admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-06T19:00:21.526423+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-06 19:03:50 +00:00
parent 3098a5d792
commit 15db88e4ab
111 changed files with 36585 additions and 483 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

95
CVE-2021/CVE-2021-44xx/CVE-2021-4445.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4445",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T07:15:10.193",
"lastModified": "2024-10-16T16:38:14.557",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-06T18:13:11.800",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -51,26 +71,61 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://ithemes.com/blog/wordpress-vulnerability-report-september-2021-part-2/#ib-toc-anchor-2",
"source": "security@wordfence.com"
},
"nodes": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2590819%40premium-addons-for-elementor&new=2590819%40premium-addons-for-elementor&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://wordpress.org/plugins/premium-addons-for-elementor/",
"source": "security@wordfence.com"
},
{
"url": "https://wpscan.com/vulnerability/2e5b3608-1dfc-468f-b3ae-12ce7c25ee6c",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cffb26bc-3d3f-4593-bb36-d2abcd67861e?source=cve",
"source": "security@wordfence.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:leap13:premium_addons_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.5.2",
"matchCriteriaId": "A9A9D95F-8EA9-45DF-9E96-A943C7FC2389"
}
]
}
]
}
],
"references": [
{
"url": "https://ithemes.com/blog/wordpress-vulnerability-report-september-2021-part-2/#ib-toc-anchor-2",
"source": "security@wordfence.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2590819%40premium-addons-for-elementor&new=2590819%40premium-addons-for-elementor&sfp_email=&sfph_mail=",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wordpress.org/plugins/premium-addons-for-elementor/",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://wpscan.com/vulnerability/2e5b3608-1dfc-468f-b3ae-12ce7c25ee6c",
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cffb26bc-3d3f-4593-bb36-d2abcd67861e?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2022/CVE-2022-422xx/CVE-2022-42248.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42248",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-06T22:15:09.763",
"lastModified": "2024-11-21T07:24:34.857",
"lastModified": "2025-03-06T17:15:13.097",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-474xx/CVE-2022-47474.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47474",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-03-10T21:15:13.820",
"lastModified": "2024-11-21T07:32:02.217",
"lastModified": "2025-03-06T17:15:14.250",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-862"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-474xx/CVE-2022-47475.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47475",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-03-10T21:15:13.870",
"lastModified": "2024-11-21T07:32:02.330",
"lastModified": "2025-03-06T17:15:14.413",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-862"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-474xx/CVE-2022-47477.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47477",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-03-10T21:15:13.977",
"lastModified": "2024-11-21T07:32:02.597",
"lastModified": "2025-03-06T17:15:14.580",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-862"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-474xx/CVE-2022-47478.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47478",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-03-10T21:15:14.030",
"lastModified": "2024-11-21T07:32:02.717",
"lastModified": "2025-03-06T17:15:14.747",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-862"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-206xx/CVE-2023-20623.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20623",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-03-07T21:15:10.447",
"lastModified": "2024-11-21T07:41:14.633",
"lastModified": "2025-03-06T17:15:15.163",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-367"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-206xx/CVE-2023-20624.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20624",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-03-07T21:15:10.503",
"lastModified": "2024-11-21T07:41:14.757",
"lastModified": "2025-03-06T17:15:15.370",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-206xx/CVE-2023-20625.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20625",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-03-07T21:15:10.560",
"lastModified": "2024-11-21T07:41:14.870",
"lastModified": "2025-03-06T17:15:15.550",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-662"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-662"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-206xx/CVE-2023-20626.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20626",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-03-07T21:15:10.617",
"lastModified": "2024-11-21T07:41:14.990",
"lastModified": "2025-03-06T17:15:15.717",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-206xx/CVE-2023-20627.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20627",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-03-07T21:15:10.673",
"lastModified": "2024-11-21T07:41:15.110",
"lastModified": "2025-03-06T17:15:15.890",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-131"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-131"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-206xx/CVE-2023-20633.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20633",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-03-07T21:15:10.907",
"lastModified": "2024-11-21T07:41:15.570",
"lastModified": "2025-03-06T18:15:34.393",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-129"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-129"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-206xx/CVE-2023-20634.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20634",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-03-07T21:15:10.963",
"lastModified": "2024-11-21T07:41:15.690",
"lastModified": "2025-03-06T18:15:36.003",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-206xx/CVE-2023-20636.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20636",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-03-07T21:15:11.080",
"lastModified": "2024-11-21T07:41:15.943",
"lastModified": "2025-03-06T18:15:36.290",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-206xx/CVE-2023-20637.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20637",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-03-07T21:15:11.137",
"lastModified": "2024-11-21T07:41:16.050",
"lastModified": "2025-03-06T18:15:36.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-206xx/CVE-2023-20638.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20638",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-03-07T21:15:11.200",
"lastModified": "2024-11-21T07:41:16.160",
"lastModified": "2025-03-06T18:15:36.877",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-206xx/CVE-2023-20639.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20639",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-03-07T21:15:11.270",
"lastModified": "2024-11-21T07:41:16.273",
"lastModified": "2025-03-06T18:15:37.287",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-206xx/CVE-2023-20640.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20640",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-03-07T21:15:11.337",
"lastModified": "2024-11-21T07:41:16.397",
"lastModified": "2025-03-06T18:15:37.700",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-206xx/CVE-2023-20641.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20641",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-03-07T21:15:11.397",
"lastModified": "2024-11-21T07:41:16.507",
"lastModified": "2025-03-06T18:15:38.040",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-206xx/CVE-2023-20642.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20642",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-03-07T21:15:11.457",
"lastModified": "2024-11-21T07:41:16.630",
"lastModified": "2025-03-06T18:15:38.883",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-206xx/CVE-2023-20643.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20643",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-03-07T21:15:11.513",
"lastModified": "2024-11-21T07:41:16.737",
"lastModified": "2025-03-06T18:15:39.607",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-206xx/CVE-2023-20644.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20644",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-03-07T21:15:11.570",
"lastModified": "2024-11-21T07:41:16.850",
"lastModified": "2025-03-06T18:15:40.043",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-206xx/CVE-2023-20651.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20651",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-03-07T21:15:11.957",
"lastModified": "2024-11-21T07:41:17.647",
"lastModified": "2025-03-06T17:15:16.063",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-221xx/CVE-2023-22101.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-22101",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:15.033",
"lastModified": "2024-11-21T07:44:16.653",
"lastModified": "2025-03-06T17:15:16.297",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-221xx/CVE-2023-22102.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-22102",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:15.100",
"lastModified": "2024-11-21T07:44:16.763",
"lastModified": "2025-03-06T17:15:16.437",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [

12
CVE-2023/CVE-2023-223xx/CVE-2023-22335.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-22335",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-03-06T00:15:10.350",
"lastModified": "2024-11-21T07:44:35.147",
"lastModified": "2025-03-06T17:15:16.593",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -45,6 +45,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-228xx/CVE-2023-22847.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-22847",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-03-07T01:15:10.300",
"lastModified": "2024-11-21T07:45:30.923",
"lastModified": "2025-03-06T17:15:16.783",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-235xx/CVE-2023-23554.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-23554",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-03-07T01:15:10.363",
"lastModified": "2024-11-21T07:46:24.613",
"lastModified": "2025-03-06T17:15:16.980",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-427"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-247xx/CVE-2023-24780.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24780",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-08T00:15:08.937",
"lastModified": "2024-11-21T07:48:24.097",
"lastModified": "2025-03-06T18:15:40.293",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-247xx/CVE-2023-24781.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24781",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-07T15:15:11.247",
"lastModified": "2024-11-21T07:48:24.223",
"lastModified": "2025-03-06T18:15:40.553",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-269xx/CVE-2023-26954.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26954",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-07T13:15:10.257",
"lastModified": "2024-11-21T07:52:06.593",
"lastModified": "2025-03-06T18:15:40.840",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

12
CVE-2023/CVE-2023-275xx/CVE-2023-27567.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27567",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-03T22:15:10.067",
"lastModified": "2024-11-21T07:53:09.820",
"lastModified": "2025-03-06T17:15:17.347",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -45,6 +45,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [

12
CVE-2023/CVE-2023-275xx/CVE-2023-27574.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27574",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-03T22:15:10.147",
"lastModified": "2024-11-21T07:53:10.753",
"lastModified": "2025-03-06T17:15:17.480",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -45,6 +45,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-494"
}
]
}
],
"configurations": [

100
CVE-2024/CVE-2024-127xx/CVE-2024-12742.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-12742",
"sourceIdentifier": "security@ni.com",
"published": "2025-03-06T17:15:17.740",
"lastModified": "2025-03-06T17:15:17.740",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A deserialization of untrusted data vulnerability exists in NI G Web Development Software that may result in arbitrary code execution.\u202f Successful exploitation requires an attacker to get a user to open a specially crafted project file.\u202f This vulnerability affects G Web Development Software 2022 Q3 and prior versions."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security@ni.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "ACTIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NO",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "security@ni.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@ni.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/deserialization-of-untrusted-data-vulnerability-in-ni-g-web-deve.html",
"source": "security@ni.com"
}
]
}

68
CVE-2024/CVE-2024-134xx/CVE-2024-13469.json
View File

@ -2,20 +2,24 @@
"id": "CVE-2024-13469",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-28T09:15:09.823",
"lastModified": "2025-02-28T09:15:09.823",
"vulnStatus": "Received",
"lastModified": "2025-03-06T16:36:54.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Pricing Table by PickPlugins plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button Link in all versions up to, and including, 1.12.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Pricing Table de PickPlugins para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del enlace del bot\u00f3n en todas las versiones hasta la 1.12.10 incluida, debido a una depuraci\u00f3n de entrada insuficiente y al escape de salida. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -32,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,16 +69,50 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pickplugins:pricing_table:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.12.10",
"matchCriteriaId": "DB607E9A-E179-4920-94DE-AB718F889754"
}
]
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/pricingtable/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5239c414-cd1d-4257-9f8e-e7a92c2119f9?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

73
CVE-2024/CVE-2024-136xx/CVE-2024-13638.json
View File

@ -2,20 +2,24 @@
"id": "CVE-2024-13638",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-28T09:15:10.043",
"lastModified": "2025-02-28T09:15:10.043",
"vulnStatus": "Received",
"lastModified": "2025-03-06T16:36:54.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Order Attachments for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.1 via the 'uploads' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads directory which can contain file attachments added to orders."
},
{
"lang": "es",
"value": "El complemento Order Attachments for WooCommerce para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 2.5.1 incluida a trav\u00e9s del directorio 'uploads'. Esto permite que atacantes no autenticados extraigan datos confidenciales almacenados de forma insegura en el directorio /wp-content/uploads, que puede contener archivos adjuntos agregados a los pedidos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
@ -32,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,20 +69,57 @@
"value": "CWE-200"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:directsoftware:order_attachments_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.5.1",
"matchCriteriaId": "562F2F64-AE9F-466C-A288-464B5164B9B4"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/order-attachments-for-woocommerce/trunk/src/WCOA/Attachments/Attachment.php#L87",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/order-attachments-for-woocommerce/trunk/src/WCOA/Utils/Ajax.php#L61",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7e98b1ef-70dd-408d-8644-08933bca1cdd?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

66
CVE-2024/CVE-2024-137xx/CVE-2024-13716.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2024-13716",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-28T09:15:10.223",
"lastModified": "2025-02-28T09:15:10.223",
"vulnStatus": "Received",
"lastModified": "2025-03-06T16:36:54.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Forex Calculators plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_settings_callback() function in all versions up to, and including, 1.3.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the plugin's settings."
},
{
"lang": "es",
"value": "El complemento Forex Calculators para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n ajax_settings_callback() en todas las versiones hasta la 1.3.5 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor y superior, actualicen la configuraci\u00f3n del complemento."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -45,16 +69,50 @@
"value": "CWE-862"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tarbor:forex_calculators:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.8",
"matchCriteriaId": "5544AEAA-B299-4A9F-B470-A269997EE115"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/fx-calculators/tags/1.3.5/forex-calculators.php#L101",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/49ce8ca1-c1ae-4dda-909e-70c3b6d2b561?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

45
CVE-2024/CVE-2024-138xx/CVE-2024-13831.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-13831",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-28T09:15:10.400",
"lastModified": "2025-02-28T09:15:10.400",
"vulnStatus": "Received",
"lastModified": "2025-03-06T16:36:54.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Tabs for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input in the 'product_has_custom_tabs' function. This makes it possible for authenticated attackers, with Shop Manager-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present."
},
{
"lang": "es",
"value": "El complemento Tabs for WooCommerce para WordPress es vulnerable a la inyecci\u00f3n de objetos PHP en todas las versiones hasta la 1.0.0 incluida, a trav\u00e9s de la deserializaci\u00f3n de entradas no confiables en la funci\u00f3n 'product_has_custom_tabs'. Esto hace posible que atacantes autenticados, con acceso de nivel de administrador de tienda y superior, inyecten un objeto PHP. No hay ninguna cadena POP conocida presente en el software vulnerable, lo que significa que esta vulnerabilidad no tiene impacto a menos que se instale en el sitio otro complemento o tema que contenga una cadena POP. Si hay una cadena POP presente a trav\u00e9s de un complemento o tema adicional instalado en el sistema de destino, puede permitir al atacante realizar acciones como eliminar archivos arbitrarios, recuperar datos confidenciales o ejecutar c\u00f3digo seg\u00fan la cadena POP presente."
}
],
"metrics": {
@ -45,16 +49,49 @@
"value": "CWE-502"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpbranch:tabs_for_woocommerce:1.0.0:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "BCFDDBCD-0A62-4A84-8AC8-36D548EAFF75"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wc-tabs/trunk/wc-tabs-lite.php#L363",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/790a2c64-b358-41ed-be17-f2b99d294617?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

46
CVE-2024/CVE-2024-138xx/CVE-2024-13832.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-13832",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-28T09:15:10.570",
"lastModified": "2025-02-28T09:15:10.570",
"vulnStatus": "Received",
"lastModified": "2025-03-06T16:36:54.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Ultra Addons Lite for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.8 via the 'ut_elementor' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to."
},
{
"lang": "es",
"value": "El complemento Ultra Addons Lite para Elementor para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n en todas las versiones hasta la 1.1.8 incluida a trav\u00e9s del c\u00f3digo abreviado 'ut_elementor' debido a restricciones insuficientes sobre qu\u00e9 publicaciones se pueden incluir. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, extraigan datos de publicaciones protegidas con contrase\u00f1a, privadas o en borrador a las que no deber\u00edan tener acceso."
}
],
"metrics": {
@ -45,16 +49,50 @@
"value": "CWE-639"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:uncodethemes:ultra_addons_lite_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.8",
"matchCriteriaId": "C862A491-1577-445A-AD47-DF0E8C6ABE97"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/ut-elementor-addons-lite/trunk/includes/queries.php#L506",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/476883a8-c258-477b-99d3-f35423d7a312?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-138xx/CVE-2024-13851.json
View File

@ -2,20 +2,24 @@
"id": "CVE-2024-13851",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-28T09:15:10.733",
"lastModified": "2025-02-28T09:15:10.733",
"vulnStatus": "Received",
"lastModified": "2025-03-06T16:36:54.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Modal Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
},
{
"lang": "es",
"value": "El complemento Modal Portfolio para WordPress es vulnerable a cross site scripting almacenado en todas las versiones hasta la 1.7.4.2 incluida, debido a una depuraci\u00f3n de entrada insuficiente y al escape de salida. Esto permite que atacantes autenticados, con acceso de nivel de administrador o superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada. Esto solo afecta a instalaciones multisitio e instalaciones en las que se ha deshabilitado unfiltered_html."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
@ -32,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
@ -45,16 +69,50 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:internet-formation:modal_portfolio:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.7.4.2",
"matchCriteriaId": "4670F315-266A-42A7-863A-F354F1995239"
}
]
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/modal-portfolio/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dc049cab-6793-4656-9b17-8ca64c566c4c?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-428xx/CVE-2024-42844.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-42844",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-06T15:15:15.800",
"lastModified": "2025-03-06T15:15:15.800",
"lastModified": "2025-03-06T17:15:18.793",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se ha identificado una vulnerabilidad de inyecci\u00f3n SQL en EPICOR Prophet 21 (P21) hasta la versi\u00f3n 23.2.5232. Esta vulnerabilidad permite a atacantes remotos autenticados ejecutar comandos SQL arbitrarios a trav\u00e9s de campos de entrada de usuario no depurados para obtener informaci\u00f3n no autorizada."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/getHecked/dc4ae46526d181d3deb17092815b9bec",

5231
CVE-2024/CVE-2024-430xx/CVE-2024-43056.json
View File

File diff suppressed because it is too large Load Diff

4151
CVE-2024/CVE-2024-430xx/CVE-2024-43057.json
View File

File diff suppressed because it is too large Load Diff

560
CVE-2024/CVE-2024-430xx/CVE-2024-43059.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-43059",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2025-03-03T11:15:12.140",
"lastModified": "2025-03-03T11:15:12.140",
"vulnStatus": "Received",
"lastModified": "2025-03-06T16:36:34.470",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node."
},
{
"lang": "es",
"value": "Corrupci\u00f3n de memoria al invocar llamadas IOCTL desde el espacio de uso para el nodo de memoria HGSL."
}
],
"metrics": {
@ -47,10 +51,556 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html",
"source": "product-security@qualcomm.com"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8770p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "781CCC31-C08F-499B-BE73-6C7DB70437AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8770p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14725E0A-2BF4-42DC-BCC2-EED9BF685FF6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8775p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C79595B-1259-4431-96F9-C5A24E624305"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8775p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E11007D-218A-4B31-9640-EF5158233FF7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A024AB04-B213-4018-A4C1-FA467C7BA775"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa9000p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9D76C25-436A-4D7B-BBCE-0EADE73E00FB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7E52771-4FB7-45DB-A349-4DD911F53752"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sdm429w:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E69E56-02B6-46FB-BEBD-B8B7178CD450"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_429_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0C530E-53E7-482B-8522-C632E98E756B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_429:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE109312-33AC-47CE-AEF0-E91B288CDA39"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "985A7570-846E-4ED8-8EF0-E529231CE0B1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE206B0F-D879-493B-A744-24C20E74344C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sxr2230p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "998FA676-5F4D-4366-B27F-81983A148D9F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sxr2250p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68A93ED1-F509-439E-AE7B-F0EC87AE759F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sxr2250p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7BD7650-7CF8-4752-89A4-89A917E110F2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9380:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7866947A-ADE3-432A-81C5-8C51A82929C3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9385:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07B47B08-E12E-4846-822E-EB16FE42A181"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D99CA230-0694-4898-A06E-9C522CCB86CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3620:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B395C76-2E1F-4DF3-9CB5-2762227FED00"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3660b:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9799B24D-14FF-4BBA-8B02-2857D242F245"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8830:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BDA6307-9509-41DB-9C34-218816462A08"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8832:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBD3ADB-D073-42E5-A8FA-27B19D9058FB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8835:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B026F0-559D-4042-8594-DCF155F58CCF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4960983D-7D32-4AE8-AFF9-22FDEEEA1C11"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7074D04-5015-45EA-826B-6E0F85F441EB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3723C7B1-A7E2-401F-8D6D-189350F6BCA5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qam8255p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE49AA0-F897-43D2-99B3-68A5395C02AF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qam8775p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49B2DF91-BE6B-4E9E-B63C-98DADD29AD6B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qam8775p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C83A5E10-B158-4393-BF56-C4585A4A0EFE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6E268D-C4AF-4950-9223-39EA36D538A8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8255p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9575488-A628-4263-9488-73B44FE3505B"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html",
"source": "product-security@qualcomm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

1133
CVE-2024/CVE-2024-430xx/CVE-2024-43060.json
View File

File diff suppressed because it is too large Load Diff

830
CVE-2024/CVE-2024-430xx/CVE-2024-43061.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-43061",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2025-03-03T11:15:12.460",
"lastModified": "2025-03-03T11:15:12.460",
"vulnStatus": "Received",
"lastModified": "2025-03-06T16:36:34.470",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive."
},
{
"lang": "es",
"value": "Corrupci\u00f3n de memoria durante la activaci\u00f3n por voz, cuando los par\u00e1metros del modelo de sonido se cargan desde HLOS y la lista de modelos de sonido recibidos est\u00e1 vac\u00eda en la unidad HLOS."
}
],
"metrics": {
@ -47,10 +51,826 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html",
"source": "product-security@qualcomm.com"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4960983D-7D32-4AE8-AFF9-22FDEEEA1C11"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7074D04-5015-45EA-826B-6E0F85F441EB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qam8295p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF28D7-73D0-49B7-8E9E-08F8918D6F31"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qca6574au:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDE31B7-E228-40A7-AC36-480EDA214BF4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qca6696:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BABD5D03-6673-4F10-AF02-4D3305D7AE26"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2AD0E09B-92EC-4974-BC5F-66C3AAF586B1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qca9367:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16297CD7-0688-4C89-8369-D4D1C653F6A5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D2B46E-3996-42FD-B932-09E92C02EC8A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qca9377:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0C8EF72-8147-408B-B0B6-B75A962A021B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFF23DDB-98A0-4343-ADD3-5AB9C2383E7E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qcs8550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBE078A8-1117-4713-A276-1E9599EF7E3F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa6145p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C78C9081-DAEC-4A13-AD63-A9F2B440B4D3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa6150p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA20C890-AAB8-45FA-B525-82E0CFA175BD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa6155p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83EB0985-C4DC-45A6-9542-864346C6CF8C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8145p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E917DC4-6881-4276-8A0C-2C90E844D1AE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8150p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0A25A5-6D93-458F-B445-9D020D043E78"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8155p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44DA1734-82DD-4754-BA3B-01C370432F98"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8195p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BA5CFC1-B3D1-44FD-A686-C35BA1998395"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8295p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2868A03-0806-453A-BD7B-C6EFFA03BA4A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8530p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6107034C-E0B0-43BD-963B-2B558B913537"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8530p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1EBB4F0-ED67-4096-B49D-14299AC26836"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FE8B62D-83B4-4326-8A53-FED5947D5FFE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8540p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90F8F138-B964-46D8-B15D-69DC6D3CC414"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A024AB04-B213-4018-A4C1-FA467C7BA775"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa9000p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9D76C25-436A-4D7B-BBCE-0EADE73E00FB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7E52771-4FB7-45DB-A349-4DD911F53752"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sdm429w:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E69E56-02B6-46FB-BEBD-B8B7178CD450"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_429_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0C530E-53E7-482B-8522-C632E98E756B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_429:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE109312-33AC-47CE-AEF0-E91B288CDA39"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sxr2230p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "998FA676-5F4D-4366-B27F-81983A148D9F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sxr2250p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68A93ED1-F509-439E-AE7B-F0EC87AE759F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sxr2250p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7BD7650-7CF8-4752-89A4-89A917E110F2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9380:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7866947A-ADE3-432A-81C5-8C51A82929C3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9385:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07B47B08-E12E-4846-822E-EB16FE42A181"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D99CA230-0694-4898-A06E-9C522CCB86CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3620:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B395C76-2E1F-4DF3-9CB5-2762227FED00"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3660b:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9799B24D-14FF-4BBA-8B02-2857D242F245"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8830:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BDA6307-9509-41DB-9C34-218816462A08"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8832:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBD3ADB-D073-42E5-A8FA-27B19D9058FB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8835:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B026F0-559D-4042-8594-DCF155F58CCF"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html",
"source": "product-security@qualcomm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

398
CVE-2024/CVE-2024-430xx/CVE-2024-43062.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-43062",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2025-03-03T11:15:12.617",
"lastModified": "2025-03-03T11:15:12.617",
"vulnStatus": "Received",
"lastModified": "2025-03-06T16:36:34.470",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization."
},
{
"lang": "es",
"value": "Corrupci\u00f3n de memoria causada por bloqueos y verificaciones faltantes en la barrera DMA y sincronizaci\u00f3n incorrecta."
}
],
"metrics": {
@ -47,10 +51,394 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html",
"source": "product-security@qualcomm.com"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4960983D-7D32-4AE8-AFF9-22FDEEEA1C11"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7074D04-5015-45EA-826B-6E0F85F441EB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7E52771-4FB7-45DB-A349-4DD911F53752"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sdm429w:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E69E56-02B6-46FB-BEBD-B8B7178CD450"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_429_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0C530E-53E7-482B-8522-C632E98E756B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_429:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE109312-33AC-47CE-AEF0-E91B288CDA39"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "985A7570-846E-4ED8-8EF0-E529231CE0B1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE206B0F-D879-493B-A744-24C20E74344C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sxr2230p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "998FA676-5F4D-4366-B27F-81983A148D9F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sxr2250p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68A93ED1-F509-439E-AE7B-F0EC87AE759F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sxr2250p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7BD7650-7CF8-4752-89A4-89A917E110F2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9380:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7866947A-ADE3-432A-81C5-8C51A82929C3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9385:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07B47B08-E12E-4846-822E-EB16FE42A181"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D99CA230-0694-4898-A06E-9C522CCB86CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3620:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B395C76-2E1F-4DF3-9CB5-2762227FED00"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3660b:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9799B24D-14FF-4BBA-8B02-2857D242F245"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8830:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BDA6307-9509-41DB-9C34-218816462A08"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8832:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBD3ADB-D073-42E5-A8FA-27B19D9058FB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8835:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B026F0-559D-4042-8594-DCF155F58CCF"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html",
"source": "product-security@qualcomm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

1019
CVE-2024/CVE-2024-455xx/CVE-2024-45580.json
View File

File diff suppressed because it is too large Load Diff

51
CVE-2024/CVE-2024-480xx/CVE-2024-48040.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-48040",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-11T19:15:10.660",
"lastModified": "2024-10-15T12:57:46.880",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-06T18:13:11.800",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 4.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -51,10 +71,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/tainacan/wordpress-tainacan-plugin-0-21-8-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tainacan:tainacan:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "0.21.9",
"matchCriteriaId": "620F3FC0-BABC-4D1C-A496-B563F38E3689"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/tainacan/wordpress-tainacan-plugin-0-21-8-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

803
CVE-2024/CVE-2024-498xx/CVE-2024-49836.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-49836",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2025-03-03T11:15:12.923",
"lastModified": "2025-03-03T11:15:12.923",
"vulnStatus": "Received",
"lastModified": "2025-03-06T16:36:34.470",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory corruption may occur during the synchronization of the camera`s frame processing pipeline."
},
{
"lang": "es",
"value": "Es posible que se produzcan da\u00f1os en la memoria durante la sincronizaci\u00f3n del proceso de procesamiento de cuadros de la c\u00e1mara."
}
],
"metrics": {
@ -47,10 +51,799 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html",
"source": "product-security@qualcomm.com"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4960983D-7D32-4AE8-AFF9-22FDEEEA1C11"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7074D04-5015-45EA-826B-6E0F85F441EB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qmp1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5298473D-8B34-42E6-BC32-69A3800972B4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qmp1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA414960-717C-4410-8DC0-DCBC2BE9ED2B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7E52771-4FB7-45DB-A349-4DD911F53752"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sdm429w:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E69E56-02B6-46FB-BEBD-B8B7178CD450"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sm8735_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "167C1CC1-03F8-49B3-B460-FCA38644DA06"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sm8735:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3960C2B5-0754-409B-9374-B0355AA7BE92"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sm8750_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84641A8E-A93C-48C1-86AC-193951BA4D78"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sm8750:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10804BB9-4B83-4538-B4FE-03D3057EF219"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sm8750p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8ABDBF-BABC-4219-8A18-BDFC8C826B1F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sm8750p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A4AC7FF-1A74-4DB8-878B-D28359F6EE45"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_429_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0C530E-53E7-482B-8522-C632E98E756B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_429:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE109312-33AC-47CE-AEF0-E91B288CDA39"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1723FB1C-CDAC-4579-AD73-FB992A192153"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_3:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB033477-9CBA-4373-84F8-EC51343DA77B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sxr2230p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "998FA676-5F4D-4366-B27F-81983A148D9F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sxr2250p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68A93ED1-F509-439E-AE7B-F0EC87AE759F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sxr2250p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7BD7650-7CF8-4752-89A4-89A917E110F2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9378_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CFDBB5B-0A4F-4032-874F-D2A7EF933FB0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9378:*:*:*:*:*:*:*:*",
"matchCriteriaId": "320D99BA-0F35-4D6C-BA1F-F17635F91DA3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9380:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7866947A-ADE3-432A-81C5-8C51A82929C3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9385:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07B47B08-E12E-4846-822E-EB16FE42A181"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "896F1C04-9957-440F-BF01-C3772CC3B3DF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9390:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DDFBF5F-3B2B-45DB-9615-ACD91C750683"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "699056F6-1517-4F25-AE07-4FFCF6923B9F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9395:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19928ECE-85EE-4A64-B0BD-780F5CE24327"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D99CA230-0694-4898-A06E-9C522CCB86CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3620:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B395C76-2E1F-4DF3-9CB5-2762227FED00"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3660b:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9799B24D-14FF-4BBA-8B02-2857D242F245"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn7750_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B2800F-B0A7-489E-BD70-B2EAAF45DE7A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn7750:*:*:*:*:*:*:*:*",
"matchCriteriaId": "572B883C-0F03-4C69-8B4D-C1EC8FE3A198"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB8794F-7998-424E-AF68-E4A4F9310F65"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn7860:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8D73AEF-A4E2-4710-A4C1-FEA666490C29"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57608D47-894C-4895-B4B3-4733D55D57DB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn7861:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A7DAE3-5844-4112-B93F-3D07880D6AB8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn7880_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63735D33-9F09-4841-9FE0-0D9AB604BECF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn7880:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EFAA6C2-5370-4281-82A0-058DFEF1DA3B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D765C392-5F38-4E6A-9E88-59629E7A6911"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn7881:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80F227C1-7D2B-48B5-BCC3-071DEA1FD8DB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8830:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BDA6307-9509-41DB-9C34-218816462A08"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8832:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBD3ADB-D073-42E5-A8FA-27B19D9058FB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8835:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B026F0-559D-4042-8594-DCF155F58CCF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA33DE15-C177-43B3-AD50-FF797753D12E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8840:*:*:*:*:*:*:*:*",
"matchCriteriaId": "109D7C08-566D-4F9D-B706-ADB232C3DB23"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B47BF35-3AA0-4667-842E-19B0FE30BF3C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8845:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B187B8-56FB-4DC5-A4FC-9B9E09B9EA7B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7CF473-8B25-4851-91F2-1BD693CCDC85"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8845h:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75F541E7-A11E-4403-81E3-D991E4DCA724"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html",
"source": "product-security@qualcomm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

34
CVE-2024/CVE-2024-501xx/CVE-2024-50130.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50130",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-05T18:15:15.850",
"lastModified": "2024-11-07T21:49:00.380",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-06T17:15:18.953",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-501xx/CVE-2024-50150.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50150",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-07T10:15:06.707",
"lastModified": "2024-11-22T17:29:00.880",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-06T17:15:19.133",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-502xx/CVE-2024-50283.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-50283",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:30.620",
"lastModified": "2024-12-14T21:15:34.663",
"lastModified": "2025-03-06T17:15:19.347",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-502xx/CVE-2024-50286.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50286",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:30.860",
"lastModified": "2024-11-21T21:12:17.143",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-06T17:15:19.563",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

56
CVE-2024/CVE-2024-514xx/CVE-2024-51476.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-51476",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-03-06T17:15:19.763",
"lastModified": "2025-03-06T17:15:19.763",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Concert Software 1.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7184961",
"source": "psirt@us.ibm.com"
}
]
}

21
CVE-2024/CVE-2024-529xx/CVE-2024-52923.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-52923",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-06T18:15:41.160",
"lastModified": "2025-03-06T18:15:41.160",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of a boundary check during the decoding of DL NAS Transport messages leads to a Denial of Service."
}
],
"metrics": {},
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-529xx/CVE-2024-52924.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-52924",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-06T18:15:41.320",
"lastModified": "2025-03-06T18:15:41.320",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of boundary check during the decoding of Registration Accept messages can lead to out-of-bounds writes on the stack"
}
],
"metrics": {},
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",
"source": "cve@mitre.org"
}
]
}

6824
CVE-2024/CVE-2024-530xx/CVE-2024-53014.json
View File

File diff suppressed because it is too large Load Diff

646
CVE-2024/CVE-2024-530xx/CVE-2024-53022.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-53022",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2025-03-03T11:15:13.630",
"lastModified": "2025-03-03T11:15:13.630",
"vulnStatus": "Received",
"lastModified": "2025-03-06T17:52:55.370",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory corruption may occur during communication between primary and guest VM."
},
{
"lang": "es",
"value": "Se puede producir corrupci\u00f3n de memoria durante la comunicaci\u00f3n entre la m\u00e1quina virtual principal y la invitada."
}
],
"metrics": {
@ -45,12 +49,648 @@
"value": "CWE-20"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3723C7B1-A7E2-401F-8D6D-189350F6BCA5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qam8255p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE49AA0-F897-43D2-99B3-68A5395C02AF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qam8295p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF28D7-73D0-49B7-8E9E-08F8918D6F31"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qam8620p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBAC2260-52E3-49DE-97EA-F80DBD837FD3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qam8620p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4770A2-EDC5-4150-866D-37D93FF6EAC8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qam8650p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "295E75BD-2A6C-4A76-A376-A9977DDB17FF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qam8650p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5BF721-7307-48A3-9503-7AAE47F6FAFD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qam8775p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49B2DF91-BE6B-4E9E-B63C-98DADD29AD6B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qam8775p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C83A5E10-B158-4393-BF56-C4585A4A0EFE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8673334-5E11-4E95-B33D-3029499F71DF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qamsrv1h:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A06870E-8D10-4A4B-8875-0BEE3F4DBA0F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qamsrv1m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE03AB2A-3ED9-4489-8E5B-4FCF8BAA8559"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qamsrv1m:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF2B8F41-5B49-4BBA-8FC5-B8EB1905DF94"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qca6595:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76BDDF47-ADA1-46D7-8AED-3E3AB0F76856"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qca6595au:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42291FDE-83BD-4EAE-A84D-7CF432A6A61C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qca6696:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BABD5D03-6673-4F10-AF02-4D3305D7AE26"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa7255p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B651F0A-34DA-400F-A376-B499BFDF8E86"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa7255p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D0E3E9E-C095-4E78-8393-C1F89ED926AF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa7775p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C32CA38-5D48-4108-9858-FD66E20CAF2F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa7775p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C705133D-3EB4-4882-9354-4CB3A6AE15C2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6E268D-C4AF-4950-9223-39EA36D538A8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8255p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9575488-A628-4263-9488-73B44FE3505B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8295p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2868A03-0806-453A-BD7B-C6EFFA03BA4A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FE8B62D-83B4-4326-8A53-FED5947D5FFE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8540p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90F8F138-B964-46D8-B15D-69DC6D3CC414"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8620p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACE6D64-A498-482F-8270-718F4884CFFD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8620p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA96408C-8808-42FF-876D-6DD3984FEA44"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8650p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E807AA-5646-48AD-9A5C-B0B13E222AA9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8650p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63924D7C-01C8-4EAB-8C94-5B4DFB27A517"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8770p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "781CCC31-C08F-499B-BE73-6C7DB70437AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8770p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14725E0A-2BF4-42DC-BCC2-EED9BF685FF6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8775p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C79595B-1259-4431-96F9-C5A24E624305"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8775p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E11007D-218A-4B31-9640-EF5158233FF7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A024AB04-B213-4018-A4C1-FA467C7BA775"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa9000p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9D76C25-436A-4D7B-BBCE-0EADE73E00FB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:srv1h_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD199F5-DA68-4BEB-AA99-11572DA26B4F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:srv1h:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81B0A1CA-5FEE-4D3F-80B1-D1766271FA32"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:srv1l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88B3A43-24DD-44EB-AEF1-B7ECAB97C0FB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:srv1l:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49DCBD66-1D8D-4102-AF6B-5FD15099BC72"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:srv1m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4B29E7F-8BFE-466A-B357-63F8A2160C4E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:srv1m:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDB49104-092C-4031-8BD8-A118C1F89D74"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html",
"source": "product-security@qualcomm.com"
"source": "product-security@qualcomm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4502
CVE-2024/CVE-2024-530xx/CVE-2024-53024.json
View File

File diff suppressed because it is too large Load Diff

505
CVE-2024/CVE-2024-530xx/CVE-2024-53025.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-53025",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2025-03-03T11:15:14.120",
"lastModified": "2025-03-03T11:15:14.120",
"vulnStatus": "Received",
"lastModified": "2025-03-06T17:52:41.783",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Transient DOS can occur while processing UCI command."
},
{
"lang": "es",
"value": "Se puede producir una DOS transitoria mientras se procesa el comando UCI."
}
],
"metrics": {
@ -47,10 +51,501 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html",
"source": "product-security@qualcomm.com"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7074D04-5015-45EA-826B-6E0F85F441EB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sm8750_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84641A8E-A93C-48C1-86AC-193951BA4D78"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sm8750:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10804BB9-4B83-4538-B4FE-03D3057EF219"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sm8750p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8ABDBF-BABC-4219-8A18-BDFC8C826B1F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sm8750p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A4AC7FF-1A74-4DB8-878B-D28359F6EE45"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1723FB1C-CDAC-4579-AD73-FB992A192153"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_3:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB033477-9CBA-4373-84F8-EC51343DA77B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "896F1C04-9957-440F-BF01-C3772CC3B3DF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9390:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DDFBF5F-3B2B-45DB-9615-ACD91C750683"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "699056F6-1517-4F25-AE07-4FFCF6923B9F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9395:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19928ECE-85EE-4A64-B0BD-780F5CE24327"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn6450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FAFC9FA-E6EF-44C5-BD50-2824C7711541"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn6450:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE831E17-AC45-4C39-9075-49FC7DB7E77C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC386D9-3D2B-40FA-A2D9-199BB138F46A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn6755:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFC5073D-4EC8-46DB-BB16-C4A73820934A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB8794F-7998-424E-AF68-E4A4F9310F65"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn7860:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8D73AEF-A4E2-4710-A4C1-FEA666490C29"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57608D47-894C-4895-B4B3-4733D55D57DB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn7861:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A7DAE3-5844-4112-B93F-3D07880D6AB8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn7880_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63735D33-9F09-4841-9FE0-0D9AB604BECF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn7880:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EFAA6C2-5370-4281-82A0-058DFEF1DA3B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D765C392-5F38-4E6A-9E88-59629E7A6911"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn7881:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80F227C1-7D2B-48B5-BCC3-071DEA1FD8DB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8830:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BDA6307-9509-41DB-9C34-218816462A08"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8832:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBD3ADB-D073-42E5-A8FA-27B19D9058FB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8835:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B026F0-559D-4042-8594-DCF155F58CCF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA33DE15-C177-43B3-AD50-FF797753D12E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8840:*:*:*:*:*:*:*:*",
"matchCriteriaId": "109D7C08-566D-4F9D-B706-ADB232C3DB23"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B47BF35-3AA0-4667-842E-19B0FE30BF3C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8845:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B187B8-56FB-4DC5-A4FC-9B9E09B9EA7B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7CF473-8B25-4851-91F2-1BD693CCDC85"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8845h:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75F541E7-A11E-4403-81E3-D991E4DCA724"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html",
"source": "product-security@qualcomm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

5744
CVE-2024/CVE-2024-530xx/CVE-2024-53027.json
View File

File diff suppressed because it is too large Load Diff

34
CVE-2024/CVE-2024-530xx/CVE-2024-53068.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53068",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T18:15:26.557",
"lastModified": "2024-11-25T13:43:00.467",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-06T17:15:19.957",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

39
CVE-2024/CVE-2024-531xx/CVE-2024-53182.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-53182",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T14:15:25.643",
"lastModified": "2024-12-27T14:15:25.643",
"lastModified": "2025-03-06T17:15:20.157",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En el n\u00facleo de Linux, se ha resuelto la siguiente vulnerabilidad: Revertir \"block, bfq: merge bfq_release_process_ref() into bfq_put_cooperator()\" Esto revierte el commit bc3b1e9e7c50e1de0f573eea3871db61dd4787de. El bic est\u00e1 asociado con sync_bfqq y bfq_release_process_ref no se puede colocar en bfq_put_cooperator. informe de kasan: [ 400.347277] ======================================================================= [ 400.347287] ERROR: KASAN: slab-use-after-free en bic_set_bfqq+0x200/0x230 [ 400.347420] Lectura de tama\u00f1o 8 en la direcci\u00f3n ffff88881cab7d60 por la tarea dockerd/5800 [ 400.347430] [ 400.347436] CPU: 24 UID: 0 PID: 5800 Comm: dockerd Kdump: cargado Tainted: GE 6.12.0 #32 [ 400.347450] Contaminado: [E]=UNSIGNED_MODULE [ 400.347454] Nombre del hardware: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.20192059.B64.2207280713 28/07/2022 [ 400.347460] Seguimiento de llamadas: [ 400.347464] [ 400.347468] dump_stack_lvl+0x5d/0x80 [ 400.347490] print_report+0x174/0x505 [ 400.347521] kasan_report+0xe0/0x160 [ 400.347541] bic_set_bfqq+0x200/0x230 [ 400.347549] bfq_bic_update_cgroup+0x419/0x740 [ 400.347560] bfq_bio_merge+0x133/0x320 [ 400.347584] blk_mq_submit_bio+0x1761/0x1e20 [ 400.347625] __submit_bio+0x28b/0x7b0 [ 400.347664] enviar_bio_noacct_nocheck+0x6b2/0xd30 [ 400.347690] iomap_readahead+0x50c/0x680 [ 400.347731] p\u00e1ginas_de_lectura+0x17f/0x9c0 [ 400.347785] cach\u00e9_de_p\u00e1gina_ra_sin_l\u00edmites+0x366/0x4a0 [ 400.347795] error_mapa_archivo+0x83d/0x2340 [ 400.347819] error_mapa_archivo_xfs+0x11a/0x7d0 [xfs] [ 400.349256] error_do+0xf1/0x610 [ 400.349270] error_do+0x977/0x11a0 [ 400.349281] error_mm_gestionar+0x5d1/0x850 [ 400.349314] handle_mm_fault+0x1f8/0x560 [ 400.349324] do_user_addr_fault+0x324/0x970 [ 400.349337] exc_page_fault+0x76/0xf0 [ 400.349350] asm_exc_page_fault+0x26/0x30 [ 400.349360] RIP: 0033:0x55a480d77375 [ 400.349384] C\u00f3digo: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 49 3b 66 10 0f 86 ae 02 00 00 55 48 89 e5 48 83 ec 58 48 8b 10 <83> 7a 10 00 0f 84 27 02 00 00 44 0f b6 42 28 44 0f b6 4a 29 41 80 [ 400.349392] RSP: 002b:00007f18c37fd8b8 EFLAGS: 00010216 [ 400.349401] RAX: 00007f18c37fd9d0 RBX: 000000000000000 RCX: 0000000000000000 [ 400.349407] RDX: 000055a484407d38 RSI: 000000c000e8b0c0 RDI: 0000000000000000 [ 400.349412] RBP: 00007f18c37fd910 R08: 000055a484017f60 R09: 000055a484066f80 [ 400.349417] R10: 0000000000194000 R11: 0000000000000005 R12: 0000000000000008 [ 400.349422] R13: 0000000000000000 R14: 000000c000476a80 R15: 0000000000000000 [ 400.349430] [ 400.349452] [ 400.349454] Asignado por la tarea 5800: [ 400.349459] kasan_save_stack+0x30/0x50 [ 400.349469] kasan_save_track+0x14/0x30 [ 400.349475] __kasan_slab_alloc+0x89/0x90 [ 400.349482] kmem_cache_alloc_node_noprof+0xdc/0x2a0 [ 400.349492] bfq_get_queue+0x1ef/0x1100 [ 400.349502] __bfq_get_bfqq_handle_split+0x11a/0x510 [ 400.349511] bfq_insert_requests+0xf55/0x9030 [ 400.349519] blk_mq_flush_plug_list+0x446/0x14c0 [ 400.349527] __blk_flush_plug+0x27c/0x4e0 [ 400.349534] blk_finish_plug+0x52/0xa0 [ 400.349540] _xfs_buf_ioapply+0x739/0xc30 [xfs] [ 400.350246] __xfs_buf_submit+0x1b2/0x640 [xfs] [ 400.350967] xfs_buf_read_map+0x306/0xa20 [xfs] [ 400.351672] xfs_trans_read_buf_map+0x285/0x7d0 [xfs] [ 400.352386] xfs_imap_to_bp+0x107/0x270 [xfs] [ 400.353077] xfs_iget+0x70d/0x1eb0 [xfs] [ 400.353786] xfs_lookup+0x2ca/0x3a0 [xfs] [ 400.354506] xfs_vn_lookup+0x14e/0x1a0 [xfs] [ 400.355197] __lookup_slow+0x19c/0x340 [ 400.355204] lookup_one_unlocked+0xfc/0x120 [ 400.355211] ovl_lookup_single+0x1b3/0xcf0 [superposici\u00f3n] [ 400.355255] ovl_lookup_layer+0x316/0x490 [superposici\u00f3n] [ 400.355295] ovl_lookup+0x844/0x1fd0 [superposici\u00f3n] [ 400.355351] lookup_one_qstr_excl+0xef/0x150 [ 400.355357] do_unlinkat+0x22a/0x620 [ 400.355366] __x64_sys_unlinkat+0x109/0x1e0 [ 400.355375] do_syscall_64+0x82/0x160 [ 400.355384] entrada_SYSCALL_64_after_hwframe+0x76/0x7 ---truncado---"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/7baf94232651f39f7108c23bc9548bff89bdc77b",

34
CVE-2024/CVE-2024-532xx/CVE-2024-53208.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53208",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T14:15:28.677",
"lastModified": "2025-01-16T16:46:38.657",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-06T17:15:20.330",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-565xx/CVE-2024-56551.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-56551",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T15:15:13.850",
"lastModified": "2025-01-23T17:15:15.510",
"lastModified": "2025-03-06T17:15:20.590",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-566xx/CVE-2024-56658.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56658",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T15:15:25.643",
"lastModified": "2025-01-06T19:29:49.770",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-06T17:15:20.783",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

37
CVE-2024/CVE-2024-580xx/CVE-2024-58076.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-58076",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T17:15:20.997",
"lastModified": "2025-03-06T17:15:20.997",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-sm6350: Add missing parent_map for two clocks\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we'll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for two clocks where it's missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/08b77ed7cfaac62bba51ac7a0487409ec9fcbc84",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/39336edd14a59dc086fb19957655e0f340bb28e8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3e567032233a240b903dc11c9f18eeb3faa10ffa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/96fe1a7ee477d701cfc98ab9d3c730c35d966861",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b6fe13566bf5676b1e3b72d2a06d875733e93ee6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-580xx/CVE-2024-58077.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-58077",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T17:15:21.123",
"lastModified": "2025-03-06T17:15:21.123",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback\n\ncommit 1f5664351410 (\"ASoC: lower \"no backend DAIs enabled for ... Port\"\nlog severity\") ignores -EINVAL error message on common soc_pcm_ret().\nIt is used from many functions, ignoring -EINVAL is over-kill.\n\nThe reason why -EINVAL was ignored was it really should only be used\nupon invalid parameters coming from userspace and in that case we don't\nwant to log an error since we do not want to give userspace a way to do\na denial-of-service attack on the syslog / diskspace.\n\nSo don't use soc_pcm_ret() on .prepare callback is better idea."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/301c26a018acb94dd537a4418cefa0f654500c6f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/79b8c7c93beb4f5882c9ee5b9ba73354fa4bc9ee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8ec4e8c8e142933eaa8e1ed87168831069250e4e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/90778f31efdf44622065ebbe8d228284104bd26f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b65ba768302adc7ddc70811116cef80ca089af59",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-580xx/CVE-2024-58078.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-58078",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T17:15:21.250",
"lastModified": "2025-03-06T17:15:21.250",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors\n\nmisc_minor_alloc was allocating id using ida for minor only in case of\nMISC_DYNAMIC_MINOR but misc_minor_free was always freeing ids\nusing ida_free causing a mismatch and following warn:\n> > WARNING: CPU: 0 PID: 159 at lib/idr.c:525 ida_free+0x3e0/0x41f\n> > ida_free called for id=127 which is not allocated.\n> > <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n...\n> > [<60941eb4>] ida_free+0x3e0/0x41f\n> > [<605ac993>] misc_minor_free+0x3e/0xbc\n> > [<605acb82>] misc_deregister+0x171/0x1b3\n\nmisc_minor_alloc is changed to allocate id from ida for all minors\nfalling in the range of dynamic/ misc dynamic minors"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3df72111c39f7e4c5029c9ff720b56ec2e05b764",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6635332d246d7db89b90e145f2bf937406cecaf0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6d04d2b554b14ae6c428a9c60b6c85f1e5c89f68",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8b4120b3e060e137eaa8dc76a1c40401088336e5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2024/CVE-2024-580xx/CVE-2024-58079.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-58079",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T17:15:21.360",
"lastModified": "2025-03-06T17:15:21.360",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix crash during unbind if gpio unit is in use\n\nWe used the wrong device for the device managed functions. We used the\nusb device, when we should be using the interface device.\n\nIf we unbind the driver from the usb interface, the cleanup functions\nare never called. In our case, the IRQ is never disabled.\n\nIf an IRQ is triggered, it will try to access memory sections that are\nalready free, causing an OOPS.\n\nWe cannot use the function devm_request_threaded_irq here. The devm_*\nclean functions may be called after the main structure is released by\nuvc_delete.\n\nLuckily this bug has small impact, as it is only affected by devices\nwith gpio units and the user has to unbind the device, a disconnect will\nnot trigger this error."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0b5e0445bc8384c18bd35cb9fe87f6258c6271d9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5d2e65cbe53d0141ed095cf31c2dcf3d8668c11d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a9ea1a3d88b7947ce8cadb2afceee7a54872bbc5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d2eac8b14ac690aa73052aa6d4ba69005715367e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-580xx/CVE-2024-58080.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-58080",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T17:15:21.473",
"lastModified": "2025-03-06T17:15:21.473",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: dispcc-sm6350: Add missing parent_map for a clock\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we'll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for the clock where it's missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2dba8d5d423fa5f6f3a687aa6e0da5808f69091b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3ad28517385e2821e8e43388d6a0b3e1ba0bc3ab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3daca9050857220726732ad9d4a8512069386f46",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a1f15808adfd77268eac7fefce5378ad9fedbfba",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d4cdb196f182d2fbe336c968228be00d8c3fed05",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-580xx/CVE-2024-58081.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-58081",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T17:15:21.577",
"lastModified": "2025-03-06T17:15:21.577",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mmp2: call pm_genpd_init() only after genpd.name is set\n\nSetting the genpd's struct device's name with dev_set_name() is\nhappening within pm_genpd_init(). If it remains NULL, things can blow up\nlater, such as when crafting the devfs hierarchy for the power domain:\n\n Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read\n ...\n Call trace:\n strlen from start_creating+0x90/0x138\n start_creating from debugfs_create_dir+0x20/0x178\n debugfs_create_dir from genpd_debug_add.part.0+0x4c/0x144\n genpd_debug_add.part.0 from genpd_debug_init+0x74/0x90\n genpd_debug_init from do_one_initcall+0x5c/0x244\n do_one_initcall from kernel_init_freeable+0x19c/0x1f4\n kernel_init_freeable from kernel_init+0x1c/0x12c\n kernel_init from ret_from_fork+0x14/0x28\n\nBisecting tracks this crash back to commit 899f44531fe6 (\"pmdomain: core:\nAdd GENPD_FLAG_DEV_NAME_FW flag\"), which exchanges use of genpd->name\nwith dev_name(&genpd->dev) in genpd_debug_add.part()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/763517124e27b07fa300b486d7d13c5d563a215e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e24b15d4704dcb73920c3d18a6157abd18df08c1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/eca01d5911fb34218d10a58d8d9534b758c8fd0a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-580xx/CVE-2024-58082.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-58082",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T17:15:21.677",
"lastModified": "2025-03-06T17:15:21.677",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: nuvoton: Fix an error check in npcm_video_ece_init()\n\nWhen function of_find_device_by_node() fails, it returns NULL instead of\nan error code. So the corresponding error check logic should be modified\nto check whether the return value is NULL and set the error code to be\nreturned as -ENODEV."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/bdd823b9d068284e1d998b962cfef29236365df3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c36b830754ae1dd1db41c27f57b29267878f9702",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c4b7779abc6633677e6edb79e2809f4f61fde157",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-580xx/CVE-2024-58083.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-58083",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T17:15:21.773",
"lastModified": "2025-03-06T17:15:21.773",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Explicitly verify target vCPU is online in kvm_get_vcpu()\n\nExplicitly verify the target vCPU is fully online _prior_ to clamping the\nindex in kvm_get_vcpu(). If the index is \"bad\", the nospec clamping will\ngenerate '0', i.e. KVM will return vCPU0 instead of NULL.\n\nIn practice, the bug is unlikely to cause problems, as it will only come\ninto play if userspace or the guest is buggy or misbehaving, e.g. KVM may\nsend interrupts to vCPU0 instead of dropping them on the floor.\n\nHowever, returning vCPU0 when it shouldn't exist per online_vcpus is\nproblematic now that KVM uses an xarray for the vCPUs array, as KVM needs\nto insert into the xarray before publishing the vCPU to userspace (see\ncommit c5b077549136 (\"KVM: Convert the kvm->vcpus array to a xarray\")),\ni.e. before vCPU creation is guaranteed to succeed.\n\nAs a result, incorrectly providing access to vCPU0 will trigger a\nuse-after-free if vCPU0 is dereferenced and kvm_vm_ioctl_create_vcpu()\nbails out of vCPU creation due to an error and frees vCPU0. Commit\nafb2acb2e3a3 (\"KVM: Fix vcpu_array[0] races\") papered over that issue, but\nin doing so introduced an unsolvable teardown conundrum. Preventing\naccesses to vCPU0 before it's fully online will allow reverting commit\nafb2acb2e3a3, without re-introducing the vcpu_array[0] UAF race."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/125da53b3c0c9d7f58353aea0076e9efd6498ba7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1e7381f3617d14b3c11da80ff5f8a93ab14cfc46",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ca8da90ed1432ff3d000de4f1e2275d4e7d21b96",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d817e510662fd1c9797952408d94806f97a5fffd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f2f805ada63b536bc192458a7098388286568ad4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2024/CVE-2024-580xx/CVE-2024-58084.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-58084",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T17:15:21.890",
"lastModified": "2025-03-06T17:15:21.890",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: qcom: scm: Fix missing read barrier in qcom_scm_get_tzmem_pool()\n\nCommit 2e4955167ec5 (\"firmware: qcom: scm: Fix __scm and waitq\ncompletion variable initialization\") introduced a write barrier in probe\nfunction to store global '__scm' variable. We all known barriers are\npaired (see memory-barriers.txt: \"Note that write barriers should\nnormally be paired with read or address-dependency barriers\"), therefore\naccessing it from concurrent contexts requires read barrier. Previous\ncommit added such barrier in qcom_scm_is_available(), so let's use that\ndirectly.\n\nLack of this read barrier can result in fetching stale '__scm' variable\nvalue, NULL, and dereferencing it.\n\nNote that barrier in qcom_scm_is_available() satisfies here the control\ndependency."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/b628510397b5cafa1f5d3e848a28affd1c635302",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e03db7c1255ebabba5e1a447754faeb138de15a2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fee921e3c641f64185abee83f9a6e65f0b380682",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-580xx/CVE-2024-58085.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-58085",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T17:15:21.993",
"lastModified": "2025-03-06T17:15:21.993",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntomoyo: don't emit warning in tomoyo_write_control()\n\nsyzbot is reporting too large allocation warning at tomoyo_write_control(),\nfor one can write a very very long line without new line character. To fix\nthis warning, I use __GFP_NOWARN rather than checking for KMALLOC_MAX_SIZE,\nfor practically a valid line should be always shorter than 32KB where the\n\"too small to fail\" memory-allocation rule applies.\n\nOne might try to write a valid line that is longer than 32KB, but such\nrequest will likely fail with -ENOMEM. Therefore, I feel that separately\nreturning -EINVAL when a line is longer than KMALLOC_MAX_SIZE is redundant.\nThere is no need to distinguish over-32KB and over-KMALLOC_MAX_SIZE."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3df7546fc03b8f004eee0b9e3256369f7d096685",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/414705c0303350d139b1dc18f329fe47dfb642dd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a01c200fa7eb59da4d2dbbb48b61f4a0d196c09f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c9382f380e8d09209b8e5c0def0545852168be25",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fe1c021eb03dae0dc9dce55e81f77a60e419a27a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2024/CVE-2024-580xx/CVE-2024-58086.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-58086",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T17:15:22.117",
"lastModified": "2025-03-06T17:15:22.117",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Stop active perfmon if it is being destroyed\n\nIf the active performance monitor (`v3d->active_perfmon`) is being\ndestroyed, stop it first. Currently, the active perfmon is not\nstopped during destruction, leaving the `v3d->active_perfmon` pointer\nstale. This can lead to undefined behavior and instability.\n\nThis patch ensures that the active perfmon is stopped before being\ndestroyed, aligning with the behavior introduced in commit\n7d1fd3638ee3 (\"drm/v3d: Stop the active perfmon before being destroyed\")."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1c5673a2c8926adbb61f340c779b28e18188a8cd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/21f1435b1e6b012a07c42f36b206d2b66fc8f13b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/95036d4c01167568166108d42c2b0e9f8dbd7d2b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/eb0e0eca0eab93f310c6c37b8564049366704691",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f8805b12f477bd964e2820a87921c7b58cc2dee3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

66
CVE-2024/CVE-2024-84xx/CVE-2024-8425.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2024-8425",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-28T09:15:11.083",
"lastModified": "2025-02-28T09:15:11.083",
"vulnStatus": "Received",
"lastModified": "2025-03-06T16:36:34.470",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WooCommerce Ultimate Gift Card plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'mwb_wgm_preview_mail' and 'mwb_wgm_woocommerce_add_cart_item_data' functions in all versions up to, and including, 2.6.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible."
},
{
"lang": "es",
"value": "El complemento WooCommerce Ultimate Gift Card para WordPress es vulnerable a la carga de archivos arbitrarios debido a una validaci\u00f3n de tipo de archivo insuficiente en las funciones 'mwb_wgm_preview_mail' y 'mwb_wgm_woocommerce_add_cart_item_data' en todas las versiones hasta la 2.6.0 incluida. Esto hace posible que atacantes no autenticados carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -45,16 +69,50 @@
"value": "CWE-434"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpswings:woocommerce_ultimate_gift_card:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.6.0",
"matchCriteriaId": "B4B1A329-4386-4BD5-9E2D-44F680812FFC"
}
]
}
]
}
],
"references": [
{
"url": "https://codecanyon.net/item/woocommerce-ultimate-gift-card/19191057",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6ebffb82-7455-40c9-9ffd-b78e0e73e431?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-90xx/CVE-2024-9019.json
View File

@ -2,20 +2,24 @@
"id": "CVE-2024-9019",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-28T09:15:11.270",
"lastModified": "2025-02-28T09:15:11.270",
"vulnStatus": "Received",
"lastModified": "2025-03-06T16:36:34.470",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SecuPress Free \u2014 WordPress Security plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's secupress_check_ban_ips_form shortcode in all versions up to, and including, 2.2.5.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento SecuPress Free \u2014 WordPress Security para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del c\u00f3digo abreviado secupress_check_ban_ips_form del complemento en todas las versiones hasta la 2.2.5.3 incluida, debido a una depuraci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n siempre que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -32,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,16 +69,50 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:secupress:secupress:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.2.5.3",
"matchCriteriaId": "8D9B79E0-6565-4526-9C30-0BAE363B1720"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/secupress/trunk/free/common.php#L238",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/56e842c8-61ac-4281-8c4a-9cb1f8ecc062?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

40
CVE-2024/CVE-2024-98xx/CVE-2024-9888.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9888",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T06:15:03.650",
"lastModified": "2024-10-16T16:38:14.557",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-06T18:13:11.800",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3168782/elementinvader-addons-for-elementor/trunk/modules/forms/ajax-handler.php",
"source": "security@wordfence.com"
},
"nodes": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ba9d12c5-fe3a-4958-8d35-c63bb05b6d5a?source=cve",
"source": "security@wordfence.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:elementinvader:elementinvader_addons_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.2.9",
"matchCriteriaId": "E307C7D7-F040-4D1D-83E9-2E28E024F4E4"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3168782/elementinvader-addons-for-elementor/trunk/modules/forms/ajax-handler.php",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ba9d12c5-fe3a-4958-8d35-c63bb05b6d5a?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

100
CVE-2025/CVE-2025-03xx/CVE-2025-0337.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2025-0337",
"sourceIdentifier": "psirt@servicenow.com",
"published": "2025-03-06T17:15:22.303",
"lastModified": "2025-03-06T17:15:22.303",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ServiceNow has addressed an authorization bypass vulnerability that was identified in the Washington release of the Now Platform. This vulnerability, if exploited, potentially could enable an authenticated user to access unauthorized data stored within the Now Platform that the user otherwise would not be entitled to access. \n\nThis issue is addressed in the listed patches and family release, which have been made available to hosted and self-hosted customers, as well as partners."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "psirt@servicenow.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "psirt@servicenow.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@servicenow.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1948695",
"source": "psirt@servicenow.com"
}
]
}

46
CVE-2025/CVE-2025-07xx/CVE-2025-0764.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-0764",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-28T07:15:33.863",
"lastModified": "2025-02-28T07:15:33.863",
"vulnStatus": "Received",
"lastModified": "2025-03-06T17:52:55.370",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The wpForo Forum plugin for WordPress is vulnerable to arbitrary file read due to insufficient input validation in the 'update' method of the 'Members' class in all versions up to, and including, 2.4.1. This makes it possible for authenticated attackers, with subscriber-level privileges or higher, to read arbitrary files on the server."
},
{
"lang": "es",
"value": "El complemento wpForo Forum para WordPress es vulnerable a la lectura arbitraria de archivos debido a una validaci\u00f3n de entrada insuficiente en el m\u00e9todo 'update' de la clase 'Members' en todas las versiones hasta la 2.4.1 incluida. Esto hace posible que atacantes autenticados, con privilegios de nivel de suscriptor o superiores, lean archivos arbitrarios en el servidor."
}
],
"metrics": {
@ -45,16 +49,50 @@
"value": "CWE-20"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gvectors:wpforo_forum:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.4.2",
"matchCriteriaId": "0A8C5320-0C88-4BF0-B458-9CB0EC6057AC"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3245711/wpforo",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8cd8ffcb-0a24-4e0a-a9f9-23501742715f?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2025/CVE-2025-14xx/CVE-2025-1405.json
View File

@ -2,20 +2,24 @@
"id": "CVE-2025-1405",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-28T07:15:34.063",
"lastModified": "2025-02-28T07:15:34.063",
"vulnStatus": "Received",
"lastModified": "2025-03-06T17:52:55.370",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Product Catalog Simple plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's show_products shortcode in all versions up to, and including, 1.7.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Product Catalog Simple para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del c\u00f3digo abreviado show_products del complemento en todas las versiones hasta la 1.7.11 incluida, debido a una depuraci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -32,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,20 +69,58 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:implecode:product_catalog_simple:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.8.0",
"matchCriteriaId": "1CD0F864-C574-417C-84AE-CEE4A78B21EF"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3246414/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wordpress.org/plugins/post-type-x/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product",
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c2ddd9a2-79d7-4f9c-9832-25c3363d3ce9?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2025/CVE-2025-15xx/CVE-2025-1511.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2025-1511",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-28T06:15:25.750",
"lastModified": "2025-02-28T06:15:25.750",
"vulnStatus": "Received",
"lastModified": "2025-03-06T17:52:55.370",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The User Registration & Membership \u2013 Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El complemento User Registration &amp; Membership \u2013 Custom Registration Form, Login Form, and User Profile para WordPress es vulnerable a Cross-Site Scripting reflejado a trav\u00e9s del par\u00e1metro 's' en todas las versiones hasta la 4.0.4 incluida, debido a una depuraci\u00f3n de entrada insuficiente y al escape de salida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -45,20 +69,57 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpeverest:user_registration:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.1.0",
"matchCriteriaId": "A20A533F-4DC0-40EA-AA1E-C78323E454C6"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/user-registration/tags/4.0.2/modules/membership/includes/Admin/Membership/ListTable.php#L246",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3246826/user-registration/tags/4.1.0/modules/membership/includes/Admin/Membership/ListTable.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0e0bee7c-8dce-421c-af16-7e5152797e6c?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2025/CVE-2025-15xx/CVE-2025-1513.json
View File

@ -2,20 +2,24 @@
"id": "CVE-2025-1513",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-28T06:15:25.937",
"lastModified": "2025-02-28T06:15:25.937",
"vulnStatus": "Received",
"lastModified": "2025-03-06T17:52:55.370",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery \u2013 Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Name and Comment field when commenting on photo gallery entries in all versions up to, and including, 26.0.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery \u2013 Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del campo Nombre y Comentario al comentar las entradas de la galer\u00eda de fotos en todas las versiones hasta la 26.0.0.1 incluida debido a una depuraci\u00f3n de entrada insuficiente y al escape de salida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
@ -32,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -45,16 +69,50 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:contest-gallery:contest_gallery:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "26.0.1",
"matchCriteriaId": "92383DCE-86AC-40B0-B684-9393B4D05996"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3245199%40contest-gallery&new=3245199%40contest-gallery&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1b5cf360-0163-4a7c-8979-ec89ec80ad62?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

89
CVE-2025/CVE-2025-15xx/CVE-2025-1572.json
View File

@ -2,20 +2,24 @@
"id": "CVE-2025-1572",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-28T08:15:35.810",
"lastModified": "2025-02-28T08:15:35.810",
"vulnStatus": "Received",
"lastModified": "2025-03-06T16:36:54.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The KiviCare \u2013 Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the \u2018u_id\u2019 parameter in all versions up to, and including, 3.6.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with doctor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
},
{
"lang": "es",
"value": "El complemento KiviCare \u2013 Clinic &amp; Patient Management System (EHR) para WordPress es vulnerable a la inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro 'u_id' en todas las versiones hasta la 3.6.7 incluida, debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto hace posible que los atacantes autenticados, con acceso a nivel m\u00e9dico y superior, agreguen consultas SQL adicionales a las consultas ya existentes que se pueden usar para extraer informaci\u00f3n confidencial de la base de datos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
@ -32,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,32 +69,79 @@
"value": "CWE-89"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:iqonic:kivicare:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.6.8",
"matchCriteriaId": "87E8F39E-ADD1-469B-99B7-B771B05658FD"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/kivicare-clinic-management-system/trunk/app/controllers/KCPatientController.php#L330",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/kivicare-clinic-management-system/trunk/app/controllers/KCPatientController.php#L331",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3245759/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3245759/kivicare-clinic-management-system/trunk/app/controllers/KCPatientController.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wordpress.org/plugins/kivicare-clinic-management-system/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product",
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/eb6b0c35-b478-4616-a708-1fd243c95c14?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

10
CVE-2025/CVE-2025-20xx/CVE-2025-2031.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-2031",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-06T16:15:55.727",
"lastModified": "2025-03-06T16:15:55.727",
"lastModified": "2025-03-06T17:15:24.153",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -59,7 +59,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +107,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -136,6 +136,10 @@
{
"url": "https://vuldb.com/?submit.512029",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/IceFoxH/VULN/issues/6",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

137
CVE-2025/CVE-2025-20xx/CVE-2025-2032.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2025-2032",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-06T17:15:24.297",
"lastModified": "2025-03-06T17:15:24.297",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in ChestnutCMS 1.5.2. This vulnerability affects the function renameFile of the file /cms/file/rename. The manipulation of the argument rename leads to path traversal. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:S/C:N/I:P/A:N",
"baseScore": 2.7,
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 5.1,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/IceFoxH/VULN/issues/7",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.298774",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.298774",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.512030",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-20xx/CVE-2025-2033.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-2033",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-06T17:15:24.490",
"lastModified": "2025-03-06T17:15:24.490",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in code-projects Blood Bank Management System 1.0. Affected is an unknown function of the file /user_dashboard/view_donor.php. The manipulation of the argument donor_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/intercpt/XSS1/blob/main/SQL.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.298776",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.298776",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.512164",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-20xx/CVE-2025-2034.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-2034",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-06T18:15:43.230",
"lastModified": "2025-03-06T18:15:43.230",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit-class.php?cid=1. The manipulation of the argument classname/capacity leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/wangCCTV/cve/issues/2",
"source": "cna@vuldb.com"
},
{
"url": "https://phpgurukul.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.298777",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.298777",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.512292",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-20xx/CVE-2025-2035.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-2035",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-06T18:15:43.457",
"lastModified": "2025-03-06T18:15:43.457",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in s-a-zhd Ecommerce-Website-using-PHP 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /customer_register.php. The manipulation of the argument name leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
},
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.298778",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.298778",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.512404",
"source": "cna@vuldb.com"
},
{
"url": "https://www.websecurityinsights.my.id/2025/03/e-commerce-v-10-customer-image.html?m=1",
"source": "cna@vuldb.com"
}
]
}

37
CVE-2025/CVE-2025-218xx/CVE-2025-21829.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2025-21829",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T17:15:22.820",
"lastModified": "2025-03-06T17:15:22.820",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix the warning \"__rxe_cleanup+0x12c/0x170 [rdma_rxe]\"\n\nThe Call Trace is as below:\n\"\n <TASK>\n ? show_regs.cold+0x1a/0x1f\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __warn+0x84/0xd0\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? report_bug+0x105/0x180\n ? handle_bug+0x46/0x80\n ? exc_invalid_op+0x19/0x70\n ? asm_exc_invalid_op+0x1b/0x20\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __rxe_cleanup+0x124/0x170 [rdma_rxe]\n rxe_destroy_qp.cold+0x24/0x29 [rdma_rxe]\n ib_destroy_qp_user+0x118/0x190 [ib_core]\n rdma_destroy_qp.cold+0x43/0x5e [rdma_cm]\n rtrs_cq_qp_destroy.cold+0x1d/0x2b [rtrs_core]\n rtrs_srv_close_work.cold+0x1b/0x31 [rtrs_server]\n process_one_work+0x21d/0x3f0\n worker_thread+0x4a/0x3c0\n ? process_one_work+0x3f0/0x3f0\n kthread+0xf0/0x120\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x22/0x30\n </TASK>\n\"\nWhen too many rdma resources are allocated, rxe needs more time to\nhandle these rdma resources. Sometimes with the current timeout, rxe\ncan not release the rdma resources correctly.\n\nCompared with other rdma drivers, a bigger timeout is used."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/45e567800492088bc52c9abac35524b4d332a8f8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/720653309dd31c8a927ef5d87964578ad544980f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7a2de8126ed3801f2396720e10a03cd546a3cea1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a7d15eaecf0d6e13226db629ae2401c8c02683e5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/edc4ef0e0154096d6c0cf5e06af6fc330dbad9d1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2025/CVE-2025-218xx/CVE-2025-21830.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2025-21830",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T17:15:22.943",
"lastModified": "2025-03-06T17:15:22.943",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlandlock: Handle weird files\n\nA corrupted filesystem (e.g. bcachefs) might return weird files.\nInstead of throwing a warning and allowing access to such file, treat\nthem as regular files."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0fde195a373ab1267e60baa9e1a703a97e7464cd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2569e65d2eb6ac1afe6cb6dfae476afee8b6771a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/39bb3d56f1c351e76bb18895d0e73796e653d5c1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/49440290a0935f428a1e43a5ac8dc275a647ff80",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7d6121228959ddf44a4b9b6a177384ac7854e2f9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

33
CVE-2025/CVE-2025-218xx/CVE-2025-21831.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2025-21831",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T17:15:23.060",
"lastModified": "2025-03-06T17:15:23.060",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1\n\ncommit 9d26d3a8f1b0 (\"PCI: Put PCIe ports into D3 during suspend\") sets the\npolicy that all PCIe ports are allowed to use D3. When the system is\nsuspended if the port is not power manageable by the platform and won't be\nused for wakeup via a PME this sets up the policy for these ports to go\ninto D3hot.\n\nThis policy generally makes sense from an OSPM perspective but it leads to\nproblems with wakeup from suspend on the TUXEDO Sirius 16 Gen 1 with a\nspecific old BIOS. This manifests as a system hang.\n\nOn the affected Device + BIOS combination, add a quirk for the root port of\nthe problematic controller to ensure that these root ports are not put into\nD3hot at suspend.\n\nThis patch is based on\n\n https://lore.kernel.org/linux-pci/20230708214457.1229-2-mario.limonciello@amd.com\n\nbut with the added condition both in the documentation and in the code to\napply only to the TUXEDO Sirius 16 Gen 1 with a specific old BIOS and only\nthe affected root ports."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/5ee3dd6e59b834e4d66e8b16fc684749ee40a257",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8852e056e297df1d8635ee7504e780d3184e45d0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a78dfe50fffe6058afed2bb04c50c2c9a16664ee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b1049f2d68693c80a576c4578d96774a68df2bad",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

37
CVE-2025/CVE-2025-218xx/CVE-2025-21832.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2025-21832",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T17:15:23.177",
"lastModified": "2025-03-06T17:15:23.177",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don't revert iter for -EIOCBQUEUED\n\nblkdev_read_iter() has a few odd checks, like gating the position and\ncount adjustment on whether or not the result is bigger-than-or-equal to\nzero (where bigger than makes more sense), and not checking the return\nvalue of blkdev_direct_IO() before doing an iov_iter_revert(). The\nlatter can lead to attempting to revert with a negative value, which\nwhen passed to iov_iter_revert() as an unsigned value will lead to\nthrowing a WARN_ON() because unroll is bigger than MAX_RW_COUNT.\n\nBe sane and don't revert for -EIOCBQUEUED, like what is done in other\nspots."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/68f16d3034a06661245ecd22f0d586a8b4e7c473",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6c26619effb1b4cb7d20b4e666ab8f71f6a53ccb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/84671b0630ccb46ae9f1f99a45c7d63ffcd6a474",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a58f136bad29f9ae721a29d98c042fddbee22f77",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b13ee668e8280ca5b07f8ce2846b9957a8a10853",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

25
CVE-2025/CVE-2025-218xx/CVE-2025-21833.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-21833",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T17:15:23.293",
"lastModified": "2025-03-06T17:15:23.293",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Avoid use of NULL after WARN_ON_ONCE\n\nThere is a WARN_ON_ONCE to catch an unlikely situation when\ndomain_remove_dev_pasid can't find the `pasid`. In case it nevertheless\nhappens we must avoid using a NULL pointer."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/60f030f7418d3f1d94f2fb207fe3080e1844630b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/df96876be3b064aefc493f760e0639765d13ed0d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

29
CVE-2025/CVE-2025-218xx/CVE-2025-21834.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2025-21834",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T17:15:23.397",
"lastModified": "2025-03-06T17:15:23.397",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nseccomp: passthrough uretprobe systemcall without filtering\n\nWhen attaching uretprobes to processes running inside docker, the attached\nprocess is segfaulted when encountering the retprobe.\n\nThe reason is that now that uretprobe is a system call the default seccomp\nfilters in docker block it as they only allow a specific set of known\nsyscalls. This is true for other userspace applications which use seccomp\nto control their syscall surface.\n\nSince uretprobe is a \"kernel implementation detail\" system call which is\nnot used by userspace application code directly, it is impractical and\nthere's very little point in forcing all userspace applications to\nexplicitly allow it in order to avoid crashing tracked processes.\n\nPass this systemcall through seccomp without depending on configuration.\n\nNote: uretprobe is currently only x86_64 and isn't expected to ever be\nsupported in i386.\n\n[kees: minimized changes for easier backporting, tweaked commit log]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/5a262628f4cf2437d863fe41f9d427177b87664c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cf6cb56ef24410fb5308f9655087f1eddf4452e6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fa80018aa5be10c35e9fa896b7b4061a8dce3eed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

41
CVE-2025/CVE-2025-257xx/CVE-2025-25793.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-25793",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-26T15:15:27.367",
"lastModified": "2025-02-26T15:15:27.367",
"vulnStatus": "Received",
"lastModified": "2025-03-06T18:15:41.480",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que SeaCMS v13.3 contiene una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE) a trav\u00e9s del componente admin_notify.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "http://seacms.com",

41
CVE-2025/CVE-2025-257xx/CVE-2025-25794.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-25794",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-26T15:15:27.490",
"lastModified": "2025-02-26T15:15:27.490",
"vulnStatus": "Received",
"lastModified": "2025-03-06T18:15:41.883",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que SeaCMS v13.3 contiene una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE) a trav\u00e9s del componente admin_ping.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "http://seacms.com",

Some files were not shown because too many files have changed in this diff Show More