24098/blob/main/CVE-13", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-258xx/CVE-2024-25865.json b/CVE-2024/CVE-2024-258xx/CVE-2024-25865.json index d4259296f82..d170357aad1 100644 --- a/CVE-2024/CVE-2024-258xx/CVE-2024-25865.json +++ b/CVE-2024/CVE-2024-258xx/CVE-2024-25865.json @@ -2,8 +2,8 @@ "id": "CVE-2024-25865", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-02T22:15:50.293", - "lastModified": "2024-11-21T09:01:28.413", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T15:06:54.557", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,77 @@ "value": "Vulnerabilidad de Cross Site Scripting (XSS) en hexo-theme-anzhiyu v1.6.12, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de la funci\u00f3n de b\u00fasqueda de algolia." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:anzhiyu-c:hexo-theme-anzhiyu:1.6.12:*:*:*:*:*:*:*", + "matchCriteriaId": "771C3906-072E-404B-9559-6DC3722B8C67" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/anzhiyu-c/hexo-theme-anzhiyu/issues/200", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://github.com/anzhiyu-c/hexo-theme-anzhiyu/issues/200", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-275xx/CVE-2024-27561.json b/CVE-2024/CVE-2024-275xx/CVE-2024-27561.json index da336b4014d..9b2d2feb10a 100644 --- a/CVE-2024/CVE-2024-275xx/CVE-2024-27561.json +++ b/CVE-2024/CVE-2024-275xx/CVE-2024-27561.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27561", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-05T17:15:06.887", - "lastModified": "2024-11-21T09:04:44.453", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T15:08:34.140", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,14 +81,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wondercms:wondercms:3.1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "C34DD4B5-9079-44C3-B20C-1B5DC5236D30" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/zer0yu/CVE_Request/blob/master/WonderCMS/wondercms_installUpdateThemePluginAction_plugins.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/zer0yu/CVE_Request/blob/master/WonderCMS/wondercms_installUpdateThemePluginAction_plugins.md", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-275xx/CVE-2024-27563.json b/CVE-2024/CVE-2024-275xx/CVE-2024-27563.json index 5089f96da51..a4803c7871f 100644 --- a/CVE-2024/CVE-2024-275xx/CVE-2024-27563.json +++ b/CVE-2024/CVE-2024-275xx/CVE-2024-27563.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27563", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-05T17:15:06.947", - "lastModified": "2024-11-21T09:04:44.700", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T15:08:45.213", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,14 +81,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wondercms:wondercms:3.1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "C34DD4B5-9079-44C3-B20C-1B5DC5236D30" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/zer0yu/CVE_Request/blob/master/WonderCMS/wondercms_pluginThemeUrl.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/zer0yu/CVE_Request/blob/master/WonderCMS/wondercms_pluginThemeUrl.md", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-275xx/CVE-2024-27564.json b/CVE-2024/CVE-2024-275xx/CVE-2024-27564.json index 1023c1aec24..f589d41cc5d 100644 --- a/CVE-2024/CVE-2024-275xx/CVE-2024-27564.json +++ b/CVE-2024/CVE-2024-275xx/CVE-2024-27564.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27564", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-05T17:15:06.997", - "lastModified": "2024-11-21T09:04:44.910", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T15:10:48.757", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,14 +81,43 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dirk1983:chatgpt:2023-05-23:*:*:*:*:*:*:*", + "matchCriteriaId": "5317B8B1-AEDD-4F2B-8345-3A4BCF6F07B1" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/dirk1983/chatgpt/issues/114", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Mitigation", + "Vendor Advisory" + ] }, { "url": "https://github.com/dirk1983/chatgpt/issues/114", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Issue Tracking", + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-275xx/CVE-2024-27565.json b/CVE-2024/CVE-2024-275xx/CVE-2024-27565.json index 752c36d6bf4..801cdcd8392 100644 --- a/CVE-2024/CVE-2024-275xx/CVE-2024-27565.json +++ b/CVE-2024/CVE-2024-275xx/CVE-2024-27565.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27565", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-05T17:15:07.050", - "lastModified": "2024-11-21T09:04:45.113", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T15:11:29.370", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,14 +81,43 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dirk1983:chatgpt-wechat-personal:2023-03-29:*:*:*:*:*:*:*", + "matchCriteriaId": "039459E1-5EF4-4EDB-9236-906E55ADB7A6" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/dirk1983/chatgpt-wechat-personal/issues/4", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Mitigation", + "Vendor Advisory" + ] }, { "url": "https://github.com/dirk1983/chatgpt-wechat-personal/issues/4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Issue Tracking", + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-277xx/CVE-2024-27765.json b/CVE-2024/CVE-2024-277xx/CVE-2024-27765.json index c8a77306abd..c55f95d853a 100644 --- a/CVE-2024/CVE-2024-277xx/CVE-2024-27765.json +++ b/CVE-2024/CVE-2024-277xx/CVE-2024-27765.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27765", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-05T23:15:08.050", - "lastModified": "2024-11-21T09:05:00.727", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:52:29.603", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,14 +81,42 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jeewms:jeewms:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.7", + "matchCriteriaId": "5941D9D7-DA1E-4174-85A0-5C43D940CD9C" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitee.com/erzhongxmu/JEEWMS/issues/I8YN90", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://gitee.com/erzhongxmu/JEEWMS/issues/I8YN90", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27913.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27913.json index d679fb670e9..6dd6b227b40 100644 --- a/CVE-2024/CVE-2024-279xx/CVE-2024-27913.json +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27913.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27913", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-28T07:15:09.677", - "lastModified": "2024-11-21T09:05:24.547", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T14:55:08.587", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,76 @@ "value": "ospf_te_parse_te en ospfd/ospf_te.c en FRRouting (FRR) hasta 9.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del daemon ospfd) a trav\u00e9s de un paquete OSPF LSA mal formado, debido a un intento de acceso a un campo de atributo faltante." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.0", + "matchCriteriaId": "70C40213-CD55-4ED3-ACEC-365B40D4252C" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/FRRouting/frr/pull/15431", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Patch" + ] }, { "url": "https://github.com/FRRouting/frr/pull/15431", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27929.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27929.json index ea1e4579446..f114d0333d3 100644 --- a/CVE-2024/CVE-2024-279xx/CVE-2024-27929.json +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27929.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27929", "sourceIdentifier": "security-advisories@github.com", "published": "2024-03-05T17:15:07.097", - "lastModified": "2024-11-21T09:05:26.350", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T15:14:31.287", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.2 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 } ] }, @@ -49,16 +69,59 @@ "value": "CWE-416" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sixlabors:imagesharp:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.1.7", + "matchCriteriaId": "6E09C0AC-A735-4459-A0FC-F78229B384D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sixlabors:imagesharp:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.1.0", + "versionEndExcluding": "3.1.3", + "matchCriteriaId": "78410C1A-0CE5-46D9-B989-97DE97235B30" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/SixLabors/ImageSharp/security/advisories/GHSA-65x7-c272-7g7r", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://github.com/SixLabors/ImageSharp/security/advisories/GHSA-65x7-c272-7g7r", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-29xx/CVE-2024-2966.json b/CVE-2024/CVE-2024-29xx/CVE-2024-2966.json index 5c467ea844a..a8391f7eeb1 100644 --- a/CVE-2024/CVE-2024-29xx/CVE-2024-2966.json +++ b/CVE-2024/CVE-2024-29xx/CVE-2024-2966.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2966", "sourceIdentifier": "security@wordfence.com", "published": "2024-04-11T08:15:50.310", - "lastModified": "2024-11-21T09:10:57.000", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T15:21:38.397", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,25 +36,87 @@ }, "exploitabilityScore": 3.9, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:bdthemes:element_pack:*:*:*:*:lite:wordpress:*:*", + "versionEndExcluding": "5.6.0", + "matchCriteriaId": "A447896C-6024-4E60-9D1B-0B61A8D1FEBB" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3066178/bdthemes-element-pack-lite", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/39e0fd33-4071-4510-a7d5-b499a8a3543c?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3066178/bdthemes-element-pack-lite", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/39e0fd33-4071-4510-a7d5-b499a8a3543c?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-319xx/CVE-2024-31981.json b/CVE-2024/CVE-2024-319xx/CVE-2024-31981.json index 4b5045e987d..ee83fb416f4 100644 --- a/CVE-2024/CVE-2024-319xx/CVE-2024-31981.json +++ b/CVE-2024/CVE-2024-319xx/CVE-2024-31981.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31981", "sourceIdentifier": "security-advisories@github.com", "published": "2024-04-10T20:15:08.280", - "lastModified": "2024-11-21T09:14:16.483", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:26:42.277", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.1, "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, @@ -49,48 +69,123 @@ "value": "CWE-862" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.0.1", + "versionEndExcluding": "14.10.19", + "matchCriteriaId": "7385D8A9-93D4-4B6D-8030-67F9E3F3CB83" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.0", + "versionEndExcluding": "15.5.4", + "matchCriteriaId": "C15AC764-BCCE-4AF3-98F5-28EC637500A4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.6", + "versionEndExcluding": "15.9", + "matchCriteriaId": "3E8A87CB-01A7-4C55-99FF-93FAAC70532B" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/xwiki/xwiki-platform/commit/480186f9d2fca880513da8bc5a609674d106cbd3", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/a4ad14d9c1605a5ab957237e505ebbb29f5b9d73", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/d28e21a670c69880b951e415dd2ddd69d273eae9", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-vxwr-wpjv-qjq7", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://jira.xwiki.org/browse/XWIKI-21337", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/480186f9d2fca880513da8bc5a609674d106cbd3", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/a4ad14d9c1605a5ab957237e505ebbb29f5b9d73", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/d28e21a670c69880b951e415dd2ddd69d273eae9", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-vxwr-wpjv-qjq7", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://jira.xwiki.org/browse/XWIKI-21337", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-319xx/CVE-2024-31982.json b/CVE-2024/CVE-2024-319xx/CVE-2024-31982.json index 18fafd93128..2adb94cf3cb 100644 --- a/CVE-2024/CVE-2024-319xx/CVE-2024-31982.json +++ b/CVE-2024/CVE-2024-319xx/CVE-2024-31982.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31982", "sourceIdentifier": "security-advisories@github.com", "published": "2024-04-10T20:15:08.463", - "lastModified": "2024-11-21T09:14:16.600", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:25:17.337", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -49,56 +69,139 @@ "value": "CWE-95" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.4", + "versionEndExcluding": "14.10.20", + "matchCriteriaId": "752515BB-B999-4BDA-ADF3-56F3A8F14090" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.0", + "versionEndExcluding": "15.5.4", + "matchCriteriaId": "C15AC764-BCCE-4AF3-98F5-28EC637500A4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.6", + "versionEndExcluding": "15.10", + "matchCriteriaId": "B214D1C2-C7E5-44D2-95BD-4FFE947436C2" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/xwiki/xwiki-platform/commit/3c9e4bb04286de94ad24854026a09fa967538e31", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/459e968be8740c8abc2a168196ce21e5ba93cfb8", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/95bdd6cc6298acdf7f8f21298d40eeb8390a8565", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-2858-8cfx-69m9", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://jira.xwiki.org/browse/XWIKI-21472", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://www.vicarius.io/vsociety/posts/xwiki-rce-cve-2024-31982", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/3c9e4bb04286de94ad24854026a09fa967538e31", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/459e968be8740c8abc2a168196ce21e5ba93cfb8", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/95bdd6cc6298acdf7f8f21298d40eeb8390a8565", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-2858-8cfx-69m9", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://jira.xwiki.org/browse/XWIKI-21472", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://www.vicarius.io/vsociety/posts/xwiki-rce-cve-2024-31982", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-319xx/CVE-2024-31983.json b/CVE-2024/CVE-2024-319xx/CVE-2024-31983.json index 9bc12d7597d..e738caeeef0 100644 --- a/CVE-2024/CVE-2024-319xx/CVE-2024-31983.json +++ b/CVE-2024/CVE-2024-319xx/CVE-2024-31983.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31983", "sourceIdentifier": "security-advisories@github.com", "published": "2024-04-10T20:15:08.650", - "lastModified": "2024-11-21T09:14:16.737", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:22:36.987", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.1, "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, @@ -49,48 +69,138 @@ "value": "CWE-862" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.3.1", + "versionEndExcluding": "14.10.20", + "matchCriteriaId": "75B593EA-BB03-487B-822F-4E2C46F76D99" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.0", + "versionEndExcluding": "15.5.4", + "matchCriteriaId": "C15AC764-BCCE-4AF3-98F5-28EC637500A4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.6", + "versionEndExcluding": "15.10", + "matchCriteriaId": "B214D1C2-C7E5-44D2-95BD-4FFE947436C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:4.3:-:*:*:*:*:*:*", + "matchCriteriaId": "E4A0B6CE-A44D-43B0-91C7-839D93608077" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:4.3:milestone2:*:*:*:*:*:*", + "matchCriteriaId": "F3AAC6FA-548D-4A38-A8FA-67E6D79641D4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:4.3:rc1:*:*:*:*:*:*", + "matchCriteriaId": "1C62BF98-ADD8-49DA-BFAD-55C9C957FDBC" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/xwiki/xwiki-platform/commit/2a9ce88f33663c53c9c63b2ea573f4720ea2efb9", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/73aef9648bbff04b697837f1b906932f0d5caacb", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/c4c8d61c30de72298d805ccc82df2a307f131c54", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-xxp2-9c9g-7wmj", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://jira.xwiki.org/browse/XWIKI-21411", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/2a9ce88f33663c53c9c63b2ea573f4720ea2efb9", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/73aef9648bbff04b697837f1b906932f0d5caacb", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/c4c8d61c30de72298d805ccc82df2a307f131c54", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-xxp2-9c9g-7wmj", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://jira.xwiki.org/browse/XWIKI-21411", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-319xx/CVE-2024-31984.json b/CVE-2024/CVE-2024-319xx/CVE-2024-31984.json index c70fba6c9c4..c4fafaefd36 100644 --- a/CVE-2024/CVE-2024-319xx/CVE-2024-31984.json +++ b/CVE-2024/CVE-2024-319xx/CVE-2024-31984.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31984", "sourceIdentifier": "security-advisories@github.com", "published": "2024-04-10T20:15:08.830", - "lastModified": "2024-11-21T09:14:16.870", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:20:37.297", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.1, "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, @@ -49,72 +69,177 @@ "value": "CWE-95" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.3", + "versionEndExcluding": "14.10.20", + "matchCriteriaId": "8F0F34EC-F8C0-4EA5-A311-1BAFC9296FFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.0", + "versionEndExcluding": "15.5.4", + "matchCriteriaId": "C15AC764-BCCE-4AF3-98F5-28EC637500A4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.6", + "versionEndExcluding": "15.10", + "matchCriteriaId": "B214D1C2-C7E5-44D2-95BD-4FFE947436C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:7.2:-:*:*:*:*:*:*", + "matchCriteriaId": "FA9A56D4-A6C6-4FD7-8C70-0E7AA419F05A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:7.2:rc1:*:*:*:*:*:*", + "matchCriteriaId": "08C1CFAF-FD09-428F-A022-3A662709784E" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/xwiki/xwiki-platform/commit/43c9d551e3c11e9d8f176b556dd33bbe31fc66e0", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/5ef9d294d37be92ee22b2549e38663b29dce8767", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/74e301c481e69eeea674dac7fed6af3614cf08c5", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/94fc12db87c2431eb1335ecb9c2954b1905bde62", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/acba74c149a041345b24dcca52c586f872ba97fb", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/ef55105d6eeec5635fd693f0070c5aaaf3bdd940", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-xm4h-3jxr-m3c6", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://jira.xwiki.org/browse/XWIKI-21471", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/43c9d551e3c11e9d8f176b556dd33bbe31fc66e0", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/5ef9d294d37be92ee22b2549e38663b29dce8767", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/74e301c481e69eeea674dac7fed6af3614cf08c5", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/94fc12db87c2431eb1335ecb9c2954b1905bde62", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/acba74c149a041345b24dcca52c586f872ba97fb", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/ef55105d6eeec5635fd693f0070c5aaaf3bdd940", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-xm4h-3jxr-m3c6", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://jira.xwiki.org/browse/XWIKI-21471", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-319xx/CVE-2024-31986.json b/CVE-2024/CVE-2024-319xx/CVE-2024-31986.json index bda366d138c..0b3763b6182 100644 --- a/CVE-2024/CVE-2024-319xx/CVE-2024-31986.json +++ b/CVE-2024/CVE-2024-319xx/CVE-2024-31986.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31986", "sourceIdentifier": "security-advisories@github.com", "published": "2024-04-10T21:15:06.917", - "lastModified": "2024-11-21T09:14:17.133", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T15:43:52.013", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.3, "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, @@ -53,48 +73,123 @@ "value": "CWE-352" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.1.1", + "versionEndExcluding": "14.10.19", + "matchCriteriaId": "416D6CB0-EB32-45AC-B541-C081EC033EAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.0", + "versionEndExcluding": "15.5.4", + "matchCriteriaId": "C15AC764-BCCE-4AF3-98F5-28EC637500A4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.6", + "versionEndExcluding": "15.9", + "matchCriteriaId": "3E8A87CB-01A7-4C55-99FF-93FAAC70532B" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/xwiki/xwiki-platform/commit/8a92cb4bef7e5f244ae81eed3e64fe9be95827cf", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/efd3570f3e5e944ec0ad0899bf799bf9563aef87", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/f30d9c641750a3f034b5910c6a3a7724ae8f2269", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-37m4-hqxv-w26g", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://jira.xwiki.org/browse/XWIKI-21416", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/8a92cb4bef7e5f244ae81eed3e64fe9be95827cf", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/efd3570f3e5e944ec0ad0899bf799bf9563aef87", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/f30d9c641750a3f034b5910c6a3a7724ae8f2269", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-37m4-hqxv-w26g", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://jira.xwiki.org/browse/XWIKI-21416", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-319xx/CVE-2024-31987.json b/CVE-2024/CVE-2024-319xx/CVE-2024-31987.json index 54a76eb746e..07c47c3b023 100644 --- a/CVE-2024/CVE-2024-319xx/CVE-2024-31987.json +++ b/CVE-2024/CVE-2024-319xx/CVE-2024-31987.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31987", "sourceIdentifier": "security-advisories@github.com", "published": "2024-04-10T21:15:07.110", - "lastModified": "2024-11-21T09:14:17.267", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T15:35:42.450", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.1, "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, @@ -49,48 +69,125 @@ "value": "CWE-862" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.4", + "versionEndExcluding": "14.10.19", + "matchCriteriaId": "5D465952-0ED2-4468-9064-2BF9FEF45E11" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.0", + "versionEndExcluding": "15.5.4", + "matchCriteriaId": "C15AC764-BCCE-4AF3-98F5-28EC637500A4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.6", + "versionEndExcluding": "15.10", + "matchCriteriaId": "B214D1C2-C7E5-44D2-95BD-4FFE947436C2" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/xwiki/xwiki-platform/commit/3d4dbb41f52d1a6e39835cfb1695ca6668605a39", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/626d2a5dbf95b4e719ae13bf1a0a9c76e4edd5a2", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/da177c3c972e797d92c1a31e278f946012c41b56", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-cv55-v6rw-7r5v", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://jira.xwiki.org/browse/XWIKI-21478", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/3d4dbb41f52d1a6e39835cfb1695ca6668605a39", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/626d2a5dbf95b4e719ae13bf1a0a9c76e4edd5a2", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/commit/da177c3c972e797d92c1a31e278f946012c41b56", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-cv55-v6rw-7r5v", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://jira.xwiki.org/browse/XWIKI-21478", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32555.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32555.json new file mode 100644 index 00000000000..4383e544f82 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32555.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-32555", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:07.027", + "lastModified": "2025-01-21T14:15:07.027", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Incorrect Privilege Assignment vulnerability in NotFound Easy Real Estate allows Privilege Escalation. This issue affects Easy Real Estate: from n/a through 2.2.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/easy-real-estate/vulnerability/wordpress-easy-real-estate-plugin-2-2-6-privilege-escalation-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-327xx/CVE-2024-32794.json b/CVE-2024/CVE-2024-327xx/CVE-2024-32794.json index cbc933ffd40..38d6970c148 100644 --- a/CVE-2024/CVE-2024-327xx/CVE-2024-32794.json +++ b/CVE-2024/CVE-2024-327xx/CVE-2024-32794.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32794", "sourceIdentifier": "audit@patchstack.com", "published": "2024-04-24T15:15:47.350", - "lastModified": "2024-11-21T09:15:44.157", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T14:49:53.260", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, @@ -51,14 +71,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:strangerstudios:paid_memberships_pro:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.0", + "matchCriteriaId": "056698AA-9625-4637-B733-41DE0235F5E3" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/paid-memberships-pro/wordpress-paid-memberships-pro-plugin-2-12-10-cross-site-request-forgery-csrf-vulnerability-2?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://patchstack.com/database/vulnerability/paid-memberships-pro/wordpress-paid-memberships-pro-plugin-2-12-10-cross-site-request-forgery-csrf-vulnerability-2?_s_id=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-343xx/CVE-2024-34355.json b/CVE-2024/CVE-2024-343xx/CVE-2024-34355.json index 1a23d3c7389..43d81ca5211 100644 --- a/CVE-2024/CVE-2024-343xx/CVE-2024-34355.json +++ b/CVE-2024/CVE-2024-343xx/CVE-2024-34355.json @@ -2,8 +2,8 @@ "id": "CVE-2024-34355", "sourceIdentifier": "security-advisories@github.com", "published": "2024-05-14T16:17:24.230", - "lastModified": "2024-11-21T09:18:29.623", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:08:57.453", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.1, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, @@ -53,32 +73,79 @@ "value": "CWE-116" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0.0", + "versionEndExcluding": "13.1.1", + "matchCriteriaId": "D2C76A9E-3FD0-4614-8743-F1E99CC6FC99" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/TYPO3/typo3/commit/56afa304ba8b5ad302e15df5def71bcc8d820375", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-xjwx-78x7-q6jc", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://typo3.org/security/advisory/typo3-core-sa-2024-007", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://github.com/TYPO3/typo3/commit/56afa304ba8b5ad302e15df5def71bcc8d820375", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-xjwx-78x7-q6jc", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://typo3.org/security/advisory/typo3-core-sa-2024-007", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-347xx/CVE-2024-34716.json b/CVE-2024/CVE-2024-347xx/CVE-2024-34716.json index 802ed19426e..8b125c58851 100644 --- a/CVE-2024/CVE-2024-347xx/CVE-2024-34716.json +++ b/CVE-2024/CVE-2024-347xx/CVE-2024-34716.json @@ -2,8 +2,8 @@ "id": "CVE-2024-34716", "sourceIdentifier": "security-advisories@github.com", "published": "2024-05-14T16:17:28.073", - "lastModified": "2024-11-21T09:19:15.370", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:06:58.623", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 } ] }, @@ -49,24 +69,65 @@ "value": "CWE-79" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:prestashop:prestashop:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.1.0", + "versionEndExcluding": "8.1.6", + "matchCriteriaId": "27D84E2B-407D-4315-A9A4-DF2308ED678F" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/PrestaShop/PrestaShop/releases/tag/8.1.6", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-45vm-3j38-7p78", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://github.com/PrestaShop/PrestaShop/releases/tag/8.1.6", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-45vm-3j38-7p78", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-347xx/CVE-2024-34717.json b/CVE-2024/CVE-2024-347xx/CVE-2024-34717.json index 797b2c101b6..d92c3d57e96 100644 --- a/CVE-2024/CVE-2024-347xx/CVE-2024-34717.json +++ b/CVE-2024/CVE-2024-347xx/CVE-2024-34717.json @@ -2,8 +2,8 @@ "id": "CVE-2024-34717", "sourceIdentifier": "security-advisories@github.com", "published": "2024-05-14T16:17:28.540", - "lastModified": "2024-11-21T09:19:15.500", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:04:37.930", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 } ] }, @@ -49,24 +69,63 @@ "value": "CWE-200" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:prestashop:prestashop:8.1.5:*:*:*:*:*:*:*", + "matchCriteriaId": "20D74243-769B-49FB-B200-5843009D0A0F" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/PrestaShop/PrestaShop/releases/tag/8.1.6", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-7pjr-2rgh-fc5g", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://github.com/PrestaShop/PrestaShop/releases/tag/8.1.6", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-7pjr-2rgh-fc5g", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-371xx/CVE-2024-37164.json b/CVE-2024/CVE-2024-371xx/CVE-2024-37164.json index 75ad9d83be6..f6ef8d24842 100644 --- a/CVE-2024/CVE-2024-371xx/CVE-2024-37164.json +++ b/CVE-2024/CVE-2024-371xx/CVE-2024-37164.json @@ -2,8 +2,8 @@ "id": "CVE-2024-37164", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-13T15:15:52.990", - "lastModified": "2024-11-21T09:23:20.460", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T14:35:52.867", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 4.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N", + "baseScore": 8.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 } ] }, @@ -49,24 +69,67 @@ "value": "CWE-918" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cvat:computer_vision_annotation_tool:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.1.0", + "versionEndExcluding": "2.14.3", + "matchCriteriaId": "79D9A221-39D1-431D-8E97-21847C8ACEB6" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/cvat-ai/cvat/commit/f2346934c80bd91740f55c2788ef7d535a291d4c", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-q684-4jjh-83g6", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] }, { "url": "https://github.com/cvat-ai/cvat/commit/f2346934c80bd91740f55c2788ef7d535a291d4c", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-q684-4jjh-83g6", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-373xx/CVE-2024-37306.json b/CVE-2024/CVE-2024-373xx/CVE-2024-37306.json index ad9bc007fb4..27b62735b9e 100644 --- a/CVE-2024/CVE-2024-373xx/CVE-2024-37306.json +++ b/CVE-2024/CVE-2024-373xx/CVE-2024-37306.json @@ -2,8 +2,8 @@ "id": "CVE-2024-37306", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-13T15:15:53.333", - "lastModified": "2024-11-21T09:23:34.460", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T14:37:34.690", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 4.2 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.2 } ] }, @@ -49,24 +69,67 @@ "value": "CWE-352" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cvat:computer_vision_annotation_tool:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.2.0", + "versionEndExcluding": "2.14.3", + "matchCriteriaId": "A2D2208D-9E3B-4621-896F-8CFAD83E10F6" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/cvat-ai/cvat/commit/5d36d10e493d92e893d7eae595544bcbe9cce1ce", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-jpf9-646h-4px7", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] }, { "url": "https://github.com/cvat-ai/cvat/commit/5d36d10e493d92e893d7eae595544bcbe9cce1ce", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-jpf9-646h-4px7", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-38xx/CVE-2024-3863.json b/CVE-2024/CVE-2024-38xx/CVE-2024-3863.json index bf3d9ac7f2a..82a8dff9b83 100644 --- a/CVE-2024/CVE-2024-38xx/CVE-2024-3863.json +++ b/CVE-2024/CVE-2024-38xx/CVE-2024-3863.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3863", "sourceIdentifier": "security@mozilla.org", "published": "2024-04-16T16:15:08.870", - "lastModified": "2024-11-21T09:30:34.970", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:52:27.313", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,128 @@ "value": "La advertencia del archivo ejecutable no se present\u00f3 al descargar archivos .xrm-ms. *Nota: Este problema solo afect\u00f3 a los sistemas operativos Windows. Otros sistemas operativos no se ven afectados.* Esta vulnerabilidad afecta a Firefox < 125 y Firefox ESR < 115.10." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", + "versionEndExcluding": "115.10.0", + "matchCriteriaId": "3F21776B-01C2-4251-843F-0CC6AE208BAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*", + "versionEndExcluding": "125.0", + "matchCriteriaId": "4A9A567D-16CB-472A-A95B-31BCFB1DFC10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", + "versionEndExcluding": "115.10", + "matchCriteriaId": "E0E4DEC0-5D13-48E9-B6A5-2DC8F30785DE" + } + ] + } + ] + } + ], "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1885855", - "source": "security@mozilla.org" + "source": "security@mozilla.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", - "source": "security@mozilla.org" + "source": "security@mozilla.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", - "source": "security@mozilla.org" + "source": "security@mozilla.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", - "source": "security@mozilla.org" + "source": "security@mozilla.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1885855", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-38xx/CVE-2024-3872.json b/CVE-2024/CVE-2024-38xx/CVE-2024-3872.json index b07b2e6cc24..7f77748c37a 100644 --- a/CVE-2024/CVE-2024-38xx/CVE-2024-3872.json +++ b/CVE-2024/CVE-2024-38xx/CVE-2024-3872.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3872", "sourceIdentifier": "responsibledisclosure@mattermost.com", "published": "2024-04-16T09:15:08.817", - "lastModified": "2024-11-21T09:30:36.187", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:57:31.850", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.6, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ] }, @@ -49,16 +69,50 @@ "value": "CWE-400" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_mobile:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.13.0", + "matchCriteriaId": "107A8E88-CC28-4D4D-BCFB-32643EEFE433" + } + ] + } + ] } ], "references": [ { "url": "https://mattermost.com/security-updates", - "source": "responsibledisclosure@mattermost.com" + "source": "responsibledisclosure@mattermost.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://mattermost.com/security-updates", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-38xx/CVE-2024-3875.json b/CVE-2024/CVE-2024-38xx/CVE-2024-3875.json index f3299e66a01..5886a71638d 100644 --- a/CVE-2024/CVE-2024-38xx/CVE-2024-3875.json +++ b/CVE-2024/CVE-2024-38xx/CVE-2024-3875.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3875", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-16T18:15:14.397", - "lastModified": "2024-11-21T09:30:36.597", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:44:42.840", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -74,40 +94,111 @@ "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:f1202_firmware:1.2.0.20\\(408\\):*:*:*:*:*:*:*", + "matchCriteriaId": "25D11FC4-85C7-4F6C-81A2-AF9CB6BE1507" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:f1202:-:*:*:*:*:*:*:*", + "matchCriteriaId": "37DF507C-5EDA-46A0-851E-ED8BC0B54F88" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromNatlimit.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.260909", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.260909", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.312817", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromNatlimit.md", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.260909", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.260909", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.312817", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-38xx/CVE-2024-3876.json b/CVE-2024/CVE-2024-38xx/CVE-2024-3876.json index 659f2a71c42..48cb428000e 100644 --- a/CVE-2024/CVE-2024-38xx/CVE-2024-3876.json +++ b/CVE-2024/CVE-2024-38xx/CVE-2024-3876.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3876", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-16T18:15:14.623", - "lastModified": "2024-11-21T09:30:36.723", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:38:31.227", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -74,40 +94,111 @@ "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:f1202_firmware:1.2.0.20\\(408\\):*:*:*:*:*:*:*", + "matchCriteriaId": "25D11FC4-85C7-4F6C-81A2-AF9CB6BE1507" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:f1202:-:*:*:*:*:*:*:*", + "matchCriteriaId": "37DF507C-5EDA-46A0-851E-ED8BC0B54F88" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromVirtualSer.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.260910", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.260910", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.312818", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromVirtualSer.md", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.260910", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.260910", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.312818", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-38xx/CVE-2024-3877.json b/CVE-2024/CVE-2024-38xx/CVE-2024-3877.json index b9674113e4e..b6ec4d987af 100644 --- a/CVE-2024/CVE-2024-38xx/CVE-2024-3877.json +++ b/CVE-2024/CVE-2024-38xx/CVE-2024-3877.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3877", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-16T19:15:07.667", - "lastModified": "2024-11-21T09:30:36.857", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:34:51.410", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -74,40 +94,111 @@ "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:f1202_firmware:1.2.0.20\\(408\\):*:*:*:*:*:*:*", + "matchCriteriaId": "25D11FC4-85C7-4F6C-81A2-AF9CB6BE1507" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:f1202:-:*:*:*:*:*:*:*", + "matchCriteriaId": "37DF507C-5EDA-46A0-851E-ED8BC0B54F88" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromqossetting.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.260911", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.260911", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.312820", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromqossetting.md", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.260911", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.260911", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.312820", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-38xx/CVE-2024-3878.json b/CVE-2024/CVE-2024-38xx/CVE-2024-3878.json index f74fa27a66a..02e7984a11a 100644 --- a/CVE-2024/CVE-2024-38xx/CVE-2024-3878.json +++ b/CVE-2024/CVE-2024-38xx/CVE-2024-3878.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3878", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-16T19:15:07.920", - "lastModified": "2024-11-21T09:30:36.983", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:32:56.933", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -74,40 +94,111 @@ "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:f1202_firmware:1.2.0.20\\(408\\):*:*:*:*:*:*:*", + "matchCriteriaId": "25D11FC4-85C7-4F6C-81A2-AF9CB6BE1507" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:f1202:-:*:*:*:*:*:*:*", + "matchCriteriaId": "37DF507C-5EDA-46A0-851E-ED8BC0B54F88" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromwebExcptypemanFilter.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.260912", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.260912", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.312821", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromwebExcptypemanFilter.md", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.260912", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.260912", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.312821", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-41xx/CVE-2024-4166.json b/CVE-2024/CVE-2024-41xx/CVE-2024-4166.json index b9479b67ac0..325e030f697 100644 --- a/CVE-2024/CVE-2024-41xx/CVE-2024-4166.json +++ b/CVE-2024/CVE-2024-41xx/CVE-2024-4166.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4166", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-25T12:15:07.770", - "lastModified": "2024-11-21T09:42:18.970", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T14:45:35.713", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -74,40 +94,111 @@ "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:4g300_firmware:1.01.42:*:*:*:*:*:*:*", + "matchCriteriaId": "7A11C718-6F74-46FD-8C72-6E9FF1FA9FE4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:4g300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B8A63A3E-E6B1-42C8-ABA8-5E19777392B5" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/4G300/sub_41E858_GO.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.261985", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.261985", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.318981", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/4G300/sub_41E858_GO.md", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.261985", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.261985", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.318981", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-41xx/CVE-2024-4167.json b/CVE-2024/CVE-2024-41xx/CVE-2024-4167.json index f3194280ff6..af8776ae071 100644 --- a/CVE-2024/CVE-2024-41xx/CVE-2024-4167.json +++ b/CVE-2024/CVE-2024-41xx/CVE-2024-4167.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4167", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-25T12:15:07.990", - "lastModified": "2024-11-21T09:42:19.103", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T14:41:18.070", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -74,40 +94,111 @@ "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:4g300_firmware:1.01.42:*:*:*:*:*:*:*", + "matchCriteriaId": "7A11C718-6F74-46FD-8C72-6E9FF1FA9FE4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:4g300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B8A63A3E-E6B1-42C8-ABA8-5E19777392B5" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/4G300/sub_422AA4.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.261986", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.261986", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.318983", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/4G300/sub_422AA4.md", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.261986", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.261986", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.318983", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-41xx/CVE-2024-4168.json b/CVE-2024/CVE-2024-41xx/CVE-2024-4168.json index 922063235d7..874983d0a02 100644 --- a/CVE-2024/CVE-2024-41xx/CVE-2024-4168.json +++ b/CVE-2024/CVE-2024-41xx/CVE-2024-4168.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4168", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-25T12:15:08.217", - "lastModified": "2024-11-21T09:42:19.240", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T14:34:05.903", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -74,40 +94,111 @@ "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:4g300_firmware:1.01.42:*:*:*:*:*:*:*", + "matchCriteriaId": "7A11C718-6F74-46FD-8C72-6E9FF1FA9FE4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:4g300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B8A63A3E-E6B1-42C8-ABA8-5E19777392B5" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/4G300/sub_4260F0.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.261987", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.261987", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.318987", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/4G300/sub_4260F0.md", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.261987", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.261987", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.318987", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-41xx/CVE-2024-4169.json b/CVE-2024/CVE-2024-41xx/CVE-2024-4169.json index 7f272c6f8c1..e3572990463 100644 --- a/CVE-2024/CVE-2024-41xx/CVE-2024-4169.json +++ b/CVE-2024/CVE-2024-41xx/CVE-2024-4169.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4169", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-25T13:15:51.780", - "lastModified": "2024-11-21T09:42:19.377", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T14:20:59.187", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -74,40 +94,111 @@ "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:4g300_firmware:1.01.42:*:*:*:*:*:*:*", + "matchCriteriaId": "7A11C718-6F74-46FD-8C72-6E9FF1FA9FE4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:4g300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B8A63A3E-E6B1-42C8-ABA8-5E19777392B5" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/4G300/sub_42775C.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.261988", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.261988", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.318988", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/4G300/sub_42775C.md", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.261988", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.261988", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.318988", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-41xx/CVE-2024-4170.json b/CVE-2024/CVE-2024-41xx/CVE-2024-4170.json index 89cc2aa3845..8fd0177dc08 100644 --- a/CVE-2024/CVE-2024-41xx/CVE-2024-4170.json +++ b/CVE-2024/CVE-2024-41xx/CVE-2024-4170.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4170", "sourceIdentifier": "cna@vuldb.com", "published": "2024-04-25T13:15:51.993", - "lastModified": "2024-11-21T09:42:19.523", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T14:15:32.487", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -74,40 +94,111 @@ "value": "CWE-121" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:4g300_firmware:1.01.42:*:*:*:*:*:*:*", + "matchCriteriaId": "7A11C718-6F74-46FD-8C72-6E9FF1FA9FE4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:4g300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B8A63A3E-E6B1-42C8-ABA8-5E19777392B5" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/4G300/sub_429A30.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.261989", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.261989", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.318991", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/4G300/sub_429A30.md", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.261989", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.261989", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.318991", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-41xx/CVE-2024-4196.json b/CVE-2024/CVE-2024-41xx/CVE-2024-4196.json index 6449ae88d6d..a468ed30f42 100644 --- a/CVE-2024/CVE-2024-41xx/CVE-2024-4196.json +++ b/CVE-2024/CVE-2024-41xx/CVE-2024-4196.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4196", "sourceIdentifier": "securityalerts@avaya.com", "published": "2024-06-25T04:15:16.580", - "lastModified": "2024-11-21T09:42:22.210", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T14:31:31.413", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -49,16 +69,50 @@ "value": "CWE-20" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:avaya:ip_office:*:*:*:*:*:*:*:*", + "versionEndExcluding": "11.1.3.1", + "matchCriteriaId": "D254641E-9158-4E16-8B8C-800AEC6F8FBB" + } + ] + } + ] } ], "references": [ { "url": "https://download.avaya.com/css/public/documents/101090768", - "source": "securityalerts@avaya.com" + "source": "securityalerts@avaya.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://download.avaya.com/css/public/documents/101090768", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-41xx/CVE-2024-4197.json b/CVE-2024/CVE-2024-41xx/CVE-2024-4197.json index 12e46eaa2e2..184fdcbf577 100644 --- a/CVE-2024/CVE-2024-41xx/CVE-2024-4197.json +++ b/CVE-2024/CVE-2024-41xx/CVE-2024-4197.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4197", "sourceIdentifier": "securityalerts@avaya.com", "published": "2024-06-25T04:15:17.007", - "lastModified": "2024-11-21T09:42:22.343", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T14:31:21.327", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.1, "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -49,16 +69,50 @@ "value": "CWE-434" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:avaya:ip_office:*:*:*:*:*:*:*:*", + "versionEndExcluding": "11.1.3.1", + "matchCriteriaId": "D254641E-9158-4E16-8B8C-800AEC6F8FBB" + } + ] + } + ] } ], "references": [ { "url": "https://download.avaya.com/css/public/documents/101090768", - "source": "securityalerts@avaya.com" + "source": "securityalerts@avaya.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://download.avaya.com/css/public/documents/101090768", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-453xx/CVE-2024-45393.json b/CVE-2024/CVE-2024-453xx/CVE-2024-45393.json index 6464abaf0a5..a4adcbd24ad 100644 --- a/CVE-2024/CVE-2024-453xx/CVE-2024-45393.json +++ b/CVE-2024/CVE-2024-453xx/CVE-2024-45393.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45393", "sourceIdentifier": "security-advisories@github.com", "published": "2024-09-10T15:15:18.657", - "lastModified": "2024-09-10T15:50:47.237", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T14:33:37.030", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.1, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 } ] }, @@ -49,16 +69,52 @@ "value": "CWE-862" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cvat:computer_vision_annotation_tool:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.3.0", + "versionEndExcluding": "2.18.0", + "matchCriteriaId": "64FBBA01-CF76-4A84-9DE0-4F96B8BEC0D5" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/cvat-ai/cvat/commit/0fafb797fdf022fb83ce81c6405ba19b583a236f", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-p3c9-m7jr-jxxj", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47115.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47115.json index 7e3815683c6..c9205461c15 100644 --- a/CVE-2024/CVE-2024-471xx/CVE-2024-47115.json +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47115.json @@ -2,8 +2,8 @@ "id": "CVE-2024-47115", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-12-07T13:19:14.783", - "lastModified": "2024-12-07T13:19:14.783", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-21T16:15:46.587", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:vios:3.1:*:*:*:*:*:*:*", + "matchCriteriaId": "6F61BE89-FBDE-4312-8422-86D1A9F57C9E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:vios:4.1:*:*:*:*:*:*:*", + "matchCriteriaId": "37B9B26F-4749-4086-9477-655F6635CAC6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:ibm:aix:7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "6791504A-A48A-4ED0-94AF-4C8A3B91516F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:ibm:aix:7.3:*:*:*:*:*:*:*", + "matchCriteriaId": "35DF3DE0-1AE4-4B25-843F-BC08DBBFDF78" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.ibm.com/support/pages/node/7178033", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49300.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49300.json new file mode 100644 index 00000000000..61a80a410dd --- /dev/null +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49300.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49300", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:07.817", + "lastModified": "2025-01-21T14:15:07.817", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows Reflected XSS. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/hmenu/vulnerability/wordpress-hero-menu-plugin-1-16-5-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49303.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49303.json new file mode 100644 index 00000000000..98415249152 --- /dev/null +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49303.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49303", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:07.987", + "lastModified": "2025-01-21T14:15:07.987", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows SQL Injection. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 8.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/hmenu/vulnerability/wordpress-hero-menu-plugin-1-16-5-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49333.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49333.json new file mode 100644 index 00000000000..c7611041c81 --- /dev/null +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49333.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49333", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:08.143", + "lastModified": "2025-01-21T14:15:08.143", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows SQL Injection. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 8.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/hmenu/vulnerability/wordpress-hero-menu-plugin-1-16-5-sql-injection-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49655.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49655.json new file mode 100644 index 00000000000..c2210fd9d6a --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49655.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49655", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:08.310", + "lastModified": "2025-01-21T14:15:08.310", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound ARPrice allows SQL Injection. This issue affects ARPrice: from n/a through 4.0.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/arprice/vulnerability/wordpress-arprice-plugin-4-0-3-unauthenticated-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49666.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49666.json new file mode 100644 index 00000000000..533bfba64e7 --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49666.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49666", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:08.450", + "lastModified": "2025-01-21T14:15:08.450", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound ARPrice allows SQL Injection. This issue affects ARPrice: from n/a through 4.0.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 8.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/arprice/vulnerability/wordpress-arprice-plugin-4-0-3-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49688.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49688.json new file mode 100644 index 00000000000..f1b13528d60 --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49688.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49688", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:08.613", + "lastModified": "2025-01-21T14:15:08.613", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Deserialization of Untrusted Data vulnerability in NotFound ARPrice allows Object Injection. This issue affects ARPrice: from n/a through 4.0.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/arprice/vulnerability/wordpress-arprice-plugin-4-0-3-unauthenticated-php-object-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49699.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49699.json new file mode 100644 index 00000000000..842248b48df --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49699.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49699", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:08.780", + "lastModified": "2025-01-21T14:15:08.780", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Deserialization of Untrusted Data vulnerability in NotFound ARPrice allows Object Injection. This issue affects ARPrice: from n/a through 4.0.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/arprice/vulnerability/wordpress-arprice-plugin-4-0-3-php-object-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-497xx/CVE-2024-49700.json b/CVE-2024/CVE-2024-497xx/CVE-2024-49700.json new file mode 100644 index 00000000000..6835b3bd5c3 --- /dev/null +++ b/CVE-2024/CVE-2024-497xx/CVE-2024-49700.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49700", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:08.937", + "lastModified": "2025-01-21T14:15:08.937", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound ARPrice allows Reflected XSS. This issue affects ARPrice: from n/a through 4.0.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/arprice/vulnerability/wordpress-arprice-plugin-4-0-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-506xx/CVE-2024-50633.json b/CVE-2024/CVE-2024-506xx/CVE-2024-50633.json index c16648019cf..10fa6003d30 100644 --- a/CVE-2024/CVE-2024-506xx/CVE-2024-50633.json +++ b/CVE-2024/CVE-2024-506xx/CVE-2024-50633.json @@ -2,13 +2,20 @@ "id": "CVE-2024-50633", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-16T18:15:24.337", - "lastModified": "2025-01-17T18:15:26.043", + "lastModified": "2025-01-21T15:15:12.907", "vulnStatus": "Awaiting Analysis", - "cveTags": [], + "cveTags": [ + { + "sourceIdentifier": "cve@mitre.org", + "tags": [ + "disputed" + ] + } + ], "descriptions": [ { "lang": "en", - "value": "A Broken Object Level Authorization (BOLA) vulnerability in Indico v3.2.9 allows attackers to access sensitive information via sending a crafted POST request to the component /api/principals." + "value": "A Broken Object Level Authorization (BOLA) vulnerability in Indico through 3.3.5 allows attackers to read information by sending a crafted POST request to the component /api/principals. NOTE: this is disputed by the Supplier because the product intentionally lets all users retrieve certain information about other user accounts (this functionality is, in the current design, not restricted to any privileged roles such as event organizer)." }, { "lang": "es", @@ -17,6 +24,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N", + "baseScore": 0.0, + "baseSeverity": "NONE", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 0.0 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +67,16 @@ ] }, "weaknesses": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-201" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -55,6 +92,10 @@ { "url": "https://github.com/cetinpy/CVE-2024-50633", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/cetinpy/CVE-2024-50633/issues/1", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-518xx/CVE-2024-51818.json b/CVE-2024/CVE-2024-518xx/CVE-2024-51818.json new file mode 100644 index 00000000000..32a5d6adfc1 --- /dev/null +++ b/CVE-2024/CVE-2024-518xx/CVE-2024-51818.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51818", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:09.087", + "lastModified": "2025-01-21T14:15:09.087", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Fancy Product Designer. This issue affects Fancy Product Designer: from n/a through 6.4.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/fancy-product-designer/vulnerability/wordpress-fancy-product-designer-plugin-6-4-3-unauthenticated-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-518xx/CVE-2024-51888.json b/CVE-2024/CVE-2024-518xx/CVE-2024-51888.json new file mode 100644 index 00000000000..bebb3db4352 --- /dev/null +++ b/CVE-2024/CVE-2024-518xx/CVE-2024-51888.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51888", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:09.260", + "lastModified": "2025-01-21T14:15:09.260", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Incorrect Privilege Assignment vulnerability in NotFound Homey Login Register allows Privilege Escalation. This issue affects Homey Login Register: from n/a through 2.4.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/homey-login-register/vulnerability/wordpress-homey-login-register-plugin-2-4-0-privilege-escalation-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-519xx/CVE-2024-51919.json b/CVE-2024/CVE-2024-519xx/CVE-2024-51919.json new file mode 100644 index 00000000000..01d51f7b446 --- /dev/null +++ b/CVE-2024/CVE-2024-519xx/CVE-2024-51919.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51919", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:09.417", + "lastModified": "2025-01-21T14:15:09.417", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Fancy Product Designer. This issue affects Fancy Product Designer: from n/a through 6.4.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 9.0, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/fancy-product-designer/vulnerability/wordpress-fancy-product-designer-plugin-6-4-3-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53829.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53829.json new file mode 100644 index 00000000000..4f17be864dc --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53829.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53829", + "sourceIdentifier": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf", + "published": "2025-01-21T15:15:13.200", + "lastModified": "2025-01-21T15:15:13.200", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \nCross-site request forgery allows an unauthenticated attacker to hijack the authentication of a logged in user, and use the web API with the same permissions,\u00a0including but not limited to adding, removing or editing products. The attacker needs to know the ID of the available products to modify or delete them. The attacker cannot directly exfiltrate data (view) from CodeChecker, due to being limited to form-based CSRF.\n\nThis issue affects CodeChecker: through 6.24.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-f8c8-4pm7-w885", + "source": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-547xx/CVE-2024-54724.json b/CVE-2024/CVE-2024-547xx/CVE-2024-54724.json index 31f7b7cb9c6..61892614486 100644 --- a/CVE-2024/CVE-2024-547xx/CVE-2024-54724.json +++ b/CVE-2024/CVE-2024-547xx/CVE-2024-54724.json @@ -2,7 +2,7 @@ "id": "CVE-2024-54724", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-09T20:15:38.863", - "lastModified": "2025-01-09T20:15:38.863", + "lastModified": "2025-01-21T16:15:13.583", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "PHPYun anterior a 7.0.2 es vulnerable a la ejecuci\u00f3n de c\u00f3digo a trav\u00e9s de la escritura arbitraria de archivos y la inclusi\u00f3n de archivos restringidas por puerta trasera." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], "references": [ { "url": "http://phpyun.com", diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56277.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56277.json new file mode 100644 index 00000000000..5b79f64d73e --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56277.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56277", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:09.593", + "lastModified": "2025-01-21T14:15:09.593", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Encoding or Escaping of Output vulnerability in Poll Maker Team Poll Maker. This issue affects Poll Maker: from n/a through n/a." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-116" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/poll-maker/vulnerability/wordpress-poll-maker-plugin-5-5-5-html-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-569xx/CVE-2024-56990.json b/CVE-2024/CVE-2024-569xx/CVE-2024-56990.json new file mode 100644 index 00000000000..1441791c5d1 --- /dev/null +++ b/CVE-2024/CVE-2024-569xx/CVE-2024-56990.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-56990", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-01-21T16:15:13.947", + "lastModified": "2025-01-21T16:15:13.947", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /view-medhistory.php and /admin/view-patient.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/kirito999/HMS_stored_XSS/blob/main/stored%20XSS1%20%20in%20HMS4.0/stored%20XSS%20%20in%20HMS.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-569xx/CVE-2024-56997.json b/CVE-2024/CVE-2024-569xx/CVE-2024-56997.json new file mode 100644 index 00000000000..4c3f7a2dd41 --- /dev/null +++ b/CVE-2024/CVE-2024-569xx/CVE-2024-56997.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-56997", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-01-21T15:15:13.343", + "lastModified": "2025-01-21T15:15:13.343", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /doctor/index.php via the 'Email' parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/kirito999/HMS_stored_XSS/blob/main/stored%20XSS5%20in%20HMS4.0/stored%20XSS5%20in%20HMS.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-569xx/CVE-2024-56998.json b/CVE-2024/CVE-2024-569xx/CVE-2024-56998.json new file mode 100644 index 00000000000..a9be0df5e54 --- /dev/null +++ b/CVE-2024/CVE-2024-569xx/CVE-2024-56998.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-56998", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-01-21T15:15:13.467", + "lastModified": "2025-01-21T15:15:13.467", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /edit-profile.php via the parameter $address." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/kirito999/HMS_stored_XSS/blob/main/stored%20XSS2%20in%20HMS4.0/stored%20XSS2%20in%20HMS.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-570xx/CVE-2024-57036.json b/CVE-2024/CVE-2024-570xx/CVE-2024-57036.json new file mode 100644 index 00000000000..cc293cc7503 --- /dev/null +++ b/CVE-2024/CVE-2024-570xx/CVE-2024-57036.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-57036", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-01-21T16:15:14.143", + "lastModified": "2025-01-21T16:15:14.143", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "TOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerability allows an attacker to execute arbitrary commands by sending HTTP request." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/luckysmallbird/Totolink-A810R-Vulnerability-1/blob/main/3.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57939.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57939.json new file mode 100644 index 00000000000..911611a6d9d --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57939.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-57939", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-21T13:15:07.903", + "lastModified": "2025-01-21T13:15:07.903", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: Fix sleeping in invalid context in die()\n\ndie() can be called in exception handler, and therefore cannot sleep.\nHowever, die() takes spinlock_t which can sleep with PREEMPT_RT enabled.\nThat causes the following warning:\n\nBUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\nin_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 285, name: mutex\npreempt_count: 110001, expected: 0\nRCU nest depth: 0, expected: 0\nCPU: 0 UID: 0 PID: 285 Comm: mutex Not tainted 6.12.0-rc7-00022-ge19049cf7d56-dirty #234\nHardware name: riscv-virtio,qemu (DT)\nCall Trace:\n dump_backtrace+0x1c/0x24\n show_stack+0x2c/0x38\n dump_stack_lvl+0x5a/0x72\n dump_stack+0x14/0x1c\n __might_resched+0x130/0x13a\n rt_spin_lock+0x2a/0x5c\n die+0x24/0x112\n do_trap_insn_illegal+0xa0/0xea\n _new_vmalloc_restore_context_a0+0xcc/0xd8\nOops - illegal instruction [#1]\n\nSwitch to use raw_spinlock_t, which does not sleep even with PREEMPT_RT\nenabled." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/6a97f4118ac07cfdc316433f385dbdc12af5025e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/76ab0afcdbe8c9685b589016ee1c0e25fe596707", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c21df31fc2a4afc02a6e56511364e9e793ea92ec", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f48f060a4b36b5e96628f6c3fb1540f1e8dedb69", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57940.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57940.json new file mode 100644 index 00000000000..938841c1bd3 --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57940.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-57940", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-21T13:15:08.540", + "lastModified": "2025-01-21T13:15:08.540", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix the infinite loop in exfat_readdir()\n\nIf the file system is corrupted so that a cluster is linked to\nitself in the cluster chain, and there is an unused directory\nentry in the cluster, 'dentry' will not be incremented, causing\ncondition 'dentry < max_dentries' unable to prevent an infinite\nloop.\n\nThis infinite loop causes s_lock not to be released, and other\ntasks will hang, such as exfat_sync_fs().\n\nThis commit stops traversing the cluster chain when there is unused\ndirectory entry in the cluster to avoid this infinite loop." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/31beabd0f47f8c3ed9965ba861c9e5b252d4920a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d9ea94f5cd117d56e573696d0045ab3044185a15", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dc1d7afceb982e8f666e70a582e6b5aa806de063", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fee873761bd978d077d8c55334b4966ac4cb7b59", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57941.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57941.json new file mode 100644 index 00000000000..8a1bf9e9d47 --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57941.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-57941", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-21T13:15:08.640", + "lastModified": "2025-01-21T13:15:08.640", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfs: Fix the (non-)cancellation of copy when cache is temporarily disabled\n\nWhen the caching for a cookie is temporarily disabled (e.g. due to a DIO\nwrite on that file), future copying to the cache for that file is disabled\nuntil all fds open on that file are closed. However, if netfslib is using\nthe deprecated PG_private_2 method (such as is currently used by ceph), and\ndecides it wants to copy to the cache, netfs_advance_write() will just bail\nat the first check seeing that the cache stream is unavailable, and\nindicate that it dealt with all the content.\n\nThis means that we have no subrequests to provide notifications to drive\nthe state machine or even to pin the request and the request just gets\ndiscarded, leaving the folios with PG_private_2 set.\n\nFix this by jumping directly to cancel the request if the cache is not\navailable. That way, we don't remove mark3 from the folio_queue list and\nnetfs_pgpriv2_cancel() will clean up the folios.\n\nThis was found by running the generic/013 xfstest against ceph with an\nactive cache and the \"-o fsc\" option passed to ceph. That would usually\nhang" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/ba37bdfe59fb43e80dd79290340a21864ba4b61e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d0327c824338cdccad058723a31d038ecd553409", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57942.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57942.json new file mode 100644 index 00000000000..a14c2048840 --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57942.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-57942", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-21T13:15:08.743", + "lastModified": "2025-01-21T13:15:08.743", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfs: Fix ceph copy to cache on write-begin\n\nAt the end of netfs_unlock_read_folio() in which folios are marked\nappropriately for copying to the cache (either with by being marked dirty\nand having their private data set or by having PG_private_2 set) and then\nunlocked, the folio_queue struct has the entry pointing to the folio\ncleared. This presents a problem for netfs_pgpriv2_write_to_the_cache(),\nwhich is used to write folios marked with PG_private_2 to the cache as it\nexpects to be able to trawl the folio_queue list thereafter to find the\nrelevant folios, leading to a hang.\n\nFix this by not clearing the folio_queue entry if we're going to do the\ndeprecated copy-to-cache. The clearance will be done instead as the folios\nare written to the cache.\n\nThis can be reproduced by starting cachefiles, mounting a ceph filesystem\nwith \"-o fsc\" and writing to it." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/38cf8e945721ffe708fa675507465da7f4f2a9f7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/43b8d3249b0b71bad239d42dbe08ce6c938ba000", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57943.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57943.json new file mode 100644 index 00000000000..a4860922316 --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57943.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-57943", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-21T13:15:08.837", + "lastModified": "2025-01-21T13:15:08.837", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix the new buffer was not zeroed before writing\n\nBefore writing, if a buffer_head marked as new, its data must\nbe zeroed, otherwise uninitialized data in the page cache will\nbe written.\n\nSo this commit uses folio_zero_new_buffers() to zero the new\nbuffers before ->write_end()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/942c6f91ab8d82a41650e717940b4e577173762f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/98e2fb26d1a9eafe79f46d15d54e68e014d81d8c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57944.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57944.json new file mode 100644 index 00000000000..0f6430739f5 --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57944.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-57944", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-21T13:15:08.937", + "lastModified": "2025-01-21T13:15:08.937", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: ti-ads1298: Add NULL check in ads1298_init\n\ndevm_kasprintf() can return a NULL pointer on failure. A check on the\nreturn value of such a call in ads1298_init() is missing. Add it." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/69b680bbac9bd611aaa308769d6c71e3e70eb3c3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bcb394bb28e55312cace75362b8e489eb0e02a30", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57945.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57945.json new file mode 100644 index 00000000000..84d6087fac4 --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57945.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-57945", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-21T13:15:09.033", + "lastModified": "2025-01-21T13:15:09.033", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: mm: Fix the out of bound issue of vmemmap address\n\nIn sparse vmemmap model, the virtual address of vmemmap is calculated as:\n((struct page *)VMEMMAP_START - (phys_ram_base >> PAGE_SHIFT)).\nAnd the struct page's va can be calculated with an offset:\n(vmemmap + (pfn)).\n\nHowever, when initializing struct pages, kernel actually starts from the\nfirst page from the same section that phys_ram_base belongs to. If the\nfirst page's physical address is not (phys_ram_base >> PAGE_SHIFT), then\nwe get an va below VMEMMAP_START when calculating va for it's struct page.\n\nFor example, if phys_ram_base starts from 0x82000000 with pfn 0x82000, the\nfirst page in the same section is actually pfn 0x80000. During\ninit_unavailable_range(), we will initialize struct page for pfn 0x80000\nwith virtual address ((struct page *)VMEMMAP_START - 0x2000), which is\nbelow VMEMMAP_START as well as PCI_IO_END.\n\nThis commit fixes this bug by introducing a new variable\n'vmemmap_start_pfn' which is aligned with memory section size and using\nit to calculate vmemmap address instead of phys_ram_base." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/a4a7ac3d266008018f05fae53060fcb331151a14", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d2bd51954ac8377c2f1eb1813e694788998add66", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f754f27e98f88428aaf6be6e00f5cbce97f62d4b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57946.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57946.json new file mode 100644 index 00000000000..09be585bdf9 --- /dev/null +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57946.json @@ -0,0 +1,45 @@ +{ + "id": "CVE-2024-57946", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-21T13:15:09.137", + "lastModified": "2025-01-21T13:15:09.137", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-blk: don't keep queue frozen during system suspend\n\nCommit 4ce6e2db00de (\"virtio-blk: Ensure no requests in virtqueues before\ndeleting vqs.\") replaces queue quiesce with queue freeze in virtio-blk's\nPM callbacks. And the motivation is to drain inflight IOs before suspending.\n\nblock layer's queue freeze looks very handy, but it is also easy to cause\ndeadlock, such as, any attempt to call into bio_queue_enter() may run into\ndeadlock if the queue is frozen in current context. There are all kinds\nof ->suspend() called in suspend context, so keeping queue frozen in the\nwhole suspend context isn't one good idea. And Marek reported lockdep\nwarning[1] caused by virtio-blk's freeze queue in virtblk_freeze().\n\n[1] https://lore.kernel.org/linux-block/ca16370e-d646-4eee-b9cc-87277c89c43c@samsung.com/\n\nGiven the motivation is to drain in-flight IOs, it can be done by calling\nfreeze & unfreeze, meantime restore to previous behavior by keeping queue\nquiesced during suspend." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/12c0ddd6c551c1e438b087f874b4f1223a75f7ea", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6dea8e3de59928974bf157dd0499d3958d744ae4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7678abee0867e6b7fb89aa40f6e9f575f755fb37", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/92d5139b91147ab372a17daf5dc27a5b9278e516", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9ca428c6397abaa8c38f5c69133a2299e1efbbf2", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9e323f856cf4963120e0e3892a84ef8bd764a0e4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d738f3215bb4f88911ff4579780a44960c8e0ca5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-73xx/CVE-2024-7344.json b/CVE-2024/CVE-2024-73xx/CVE-2024-7344.json index 5e99c5f21d3..8be81ae3491 100644 --- a/CVE-2024/CVE-2024-73xx/CVE-2024-7344.json +++ b/CVE-2024/CVE-2024-73xx/CVE-2024-7344.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7344", "sourceIdentifier": "cret@cert.org", "published": "2025-01-14T14:15:34.930", - "lastModified": "2025-01-14T17:15:20.383", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-21T16:50:20.583", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.5, + "impactScore": 6.0 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -39,26 +59,108 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-347" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cs-grp:neo_impact:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.1.024-20241127", + "matchCriteriaId": "661C4664-9989-497C-9758-595D667A5E61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:greenware:greenguard:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.2.023-20240927", + "matchCriteriaId": "C26295FA-07B6-42D8-B5E9-7B54FA3D4559" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:howyar:sysreturn:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.2.023_20240919", + "matchCriteriaId": "070699E9-BA08-4DFA-B2D7-61289CFDF865" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:radix:smartrecovery:*:*:*:*:*:*:*:*", + "versionEndExcluding": "11.2.023-20240927", + "matchCriteriaId": "DEF3C7E4-3FB4-4CC2-809F-A600D003E699" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sanfong:ez-back_system:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.3.024-20241127", + "matchCriteriaId": "A794B06A-1AAC-49D4-8AD5-813A84B6DA60" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:signalcomputer:hdd_king:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.3.021-20241127", + "matchCriteriaId": "FD9C4071-6E0B-472B-89BB-88D324D47534" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wasay:erecoveryrx:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.4.022-20241127", + "matchCriteriaId": "DDA5BBD9-2DCD-4F4B-94A2-28E62180ADA3" + } + ] + } + ] + } + ], "references": [ { "url": "https://uefi.org/revocationlistfile", - "source": "cret@cert.org" + "source": "cret@cert.org", + "tags": [ + "Patch" + ] }, { "url": "https://uefi.org/specs/UEFI/2.10/03_Boot_Manager.html", - "source": "cret@cert.org" + "source": "cret@cert.org", + "tags": [ + "Related" + ] }, { "url": "https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html", - "source": "cret@cert.org" + "source": "cret@cert.org", + "tags": [ + "Related" + ] }, { "url": "https://www.eset.com/blog/enterprise/preparing-for-uefi-bootkits-eset-discovery-shows-the-importance-of-cyber-intelligence/", - "source": "cret@cert.org" + "source": "cret@cert.org", + "tags": [ + "Related" + ] }, { "url": "https://www.kb.cert.org/vuls/id/529659", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "US Government Resource" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-03xx/CVE-2025-0377.json b/CVE-2025/CVE-2025-03xx/CVE-2025-0377.json new file mode 100644 index 00000000000..5d4a8b3472d --- /dev/null +++ b/CVE-2025/CVE-2025-03xx/CVE-2025-0377.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-0377", + "sourceIdentifier": "security@hashicorp.com", + "published": "2025-01-21T16:15:14.290", + "lastModified": "2025-01-21T16:15:14.290", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "HashiCorp\u2019s go-slug library is vulnerable to a zip-slip style attack when a non-existing user-provided path is extracted from the tar entry." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@hashicorp.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@hashicorp.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-59" + } + ] + } + ], + "references": [ + { + "url": "https://discuss.hashicorp.com/t/hcsec-2025-01-hashicorp-go-slug-vulnerable-to-zip-slip-attack", + "source": "security@hashicorp.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-05xx/CVE-2025-0532.json b/CVE-2025/CVE-2025-05xx/CVE-2025-0532.json index bc0062eec82..4e946e10c36 100644 --- a/CVE-2025/CVE-2025-05xx/CVE-2025-0532.json +++ b/CVE-2025/CVE-2025-05xx/CVE-2025-0532.json @@ -2,13 +2,17 @@ "id": "CVE-2025-0532", "sourceIdentifier": "cna@vuldb.com", "published": "2025-01-17T18:15:31.237", - "lastModified": "2025-01-17T18:15:31.237", + "lastModified": "2025-01-21T16:15:14.560", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/new_submit.php. The manipulation of the argument m_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en Codezips Gym Management System 1.0. Se ha clasificado como cr\u00edtica. Se ve afectada una funci\u00f3n desconocida del archivo /dashboard/admin/new_submit.php. La manipulaci\u00f3n del argumento m_id provoca una inyecci\u00f3n SQL. Es posible lanzar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { @@ -59,7 +63,7 @@ "cvssMetricV31": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", @@ -107,7 +111,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -136,6 +140,10 @@ { "url": "https://vuldb.com/?submit.479100", "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/TIANN0/CVE/issues/1", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-05xx/CVE-2025-0590.json b/CVE-2025/CVE-2025-05xx/CVE-2025-0590.json index f424d14982c..c1466d7849e 100644 --- a/CVE-2025/CVE-2025-05xx/CVE-2025-0590.json +++ b/CVE-2025/CVE-2025-05xx/CVE-2025-0590.json @@ -2,16 +2,43 @@ "id": "CVE-2025-0590", "sourceIdentifier": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea", "published": "2025-01-20T07:17:10.383", - "lastModified": "2025-01-20T07:17:10.383", + "lastModified": "2025-01-21T15:15:14.117", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper permission settings for mobile applications (com.transsion.carlcare) may lead to \n\ninformation leakage risk." + }, + { + "lang": "es", + "value": "La configuraci\u00f3n de permisos incorrecta para aplicaciones m\u00f3viles (com.transsion.carlcare) puede generar riesgo de fuga de informaci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { "source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea", diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21656.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21656.json new file mode 100644 index 00000000000..75976374de0 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21656.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2025-21656", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-21T13:15:09.240", + "lastModified": "2025-01-21T13:15:09.240", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur\n\nscsi_execute_cmd() function can return both negative (linux codes) and\npositive (scsi_cmnd result field) error codes.\n\nCurrently the driver just passes error codes of scsi_execute_cmd() to\nhwmon core, which is incorrect because hwmon only checks for negative\nerror codes. This leads to hwmon reporting uninitialized data to\nuserspace in case of SCSI errors (for example if the disk drive was\ndisconnected).\n\nThis patch checks scsi_execute_cmd() output and returns -EIO if it's\nerror code is positive.\n\n[groeck: Avoid inline variable declaration for portability]" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/42268d885e44af875a6474f7bba519cc6cea6a9d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/53e25b10a28edaf8c2a1d3916fd8929501a50dfc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/82163d63ae7a4c36142cd252388737205bb7e4b9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21657.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21657.json new file mode 100644 index 00000000000..770f5e6c2a2 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21657.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2025-21657", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-21T13:15:09.340", + "lastModified": "2025-01-21T13:15:09.340", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched_ext: Replace rq_lock() to raw_spin_rq_lock() in scx_ops_bypass()\n\nscx_ops_bypass() iterates all CPUs to re-enqueue all the scx tasks.\nFor each CPU, it acquires a lock using rq_lock() regardless of whether\na CPU is offline or the CPU is currently running a task in a higher\nscheduler class (e.g., deadline). The rq_lock() is supposed to be used\nfor online CPUs, and the use of rq_lock() may trigger an unnecessary\nwarning in rq_pin_lock(). Therefore, replace rq_lock() to\nraw_spin_rq_lock() in scx_ops_bypass().\n\nWithout this change, we observe the following warning:\n\n===== START =====\n[ 6.615205] rq->balance_callback && rq->balance_callback != &balance_push_callback\n[ 6.615208] WARNING: CPU: 2 PID: 0 at kernel/sched/sched.h:1730 __schedule+0x1130/0x1c90\n===== END =====" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/6268d5bc10354fc2ab8d44a0cd3b042d49a0417e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d9e446dd63cee7161717a6a8414ba9c6435af764", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21658.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21658.json new file mode 100644 index 00000000000..9074f38cb25 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21658.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2025-21658", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-21T13:15:09.437", + "lastModified": "2025-01-21T13:15:09.437", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: avoid NULL pointer dereference if no valid extent tree\n\n[BUG]\nSyzbot reported a crash with the following call trace:\n\n BTRFS info (device loop0): scrub: started on devid 1\n BUG: kernel NULL pointer dereference, address: 0000000000000208\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 106e70067 P4D 106e70067 PUD 107143067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 UID: 0 PID: 689 Comm: repro Kdump: loaded Tainted: G O 6.13.0-rc4-custom+ #206\n Tainted: [O]=OOT_MODULE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 02/02/2022\n RIP: 0010:find_first_extent_item+0x26/0x1f0 [btrfs]\n Call Trace:\n \n scrub_find_fill_first_stripe+0x13d/0x3b0 [btrfs]\n scrub_simple_mirror+0x175/0x260 [btrfs]\n scrub_stripe+0x5d4/0x6c0 [btrfs]\n scrub_chunk+0xbb/0x170 [btrfs]\n scrub_enumerate_chunks+0x2f4/0x5f0 [btrfs]\n btrfs_scrub_dev+0x240/0x600 [btrfs]\n btrfs_ioctl+0x1dc8/0x2fa0 [btrfs]\n ? do_sys_openat2+0xa5/0xf0\n __x64_sys_ioctl+0x97/0xc0\n do_syscall_64+0x4f/0x120\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \n\n[CAUSE]\nThe reproducer is using a corrupted image where extent tree root is\ncorrupted, thus forcing to use \"rescue=all,ro\" mount option to mount the\nimage.\n\nThen it triggered a scrub, but since scrub relies on extent tree to find\nwhere the data/metadata extents are, scrub_find_fill_first_stripe()\nrelies on an non-empty extent root.\n\nBut unfortunately scrub_find_fill_first_stripe() doesn't really expect\nan NULL pointer for extent root, it use extent_root to grab fs_info and\ntriggered a NULL pointer dereference.\n\n[FIX]\nAdd an extra check for a valid extent root at the beginning of\nscrub_find_fill_first_stripe().\n\nThe new error path is introduced by 42437a6386ff (\"btrfs: introduce\nmount option rescue=ignorebadroots\"), but that's pretty old, and later\ncommit b979547513ff (\"btrfs: scrub: introduce helper to find and fill\nsector info for a scrub_stripe\") changed how we do scrub.\n\nSo for kernels older than 6.6, the fix will need manual backport." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/24b85a8b0310e0144da9ab30be42e87e6476638a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6aecd91a5c5b68939cf4169e32bc49f3cd2dd329", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/aee5f69f3e6cd82bfefaca1b70b40b6cd8f3f784", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21659.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21659.json new file mode 100644 index 00000000000..0c203ff6a6d --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21659.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2025-21659", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-21T13:15:09.540", + "lastModified": "2025-01-21T13:15:09.540", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdev: prevent accessing NAPI instances from another namespace\n\nThe NAPI IDs were not fully exposed to user space prior to the netlink\nAPI, so they were never namespaced. The netlink API must ensure that\nat the very least NAPI instance belongs to the same netns as the owner\nof the genl sock.\n\nnapi_by_id() can become static now, but it needs to move because of\ndev_get_by_napi_id()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/b683ba0df11ff563cc237eb1b74d6adfa77226bf", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d1cacd74776895f6435941f86a1130e58f6dd226", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21660.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21660.json new file mode 100644 index 00000000000..7fffa42c1a8 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21660.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2025-21660", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-21T13:15:09.643", + "lastModified": "2025-01-21T13:15:09.643", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked\n\nWhen `ksmbd_vfs_kern_path_locked` met an error and it is not the last\nentry, it will exit without restoring changed path buffer. But later this\nbuffer may be used as the filename for creation." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/13e41c58c74baa71f34c0830eaa3c29d53a6e964", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/2ac538e40278a2c0c051cca81bcaafc547d61372", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/51669f4af5f7959565b48e55691ba92fabf5c587", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/65b31b9d992c0fb0685c51a0cf09993832734fc4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21661.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21661.json new file mode 100644 index 00000000000..7cc0be82b5a --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21661.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2025-21661", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-21T13:15:09.747", + "lastModified": "2025-01-21T13:15:09.747", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: virtuser: fix missing lookup table cleanups\n\nWhen a virtuser device is created via configfs and the probe fails due\nto an incorrect lookup table, the table is not removed. This prevents\nsubsequent probe attempts from succeeding, even if the issue is\ncorrected, unless the device is released. Additionally, cleanup is also\nneeded in the less likely case of platform_device_register_full()\nfailure.\n\nBesides, a consistent memory leak in lookup_table->dev_id was spotted\nusing kmemleak by toggling the live state between 0 and 1 with a correct\nlookup table.\n\nIntroduce gpio_virtuser_remove_lookup_table() as the counterpart to the\nexisting gpio_virtuser_make_lookup_table() and call it from all\nnecessary points to ensure proper cleanup." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/a619cba8c69c434258ff4101d463322cd63e1bdc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d72d0126b1f6981f6ce8b4247305f359958c11b5", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21662.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21662.json new file mode 100644 index 00000000000..740460a3310 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21662.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2025-21662", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-21T13:15:09.847", + "lastModified": "2025-01-21T13:15:09.847", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix variable not being completed when function returns\n\nWhen cmd_alloc_index(), fails cmd_work_handler() needs\nto complete ent->slotted before returning early.\nOtherwise the task which issued the command may hang:\n\n mlx5_core 0000:01:00.0: cmd_work_handler:877:(pid 3880418): failed to allocate command entry\n INFO: task kworker/13:2:4055883 blocked for more than 120 seconds.\n Not tainted 4.19.90-25.44.v2101.ky10.aarch64 #1\n \"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n kworker/13:2 D 0 4055883 2 0x00000228\n Workqueue: events mlx5e_tx_dim_work [mlx5_core]\n Call trace:\n __switch_to+0xe8/0x150\n __schedule+0x2a8/0x9b8\n schedule+0x2c/0x88\n schedule_timeout+0x204/0x478\n wait_for_common+0x154/0x250\n wait_for_completion+0x28/0x38\n cmd_exec+0x7a0/0xa00 [mlx5_core]\n mlx5_cmd_exec+0x54/0x80 [mlx5_core]\n mlx5_core_modify_cq+0x6c/0x80 [mlx5_core]\n mlx5_core_modify_cq_moderation+0xa0/0xb8 [mlx5_core]\n mlx5e_tx_dim_work+0x54/0x68 [mlx5_core]\n process_one_work+0x1b0/0x448\n worker_thread+0x54/0x468\n kthread+0x134/0x138\n ret_from_fork+0x10/0x18" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0e2909c6bec9048f49d0c8e16887c63b50b14647", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/229cc10284373fbe754e623b7033dca7e7470ec8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/36124081f6ffd9dfaad48830bdf106bb82a9457d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f0a2808767ac39f64b1d9a0ff865c255073cf3d4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21663.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21663.json new file mode 100644 index 00000000000..9f89eade7eb --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21663.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2025-21663", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-21T13:15:09.947", + "lastModified": "2025-01-21T13:15:09.947", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: dwmac-tegra: Read iommu stream id from device tree\n\nNvidia's Tegra MGBE controllers require the IOMMU \"Stream ID\" (SID) to be\nwritten to the MGBE_WRAP_AXI_ASID0_CTRL register.\n\nThe current driver is hard coded to use MGBE0's SID for all controllers.\nThis causes softirq time outs and kernel panics when using controllers\nother than MGBE0.\n\nExample dmesg errors when an ethernet cable is connected to MGBE1:\n\n[ 116.133290] tegra-mgbe 6910000.ethernet eth1: Link is Up - 1Gbps/Full - flow control rx/tx\n[ 121.851283] tegra-mgbe 6910000.ethernet eth1: NETDEV WATCHDOG: CPU: 5: transmit queue 0 timed out 5690 ms\n[ 121.851782] tegra-mgbe 6910000.ethernet eth1: Reset adapter.\n[ 121.892464] tegra-mgbe 6910000.ethernet eth1: Register MEM_TYPE_PAGE_POOL RxQ-0\n[ 121.905920] tegra-mgbe 6910000.ethernet eth1: PHY [stmmac-1:00] driver [Aquantia AQR113] (irq=171)\n[ 121.907356] tegra-mgbe 6910000.ethernet eth1: Enabling Safety Features\n[ 121.907578] tegra-mgbe 6910000.ethernet eth1: IEEE 1588-2008 Advanced Timestamp supported\n[ 121.908399] tegra-mgbe 6910000.ethernet eth1: registered PTP clock\n[ 121.908582] tegra-mgbe 6910000.ethernet eth1: configuring for phy/10gbase-r link mode\n[ 125.961292] tegra-mgbe 6910000.ethernet eth1: Link is Up - 1Gbps/Full - flow control rx/tx\n[ 181.921198] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:\n[ 181.921404] rcu: \t7-....: (1 GPs behind) idle=540c/1/0x4000000000000002 softirq=1748/1749 fqs=2337\n[ 181.921684] rcu: \t(detected by 4, t=6002 jiffies, g=1357, q=1254 ncpus=8)\n[ 181.921878] Sending NMI from CPU 4 to CPUs 7:\n[ 181.921886] NMI backtrace for cpu 7\n[ 181.922131] CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Kdump: loaded Not tainted 6.13.0-rc3+ #6\n[ 181.922390] Hardware name: NVIDIA CTI Forge + Orin AGX/Jetson, BIOS 202402.1-Unknown 10/28/2024\n[ 181.922658] pstate: 40400009 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 181.922847] pc : handle_softirqs+0x98/0x368\n[ 181.922978] lr : __do_softirq+0x18/0x20\n[ 181.923095] sp : ffff80008003bf50\n[ 181.923189] x29: ffff80008003bf50 x28: 0000000000000008 x27: 0000000000000000\n[ 181.923379] x26: ffffce78ea277000 x25: 0000000000000000 x24: 0000001c61befda0\n[ 181.924486] x23: 0000000060400009 x22: ffffce78e99918bc x21: ffff80008018bd70\n[ 181.925568] x20: ffffce78e8bb00d8 x19: ffff80008018bc20 x18: 0000000000000000\n[ 181.926655] x17: ffff318ebe7d3000 x16: ffff800080038000 x15: 0000000000000000\n[ 181.931455] x14: ffff000080816680 x13: ffff318ebe7d3000 x12: 000000003464d91d\n[ 181.938628] x11: 0000000000000040 x10: ffff000080165a70 x9 : ffffce78e8bb0160\n[ 181.945804] x8 : ffff8000827b3160 x7 : f9157b241586f343 x6 : eeb6502a01c81c74\n[ 181.953068] x5 : a4acfcdd2e8096bb x4 : ffffce78ea277340 x3 : 00000000ffffd1e1\n[ 181.960329] x2 : 0000000000000101 x1 : ffffce78ea277340 x0 : ffff318ebe7d3000\n[ 181.967591] Call trace:\n[ 181.970043] handle_softirqs+0x98/0x368 (P)\n[ 181.974240] __do_softirq+0x18/0x20\n[ 181.977743] ____do_softirq+0x14/0x28\n[ 181.981415] call_on_irq_stack+0x24/0x30\n[ 181.985180] do_softirq_own_stack+0x20/0x30\n[ 181.989379] __irq_exit_rcu+0x114/0x140\n[ 181.993142] irq_exit_rcu+0x14/0x28\n[ 181.996816] el1_interrupt+0x44/0xb8\n[ 182.000316] el1h_64_irq_handler+0x14/0x20\n[ 182.004343] el1h_64_irq+0x80/0x88\n[ 182.007755] cpuidle_enter_state+0xc4/0x4a8 (P)\n[ 182.012305] cpuidle_enter+0x3c/0x58\n[ 182.015980] cpuidle_idle_call+0x128/0x1c0\n[ 182.020005] do_idle+0xe0/0xf0\n[ 182.023155] cpu_startup_entry+0x3c/0x48\n[ 182.026917] secondary_start_kernel+0xdc/0x120\n[ 182.031379] __secondary_switched+0x74/0x78\n[ 212.971162] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 7-.... } 6103 jiffies s: 417 root: 0x80/.\n[ 212.985935] rcu: blocking rcu_node structures (internal RCU debug):\n[ 212.992758] Sending NMI from CPU 0 to CPUs 7:\n[ 212.998539] NMI backtrace for cpu 7\n[ 213.004304] CPU: 7 UID: 0 PI\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/235419f0956e8c60e597aa1619ded8bda7460bb4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/426046e2d62dd19533808661e912b8e8a9eaec16", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b04d33cdbc958a3fd57f3544d4f78b99d9d11909", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21664.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21664.json new file mode 100644 index 00000000000..e9493edcf83 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21664.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2025-21664", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-01-21T13:15:10.053", + "lastModified": "2025-01-21T13:15:10.053", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm thin: make get_first_thin use rcu-safe list first function\n\nThe documentation in rculist.h explains the absence of list_empty_rcu()\nand cautions programmers against relying on a list_empty() ->\nlist_first() sequence in RCU safe code. This is because each of these\nfunctions performs its own READ_ONCE() of the list head. This can lead\nto a situation where the list_empty() sees a valid list entry, but the\nsubsequent list_first() sees a different view of list head state after a\nmodification.\n\nIn the case of dm-thin, this author had a production box crash from a GP\nfault in the process_deferred_bios path. This function saw a valid list\nhead in get_first_thin() but when it subsequently dereferenced that and\nturned it into a thin_c, it got the inside of the struct pool, since the\nlist was now empty and referring to itself. The kernel on which this\noccurred printed both a warning about a refcount_t being saturated, and\na UBSAN error for an out-of-bounds cpuid access in the queued spinlock,\nprior to the fault itself. When the resulting kdump was examined, it\nwas possible to see another thread patiently waiting in thin_dtr's\nsynchronize_rcu.\n\nThe thin_dtr call managed to pull the thin_c out of the active thins\nlist (and have it be the last entry in the active_thins list) at just\nthe wrong moment which lead to this crash.\n\nFortunately, the fix here is straight forward. Switch get_first_thin()\nfunction to use list_first_or_null_rcu() which performs just a single\nREAD_ONCE() and returns NULL if the list is already empty.\n\nThis was run against the devicemapper test suite's thin-provisioning\nsuites for delete and suspend and no regressions were observed." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/12771050b6d059eea096993bf2001da9da9fddff", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6b305e98de0d225ccebfb225730a9f560d28ecb0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/80f130bfad1dab93b95683fc39b87235682b8f72", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cbd0d5ecfa390ac29c5380200147d09c381b2ac6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-222xx/CVE-2025-22262.json b/CVE-2025/CVE-2025-222xx/CVE-2025-22262.json new file mode 100644 index 00000000000..7abefe43d57 --- /dev/null +++ b/CVE-2025/CVE-2025-222xx/CVE-2025-22262.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22262", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:09.757", + "lastModified": "2025-01-21T14:15:09.757", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Bonjour Bar allows Stored XSS. This issue affects Bonjour Bar: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/bonjour-bar/vulnerability/wordpress-bonjour-bar-plugin-1-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-223xx/CVE-2025-22311.json b/CVE-2025/CVE-2025-223xx/CVE-2025-22311.json new file mode 100644 index 00000000000..5b9b52307dc --- /dev/null +++ b/CVE-2025/CVE-2025-223xx/CVE-2025-22311.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22311", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:09.930", + "lastModified": "2025-01-21T14:15:09.930", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Private Messages for UserPro. This issue affects Private Messages for UserPro: from n/a through 4.10.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-98" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/userpro-messaging/vulnerability/wordpress-private-messages-for-userpro-plugin-4-10-0-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-223xx/CVE-2025-22318.json b/CVE-2025/CVE-2025-223xx/CVE-2025-22318.json new file mode 100644 index 00000000000..9d4b80d6254 --- /dev/null +++ b/CVE-2025/CVE-2025-223xx/CVE-2025-22318.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22318", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:10.110", + "lastModified": "2025-01-21T14:15:10.110", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Eniture Technology Standard Box Sizes \u2013 for WooCommerce. This issue affects Standard Box Sizes \u2013 for WooCommerce: from n/a through 1.6.13." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/standard-box-sizes/vulnerability/wordpress-standard-box-sizes-plugin-1-6-12-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-223xx/CVE-2025-22322.json b/CVE-2025/CVE-2025-223xx/CVE-2025-22322.json new file mode 100644 index 00000000000..61affdd9755 --- /dev/null +++ b/CVE-2025/CVE-2025-223xx/CVE-2025-22322.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22322", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:10.280", + "lastModified": "2025-01-21T14:15:10.280", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Private Messages for UserPro allows Reflected XSS. This issue affects Private Messages for UserPro: from n/a through 4.10.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/userpro-messaging/vulnerability/wordpress-private-messages-for-userpro-plugin-4-10-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22553.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22553.json new file mode 100644 index 00000000000..5c7b7d8dc49 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22553.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22553", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:10.453", + "lastModified": "2025-01-21T14:15:10.453", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Multiple Carousel allows SQL Injection. This issue affects Multiple Carousel: from n/a through 2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/multicarousel/vulnerability/wordpress-multiple-carousel-plugin-2-0-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-227xx/CVE-2025-22706.json b/CVE-2025/CVE-2025-227xx/CVE-2025-22706.json new file mode 100644 index 00000000000..01929a393d1 --- /dev/null +++ b/CVE-2025/CVE-2025-227xx/CVE-2025-22706.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22706", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:10.640", + "lastModified": "2025-01-21T14:15:10.640", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iova.mihai Social Pug: Author Box allows Reflected XSS. This issue affects Social Pug: Author Box: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/social-pug-author-box/vulnerability/wordpress-social-pug-author-box-plugin-1-0-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-227xx/CVE-2025-22709.json b/CVE-2025/CVE-2025-227xx/CVE-2025-22709.json new file mode 100644 index 00000000000..72b30694f3e --- /dev/null +++ b/CVE-2025/CVE-2025-227xx/CVE-2025-22709.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22709", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:10.823", + "lastModified": "2025-01-21T14:15:10.823", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Soft8Soft LLC Verge3D allows Reflected XSS. This issue affects Verge3D: from n/a through 4.8.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/verge3d/vulnerability/wordpress-verge3d-publishing-and-e-commerce-plugin-4-8-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-227xx/CVE-2025-22710.json b/CVE-2025/CVE-2025-227xx/CVE-2025-22710.json new file mode 100644 index 00000000000..3a3a7ad8d90 --- /dev/null +++ b/CVE-2025/CVE-2025-227xx/CVE-2025-22710.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22710", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:11.000", + "lastModified": "2025-01-21T14:15:11.000", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StoreApps Smart Manager allows Blind SQL Injection. This issue affects Smart Manager: from n/a through 8.52.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/smart-manager-for-wp-e-commerce/vulnerability/wordpress-smart-manager-plugin-8-52-0-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-227xx/CVE-2025-22711.json b/CVE-2025/CVE-2025-227xx/CVE-2025-22711.json new file mode 100644 index 00000000000..bdfbd999aaf --- /dev/null +++ b/CVE-2025/CVE-2025-227xx/CVE-2025-22711.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22711", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:11.173", + "lastModified": "2025-01-21T14:15:11.173", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Thomas Maier Image Source Control allows Reflected XSS. This issue affects Image Source Control: from n/a through 2.29.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/image-source-control-isc/vulnerability/wordpress-image-source-control-lite-plugin-2-29-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-227xx/CVE-2025-22716.json b/CVE-2025/CVE-2025-227xx/CVE-2025-22716.json new file mode 100644 index 00000000000..476eb5b1cf1 --- /dev/null +++ b/CVE-2025/CVE-2025-227xx/CVE-2025-22716.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22716", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:11.343", + "lastModified": "2025-01-21T14:15:11.343", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Taskbuilder Team Taskbuilder allows SQL Injection. This issue affects Taskbuilder: from n/a through 3.0.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 8.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/taskbuilder/vulnerability/wordpress-taskbuilder-plugin-3-0-6-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-227xx/CVE-2025-22717.json b/CVE-2025/CVE-2025-227xx/CVE-2025-22717.json new file mode 100644 index 00000000000..e995fb8e064 --- /dev/null +++ b/CVE-2025/CVE-2025-227xx/CVE-2025-22717.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22717", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:11.527", + "lastModified": "2025-01-21T14:15:11.527", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Joe Dolson My Tickets allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects My Tickets: from n/a through 2.0.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/my-tickets/vulnerability/wordpress-my-tickets-plugin-2-0-9-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-227xx/CVE-2025-22718.json b/CVE-2025/CVE-2025-227xx/CVE-2025-22718.json new file mode 100644 index 00000000000..d120a42ef44 --- /dev/null +++ b/CVE-2025/CVE-2025-227xx/CVE-2025-22718.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22718", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:11.697", + "lastModified": "2025-01-21T14:15:11.697", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Roninwp FAT Event Lite allows Stored XSS. This issue affects FAT Event Lite: from n/a through 1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/fat-event-lite/vulnerability/wordpress-fat-event-lite-plugin-1-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-227xx/CVE-2025-22719.json b/CVE-2025/CVE-2025-227xx/CVE-2025-22719.json new file mode 100644 index 00000000000..39d9ea3301d --- /dev/null +++ b/CVE-2025/CVE-2025-227xx/CVE-2025-22719.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22719", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:11.860", + "lastModified": "2025-01-21T14:15:11.860", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in E4J s.r.l. VikAppointments Services Booking Calendar allows Stored XSS. This issue affects VikAppointments Services Booking Calendar: from n/a through 1.2.16." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/vikappointments/vulnerability/wordpress-vikappointments-services-booking-calendar-plugin-1-2-16-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-227xx/CVE-2025-22723.json b/CVE-2025/CVE-2025-227xx/CVE-2025-22723.json new file mode 100644 index 00000000000..09262754c98 --- /dev/null +++ b/CVE-2025/CVE-2025-227xx/CVE-2025-22723.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22723", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:12.017", + "lastModified": "2025-01-21T14:15:12.017", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in UkrSolution Barcode Scanner with Inventory & Order Manager allows Upload a Web Shell to a Web Server. This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through 1.6.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/barcode-scanner-lite-pos-to-manage-products-inventory-and-orders/vulnerability/wordpress-barcode-scanner-and-inventory-manager-plugin-1-6-7-arbitrary-file-upload-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-227xx/CVE-2025-22727.json b/CVE-2025/CVE-2025-227xx/CVE-2025-22727.json new file mode 100644 index 00000000000..58373b5fe8a --- /dev/null +++ b/CVE-2025/CVE-2025-227xx/CVE-2025-22727.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22727", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:12.173", + "lastModified": "2025-01-21T14:15:12.173", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginOps MailChimp Subscribe Forms allows Stored XSS. This issue affects MailChimp Subscribe Forms : from n/a through 4.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/mailchimp-subscribe-sm/vulnerability/wordpress-mailchimp-subscribe-form-plugin-4-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-227xx/CVE-2025-22732.json b/CVE-2025/CVE-2025-227xx/CVE-2025-22732.json new file mode 100644 index 00000000000..0d8740817d0 --- /dev/null +++ b/CVE-2025/CVE-2025-227xx/CVE-2025-22732.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22732", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:12.387", + "lastModified": "2025-01-21T14:15:12.387", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Admiral Ad Blocking Detector allows Stored XSS. This issue affects Ad Blocking Detector: from n/a through 3.6.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ad-blocking-detector/vulnerability/wordpress-ad-blocking-detector-plugin-3-6-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-227xx/CVE-2025-22733.json b/CVE-2025/CVE-2025-227xx/CVE-2025-22733.json new file mode 100644 index 00000000000..f95ab97b0f7 --- /dev/null +++ b/CVE-2025/CVE-2025-227xx/CVE-2025-22733.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22733", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:12.570", + "lastModified": "2025-01-21T14:15:12.570", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPHocus My auctions allegro allows Reflected XSS. This issue affects My auctions allegro: from n/a through 3.6.18." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/my-auctions-allegro-free-edition/vulnerability/wordpress-my-auctions-allegro-plugin-3-6-18-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-227xx/CVE-2025-22735.json b/CVE-2025/CVE-2025-227xx/CVE-2025-22735.json new file mode 100644 index 00000000000..afc04a56bd8 --- /dev/null +++ b/CVE-2025/CVE-2025-227xx/CVE-2025-22735.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22735", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:12.737", + "lastModified": "2025-01-21T14:15:12.737", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TaxoPress WordPress Tag Cloud Plugin \u2013 Tag Groups allows Reflected XSS. This issue affects WordPress Tag Cloud Plugin \u2013 Tag Groups: from n/a through 2.0.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/tag-groups/vulnerability/wordpress-tag-cloud-plugin-tag-groups-plugin-2-0-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-227xx/CVE-2025-22763.json b/CVE-2025/CVE-2025-227xx/CVE-2025-22763.json new file mode 100644 index 00000000000..9c0d9a7e047 --- /dev/null +++ b/CVE-2025/CVE-2025-227xx/CVE-2025-22763.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22763", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:12.900", + "lastModified": "2025-01-21T14:15:12.900", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Brizy Pro allows Reflected XSS. This issue affects Brizy Pro: from n/a through 2.6.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/brizy-pro/vulnerability/wordpress-brizy-pro-plugin-2-6-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-228xx/CVE-2025-22825.json b/CVE-2025/CVE-2025-228xx/CVE-2025-22825.json new file mode 100644 index 00000000000..238b076318b --- /dev/null +++ b/CVE-2025/CVE-2025-228xx/CVE-2025-22825.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22825", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:13.060", + "lastModified": "2025-01-21T14:15:13.060", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Desk Flexible PDF Coupons allows Stored XSS. This issue affects Flexible PDF Coupons: from n/a through n/a." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/flexible-coupons/vulnerability/wordpress-flexible-pdf-coupons-plugin-1-10-3-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-230xx/CVE-2025-23086.json b/CVE-2025/CVE-2025-230xx/CVE-2025-23086.json index 0a3d8dbdacc..8ff4008cfca 100644 --- a/CVE-2025/CVE-2025-230xx/CVE-2025-23086.json +++ b/CVE-2025/CVE-2025-230xx/CVE-2025-23086.json @@ -2,7 +2,7 @@ "id": "CVE-2025-23086", "sourceIdentifier": "support@hackerone.com", "published": "2025-01-21T05:15:07.960", - "lastModified": "2025-01-21T05:15:07.960", + "lastModified": "2025-01-21T15:15:14.833", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "En la mayor\u00eda de las plataformas de escritorio, las versiones 1.70.x-1.73.x de Brave Browser inclu\u00edan una funci\u00f3n para mostrar el origen de un sitio en el cuadro de di\u00e1logo de selecci\u00f3n de archivos proporcionado por el sistema operativo cuando un sitio solicita al usuario que cargue o descargue un archivo. Sin embargo, en algunos casos, el origen no se dedujo correctamente. Cuando se combina con una vulnerabilidad de redireccionamiento abierto en un sitio confiable, esto podr\u00eda permitir que un sitio malicioso inicie una descarga cuyo origen en el cuadro de di\u00e1logo de selecci\u00f3n de archivos aparece como el sitio confiable que inici\u00f3 la redirecci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] + } + ], "references": [ { "url": "https://hackerone.com/reports/2888770", diff --git a/CVE-2025/CVE-2025-232xx/CVE-2025-23218.json b/CVE-2025/CVE-2025-232xx/CVE-2025-23218.json index 6a67df3bbaf..32c8dc6aef8 100644 --- a/CVE-2025/CVE-2025-232xx/CVE-2025-23218.json +++ b/CVE-2025/CVE-2025-232xx/CVE-2025-23218.json @@ -2,13 +2,17 @@ "id": "CVE-2025-23218", "sourceIdentifier": "security-advisories@github.com", "published": "2025-01-20T16:15:28.317", - "lastModified": "2025-01-20T16:15:28.317", + "lastModified": "2025-01-21T15:15:15.053", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionar_especie.php endpoint. This vulnerability allows attackers to execute arbitrary SQL commands in the database, allowing unauthorized access to sensitive information. During the exploit, it was possible to perform a complete dump of the application's database, highlighting the severity of the flaw. This vulnerability is fixed in 3.2.10." + }, + { + "lang": "es", + "value": "WeGIA es un gestor web de c\u00f3digo abierto centrado en el idioma portugu\u00e9s y en instituciones ben\u00e9ficas. Se identific\u00f3 una vulnerabilidad de inyecci\u00f3n SQL en la aplicaci\u00f3n WeGIA, concretamente en el archivo endpoint adicionar_especie.php. Esta vulnerabilidad permite a los atacantes ejecutar comandos SQL arbitrarios en la base de datos, lo que permite el acceso no autorizado a informaci\u00f3n sensible. Durante la explotaci\u00f3n, fue posible realizar un volcado completo de la base de datos de la aplicaci\u00f3n, lo que pone de relieve la gravedad de la falla. Esta vulnerabilidad se ha corregido en la versi\u00f3n 3.2.10." } ], "metrics": { @@ -55,12 +59,34 @@ "providerUrgency": "NOT_DEFINED" } } + ], + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } ] }, "weaknesses": [ { "source": "security-advisories@github.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2025/CVE-2025-232xx/CVE-2025-23219.json b/CVE-2025/CVE-2025-232xx/CVE-2025-23219.json index 5ccb47e3086..45772841549 100644 --- a/CVE-2025/CVE-2025-232xx/CVE-2025-23219.json +++ b/CVE-2025/CVE-2025-232xx/CVE-2025-23219.json @@ -2,13 +2,17 @@ "id": "CVE-2025-23219", "sourceIdentifier": "security-advisories@github.com", "published": "2025-01-20T16:15:28.460", - "lastModified": "2025-01-20T16:15:28.460", + "lastModified": "2025-01-21T15:15:15.247", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionar_cor.php endpoint. This vulnerability allows attackers to execute arbitrary SQL commands in the database, allowing unauthorized access to sensitive information. During the exploit, it was possible to perform a complete dump of the application's database, highlighting the severity of the flaw. This vulnerability is fixed in 3.2.10." + }, + { + "lang": "es", + "value": "WeGIA es un gestor web de c\u00f3digo abierto centrado en el idioma portugu\u00e9s y en instituciones ben\u00e9ficas. Se identific\u00f3 una vulnerabilidad de inyecci\u00f3n SQL en la aplicaci\u00f3n WeGIA, concretamente en el archivo endpoint adicionar_cor.php. Esta vulnerabilidad permite a los atacantes ejecutar comandos SQL arbitrarios en la base de datos, lo que permite el acceso no autorizado a informaci\u00f3n sensible. Durante la explotaci\u00f3n, fue posible realizar un volcado completo de la base de datos de la aplicaci\u00f3n, lo que pone de relieve la gravedad de la falla. Esta vulnerabilidad se ha corregido en la versi\u00f3n 3.2.10." } ], "metrics": { @@ -55,12 +59,34 @@ "providerUrgency": "NOT_DEFINED" } } + ], + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } ] }, "weaknesses": [ { "source": "security-advisories@github.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2025/CVE-2025-232xx/CVE-2025-23220.json b/CVE-2025/CVE-2025-232xx/CVE-2025-23220.json index d1b41ef64f1..a83b174f177 100644 --- a/CVE-2025/CVE-2025-232xx/CVE-2025-23220.json +++ b/CVE-2025/CVE-2025-232xx/CVE-2025-23220.json @@ -2,13 +2,17 @@ "id": "CVE-2025-23220", "sourceIdentifier": "security-advisories@github.com", "published": "2025-01-20T16:15:28.593", - "lastModified": "2025-01-20T16:15:28.593", + "lastModified": "2025-01-21T15:15:15.430", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionar_raca.php endpoint. This vulnerability allows attackers to execute arbitrary SQL commands in the database, allowing unauthorized access to sensitive information. During the exploit, it was possible to perform a complete dump of the application's database, highlighting the severity of the flaw. This vulnerability is fixed in 3.2.10." + }, + { + "lang": "es", + "value": "WeGIA es un gestor web de c\u00f3digo abierto centrado en el idioma portugu\u00e9s y en instituciones ben\u00e9ficas. Se identific\u00f3 una vulnerabilidad de inyecci\u00f3n SQL en la aplicaci\u00f3n WeGIA, concretamente en el archivo endpoint adicionar_raca.php. Esta vulnerabilidad permite a los atacantes ejecutar comandos SQL arbitrarios en la base de datos, lo que permite el acceso no autorizado a informaci\u00f3n sensible. Durante la explotaci\u00f3n, fue posible realizar un volcado completo de la base de datos de la aplicaci\u00f3n, lo que pone de relieve la gravedad de la falla. Esta vulnerabilidad se ha corregido en la versi\u00f3n 3.2.10." } ], "metrics": { @@ -55,12 +59,34 @@ "providerUrgency": "NOT_DEFINED" } } + ], + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } ] }, "weaknesses": [ { "source": "security-advisories@github.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2025/CVE-2025-239xx/CVE-2025-23997.json b/CVE-2025/CVE-2025-239xx/CVE-2025-23997.json new file mode 100644 index 00000000000..afa9f66d918 --- /dev/null +++ b/CVE-2025/CVE-2025-239xx/CVE-2025-23997.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23997", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:13.230", + "lastModified": "2025-01-21T14:15:13.230", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dev@tamara.co Tamara Checkout allows Stored XSS. This issue affects Tamara Checkout: from n/a through 1.9.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/tamara-checkout/vulnerability/wordpress-tamara-checkout-plugin-1-9-8-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-239xx/CVE-2025-23998.json b/CVE-2025/CVE-2025-239xx/CVE-2025-23998.json new file mode 100644 index 00000000000..a5a55d1a051 --- /dev/null +++ b/CVE-2025/CVE-2025-239xx/CVE-2025-23998.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23998", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:13.413", + "lastModified": "2025-01-21T14:15:13.413", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rara Theme UltraLight allows Reflected XSS. This issue affects UltraLight: from n/a through 1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/the-ultralight/vulnerability/wordpress-ultralight-theme-1-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-240xx/CVE-2025-24001.json b/CVE-2025/CVE-2025-240xx/CVE-2025-24001.json new file mode 100644 index 00000000000..f7a58f47372 --- /dev/null +++ b/CVE-2025/CVE-2025-240xx/CVE-2025-24001.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-24001", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-21T14:15:13.600", + "lastModified": "2025-01-21T14:15:13.600", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in PPO Vi\u1ec7t Nam (ppo.vn) PPO Call To Actions allows Cross Site Request Forgery. This issue affects PPO Call To Actions: from n/a through 0.1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ppo-call-to-actions/vulnerability/wordpress-ppo-call-to-actions-plugin-0-1-3-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-240xx/CVE-2025-24011.json b/CVE-2025/CVE-2025-240xx/CVE-2025-24011.json new file mode 100644 index 00000000000..2ccd849744a --- /dev/null +++ b/CVE-2025/CVE-2025-240xx/CVE-2025-24011.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-24011", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-01-21T16:15:14.760", + "lastModified": "2025-01-21T16:15:14.760", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Umbraco is a free and open source .NET content management system. Starting in version 14.0.0 and prior to versions 14.3.2 and 15.1.2, it's possible to determine whether an account exists based on an analysis of response codes and timing of Umbraco management API responses. Versions 14.3.2 and 15.1.2 contain a patch. No known workarounds are available." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/umbraco/Umbraco-CMS/commit/559c6c9f312df1d6eb1bde82c4b81c0896da6382", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/umbraco/Umbraco-CMS/commit/839b6816f2ae3e5f54459a0f09dad6b17e2d1e07", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-hmg4-wwm5-p999", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-240xx/CVE-2025-24012.json b/CVE-2025/CVE-2025-240xx/CVE-2025-24012.json new file mode 100644 index 00000000000..394f6556baa --- /dev/null +++ b/CVE-2025/CVE-2025-240xx/CVE-2025-24012.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-24012", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-01-21T16:15:14.923", + "lastModified": "2025-01-21T16:15:14.923", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Umbraco is a free and open source .NET content management system. Starting in version 14.0.0 and prior to versions 14.3.2 and 15.1.2, authenticated users are able to exploit a cross-site scripting vulnerability when viewing certain localized backoffice components. Versions 14.3.2 and 15.1.2 contain a patch." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", + "baseScore": 4.6, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/umbraco/Umbraco-CMS/commit/d4f8754f933895b3a329296e25ddea6f84a0aea2", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-wv8v-rmw2-25wc", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-240xx/CVE-2025-24017.json b/CVE-2025/CVE-2025-240xx/CVE-2025-24017.json new file mode 100644 index 00000000000..eebecd150d2 --- /dev/null +++ b/CVE-2025/CVE-2025-240xx/CVE-2025-24017.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-24017", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-01-21T16:15:15.087", + "lastModified": "2025-01-21T16:15:15.087", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "YesWiki is a wiki system written in PHP. Versions up to and including 4.4.5 are vulnerable to any end-user crafting a DOM based XSS on all of YesWiki's pages which is triggered when a user clicks on a malicious link. The vulnerability makes use of the search by tag feature. When a tag doesn't exist, the tag is reflected on the page and isn't properly sanitized on the server side which allows a malicious user to generate a link that will trigger an XSS on the client's side when clicked. This vulnerability allows any user to generate a malicious link that will trigger an account takeover when clicked, therefore allowing a user to steal other accounts, modify pages, comments, permissions, extract user data (emails), thus impacting the integrity, availability and confidentiality of a YesWiki instance. Version 4.5.0 contains a patch for the issue." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/YesWiki/yeswiki/blob/doryphore-dev/tools/tags/handlers/page/listpages.php#L84", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/YesWiki/yeswiki/commit/c1e28b59394957902c31c850219e4504a20db98b", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-wphc-5f2j-jhvg", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 72ddee69c2b..100826af8e1 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-01-21T13:00:55.110954+00:00 +2025-01-21T17:00:40.320556+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-01-21T12:15:27.737000+00:00 +2025-01-21T16:59:48.077000+00:00 ``` ### Last Data Feed Release @@ -33,38 +33,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -278186 +278248 ``` ### CVEs added in the last Commit -Recently added CVEs: `18` +Recently added CVEs: `62` -- [CVE-2024-11226](CVE-2024/CVE-2024-112xx/CVE-2024-11226.json) (`2025-01-21T11:15:08.063`) -- [CVE-2024-13230](CVE-2024/CVE-2024-132xx/CVE-2024-13230.json) (`2025-01-21T11:15:09.267`) -- [CVE-2024-13444](CVE-2024/CVE-2024-134xx/CVE-2024-13444.json) (`2025-01-21T11:15:09.450`) -- [CVE-2024-37284](CVE-2024/CVE-2024-372xx/CVE-2024-37284.json) (`2025-01-21T11:15:09.633`) -- [CVE-2024-43709](CVE-2024/CVE-2024-437xx/CVE-2024-43709.json) (`2025-01-21T11:15:09.807`) -- [CVE-2024-52973](CVE-2024/CVE-2024-529xx/CVE-2024-52973.json) (`2025-01-21T11:15:10.200`) -- [CVE-2024-57930](CVE-2024/CVE-2024-579xx/CVE-2024-57930.json) (`2025-01-21T12:15:26.600`) -- [CVE-2024-57931](CVE-2024/CVE-2024-579xx/CVE-2024-57931.json) (`2025-01-21T12:15:26.713`) -- [CVE-2024-57932](CVE-2024/CVE-2024-579xx/CVE-2024-57932.json) (`2025-01-21T12:15:26.837`) -- [CVE-2024-57933](CVE-2024/CVE-2024-579xx/CVE-2024-57933.json) (`2025-01-21T12:15:26.947`) -- [CVE-2024-57934](CVE-2024/CVE-2024-579xx/CVE-2024-57934.json) (`2025-01-21T12:15:27.047`) -- [CVE-2024-57935](CVE-2024/CVE-2024-579xx/CVE-2024-57935.json) (`2025-01-21T12:15:27.153`) -- [CVE-2024-57936](CVE-2024/CVE-2024-579xx/CVE-2024-57936.json) (`2025-01-21T12:15:27.257`) -- [CVE-2024-57937](CVE-2024/CVE-2024-579xx/CVE-2024-57937.json) (`2025-01-21T12:15:27.360`) -- [CVE-2024-57938](CVE-2024/CVE-2024-579xx/CVE-2024-57938.json) (`2025-01-21T12:15:27.463`) -- [CVE-2025-0450](CVE-2025/CVE-2025-04xx/CVE-2025-0450.json) (`2025-01-21T11:15:10.593`) -- [CVE-2025-0614](CVE-2025/CVE-2025-06xx/CVE-2025-0614.json) (`2025-01-21T12:15:27.580`) -- [CVE-2025-0615](CVE-2025/CVE-2025-06xx/CVE-2025-0615.json) (`2025-01-21T12:15:27.737`) +- [CVE-2025-22311](CVE-2025/CVE-2025-223xx/CVE-2025-22311.json) (`2025-01-21T14:15:09.930`) +- [CVE-2025-22318](CVE-2025/CVE-2025-223xx/CVE-2025-22318.json) (`2025-01-21T14:15:10.110`) +- [CVE-2025-22322](CVE-2025/CVE-2025-223xx/CVE-2025-22322.json) (`2025-01-21T14:15:10.280`) +- [CVE-2025-22553](CVE-2025/CVE-2025-225xx/CVE-2025-22553.json) (`2025-01-21T14:15:10.453`) +- [CVE-2025-22706](CVE-2025/CVE-2025-227xx/CVE-2025-22706.json) (`2025-01-21T14:15:10.640`) +- [CVE-2025-22709](CVE-2025/CVE-2025-227xx/CVE-2025-22709.json) (`2025-01-21T14:15:10.823`) +- [CVE-2025-22710](CVE-2025/CVE-2025-227xx/CVE-2025-22710.json) (`2025-01-21T14:15:11.000`) +- [CVE-2025-22711](CVE-2025/CVE-2025-227xx/CVE-2025-22711.json) (`2025-01-21T14:15:11.173`) +- [CVE-2025-22716](CVE-2025/CVE-2025-227xx/CVE-2025-22716.json) (`2025-01-21T14:15:11.343`) +- [CVE-2025-22717](CVE-2025/CVE-2025-227xx/CVE-2025-22717.json) (`2025-01-21T14:15:11.527`) +- [CVE-2025-22718](CVE-2025/CVE-2025-227xx/CVE-2025-22718.json) (`2025-01-21T14:15:11.697`) +- [CVE-2025-22719](CVE-2025/CVE-2025-227xx/CVE-2025-22719.json) (`2025-01-21T14:15:11.860`) +- [CVE-2025-22723](CVE-2025/CVE-2025-227xx/CVE-2025-22723.json) (`2025-01-21T14:15:12.017`) +- [CVE-2025-22727](CVE-2025/CVE-2025-227xx/CVE-2025-22727.json) (`2025-01-21T14:15:12.173`) +- [CVE-2025-22732](CVE-2025/CVE-2025-227xx/CVE-2025-22732.json) (`2025-01-21T14:15:12.387`) +- [CVE-2025-22733](CVE-2025/CVE-2025-227xx/CVE-2025-22733.json) (`2025-01-21T14:15:12.570`) +- [CVE-2025-22735](CVE-2025/CVE-2025-227xx/CVE-2025-22735.json) (`2025-01-21T14:15:12.737`) +- [CVE-2025-22763](CVE-2025/CVE-2025-227xx/CVE-2025-22763.json) (`2025-01-21T14:15:12.900`) +- [CVE-2025-22825](CVE-2025/CVE-2025-228xx/CVE-2025-22825.json) (`2025-01-21T14:15:13.060`) +- [CVE-2025-23997](CVE-2025/CVE-2025-239xx/CVE-2025-23997.json) (`2025-01-21T14:15:13.230`) +- [CVE-2025-23998](CVE-2025/CVE-2025-239xx/CVE-2025-23998.json) (`2025-01-21T14:15:13.413`) +- [CVE-2025-24001](CVE-2025/CVE-2025-240xx/CVE-2025-24001.json) (`2025-01-21T14:15:13.600`) +- [CVE-2025-24011](CVE-2025/CVE-2025-240xx/CVE-2025-24011.json) (`2025-01-21T16:15:14.760`) +- [CVE-2025-24012](CVE-2025/CVE-2025-240xx/CVE-2025-24012.json) (`2025-01-21T16:15:14.923`) +- [CVE-2025-24017](CVE-2025/CVE-2025-240xx/CVE-2025-24017.json) (`2025-01-21T16:15:15.087`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `70` -- [CVE-2025-21654](CVE-2025/CVE-2025-216xx/CVE-2025-21654.json) (`2025-01-21T11:15:10.777`) +- [CVE-2024-37306](CVE-2024/CVE-2024-373xx/CVE-2024-37306.json) (`2025-01-21T14:37:34.690`) +- [CVE-2024-3863](CVE-2024/CVE-2024-38xx/CVE-2024-3863.json) (`2025-01-21T16:52:27.313`) +- [CVE-2024-3872](CVE-2024/CVE-2024-38xx/CVE-2024-3872.json) (`2025-01-21T16:57:31.850`) +- [CVE-2024-3875](CVE-2024/CVE-2024-38xx/CVE-2024-3875.json) (`2025-01-21T16:44:42.840`) +- [CVE-2024-3876](CVE-2024/CVE-2024-38xx/CVE-2024-3876.json) (`2025-01-21T16:38:31.227`) +- [CVE-2024-3877](CVE-2024/CVE-2024-38xx/CVE-2024-3877.json) (`2025-01-21T16:34:51.410`) +- [CVE-2024-3878](CVE-2024/CVE-2024-38xx/CVE-2024-3878.json) (`2025-01-21T16:32:56.933`) +- [CVE-2024-4166](CVE-2024/CVE-2024-41xx/CVE-2024-4166.json) (`2025-01-21T14:45:35.713`) +- [CVE-2024-4167](CVE-2024/CVE-2024-41xx/CVE-2024-4167.json) (`2025-01-21T14:41:18.070`) +- [CVE-2024-4168](CVE-2024/CVE-2024-41xx/CVE-2024-4168.json) (`2025-01-21T14:34:05.903`) +- [CVE-2024-4169](CVE-2024/CVE-2024-41xx/CVE-2024-4169.json) (`2025-01-21T14:20:59.187`) +- [CVE-2024-4170](CVE-2024/CVE-2024-41xx/CVE-2024-4170.json) (`2025-01-21T14:15:32.487`) +- [CVE-2024-4196](CVE-2024/CVE-2024-41xx/CVE-2024-4196.json) (`2025-01-21T14:31:31.413`) +- [CVE-2024-4197](CVE-2024/CVE-2024-41xx/CVE-2024-4197.json) (`2025-01-21T14:31:21.327`) +- [CVE-2024-45393](CVE-2024/CVE-2024-453xx/CVE-2024-45393.json) (`2025-01-21T14:33:37.030`) +- [CVE-2024-47115](CVE-2024/CVE-2024-471xx/CVE-2024-47115.json) (`2025-01-21T16:15:46.587`) +- [CVE-2024-50633](CVE-2024/CVE-2024-506xx/CVE-2024-50633.json) (`2025-01-21T15:15:12.907`) +- [CVE-2024-54724](CVE-2024/CVE-2024-547xx/CVE-2024-54724.json) (`2025-01-21T16:15:13.583`) +- [CVE-2024-7344](CVE-2024/CVE-2024-73xx/CVE-2024-7344.json) (`2025-01-21T16:50:20.583`) +- [CVE-2025-0532](CVE-2025/CVE-2025-05xx/CVE-2025-0532.json) (`2025-01-21T16:15:14.560`) +- [CVE-2025-0590](CVE-2025/CVE-2025-05xx/CVE-2025-0590.json) (`2025-01-21T15:15:14.117`) +- [CVE-2025-23086](CVE-2025/CVE-2025-230xx/CVE-2025-23086.json) (`2025-01-21T15:15:14.833`) +- [CVE-2025-23218](CVE-2025/CVE-2025-232xx/CVE-2025-23218.json) (`2025-01-21T15:15:15.053`) +- [CVE-2025-23219](CVE-2025/CVE-2025-232xx/CVE-2025-23219.json) (`2025-01-21T15:15:15.247`) +- [CVE-2025-23220](CVE-2025/CVE-2025-232xx/CVE-2025-23220.json) (`2025-01-21T15:15:15.430`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 378600926fc..f964b2a26be 100644 --- a/_state.csv +++ b/_state.csv @@ -36483,7 +36483,7 @@ CVE-2008-7105,0,0,a25671f76448edde97a20631d95cf1a4e344856979782f20cb2b3e79b2db13 CVE-2008-7106,0,0,be35ac5156b239df06289f71ddc502bbbd7e521441d7947abd5c2db5c98cdfaf,2024-11-21T00:58:17.403000 CVE-2008-7107,0,0,ed8e88a8065041f19b253d4d42957ae8a09dfc6cc25e32c496da49654cdcf88d,2024-11-21T00:58:17.540000 CVE-2008-7108,0,0,a5109c66f1c0f7b69b4198b08d9527cbdd732c7958053c64dfbcf17dc4ca6129,2024-11-21T00:58:17.683000 -CVE-2008-7109,0,0,6d4e01a13d6ccb1d8f743254afa4a6a4c37cb145916649b05252d9fd252e5ede,2024-11-21T00:58:17.817000 +CVE-2008-7109,0,1,44709de52fe14a0f3fc9e4d853756eda04997993e9066b9397ace0212a12e403,2025-01-21T16:15:07.623000 CVE-2008-7110,0,0,9b4a24f2b52feada138925c858ce2b414dcbd3e274eb8bf1bd711b7c3ee57faf,2024-11-21T00:58:17.983000 CVE-2008-7111,0,0,4c1ea5be0c0e761bd902e1547f7f3286300c619dd0eb4116e40aa9195a3dd369,2024-11-21T00:58:18.140000 CVE-2008-7112,0,0,e4166a9d063d6ee7737eb509a416a481cef9eab9b5a625e62ea2db9ca2af0c04,2024-11-21T00:58:18.287000 @@ -36771,7 +36771,7 @@ CVE-2009-0078,0,0,4c2091127ce2518d5519c4a282130f13952a7870c750ab1a7136f135b89444 CVE-2009-0079,0,0,85a4ac376d85f77a848a71a0d46fd7d20f1e001e18b54616b791c923ef2ef2de,2024-11-21T00:59:00.547000 CVE-2009-0080,0,0,5a9f2b31ce8d3615ae764e812e5a306c8ca0461939f5f3608a707e889146e4c6,2024-11-21T00:59:00.680000 CVE-2009-0081,0,0,3b21f6adafee8bb60e75c6a072350103d47c2f7138be73b6b4468dc1a7b6dd8f,2024-11-21T00:59:00.813000 -CVE-2009-0082,0,0,4690da49cf15b8da5534f1c9cc9a5fccbeace23d4c5d6b84a4ea25a6a5c8fda2,2024-11-21T00:59:00.933000 +CVE-2009-0082,0,1,547668f122744883143666e064904eb90e25cc284ade06e3d110fe4cacfdbf65,2025-01-21T16:15:08.470000 CVE-2009-0083,0,0,50f9a00f8edd8c8197489557eb523e789c3b0c4ae672af432b73d71da0a91759,2024-11-21T00:59:01.067000 CVE-2009-0084,0,0,c7fdb63ed1d812fe96ebc12c04692d00db3ea533abe29b5691c29243f337a898,2024-11-21T00:59:01.200000 CVE-2009-0085,0,0,8df06e62674022683704882e7cd02a74145d1993644ae7bf329483eec6a665ad,2024-11-21T00:59:01.340000 @@ -36816,7 +36816,7 @@ CVE-2009-0126,0,0,381731e8c061789afb0e0384efb5d150c9ad0fc0fcb5c56b73201470349257 CVE-2009-0127,0,0,f5fe88a88c6d0c3c22f133ef955410eae0ca35113b3e48970a98811b3e47c187,2024-11-21T00:59:06.927000 CVE-2009-0128,0,0,b584a7cb50c5867ac22824bfc6462510fe495e4a71acaf9994b424425250f107,2024-11-21T00:59:07.083000 CVE-2009-0129,0,0,9f91ac6f567b247e5718eca1cee8942e729f23410a18a0e16ea2fff51a7edc81,2024-11-21T00:59:07.250000 -CVE-2009-0130,0,0,aba9dbb39a876bed6f1d951266d300e8b13566448ad1c31170ba8c2b2176ad76,2024-11-21T00:59:07.410000 +CVE-2009-0130,0,1,eb89f50b87b48a98481e93831bf899b76781de7e48795675ad39d0ad85b985ef,2025-01-21T16:15:08.717000 CVE-2009-0131,0,0,6ea579b924f2171838ce5c063022b93c683dfa27148a7b45d22ae5d57a178848,2024-11-21T00:59:07.570000 CVE-2009-0132,0,0,07039e450193cdfea510bb10daa71299deea52ca68653d1dc92454e027b6d2c6,2024-11-21T00:59:07.757000 CVE-2009-0133,0,0,89f6b20608cadff01f9570dc8a7daf529f245e940c5ea8843007b6bb79bfa457,2024-11-21T00:59:07.920000 @@ -37235,7 +37235,7 @@ CVE-2009-0550,0,0,dd4c1ad97db222c2c72ea10ae58c6c5bef9c38763c796cf220fdf439a859b9 CVE-2009-0551,0,0,3da73b124d79ec0f9e39cf046da10511f5642da3c9b2de142993f55f4e0080c6,2024-11-21T01:00:17.987000 CVE-2009-0552,0,0,cd3ceeae23e1fc07e0ad05cf1760e91416d1aff2e702abf202233d351b474fee,2024-11-21T01:00:18.227000 CVE-2009-0553,0,0,b20dd7a5c1daab57563c8b26fdc105e3ce3dc06bf26fff8adfbb69436962ae75,2024-11-21T01:00:18.340000 -CVE-2009-0554,0,0,00396083ef6d95d8939d44f293e7ad4852420afe05fe3e43f606d976ae05bb03,2024-11-21T01:00:18.450000 +CVE-2009-0554,0,1,d1505af6acbe317be74b2cb87f2b322b68896d1e74815346db1b42780291aadb,2025-01-21T16:15:08.967000 CVE-2009-0555,0,0,c3eb664d5a34a861ca41a8c5012e7b76ee5fa8b437df3478f9d8030932dc0cef,2024-11-21T01:00:18.573000 CVE-2009-0556,0,0,ac776ce57bd85f67097b49d4a4d5697e2c55e1bc69a3194e5cdf42501a52b8ce,2024-11-21T01:00:18.737000 CVE-2009-0557,0,0,6a27a13710792f6f1808c3deb9c5367bde04a877df9168839587826a0fcfd703,2024-12-19T18:03:46.290000 @@ -38171,7 +38171,7 @@ CVE-2009-1528,0,0,b6e9056a422d09c26e36b992019ac5c21d0473ed579b62c0591589effc50f9 CVE-2009-1529,0,0,2f436e3ec72874f87eb34a9ce767fec7230289354b80a65e1e8f41c7bcfce2e0,2024-11-21T01:02:40.960000 CVE-2009-1530,0,0,7109d417a2c3b99153689aed75b64ccd6c962da0041f1df421c694737c11b991,2024-11-21T01:02:41.420000 CVE-2009-1531,0,0,ea35acd8bf3988e19d0188139d119f035cb9023a03696146f85a0168752b397d,2024-11-21T01:02:41.603000 -CVE-2009-1532,0,0,111e3630b0e0c568aaf4e6d2af6abda4b3ce15e36860ff00cf80136f2b7a9559,2024-11-21T01:02:41.780000 +CVE-2009-1532,0,1,8861d4764255eec4ac31896114e65cbdc0558f7cc5aac80fa27cb3ffb7eee532,2025-01-21T16:15:09.300000 CVE-2009-1533,0,0,ab330ad61411af3b398a093b47d80fa7e50140174912f04d59492ca4a1b84b85,2024-11-21T01:02:41.967000 CVE-2009-1534,0,0,5de757d7c7927d1d6d573a1b9cc9eddbd2dce3b5b1f62f820d9d83ad62bb59e8,2024-11-21T01:02:42.117000 CVE-2009-1535,0,0,2d0dda1716114ab9d2ae86b325f970e1194116be4e65ad6e246c63d96019a51b,2024-11-21T01:02:42.803000 @@ -38570,7 +38570,7 @@ CVE-2009-1932,0,0,4c6674150a68699dd2ac74a6fbb96dd4f268484f070859d8603f7607a346c4 CVE-2009-1933,0,0,b1a2cabe5b05bfc9d5ce1f4cd9c54dd3a47c15f3cf55999a4239b942027a79ee,2024-11-21T01:03:43.743000 CVE-2009-1934,0,0,13a0dfb9b9a496f931641446ce057ef242d770c1fec987436ba933d3eaa0507d,2024-11-21T01:03:43.900000 CVE-2009-1935,0,0,45123f3d04097b632f5a2fe5acf3fd72da68c3f34d9a36cb7b5c7640331e3c43,2024-11-21T01:03:44.057000 -CVE-2009-1936,0,0,04332780815d92772c9dfd03730e272696058705d275932dbbc915b09897c2fe,2024-11-21T01:03:44.170000 +CVE-2009-1936,0,1,5b52571196aed10417b2a2db79f03461bc96436def00dbe66d55c44700f25470,2025-01-21T16:15:09.737000 CVE-2009-1937,0,0,e82b266040a4e3b9c37710a6d13f5b24ecdce21ba200c37f88976b6c20e35640,2024-11-21T01:03:44.303000 CVE-2009-1938,0,0,80cf1a42c9ef8673baef2ccc3fb63e3b5bd48bd54ed0fa697876f17809243991,2024-11-21T01:03:44.437000 CVE-2009-1939,0,0,a3a97642fec7606f891c352dc694babfeee25d4a51e1c5d6d934ac95a2a7d367,2024-11-21T01:03:44.577000 @@ -38803,7 +38803,7 @@ CVE-2009-2164,0,0,c825544ab6d224bfe89d4a34ac96eb0aeb797dc64402230ec3c7221e48c17c CVE-2009-2165,0,0,9b93063b9dac942eef528903fa2eb4fdd72b921c94e50ff061eb8c5aec9dae43,2024-11-21T01:04:16.723000 CVE-2009-2166,0,0,e42d158050b2a1df2e8dd0d8e55c207d6092aaeb993b2f73caf2c3260156e621,2024-11-21T01:04:16.853000 CVE-2009-2167,0,0,eefe102a74233aea5f363b5dfc13c6880a763b90e5072b5e34e863b08fac2d81,2024-11-21T01:04:16.990000 -CVE-2009-2168,0,0,eef6037c67c10e1ae5379330dc4917b2f458682859df4c896ccb11d4b628bdfc,2024-11-21T01:04:17.133000 +CVE-2009-2168,0,1,0c2d70ddcd1f731fb3e7c4e628b9e16f172d052e3213098124680932c6264157,2025-01-21T16:15:10.100000 CVE-2009-2169,0,0,24aadbf5bee8ad540b34e675a94fb14b5a04a52ba13525a7ba4a70069c83227e,2024-11-21T01:04:17.253000 CVE-2009-2170,0,0,883fafb0c87166d608d8291c7825b20ebafc0e05b17421c1d66f973b3edae308,2024-11-21T01:04:17.377000 CVE-2009-2171,0,0,c9ff69e0f3ccd3e835e7bb11c52427cb96df26a1fe62878b643da6c2b9744511,2024-11-21T01:04:17.497000 @@ -39036,7 +39036,7 @@ CVE-2009-2412,0,0,18785be83b6ffe69d36a4122fccea8d59c1fd4245582adc1170aa092a5b637 CVE-2009-2413,0,0,a25928081007f9b9bebe4c2b0d60c15e13b7fb14f91d913a30f331343d9d7bec,2023-11-07T02:04:07.557000 CVE-2009-2414,0,0,1aa1880a49f84150abaca943bc4ac8548709a7eabe5ec99523ce433c8340af6a,2024-11-21T01:04:48.970000 CVE-2009-2415,0,0,e45e82a1b6ed9136a6101ede24ba0a1a9f7c8f401d0b067824342047fd32ac98,2024-11-21T01:04:49.137000 -CVE-2009-2416,0,0,769812848ad956f53b30f193ebe2dd84dd0787ac28be03425ec232e5d31499f0,2024-11-21T01:04:49.253000 +CVE-2009-2416,0,1,5a6bb2d7b1d534c9dd048f005c8d2036479e9626d06d9716d03172a5315f0064,2025-01-21T16:15:10.397000 CVE-2009-2417,0,0,3374642655962f3e34d52d874e689a2520f481837a61ec507ba5e67940991ebe,2024-11-21T01:04:49.463000 CVE-2009-2418,0,0,8ed7c7094dfa157a94b8e585f295341e68f87b196dc9251514ae12265e3f2736,2023-11-07T02:04:07.910000 CVE-2009-2419,0,0,2c77dfe364e17d32e5b10e75ab9a48b0183f145cde957631af731bdeac4bb98c,2024-11-21T01:04:49.653000 @@ -39114,7 +39114,7 @@ CVE-2009-2490,0,0,71897aa9c946feee91e91e6af92502eae10dd4f8790fd25e9b04fc7060f0e3 CVE-2009-2491,0,0,d553abfe841b22a9f0feb08cf10f5774a3246fe1c8685d5b1876b1998e55f444,2024-11-21T01:05:00.320000 CVE-2009-2492,0,0,5748f19ef9f50d253968edcd924da0a6b2000c4e70678eb21b4896fd8d1ad436,2024-11-21T01:05:00.463000 CVE-2009-2493,0,0,afc5fe0548f3d588e911089b41b060d704f770c8b9522bd94e97a063e24009ee,2024-11-21T01:05:00.613000 -CVE-2009-2494,0,0,3c316323bdf1f8354e3d6482b950a5709f9fdb10021fcfd30958648cf1da5d77,2024-11-21T01:05:00.813000 +CVE-2009-2494,0,1,48692bec91a7506ffaecf6e7269467aaf8dfc1913cb0ee8bbc9551e4a51d23df,2025-01-21T16:15:10.823000 CVE-2009-2495,0,0,34f9708d990f40838f08f4cdfa3183a916cdf629818645ffedea669e7efba4e8,2024-11-21T01:05:00.960000 CVE-2009-2496,0,0,729ecce71ba5c313483c4329c04a6d36b0e2caeaec5d5c8b2c0058e56df2f9db,2024-11-21T01:05:01.103000 CVE-2009-2497,0,0,5936d3b4b5393adb7cb5a07927aeb4925ccc4886d9054786713d736cb6952fac,2024-11-21T01:05:01.223000 @@ -39461,7 +39461,7 @@ CVE-2009-2853,0,0,64bd48f3708f1dff9e1f36b0614abc9eb435ba884e809793257fc43fcc81ba CVE-2009-2854,0,0,1a095e46ddc37c71ad9fcbd855f1e67bf8c6b47a68eaca07142c76c58093d06e,2024-11-21T01:05:54.503000 CVE-2009-2855,0,0,c64103fda0a9515eba5e77c18fd9a801c05df85a427078f5ba3d4cda7042413a,2024-11-21T01:05:54.650000 CVE-2009-2856,0,0,9bacef302c9d417f931db6c1cf970ba0be0bf357a0829c6c3c7a502bb565d193,2024-11-21T01:05:54.803000 -CVE-2009-2857,0,0,d7036c56c065f3288bf2009c3a4fce38faece97db4a1681affde1ac680cad4c5,2024-11-21T01:05:54.947000 +CVE-2009-2857,0,1,478e4b4e46e44077feb14b65e3a40d4c54d8a5a25370a9751cef78af7c39b7c5,2025-01-21T16:15:11.127000 CVE-2009-2858,0,0,bfa09f73d79178a54c37579a5763c6d1e0cd7f465d430b1554ff022b1a8a75d2,2024-11-21T01:05:55.097000 CVE-2009-2859,0,0,2f952d60e97a502322526560885a334934fd7d1868f53c69eae841323b3d9334,2024-11-21T01:05:55.240000 CVE-2009-2860,0,0,494d0d6044227d11f659110a3e38875733cf99c1beb26f1faa206d6b0ec41412,2024-11-21T01:05:55.380000 @@ -126954,7 +126954,7 @@ CVE-2018-9383,0,0,c89224b42a673c2ba561f8d564c0b57247b154576a411c31a4de3b6913dfa4 CVE-2018-9384,0,0,e4b7bd9324fe35cee717b3330ca49573c78078ec024a41d047ade48e00e92ff5,2025-01-17T23:15:12.120000 CVE-2018-9385,0,0,963ab87aab004413f51f225df7125c38dada01fc62280d1b6b2d796be35cbfda,2024-11-21T04:15:25.463000 CVE-2018-9386,0,0,00c05564d802b59f0ce740fae1821c18eb3e04be32703f1b88fcf171f14e151d,2024-12-19T16:51:52.097000 -CVE-2018-9387,0,0,2c00d0bda3121a3b0305bcce3def513c9e991b09b7f141ad4497d3f398b438fc,2025-01-18T00:15:23.930000 +CVE-2018-9387,0,1,e14a29c2281b7b769ef8347ea717441de11cc8204f63f632139aaa6bd3a5fc79,2025-01-21T16:15:11.453000 CVE-2018-9388,0,0,cd8b1868b6c78b44a87a461eb158bc8cba5eaf7d4a400099563232fceb850761,2024-12-19T16:50:58.733000 CVE-2018-9389,0,0,8ce596ebe272b83eca4eb46bb45501d740d17dd59faac4e137bce47b3c7d268a,2025-01-18T00:15:24.600000 CVE-2018-9390,0,0,03e5cf7608f8573a4867237edfa1da4ca8706d51cc54b5a571dacd98cdeb3ef7,2024-12-19T16:49:41.540000 @@ -126968,11 +126968,11 @@ CVE-2018-9397,0,0,26269f1c9fcc6b1d423d4440d9c2507f2aec7b61ce25f05ba7d0c57d67ba53 CVE-2018-9398,0,0,95e014471e6e71c69269bc94d8c70fce198b8668e93169584f00b3fa6b85d104,2024-12-19T17:11:55.793000 CVE-2018-9399,0,0,b2462d7baa7c4eeaef223d1287aa13f98492fcc0bc383cbf07e373c2cee34191,2024-12-19T17:08:15.067000 CVE-2018-9400,0,0,29523d45cdafd598836ce2a4b8720a53971a0774008378f1306ff9abe0bb5da3,2024-12-19T16:44:18.670000 -CVE-2018-9401,0,0,717ac013a4f79c232429c4d3e5877dd99faede3ecf739c3182b4abbbf0cc6407,2025-01-18T00:15:24.707000 +CVE-2018-9401,0,1,1ebea4a064f48af1de71f59b8485b9bbadd9270c461d30ee4d0180ce961fff01,2025-01-21T16:15:11.637000 CVE-2018-9402,0,0,8933a07544770cbdeacc339ffc963de192038d17676646257ca5874f8577ee44,2024-12-19T16:43:32.003000 CVE-2018-9403,0,0,d70838cbd1983720a8279a18efc914175faad26ff03523c1b9852a2402b5213c,2024-12-19T16:42:42.670000 CVE-2018-9404,0,0,43b16c4bd87fb57a678a75dfbb7264465ddd0a590164be8070509e928e887180,2024-12-19T16:39:46.807000 -CVE-2018-9405,0,0,e39bccd90417e8cd02e03d9c12f1d1453af84f0f2381da229a518d5141c6ac55,2025-01-18T00:15:24.807000 +CVE-2018-9405,0,1,9a4d91f36528fe73feae5aa1350d5208872d039e37d3538915eb016d019a21d5,2025-01-21T16:15:11.810000 CVE-2018-9406,0,0,a0287377ed570a354cc0e2e63c613d4d9b29b56c52756b895fce950787a40ac9,2025-01-18T00:15:24.910000 CVE-2018-9407,0,0,b3ad459a642ed888363fadb16ef4b7071f82577e9745e7d759ce546d52d3b832,2024-12-19T16:38:07.783000 CVE-2018-9408,0,0,d789fa912b087296f24deff1e2d30bd08f527fbce9788bd053320debca25ac99,2024-12-19T16:35:23.567000 @@ -127025,10 +127025,10 @@ CVE-2018-9456,0,0,1c78841b075bba5ba910247965bba0f6a8dc8a0b6c3b5076669b36b79f98bf CVE-2018-9457,0,0,e8a26c1972ecd6c85221150cea18ffdf38c6d3c4d9a4baa5448246cb021ab215,2024-11-21T04:15:30.743000 CVE-2018-9458,0,0,c7100da419412c0b9f77fb95c41b288cf97bb377a2e2af8a9bc1bff7997eb383,2024-11-21T04:15:30.877000 CVE-2018-9459,0,0,0c686c1b3705c9efe57e36ad035d7d33550c8fd1fcc57cd9d5855aab2376a3aa,2024-11-21T04:15:30.990000 -CVE-2018-9461,0,0,f703c065b76bdfda81d108b4374a990f146a46e9a982cdfc426c0172e958bf29,2025-01-18T00:15:25.043000 +CVE-2018-9461,0,1,0b1895899b4b3eb5b730b86932e3b88aeeba891fc6e037e0050050520e3041f8,2025-01-21T16:15:11.970000 CVE-2018-9462,0,0,39faca4eb976d0192e81611d25151cf64bcb25f02cb123eb3db2336fd5969704,2024-12-19T17:05:52.180000 CVE-2018-9463,0,0,3e4f81bd8eae8c3f407afc4211cb341bc106a9bd2bc79075e64783fd4c9cf520,2024-12-19T17:01:04.227000 -CVE-2018-9464,0,0,b892c937c86fb120ff5c0e9bc947b8a777300df4fe47f24c81bcccd159a0a32f,2025-01-18T00:15:25.163000 +CVE-2018-9464,0,1,7371d318e9c752a4ccad591fa1c7b45c1c50c5416ba7718dc294a67e72c86585,2025-01-21T16:15:12.133000 CVE-2018-9465,0,0,cb2efd2b80efc3b600077998298a31fa09fe425af40f55a1a9b3acceb259a706,2024-11-21T04:15:31.130000 CVE-2018-9466,0,0,a6ce5776a6a0bc572eb2fe9b93668c302dbc661dc68279f63c0e20dc3a242886,2024-11-22T21:29:09.617000 CVE-2018-9467,0,0,fc2dc1d34992c43bebd9ec5fb99a903623aaf110c20cb7b73e1288eb66ff9671,2024-11-22T21:27:26.783000 @@ -217816,7 +217816,7 @@ CVE-2023-23294,0,0,21fe3fee15b8f92e4528fee626dd69f983b016c6ca9970d15292c9ba81157 CVE-2023-23295,0,0,1e69ef5c4d19a6bf1ea455030bf2fa4a35e6c93cf052ded69e577f0076b1a159,2024-11-21T07:45:56.607000 CVE-2023-23296,0,0,285b6587134473d0927a5da6ad6f2af25073c23caf165d57b3e4dec46b902863,2024-11-21T07:45:56.860000 CVE-2023-23298,0,0,a178efea9472773b8bd440230ec8e9591919bef337f129fe509dff0455acc8ed,2024-11-21T07:45:57.690000 -CVE-2023-23299,0,0,a10c2853eacf9a78372a237ece0d1ce45f288e48d2518a2c181b4e354faa05b1,2024-11-21T07:45:57.840000 +CVE-2023-23299,0,1,d1a874d46972566276ee0aa266d9998bd1e9a3d8542b4f9780f9c6bb1e2ddd50,2025-01-21T15:15:10.590000 CVE-2023-2330,0,0,91dac5a30193f504dede58d895d411a436a1627631a063ec3a98a20e0fa76973,2024-11-21T07:58:24.040000 CVE-2023-23300,0,0,ab9a8d5aa584b4143bf9047b1196fe0483a882346be932afaf3a1e2465d28caf,2024-11-21T07:45:57.983000 CVE-2023-23301,0,0,8143a28fe9f3a3357ce5c71ba22f54c3ab49828321a09d10c89c2fae1e227b3f,2024-11-21T07:45:58.113000 @@ -243077,7 +243077,7 @@ CVE-2024-0791,0,0,c7daf57c81003d1623a1cdc030e906bc63c4d9e999bea45556a9ddce550a5b CVE-2024-0792,0,0,5100291c23d13e8d087da03dd004872a471999150c8f544a4585283fcb1be43b,2024-11-21T08:47:22.940000 CVE-2024-0793,0,0,ce235ac83142af1cdfa6c4408664e6f09ddfc183684d5936a2a5d8110b209ab7,2024-11-18T17:11:17.393000 CVE-2024-0794,0,0,18f798efc59f934bba3cf36f2d7f72c5a3048eda2b00aded39f663641c84ce77,2024-11-21T08:47:23.237000 -CVE-2024-0795,0,0,5e32407b34a6091cba38ed337a55819d4f95e5292c11aaa3f116f93ebd84eeb1,2024-11-21T08:47:23.423000 +CVE-2024-0795,0,1,302be25990a4b50df56d03c5f622452d4de374b3d6aa16e00526f305cc17a11d,2025-01-21T15:06:36.627000 CVE-2024-0796,0,0,fb5b6fcdae6c1288ed0d974c241f7ca22235c3905b71d838ba31adfa087aefa5,2024-11-21T08:47:23.550000 CVE-2024-0797,0,0,21f2183bcf8e361dbe507a69353302d2e961ba174109bad4b51254b867fcaf52,2024-11-21T08:47:23.677000 CVE-2024-0798,0,0,73a170b0cb1088cd0c9a51533a66eb37de679e26fbc3e0496cbfd2cf43ed7f3f,2024-11-21T08:47:23.800000 @@ -244298,7 +244298,7 @@ CVE-2024-11220,0,0,5638e4c56cecb636c7b9e9af730cca60f5085a7f9cf6e6a192a2c97c73aba CVE-2024-11223,0,0,d75d95a61775726397d8c97460b74fd5ed2ab0335df998c9281fea9bc6ff2b7b,2024-12-30T18:15:08.090000 CVE-2024-11224,0,0,2cdc35f700571377d770dfe6d7a5c097f3055ab07c10acabf750a1174f4e07dd,2024-11-19T21:57:32.967000 CVE-2024-11225,0,0,49e01dccad3ee4a4adc9a23405324c84c815ee3ae2fa63f77a3607812451f386,2024-11-22T06:15:19.283000 -CVE-2024-11226,1,1,afa1db73b8c2b090bf173ef7f76fb5cfcf845d8150d5606085134788e0c8b187,2025-01-21T11:15:08.063000 +CVE-2024-11226,0,0,afa1db73b8c2b090bf173ef7f76fb5cfcf845d8150d5606085134788e0c8b187,2025-01-21T11:15:08.063000 CVE-2024-11227,0,0,4429f46befcca636641488313efda0ce9e85d610d1a8222594e7b609e2557ec7,2024-11-23T10:15:04.083000 CVE-2024-11228,0,0,ea3ea506f494760971365e8cc08e4c50cc9e1b3e56f38ea31b32e4e82646f717,2024-11-23T12:15:18.577000 CVE-2024-11229,0,0,f216e4e055884628872bc9827bd59bcb71e0c27eff667134ca7f40729f0e7955,2024-11-23T12:15:18.983000 @@ -244723,7 +244723,7 @@ CVE-2024-11686,0,0,396188aaf0b830451d3485fe79803d21d1114c49c3e6a130b6504b9b20663 CVE-2024-11687,0,0,5e77fbcd46b583a4f084d8bcc3492702fbc8999eee40cfff605d5263f17d5ba6,2024-12-06T09:15:07.303000 CVE-2024-11688,0,0,8d8a43b07b745617ea451bc11d9802776a561f6818ffe3d6e83d98ef6a879a1d,2024-12-21T10:15:06.733000 CVE-2024-11689,0,0,083793777007e12786b393e59e70bbd36f5df589b4b26e2949eb5844a08ab45f,2024-12-12T04:15:06.657000 -CVE-2024-1169,0,0,3793fb764b595a7113efae9156138753527ea6390fffb3f1eb740b6191074b77,2024-11-21T08:49:57.153000 +CVE-2024-1169,0,1,d0e835c06bb4865716246ae011c1a97825e74d4108a8baf2dfaf39013a222917,2025-01-21T16:59:48.077000 CVE-2024-11690,0,0,36f949c7291ee937d7c462de6404610bf5fd12a14d132776feceaec4091ad912,2025-01-07T05:15:13.677000 CVE-2024-11691,0,0,36fe8b3d1feccd057ef27ddd17979a52004da0a9606d16fdfdb44bd6d5656bc4,2025-01-06T18:15:18.373000 CVE-2024-11692,0,0,9269d1047de5ccf3bbe848f7300e55c4147a58cfd139cb6b7f723bc7b81e3d4c,2024-11-27T16:15:12.530000 @@ -244734,7 +244734,7 @@ CVE-2024-11696,0,0,6fcfecbe72d27221f13c4de456321c16ca5bff79e421c45b458ad11293158 CVE-2024-11697,0,0,031d7df0dfb1ff2b19cbd36a900d70b7e44f6b02ba77063a3d6968aa272edc04,2024-11-27T16:15:12.927000 CVE-2024-11698,0,0,177bfd9d19615200c8e5399dceeed9e4f2df493f7a5fb371c3b3bff8ef5f7d90,2024-11-27T16:15:13.130000 CVE-2024-11699,0,0,2255ca84fcfd2424cade9ded6acbfc13cc6912c47cc2835dfbfa673a8ddf4164,2024-11-27T15:15:24.600000 -CVE-2024-1170,0,0,848fb967cc3d7d0fb29f31a95e3ab6a287f2d6654ea81e550f9f0e4c297f04d2,2024-11-21T08:49:57.283000 +CVE-2024-1170,0,1,23da02961ee2e8cf225b35104ccb43e539fbf93446d052ae9645caf24d980dd5,2025-01-21T16:58:56.397000 CVE-2024-11700,0,0,bc2be5af2b84b6516d161a848a53862ea2fabd715864fcabb126a0f4a490319e,2024-12-02T15:15:10.557000 CVE-2024-11701,0,0,c825848705d456c74824a186f3a702976bbd1db3104a2cd1c202a595c80d93b4,2024-11-27T16:15:13.470000 CVE-2024-11702,0,0,e280c66930279c933ba67473303c53b6d6772276abccd746d35e492c09179838,2024-11-27T16:15:13.660000 @@ -245910,7 +245910,7 @@ CVE-2024-13213,0,0,3077bf102e80b6ad26d9de82b06cecbfeedc1b0a01c454e5ec2b3b19555a5 CVE-2024-13215,0,0,957a3cc32f27352db121dacda6bb51f9c346e02354a0696938a701fe4f0483cd,2025-01-15T13:15:09.263000 CVE-2024-1322,0,0,a87df03aa9d8a817a942ae8ebad8afc3111ac175155d7ee73a384181ec986bff,2024-11-21T08:50:19.883000 CVE-2024-1323,0,0,4b7fa94b4154618460e40e6b98637f7cb2a430b6e413bf16925f79721ae6c94f,2025-01-16T19:29:54.047000 -CVE-2024-13230,1,1,7558577363ef1493b174eeaccdeb94d8f8f1a05be6ba8cbadd5f15aa826f5566,2025-01-21T11:15:09.267000 +CVE-2024-13230,0,0,7558577363ef1493b174eeaccdeb94d8f8f1a05be6ba8cbadd5f15aa826f5566,2025-01-21T11:15:09.267000 CVE-2024-13237,0,0,757f6068109954aeb708ce365b1ff5e5adf5204baad7d55d37a565a85d7816ad,2025-01-09T21:15:24.977000 CVE-2024-13238,0,0,e97946c1ed27832515b261c210f4ad897caef0bf1252b79ed355ec42751c24a5,2025-01-09T21:15:25.130000 CVE-2024-13239,0,0,91e163b85b63de6da134a1efa6398bca19ed0ada57bcebfc51e085d959e0fa81,2025-01-10T18:15:19.477000 @@ -246033,7 +246033,7 @@ CVE-2024-13432,0,0,7d75f67ac18cf32d5dc44570eb7cf156c877d943529d3637d5b0bb399b86a CVE-2024-13433,0,0,b744d44080e2e33c41984f231e71d8cc1252181c511f568444c5c86671c3eb05,2025-01-18T07:15:09.160000 CVE-2024-13434,0,0,292fbae0324c9bc0e0a4304860c64d8e4dabea0f0444b12419bd12eebd083320,2025-01-17T05:15:09.290000 CVE-2024-1344,0,0,3c7e3680ada5d2af6c947ff7713f6316fa39154980892782020553f5d0042cd7,2024-11-21T08:50:22.543000 -CVE-2024-13444,1,1,2a82e7dc36beac803abf8c10509e1ae610559c76a3585d9c1850f27a1808797c,2025-01-21T11:15:09.450000 +CVE-2024-13444,0,0,2a82e7dc36beac803abf8c10509e1ae610559c76a3585d9c1850f27a1808797c,2025-01-21T11:15:09.450000 CVE-2024-1345,0,0,7c212e7b361746cfecf33f6e4ed924489ff6a3a938083dd73fe4da2b7b4649da,2024-11-21T08:50:22.667000 CVE-2024-13454,0,0,e2d1844240dd5346b5a068b3df01d133d984159430edb62f356ca4bcac0bf3e6,2025-01-20T21:15:21.453000 CVE-2024-1346,0,0,67674c75c08ebc67974102102d05a3921f8c61d1fe386fe7de33f2c37b3bc24d,2024-11-21T08:50:22.793000 @@ -246392,7 +246392,7 @@ CVE-2024-1716,0,0,9071d172382b58d2d56e01c889ae6e33397cfcf61eae965493f6ee5942820f CVE-2024-1717,0,0,c3adb19f25e9ee450a585b7bb91ab43887106c17932e8cf3f974c96db2950633,2024-11-21T08:51:09.260000 CVE-2024-1718,0,0,70746d52697ce738d10ef4d93f461374c829b5e4c0cdb84c66e02ad290238127,2024-11-21T08:51:09.383000 CVE-2024-1719,0,0,73bf9f1a16f7575e2471aa27820d10e8604b848eb3d389879ede5bf7e1298e40,2024-11-21T08:51:09.497000 -CVE-2024-1720,0,0,fa8ba8d5ed8e9661edbdb1c161dfe43c80b103ac9b90d55977e2e4a7e37b0658,2024-11-21T08:51:09.613000 +CVE-2024-1720,0,1,ffaa3e4706968a22cde548a2c01de699ce397eccc11d936af06b490c297ae578,2025-01-21T16:55:34.067000 CVE-2024-1721,0,0,5992d34ee3d1107fd80c63bbec0b1ac913a676e5242bf5be6bf42da226e0e2b8,2024-11-21T08:51:09.737000 CVE-2024-1722,0,0,62639d7c28f7763733142b00483f0341a98aa36ed70562990c6b1c5ac542c742,2024-11-21T08:51:09.870000 CVE-2024-1723,0,0,11d3a45a60abd75514c9d5b662d454bbccfffc4644e8e6300f550c3165594abc,2024-11-21T08:51:09.993000 @@ -246431,7 +246431,7 @@ CVE-2024-1756,0,0,a55105396c0a5cfd03125dbd5666bd370a097913a79fb44905b745cf43bd33 CVE-2024-1758,0,0,313830f6e19da3cc97c553441ff7c3a8cfd29a19025908c7843ff9adbf04db2d,2024-11-21T08:51:14.920000 CVE-2024-1759,0,0,614d1507146f28d12a0973d6adebe08ab063cf89cb20e4d985e3b2bf348ea399,2024-11-21T08:51:15.043000 CVE-2024-1760,0,0,57b4d1e1cac8d2ede1adc8be04932790a30f8211ed8d80524500e2452561d651,2024-11-21T08:51:15.167000 -CVE-2024-1761,0,0,bb10a5bbe0fa213e7088d1347a631cc377e14eac5d87fc6db26619d02193b954,2024-11-21T08:51:15.300000 +CVE-2024-1761,0,1,696b99dd7b537aa0c1eec44716a7fae7b7ea27081267dea188c31272ed5a2bff,2025-01-21T16:53:47.587000 CVE-2024-1762,0,0,3be22d9a9c6b76a2491e99335b6950ddb3cfa7de8323a0bacf5e471294a0e4a9,2024-11-21T08:51:15.427000 CVE-2024-1763,0,0,0873c590a96444d43b11806402d682be1946102f5b2ded8fa8fc5912f1ad2df6,2024-11-21T08:51:15.553000 CVE-2024-1764,0,0,9af00bc3a2cdec19cf0cc3ce6677a0f4b515b26edef4b60b7c6a5e9330153847,2024-12-04T16:15:24.527000 @@ -246825,8 +246825,8 @@ CVE-2024-2017,0,0,236856e0dda8caa97c3fd2d0292540757fbfb28961569fc651286f391f5350 CVE-2024-2018,0,0,6e829569b26c1c6d9562c5c1edf6c63df592bace683bac56acb5cd3f3ac34712,2024-11-21T09:08:49.413000 CVE-2024-2019,0,0,838bd4485ad5c858f99416908e61782fd439f4782ddb8c158812011fa93ac13a,2024-11-21T09:08:49.540000 CVE-2024-2020,0,0,03c4659935ca94706cf163b7f719d08734fa762e37b2723ba48cb2097c9fa8a5,2024-11-21T09:08:49.667000 -CVE-2024-2021,0,0,f010408aa31667e28f3278659ebe4ea2a0a080c954b87f89068ea4bc561bbaa0,2024-11-21T09:08:49.797000 -CVE-2024-2022,0,0,5ec5b9ac5a06878073b24d02184411419fc427dd05ab30131017bb68ff99a255,2024-11-21T09:08:50 +CVE-2024-2021,0,1,7ae26cd1123e8d499b9a5184d6d2b0677840f3b5d1bed749a8d9e25393e7a20c,2025-01-21T15:01:00.477000 +CVE-2024-2022,0,1,0dc2752b097d5cd1dd4883d63d3316b17f7c227f69335690399aeec0de63b4e7,2025-01-21T15:06:02.787000 CVE-2024-2023,0,0,af1bf29d0113799e098d2cfbf157a0bda24c0e5910a3b834edb94dde9be5adc1,2024-11-21T09:08:50.197000 CVE-2024-2024,0,0,a1997ce935dd2b9a070dcf5fc5501bcdbb4db0c1a6915c1fae085c47b5c17ba9,2024-11-21T09:08:51.093000 CVE-2024-2025,0,0,4527d6fe9f7317c9197027fa43877931eca8ed461c4640f9a80ab02c51e6dbbc,2024-11-21T09:08:51.250000 @@ -249044,7 +249044,7 @@ CVE-2024-22873,0,0,78a7877b1a09ddd2537ed7cf255cc6a3a855d40547eb3276022d060327f8d CVE-2024-22876,0,0,7b64300d77b839c22e56dafc52a8b282c24d807d3e1138deb97774c53ad9e682,2024-11-21T08:56:44.390000 CVE-2024-22877,0,0,869857cd8b9a44e1d528c28503ad46b7c531212f5054c9f21fd2618927c6b492,2024-11-21T08:56:44.530000 CVE-2024-2288,0,0,f6ed54bcc2b3e715f6f7f1bc8122a65aceb675402a6406a77355fa6ec0523110,2024-11-21T09:09:26.250000 -CVE-2024-22889,0,0,311e65991a7264cf92cbf8610693ae5e63b29b4c8e5720e449b129e6c671d89a,2024-11-21T08:56:44.683000 +CVE-2024-22889,0,1,bc789a72f7d1e24bd814b0b6d2146517cc600e2afe43b498499dda222266b149,2025-01-21T16:53:16.990000 CVE-2024-2289,0,0,fa3cf20235b195efdfe45765df1f6345ad63b8d84431c05379709c498d20d6d7,2024-11-21T09:09:26.393000 CVE-2024-22891,0,0,02e131b40d02e30836912251adc1ff415ae3aca9fca1513bfc674a89af8ec37f,2024-11-21T08:56:44.910000 CVE-2024-22892,0,0,990d8f4909c370b6d0d69c8d34e2016866ab32283005a7474e4b7542c3034992,2024-10-01T19:10:13.467000 @@ -250000,7 +250000,7 @@ CVE-2024-24093,0,0,d01cfd200da021b3379ec9bea10950f044fa309e1e43c1c0570f4c10f2933 CVE-2024-24095,0,0,bcbbfb2f8b45c42623b1b88bc5c9a5b6c9ff6d2b0f2f0be85fd281aea27ca850,2024-11-21T08:58:54.267000 CVE-2024-24096,0,0,71694b1fd291a79317d4582ff5cf8e4b2a3d9771e0a95aafc09460732ce3267a,2024-11-21T08:58:54.470000 CVE-2024-24097,0,0,401527f02a7343f3bdbcf297a1060f82ed7e18ba10784960e883fda54d9ff3e2,2024-11-21T08:58:54.670000 -CVE-2024-24098,0,0,26661b271b088520db0dad6b3dbc22394de135426ba42d4868b1b8c0e26d1a7d,2024-11-21T08:58:54.873000 +CVE-2024-24098,0,1,8e13363e4e09e1493a5d55427f95804d39c8799860c1a5cf7a571b32d79dd472,2025-01-21T15:07:45.900000 CVE-2024-24099,0,0,4b668ecaad05d276a2b0054855eb68c0aef970c2685ad8df476e53deb1482b76,2024-11-21T08:58:55.073000 CVE-2024-2410,0,0,3be5ca8a66a5bd9557281be3e70bc0a40d70cbb2d20f1abc90621dbc68baf023,2024-11-21T09:09:41.717000 CVE-2024-24100,0,0,05dc63327c0c57ce6ab042ce950205521d3695836e7001d3858a8b7fbb0a65c4,2024-11-21T08:58:55.273000 @@ -251124,7 +251124,7 @@ CVE-2024-25858,0,0,a77c4e8bd8b75d30f14ed1903eaa31883fb836c272ec5e4d5c204f2a26cdf CVE-2024-25859,0,0,34b3066024d487e69b7e4402052d02a767e3807f28bf8d04e6b68bff8e2c3131,2024-11-21T09:01:27.973000 CVE-2024-2586,0,0,517bba0b02d6a5f2d5035c9d7b1f552ea85557b35786444819e5125b6cb911c1,2024-11-21T09:10:04.220000 CVE-2024-25864,0,0,b2af6591b1b1a6a5e3db12699a98829bbd31e7d47d61ce5e5d10cf491516d67c,2024-11-21T09:01:28.197000 -CVE-2024-25865,0,0,6beefe1e30022fbb9b79ba73d17d8b3910dadb71644f844d26cdb1d53619dd67,2024-11-21T09:01:28.413000 +CVE-2024-25865,0,1,fb8b9022037f41dea0736e6440808f813bc3f7c4d97efa80bd4633ae556ce670,2025-01-21T15:06:54.557000 CVE-2024-25866,0,0,cddbbd2f3013eb33e91e4d0d1121bc9557a1a9dcbf91365570d4368c1e595cd0,2024-11-21T09:01:28.557000 CVE-2024-25867,0,0,7190dee4840a49c0d81ca168a8cd706377a28f7064001113cf3217761a5e1f98,2024-11-21T09:01:28.777000 CVE-2024-25868,0,0,cdc6b4e4ce936f80eebf0b0a159f6e0b763778bd4194f25caa815e810b4d0c36,2024-11-21T09:01:29 @@ -252622,10 +252622,10 @@ CVE-2024-2754,0,0,cc2292d8077675ecc2c9299c0518bb6cf96aa883088f48a6efb0e8cfe18058 CVE-2024-27558,0,0,29db5a13608bb797a92629c9ce33c296f606c134c5e4938eb8a0ccaf5895c0db,2024-11-21T09:04:44.013000 CVE-2024-27559,0,0,71c1073ce70c0a5981360edceff2e9e6fee7537870ee9d7f5743c89a522a485f,2024-11-21T09:04:44.220000 CVE-2024-2756,0,0,6a4715933f0379818dcfe89578ab5b3b3028c02c08c0bf7da56bf72ecd4b70f8,2024-11-21T09:10:26.650000 -CVE-2024-27561,0,0,08c4eb78824d34bfff565c919a73f836cdfc536b89c466fb695c789cf7b735a4,2024-11-21T09:04:44.453000 -CVE-2024-27563,0,0,7f18601a2d5e6f9664c649a08f37fc99ca82fb8e40f493706c5b4bbd3781fb68,2024-11-21T09:04:44.700000 -CVE-2024-27564,0,0,8ccefe4a3305ad8c01d40cf596fc56777d83212262d825f682a62a1043de0f51,2024-11-21T09:04:44.910000 -CVE-2024-27565,0,0,9fe63d9db7d04b8ea6a9af93bed3a201844748c67b8e1cbed5a88e46ab647280,2024-11-21T09:04:45.113000 +CVE-2024-27561,0,1,fc16f92d17651bc7c1c4e9050d562b06f5135d4a3f335b425cd240bae1399bcf,2025-01-21T15:08:34.140000 +CVE-2024-27563,0,1,5533c243cccd53d02317f51d488d5c114a766a4a03a83659e29f733a18ae8237,2025-01-21T15:08:45.213000 +CVE-2024-27564,0,1,516746f2dee5507005676b34191e47334babc985ec6e95ee5b7b465bed116601,2025-01-21T15:10:48.757000 +CVE-2024-27565,0,1,a3b38ad3cbec062b28bbaa8b020ffb17a64d4ab23e3a1af71e103df51fce5c55,2025-01-21T15:11:29.370000 CVE-2024-27567,0,0,1cabb61feb31ce9256b51a36fe51ecd8a3fe0d13c184bf0c394563554cdc6fb6,2024-11-21T09:04:45.313000 CVE-2024-27568,0,0,f60461d2234dac0a41c0e3ac1d3945e36e4cc38ca6bc0749c4b7d5949db225b3,2024-11-21T09:04:45.523000 CVE-2024-27569,0,0,4cedce0d2d8555105b481b4a2b248a6ef9a0fbb7e692408cafbcc2b19a493a18,2024-11-21T09:04:45.727000 @@ -252722,7 +252722,7 @@ CVE-2024-27757,0,0,da813ae164b43a62f4abf9ccd54f7d6818fa328eab81f6c5f191e6a935f22 CVE-2024-27758,0,0,0de54cc7d1bb775e1a420d07eaf51d2b86419d1e732ab9300e9b648b00610ff2,2024-11-21T09:05:00.297000 CVE-2024-2776,0,0,84768c38157959837e7592c7173aff81748d42f11110d7f5df66d0375fef94fe,2024-11-21T09:10:29.563000 CVE-2024-27764,0,0,700674ef1e63cd4d461b799fdf66485ffba920a0de1065fd5e34f8b77b377405,2024-11-21T09:05:00.513000 -CVE-2024-27765,0,0,885a1083acc2f549d1f91362ec7829226a7b9c6f427312a36cd82ec354b007d8,2024-11-21T09:05:00.727000 +CVE-2024-27765,0,1,04aaaded443f604ce4ee49a08aa743343ef15860fdace32095dfbefb0b186792,2025-01-21T16:52:29.603000 CVE-2024-27766,0,0,4d93d17ae285c958f465adc24a7cf5f24274982fb56935552c3f47d118ead87c,2024-10-21T00:15:12.173000 CVE-2024-27767,0,0,14866d957c386aabce0c76ee6e3b53eef5ac1c018fac7f223d3f28882adacaec,2024-11-21T09:05:01.170000 CVE-2024-27768,0,0,6b3e88d7427d022cff68fc576d37b15c85fa018650acab8c69862312ea4ad0a0,2024-11-21T09:05:01.313000 @@ -252864,7 +252864,7 @@ CVE-2024-2791,0,0,5f54c91d68982bb7d655fb5304138765758d7b7011c3949a47a041eea0ec28 CVE-2024-27910,0,0,52110fcf713ce50faa77f0c1619a760331146fd3de5cf9c77fdbc6eecf746dc5,2024-11-21T09:05:24.133000 CVE-2024-27911,0,0,163d4032cccefd06169212e4b4f3531d5c43c99d1d0f8350d0f1bdd5571d171c,2024-11-21T09:05:24.283000 CVE-2024-27912,0,0,17a916159656f5b71e76460ab9dd8159bb40a0e837babb274b88d74bea610fa1,2024-11-21T09:05:24.420000 -CVE-2024-27913,0,0,79609b73829d0e3a51abfdab110ae0c2179d3260bb658ab73948feb51075cd8c,2024-11-21T09:05:24.547000 +CVE-2024-27913,0,1,ccfd6f84218edda3a8206e28f26ccab11bb485c54664417c699104454307beda,2025-01-21T14:55:08.587000 CVE-2024-27914,0,0,5e5ddccbbb74882dbffdd5d78490fdd3d3796c1de57e829c23a8c79b22b255e1,2025-01-02T15:30:15.373000 CVE-2024-27915,0,0,30fc89ed2d0e90a6aa678686ee66f14cc7586bdc17f811032d4a74d25d20d03e,2025-01-08T18:37:37.653000 CVE-2024-27916,0,0,b572f3243ffe86527b7ad8e11be508172ba6d1e3dd7a87cc545fdc48dc633024,2024-11-21T09:05:24.950000 @@ -252878,7 +252878,7 @@ CVE-2024-27922,0,0,d2a4f4646149c83b52c024e6f8f646d184549b341a5ef0916ae728a38a105 CVE-2024-27923,0,0,f66988b430b7f01835f17b10b666ac1e0b710ac0ade2d98b0a14eb0f27a73ee6,2025-01-02T23:02:44.890000 CVE-2024-27926,0,0,a5cc0212ccfedfa08adb595fc3e705725d544592dda1a9e4b89c76a146271a25,2024-11-21T09:05:26.097000 CVE-2024-27927,0,0,a452b1cf7dafd2bef249a2f01cb521b04ba244564b2fb3675d7c7bbdabb96c76,2024-11-21T09:05:26.230000 -CVE-2024-27929,0,0,461481850ecf9aa7d6c7e7ec131307376fec8c80acf080fb7dac6ec9b2df1e52,2024-11-21T09:05:26.350000 +CVE-2024-27929,0,1,9dba4db961eb07923711becf13b1e4be302ceb02da5469a6968ecd7bc8313d3c,2025-01-21T15:14:31.287000 CVE-2024-2793,0,0,9b327cc1fdacc7cc5f850fea327aaf45963768df531540f1159edf3a404743c0,2024-11-21T09:10:31.853000 CVE-2024-27930,0,0,92ce1fe6287cad56709fa2b1d8ae7680dfbad1747c194ce71052a96abfbad241,2025-01-02T16:19:42.813000 CVE-2024-27931,0,0,1cc72fa5d2887e8e3601ddbbdde0113c5c077ca8c57d34274859284fc3cc72d1,2025-01-03T19:29:35.223000 @@ -253994,7 +253994,7 @@ CVE-2024-29646,0,0,eb8af73bea0df40f2bca567fbb3142009d4b42ca68ce28f98a67d8f285123 CVE-2024-2965,0,0,0e37bbfa530a61c2d82fef1ca2e0856588e0f7ecf3b5b3a3905f885de3031030,2024-11-21T09:10:56.847000 CVE-2024-29650,0,0,32d15580191c7e4ba16d03aee0bb830b6bb78e29fa21f75133466fdca3213232,2024-11-21T09:08:08.197000 CVE-2024-29651,0,0,31d91be0f564d07d6c8f19a393b333b330f5d72e83fb5a5cda786276b03b3635,2024-11-21T09:08:08.420000 -CVE-2024-2966,0,0,8c4c37d828d5a3eaecc6d2cd18e1cae3f1ed07a99cc04f0245637faa200e2bcb,2024-11-21T09:10:57 +CVE-2024-2966,0,1,7289b5d983aae5bcf4d401ffe5858570219af3c37c3e885f96610689673d80c2,2025-01-21T15:21:38.397000 CVE-2024-29660,0,0,ec84c1d59c35f5c710b39a5306b858dcb5322675f12548bfa7a6d01325818b22,2024-11-21T09:08:08.663000 CVE-2024-29661,0,0,33eeb097530dd938963a006813b514ee2f217b4805f64bf726e22f92b9d6f86a,2024-11-21T09:08:08.887000 CVE-2024-29666,0,0,4816994d3696247c03b8328a9343bd38453cca8e45ebbf1e319026a45443ab8c,2024-11-21T09:08:09.110000 @@ -255837,13 +255837,13 @@ CVE-2024-31978,0,0,00e1ff7fa59abdd561a07d5509c0e6d15512000f18511411e0ca8f10df181 CVE-2024-31979,0,0,5a2db70ea0c880e7739f7ec401184435c024484eab9cf5ba7bd3fc3c38bef23c,2024-11-21T09:14:16.167000 CVE-2024-3198,0,0,5a36ff4378c726d4e49073d9c740478334184c1289212117b3659c67070d3095,2024-11-21T09:29:07.950000 CVE-2024-31980,0,0,d0d4049c48afccf07afb61cd89ca21424c5770ee08926cbe3bd84570eccf25a9,2024-11-21T09:14:16.363000 -CVE-2024-31981,0,0,a6ae04ed6979783b9f6bb6aa6797aa47ba0dbd69cd147a00ae08d0502bffe86c,2024-11-21T09:14:16.483000 -CVE-2024-31982,0,0,56c0d40fd49b26ebec8522b15307a62340b7c0cb3da6c94324328b776e2b88f2,2024-11-21T09:14:16.600000 -CVE-2024-31983,0,0,a7248343ae3385492f3afae7327384e1b8b6afe42722bf7d1b0375beab7b4087,2024-11-21T09:14:16.737000 -CVE-2024-31984,0,0,e5c83157aac2d1da43c1fd40faf8441cdb1ff523564e41f49d4054bb0757e308,2024-11-21T09:14:16.870000 +CVE-2024-31981,0,1,525aa42b48760e4dc3f50f41e9ca36e84b2fefe26eb317e7ef7914e1c0a04882,2025-01-21T16:26:42.277000 +CVE-2024-31982,0,1,f51759bd3b8616d9ff8a4212e892dac93f43d5e47d94991795a95bc90740ad04,2025-01-21T16:25:17.337000 +CVE-2024-31983,0,1,667a913b29f0007e27b095f4bb9909f2ad3100f3fc9c9556a9660e3c5a845574,2025-01-21T16:22:36.987000 +CVE-2024-31984,0,1,5dd9049085f0798dc2b889e21e5826896004d0254d5740a53609f76281116271,2025-01-21T16:20:37.297000 CVE-2024-31985,0,0,8b597daf49963cd356a85fd42e5c6ab425eeedc4823ea342fc391379c03b5951,2024-11-21T09:14:17.007000 -CVE-2024-31986,0,0,b5cedc45e879ef6685f89351e24eab1c892f41db1b4998dbcb052f3033425451,2024-11-21T09:14:17.133000 -CVE-2024-31987,0,0,9b0f8dde623b28428ea272e5cf88697a7093bc6e90820dc2079387179a984250,2024-11-21T09:14:17.267000 +CVE-2024-31986,0,1,bd539430f0490d9f383e9234022ffdbbd422d2006a6b79afc58b526fc1a0e70e,2025-01-21T15:43:52.013000 +CVE-2024-31987,0,1,97b7c862777abd5a0ad590084fa0bdebc52efc75d29dd2e1c9afab6e9ae74dae,2025-01-21T15:35:42.450000 CVE-2024-31988,0,0,e1f6fe0e57c15ec80e26442fc27a73e4d01b1cd5c9eee218db1d87a564cae068,2025-01-09T18:54:53.390000 CVE-2024-31989,0,0,36cdf7afb424d91302a92c3464338da9f6357aa9b905adc4be0eba8e4665664b,2025-01-09T16:56:47.220000 CVE-2024-3199,0,0,d82ddcd0be185a83e8424e96baf747cb4d2f3cafd8fec32114b3488db07adb4b,2024-11-21T09:29:08.080000 @@ -256235,6 +256235,7 @@ CVE-2024-32551,0,0,9eb6adff658e0ed3ba8b9cca3b2ad72de54c01f3762eceb3bf237d764edf9 CVE-2024-32552,0,0,f03a9324b01272ea2f2bc41ba043bfcb0473c21185ed38949036a53bc161cd00,2024-11-21T09:15:09.870000 CVE-2024-32553,0,0,75731ebafc6623d1310a34a2800e9f80a87ac1b537ecad73da9626a152179623,2024-11-21T09:15:09.990000 CVE-2024-32554,0,0,d93f4dc49dd5e1eecd69949134cc6162762a6c2eb4110f961a584b3b2139291d,2024-11-21T09:15:10.120000 +CVE-2024-32555,1,1,ddbb22701322fea84a8bcae84be90c7861354d61a012c3cb6ed85f1a8836565b,2025-01-21T14:15:07.027000 CVE-2024-32556,0,0,833c498991a81001e8dedc535c7af786b23214181fc8b84190b72772b7e45498,2024-11-21T09:15:10.260000 CVE-2024-32557,0,0,5b0ec57f637488f201cfe87382c0a1fa7b19c9f62d1e0f85ef3c809e5fc5ea28,2024-11-21T09:15:10.397000 CVE-2024-32558,0,0,164493ea9547d065ff20d36c66bda23d26ede0bfb266fb54b0d2b6423e912600,2024-11-21T09:15:10.530000 @@ -256476,7 +256477,7 @@ CVE-2024-32790,0,0,e9256f14fe881a37e99212e8d1aad2ff7d79d79bd33dcd818c1d32a6631f1 CVE-2024-32791,0,0,3c83e4e6bdc3bd9e2bc146df948348d8c7b709a3fa18cc94f49ff17f6200f643,2024-11-21T09:15:43.777000 CVE-2024-32792,0,0,5c3e810254268cd8d1009586f0d3beaa09807399a499ce961caa0903b8199d26,2024-11-21T09:15:43.910000 CVE-2024-32793,0,0,fa9fd9d861822fec2f2998581ca2b671eb021c6ed3bdc80973193b7c71abde83,2024-11-21T09:15:44.033000 -CVE-2024-32794,0,0,e43ec9b6f44b7a22b3ff2c85b1ee29f529aebfbce508a99ca5ea1a8b5fd976ba,2024-11-21T09:15:44.157000 +CVE-2024-32794,0,1,0854401a053e69865ec3fe29e9c30c29cebbd8a55a370f98d5df0805b27b9f98,2025-01-21T14:49:53.260000 CVE-2024-32795,0,0,fdfe798dbd74407bc911a1475ae57f4d59eec3d8f83eeb0bf9cfdc097931c631,2024-11-21T09:15:44.283000 CVE-2024-32796,0,0,3c13d57420299f06b0c04faec16c8cc0dcf69d3a31f7429ad926f51ca4392368,2024-11-21T09:15:44.413000 CVE-2024-32797,0,0,a034c0aeac18f60b3720fcd260799e2d6973e2274f86c902b1d05567f350442e,2024-11-21T09:15:44.547000 @@ -257611,7 +257612,7 @@ CVE-2024-34351,0,0,1566104cdb11ecd50febbb16238073aa2aee91c794454edae6e612a385746 CVE-2024-34352,0,0,44033e8a258f3dcc59d6acec40fc3898d55483dc008e25a4bd588747b1edcace,2024-11-21T09:18:29.253000 CVE-2024-34353,0,0,ec345720193897f1a51aa41ea7198109a50e12680a78ab392706d12edb2fa719,2024-11-21T09:18:29.380000 CVE-2024-34354,0,0,ee556f5d9803fec9df5ed171a3d146c8fd82dcd323a7d1dfd5dba7c03610e213,2024-11-21T09:18:29.503000 -CVE-2024-34355,0,0,1ad50de0d0b03013f61a6a89455b53e1237e2bddf03c8063a41706bdaad4ce5c,2024-11-21T09:18:29.623000 +CVE-2024-34355,0,1,a140959152b04badf845b9e684dacf7a1734f57b280c7a41659ba5b4b17667f7,2025-01-21T16:08:57.453000 CVE-2024-34356,0,0,ecabb0f579291e4090d054913620c6a8b74af846a289bbfb453ef753a5acd49b,2024-11-21T09:18:29.747000 CVE-2024-34357,0,0,d3b22fa6c18675491db85228033bfb31b66587894057f992281e7b7baad15c9d,2024-11-21T09:18:29.863000 CVE-2024-34358,0,0,9bcefcfa7dea69238a9c153e461f8ffcdd66291a50f783ffcd2515dc375e6f4b,2024-11-21T09:18:29.987000 @@ -257957,8 +257958,8 @@ CVE-2024-34712,0,0,cf5b325ebd7ddae90933e1bc277473f4d6cae9ff57c40754d15ebf6965ef4 CVE-2024-34713,0,0,b206aae50897a4773c53b884158e7edc900433d8305492b823dfad73b1366504,2024-11-21T09:19:14.963000 CVE-2024-34714,0,0,035cb787cbe8de483ee4a16645070a6bb19000dfd09bef360b4a3489520b8957,2024-11-21T09:19:15.093000 CVE-2024-34715,0,0,0eac5e99d3fe4762cc6045f335ec8769257bc8c038795ccc11033f55eb0694dc,2024-11-21T09:19:15.227000 -CVE-2024-34716,0,0,bd4293ae2655053550610b40bf70730cb2e6e77d732c2e44ec14094080e78147,2024-11-21T09:19:15.370000 -CVE-2024-34717,0,0,5917d0f3bc3fe2a90380527e78e566d695d28e4b910137501f12bf7945a9066b,2024-11-21T09:19:15.500000 +CVE-2024-34716,0,1,263d92f3ee07a1a45a530814ec1bce154d4b98d8f5c371531df822cc4b55dd70,2025-01-21T16:06:58.623000 +CVE-2024-34717,0,1,a6a4339988276612cf492ac497d8b5e312f171f63f9a5c816af8b156241775fc,2025-01-21T16:04:37.930000 CVE-2024-34719,0,0,305e89c0ef98274f5189b5ad5f136a8b2011d4d45a052d402515d885d267a22f,2024-12-17T19:41:51.053000 CVE-2024-3472,0,0,90b953dac27cb72c066f35a9794a9efd51d511336e33369f454e762771ce5d9a,2024-11-21T09:29:40.533000 CVE-2024-34720,0,0,903ded3d6440f2f5b3a66bba192cde508ddd97e8690027d53e8b9788a4f8d8bf,2024-12-17T18:21:36.953000 @@ -259801,7 +259802,7 @@ CVE-2024-37160,0,0,6414b8b350b31d55bc4edd745def1a7729a5325ae725ec744bcff78c20daa CVE-2024-37161,0,0,35a0542c09b5a4bb782093598c1f55a02994aa8378ec44fc91263a93ad8859f3,2024-11-21T09:23:20.060000 CVE-2024-37162,0,0,0ffd44302314240b466692b3808bf7ce34f7068c4de31cb876830fbf789415ee,2024-11-21T09:23:20.180000 CVE-2024-37163,0,0,1447be2061e5d54d7a42e1e7b6b7d748cfca1a213c873b883e0653616559e51b,2024-11-21T09:23:20.327000 -CVE-2024-37164,0,0,c8588b064d12e7b2157bed28e0a46422912cf8877e0b7b30e64ddc520d695569,2024-11-21T09:23:20.460000 +CVE-2024-37164,0,1,bb9b09205854faaa97afcc283ba363b035a5582a0884d0c8a886be0c3f989002,2025-01-21T14:35:52.867000 CVE-2024-37165,0,0,c89b9f030ee1ad3ea7893bc91cf618acf95048a079562de20e10b44ce48be62f,2024-11-21T09:23:20.587000 CVE-2024-37166,0,0,61871d25eea33361de6fe5a7ac63dfcb89ce6a3c427c78a138646ac817fd9707,2024-11-21T09:23:20.727000 CVE-2024-37167,0,0,b37beba4e8eef8d37ffe7b339892788b761440ec849a0cc09325389477fd61e8,2024-11-21T09:23:20.863000 @@ -259920,7 +259921,7 @@ CVE-2024-37280,0,0,82506e10255538602ec664d5ef7d85f7e7cc96b02dfe2ddcef5bb9ae709ea CVE-2024-37281,0,0,4249eefcbdc986d2244e44eaab8c4ce3c8b7e04bc410d0b79fef20d4a2687dce,2024-11-21T09:23:32.010000 CVE-2024-37282,0,0,b5291a34bd6835cc4058846acc023216aad27c69e44906c812e14449c733e7c8,2024-11-21T09:23:32.153000 CVE-2024-37283,0,0,ec4459cd72900aa75b10706008bd74f31d6ea48c0863dc3aa5968ea1e15e2f8e,2024-08-12T13:41:36.517000 -CVE-2024-37284,1,1,ac6ccd088383961d58c5c0ecf3e5338cc6be20b6740c1512763b9c5e4b35a030,2025-01-21T11:15:09.633000 +CVE-2024-37284,0,0,ac6ccd088383961d58c5c0ecf3e5338cc6be20b6740c1512763b9c5e4b35a030,2025-01-21T11:15:09.633000 CVE-2024-37285,0,0,e8cc98ed37c5497fbc9f92b308c74c874cd45490ed814f99ca1ead61244ae5d6,2024-11-15T13:58:08.913000 CVE-2024-37286,0,0,b4282d67550d8be06ee44ec1a1d7f9fab63643d7219a6e606e7fbac14d351953,2024-09-11T20:20:34.503000 CVE-2024-37287,0,0,bcf9844fa80494210d104fcba352f6ab7b4fe100f45f4712e22ea47490257093,2024-08-22T13:33:12.477000 @@ -259941,7 +259942,7 @@ CVE-2024-37302,0,0,7b2a9eb27ea19c8915f2b0cb797d35b46de3b12ff5c79f98a96f7d24add90 CVE-2024-37303,0,0,1ed8d2ad1f2dd92fb980e7bdc674a897b0f3990ef68322b3545d546e64461c48,2024-12-03T17:15:10.890000 CVE-2024-37304,0,0,6307e8f3bc4f4e405a01c7d132b2a513cf70abd2036ef845d48214be90db7ce7,2024-11-21T09:23:34.190000 CVE-2024-37305,0,0,9cb1a7cf11c00f6f8cc7665d08ed5000fe651732cdfc6cd15d0110ee1e55f780,2024-11-21T09:23:34.327000 -CVE-2024-37306,0,0,bccd0ec3cdcf7817826427d2b5ae4284e0e53b93191282bcbaa2870ab7207eb0,2024-11-21T09:23:34.460000 +CVE-2024-37306,0,1,b2578352b9513732bcaee4063d3cf321ea83eed4a45aec84e6870d82ea4eec5d,2025-01-21T14:37:34.690000 CVE-2024-37307,0,0,c6d6b3e27dc302f4fb9b6f4e161309d2177d99d50abbf818405d4f5a2a3b0fee,2025-01-09T16:37:54.713000 CVE-2024-37308,0,0,87901e5dece65b55bc0478cbd7b3500ac458fa8af24bdf0b127494e96ab19183,2024-11-21T09:23:34.740000 CVE-2024-37309,0,0,652dd2bd4841d83ef4fb1bd11f09f90c6e3c31e57e961190e557cd8d6dd5b073,2024-11-21T09:23:34.867000 @@ -261066,7 +261067,7 @@ CVE-2024-38626,0,0,9dff8e6fc4731654105396cce1c9207718ab0bedf2c7f1f623ccefb5a64f4 CVE-2024-38627,0,0,3720cb02d28cbfc603ff9a752e3b01df4699e8e737a2585ba6134a0d17a5914d,2024-11-21T09:26:31.397000 CVE-2024-38628,0,0,d4fdcf9144ee46898dc11363f4021850813c3f0a120b750dfa71c7d8984509cf,2024-11-21T09:26:31.563000 CVE-2024-38629,0,0,c1aa5e7715b80785c1c7337a08c3cc90b4c7beeed0328f078157c09f67397569,2024-11-21T09:26:31.780000 -CVE-2024-3863,0,0,6d821679124dca6ac0ea256be0167492503e683a834f11b26273ff42ff554531,2024-11-21T09:30:34.970000 +CVE-2024-3863,0,1,c79c7c012821794b521083534d2b6a7a24ded948dc6c1c7a2f2094d5ee0f71ed,2025-01-21T16:52:27.313000 CVE-2024-38630,0,0,c0def18e6482d368a194ea1672303529ea1dae2991bc322583732464497f7d0c,2024-11-21T09:26:31.907000 CVE-2024-38631,0,0,0966cff01316425490b9aa6b6a2056c0433af45e48260a4d3a20d9fd4cfd470b,2024-11-21T09:26:32.050000 CVE-2024-38632,0,0,1b3a813b73e02ca8acaa10de1bd6cca56fee672a33daa4604a6c496e092c1c25,2024-11-21T09:26:32.187000 @@ -261161,7 +261162,7 @@ CVE-2024-38716,0,0,ce66ae208dc81b08466b7a069e96264c814002e9fee9291323ce5df121c1b CVE-2024-38717,0,0,864f2dfa6d053c7c7420aea677a3e4e4f516d5edefd48370a2493148cebf304a,2024-11-21T09:26:41.470000 CVE-2024-38718,0,0,0d7814a8eb206773759a0d464b09dc76a76e2118d95078cfef1846e8360bcba2,2024-11-21T09:26:41.587000 CVE-2024-38719,0,0,33fae0dc844d26bd1b2bf8c08c4c8c6a62ad47a072a0605638f255222626eee1,2024-11-01T20:24:53.730000 -CVE-2024-3872,0,0,34b861b058482d69bbf1030e99e4ddeb0cf25610fc326112788304934dbe26b8,2024-11-21T09:30:36.187000 +CVE-2024-3872,0,1,2283562863b320dccd97cab38b88e4fbf1bf0691fafa26d9494142e76f0ca838,2025-01-21T16:57:31.850000 CVE-2024-38720,0,0,eab2d8bf09a0dc4b0ca3d9fbdfbbebdd25cd6ed67df1c249d5ca83d281a9b894,2024-11-21T09:26:41.773000 CVE-2024-38721,0,0,fdfe5e2daa63135c91ea3f2622a84d18b9bc401b8a508ea10e1caaf9796c27fb,2024-11-01T20:24:53.730000 CVE-2024-38722,0,0,b9c2af08cbfbae27b7e0b60718880214c97bd229bb8a3ddaedec7ae131b9de3a,2024-11-21T09:26:41.963000 @@ -261194,7 +261195,7 @@ CVE-2024-38746,0,0,34e8f06026a30fcba1f2a4b7d2fab4e9fac068f3df4ee3d29d85717e37ce0 CVE-2024-38747,0,0,9417f9dce18a2a48fa84358d319e1b7409afd0f0ccec02b607923b94ce85595c,2024-08-13T12:58:25.437000 CVE-2024-38748,0,0,8b10e3d45b2d7841f932e18531ec0bbbbe52d9df2a25aff056fb44676ee593f4,2024-11-01T20:24:53.730000 CVE-2024-38749,0,0,9cac44bd60a189328f8a96d4e9a4cc173a1d715533e0c5ebcab85c3cf2df8979,2024-08-13T12:58:25.437000 -CVE-2024-3875,0,0,ea09267fd2bcf012469bcd8092ae1f269eec6c9a634717b56c31b3ee93c2605c,2024-11-21T09:30:36.597000 +CVE-2024-3875,0,1,6b922ac84a65545ed842641f1c23a0444506b12ccaee6f1abb7c34f0ee37c64a,2025-01-21T16:44:42.840000 CVE-2024-38750,0,0,f3d180e8c9a537e3f35b0a267bb1076590b0494a5b3a159f9756f13046728710,2024-11-21T09:26:45.343000 CVE-2024-38751,0,0,bd51de817d7b629ac63c238eb024107a4607932abc04099dba969db78fbf46f0,2025-01-02T12:15:22.680000 CVE-2024-38752,0,0,85fbe1960c245df4c649f4f347181dcc979c1ed8621bbf1b1fde834ce5b9452d,2024-08-13T12:58:25.437000 @@ -261205,7 +261206,7 @@ CVE-2024-38756,0,0,d19a94e70a964dc8bb4e73bba21106e200715bf0ed1ae07d6ced1b0e1d6e2 CVE-2024-38757,0,0,059ebf8661c5c12d820942a389fa1f209fd046537790c40bae7849abcf11ee8a,2024-11-21T09:26:45.803000 CVE-2024-38758,0,0,2e034084df5d7f2893b1d07a3d084b43bf9007ec50db51c2b81baeed0f249a62,2024-11-21T09:26:45.927000 CVE-2024-38759,0,0,9ac9da36b88c559f8aba5bc282baa5303a4aada52f5c758604b65a4626a9c1b2,2024-11-21T09:26:46.083000 -CVE-2024-3876,0,0,da83a9ff868bc8f1e946cece555fd1ec1cf29f9ba903d3471d340e145c1f3e06,2024-11-21T09:30:36.723000 +CVE-2024-3876,0,1,223673b450c9a76fbf785b46a2024b52d1c0f696d62c6c923459bd634ea8d11a,2025-01-21T16:38:31.227000 CVE-2024-38760,0,0,0bdf6e1b54e81553a2be16eae0f92d6916d49f215e9ddf726505be76f65b5d22,2024-08-13T12:58:25.437000 CVE-2024-38761,0,0,b807f6ec3b4c1b73a62fb5ae540f930ff00fef0c3ea616b60a69805afd807996,2024-08-02T12:59:43.990000 CVE-2024-38762,0,0,a69d5a9b22cf39051fd5f972665bc1671848d539ff060289da665b1e009b6592,2025-01-02T12:15:23.073000 @@ -261216,7 +261217,7 @@ CVE-2024-38766,0,0,8c7b8ba00d9d03d5710b03920d96ecdaee1da3dd08661f9ae5ffbc66e9a58 CVE-2024-38767,0,0,fbf72db56b2c3319d2ba5902f993c4818e7574fe761f64435b5a8fda9e194b17,2024-11-21T09:26:47.073000 CVE-2024-38768,0,0,70e152c4c851f00719076d092ee071030827ee1b6a362919e2baad99ec6f2500,2024-08-02T12:59:43.990000 CVE-2024-38769,0,0,7453ef1008308d0d8eba420a2195f488ead7bd495afa2ace09b4382293c795f4,2024-11-01T20:24:53.730000 -CVE-2024-3877,0,0,deac9a7aa46a62157ddd5ad517b836933fb7ecf3ce86e1d22e21f85acdd07329,2024-11-21T09:30:36.857000 +CVE-2024-3877,0,1,7dc053b251c7f8e4c852bf34c6e8a9142b79d84ac3f1a22d95dc5dcefec80237,2025-01-21T16:34:51.410000 CVE-2024-38770,0,0,0c9e03582a12319870a45ae32b8320368f33ad592fdd5a171772f822ee858897,2024-08-02T12:59:43.990000 CVE-2024-38771,0,0,27b468612455a91733eb84f694387c7d5325ed26015a10d165eca1c1b024222f,2024-11-01T20:24:53.730000 CVE-2024-38772,0,0,82a728a0b96401862ee0e2b2102e6386d00c16a258621acd80b55636f2b24a42,2024-08-02T12:59:43.990000 @@ -261226,7 +261227,7 @@ CVE-2024-38775,0,0,03db8f69fa0697d00e8cb8f435ad116eb722374921c9d3763f28cc6001770 CVE-2024-38776,0,0,7a590d569735cb49fb71d732707e32ccc3d4f27eb4490610391e050c26adf6db,2024-08-02T12:59:43.990000 CVE-2024-38777,0,0,f4d4683247322f31066bb658d0644f1c59a914566d45a7058794ec1cf7e0d1e4,2024-11-01T20:24:53.730000 CVE-2024-38778,0,0,42d7c0084c76d2382dff1e525dcf5e6383337b6edf9c583d8bbce7af742372ea,2025-01-02T13:15:07.520000 -CVE-2024-3878,0,0,1c79b41ad0de7dc8e4ca32420b449c37d7ef571e6b6a68c9755332bb6404f0f6,2024-11-21T09:30:36.983000 +CVE-2024-3878,0,1,cf8c5000e1e69ee2cc3732767f8c87bceb9cec1cb07ce8c3b54e41ae6e97a25b,2025-01-21T16:32:56.933000 CVE-2024-38780,0,0,59b516bf2edeec5bd5de1b6b25f5c18b14158969877e153ee0fa0692d018e06a,2024-11-21T09:26:48.823000 CVE-2024-38781,0,0,0dc3c569223570b22ffc9a0a837f27528b499c6a7317b28bfc390c2a6de9946a,2024-11-21T09:26:49 CVE-2024-38782,0,0,01160802fd0f189b240fc641a37384c195bc1f20e754065643d1aa6713819e12,2024-11-21T09:26:49.157000 @@ -263067,7 +263068,7 @@ CVE-2024-41656,0,0,5547ca1fc7f086123134ddf7e25997a9e8d115d893b3ca9d5b86084e55bc7 CVE-2024-41657,0,0,a5c54d84702589380e59150e6f26700d50d5483935a1d64a8c22f9006b671145,2024-08-28T16:13:35.140000 CVE-2024-41658,0,0,73d31f03f30fd7feb411ddb1abbfb27bc5ff6a231dff63f4532a66eb480a8106,2024-08-28T16:08:31.743000 CVE-2024-41659,0,0,d3ddea8571ed769aae42e5471e10a16d5cd0b51389c93e3216030e421b69ae04,2024-08-22T16:15:08.993000 -CVE-2024-4166,0,0,1fcc408dd189f0c9300f3bdcf7f4e403e2ff8582dc00ebfcd8ae8a23180a4213,2024-11-21T09:42:18.970000 +CVE-2024-4166,0,1,bebba4adb628e33af457b1f3ffeadf17f7b0a6e21578ff959a6c4828bbeea3a8,2025-01-21T14:45:35.713000 CVE-2024-41660,0,0,c04f4bdeed996b73090b035a760ea73b17c4634a67ab354f0c2c3561ae17b8d5,2024-08-01T12:42:36.933000 CVE-2024-41661,0,0,8be49a95a9c023719c12155b6bed0ffae7501d3f32777c539056e8b618120c6d,2024-08-29T23:15:10.743000 CVE-2024-41662,0,0,dc3e227528839622e3f52103be234a8b480e9e6cbb7ce29d523b189f23f32bce,2024-11-21T09:32:55.687000 @@ -263077,7 +263078,7 @@ CVE-2024-41665,0,0,d45defca8cbb1cc7c179ea92d3660a2d03a817945288adb82a64865ca964e CVE-2024-41666,0,0,d1f92fab5beee45ff4388efe5ddd44e33f7a0f850b5bbacae429ee6a186a4dbe,2025-01-09T16:54:08.037000 CVE-2024-41667,0,0,1521e864f3422c9bb00179574d7279d1ebaa600c95bdd96efe9cb514a68f8910,2024-11-21T09:32:56.327000 CVE-2024-41668,0,0,dc859c8887bac12a38e68f1ba130799ac5f5864a2aafd455bb306c37815db92b,2024-11-21T09:32:56.450000 -CVE-2024-4167,0,0,87aed1d2d662bfa0eb8b9ad9a290b75ecaa9218eb55ec2afff703a0964bdf15b,2024-11-21T09:42:19.103000 +CVE-2024-4167,0,1,22af6e6b7a6c2411343bccf591480c5d78edcd3461dca8ba4d0f50203052febe,2025-01-21T14:41:18.070000 CVE-2024-41670,0,0,c9e87686017bf1f06962765d723e0f2d30f9c3d48faf6a120d662b572f6ec20a,2024-11-21T09:32:56.577000 CVE-2024-41671,0,0,c596ad9d6de7c94f6a9a343533bbf1ef3f4f335fcf8e52d87a0aaea1be8e0898,2024-11-21T09:32:56.690000 CVE-2024-41672,0,0,8a88dbf32aeecbe5589e8346fbd3b5f74564360f3a3d962fea935a7182bcc0da,2024-11-21T09:32:56.827000 @@ -263088,7 +263089,7 @@ CVE-2024-41676,0,0,8e2ea5bb990638d3ae9d99715b3bf844e30ae3d47cce0c91ce8505f989f6a CVE-2024-41677,0,0,96250bc52ab18207ccd489766e50a131e1d26666e8f9be83ee991c8e4f846f3a,2024-08-12T18:51:29.497000 CVE-2024-41678,0,0,9bc03ecd6faf0db93e91a5b36c28e5ed841a3d4bdaf8e81efb4b10d2c99c65aa,2024-11-20T15:21:37.683000 CVE-2024-41679,0,0,fff0bb7009cdc2f4069c822cc9d75e707b4a208d00692569164ecf3d643cd35c,2024-11-20T15:21:19.883000 -CVE-2024-4168,0,0,d76fdd17ff62138ece4bdab0cd8dee1a558b4d835ef9fb1788de575cb9c28e88,2024-11-21T09:42:19.240000 +CVE-2024-4168,0,1,409a0efbd4867e33a9bfa82af4105ce4b4a59d3acbf2aa640bebcc6fa374eb7f,2025-01-21T14:34:05.903000 CVE-2024-41681,0,0,851f2d33a294bca43286fe19bcd65c701bdda939e213f541a50d86109ced693e,2024-08-14T18:37:06.540000 CVE-2024-41682,0,0,78c52b6d6ae7fa021e668be7d5addb2d1f292ddf1ae3e1922657884e26ff54f2,2024-08-14T18:37:24.413000 CVE-2024-41683,0,0,1f739f2f25a478b852b7913484322d0fb291c1cff85619a07da231b4550ba792,2024-08-14T18:38:26.757000 @@ -263098,7 +263099,7 @@ CVE-2024-41686,0,0,6ca3838e800281fb0f56892e27b1066cc806999f5254d98754cf0c39ab9ae CVE-2024-41687,0,0,a4a5a4f72125eed186fa6f8395e818c70c0c7ac8e563ea7df1804b7657bee055,2024-11-21T09:32:58.460000 CVE-2024-41688,0,0,59e905e70a60ec413244716bb53ac7a38909a19d986318b9299820ef5aa40589,2024-11-21T09:32:58.603000 CVE-2024-41689,0,0,37a5077368ede55e691e7af029f30ad8a79185d8f83c093df4da9290a7535b71,2024-11-21T09:32:58.750000 -CVE-2024-4169,0,0,c0860649fd74c8e002fbf68ff811804dca3d53761ff6e813cff4e2023b547b37,2024-11-21T09:42:19.377000 +CVE-2024-4169,0,1,32d426df79d00034d87a86c50c111b057fe6b068421f23689012f222b1fef24c,2025-01-21T14:20:59.187000 CVE-2024-41690,0,0,da79a39c17cdf59b607be7b7646047c5333a9d966b5329fce36738f98a05fd0b,2024-11-21T09:32:58.903000 CVE-2024-41691,0,0,caa7f60a21d53b4fc7de2721454213045afe0b661e58f569295db6751afde492,2024-11-21T09:32:59.053000 CVE-2024-41692,0,0,af4c3ae3327b5fa388270b9ca6f7cad936342880256ef5b66b3bb2b15d4e6510,2024-11-21T09:32:59.197000 @@ -263109,7 +263110,7 @@ CVE-2024-41696,0,0,eab16590d0c5edfc488b14692a9f8db9a3d4e3ad6e13bbecfd159b5146c5b CVE-2024-41697,0,0,a10fad6982c4f67ae3533b5a7be9ab43663fbb42b04a9d9667153946c0a0dc29,2024-09-03T20:19:45.490000 CVE-2024-41698,0,0,83f3b0720c9129a7b161b5c14f3e60a4cd0d55d0869429176e5a80fe9826db62,2024-09-03T20:18:57.060000 CVE-2024-41699,0,0,5101bb72e5ad33cba3281353080fffd0bc46a7212272adad9f7543fbe950b9de,2024-09-03T20:17:45.700000 -CVE-2024-4170,0,0,259ce56daf1840291bea84b0bd07beba87dda9ffe2cbbd55c43f8a6617fe8ac9,2024-11-21T09:42:19.523000 +CVE-2024-4170,0,1,d47b29173a8359701761de576c735ebd3dbfcad3e538a10a81aede8c1214c4c6,2025-01-21T14:15:32.487000 CVE-2024-41700,0,0,50c40c31fab6377127dd0dcd79059c2577e200167f130365b3425d2f6c695b10,2024-09-03T19:37:12.273000 CVE-2024-41701,0,0,daf49829a0b75a687fbec8e2a8e671624c6389e728c274971ae634529dcbd2f2,2024-11-21T09:33:00.270000 CVE-2024-41702,0,0,ae40f48fdefa4952759c4c242cdf89d9f575ea0a3cbae8e1ce728189af43b621,2024-11-21T09:33:00.410000 @@ -263333,7 +263334,7 @@ CVE-2024-41956,0,0,5e680f8eb542fda81d1f4993ab3aa0701a585ba951699e4b103a764c9e5f4 CVE-2024-41957,0,0,13a89cca177965b6d1db4422823d808fc709b7a9adde3411e9a629ad44bcc3e1,2024-11-29T12:15:07.430000 CVE-2024-41958,0,0,ffdc03ea4b99b2a254b0ec8f7f945a9efc29bfa75ac2d4883225a580f1aba360,2024-09-20T12:58:23.553000 CVE-2024-41959,0,0,85dc150b0cd4178bd6ddd4a430aecd47bb38547b905f98c658e25083199c2387,2024-09-19T20:14:02.963000 -CVE-2024-4196,0,0,9550fb70889e78984a7b234d153e9f1d428c47e0897196db786b3605bcd9e4b0,2024-11-21T09:42:22.210000 +CVE-2024-4196,0,1,9102e1dbb1db0431d66ab828cd13da3a4dd3144d4d3ecb93db44bcf7b6e3d720,2025-01-21T14:31:31.413000 CVE-2024-41960,0,0,d7387a3e75e3ded1145ff99abe342114a326d7087a81de005054ebe29a4d2522,2024-09-19T20:01:58.633000 CVE-2024-41961,0,0,17723453c0c093dfaf51330b6e8261929f165726c94bd133502bce8cbc3e8886,2024-08-01T16:45:25.400000 CVE-2024-41962,0,0,697b1b15b8f5469529b2c357915c3da19e4b085a3cdb4c8c35638eba0d0001ec,2024-08-16T16:34:48.873000 @@ -263342,7 +263343,7 @@ CVE-2024-41965,0,0,999d7f4573b3473822f145999f0044b8d5635280e14155e7c3e53c8db63e8 CVE-2024-41967,0,0,9e13c69804b10f7fc61b69fe3806b3a7e3b93f16c14114561c8ec25cc4307294,2024-11-18T17:11:17.393000 CVE-2024-41968,0,0,71f4fabfd416c733786263297f39a7602c9d2582e47f7d870b7505af443b8a48,2024-11-18T17:11:17.393000 CVE-2024-41969,0,0,22da1b855f85322ad3a5246d3d93bb87a00fc1ba41cf3221fdb9b3f4fa14d331,2024-11-18T17:11:17.393000 -CVE-2024-4197,0,0,b0aaefc9490e4ff4373e20cb1b037198f79f507197d15c18bbe1175e923d913e,2024-11-21T09:42:22.343000 +CVE-2024-4197,0,1,260a2710cc12bd729a29b45e82a5539362674b2c1c34fd69f83fcaa8deab64c0,2025-01-21T14:31:21.327000 CVE-2024-41970,0,0,ea263fddb4e8af233e96fe4a373489c4065185effdb1fb3499cc0dc6ad2d8bb6,2024-11-18T17:11:17.393000 CVE-2024-41971,0,0,af6d40703a726ad33db6503566bf036a34535ebf86366cbc90a7dde7022e583f,2024-11-18T17:11:17.393000 CVE-2024-41972,0,0,01b68062aa7124e0b42fd08ca316a496b66fc93b6fb442a99c94fc64a8224730,2024-11-18T17:11:17.393000 @@ -264736,7 +264737,7 @@ CVE-2024-43702,0,0,026195b67973267c5f7e1b66b43eadfe3de1f0eaa8dad79a11b9df4d6c345 CVE-2024-43703,0,0,e564d47a3ea8e2e59e7c0c62fe5b37de767d270b87bc716325b902fc07b61a86,2024-12-01T23:15:06.383000 CVE-2024-43704,0,0,82c22af109add6551b6eea89e99a6b50accfdf02d564899eae149615096d5dc8,2024-11-18T17:11:17.393000 CVE-2024-43705,0,0,29f69c0cebaa0d9dd3b94a974b4686ab8ab2fbc5f28104cf63225fbecfd597b0,2024-12-28T17:15:07.190000 -CVE-2024-43709,1,1,09cf25b20d4028796eee5e828fe568cc7b1650ddae8136f4850d31a7a66e0f89,2025-01-21T11:15:09.807000 +CVE-2024-43709,0,0,09cf25b20d4028796eee5e828fe568cc7b1650ddae8136f4850d31a7a66e0f89,2025-01-21T11:15:09.807000 CVE-2024-4371,0,0,e83d972dfd798c0045589442b000f085f252e3d21fb48583dd2590000a3618ae,2024-11-21T09:42:43.087000 CVE-2024-43712,0,0,9ab3fe760e8f19464e8d37dd73b7335ae43d5382e27e4d6ab5795a2dd3e62314,2024-12-17T15:23:11.173000 CVE-2024-43713,0,0,2351d2ccf5a9bdfa299b6fe1f3d7c7e3a4bbc01a6f8443c4348a36cf5880bc04,2024-12-17T14:55:13.953000 @@ -265936,7 +265937,7 @@ CVE-2024-4539,0,0,a50c21946790a9182b1f358ef39ac139f12b2ba174f8c831ada00c492c3c77 CVE-2024-45390,0,0,2142cd3346c3fec2fca31f119b783fcab8927a3f0ce05f20e5cf0eeba191abdc,2024-09-12T20:15:15.673000 CVE-2024-45391,0,0,4dd15c2f5691feb663d3583545ca059b7fed50faf0fde39bc88a991c3b431365,2024-09-12T20:13:30.917000 CVE-2024-45392,0,0,e69df29d38125250233f866f0c805e37a4cacd2051f826770300a1acded38c97,2024-09-06T13:24:34.353000 -CVE-2024-45393,0,0,df39c104bf135be52e7db68ab988a410e8015835251da6bd58f58d52d6c9fe36,2024-09-10T15:50:47.237000 +CVE-2024-45393,0,1,f4820a7cd8b010a7de3c3fc4e53284b73e0305d0af5801a469aadd32bbe73a14,2025-01-21T14:33:37.030000 CVE-2024-45394,0,0,391351c22311953637cbb3c03f0c89dbbd791c25269d24940a2803477fbbf7e5,2024-10-09T15:15:13.600000 CVE-2024-45395,0,0,aef7a8643b582c3b908305dba8a64ad01705985b031bb749e7c4d4ae4d56188d,2024-09-24T16:50:07.930000 CVE-2024-45396,0,0,fbef9d2c595c501a111d10bf1295375a547bc5fad8bc636d949320f9032c3909,2024-11-12T20:05:09.367000 @@ -267003,7 +267004,7 @@ CVE-2024-47106,0,0,d85a8e37ac40b85485c50aad7b2f7a67ee7b806a3ea7e8ecdce4814f2c48f CVE-2024-47107,0,0,cbccf574787d61b4f6ca0e02b243f9353763dfcf6f42da1d1ab7d0498a1d160e,2024-12-07T15:15:04.123000 CVE-2024-4711,0,0,e4ef71037ebae75f1c7783581ae71eaf15c6142551362f95bff0adb8f63f9b15,2024-11-21T09:43:25.710000 CVE-2024-47113,0,0,779d440772277fe5838a7220c7526dc6206bbf1e989fcfb188eb4da0fef04e91,2025-01-18T16:15:38.897000 -CVE-2024-47115,0,0,64bb47e915974f1dfec3d4bee74763bed48bbf036cf9597873496ec80cb951dc,2024-12-07T13:19:14.783000 +CVE-2024-47115,0,1,7a7f36fd4f42315d6d6861efa2fa7bf95141b001bf20215444f270c56375d7b4,2025-01-21T16:15:46.587000 CVE-2024-47117,0,0,a26952e58650ef25d9f11a5aae4455c43930c6e2575395901d2106687495648d,2024-12-10T14:30:44.400000 CVE-2024-47119,0,0,822d29d557ac8a46a432d9833d3741afebbd1611ae551e680e9265032df20c37,2024-12-18T16:15:13.110000 CVE-2024-4712,0,0,41dcfebcfa1570030d0650a11b9ea1ebe268de096b5dd5446ec4b7c88eeab622,2024-11-21T09:43:25.850000 @@ -268501,8 +268502,10 @@ CVE-2024-49297,0,0,f192074d26b33e0d5f10cc1f854aa454ad790ff37de6ee072448709786ed0 CVE-2024-49298,0,0,b839de5acc344460e734e5ecbb691ffdc38dbe70e6763c2648b1b94ac5707f9f,2024-10-18T12:52:33.507000 CVE-2024-49299,0,0,b62a2e670cd623ee2be7894403bf7a5e65eb1aca5f3deeab14b46ed344a3dc12,2024-10-18T12:52:33.507000 CVE-2024-4930,0,0,1a6aeaf5c9b5763262adff790f3991767d0002062551d9cd7b3c73e363fe1d8a,2024-12-09T22:47:12.560000 +CVE-2024-49300,1,1,a48746efe1460a16dd04d544303ba01ce6dd68be509a899784733697c8d36b1f,2025-01-21T14:15:07.817000 CVE-2024-49301,0,0,7c40b91efa037d4772cfb4564eb22b1dd347c2c6c5e2f8d1b24166cac85ef59f,2024-10-18T12:52:33.507000 CVE-2024-49302,0,0,4aa3e784c200de535b6f996dac0eb362198e7da053ad5845b20beae954b5fbfc,2024-10-18T12:52:33.507000 +CVE-2024-49303,1,1,2009618b4c7a8432bb90c482c122e321949ad99eea22b0abc2ebb776ade0339d,2025-01-21T14:15:07.987000 CVE-2024-49304,0,0,ec4a0499f8abde2f3743acd125114c123a46d3b965ed8f607a422b669fc64b89,2024-10-18T12:52:33.507000 CVE-2024-49305,0,0,d3b27a50296ab5d828fe241dbded8443a48b306a8315184ebad8aab390758be5,2024-10-18T12:52:33.507000 CVE-2024-49306,0,0,e695dc04449cc80376f496bad7b7ec8e4492913b095e35bdd18e5623cb1637f7,2024-10-22T18:35:46.107000 @@ -268535,6 +268538,7 @@ CVE-2024-4933,0,0,f226168d4088139258e85e9ff5b01bc232ea955a93657121868202d379d9b5 CVE-2024-49330,0,0,e20da0c156c001d33624f9462f9fd088512ffe8e54dbe1942fd80d553e5a1477,2024-10-24T16:01:09.733000 CVE-2024-49331,0,0,fc33cda51d0ae00f7fe88fbdfa0860d165096722e67220af6538ac02d3a62215,2024-10-24T15:54:07.190000 CVE-2024-49332,0,0,163fc61e1aa5949d0dc085fe875d10ef86a8206eb7889644482dca315618c25c,2024-10-24T15:49:34.827000 +CVE-2024-49333,1,1,be3dd6e3b0b8c9c8fb88934096860692439354227ff53535d497ba33277a7eab,2025-01-21T14:15:08.143000 CVE-2024-49334,0,0,c834d2b3cc4ff6e9dea6658a6f1e0bf3ee35911e84a97a8c123fb548c9607113,2024-10-23T16:08:01.277000 CVE-2024-49335,0,0,3160ec720c602cc52406d525d62eec9c1419d94d6b3a852f9810bce5470fe4e2,2024-10-24T14:50:16.557000 CVE-2024-49336,0,0,74b5d6ca5a527605069a19da7232fb13c834e91072ba01d322d091e1df5fa9ca,2025-01-06T14:29:06.027000 @@ -268751,6 +268755,7 @@ CVE-2024-49651,0,0,eff1cce374eeb20a6db75a05fbc6ce94258af07964e7154f22db427d87620 CVE-2024-49652,0,0,2fef3a58033a3cc5731e0190548832508d5ac10a55c45656177683798b3396ab,2024-10-25T12:56:36.827000 CVE-2024-49653,0,0,7410bc7a50d9584ad117bbedc7e0add7bf77171c0d2d393528fcde9b43a0ce28,2024-10-25T12:56:36.827000 CVE-2024-49654,0,0,e10bce2a446f40b8780c544d0873c3a764c7b21408041109e6d0a76f7ecd074e,2024-11-01T20:24:14.310000 +CVE-2024-49655,1,1,3892bc02b0fc624bbf56da664eeb6a62dc5dc4bcc935f85d55a2eb285c46d769,2025-01-21T14:15:08.310000 CVE-2024-49656,0,0,c3ad0142553324aa060ec1c435fd2bf00f79ff51540bd27aaa9fd5faf1d0762f,2024-11-01T20:24:05.450000 CVE-2024-49657,0,0,2f136a33a94d79762e605c9e4d803e6340788b2ff013a60ba5e0d2ed034dd223,2024-10-25T12:56:36.827000 CVE-2024-49658,0,0,e7f1da0786b76e31a857abf556330959f0a32ac227a685f313d374a5c271e9d6,2024-10-25T12:56:36.827000 @@ -268762,6 +268767,7 @@ CVE-2024-49662,0,0,dde9ca392192ae6d8233bf6e40e8e6f0846328594962244d4767eadb16203 CVE-2024-49663,0,0,3a8e439baee3adb77712fe2a8a40d1a3f2d9db21deb11c5af7169fb7213f0a2e,2024-11-01T18:55:51.143000 CVE-2024-49664,0,0,6f119370bd4e250be2090b50e650fcc745daa9be0199ef2ec2c8da7fae217515,2025-01-03T17:42:09.330000 CVE-2024-49665,0,0,481fa6d35194d6fe2f569ea080f77f62c2730b07a289c7d51c66af9df5e96295,2024-11-01T18:55:01.773000 +CVE-2024-49666,1,1,8ffa9051a360cb898ce0f5a17317614eb3097b43886b4d8101ebb90b1c2909a1,2025-01-21T14:15:08.450000 CVE-2024-49667,0,0,9b3b9d25907047dc12cf012cf030c8db73d4d456b33bdaa74b91d8a7ee70a4ed,2024-11-01T18:48:48.797000 CVE-2024-49668,0,0,94eddff54af31179a0c5ecabdbdd71d8d6dcea45c4f840188de246a365bfee2e,2024-10-25T12:56:36.827000 CVE-2024-49669,0,0,f5af1df54e8b7d7f9667dcdd7a6962c4e16f9b133913097ee0daebd53c256fc5,2024-10-25T12:56:36.827000 @@ -268785,6 +268791,7 @@ CVE-2024-49684,0,0,36531d7cf4c7a4e38f6860bda9ec7c0d48195d2fcc27ad0578736763df8cc CVE-2024-49685,0,0,caea3f86fb77aaa3e3026aa8a74adcd66d73ae057e76042ddf5cfe89f39cb8d6,2024-11-01T12:57:03.417000 CVE-2024-49686,0,0,1648efd420dd9feaa12bda71d4c28e07c0afcf094efff0cfc461507ecbd2e840,2024-12-31T14:15:23.137000 CVE-2024-49687,0,0,f3e38245690627a2452025d02cff1519f25509e656e89abda20c64ecd5ee7193,2024-12-31T14:15:23.430000 +CVE-2024-49688,1,1,8b3b2bcbf621b99845a78871a9b27811618b398d2278fd3e3c7543ea4a737bc5,2025-01-21T14:15:08.613000 CVE-2024-49689,0,0,5b95dcb1b308ac9918618c653b8d612d05dba2416c0a5caade9d4ff079c39dcd,2024-11-19T21:57:32.967000 CVE-2024-4969,0,0,590a42a007878875f8821a8461ae21649b587614d8fa87d6d7abc856a4793907,2024-11-21T09:43:58.430000 CVE-2024-49690,0,0,e7d1fbeec3ae6b3b41207427caf7ef895bb3e2f53a7a24c5af615a4c19bee7df,2024-10-25T12:56:36.827000 @@ -268796,7 +268803,9 @@ CVE-2024-49695,0,0,83cd58e8b597dad6e6c36cfc6ae43f6a32a1a4af5eeaeb26b9996a7c57692 CVE-2024-49696,0,0,527dc628015bfd53942eb90e4ad813b4a45b3c729bd97fce7834df7a63766ec9,2024-11-08T15:21:12.533000 CVE-2024-49697,0,0,530eb2f42eba87aaffb73d54c4b9e27dfb5194483cfcc3edf311ece4f08a0142,2024-11-19T21:57:32.967000 CVE-2024-49698,0,0,0da674ff14e9a1aa3e4bc23d228b70f80e183926d4686276e19237b19658e09f,2024-12-31T14:15:23.697000 +CVE-2024-49699,1,1,8fa4156418d67e0d04ddaf1597a93b42245cc1998c7c936f01cefd397c1b0400,2025-01-21T14:15:08.780000 CVE-2024-4970,0,0,ceae782189e36ea72b2794d871ba0e98c5d8d6d33670b120902bfb4e771c4acb,2024-11-21T09:43:58.627000 +CVE-2024-49700,1,1,f278f5eb1bf15c3a28d9c50f514b294895f059cbcd7c22d76b6df8d21da28abc,2025-01-21T14:15:08.937000 CVE-2024-49701,0,0,faa8cd67d7f87e8b700116e3ea01c26a0bace35a674e83df64e802c479757838,2024-10-25T12:56:36.827000 CVE-2024-49702,0,0,95504b65313eac7b0c032b66b56870b8b510aa5556c8e61dadfd6a9c41944713,2024-11-08T14:32:56.010000 CVE-2024-49703,0,0,773f468dd20b89d6b077ffb05058547737a4c510a41e2a52930200811683b9b8,2024-10-25T12:56:07.750000 @@ -269653,7 +269662,7 @@ CVE-2024-50626,0,0,ee346cb1a02e9d6ceaf318c396c6bbfc04e63993edcd6528fb39c33b5fb34 CVE-2024-50627,0,0,54f35ecd4423ba348ca66129853a9258eaef3460345ced0ea32309ba3face4cb,2024-12-11T17:15:17.200000 CVE-2024-50628,0,0,0643f111de6b649c82d0d465a05ff1bea2d7a2ca8f3d6abb1fa505b9869b41b4,2024-12-11T17:15:17.350000 CVE-2024-5063,0,0,d66483573e96022ccfb509c4cd99c3f2ab64b3e900fde1922f4af776a81cdb65,2024-11-21T09:46:53.250000 -CVE-2024-50633,0,0,d0153926c6a02e76397a49275cdaba4d567a050b25f3435171b670652de25f8e,2025-01-17T18:15:26.043000 +CVE-2024-50633,0,1,8bd92f5da77fc20b868f74b92cade5ef8334a0d60c709794cc8e70ce9da7b550,2025-01-21T15:15:12.907000 CVE-2024-50634,0,0,75c75741b4ff07a7223817b405561d2122b2e965df2d36431c234973c9416179,2024-11-14T20:40:43.690000 CVE-2024-50636,0,0,35ef03dd8175dba345c3fb32a6b071a45c850c144fdf90f5aef46a21c35cb9c9,2024-11-19T19:35:14.833000 CVE-2024-50637,0,0,d977347a448c3f65e92048b639a2e3e6ff98b542be1611660d9dca9c5510503b,2024-11-07T14:15:16.780000 @@ -270335,6 +270344,7 @@ CVE-2024-51814,0,0,c706cbf8cc0b8a3d900a8d005586c9e3206748aac96d3b11ba49d6d7d0ffc CVE-2024-51815,0,0,13d3283f885af1f3011017ca7c559f58a94f2e15b2e40617a6fa365b018c1ef4,2024-12-06T14:15:21.093000 CVE-2024-51816,0,0,9d58e9843514bbeaaf08418ebe7bcce14308ee33a75a1eb0137dc4f401c6134d,2024-11-19T21:57:32.967000 CVE-2024-51817,0,0,b550c38d0eefeb66f8dfa386757bbf0aaf1a1643de82c6b694af702fb58dbe08,2024-11-19T21:57:32.967000 +CVE-2024-51818,1,1,c59c1d65dda63e9aa32ce1f701b077496378ff6a95ff473c8b65e86d9a9a850c,2025-01-21T14:15:09.087000 CVE-2024-51819,0,0,f78f3c3a5e938d2c472ac4d95f0ac45f857d026f08888f764c11f275bcd62334,2024-11-19T21:57:32.967000 CVE-2024-5182,0,0,31ec8a9bbd7289733685d0f34d543282442d8ac8454e8bd475d4d695580f280d,2024-11-21T09:47:08.590000 CVE-2024-51820,0,0,a1b92eadcad49f7810b03c7a98e9503b3af42a0a7682d2c7e491e487a8449207,2024-11-14T18:03:02.447000 @@ -270410,6 +270420,7 @@ CVE-2024-51884,0,0,c65965361df68b36cc9a57a3d6426452385960160e4ed5c054936e51edcaf CVE-2024-51885,0,0,9997abbc40070e9236bbd903907fadfcdf795a0645d0e60da25d32309cb4565b,2024-11-19T21:56:45.533000 CVE-2024-51886,0,0,98b67d59a155c38bf7cd1b013a08137e66d368961bfff45a3cea49da1e0ac0bf,2024-11-19T21:56:45.533000 CVE-2024-51887,0,0,cc4fb85ccf3bca1eab693ea1dd8297634c27f84eb36fb478e6908b9d339050b6,2024-11-19T21:56:45.533000 +CVE-2024-51888,1,1,52e491dfedfba2ab1c6671345217704b555be42da5c6a82c3eca25f7d7c4c0c3,2025-01-21T14:15:09.260000 CVE-2024-51889,0,0,cecb0beea7b5658e0f81b9e4fa384738485c6a4057ce6c3363878c3d65a3f538,2024-11-19T21:56:45.533000 CVE-2024-5189,0,0,e9e4f7585a6c523ef99b987c4a7316ab8e7e1a950ab1706ecfafec7275afc15e,2025-01-15T17:16:13.547000 CVE-2024-51890,0,0,5b43f46908771f4bebfbe45167dc65d43eb7812f09210cecbd324d63f8d05067,2024-11-19T21:56:45.533000 @@ -270442,6 +270453,7 @@ CVE-2024-51914,0,0,3507f7eead589602074f32edd240a9a78634e4d5dd45f5158df5b3129b444 CVE-2024-51916,0,0,d2c61c6f5d89e7387d2e703c746dbcd330f0881d87b84f96e7948f7b3a1a223e,2024-11-19T21:56:45.533000 CVE-2024-51917,0,0,831a84a21b4d5665ac0a0e3a84caecc2fa11aae5152c0f8c6669deb3a4699216,2024-11-19T21:56:45.533000 CVE-2024-51918,0,0,ad2e80723b14cd28e32f2efd51876370a1789f50b16bdc0f7c00aae3f15e845e,2024-11-19T21:56:45.533000 +CVE-2024-51919,1,1,d5a6bb37c963dc8ccb6dd0f02cc25fd1cdc85f21cafb8062086341c23ba698c0,2025-01-21T14:15:09.417000 CVE-2024-5192,0,0,6209d0dba68d43f6e6fc9e420823ac2b90c25b518ffcd56c4fd421f6cb74233c,2024-11-21T09:47:09.703000 CVE-2024-51920,0,0,c6bd9bae1e98005a93b5675bdaf2804079221b875a5a107bfce29e0dad40ebf9,2024-11-19T21:56:45.533000 CVE-2024-51921,0,0,e359a0de3fe9845697b9d1aef0b6ebf24177e2dde1781bbf17260d376d469d35,2024-11-19T21:56:45.533000 @@ -271071,7 +271083,7 @@ CVE-2024-52963,0,0,ff01669b1598f0bce0b4b90af8cc55f96a203c8a430eccd639efb9c221ab9 CVE-2024-52967,0,0,ee495ed0ae82b5386a5a5e29b20d009f38e7fec0fdb15824df2e77e4920e6e29,2025-01-14T14:15:33.967000 CVE-2024-52969,0,0,d48edc4c533d9acd9a260c0e4d555526245a1be1476ba79e29b9502b8c79f01c,2025-01-14T14:15:34.123000 CVE-2024-5297,0,0,4e7f74d9629bbb9b864fb76b28bd5d406dd3be0c174577372182a6d0a600d934,2024-11-21T09:47:22.990000 -CVE-2024-52973,1,1,80557c3abfe62ff99c7924275640db641adc976d538445e17950b607d9ba9ac5,2025-01-21T11:15:10.200000 +CVE-2024-52973,0,0,80557c3abfe62ff99c7924275640db641adc976d538445e17950b607d9ba9ac5,2025-01-21T11:15:10.200000 CVE-2024-5298,0,0,329feabae44ccd7ff86530cac1ce0ba86c416ea44126377af7ea7290b6d65a10,2024-11-21T09:47:23.103000 CVE-2024-52982,0,0,87ddbec0fddbec6a4eb61fd0607c77d31103b1dd9283c5a13ec4d5a36a8ccef0,2024-12-18T18:22:52.637000 CVE-2024-52983,0,0,6cf30a09aaa853464d214fc07b1d213f931e08bd912522971a9cefc2fb965c45,2024-12-18T18:23:06.273000 @@ -271621,6 +271633,7 @@ CVE-2024-53823,0,0,c8e08da3916e0ba5bcd6157a564655c4bd7969a7e9baa9ec5cf68a8149a06 CVE-2024-53824,0,0,ba3b0995b198dddbea8e833e326899bd456b4ee76119ba0f40443a51770415d1,2024-12-06T14:15:24.800000 CVE-2024-53825,0,0,07af7202ddabda05f0daeb42ca06edbcf3fb20c192ea7ca7dd7082861a20bb4a,2024-12-06T14:15:24.937000 CVE-2024-53826,0,0,0b04b1b5846f39442507bbeb125d0ae4870d599699b329db9d8ecf7c2429b842,2024-12-06T14:15:25.077000 +CVE-2024-53829,1,1,7629fe4ae215d51b999df46e32346257b9c7a8bbdd79f0882eb229370da8cd5d,2025-01-21T15:15:13.200000 CVE-2024-5383,0,0,093acdd4201567d005275d52c1174349cc9fb95effb23b8b65de339d75e5f1d2,2024-11-21T09:47:32.963000 CVE-2024-53832,0,0,1b2ce5c4938b0e1ecf47a9786c83880b95c4a4c43364160d8ae6a9eea87843bf,2024-12-10T14:30:46.853000 CVE-2024-53833,0,0,b0263a13fde25401d454efd3fc9f5d9e65a4ba307004af4c26526c703bab4f08,2025-01-06T17:15:39.110000 @@ -272198,7 +272211,7 @@ CVE-2024-5469,0,0,0593227e51e97383649ced684c68d7aaf013a250af5a8e55d4376628432995 CVE-2024-5470,0,0,b70339f8a022f56de8d4eb030bd8f5d3563ba0fc9c1634fd55ea697aee92ede9,2024-11-21T09:47:44.787000 CVE-2024-5471,0,0,631b7a50303d6f9a193814092037f29379ca6ca2282e0b67207306f8abcc9ba4,2024-11-21T09:47:44.903000 CVE-2024-5472,0,0,5e12957cd076edb077638ab18db3a7202837e8fd64948bba00e3365a85b54117,2024-11-21T09:47:45.027000 -CVE-2024-54724,0,0,c0f98e987154c550545f744e0a810dc344baf54de510016645ab4b226bb63a3c,2025-01-09T20:15:38.863000 +CVE-2024-54724,0,1,ba745a806f7adf5ec3f012771244838e01c7aa8ab9a8bb0162dc83573ba19f7a,2025-01-21T16:15:13.583000 CVE-2024-5473,0,0,fdd6160c6121db618882f16bfc9c17f8c3a2501715cb9519638ef5a1fcd2441d,2024-11-21T09:47:45.190000 CVE-2024-54730,0,0,1f5b2039ec78df882c8a067f1f2e14a50bc9fc3855df85b8baefb9b0165aa937,2025-01-16T16:15:31.407000 CVE-2024-54731,0,0,acd86fbebdd274bead6535bf83cf37467581b483235e177fd7e87a697a25d37c,2025-01-08T05:15:11.810000 @@ -272765,6 +272778,7 @@ CVE-2024-56273,0,0,f3b339a750cf26c8f041bfebab629309f499d098dce492405c144e6fabc53 CVE-2024-56274,0,0,46dfc2899337e1c799d2cccc8e16e1704e1f7d8e3aa091b747fa7acd8e7f8465,2025-01-07T11:15:08.960000 CVE-2024-56275,0,0,9300415b3d7dfdb21e4bcf98e6b049d2270278d0318cd78cd0580d5bb4fa3aff,2025-01-07T11:15:09.130000 CVE-2024-56276,0,0,00f6b9e0227c33f5e8b70946c15e191837645d3c728e7697707e4b3163250bbd,2025-01-07T11:15:09.293000 +CVE-2024-56277,1,1,2e998490e9ffec0a7b2a36877ee380083c55ff607a9a9a755baaa2dcdf6aabc0,2025-01-21T14:15:09.593000 CVE-2024-56278,0,0,7b39d950ef51de16ae31685f069f6c6d113d1e47d70ded5845406aa9152618e9,2025-01-07T11:15:09.460000 CVE-2024-56279,0,0,b9950fa6d62ea9e65991aa518c54819f9abe48771ec7badc646331c83db213d0,2025-01-07T11:15:09.633000 CVE-2024-5628,0,0,755412ba03c7f502c54c635c9705b96a4154da09bb9bfca64f93d1d41d08cf6a,2024-09-26T15:14:26.547000 @@ -273224,6 +273238,9 @@ CVE-2024-5696,0,0,9ae6c44d348ef9d24ec8ca5439b37c50da2ca251572759d1d18bb2a62c7efe CVE-2024-5697,0,0,b7a4dc6c87306b1faedc3f85852add4556913bfcdad208dc9ec44ed1d967aaa8,2024-11-21T09:48:11.493000 CVE-2024-5698,0,0,f82f3ede8f3a0f37db39e7c1594784573d509729718d4233e67322de0394663b,2024-11-21T09:48:11.610000 CVE-2024-5699,0,0,1f6b745154d0c66e136c94c9cf6848fa0ef03de7ad43314ef7aabc398131e7bc,2024-11-21T09:48:11.727000 +CVE-2024-56990,1,1,5992e3c54fb722255aa3c3615bc37d6b52e525e4fe4a97af0ed7e1a420105c20,2025-01-21T16:15:13.947000 +CVE-2024-56997,1,1,bc66de72c9c569d9adacd27f0a43bdead413291c649781006f5a6d1a86f77dfb,2025-01-21T15:15:13.343000 +CVE-2024-56998,1,1,51fcef74fc529060259311fb91e32a413878e75c0b10455277caa3a99353ff58,2025-01-21T15:15:13.467000 CVE-2024-5700,0,0,03b60b2b2d02d40bfad068e0335a335857a618ee5b010c631028ca7b55a329d1,2024-11-21T09:48:11.903000 CVE-2024-5701,0,0,9915dfee3e359182f9adc135791d10f705664babe0d2fafe943bf47d66747252,2024-11-21T09:48:12.093000 CVE-2024-57011,0,0,e423cf8108eeaccf1a4a6a564034672c57143be7df30237f44f891951f76e1ce,2025-01-16T15:15:13.873000 @@ -273249,6 +273266,7 @@ CVE-2024-57032,0,0,f0c8cdf6b3c394b5e47d51ddbb69c4bd9b1af03bcc3de3e6a67be5cab57d5 CVE-2024-57033,0,0,6fc47549a06b46925031c839aeeb554403f3e3a332a3da55b165b2b40d57fd82,2025-01-17T21:15:09.980000 CVE-2024-57034,0,0,50df6e932372fb174fa2655a86da7a03168323e2cde159cbd71ecb63a50e56dc,2025-01-17T20:15:29.020000 CVE-2024-57035,0,0,052d5b092622afaf4ea0e57f5cee5a1ab42123cd321a83f80b5763b5f382972d,2025-01-17T21:15:10.100000 +CVE-2024-57036,1,1,3a425a52d7d12c5a0f18067d93edc2459610041510f5c755af20fa9200d1b9b6,2025-01-21T16:15:14.143000 CVE-2024-5704,0,0,cbccfff62486c3c4f34573a6ffedc788349c4048d54ed4b150463209e5b954e3,2024-11-21T09:48:12.583000 CVE-2024-5708,0,0,f68252af81d3d9fd48c33f6db887b706921f7e4e9ec883679703f59930376646,2024-08-06T16:30:24.547000 CVE-2024-5709,0,0,9e7f02d16313ead7a68864ca2ed2dc29106d9085227941350b2847c3e4c2a85b,2024-08-06T16:30:24.547000 @@ -273535,15 +273553,23 @@ CVE-2024-57927,0,0,0b956e6350555e8b5ea2acdf79ef7cfb9a66dd16a7df89342f758d8803aa3 CVE-2024-57928,0,0,4412ceae5c4967ccbde2b773167aa35d2d70c86f93eb985ffd79716abee92366,2025-01-19T12:15:26.903000 CVE-2024-57929,0,0,998c6814446dca86d10a4c87d5f49a55ef224c41c354b657152b370890f7274a,2025-01-19T12:15:27.013000 CVE-2024-5793,0,0,0b18df4d2dde9f10f63097b806cad3cc9d51ae7c2ac550a36fec1a23c0e391bb,2024-11-21T09:48:20.673000 -CVE-2024-57930,1,1,28e6c7167ba130e9d2bb9fe716fd2e8f5146a8dadd573fe902b0a9d90eb763d3,2025-01-21T12:15:26.600000 -CVE-2024-57931,1,1,ef8b598f8ddd4428ab096ad25ca71fe2ac1458c1a2d30e4ee4df724312f40f52,2025-01-21T12:15:26.713000 -CVE-2024-57932,1,1,688bc5a581e562ea6a34243ed22eb114551e0d55b007f2c57ecd88c71662dd16,2025-01-21T12:15:26.837000 -CVE-2024-57933,1,1,a5f09101c1f266dd013e3ec124d1c1801c0703b5babe99bf295e942e95532e21,2025-01-21T12:15:26.947000 -CVE-2024-57934,1,1,43034e503550b569256632c4502d946f08931a3530bd54d0ff9ea3c30d627029,2025-01-21T12:15:27.047000 -CVE-2024-57935,1,1,e6daeb99554ae407cceaff9066c461bc5bc63d681f5adb174db5d16d19702a15,2025-01-21T12:15:27.153000 -CVE-2024-57936,1,1,417d6b45a5c6544407230a177f750b81a6fb6c38ea6d13678499dd9c742ed051,2025-01-21T12:15:27.257000 -CVE-2024-57937,1,1,03a617ee4ad0e6f08a572fb737e71c79db0c97a6263c69fc32916d1331b02bf3,2025-01-21T12:15:27.360000 -CVE-2024-57938,1,1,77ff62e982dad7ae42785578957ddb550a937967229142e5b9667c5d344b85c0,2025-01-21T12:15:27.463000 +CVE-2024-57930,0,0,28e6c7167ba130e9d2bb9fe716fd2e8f5146a8dadd573fe902b0a9d90eb763d3,2025-01-21T12:15:26.600000 +CVE-2024-57931,0,0,ef8b598f8ddd4428ab096ad25ca71fe2ac1458c1a2d30e4ee4df724312f40f52,2025-01-21T12:15:26.713000 +CVE-2024-57932,0,0,688bc5a581e562ea6a34243ed22eb114551e0d55b007f2c57ecd88c71662dd16,2025-01-21T12:15:26.837000 +CVE-2024-57933,0,0,a5f09101c1f266dd013e3ec124d1c1801c0703b5babe99bf295e942e95532e21,2025-01-21T12:15:26.947000 +CVE-2024-57934,0,0,43034e503550b569256632c4502d946f08931a3530bd54d0ff9ea3c30d627029,2025-01-21T12:15:27.047000 +CVE-2024-57935,0,0,e6daeb99554ae407cceaff9066c461bc5bc63d681f5adb174db5d16d19702a15,2025-01-21T12:15:27.153000 +CVE-2024-57936,0,0,417d6b45a5c6544407230a177f750b81a6fb6c38ea6d13678499dd9c742ed051,2025-01-21T12:15:27.257000 +CVE-2024-57937,0,0,03a617ee4ad0e6f08a572fb737e71c79db0c97a6263c69fc32916d1331b02bf3,2025-01-21T12:15:27.360000 +CVE-2024-57938,0,0,77ff62e982dad7ae42785578957ddb550a937967229142e5b9667c5d344b85c0,2025-01-21T12:15:27.463000 +CVE-2024-57939,1,1,d2414769f2e217c395dc0f8aa10fa264b19bc4c515c6ed730880adaf71b9e812,2025-01-21T13:15:07.903000 +CVE-2024-57940,1,1,0e01baa746fce3bed4ce967c293e4b2f4cc181fdcc444d5ee628bbc2a308ac51,2025-01-21T13:15:08.540000 +CVE-2024-57941,1,1,7f374a575eccdb21ec7f9d09d0a4e62f6384f134349957689e6f5a5cb2bb715c,2025-01-21T13:15:08.640000 +CVE-2024-57942,1,1,e3741427d2b6e1a9f599b350dcdf4410a474f8e8c65342410e7099c356758a40,2025-01-21T13:15:08.743000 +CVE-2024-57943,1,1,dc7e0684b8377f15667d88e1273c5a5004a8c0a280d7d1767bad721d5d8df413,2025-01-21T13:15:08.837000 +CVE-2024-57944,1,1,a3fcd42d083db6bab7b5028a1d8882e96b47abf1ad6fd180dc7c0eddbe270b5f,2025-01-21T13:15:08.937000 +CVE-2024-57945,1,1,8e35c260271a7d05a4130bce464cd053ddcd7430dc8ad698dc9980a797cf9881,2025-01-21T13:15:09.033000 +CVE-2024-57946,1,1,c7f36f65d43623d48215412aac78ff97bd2f343757e90cf928c2a23f40930377,2025-01-21T13:15:09.137000 CVE-2024-5795,0,0,8c27870eb8f46b4876cdd6a9335698b3a6adeccd1af066b5f5391281ef70b349,2024-11-21T09:48:20.780000 CVE-2024-5796,0,0,10c3848976491ca5eeb295d89b1679f80388276c56109509ef1777f493022afe,2024-11-21T09:48:20.910000 CVE-2024-5798,0,0,1cf6b5fddcb53bc6e432a6a3428f56651407d96c3d029c184944ae69fb8dd23b,2024-11-21T09:48:21.013000 @@ -274929,7 +274955,7 @@ CVE-2024-7340,0,0,afceb6b3fac1138f8cb83e0f415cec5ebdcab90ac887ac6cc7416d04596c33 CVE-2024-7341,0,0,9879605967e8521e630e3508fca649ab0616466777cf91cc4c4478c8d606e537,2024-10-04T12:48:43.523000 CVE-2024-7342,0,0,bbab372366d62b7492fd885c0fd46da4598051b512f5991327f8cfce46915879,2024-08-15T18:40:22.537000 CVE-2024-7343,0,0,7f2632b50e9d4a4da19cdb31448eaac6640ad60d85ef9c956fde33f5c8956343,2024-08-15T18:40:52.707000 -CVE-2024-7344,0,0,6e89fe528ece035b816725b548e48b0d8f9556a8f8d863b30b3219ee4de11fd2,2025-01-14T17:15:20.383000 +CVE-2024-7344,0,1,17598e5c64e13b51b9b6e38ba469a9d12e6cdb412dc106fdd4d2f3352c2e129d,2025-01-21T16:50:20.583000 CVE-2024-7345,0,0,7689b50cbee63ee18ebf904fc91903644247462e42f3178c6191ec55402d6f73,2024-09-05T14:11:00.493000 CVE-2024-7346,0,0,25638c7d38cc54d22ba7fca216c7c1e04ae0c03279aa3b42c264161ca8172985,2024-09-05T14:03:24.040000 CVE-2024-7347,0,0,80bd78827e01668f2a8f57d07d33f259d2d173eeee58a99344a8fc6ac7d3aeb8,2024-11-21T09:51:20.560000 @@ -277255,6 +277281,7 @@ CVE-2025-0355,0,0,60139aab38184d5553deea3c96ee67451ff405f2b0f65acb32b8c01c915868 CVE-2025-0356,0,0,00c4e703b995e5d2c2e4f165848b6efa20e85198e0b810bdb74efa5802e75a40,2025-01-21T04:15:07.980000 CVE-2025-0369,0,0,60e0263b7bdd9bb8b2fbff594a1f912ed9cb257670ae53622ab1064bad30f4a5,2025-01-18T07:15:09.720000 CVE-2025-0371,0,0,5204757392b802de2ea741b3e076d05df7ac5ea75604db8718cee7d5330989cb,2025-01-21T09:15:07.747000 +CVE-2025-0377,1,1,aa55b8120230ab743cc2893b218f537bed059fac30bd283d6a35143ffcd50fcc,2025-01-21T16:15:14.290000 CVE-2025-0390,0,0,a9cacf0ddfe16d7ce6aba119743e725f69b4f5561bb60e372a0dcb6744d412ca,2025-01-11T08:15:26.527000 CVE-2025-0391,0,0,ab8f7905746a492810fe86765faefb1fff997fc4d75bb4be776d20c58a35599f,2025-01-11T09:15:05.937000 CVE-2025-0392,0,0,59785954f613ac3d294944412df9ed2ed102ba9c9ed7f965ef5916a645263c65,2025-01-11T11:15:06.657000 @@ -277290,7 +277317,7 @@ CVE-2025-0443,0,0,c1909e796cb00e8de6a9a5854d80254cec51da86d4853de7e67dd141d38121 CVE-2025-0446,0,0,94e6a4f8238ac08191b1b1193dfc6ed660ba2c81f2654a86993face2b3a1da98,2025-01-15T15:15:15.960000 CVE-2025-0447,0,0,3557744a211333232e7804efa6ea8142b021fe0e2643e57c3966ef0e6eae106e,2025-01-15T15:15:16.123000 CVE-2025-0448,0,0,fd891759faceb30544c1e8bca8f73da87c02e801462e8b0ca59fcc1cdae9bb12,2025-01-15T15:15:16.277000 -CVE-2025-0450,1,1,72a68fd04846059d252f15073dbabd133ee3ab883fab4b780450285039285c87,2025-01-21T11:15:10.593000 +CVE-2025-0450,0,0,72a68fd04846059d252f15073dbabd133ee3ab883fab4b780450285039285c87,2025-01-21T11:15:10.593000 CVE-2025-0455,0,0,0788a35b7031b1503942329db48de69d2dae6db6b33ff6b776c7fa5eff813a90,2025-01-16T02:15:27.203000 CVE-2025-0456,0,0,c3118eb6282d0d2d5cf0b0b18ba4321a7c4ee4642eefb293f75da78a6b102328,2025-01-16T02:15:27.387000 CVE-2025-0457,0,0,6c68c67055a4f977d01fcaec54af3a741663b7ba3a654f25dcda2d901b15c7c0,2025-01-16T02:15:27.553000 @@ -277331,7 +277358,7 @@ CVE-2025-0528,0,0,a15c2aaa54c0d6dda4ceb20cf00f64dbe2db0fc4448eba47d2af25047a4d86 CVE-2025-0529,0,0,69e90ad7e3f6788572850afb1656942815d90ae34b98fce961e18202b13be561,2025-01-17T15:15:12.670000 CVE-2025-0530,0,0,e5a25d489129220890dc2444b8dbc044679c369120b99e93eb7cc0e0c586681e,2025-01-17T16:15:33.937000 CVE-2025-0531,0,0,70772c7ab6e128acaeccb2025ef3d3d40ee700c16af0c59c4844f2cb87966cbf,2025-01-17T16:15:34.250000 -CVE-2025-0532,0,0,4d92732b352395641e27304ba949a5d746e81750f3574c04f91dc679f65ac49d,2025-01-17T18:15:31.237000 +CVE-2025-0532,0,1,57b53e96da2412756b4fef80266712dadfdebfb11647f2c711ae8c21db4e262f,2025-01-21T16:15:14.560000 CVE-2025-0533,0,0,7f9d32a2b8498bdcb13287d845ecf92659d969c766d3960e43e297ee75f74856,2025-01-17T21:15:10.487000 CVE-2025-0534,0,0,aa1feda9d93d553c893a821acdcd6e6031ddccdc91780da53a73a7286a0a0e2d,2025-01-17T21:15:10.650000 CVE-2025-0535,0,0,23267893be9929c36dee9ccdb2851027f260f2b1e068a3125e11e636a590092d,2025-01-17T19:15:28.990000 @@ -277363,9 +277390,9 @@ CVE-2025-0583,0,0,8ed8078758003cecf37178786f4bd906ad77d831a470114523ae1b97531b87 CVE-2025-0584,0,0,37edd7443b159fd364fe1f94f606e27d6a33e0c9083f38da0f466f56b50d0a54,2025-01-20T03:15:09.120000 CVE-2025-0585,0,0,da99d05fd55072bf46a920856a2fb4b6ebf8e817a63e5b48426e8c31494a0fa3,2025-01-20T03:15:09.283000 CVE-2025-0586,0,0,abf0a06c875b8bd5421f2c6f6ef5b8719d6ca1dacc61f1270de8b585f4b2e6ab,2025-01-20T03:15:09.433000 -CVE-2025-0590,0,0,ec6ed4b059a1df3da99443ca46730b85e5006c3028b17625361be7e7854142f6,2025-01-20T07:17:10.383000 -CVE-2025-0614,1,1,c85e5b141df45983a9b8023744afed1074e3155c77698a4efcba3b1933f20f8e,2025-01-21T12:15:27.580000 -CVE-2025-0615,1,1,24948b17ddad86445a37019481e808c754a1ff5ca4b2da53c27f9618c73c00c8,2025-01-21T12:15:27.737000 +CVE-2025-0590,0,1,c554cb9a0bdc14b97d65dbcaf6b8f0519615dcf5380f9d8d26f0b94a792fad9b,2025-01-21T15:15:14.117000 +CVE-2025-0614,0,0,c85e5b141df45983a9b8023744afed1074e3155c77698a4efcba3b1933f20f8e,2025-01-21T12:15:27.580000 +CVE-2025-0615,0,0,24948b17ddad86445a37019481e808c754a1ff5ca4b2da53c27f9618c73c00c8,2025-01-21T12:15:27.737000 CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000 CVE-2025-20033,0,0,6c60c85e451f1d6db70378d678ddf83dacc7c823ecfb493748ed6d94114eff49,2025-01-09T07:15:28.450000 CVE-2025-20036,0,0,a1d7639f0e568c5953a2962f5a2be630b5737d729f8c4f565a3eec7e4bf19549,2025-01-15T17:15:18.950000 @@ -277613,8 +277640,17 @@ CVE-2025-21650,0,0,8999d80331f22604edddfd75667fe17eab77150206057afd0258b361cf1da CVE-2025-21651,0,0,08b0d285d803ce14ca95c51ff0bb6822af7a1dfa543a30bb044ccb678d352dfa,2025-01-19T11:15:10.733000 CVE-2025-21652,0,0,781ce4cdff4e60cfb6f8b0eb373b8634b7b2c8bf54de4c678c30aac3d57ceb30,2025-01-19T11:15:10.830000 CVE-2025-21653,0,0,f32ca4f34b7bccc36e5debfdf592df2ad87aa1a93c5b7257a97a73e494c6108b,2025-01-19T11:15:10.940000 -CVE-2025-21654,0,1,387bd74314e19ea277d2aa993508db4a58606a45347df382e4b9016f897da6e3,2025-01-21T11:15:10.777000 +CVE-2025-21654,0,0,387bd74314e19ea277d2aa993508db4a58606a45347df382e4b9016f897da6e3,2025-01-21T11:15:10.777000 CVE-2025-21655,0,0,e5a98c6155ef95beaa77c8f70c04ef1a52b9c9b57ffc8aa737b1a8a15dabbd07,2025-01-20T14:15:27.027000 +CVE-2025-21656,1,1,e08de214fec57f5455004c22ab31652820945256042ce332af5f60bc4ee6b0eb,2025-01-21T13:15:09.240000 +CVE-2025-21657,1,1,58d21ab8ed420cad449dc9439925bd7a4bd93e784737aa1340191a73104f8bd9,2025-01-21T13:15:09.340000 +CVE-2025-21658,1,1,8babbbbac3d385399fe3216e7e9f8d2b589dc26889553dc348541dfe8a605fc2,2025-01-21T13:15:09.437000 +CVE-2025-21659,1,1,a1f4b697b66bab7b57666583da4fd3952bef7152142aae1d092214b71dd2eee4,2025-01-21T13:15:09.540000 +CVE-2025-21660,1,1,e8f48b67279b891fc134ba898fd31eb80bfc20852a82499d9e449abaf5daac6f,2025-01-21T13:15:09.643000 +CVE-2025-21661,1,1,e7b9e2e7e2e401ac2c3dd32c6ea5cfa7c3b00783dd71307395f255d241abd981,2025-01-21T13:15:09.747000 +CVE-2025-21662,1,1,af41abcf1f68bf0a5776b43dc9340073ad23b72bd3cee8298571e5e177588445,2025-01-21T13:15:09.847000 +CVE-2025-21663,1,1,b110f6094189cee8dc4774826cab090ea4bec63376a8653946f922277d4b8355,2025-01-21T13:15:09.947000 +CVE-2025-21664,1,1,0e8aa88ab677e2acaf08f0fde0cd72d8ece9570a8cbefbf611da69d0a9639f57,2025-01-21T13:15:10.053000 CVE-2025-22130,0,0,a71c51c8237898c4394724aa5ef423b90094196082b564075e1f1cf6c2992343,2025-01-08T16:15:38.543000 CVE-2025-22131,0,0,8a8cd24dd50518945167d9268c0c244cc17a87d8ffed5574dca8152c7cdb7333,2025-01-20T16:15:27.880000 CVE-2025-22132,0,0,92f694afc6ce174171da36824da367c743ab8d73a418a3347309264d0570fa9a,2025-01-07T22:15:31.590000 @@ -277637,6 +277673,7 @@ CVE-2025-22152,0,0,089f04aace28abfa88265f6c9c2782b5476de8a0e353916617123187c142e CVE-2025-22214,0,0,9f9cbba758088c6fe54f3b7aba457fa8b68f7e0bf397744585451dc526c7cea3,2025-01-02T04:15:06.277000 CVE-2025-22215,0,0,e26e39627ebf88fc4492196348e13c55563ef72a3b7150347ad788f5576b3be6,2025-01-08T15:15:21.927000 CVE-2025-22261,0,0,33a310cbc7efb685d95693f6e008875a8290fc5f9c6bce0cde03f1c0742bf7b7,2025-01-07T11:15:13.290000 +CVE-2025-22262,1,1,d8ccc2867d2eece6059c27bd9ae3cb203a5caec3d70efe08069887af39a96863,2025-01-21T14:15:09.757000 CVE-2025-22275,0,0,dc0905974c721b278910237158fbbf2db7a66a5bd4b529c9d9744ba0c53260f3,2025-01-03T07:15:25.297000 CVE-2025-22293,0,0,0fb85e30408666f4049ff5e391f5eb0edea1a607b8157160cd5e0e00489520e9,2025-01-07T11:15:13.473000 CVE-2025-22294,0,0,fd3c530f54ed4c49be0865300ce0d8ca3b1fb9d97860cd5c24499f717ff48c10,2025-01-07T16:15:41.137000 @@ -277656,15 +277693,18 @@ CVE-2025-22307,0,0,551dc24072f38079ff7384f32ecad5baae3d2cc5e837d9af57fca3b9f480f CVE-2025-22308,0,0,9a6d70724a98274c9d996d44a4871290056075b233769a030b30dce33c596be8,2025-01-07T11:15:15.043000 CVE-2025-22309,0,0,41a5649d9f063abc40e2323ec834921c50bb20c7c3f52cc1cbc06eac9caf5064,2025-01-07T11:15:15.190000 CVE-2025-22310,0,0,01093bca114875827fdf0ce9f05a34c343d3d135e32d6b40cbb65ecb6d8c931c,2025-01-07T11:15:15.320000 +CVE-2025-22311,1,1,2bc394bd63cb993ac7ac9d5fcf5aabc46ee774d114462a2204464296891c6b55,2025-01-21T14:15:09.930000 CVE-2025-22312,0,0,a7bf6287b60e0e496be523a78cca84a7ead7f5ce4262b249df941bdb26960569,2025-01-07T11:15:15.480000 CVE-2025-22313,0,0,5a053d272a7f80827a28d46605edf286de3cc07b2584d481167046830126dd01,2025-01-09T16:16:25.653000 CVE-2025-22314,0,0,b9054b96be0754de8c0a6cb596862922b24d4794887f456f87dfd0bb880d2088,2025-01-13T14:15:10.270000 CVE-2025-22315,0,0,a72855198b7b6c3f24eb2b601132daa754b13da0204b23fceae9c014a71d07ff,2025-01-07T11:15:15.627000 CVE-2025-22316,0,0,0ceb4f4ab42a49cc2d5309a5f4d9e71fec0d3cc6da31bc7e448e3f3e1c046b45,2025-01-07T11:15:15.763000 CVE-2025-22317,0,0,8c2b42f24e2f8faacd2e0bb645d3a6edfbe8586f973836795d4b0c5487694c1f,2025-01-15T16:15:34.590000 +CVE-2025-22318,1,1,f063a354a3af64ad69ba5adabe338b615a5b0efb66cf8aa090ca318bc54c685a,2025-01-21T14:15:10.110000 CVE-2025-22319,0,0,e55624a930eb59e1a8b1dc4193cc8bdb767b79f4292003f9b671325f24154163,2025-01-07T17:15:32.810000 CVE-2025-22320,0,0,4a18a096a3e3278530b059a94ed0df6bda5c51f5655f0d9ec304e5a12141712d,2025-01-07T11:15:15.910000 CVE-2025-22321,0,0,c3ec78a4d8f363a8d35d3ed77c77053a584db7552a50bacc2a189071deec2efa,2025-01-07T11:15:16.073000 +CVE-2025-22322,1,1,12cf49a1d6804eb6c7f1da7881f2a8b165adb8e799c25bc5b0779faf5510680f,2025-01-21T14:15:10.280000 CVE-2025-22323,0,0,dd17003bb8a99baf8d21124b28c9848ef4bfbc6ba2dd60dd9c6ef0cb160adaa0,2025-01-07T11:15:16.297000 CVE-2025-22324,0,0,94c175f2b1ba86cf0c93b127564efaedfd44eaca3605ff24fcb7ab34e8e5268b,2025-01-07T11:15:16.437000 CVE-2025-22325,0,0,0d9564c3b7a61f07790f6bed4b2e22bb71ad52f4f54ab2a6e38cb0f92019a94b,2025-01-07T11:15:16.577000 @@ -277766,6 +277806,7 @@ CVE-2025-22549,0,0,2243b6eb8b296a608ea92af5e6385fdfc51b0684defe423e7779f8841f4c7 CVE-2025-22550,0,0,c9d757299ac608d3147eef8746a3a208a3edcf2333ca75bfc67dae5f69ae7a41,2025-01-07T16:15:50.960000 CVE-2025-22551,0,0,90112bb3c1110b8bbd32a85a1d9436643d5a83f07e10c0edcdb8cef72cc525d6,2025-01-07T16:15:51.127000 CVE-2025-22552,0,0,7e6657b0ee10386c62eaca5d65f3efd565d121c7415d032cef63bab59b1fea4a,2025-01-07T16:15:51.277000 +CVE-2025-22553,1,1,8354bbe8e84c7a9d4ff07b34e3cb75563183ea8bdbcd4de8a13acef22522dd53,2025-01-21T14:15:10.453000 CVE-2025-22554,0,0,bc14b75df4f6685e0e581ea026025de4daa6d4152c025c7d9f4666d66a4ca83a,2025-01-07T16:15:51.443000 CVE-2025-22555,0,0,ab5a543fc1826d9589dcc803970816b6726fc2ce1611621c5784a44278aa42b5,2025-01-07T16:15:51.627000 CVE-2025-22556,0,0,f3cc43d325236fd9c575f3da67d40762351c570124715d10a2e765d3fbe70747,2025-01-07T16:15:51.780000 @@ -277818,10 +277859,23 @@ CVE-2025-22618,0,0,ad61907d0f72e0ce3f21a94e69cc540d7b1cd780e0ad571607d65d3ecdbef CVE-2025-22619,0,0,13eaf69e13cd48ca237219c7a91847c694b4162a944b2e77691398b837195a0e,2025-01-13T21:15:15.620000 CVE-2025-22620,0,0,b424599915f35c2fa1cfc2f2427cf97e6219f2288b3d20f0f209cfe60564c6b8,2025-01-20T16:15:28.017000 CVE-2025-22621,0,0,6ff4aa50f3e07d892cb8ed858e238d42c832836da0723e6a77be4111c28ff27e,2025-01-15T17:15:20.810000 +CVE-2025-22706,1,1,bc11dd8300fc9a1be057709c8708e0e041b4e417c20205c24efb0ea69edc1d58,2025-01-21T14:15:10.640000 +CVE-2025-22709,1,1,c54d9dbd302c913fb0743bf511cad5ad5a1dffe36272d2f86b1ac8a0a529b722,2025-01-21T14:15:10.823000 +CVE-2025-22710,1,1,73c74c7b239c0913fe817302cba21d49f84b5b48b95d3d454e6c7e924f338bbd,2025-01-21T14:15:11 +CVE-2025-22711,1,1,b28d30dfcba4cba3ac47bffafee2cc1992b26d1437b4c78d644811b078b7cdbe,2025-01-21T14:15:11.173000 +CVE-2025-22716,1,1,f1763355086f640ef4b0c36d979f57d56b5690cafdae40925c2307c942199ed7,2025-01-21T14:15:11.343000 +CVE-2025-22717,1,1,37113c70c6b5e058145e4811f203ffe7d51a6be986a8a6c940c5784d5eb314fc,2025-01-21T14:15:11.527000 +CVE-2025-22718,1,1,f2f835c36b414fe513df89c42ea4829f0121edbfa7fb2040f1b7deb3cf948664,2025-01-21T14:15:11.697000 +CVE-2025-22719,1,1,47c0e00bad898207737324c6047fde538471ce4b62385cc9803296f6d2f31b53,2025-01-21T14:15:11.860000 +CVE-2025-22723,1,1,86c74807dd9f1832d2e111dae25fd604cafd227762343bdb5a03c1dc4e311c5c,2025-01-21T14:15:12.017000 CVE-2025-22724,0,0,4b71697c4166f64157fa259051322142853491130762e53a926cbeb456975423,2025-01-15T16:15:35.250000 +CVE-2025-22727,1,1,ef16073f6178f1c1f75d3989c28f1f49ffea000432f590e6689a327d4ab9d12a,2025-01-21T14:15:12.173000 CVE-2025-22729,0,0,b385c13a23a149f64df46d7196231b40966fb99b0f0f2a85978036f7c5cdb1e2,2025-01-15T16:15:35.400000 CVE-2025-22731,0,0,591ca873395a60ee615f6aa95897c12d402f7661783a3bda5439845de448c196,2025-01-15T16:15:35.550000 +CVE-2025-22732,1,1,5aab57ac4fdefa24c0ebcac172f9827ae68e840796b5e42ad0fd4205f5ea4f99,2025-01-21T14:15:12.387000 +CVE-2025-22733,1,1,e3f1cafbf03fb104a99ecdfd988e51ebc6ffd560c7df0e36746cda56ead5af8e,2025-01-21T14:15:12.570000 CVE-2025-22734,0,0,ebb588399299ed7786c13a4d873d6a5e5a3c44188d8c165fdc0198076e15c29b,2025-01-15T16:15:35.703000 +CVE-2025-22735,1,1,082a0173e4b90ff7b5ff31fc811175174c408d506cd45232022fe4c91f72c36e,2025-01-21T14:15:12.737000 CVE-2025-22736,0,0,0f002f9c72e82e1a6604d70abaa51b2bc570bcdd5574d8a2c1f2e2cb9ae96bef,2025-01-15T16:15:35.877000 CVE-2025-22737,0,0,d993d76148f4207aebc67a18a146e07d4f4f3ca83cc7e5580153e5155464b350,2025-01-15T16:15:36.030000 CVE-2025-22738,0,0,edb589b683f4ed743fa5b90fa486af301e0f80b88774faf71aed08aa4a667bf8,2025-01-15T16:15:36.187000 @@ -277844,6 +277898,7 @@ CVE-2025-22759,0,0,9fd34399fa1530c21c9cfdecd9f53c69ec53b7cabdae01a2ee26417453f72 CVE-2025-22760,0,0,ceaff3b523ed1ab68ca9afc6e8dcc1721a356d85b9c6dbcc0d6dd64777fa93b0,2025-01-15T16:15:38.890000 CVE-2025-22761,0,0,1f457b8943bcdd333039377fe4c764bd2dfdb88365d9eefe6cccfdb7a18f652c,2025-01-15T16:15:39.053000 CVE-2025-22762,0,0,9c306109b16ba65d05e7076b45fa1179d0a359bb35d83cde3f7d3c02ff96f6bc,2025-01-15T16:15:39.227000 +CVE-2025-22763,1,1,3e85a52e82c035116a3ac3d410f3ab9700da1a1bd216374d985e1defc38ad3ad,2025-01-21T14:15:12.900000 CVE-2025-22764,0,0,bb4ba9e4fde2400f152116cd1aad7bbbdbb7d640219a8e01ca47cc112eba4fd3,2025-01-15T16:15:39.373000 CVE-2025-22765,0,0,05da1bdc9e7167edf5387de0586b61a1995a9741b623487d7015cbf79f0a61e1,2025-01-15T16:15:39.543000 CVE-2025-22766,0,0,343e87bbd358f52869bf43f77788e51e9a96e6bce59424af557599ac7a821c7c,2025-01-15T16:15:39.700000 @@ -277890,6 +277945,7 @@ CVE-2025-22821,0,0,aced97d1793e12e4f3cb4f90fa755ca4493ae0ec26fa69f38788bd73221f2 CVE-2025-22822,0,0,d5f87ffa31bc6be641104ef549aaeae7fc45b8348e2495ffb2fb8e5af7e7f9a7,2025-01-09T16:16:32.557000 CVE-2025-22823,0,0,16e8a59cbcc2bfc06c602dd1c4fa5e368ef951a41870f5a6e53ff24ecf09b103,2025-01-09T16:16:32.717000 CVE-2025-22824,0,0,fb201e5b5828770ff11d00a29d3f8e00f0da01f397b44ffb8e7c8ad29623f7e1,2025-01-09T16:16:32.893000 +CVE-2025-22825,1,1,2013e425d6984c95a3fbae46f7b021738bd9abdb28cbdb820d9a16f5e5159903,2025-01-21T14:15:13.060000 CVE-2025-22826,0,0,36b6e140cfbfa94ee1e1f9414c9bba12f6b84f8e81d4c4eb37d1cc60556b529d,2025-01-09T16:16:33.047000 CVE-2025-22827,0,0,3baed988c384781b752e63a63aac2d02b4618a6f769d736ff71142b8ba1a8f98,2025-01-09T16:16:33.200000 CVE-2025-22828,0,0,327d4fbb4775debb7974f74b72faad2a6d9350ed385605b18892cfc7691fc3c9,2025-01-13T19:15:11.373000 @@ -277943,7 +277999,7 @@ CVE-2025-23079,0,0,78406696c95877d502c4c9b4607328548f20c8246eeff924786f7d9228881 CVE-2025-23080,0,0,165d07f7f3ac467de5017c0ed6cba0e28a556747a1eb136b531ca8b1a8ca92c9,2025-01-14T18:16:06.110000 CVE-2025-23081,0,0,8e8adb61025ad816e7ca7d3f543c46c43aae9a6ff6f38d8ecfef81ad769cb146,2025-01-16T16:15:36.090000 CVE-2025-23082,0,0,04a4f0f7ff5458b7d3b3235d7001e50f9111979d3e99a4d703024d8cba8b9a7c,2025-01-14T16:15:36.200000 -CVE-2025-23086,0,0,c46aadd2b0703cb39e3c65b8503fe18a80fb58d59bee9cf6756aa65ff2294990,2025-01-21T05:15:07.960000 +CVE-2025-23086,0,1,dde492bd5a142c0b11b6f02556e1eca938bbf23f3754936e124d8d0a78e264d8,2025-01-21T15:15:14.833000 CVE-2025-23108,0,0,0867ae52bf9537919e00df206497183b5abf45a3a43e56579f476cc3d26e8d6c,2025-01-13T18:15:22.680000 CVE-2025-23109,0,0,4d519c5c41161d21ebd8f814ea3659acc2224a598528dd7d3e4c7b87a5ad8cc0,2025-01-13T18:15:22.903000 CVE-2025-23110,0,0,b9e32d20d7e6cf23b28c590dc2ad7f239b5186f27517cd303db97f7275b077fa,2025-01-10T22:15:27.550000 @@ -277967,9 +278023,9 @@ CVE-2025-23207,0,0,e5de4237889cfabf27065c43b82af396f478aa914ba2d9d161effc65eaba9 CVE-2025-23208,0,0,722b719f9dcffb0743a2a700fd962fc8d87ee9dd12d5c90b42efdfb8cdbc3a0a,2025-01-17T23:15:13.107000 CVE-2025-23209,0,0,b5f5728016cefcd5c65fac9ec6e4863e254ca00e3ac538f16ec17bdaa0bbd53c,2025-01-18T01:15:07.633000 CVE-2025-23214,0,0,8b7d5ac9bd9cd504a1c7e6ea93a409b3f56af5a24048b7bc7d936802dfa3bdd1,2025-01-20T18:15:14.127000 -CVE-2025-23218,0,0,28d73b6c3f1a9b69dad962779d9cd0dd6263fb9bfbe2e0f43d3382109cda6c58,2025-01-20T16:15:28.317000 -CVE-2025-23219,0,0,ab46bfb7b766c3eb69fcc34e41c9d0d769d264abc94950340efa3c1aeb90eccb,2025-01-20T16:15:28.460000 -CVE-2025-23220,0,0,d6d4d063dd220b3c99b0777255ec7370ec77f64b8cd756e65b5fa051f689f78d,2025-01-20T16:15:28.593000 +CVE-2025-23218,0,1,0d9a220919abe3a17ac7afcfc75e9654aeb452859503c7554f342466bfb432de,2025-01-21T15:15:15.053000 +CVE-2025-23219,0,1,7bfc816a66d36eeb8427d1e438890d0ae6033f069415e0175c799b53ab2c0b1e,2025-01-21T15:15:15.247000 +CVE-2025-23220,0,1,7594bd1f2d5770c36a55b5b9fd690b04bf7606bfe4b3acd2181f9cbade146b08,2025-01-21T15:15:15.430000 CVE-2025-23221,0,0,b9e220051865326d7bce5e6fa27b18637659ac0f27be03003737cde64e90648d,2025-01-20T17:15:07.987000 CVE-2025-23366,0,0,3312897ce94f2285a7d2a9ec8c23b065acb503e3b2f9a747e3e7ca809adbfbea,2025-01-14T18:16:06.290000 CVE-2025-23423,0,0,9f2a3a8c7b19b98ddcb037c2f429da3cdced4a5dd5f2091389a187de7a6bb398,2025-01-16T20:15:33.573000 @@ -278181,7 +278237,13 @@ CVE-2025-23961,0,0,36c0da688ed3e8548f86716b57ea278db435c869e71f4caf3f9de5e686946 CVE-2025-23962,0,0,38c72a66f748d246b44f5351bf9ff0f3b3815cc4926f227945695c33eaf96317,2025-01-16T21:15:37.730000 CVE-2025-23963,0,0,b25e75626ec56255a41425e6f3edd3e3aea1c19b7ee658d0d0b26b28ec1f0c5c,2025-01-16T21:15:37.873000 CVE-2025-23965,0,0,53fb1e10aaa7ebd57bd7f00633a90cd803f03e00b4bc8c44e50c428b42627500,2025-01-16T21:15:38.023000 +CVE-2025-23997,1,1,24391beabeac13aaabf73ec76c7bfade06e22f6f0a4bfa6ee1b706ec5c838819,2025-01-21T14:15:13.230000 +CVE-2025-23998,1,1,afcbc71c6708792fd11b4f592b59989e77a98412170ce416415393d1d58b28ba,2025-01-21T14:15:13.413000 +CVE-2025-24001,1,1,9bc88411f5af55c2bdf27b3fccf09d5e75987a6223d2ef54ae2afe451f25f694,2025-01-21T14:15:13.600000 CVE-2025-24010,0,0,b1ad142cb0e12a44fa76d1536c3ae8cc5dc1c93205ad3e19be582c3fc492507c,2025-01-20T16:15:28.730000 +CVE-2025-24011,1,1,ef3054eb586d4103c7d4f1579402cb29fc72ef24ed77713f16aac75c22474bc3,2025-01-21T16:15:14.760000 +CVE-2025-24012,1,1,f5bd79beea47c443f1575823562f00b43e56d457ba89704e5bb3624bcfbaf130,2025-01-21T16:15:14.923000 CVE-2025-24013,0,0,a013478a51520d1a805dca03a3a7f43a81c8ee1d4137efd7110dbaf0e05d94c6,2025-01-20T16:15:28.877000 CVE-2025-24014,0,0,0c972738e3babcd39492772e29e55637e9d570d75dd7fbfa964ee94a33114b3d,2025-01-21T03:15:06.393000 +CVE-2025-24017,1,1,07a18d59aebca9d021dc0eef0463ef3ab441ac4628b2932205916f645af55dda,2025-01-21T16:15:15.087000 CVE-2025-24337,0,0,07d30bbea6dfa209bcd4c6bc43756d477d6586721f50f7d7909041753d5deb68,2025-01-20T14:15:27.130000