admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-01-23T17:00:47.778731+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-01-23 17:04:13 +00:00
parent 38362fa67c
commit 0edb8fb471
164 changed files with 7471 additions and 681 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2016/CVE-2016-46xx/CVE-2016-4655.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-4655",
"sourceIdentifier": "product-security@apple.com",
"published": "2016-08-25T21:59:00.133",
"lastModified": "2024-11-21T02:52:42.610",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T16:52:57.547",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2016/CVE-2016-46xx/CVE-2016-4656.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-4656",
"sourceIdentifier": "product-security@apple.com",
"published": "2016-08-25T21:59:01.087",
"lastModified": "2024-11-21T02:52:42.787",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T16:53:19.107",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2016/CVE-2016-46xx/CVE-2016-4657.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-4657",
"sourceIdentifier": "product-security@apple.com",
"published": "2016-08-25T21:59:02.150",
"lastModified": "2024-11-21T02:52:42.907",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T16:53:23.263",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2016/CVE-2016-87xx/CVE-2016-8735.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-8735",
"sourceIdentifier": "security@apache.org",
"published": "2017-04-06T21:59:00.243",
"lastModified": "2024-11-21T02:59:57.203",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T15:29:15.380",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2017/CVE-2017-126xx/CVE-2017-12615.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-12615",
"sourceIdentifier": "security@apache.org",
"published": "2017-09-19T13:29:00.190",
"lastModified": "2024-11-21T03:09:53.973",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T15:34:44.007",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2017/CVE-2017-126xx/CVE-2017-12617.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-12617",
"sourceIdentifier": "security@apache.org",
"published": "2017-10-04T01:29:02.120",
"lastModified": "2024-11-21T03:09:54.273",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T15:34:58.623",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2017/CVE-2017-56xx/CVE-2017-5638.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-5638",
"sourceIdentifier": "security@apache.org",
"published": "2017-03-11T02:59:00.150",
"lastModified": "2024-11-21T03:28:04.340",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T15:28:58.827",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2017/CVE-2017-97xx/CVE-2017-9791.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-9791",
"sourceIdentifier": "security@apache.org",
"published": "2017-07-10T16:29:00.277",
"lastModified": "2024-11-21T03:36:51.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T15:29:25.123",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2017/CVE-2017-98xx/CVE-2017-9805.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-9805",
"sourceIdentifier": "security@apache.org",
"published": "2017-09-15T19:29:00.237",
"lastModified": "2024-11-21T03:36:53.557",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T15:34:40.910",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2018/CVE-2018-117xx/CVE-2018-11776.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-11776",
"sourceIdentifier": "security@apache.org",
"published": "2018-08-22T13:29:00.753",
"lastModified": "2024-11-21T03:44:00.740",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T15:36:33.293",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

10
CVE-2018/CVE-2018-43xx/CVE-2018-4344.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-4344",
"sourceIdentifier": "product-security@apple.com",
"published": "2019-04-03T18:29:09.173",
"lastModified": "2024-11-21T04:07:14.067",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T16:53:29.750",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,13 +16,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",

4
CVE-2018/CVE-2018-48xx/CVE-2018-4878.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-4878",
"sourceIdentifier": "psirt@adobe.com",
"published": "2018-02-06T21:29:00.347",
"lastModified": "2024-11-21T04:07:37.703",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T15:36:18.867",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2018/CVE-2018-49xx/CVE-2018-4939.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-4939",
"sourceIdentifier": "psirt@adobe.com",
"published": "2018-05-19T17:29:01.480",
"lastModified": "2024-11-21T04:07:45.160",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T15:36:22.337",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

10
CVE-2018/CVE-2018-49xx/CVE-2018-4990.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-4990",
"sourceIdentifier": "psirt@adobe.com",
"published": "2018-07-09T19:29:03.327",
"lastModified": "2024-11-21T04:07:51.767",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T15:36:26.277",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,13 +16,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",

10
CVE-2018/CVE-2018-50xx/CVE-2018-5002.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-5002",
"sourceIdentifier": "psirt@adobe.com",
"published": "2018-07-09T19:29:03.750",
"lastModified": "2024-11-21T04:07:53.737",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T15:36:30.167",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,13 +16,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",

4
CVE-2019/CVE-2019-01xx/CVE-2019-0193.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-0193",
"sourceIdentifier": "security@apache.org",
"published": "2019-08-01T14:15:13.113",
"lastModified": "2024-11-21T04:16:27.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T15:37:04.953",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2019/CVE-2019-02xx/CVE-2019-0211.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-0211",
"sourceIdentifier": "security@apache.org",
"published": "2019-04-08T22:29:00.387",
"lastModified": "2024-11-21T04:16:29.640",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T15:37:01.753",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

45
CVE-2023/CVE-2023-271xx/CVE-2023-27112.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-27112",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T22:15:09.710",
"lastModified": "2025-01-21T22:15:09.710",
"vulnStatus": "Received",
"lastModified": "2025-01-23T16:15:27.067",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "pearProjectApi v2.8.10 was discovered to contain a SQL injection vulnerability via the projectCode parameter at project.php."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que pearProjectApi v2.8.10 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro projectCode en project.php."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/a54552239/pearProjectApi/issues/32",

45
CVE-2023/CVE-2023-271xx/CVE-2023-27113.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-27113",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T22:15:09.823",
"lastModified": "2025-01-21T22:15:09.823",
"vulnStatus": "Received",
"lastModified": "2025-01-23T16:15:28.080",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "pearProjectApi v2.8.10 was discovered to contain a SQL injection vulnerability via the organizationCode parameter at project.php."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que pearProjectApi v2.8.10 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro organizationCode en project.php."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/a54552239/pearProjectApi/issues/31",

32
CVE-2023/CVE-2023-302xx/CVE-2023-30281.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-30281",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-16T20:15:09.323",
"lastModified": "2024-11-21T07:59:58.680",
"lastModified": "2025-01-23T16:15:28.260",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-304xx/CVE-2023-30452.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-30452",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-17T00:15:09.107",
"lastModified": "2024-11-21T08:00:12.833",
"lastModified": "2025-01-23T16:15:28.487",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

22
CVE-2023/CVE-2023-315xx/CVE-2023-31572.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31572",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-16T14:15:09.540",
"lastModified": "2024-11-21T08:02:02.400",
"lastModified": "2025-01-23T15:15:08.303",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

32
CVE-2023/CVE-2023-318xx/CVE-2023-31848.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31848",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-17T00:15:09.150",
"lastModified": "2024-11-21T08:02:19.550",
"lastModified": "2025-01-23T16:15:28.850",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-918"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-318xx/CVE-2023-31856.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31856",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-16T15:15:09.350",
"lastModified": "2024-11-21T08:02:20.267",
"lastModified": "2025-01-23T16:15:29.030",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-77"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-318xx/CVE-2023-31857.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31857",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-16T15:15:09.467",
"lastModified": "2024-11-21T08:02:20.413",
"lastModified": "2025-01-23T16:15:29.230",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-434"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-318xx/CVE-2023-31890.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31890",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-16T16:15:10.343",
"lastModified": "2024-11-21T08:02:21.873",
"lastModified": "2025-01-23T15:15:09.050",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-502"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [

16
CVE-2023/CVE-2023-324xx/CVE-2023-32409.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32409",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.183",
"lastModified": "2024-11-21T08:03:17.840",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T16:53:34.323",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -121,7 +121,6 @@
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -129,7 +128,6 @@
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -137,7 +135,6 @@
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -145,7 +142,6 @@
"url": "https://support.apple.com/en-us/HT213762",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -153,7 +149,6 @@
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -161,7 +156,6 @@
"url": "https://support.apple.com/en-us/HT213842",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -169,7 +163,6 @@
"url": "https://support.apple.com/en-us/HT213757",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -177,7 +170,6 @@
"url": "https://support.apple.com/en-us/HT213758",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -185,7 +177,6 @@
"url": "https://support.apple.com/en-us/HT213761",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -193,7 +184,6 @@
"url": "https://support.apple.com/en-us/HT213762",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -201,7 +191,6 @@
"url": "https://support.apple.com/en-us/HT213764",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -209,7 +198,6 @@
"url": "https://support.apple.com/en-us/HT213842",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}

18
CVE-2023/CVE-2023-324xx/CVE-2023-32434.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32434",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.720",
"lastModified": "2024-11-21T08:03:20.717",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T16:53:39.523",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -136,7 +136,6 @@
"url": "https://support.apple.com/en-us/HT213808",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -144,7 +143,6 @@
"url": "https://support.apple.com/en-us/HT213809",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -152,7 +150,6 @@
"url": "https://support.apple.com/en-us/HT213810",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -160,7 +157,6 @@
"url": "https://support.apple.com/en-us/HT213811",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -168,7 +164,6 @@
"url": "https://support.apple.com/en-us/HT213812",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -176,7 +171,6 @@
"url": "https://support.apple.com/en-us/HT213813",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -184,7 +178,6 @@
"url": "https://support.apple.com/en-us/HT213814",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -207,7 +200,6 @@
"url": "https://support.apple.com/en-us/HT213808",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -215,7 +207,6 @@
"url": "https://support.apple.com/en-us/HT213809",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -223,7 +214,6 @@
"url": "https://support.apple.com/en-us/HT213810",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -231,7 +221,6 @@
"url": "https://support.apple.com/en-us/HT213811",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -239,7 +228,6 @@
"url": "https://support.apple.com/en-us/HT213812",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -247,7 +235,6 @@
"url": "https://support.apple.com/en-us/HT213813",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -255,7 +242,6 @@
"url": "https://support.apple.com/en-us/HT213814",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},

24
CVE-2023/CVE-2023-324xx/CVE-2023-32439.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32439",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.813",
"lastModified": "2024-11-21T08:03:21.347",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T16:36:05.110",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -100,6 +100,22 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webkitgtk:webkitgtk\\+:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.42.3",
"matchCriteriaId": "8C7F88F0-0092-4338-A52F-1A2ED27460B5"
}
]
}
]
}
],
"references": [
@ -167,7 +183,6 @@
"url": "https://support.apple.com/en-us/HT213811",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -175,7 +190,6 @@
"url": "https://support.apple.com/en-us/HT213813",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -183,7 +197,6 @@
"url": "https://support.apple.com/en-us/HT213814",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -191,7 +204,6 @@
"url": "https://support.apple.com/en-us/HT213816",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},

75
CVE-2023/CVE-2023-324xx/CVE-2023-32484.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32484",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-02-15T13:15:45.553",
"lastModified": "2024-11-21T08:03:27.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:59:24.473",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,16 +69,63 @@
"value": "CWE-20"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:enterprise_sonic_distribution:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.5.0",
"versionEndExcluding": "3.5.5",
"matchCriteriaId": "A38C6071-4903-48FB-9AAB-6A9B14A9072B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:enterprise_sonic_distribution:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.0.6",
"matchCriteriaId": "B3C92AD0-DE87-4514-A980-9305C9BCF81C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:enterprise_sonic_distribution:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA546A04-B62E-4E53-90F4-4391479677B5"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000216586/dsa-2023-284-security-update-for-dell-emc-enterprise-sonic-os-command-injection-vulnerability-when-using-remote-user-authentication",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000216586/dsa-2023-284-security-update-for-dell-emc-enterprise-sonic-os-command-injection-vulnerability-when-using-remote-user-authentication",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

32
CVE-2023/CVE-2023-329xx/CVE-2023-32977.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32977",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T16:15:10.507",
"lastModified": "2024-11-21T08:04:19.993",
"lastModified": "2025-01-23T16:15:29.433",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-329xx/CVE-2023-32978.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32978",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T16:15:10.610",
"lastModified": "2024-11-21T08:04:20.107",
"lastModified": "2025-01-23T16:15:29.620",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-329xx/CVE-2023-32979.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32979",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T16:15:10.673",
"lastModified": "2024-11-21T08:04:20.217",
"lastModified": "2025-01-23T16:15:29.793",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-732"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-329xx/CVE-2023-32980.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32980",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T16:15:10.753",
"lastModified": "2024-11-21T08:04:20.337",
"lastModified": "2025-01-23T16:15:29.967",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-329xx/CVE-2023-32987.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32987",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T16:15:11.200",
"lastModified": "2024-11-21T08:04:21.153",
"lastModified": "2025-01-23T16:15:30.150",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-329xx/CVE-2023-32994.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32994",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T17:15:11.937",
"lastModified": "2024-11-21T08:04:21.947",
"lastModified": "2025-01-23T16:15:30.327",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-295"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-329xx/CVE-2023-32997.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32997",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T17:15:12.067",
"lastModified": "2024-11-21T08:04:22.293",
"lastModified": "2025-01-23T16:15:30.483",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-384"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-384"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-329xx/CVE-2023-32998.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32998",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T17:15:12.110",
"lastModified": "2024-11-21T08:04:22.417",
"lastModified": "2025-01-23T16:15:30.643",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-329xx/CVE-2023-32999.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32999",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T17:15:12.160",
"lastModified": "2024-11-21T08:04:22.537",
"lastModified": "2025-01-23T16:15:30.830",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-276"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-330xx/CVE-2023-33000.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33000",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T17:15:12.207",
"lastModified": "2024-11-21T08:04:22.643",
"lastModified": "2025-01-23T16:15:31.030",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-522"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-330xx/CVE-2023-33001.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33001",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T17:15:12.250",
"lastModified": "2024-11-21T08:04:22.760",
"lastModified": "2025-01-23T16:15:31.230",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-532"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-330xx/CVE-2023-33002.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33002",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T17:15:12.293",
"lastModified": "2024-11-21T08:04:22.870",
"lastModified": "2025-01-23T16:15:31.433",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-330xx/CVE-2023-33003.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33003",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T17:15:12.340",
"lastModified": "2024-11-21T08:04:22.970",
"lastModified": "2025-01-23T16:15:31.613",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-330xx/CVE-2023-33004.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33004",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T17:15:12.377",
"lastModified": "2024-11-21T08:04:23.087",
"lastModified": "2025-01-23T16:15:31.770",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-732"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-330xx/CVE-2023-33005.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33005",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T17:15:12.420",
"lastModified": "2024-11-21T08:04:23.200",
"lastModified": "2025-01-23T16:15:31.933",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-613"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-613"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-330xx/CVE-2023-33006.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33006",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T17:15:12.467",
"lastModified": "2024-11-21T08:04:23.317",
"lastModified": "2025-01-23T16:15:32.103",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-330xx/CVE-2023-33007.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33007",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T17:15:12.507",
"lastModified": "2024-11-21T08:04:23.423",
"lastModified": "2025-01-23T16:15:32.277",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

20
CVE-2023/CVE-2023-332xx/CVE-2023-33246.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33246",
"sourceIdentifier": "security@apache.org",
"published": "2023-05-24T15:15:09.553",
"lastModified": "2024-11-21T08:05:15.150",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T16:15:36.257",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -61,15 +61,15 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:rocketmq:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.7",
"matchCriteriaId": "4DBCE249-91D7-442A-BD1B-4C20F848EB35"
"versionEndExcluding": "4.9.6",
"matchCriteriaId": "77D6638C-EB7C-486D-8AA9-4BA699EA5273"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:rocketmq:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndExcluding": "5.1.2",
"matchCriteriaId": "68AFCD16-B82F-411E-B3E6-236CA76A1FEE"
"versionEndExcluding": "5.1.1",
"matchCriteriaId": "12739B28-F22E-4B7A-9573-AF2B23438397"
}
]
}
@ -129,7 +129,11 @@
},
{
"url": "https://www.vicarius.io/vsociety/posts/rocketmq-rce-cve-2023-33246-33247",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

43
CVE-2023/CVE-2023-370xx/CVE-2023-37014.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-37014",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-22T15:15:10.987",
"lastModified": "2025-01-22T15:15:10.987",
"lastModified": "2025-01-23T15:15:09.280",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a `UE Context Release Request` message missing a required `MME_UE_S1AP_ID` field to repeatedly crash the MME, resulting in denial of service."
},
{
"lang": "es",
"value": "Las versiones de Open5GS MME anteriores a la 2.6.4 contienen una aserci\u00f3n que se puede activar de forma remota a trav\u00e9s de un paquete ASN.1 mal formado a trav\u00e9s de la interfaz S1AP. Un atacante puede enviar un mensaje de \"Solicitud de liberaci\u00f3n de contexto de UE\" sin el campo \"MME_UE_S1AP_ID\" requerido para bloquear repetidamente el MME, lo que da como resultado la denegaci\u00f3n de servicio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

43
CVE-2023/CVE-2023-370xx/CVE-2023-37022.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-37022",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-22T15:15:11.817",
"lastModified": "2025-01-22T15:15:11.817",
"lastModified": "2025-01-23T15:15:09.430",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open5GS MME versions <= 2.6.4 contain a reachable assertion in the `UE Context Release Request` packet handler. A packet containing an invalid `MME_UE_S1AP_ID` field causes Open5gs to crash; an attacker may repeatedly send such packets to cause denial of service."
},
{
"lang": "es",
"value": "Las versiones de Open5GS MME anteriores a la 2.6.4 contienen una aserci\u00f3n alcanzable en el controlador de paquetes `UE Context Release Request`. Un paquete que contiene un campo `MME_UE_S1AP_ID` ??no v\u00e1lido hace que Open5gs se bloquee; un atacante puede enviar repetidamente dichos paquetes para provocar una denegaci\u00f3n de servicio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2023/CVE-2023-370xx/CVE-2023-37027.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-37027",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:09.880",
"lastModified": "2025-01-21T23:15:09.880",
"vulnStatus": "Received",
"lastModified": "2025-01-23T16:15:32.543",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `E-RAB Modification Indication` packet missing an expected `eNB_UE_S1AP_ID` field."
},
{
"lang": "es",
"value": "La vulnerabilidad de desreferencia de puntero nulo en la entidad de administraci\u00f3n m\u00f3vil (MME) en Magma &lt;= 1.8.0 (corregida en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) permite a atacantes adyacentes a la red bloquear la MME a trav\u00e9s de un paquete S1AP `E-RAB Modification Indication` que carece de un campo `eNB_UE_S1AP_ID` ??esperado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2023/CVE-2023-370xx/CVE-2023-37028.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-37028",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:10.000",
"lastModified": "2025-01-21T23:15:10.000",
"vulnStatus": "Received",
"lastModified": "2025-01-23T16:15:32.740",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `E-RAB Modification Indication` packet missing an expected `eNB_UE_S1AP_ID` field."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desreferencia de puntero nulo en la entidad de administraci\u00f3n m\u00f3vil (MME) en Magma &lt;= 1.8.0 (corregida en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) permite a atacantes adyacentes a la red bloquear la MME a trav\u00e9s de un paquete S1AP `E-RAB Modification Indication` que carece de un campo `eNB_UE_S1AP_ID` ??esperado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2023/CVE-2023-370xx/CVE-2023-37030.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-37030",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:10.247",
"lastModified": "2025-01-21T23:15:10.247",
"vulnStatus": "Received",
"lastModified": "2025-01-23T16:15:32.940",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Initial UE Message` packet missing an expected `eNB_UE_S1AP_ID` field."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desreferencia de puntero nulo en la entidad de administraci\u00f3n m\u00f3vil (MME) en Magma &lt;= 1.8.0 (corregida en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) permite a atacantes adyacentes a la red bloquear la MME a trav\u00e9s de un paquete de `Mensaje UE inicial` S1AP que carece de un campo `eNB_UE_S1AP_ID` ??esperado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2023/CVE-2023-370xx/CVE-2023-37031.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-37031",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:10.363",
"lastModified": "2025-01-21T23:15:10.363",
"vulnStatus": "Received",
"lastModified": "2025-01-23T16:15:33.127",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `eNB Configuration Transfer` packet missing its required `Target eNB ID` field."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desreferencia de puntero nulo en la entidad de administraci\u00f3n m\u00f3vil (MME) en Magma &lt;= 1.8.0 (corregida en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) permite a atacantes adyacentes a la red bloquear la MME a trav\u00e9s de un paquete de `Transferencia de configuraci\u00f3n de eNB` de S1AP que carece del campo `ID de eNB de destino` requerido."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2023/CVE-2023-370xx/CVE-2023-37032.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-37032",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:10.473",
"lastModified": "2025-01-21T23:15:10.473",
"vulnStatus": "Received",
"lastModified": "2025-01-23T16:15:33.330",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Stack-based buffer overflow in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows remote attackers to crash the MME with an unauthenticated cellphone by sending a NAS packet containing an oversized `Emergency Number List` Information Element."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer basado en pila en la entidad de administraci\u00f3n m\u00f3vil (MME) de las versiones de Magma &lt;= 1.8.0 (corregido en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) permite a atacantes remotos bloquear la MME con un tel\u00e9fono celular no autenticado mediante el env\u00edo de un paquete NAS que contiene un elemento de informaci\u00f3n de \"Lista de n\u00fameros de emergencia\" de gran tama\u00f1o."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2023/CVE-2023-370xx/CVE-2023-37033.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-37033",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:10.580",
"lastModified": "2025-01-21T23:15:10.580",
"vulnStatus": "Received",
"lastModified": "2025-01-23T15:15:09.563",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Initial UE Message` packet missing an expected `EUTRAN_CGI` field."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desreferencia de puntero nulo en la entidad de administraci\u00f3n m\u00f3vil (MME) en Magma &lt;= 1.8.0 (corregida en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) permite a atacantes adyacentes a la red bloquear la MME a trav\u00e9s de un paquete de `Mensaje inicial de UE` S1AP que carece de un campo `EUTRAN_CGI` esperado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2023/CVE-2023-370xx/CVE-2023-37034.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-37034",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:10.703",
"lastModified": "2025-01-21T23:15:10.703",
"vulnStatus": "Received",
"lastModified": "2025-01-23T15:15:09.733",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Initial UE Message` packet missing an expected `TAI` field."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desreferencia de puntero nulo en la entidad de administraci\u00f3n m\u00f3vil (MME) en Magma &lt;= 1.8.0 (corregida en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) permite a atacantes adyacentes a la red bloquear la MME a trav\u00e9s de un paquete de `Mensaje UE inicial` S1AP que carece de un campo `TAI` esperado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2023/CVE-2023-370xx/CVE-2023-37036.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-37036",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:10.970",
"lastModified": "2025-01-21T23:15:10.970",
"vulnStatus": "Received",
"lastModified": "2025-01-23T15:15:09.900",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Uplink NAS Transport` packet missing an expected `ENB_UE_S1AP_ID` field."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desreferencia de puntero nulo en la entidad de administraci\u00f3n m\u00f3vil (MME) en Magma &lt;= 1.8.0 (corregida en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) permite a atacantes adyacentes a la red bloquear la MME a trav\u00e9s de un paquete S1AP `Uplink NAS Transport` al que le falta un campo `ENB_UE_S1AP_ID` ??esperado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2023/CVE-2023-370xx/CVE-2023-37037.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-37037",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:11.080",
"lastModified": "2025-01-21T23:15:11.080",
"vulnStatus": "Received",
"lastModified": "2025-01-23T15:15:10.080",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `S1Setup Request` packet missing an expected `Supported TAs` field."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desreferencia de puntero nulo en la entidad de administraci\u00f3n m\u00f3vil (MME) en Magma &lt;= 1.8.0 (corregida en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) permite a atacantes adyacentes a la red bloquear la MME a trav\u00e9s de un paquete S1AP `S1Setup Request` que carece de un campo `Supported TAs` esperado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2023/CVE-2023-370xx/CVE-2023-37038.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-37038",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:11.203",
"lastModified": "2025-01-21T23:15:11.203",
"vulnStatus": "Received",
"lastModified": "2025-01-23T15:15:10.270",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Uplink NAS Transport` packet missing an expected `MME_UE_S1AP_ID` field."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desreferencia de puntero nulo en la entidad de administraci\u00f3n m\u00f3vil (MME) en Magma &lt;= 1.8.0 (corregida en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) permite a atacantes adyacentes a la red bloquear la MME a trav\u00e9s de un paquete S1AP `Uplink NAS Transport` que carece de un campo `MME_UE_S1AP_ID` ??esperado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2023/CVE-2023-370xx/CVE-2023-37039.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-37039",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-22T00:15:15.683",
"lastModified": "2025-01-22T00:15:15.683",
"vulnStatus": "Received",
"lastModified": "2025-01-23T15:15:10.443",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allow network-adjacent attackers to crash the MME via an S1AP `Initial UE Message` packet missing an expected `RRC Establishment Clause` field."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desreferencia de puntero nulo en la entidad de administraci\u00f3n m\u00f3vil (MME) en Magma &lt;= 1.8.0 (corregida en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) permite a atacantes adyacentes a la red bloquear la MME a trav\u00e9s de un paquete de `Mensaje UE inicial` de S1AP que carece de un campo `Cl\u00e1usula de establecimiento de RRC` esperado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

14
CVE-2023/CVE-2023-374xx/CVE-2023-37450.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37450",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T00:15:15.497",
"lastModified": "2024-11-21T08:11:44.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T16:36:38.280",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -128,7 +128,6 @@
"url": "https://support.apple.com/en-us/HT213826",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -136,7 +135,6 @@
"url": "https://support.apple.com/en-us/HT213841",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -144,7 +142,6 @@
"url": "https://support.apple.com/en-us/HT213843",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -152,7 +149,6 @@
"url": "https://support.apple.com/en-us/HT213846",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -160,7 +156,6 @@
"url": "https://support.apple.com/en-us/HT213848",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -175,7 +170,6 @@
"url": "https://support.apple.com/en-us/HT213826",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -183,7 +177,6 @@
"url": "https://support.apple.com/en-us/HT213841",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -191,7 +184,6 @@
"url": "https://support.apple.com/en-us/HT213843",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -199,7 +191,6 @@
"url": "https://support.apple.com/en-us/HT213846",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -207,7 +198,6 @@
"url": "https://support.apple.com/en-us/HT213848",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}

52
CVE-2023/CVE-2023-378xx/CVE-2023-37869.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37869",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-19T14:15:12.617",
"lastModified": "2024-11-21T08:12:22.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:32:34.380",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:leap13:premium_addons:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "2.9.1",
"matchCriteriaId": "8C9EC948-AEA6-460C-B566-CEBDBBF80F73"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/premium-addons-pro/wordpress-premium-addons-pro-plugin-2-9-0-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/premium-addons-pro/wordpress-premium-addons-pro-plugin-2-9-0-broken-access-control-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

18
CVE-2023/CVE-2023-386xx/CVE-2023-38606.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38606",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T00:15:16.173",
"lastModified": "2024-11-21T08:13:55.653",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T16:36:53.287",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -127,7 +127,6 @@
"url": "https://support.apple.com/en-us/HT213841",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -135,7 +134,6 @@
"url": "https://support.apple.com/en-us/HT213842",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -143,7 +141,6 @@
"url": "https://support.apple.com/en-us/HT213843",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -151,7 +148,6 @@
"url": "https://support.apple.com/en-us/HT213844",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -159,7 +155,6 @@
"url": "https://support.apple.com/en-us/HT213845",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -167,7 +162,6 @@
"url": "https://support.apple.com/en-us/HT213846",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -175,7 +169,6 @@
"url": "https://support.apple.com/en-us/HT213848",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -183,7 +176,6 @@
"url": "https://support.apple.com/en-us/HT213841",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -191,7 +183,6 @@
"url": "https://support.apple.com/en-us/HT213842",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -199,7 +190,6 @@
"url": "https://support.apple.com/en-us/HT213843",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -207,7 +197,6 @@
"url": "https://support.apple.com/en-us/HT213844",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -215,7 +204,6 @@
"url": "https://support.apple.com/en-us/HT213845",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -223,7 +211,6 @@
"url": "https://support.apple.com/en-us/HT213846",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -231,7 +218,6 @@
"url": "https://support.apple.com/en-us/HT213848",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}

62
CVE-2023/CVE-2023-392xx/CVE-2023-39244.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39244",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-02-15T13:15:45.770",
"lastModified": "2024-11-21T08:14:58.897",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:57:46.483",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,16 +69,50 @@
"value": "CWE-284"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:enterprise_storage_integrator_for_sap_landscape_management:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.0.0",
"matchCriteriaId": "2BF50F45-2A95-4BE7-8F7D-150893330F90"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000216654/dsa-2023-299-security-update-for-dell-esi-enterprise-storage-integrator-for-sap-lama-multiple-security-vulnerabilities",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000216654/dsa-2023-299-security-update-for-dell-esi-enterprise-storage-integrator-for-sap-lama-multiple-security-vulnerabilities",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-392xx/CVE-2023-39245.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39245",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-02-15T13:15:46.000",
"lastModified": "2024-11-21T08:14:59.030",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:57:31.067",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,16 +69,50 @@
"value": "CWE-319"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:enterprise_storage_integrator_for_sap_landscape_management:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.0.0",
"matchCriteriaId": "2BF50F45-2A95-4BE7-8F7D-150893330F90"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000216654/dsa-2023-299-security-update-for-dell-esi-enterprise-storage-integrator-for-sap-lama-multiple-security-vulnerabilities",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000216654/dsa-2023-299-security-update-for-dell-esi-enterprise-storage-integrator-for-sap-lama-multiple-security-vulnerabilities",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

25
CVE-2023/CVE-2023-429xx/CVE-2023-42917.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42917",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-11-30T23:15:07.280",
"lastModified": "2024-11-21T08:23:30.587",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T16:37:02.693",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -245,16 +245,14 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/",
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Release Notes"
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/",
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Release Notes"
"Mailing List"
]
},
{
@ -268,7 +266,6 @@
"url": "https://support.apple.com/en-us/HT214031",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -276,7 +273,6 @@
"url": "https://support.apple.com/en-us/HT214032",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -284,7 +280,6 @@
"url": "https://support.apple.com/en-us/HT214033",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -385,16 +380,14 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes"
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes"
"Mailing List"
]
},
{
@ -408,7 +401,6 @@
"url": "https://support.apple.com/en-us/HT214031",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -416,7 +408,6 @@
"url": "https://support.apple.com/en-us/HT214032",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -424,7 +415,6 @@
"url": "https://support.apple.com/en-us/HT214033",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
@ -453,8 +443,7 @@
"url": "https://www.debian.org/security/2023/dsa-5575",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
"Mailing List"
]
}
]

12
CVE-2023/CVE-2023-466xx/CVE-2023-46604.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46604",
"sourceIdentifier": "security@apache.org",
"published": "2023-10-27T15:15:14.017",
"lastModified": "2024-11-21T08:28:52.810",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T16:16:49.210",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -66,7 +66,7 @@
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -211,8 +211,7 @@
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html",
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
"Mailing List"
]
},
{
@ -257,8 +256,7 @@
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
"Mailing List"
]
},
{

42
CVE-2023/CVE-2023-49xx/CVE-2023-4993.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4993",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-02-15T16:15:45.643",
"lastModified": "2024-11-21T08:36:25.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:56:18.263",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,16 +49,50 @@
"value": "CWE-648"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:utarit:solipay_mobile:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.0.8",
"matchCriteriaId": "959D95E5-61A9-4A28-8785-63580837107E"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-0104",
"source": "iletisim@usom.gov.tr"
"source": "iletisim@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-0104",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2023/CVE-2023-51xx/CVE-2023-5155.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5155",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-02-15T16:15:45.910",
"lastModified": "2024-11-21T08:41:10.720",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:56:09.100",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:utarit:solipay_mobile:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.0.8",
"matchCriteriaId": "959D95E5-61A9-4A28-8785-63580837107E"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-0104",
"source": "iletisim@usom.gov.tr"
"source": "iletisim@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-0104",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

86
CVE-2023/CVE-2023-62xx/CVE-2023-6249.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6249",
"sourceIdentifier": "vulnerabilities@zephyrproject.org",
"published": "2024-02-18T08:15:07.223",
"lastModified": "2024-11-21T08:43:27.700",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:49:26.293",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.5,
"impactScore": 5.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,16 +69,74 @@
"value": "CWE-704"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-704"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.0",
"matchCriteriaId": "77568556-7FD0-4579-9F07-9ECE4E6CCFFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zephyrproject:zephyr:3.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "41EBBDE9-8B0F-4538-8676-FFD53783853F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zephyrproject:zephyr:3.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "98715CBC-462C-46A7-BE10-2E00E88F73EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zephyrproject:zephyr:3.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "61DC26BC-0117-4DA1-9152-023E53D8292B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zephyrproject:zephyr:3.5.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "14F7101F-A590-41FE-A8AA-3B7F52291349"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-32f5-3p9h-2rqc",
"source": "vulnerabilities@zephyrproject.org"
"source": "vulnerabilities@zephyrproject.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-32f5-3p9h-2rqc",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
}
]
}

32
CVE-2023/CVE-2023-62xx/CVE-2023-6255.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6255",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-02-15T16:15:46.117",
"lastModified": "2024-11-21T08:43:28.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:55:52.197",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:utarit:solipay_mobile:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.0.8",
"matchCriteriaId": "959D95E5-61A9-4A28-8785-63580837107E"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-0104",
"source": "iletisim@usom.gov.tr"
"source": "iletisim@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-0104",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

34
CVE-2023/CVE-2023-70xx/CVE-2023-7081.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2023-7081",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-02-15T16:15:46.373",
"lastModified": "2024-11-21T08:45:12.757",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:53:04.707",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSTAHS\u0130L Online Payment System allows SQL Injection.This issue affects Online Payment System: before 14.02.2024.\n\n"
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSTAHS?L Online Payment System allows SQL Injection.This issue affects Online Payment System: before 14.02.2024.\n\n"
},
{
"lang": "es",
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postahsil:online_payment_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.02.2024",
"matchCriteriaId": "F9522CA1-A828-4705-8761-7422B10F05C1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-0103",
"source": "iletisim@usom.gov.tr"
"source": "iletisim@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-0103",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-06xx/CVE-2024-0622.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0622",
"sourceIdentifier": "security@opentext.com",
"published": "2024-02-15T21:15:08.860",
"lastModified": "2024-11-21T08:47:01.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:52:07.417",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,16 +69,56 @@
"value": "CWE-269"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:operations_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.20",
"versionEndIncluding": "12.25",
"matchCriteriaId": "60CE247E-60E8-4397-A847-5B0701406D54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:operations_agent:12.15:*:*:*:*:*:*:*",
"matchCriteriaId": "973DFAB3-05AE-49A0-917B-ADAD9C296322"
}
]
}
]
}
],
"references": [
{
"url": "https://portal.microfocus.com/s/article/KM000026555?language=en_US",
"source": "security@opentext.com"
"source": "security@opentext.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://portal.microfocus.com/s/article/KM000026555?language=en_US",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-108xx/CVE-2024-10846.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-10846",
"sourceIdentifier": "security@docker.com",
"published": "2025-01-23T16:15:33.533",
"lastModified": "2025-01-23T16:15:33.533",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The compose-go library component in versions v2.10-v2.4.0 allows an authorized user who sends malicious YAML payloads to cause the compose-go to consume excessive amount of Memory and CPU cycles while parsing YAML, such as used by Docker Compose from versions v2.27.0 to v2.29.7 included"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@docker.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security@docker.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://github.com/compose-spec/compose-go/security/advisories/GHSA-36gq-35j3-p9r9",
"source": "security@docker.com"
}
]
}

32
CVE-2024/CVE-2024-108xx/CVE-2024-10868.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10868",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-23T04:15:07.930",
"lastModified": "2024-11-23T04:15:07.930",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:58:10.220",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:themelooks:enter_addons:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1.9",
"matchCriteriaId": "B321B07A-193F-49A2-A649-DE61A156858C"
}
]
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/enteraddons/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ff8e8889-ec02-4b8d-9509-2c6335fdd9a4?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-112xx/CVE-2024-11220.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11220",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-12-06T18:15:22.407",
"lastModified": "2024-12-06T18:15:22.407",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:54:24.970",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -93,16 +113,50 @@
"value": "CWE-279"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openautomationsoftware:open_automation_software:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.0.0.76",
"matchCriteriaId": "6FDFE998-61DE-45FB-B117-550F3000BD9B"
}
]
}
]
}
],
"references": [
{
"url": "https://openautomationsoftware.com/downloads/",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Product"
]
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-03",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"US Government Resource"
]
}
]
}

279
CVE-2024/CVE-2024-15xx/CVE-2024-1580.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1580",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2024-02-19T11:15:08.817",
"lastModified": "2024-11-21T08:50:52.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:48:27.027",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 4.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,128 +69,323 @@
"value": "CWE-190"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:videolan:dav1d:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.4.0",
"matchCriteriaId": "B21FACDB-790F-4BDF-AE54-72C70D1880C0"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.4.1",
"matchCriteriaId": "5B0BD32E-FA45-4796-956D-D1F2C049171E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.7",
"matchCriteriaId": "35B07242-1592-4814-8866-FA7DA2021DDC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.4.1",
"matchCriteriaId": "027265B2-C0CD-46D8-BF40-5E591CFDE9D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.7",
"matchCriteriaId": "4450D591-7B62-4339-9F0F-08C51F701967"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.4.1",
"matchCriteriaId": "9AA95646-94B7-4C20-9B69-371409BA4E22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6.6",
"matchCriteriaId": "55A1512B-3C9A-428C-97BD-B3B6813B150D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.4.1",
"matchCriteriaId": "580B86E1-BCC1-419C-86B7-2A33DA257401"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.1",
"matchCriteriaId": "C8418E27-11BA-4DE1-9596-6E88F5A9C052"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/36",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/37",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/38",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/39",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/40",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/41",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://code.videolan.org/videolan/dav1d/-/blob/master/NEWS",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://code.videolan.org/videolan/dav1d/-/releases/1.4.0",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EPMUNDMEBGESOJ2ZNCWYEAYOOEKNWOO/",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://support.apple.com/kb/HT214093",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214094",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214095",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214096",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214097",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214098",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/36",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/37",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/38",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/39",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/40",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/41",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://code.videolan.org/videolan/dav1d/-/blob/master/NEWS",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://code.videolan.org/videolan/dav1d/-/releases/1.4.0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EPMUNDMEBGESOJ2ZNCWYEAYOOEKNWOO/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://support.apple.com/kb/HT214093",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214094",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214095",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214096",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214097",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214098",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-19xx/CVE-2024-1996.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1996",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:28.930",
"lastModified": "2024-11-21T08:51:45.583",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:34:43.927",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:leap13:premium_addons:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "2.9.13",
"matchCriteriaId": "95AC4C11-39C1-4A4D-8843-C44A1EF51E94"
}
]
}
]
}
],
"references": [
{
"url": "https://premiumaddons.com/change-log/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/48fa5f3b-000b-406e-b7ee-51af5720cf72?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://premiumaddons.com/change-log/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/48fa5f3b-000b-406e-b7ee-51af5720cf72?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-19xx/CVE-2024-1997.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1997",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:29.110",
"lastModified": "2024-11-21T08:51:45.720",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:35:44.507",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:leap13:premium_addons:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "2.9.13",
"matchCriteriaId": "95AC4C11-39C1-4A4D-8843-C44A1EF51E94"
}
]
}
]
}
],
"references": [
{
"url": "https://premiumaddons.com/change-log/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6ffa6a6b-bbb4-4361-8585-ce2cdb7d1d7e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://premiumaddons.com/change-log/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6ffa6a6b-bbb4-4361-8585-ce2cdb7d1d7e?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-20xx/CVE-2024-2000.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2000",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:30.717",
"lastModified": "2024-11-21T09:08:46.863",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:34:23.897",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:leap13:premium_addons:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "2.9.13",
"matchCriteriaId": "95AC4C11-39C1-4A4D-8843-C44A1EF51E94"
}
]
}
]
}
],
"references": [
{
"url": "https://premiumaddons.com/change-log/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/eee517de-a47e-47c9-8322-92ce772191b0?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://premiumaddons.com/change-log/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/eee517de-a47e-47c9-8322-92ce772191b0?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

377
CVE-2024/CVE-2024-215xx/CVE-2024-21590.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21590",
"sourceIdentifier": "sirt@juniper.net",
"published": "2024-04-12T15:15:22.983",
"lastModified": "2024-11-21T08:54:40.313",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-23T15:29:31.793",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -93,24 +113,369 @@
"value": "CWE-20"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*",
"versionEndIncluding": "21.2",
"matchCriteriaId": "C1B1AF9A-FE27-477A-BE2D-9BE502A0AFCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "3EA3DC63-B290-4D15-BEF9-21DEF36CA2EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "7E1E57AF-979B-4022-8AD6-B3558E06B718"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "144730FB-7622-4B3D-9C47-D1B7A7FB7EB0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "7BA246F0-154E-4F44-A97B-690D22FA73DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "25D6C07C-F96E-4523-BB54-7FEABFE1D1ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2B70C784-534B-4FAA-A5ED-3709656E2B97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "60448FFB-568E-4280-9261-ADD65244F31A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "2B770C52-7E3E-4B92-9138-85DEC56F3B22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "E88AC378-461C-4EFA-A04B-5786FF21FE03"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "3B0AFB30-81DC-465C-9F63-D1B15EA4809A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "2035F0AC-29E7-478A-A9D0-BAA3A88B3413"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "C34ABD4B-B045-4046-9641-66E3B2082A25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "6D5DC04F-18DE-403B-BE93-2251F3332C1C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "909FC378-EBFE-4BA9-8393-0C8301438020"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "2E907193-075E-45BC-9257-9607DB790D71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CEDF46A8-FC3A-4779-B695-2CA11D045AEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "39809219-9F87-4583-9DAD-9415DD320B36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "DB299492-A919-4EBA-A62A-B3CF02FC0A95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "74ED0939-D5F8-4334-9838-40F29DE3597F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "C6937069-8C19-4B01-8415-ED7E9EAE2CE2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "97DB6DD5-F5DD-4AE1-AF2F-8DB9E18FF882"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "21DF05B8-EF7E-422F-8831-06904160714C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "492FCE45-68A1-4378-85D4-C4034FE0D836"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "522114CC-1505-4205-B4B8-797DE1BD833B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "C9D664AB-0FA7-49C7-B6E1-69C77652FBEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "9DB01252-2F11-41DB-9023-C74FD723334E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "A3CA3365-F9AF-40DF-8700-30AD4BC58E27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "83AE395C-A651-4568-88E3-3600544BF799"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "C7FEFD0A-A969-4F53-8668-1231FD675D6F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "81CC3480-4B65-4588-8D46-FA80A8F6D143"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "F7E76F5F-DB37-4B7F-9247-3CEB4EBD7696"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "C63DBEE5-B0C2-498F-A672-B6596C89B0A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "9370C46D-3AA1-4562-B67F-DF6EA10F209B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "1FD8C240-A7FE-4FD5-ADCC-289C1BC461BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "2FB9F20B-7683-4B0D-8D2B-5569414EBC29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "BE2EF84D-55A9-41DC-A324-69E1DC426D0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "433631CA-3AC4-4D66-9B46-AEA4209347F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "6E4CD8AD-277A-4FC5-A102-3E151060C216"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "4BC09BAC-83E7-48CE-B571-ED49277B2987"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "FA4481D2-F693-48A5-8DBC-E86430987A25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "136CA584-2475-4A14-9771-F367180201D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "4546776C-A657-42E3-9A36-47F9F59A88AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "156DD8ED-CE6E-48C0-9E67-16B04767D62E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "10F9C2B1-BD81-4EDC-ADF5-4B0F39001C7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "61F649B0-0121-4760-9432-5F57214EFC2B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "0A33C425-921F-4795-B834-608C8F1597E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "93887799-F62C-4A4A-BCF5-004D0B4D4154"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "62C473D2-2612-4480-82D8-8A24D0687BBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "7FB4C5CA-A709-4B13-A9E0-372098A72AD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "04CE952D-E3C1-4B34-9E65-EC52BFE887AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "8AE9D1A7-4721-4E1D-B965-FDC38126B1DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "A8643AA3-29EF-48A7-B033-CB60988E214B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*",
"matchCriteriaId": "6DEAA7FD-385F-4221-907E-65ABC16BE4BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "DDEC008A-3137-48D1-8ABC-6DB0EFC40E50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "558D234D-BC50-415F-86D6-8E19D6C3ACE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "33F4EEEE-77E9-4973-A770-99E7BA2F05F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:-:*:*:*:*:*:*",
"matchCriteriaId": "9D7F0D73-85EE-4A07-B51B-6BF52ECBA75E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "FE777A1F-9CD9-426E-AF1C-FBE01EB9A4A8"
}
]
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA75728",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://supportportal.juniper.net/JSA75728",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
}
]
}

43
CVE-2024/CVE-2024-218xx/CVE-2024-21870.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21870",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-04-03T14:15:13.917",
"lastModified": "2024-11-21T08:55:09.200",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:56:30.133",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,16 +49,51 @@
"value": "CWE-73"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openautomationsoftware:open_automation_software:19.0.0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "98468F0E-605A-47FA-877E-5FA039E1FB4B"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1950",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1950",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-221xx/CVE-2024-22178.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22178",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-04-03T14:15:14.543",
"lastModified": "2024-11-21T08:55:43.953",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:57:16.747",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,16 +49,51 @@
"value": "CWE-73"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openautomationsoftware:open_automation_software:19.0.0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "98468F0E-605A-47FA-877E-5FA039E1FB4B"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1951",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1951",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

86
CVE-2024/CVE-2024-224xx/CVE-2024-22425.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22425",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-02-16T12:15:07.757",
"lastModified": "2024-11-21T08:56:15.960",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:51:37.177",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -51,18 +71,74 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:recoverpoint_for_virtual_machines:5.3:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0D63758C-7150-4B89-BD05-08AAA2C3D018"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:recoverpoint_for_virtual_machines:5.3:sp2_p1:*:*:*:*:*:*",
"matchCriteriaId": "AE782786-D263-4946-8CDF-8FDA831FC6C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:recoverpoint_for_virtual_machines:5.3:sp2_p2:*:*:*:*:*:*",
"matchCriteriaId": "7494092A-686D-4AE7-B420-80586564FA27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:recoverpoint_for_virtual_machines:5.3:sp2_p4:*:*:*:*:*:*",
"matchCriteriaId": "F113FDFF-78AC-4F85-82B6-A01F2DD12CAB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:recoverpoint_for_virtual_machines:5.3:sp3_p1:*:*:*:*:*:*",
"matchCriteriaId": "FE37056B-7198-4A83-8912-99DA65E6D889"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:recoverpoint_for_virtual_machines:5.3:sp3_p2:*:*:*:*:*:*",
"matchCriteriaId": "B31D991B-B2BB-4D75-AA16-B47A87D556FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:recoverpoint_for_virtual_machines:6.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "DD0ABCD5-9273-4799-A916-3518ED5EBB46"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000222133/dsa-2024-092-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000228154/dsa-2024-369-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000222133/dsa-2024-092-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

96
CVE-2024/CVE-2024-224xx/CVE-2024-22426.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22426",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-02-16T12:15:08.537",
"lastModified": "2024-11-21T08:56:16.120",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:50:56.417",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,20 +69,86 @@
"value": "CWE-434"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:recoverpoint_for_virtual_machines:5.3:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0D63758C-7150-4B89-BD05-08AAA2C3D018"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:recoverpoint_for_virtual_machines:5.3:sp2_p1:*:*:*:*:*:*",
"matchCriteriaId": "AE782786-D263-4946-8CDF-8FDA831FC6C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:recoverpoint_for_virtual_machines:5.3:sp2_p2:*:*:*:*:*:*",
"matchCriteriaId": "7494092A-686D-4AE7-B420-80586564FA27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:recoverpoint_for_virtual_machines:5.3:sp2_p4:*:*:*:*:*:*",
"matchCriteriaId": "F113FDFF-78AC-4F85-82B6-A01F2DD12CAB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:recoverpoint_for_virtual_machines:5.3:sp3_p1:*:*:*:*:*:*",
"matchCriteriaId": "FE37056B-7198-4A83-8912-99DA65E6D889"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:recoverpoint_for_virtual_machines:5.3:sp3_p2:*:*:*:*:*:*",
"matchCriteriaId": "B31D991B-B2BB-4D75-AA16-B47A87D556FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:recoverpoint_for_virtual_machines:6.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "DD0ABCD5-9273-4799-A916-3518ED5EBB46"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000222133/dsa-2024-092-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000228154/dsa-2024-369-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000222133/dsa-2024-092-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-22xx/CVE-2024-2237.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2237",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:32.403",
"lastModified": "2024-11-21T09:09:19.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:35:26.147",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:leap13:premium_addons:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "2.9.13",
"matchCriteriaId": "95AC4C11-39C1-4A4D-8843-C44A1EF51E94"
}
]
}
]
}
],
"references": [
{
"url": "https://premiumaddons.com/change-log/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/35151561-6a80-4c2c-b87a-2dfe02aa6158?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://premiumaddons.com/change-log/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/35151561-6a80-4c2c-b87a-2dfe02aa6158?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-22xx/CVE-2024-2238.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2238",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:32.577",
"lastModified": "2024-11-21T09:09:19.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:34:00.867",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:leap13:premium_addons:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "2.9.13",
"matchCriteriaId": "95AC4C11-39C1-4A4D-8843-C44A1EF51E94"
}
]
}
]
}
],
"references": [
{
"url": "https://premiumaddons.com/change-log/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/82e5fd9f-9a1f-4a4c-ac06-61bf65e3c8ab?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://premiumaddons.com/change-log/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/82e5fd9f-9a1f-4a4c-ac06-61bf65e3c8ab?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-22xx/CVE-2024-2239.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2239",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:32.750",
"lastModified": "2024-11-21T09:09:19.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:35:08.010",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:leap13:premium_addons:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "2.9.13",
"matchCriteriaId": "95AC4C11-39C1-4A4D-8843-C44A1EF51E94"
}
]
}
]
}
],
"references": [
{
"url": "https://premiumaddons.com/change-log/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/254f3a1c-0d5d-499b-9da7-129f21ba70af?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://premiumaddons.com/change-log/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/254f3a1c-0d5d-499b-9da7-129f21ba70af?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

45
CVE-2024/CVE-2024-244xx/CVE-2024-24416.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-24416",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:11.543",
"lastModified": "2025-01-21T23:15:11.543",
"vulnStatus": "Received",
"lastModified": "2025-01-23T16:15:33.727",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_access_point_name_ie function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que Linux Foundation Magma &lt;= 1.8.0 (corregido en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) conten\u00eda un desbordamiento de b\u00fafer en la funci\u00f3n decode_access_point_name_ie en /3gpp/3gpp_24.008_sm_ies.c. Esta vulnerabilidad permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un paquete NAS manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2024/CVE-2024-244xx/CVE-2024-24417.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-24417",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:11.663",
"lastModified": "2025-01-21T23:15:11.663",
"vulnStatus": "Received",
"lastModified": "2025-01-23T16:15:33.943",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_protocol_configuration_options function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que Linux Foundation Magma &lt;= 1.8.0 (corregido en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) conten\u00eda un desbordamiento de b\u00fafer en la funci\u00f3n decode_protocol_configuration_options en /3gpp/3gpp_24.008_sm_ies.c. Esta vulnerabilidad permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un paquete NAS manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2024/CVE-2024-244xx/CVE-2024-24418.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-24418",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:11.787",
"lastModified": "2025-01-21T23:15:11.787",
"vulnStatus": "Received",
"lastModified": "2025-01-23T16:15:34.177",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_pdn_address function at /nas/ies/PdnAddress.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que la versi\u00f3n Linux Foundation Magma &lt;= 1.8.0 (corregido en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) conten\u00eda un desbordamiento de b\u00fafer en la funci\u00f3n decode_pdn_address en /nas/ies/PdnAddress.cpp. Esta vulnerabilidad permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un paquete NAS manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2024/CVE-2024-244xx/CVE-2024-24419.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-24419",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:11.910",
"lastModified": "2025-01-21T23:15:11.910",
"vulnStatus": "Received",
"lastModified": "2025-01-23T16:15:34.427",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_traffic_flow_template_packet_filter function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que Linux Foundation Magma &lt;= 1.8.0 (corregido en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) conten\u00eda un desbordamiento de b\u00fafer en la funci\u00f3n decode_traffic_flow_template_packet_filter en /3gpp/3gpp_24.008_sm_ies.c. Esta vulnerabilidad permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un paquete NAS manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2024/CVE-2024-244xx/CVE-2024-24420.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-24420",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:12.030",
"lastModified": "2025-01-21T23:15:12.030",
"vulnStatus": "Received",
"lastModified": "2025-01-23T16:15:34.687",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A reachable assertion in the decode_linked_ti_ie function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet."
},
{
"lang": "es",
"value": "Una afirmaci\u00f3n alcanzable en la funci\u00f3n decode_linked_ti_ie de Magma &lt;= 1.8.0 (corregida en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un paquete NAS manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2024/CVE-2024-244xx/CVE-2024-24421.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-24421",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:12.147",
"lastModified": "2025-01-21T23:15:12.147",
"vulnStatus": "Received",
"lastModified": "2025-01-23T16:15:34.883",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A type confusion in the nas_message_decode function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted NAS packet."
},
{
"lang": "es",
"value": "Una confusi\u00f3n de tipos en la funci\u00f3n nas_message_decode de Magma &lt;= 1.8.0 (corregida en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) permite a los atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un paquete NAS manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2024/CVE-2024-244xx/CVE-2024-24422.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-24422",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:12.267",
"lastModified": "2025-01-21T23:15:12.267",
"vulnStatus": "Received",
"lastModified": "2025-01-23T16:15:35.053",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a stack overflow in the decode_protocol_configuration_options function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que Linux Foundation Magma &lt;= 1.8.0 (corregido en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) conten\u00eda un desbordamiento de pila en la funci\u00f3n decode_protocol_configuration_options en /3gpp/3gpp_24.008_sm_ies.c. Esta vulnerabilidad permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un paquete NAS manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2024/CVE-2024-244xx/CVE-2024-24423.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-24423",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:12.407",
"lastModified": "2025-01-21T23:15:12.407",
"vulnStatus": "Received",
"lastModified": "2025-01-23T16:15:35.253",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_esm_message_container function at /nas/ies/EsmMessageContainer.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que Linux Foundation Magma &lt;= 1.8.0 (corregido en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) conten\u00eda un desbordamiento de b\u00fafer en la funci\u00f3n decode_esm_message_container en /nas/ies/EsmMessageContainer.cpp. Esta vulnerabilidad permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un paquete NAS manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2024/CVE-2024-244xx/CVE-2024-24424.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-24424",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:12.527",
"lastModified": "2025-01-21T23:15:12.527",
"vulnStatus": "Received",
"lastModified": "2025-01-23T16:15:35.453",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A reachable assertion in the decode_access_point_name_ie function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet."
},
{
"lang": "es",
"value": "Una afirmaci\u00f3n alcanzable en la funci\u00f3n decode_access_point_name_ie de Magma &lt;= 1.8.0 (corregida en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un paquete NAS manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

45
CVE-2024/CVE-2024-244xx/CVE-2024-24445.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-24445",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T22:15:11.847",
"lastModified": "2025-01-21T22:15:11.847",
"vulnStatus": "Received",
"lastModified": "2025-01-23T16:15:35.617",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenAirInterface CN5G AMF (oai-cn5g-amf) <= 2.0.0 contains a null dereference in its handling of unsupported NGAP protocol messages which allows an attacker with network-adjacent access to the AMF to carry out denial of service. When a procedure code/presence field tuple is received that is unsupported, OAI indexes into a null function pointer and subsequently dereferences it."
},
{
"lang": "es",
"value": "OpenAirInterface CN5G AMF (oai-cn5g-amf) &lt;= 2.0.0 contiene una desreferencia nula en su gesti\u00f3n de mensajes de protocolo NGAP no compatibles, lo que permite que un atacante con acceso adyacente a la red a AMF lleve a cabo una denegaci\u00f3n de servicio. Cuando se recibe una tupla de c\u00f3digo de procedimiento/campo de presencia que no es compatible, OAI indexa en un puntero de funci\u00f3n nulo y posteriormente lo desreferencia."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://openairinterface.com",

43
CVE-2024/CVE-2024-249xx/CVE-2024-24976.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24976",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-04-03T14:15:15.073",
"lastModified": "2024-11-21T09:00:04.457",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-23T16:55:39.517",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,16 +49,51 @@
"value": "CWE-130"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openautomationsoftware:open_automation_software:19.0.0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "98468F0E-605A-47FA-877E-5FA039E1FB4B"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1948",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1948",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

Some files were not shown because too many files have changed in this diff Show More