admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-12-30T19:00:27.598572+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-12-30 19:03:52 +00:00
parent 111c0baa46
commit 1aece43845
36 changed files with 3086 additions and 275 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

142
CVE-2021/CVE-2021-472xx/CVE-2021-47253.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47253",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:14.160",
"lastModified": "2024-11-21T06:35:43.807",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-30T18:59:10.807",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,129 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: corrige una posible p\u00e9rdida de memoria en DMUB hw_init [Por qu\u00e9] Al reanudar ejecutamos DMUB hw_init que asigna memoria: dm_resume->dm_dmub_hw_init->dc_dmub_srv_create->kzalloc Eso resulta en p\u00e9rdida de memoria en escenarios de suspensi\u00f3n/reanudaci\u00f3n. [C\u00f3mo] Asigne memoria para el contenedor DC a DMUB solo si no se asign\u00f3 antes. No es necesario reasignarlo al suspender/reanudar."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/9e8c2af010463197315fa54a6c17e74988b5259c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/aa000f828e60ac15d6340f606ec4a673966f5b0b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/c5699e2d863f58221044efdc3fa712dd32d55cde",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/9e8c2af010463197315fa54a6c17e74988b5259c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/aa000f828e60ac15d6340f606ec4a673966f5b0b",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/c5699e2d863f58221044efdc3fa712dd32d55cde",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.45",
"matchCriteriaId": "F3B07383-4728-46BB-ACFD-99788C336A01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.12.12",
"matchCriteriaId": "958321CA-952B-461A-A590-F4096CB20E02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/9e8c2af010463197315fa54a6c17e74988b5259c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aa000f828e60ac15d6340f606ec4a673966f5b0b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c5699e2d863f58221044efdc3fa712dd32d55cde",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9e8c2af010463197315fa54a6c17e74988b5259c",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aa000f828e60ac15d6340f606ec4a673966f5b0b",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c5699e2d863f58221044efdc3fa712dd32d55cde",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

31
CVE-2024/CVE-2024-109xx/CVE-2024-10903.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-10903",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-12-26T06:15:05.397",
"lastModified": "2024-12-26T06:15:05.397",
"lastModified": "2024-12-30T18:15:06.253",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,11 +15,38 @@
"value": "El complemento Broken Link Checker WordPress anterior a 2.4.2 no valida las URL de los enlaces antes de realizarles una solicitud, lo que podr\u00eda permitir a los usuarios administradores realizar ataques SSRF, por ejemplo, en una instalaci\u00f3n multisitio."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/39027390-ce01-4dd5-a979-426785aa7acb/",
"source": "contact@wpscan.com"
},
{
"url": "https://wpscan.com/vulnerability/39027390-ce01-4dd5-a979-426785aa7acb/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

31
CVE-2024/CVE-2024-112xx/CVE-2024-11223.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-11223",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-12-26T06:15:05.617",
"lastModified": "2024-12-26T06:15:05.617",
"lastModified": "2024-12-30T18:15:08.090",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,11 +15,38 @@
"value": "El complemento WPForms de WordPress anterior a 1.9.2.3 no desinfecta ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n multisitio)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/82989909-9745-4c9a-abc7-c1adf8c2b047/",
"source": "contact@wpscan.com"
},
{
"url": "https://wpscan.com/vulnerability/82989909-9745-4c9a-abc7-c1adf8c2b047/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

56
CVE-2024/CVE-2024-127xx/CVE-2024-12754.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-12754",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-12-30T17:15:07.127",
"lastModified": "2024-12-30T17:15:07.127",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "AnyDesk Link Following Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the handling of background images. By creating a junction, an attacker can abuse the service to read arbitrary files. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-23940."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1711/",
"source": "zdi-disclosures@trendmicro.com"
}
]
}

60
CVE-2024/CVE-2024-128xx/CVE-2024-12828.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12828",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-12-30T17:15:07.717",
"lastModified": "2024-12-30T17:15:07.717",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Webmin CGI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Webmin. Authentication is required to exploit this vulnerability. \n\nThe specific flaw exists within the handling of CGI requests. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-22346."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://github.com/webmin/authentic-theme/commit/61e5b10227b50407e3c6ac494ffbd4385d1b59df",
"source": "zdi-disclosures@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1725/",
"source": "zdi-disclosures@trendmicro.com"
}
]
}

56
CVE-2024/CVE-2024-128xx/CVE-2024-12834.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-12834",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-12-30T17:15:07.857",
"lastModified": "2024-12-30T17:15:07.857",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of STP files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22414."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1722/",
"source": "zdi-disclosures@trendmicro.com"
}
]
}

56
CVE-2024/CVE-2024-128xx/CVE-2024-12835.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-12835",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-12-30T17:15:08.000",
"lastModified": "2024-12-30T17:15:08.000",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Delta Electronics DRASimuCAD ICS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of ICS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22415."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1723/",
"source": "zdi-disclosures@trendmicro.com"
}
]
}

56
CVE-2024/CVE-2024-128xx/CVE-2024-12836.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-12836",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-12-30T17:15:08.137",
"lastModified": "2024-12-30T17:15:08.137",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of STP files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22450."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1724/",
"source": "zdi-disclosures@trendmicro.com"
}
]
}

8
CVE-2024/CVE-2024-130xx/CVE-2024-13021.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13021",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-12-29T20:15:05.043",
"lastModified": "2024-12-29T20:15:05.043",
"lastModified": "2024-12-30T18:15:08.877",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -107,7 +107,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +140,10 @@
{
"url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/shaturo1337/POCs/blob/main/Stored%20XSS%20Vulnerability%20in%20Road%20Accident%20Map%20Marker.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

8
CVE-2024/CVE-2024-130xx/CVE-2024-13025.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13025",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-12-29T23:15:05.460",
"lastModified": "2024-12-29T23:15:05.460",
"lastModified": "2024-12-30T18:15:09.273",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -107,7 +107,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -136,6 +136,10 @@
{
"url": "https://vuldb.com/?submit.471108",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/shaturo1337/POCs/blob/main/SQL%20Injection%20in%20College%20Management%20System.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

8
CVE-2024/CVE-2024-130xx/CVE-2024-13038.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13038",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-12-30T04:15:05.387",
"lastModified": "2024-12-30T04:15:05.387",
"lastModified": "2024-12-30T17:15:08.473",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -107,7 +107,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +140,10 @@
{
"url": "https://vuldb.com/?submit.471675",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/shaturo1337/POCs/blob/main/Blind%20SQL%20Injection%20in%20Simple%20Loan%20Management%20System.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

8
CVE-2024/CVE-2024-130xx/CVE-2024-13039.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13039",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-12-30T05:15:06.170",
"lastModified": "2024-12-30T05:15:06.170",
"lastModified": "2024-12-30T17:15:08.597",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -107,7 +107,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +140,10 @@
{
"url": "https://vuldb.com/?submit.471644",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/Curious-L/-/issues/1",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

119
CVE-2024/CVE-2024-358xx/CVE-2024-35846.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35846",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-17T15:15:21.547",
"lastModified": "2024-11-21T09:21:02.143",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-30T17:39:04.807",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,114 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: mm: zswap: corrige el bloqueo NULL del reductor con cgroup_disable=memory. Christian informa una deref NULL en zswap que dividi\u00f3 en dos hasta el reductor zswap. El problema tambi\u00e9n surgi\u00f3 en los rastreadores de errores de libguestfs [1] y Red Hat bugzilla [2]. El problema es que cuando memcg est\u00e1 deshabilitado con el indicador de tiempo de arranque, es posible que se llame al reductor zswap con sc->memcg == NULL. Esto est\u00e1 bien en muchos lugares, como en las operaciones de lruvec. Pero fallo en memcg_page_state(), que para empezar solo se usa debido a la contabilidad sin nodos de la memoria zswap de cgroup. Nhat detect\u00f3 que memcg puede ser NULL en el caso de que memcg est\u00e9 deshabilitado y luego tambi\u00e9n pude reproducir el fallo localmente. [1] https://github.com/libguestfs/libguestfs/issues/139 [2] https://bugzilla.redhat.com/show_bug.cgi?id=2275252"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/682886ec69d22363819a83ddddd5d66cb5c791e1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/b0fdabc908a7f81d12382c87ca9e46a9c2e14042",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/682886ec69d22363819a83ddddd5d66cb5c791e1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/b0fdabc908a7f81d12382c87ca9e46a9c2e14042",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.8.9",
"matchCriteriaId": "64BA8CD4-9CCF-4BC8-BF79-90FF62BA0FAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*",
"matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/682886ec69d22363819a83ddddd5d66cb5c791e1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b0fdabc908a7f81d12382c87ca9e46a9c2e14042",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/682886ec69d22363819a83ddddd5d66cb5c791e1",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b0fdabc908a7f81d12382c87ca9e46a9c2e14042",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

330
CVE-2024/CVE-2024-358xx/CVE-2024-35847.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35847",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-17T15:15:21.620",
"lastModified": "2024-11-21T09:21:02.257",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-30T17:41:16.633",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,79 +15,269 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: irqchip/gic-v3-its: Evitar el double free en caso de error. La ruta de manejo de errores en its_vpe_irq_domain_alloc() provoca un double free cuando its_vpe_init() falla despu\u00e9s de asignar exitosamente al menos una interrupci\u00f3n. Esto sucede porque its_vpe_irq_domain_free() libera las interrupciones junto con el mapa de bits del \u00e1rea y la vprop_page y its_vpe_irq_domain_alloc() posteriormente libera nuevamente el mapa de bits del \u00e1rea y la vprop_page. Solucione este problema invocando incondicionalmente its_vpe_irq_domain_free() que maneja todos los casos correctamente y eliminando el mapa de bits/vprop_page que se libera de its_vpe_irq_domain_alloc()."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/03170e657f62c26834172742492a8cb8077ef792",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/5b012f77abde89bf0be8a0547636184fea618137",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/5dbdbe1133911ca7d8466bb86885adec32ad9438",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/aa44d21574751a7d6bca892eb8e0e9ac68372e52",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b72d2b1448b682844f995e660b77f2a1fabc1662",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c26591afd33adce296c022e3480dea4282b7ef91",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dd681710ab77c8beafe2e263064cb1bd0e2d6ca9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f5417ff561b8ac9a7e53c747b8627a7ab58378ae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/03170e657f62c26834172742492a8cb8077ef792",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/5b012f77abde89bf0be8a0547636184fea618137",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/5dbdbe1133911ca7d8466bb86885adec32ad9438",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/aa44d21574751a7d6bca892eb8e0e9ac68372e52",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/b72d2b1448b682844f995e660b77f2a1fabc1662",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/c26591afd33adce296c022e3480dea4282b7ef91",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/dd681710ab77c8beafe2e263064cb1bd0e2d6ca9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/f5417ff561b8ac9a7e53c747b8627a7ab58378ae",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-415"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.14",
"versionEndExcluding": "4.19.313",
"matchCriteriaId": "CE409D27-D8FA-4B60-97C2-F08F2F83E6EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.275",
"matchCriteriaId": "5FF6D8DE-C559-4586-86C8-2C6B4420A2C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.216",
"matchCriteriaId": "A44ABF89-F1BD-4C9A-895D-7596650DCD27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.158",
"matchCriteriaId": "65D80EF6-76AF-4186-B680-55516EA42EED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.90",
"matchCriteriaId": "59CEDDCF-5C0D-4939-9CFE-2F4524892DD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.30",
"matchCriteriaId": "84046DAF-73CF-429D-9BA4-05B658B377B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.9",
"matchCriteriaId": "5F9041E5-8358-4EF7-8F98-B812EDE49612"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*",
"matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/03170e657f62c26834172742492a8cb8077ef792",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5b012f77abde89bf0be8a0547636184fea618137",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5dbdbe1133911ca7d8466bb86885adec32ad9438",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aa44d21574751a7d6bca892eb8e0e9ac68372e52",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b72d2b1448b682844f995e660b77f2a1fabc1662",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c26591afd33adce296c022e3480dea4282b7ef91",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dd681710ab77c8beafe2e263064cb1bd0e2d6ca9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f5417ff561b8ac9a7e53c747b8627a7ab58378ae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/03170e657f62c26834172742492a8cb8077ef792",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5b012f77abde89bf0be8a0547636184fea618137",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5dbdbe1133911ca7d8466bb86885adec32ad9438",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aa44d21574751a7d6bca892eb8e0e9ac68372e52",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b72d2b1448b682844f995e660b77f2a1fabc1662",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c26591afd33adce296c022e3480dea4282b7ef91",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dd681710ab77c8beafe2e263064cb1bd0e2d6ca9",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f5417ff561b8ac9a7e53c747b8627a7ab58378ae",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

148
CVE-2024/CVE-2024-358xx/CVE-2024-35850.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35850",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-17T15:15:21.860",
"lastModified": "2024-11-21T09:21:02.670",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-30T17:42:02.767",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,135 @@
"value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: Bluetooth: qca: corrige NULL-deref en configuraci\u00f3n sin serdev. Los controladores Qualcomm ROME se pueden registrar desde la disciplina de l\u00ednea Bluetooth y en este caso el puntero HCI UART serdev es NULL. Agregue la verificaci\u00f3n de sanidad que falta para evitar una desreferencia del puntero NULL cuando se llama a setup() para un controlador que no es serdev."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/67459f1a707aae6d590454de07956c2752e21ea4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/7ddb9de6af0f1c71147785b12fd7c8ec3f06cc86",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/bec4d4c6fa5c6526409f582e4f31144e20c86c21",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/67459f1a707aae6d590454de07956c2752e21ea4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/7ddb9de6af0f1c71147785b12fd7c8ec3f06cc86",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/bec4d4c6fa5c6526409f582e4f31144e20c86c21",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.30",
"matchCriteriaId": "84046DAF-73CF-429D-9BA4-05B658B377B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.9",
"matchCriteriaId": "5F9041E5-8358-4EF7-8F98-B812EDE49612"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*",
"matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/67459f1a707aae6d590454de07956c2752e21ea4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7ddb9de6af0f1c71147785b12fd7c8ec3f06cc86",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bec4d4c6fa5c6526409f582e4f31144e20c86c21",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/67459f1a707aae6d590454de07956c2752e21ea4",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7ddb9de6af0f1c71147785b12fd7c8ec3f06cc86",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bec4d4c6fa5c6526409f582e4f31144e20c86c21",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

206
CVE-2024/CVE-2024-358xx/CVE-2024-35851.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35851",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-17T15:15:21.963",
"lastModified": "2024-11-21T09:21:02.783",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-30T18:10:36.050",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,177 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: qca: corrige NULL-deref en suspensi\u00f3n sin serdev. Los controladores Qualcomm ROME se pueden registrar desde la disciplina de l\u00ednea Bluetooth y en este caso el puntero HCI UART serdev es NULL. Agregue la verificaci\u00f3n de sanidad que falta para evitar una desreferencia del puntero NULL cuando se llama a wakeup() para un controlador que no es serdev durante la suspensi\u00f3n. Simplemente devuelva verdadero por ahora para restaurar el comportamiento original y solucionar el problema con los kernels anteriores a 6.2, que no tienen la confirmaci\u00f3n e9b3e5b8c657 (\"Bluetooth: hci_qca: solo asigna activaci\u00f3n con soporte de puerto serie\") que causa que el problema ya ocurra en el tiempo de configuraci\u00f3n."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/52f9041deaca3fc5c40ef3b9cb943993ec7d2489",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/6b47cdeb786c38e4174319218db3fa6d7b4bba88",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/73e87c0a49fda31d7b589edccf4c72e924411371",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/b64092d2f108f0cd1d7fd7e176f5fb2a67a2f189",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e60502b907be350c518819297b565007a94c706d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/52f9041deaca3fc5c40ef3b9cb943993ec7d2489",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/6b47cdeb786c38e4174319218db3fa6d7b4bba88",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/73e87c0a49fda31d7b589edccf4c72e924411371",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/b64092d2f108f0cd1d7fd7e176f5fb2a67a2f189",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/e60502b907be350c518819297b565007a94c706d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.13",
"versionEndExcluding": "5.15.158",
"matchCriteriaId": "455B5CF7-CA2E-4D45-87B0-103A28996A45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.90",
"matchCriteriaId": "59CEDDCF-5C0D-4939-9CFE-2F4524892DD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.30",
"matchCriteriaId": "84046DAF-73CF-429D-9BA4-05B658B377B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.9",
"matchCriteriaId": "5F9041E5-8358-4EF7-8F98-B812EDE49612"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*",
"matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/52f9041deaca3fc5c40ef3b9cb943993ec7d2489",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6b47cdeb786c38e4174319218db3fa6d7b4bba88",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/73e87c0a49fda31d7b589edccf4c72e924411371",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b64092d2f108f0cd1d7fd7e176f5fb2a67a2f189",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e60502b907be350c518819297b565007a94c706d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/52f9041deaca3fc5c40ef3b9cb943993ec7d2489",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6b47cdeb786c38e4174319218db3fa6d7b4bba88",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/73e87c0a49fda31d7b589edccf4c72e924411371",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b64092d2f108f0cd1d7fd7e176f5fb2a67a2f189",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e60502b907be350c518819297b565007a94c706d",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

275
CVE-2024/CVE-2024-358xx/CVE-2024-35852.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35852",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-17T15:15:22.073",
"lastModified": "2024-11-21T09:21:02.917",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-30T18:11:22.623",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,67 +15,226 @@
"value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: mlxsw: espectro_acl_tcam: Corrige p\u00e9rdida de memoria al cancelar trabajo de rehash El trabajo retrasado de rehash se reprograma con retraso si el n\u00famero de cr\u00e9ditos al final del trabajo no es negativo como supuestamente significa que la migraci\u00f3n termin\u00f3. En caso contrario, se reprograma inmediatamente. Despu\u00e9s de \"mlxsw: espectro_acl_tcam: Corregir posible use after free durante la repetici\u00f3n\", lo anterior ya no es exacto ya que una cantidad no negativa de cr\u00e9ditos ya no es indicativo de la migraci\u00f3n que se est\u00e1 realizando. Tambi\u00e9n puede suceder si el trabajo encontr\u00f3 un error, en cuyo caso la migraci\u00f3n se reanudar\u00e1 la pr\u00f3xima vez que se programe el trabajo. La importancia de lo anterior es que es posible que el trabajo est\u00e9 pendiente y asociado con sugerencias que se asignaron cuando comenz\u00f3 la migraci\u00f3n. Esto lleva a que se filtren sugerencias [1] cuando el trabajo se cancela mientras est\u00e1 pendiente como parte del desmantelamiento de la regi\u00f3n ACL. Se soluciona liberando las sugerencias si las sugerencias est\u00e1n asociadas con un trabajo que se cancel\u00f3 mientras estaba pendiente. Culpe al compromiso original, ya que la dependencia de no tener un trabajo pendiente asociado con sugerencias es fr\u00e1gil. [1] objeto sin referencia 0xffff88810e7c3000 (tama\u00f1o 256): comm \"kworker/0:16\", pid 176, jiffies 4295460353 volcado hexadecimal (primeros 32 bytes): 00 30 95 11 81 88 ff ff 61 00 00 00 00 00 80 . 0......a....... 00 00 61 00 40 00 00 00 00 00 00 00 04 00 00 00 ..a.@........... retroceso (crc 2544ddb9): [<00000000cf8cfab3>] kmalloc_trace+0x23f/0x2a0 [<000000004d9a1ad9>] objagg_hints_get+0x42/0x390 [<000000000b143cf3>] 0xca/0x400 [<0000000059bdb60a>] mlxsw_sp_acl_tcam_vregion_rehash_work+0x868/0x1160 [<00000000e81fd734>] proceso_one_work+ 0x59c/0xf20 [<00000000ceee9e81>] work_thread+0x799/0x12c0 [<00000000bda6fe39>] kthread+0x246/0x300 [<0000000070056d23>] ret_from_fork+0x34/0x70 [<0000 0000dea2b93e>] ret_from_fork_asm+0x1a/0x30"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/51cefc9da400b953fee749c9e5d26cd4a2b5d758",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/5bfe7bf9656ed2633718388f12b7c38b86414a04",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/63d814d93c5cce4c18284adc810028f28dca493f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/857ed800133ffcfcee28582090b63b0cbb8ba59d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d72dd6fcd7886d0523afbab8b4a4b22d17addd7d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/de1aaefa75be9d0ec19c9a3e0e2f9696de20c6ab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fb4e2b70a7194b209fc7320bbf33b375f7114bd5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/51cefc9da400b953fee749c9e5d26cd4a2b5d758",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/5bfe7bf9656ed2633718388f12b7c38b86414a04",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/63d814d93c5cce4c18284adc810028f28dca493f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/857ed800133ffcfcee28582090b63b0cbb8ba59d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/d72dd6fcd7886d0523afbab8b4a4b22d17addd7d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/de1aaefa75be9d0ec19c9a3e0e2f9696de20c6ab",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/fb4e2b70a7194b209fc7320bbf33b375f7114bd5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1",
"versionEndExcluding": "5.4.275",
"matchCriteriaId": "3F22F46B-3154-4E42-87AC-3DC5B9D9EA1C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.216",
"matchCriteriaId": "A44ABF89-F1BD-4C9A-895D-7596650DCD27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.158",
"matchCriteriaId": "65D80EF6-76AF-4186-B680-55516EA42EED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.90",
"matchCriteriaId": "59CEDDCF-5C0D-4939-9CFE-2F4524892DD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.30",
"matchCriteriaId": "84046DAF-73CF-429D-9BA4-05B658B377B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.9",
"matchCriteriaId": "5F9041E5-8358-4EF7-8F98-B812EDE49612"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*",
"matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/51cefc9da400b953fee749c9e5d26cd4a2b5d758",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5bfe7bf9656ed2633718388f12b7c38b86414a04",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/63d814d93c5cce4c18284adc810028f28dca493f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/857ed800133ffcfcee28582090b63b0cbb8ba59d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d72dd6fcd7886d0523afbab8b4a4b22d17addd7d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/de1aaefa75be9d0ec19c9a3e0e2f9696de20c6ab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fb4e2b70a7194b209fc7320bbf33b375f7114bd5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/51cefc9da400b953fee749c9e5d26cd4a2b5d758",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5bfe7bf9656ed2633718388f12b7c38b86414a04",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/63d814d93c5cce4c18284adc810028f28dca493f",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/857ed800133ffcfcee28582090b63b0cbb8ba59d",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d72dd6fcd7886d0523afbab8b4a4b22d17addd7d",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/de1aaefa75be9d0ec19c9a3e0e2f9696de20c6ab",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fb4e2b70a7194b209fc7320bbf33b375f7114bd5",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

275
CVE-2024/CVE-2024-358xx/CVE-2024-35855.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35855",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-17T15:15:22.677",
"lastModified": "2024-11-21T09:21:03.530",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-30T18:11:57.997",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,67 +15,226 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mlxsw: spectrum_acl_tcam: corrige posible use after free durante la actualizaci\u00f3n de la actividad. El trabajo retrasado de la actualizaci\u00f3n de la actividad de la regla recorre peri\u00f3dicamente la lista de reglas configuradas y consulta su actividad desde el dispositivo. Como parte de esta tarea, accede a la entrada se\u00f1alada por 'ventry->entry', pero esta entrada puede cambiarse simult\u00e1neamente mediante el trabajo retrasado del rehash, lo que lleva a un use after free [1]. Para solucionarlo, cierre la ejecuci\u00f3n y realice la consulta de actividad en el mutex 'vregion->lock'. [1] ERROR: KASAN: slab-use-after-free en mlxsw_sp_acl_tcam_flower_rule_activity_get+0x121/0x140 Lectura del tama\u00f1o 8 en la direcci\u00f3n ffff8881054ed808 por tarea kworker/0:18/181 CPU: 0 PID: 181 Comm: kworker/0:18 Not tainted 6.9.0-rc2-custom-00781-gd5ab772d32f7 #2 Nombre del hardware: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 06/01/2019 Cola de trabajo: mlxsw_core mlxsw_sp_acl_rule_activity_update_work Seguimiento de llamadas: dump_stack_lvl+0xc 6/0x120 print_report+0xce /0x670 kasan_report+0xd7/0x110 mlxsw_sp_acl_tcam_flower_rule_activity_get+0x121/0x140 mlxsw_sp_acl_rule_activity_update_work+0x219/0x400 Process_one_work+0x8eb/0x19b0 worker_thread+0x6c9/0xf70 0x2c9/0x3b0 ret_from_fork+0x4d/0x80 ret_from_fork_asm+0x1a/0x30 Asignado por tarea 1039 : kasan_save_stack+0x33/0x60 kasan_save_track+0x14/0x30 __kasan_kmalloc+0x8f/0xa0 __kmalloc+0x19c/0x360 mlxsw_sp_acl_tcam_entry_create+0x7b/0x1f0 mlxsw_sp_acl_tcam_vchunk_migrate_all+0x 30d/0xb50 mlxsw_sp_acl_tcam_vregion_rehash_work+0x157/0x1300 process_one_work+0x8eb/0x19b0 worker_thread+0x6c9/0xf70 kthread+0x2c9/ 0x3b0 ret_from_fork+0x4d/0x80 ret_from_fork_asm+0x1a/0x30 Liberado por la tarea 1039: kasan_save_stack+0x33/0x60 kasan_save_track+0x14/0x30 kasan_save_free_info+0x3b/0x60 170 __kasan_slab_free+0x14/0x30 kfree+0xc1/0x290 mlxsw_sp_acl_tcam_vchunk_migrate_all+0x3d7/ 0xb50 mlxsw_sp_acl_tcam_vregion_rehash_work+0x157/0x1300 process_one_work+0x8eb/0x19b0 worker_thread+0x6c9/0xf70 kthread+0x2c9/0x3b0 ret_from_fork+0x4d/0x80 ret_from_fork_asm+0x1a/0x 30"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/1b73f6e4ea770410a937a8db98f77e52594d23a0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/79b5b4b18bc85b19d3a518483f9abbbe6d7b3ba4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/b183b915beef818a25e3154d719ca015a1ae0770",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/b996e8699da810e4c915841d6aaef761007f933a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c17976b42d546ee118ca300db559630ee96fb758",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e24d2487424779c02760ff50cd9021b8676e19ef",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/feabdac2057e863d0e140a2adf3d232eb4882db4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1b73f6e4ea770410a937a8db98f77e52594d23a0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/79b5b4b18bc85b19d3a518483f9abbbe6d7b3ba4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/b183b915beef818a25e3154d719ca015a1ae0770",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/b996e8699da810e4c915841d6aaef761007f933a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/c17976b42d546ee118ca300db559630ee96fb758",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/e24d2487424779c02760ff50cd9021b8676e19ef",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/feabdac2057e863d0e140a2adf3d232eb4882db4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1",
"versionEndExcluding": "5.4.275",
"matchCriteriaId": "3F22F46B-3154-4E42-87AC-3DC5B9D9EA1C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.216",
"matchCriteriaId": "A44ABF89-F1BD-4C9A-895D-7596650DCD27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.158",
"matchCriteriaId": "65D80EF6-76AF-4186-B680-55516EA42EED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.90",
"matchCriteriaId": "59CEDDCF-5C0D-4939-9CFE-2F4524892DD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.30",
"matchCriteriaId": "84046DAF-73CF-429D-9BA4-05B658B377B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.9",
"matchCriteriaId": "5F9041E5-8358-4EF7-8F98-B812EDE49612"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*",
"matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1b73f6e4ea770410a937a8db98f77e52594d23a0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/79b5b4b18bc85b19d3a518483f9abbbe6d7b3ba4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b183b915beef818a25e3154d719ca015a1ae0770",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b996e8699da810e4c915841d6aaef761007f933a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c17976b42d546ee118ca300db559630ee96fb758",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e24d2487424779c02760ff50cd9021b8676e19ef",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/feabdac2057e863d0e140a2adf3d232eb4882db4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1b73f6e4ea770410a937a8db98f77e52594d23a0",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/79b5b4b18bc85b19d3a518483f9abbbe6d7b3ba4",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b183b915beef818a25e3154d719ca015a1ae0770",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b996e8699da810e4c915841d6aaef761007f933a",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c17976b42d546ee118ca300db559630ee96fb758",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e24d2487424779c02760ff50cd9021b8676e19ef",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/feabdac2057e863d0e140a2adf3d232eb4882db4",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

148
CVE-2024/CVE-2024-358xx/CVE-2024-35856.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35856",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-17T15:15:22.900",
"lastModified": "2024-11-21T09:21:03.643",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-30T18:12:11.003",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,135 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: btusb: mediatek: Correcci\u00f3n double free de skb en coredump hci_devcd_append() liberar\u00eda el skb en caso de error para que la persona que llama no tenga que liberarlo nuevamente, de lo contrario causar\u00eda el doble libre de skb. Reportado por: Dan Carpenter "
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/18bdb386a1a30e7a3d7732a98e45e69cf6b5710d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/80dfef128cb9f1b1ef67c0fe8c8deb4ea7ad30c1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/e20093c741d8da9f6390dd45d75b779861547035",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/18bdb386a1a30e7a3d7732a98e45e69cf6b5710d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/80dfef128cb9f1b1ef67c0fe8c8deb4ea7ad30c1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/e20093c741d8da9f6390dd45d75b779861547035",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-415"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.30",
"matchCriteriaId": "B4D9BC34-65C4-4ACE-ABEF-1029C09F30B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.9",
"matchCriteriaId": "5F9041E5-8358-4EF7-8F98-B812EDE49612"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*",
"matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/18bdb386a1a30e7a3d7732a98e45e69cf6b5710d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/80dfef128cb9f1b1ef67c0fe8c8deb4ea7ad30c1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e20093c741d8da9f6390dd45d75b779861547035",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/18bdb386a1a30e7a3d7732a98e45e69cf6b5710d",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/80dfef128cb9f1b1ef67c0fe8c8deb4ea7ad30c1",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e20093c741d8da9f6390dd45d75b779861547035",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

148
CVE-2024/CVE-2024-358xx/CVE-2024-35858.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35858",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-17T15:15:23.313",
"lastModified": "2024-11-21T09:21:03.940",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-30T18:12:40.047",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,135 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: bcmasp: corrige la p\u00e9rdida de memoria al desactivar la interfaz. Al desactivar los anillos TX, los limpiamos pero nos olvidamos de recuperar los paquetes eliminados. Esto provoca una p\u00e9rdida de memoria ya que no liberamos los b\u00fafers asignados por dma. Esto tambi\u00e9n conduce a la corrupci\u00f3n del bloque de control de transmisi\u00f3n al desactivar la interfaz para la administraci\u00f3n de energ\u00eda."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/09040baf8779ad880e0e0d0ea10e57aa929ef3ab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/2389ad1990163d29cba5480d693b4c2e31cc545c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/9f898fc2c31fbf0ac5ecd289f528a716464cb005",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/09040baf8779ad880e0e0d0ea10e57aa929ef3ab",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/2389ad1990163d29cba5480d693b4c2e31cc545c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/9f898fc2c31fbf0ac5ecd289f528a716464cb005",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.30",
"matchCriteriaId": "B4D9BC34-65C4-4ACE-ABEF-1029C09F30B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.9",
"matchCriteriaId": "5F9041E5-8358-4EF7-8F98-B812EDE49612"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*",
"matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/09040baf8779ad880e0e0d0ea10e57aa929ef3ab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2389ad1990163d29cba5480d693b4c2e31cc545c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9f898fc2c31fbf0ac5ecd289f528a716464cb005",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/09040baf8779ad880e0e0d0ea10e57aa929ef3ab",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2389ad1990163d29cba5480d693b4c2e31cc545c",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9f898fc2c31fbf0ac5ecd289f528a716464cb005",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

132
CVE-2024/CVE-2024-358xx/CVE-2024-35866.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35866",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-19T09:15:08.123",
"lastModified": "2024-11-21T09:21:05.010",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-30T17:35:00.177",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,119 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en cifs_dump_full_key() Omita las sesiones que se est\u00e1n eliminando (estado == SES_EXITING) para evitar UAF."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/10e17ca4000ec34737bde002a13435c38ace2682",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/3103163ccd3be4adcfa37e15608fb497be044113",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/58acd1f497162e7d282077f816faa519487be045",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/10e17ca4000ec34737bde002a13435c38ace2682",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/3103163ccd3be4adcfa37e15608fb497be044113",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/58acd1f497162e7d282077f816faa519487be045",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.26",
"matchCriteriaId": "FCC3C07F-B627-4030-9143-1DA48BBDB64D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.5",
"matchCriteriaId": "DBD6C99E-4250-4DFE-8447-FF2075939D10"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/10e17ca4000ec34737bde002a13435c38ace2682",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3103163ccd3be4adcfa37e15608fb497be044113",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/58acd1f497162e7d282077f816faa519487be045",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/10e17ca4000ec34737bde002a13435c38ace2682",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3103163ccd3be4adcfa37e15608fb497be044113",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/58acd1f497162e7d282077f816faa519487be045",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

194
CVE-2024/CVE-2024-358xx/CVE-2024-35867.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35867",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-19T09:15:08.197",
"lastModified": "2024-11-21T09:21:05.120",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-30T17:36:49.973",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,51 +15,161 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en cifs_stats_proc_show() Omita las sesiones que se est\u00e1n eliminando (estado == SES_EXITING) para evitar UAF."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/0865ffefea197b437ba78b5dd8d8e256253efd65",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/16b7d785775eb03929766819415055e367398f49",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/1e12f0d5c66f07c934041621351973a116fa13c7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/c3cf8b74c57924c0985e49a1fdf02d3395111f39",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/29/2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/30/1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/30/2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/0865ffefea197b437ba78b5dd8d8e256253efd65",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/16b7d785775eb03929766819415055e367398f49",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/1e12f0d5c66f07c934041621351973a116fa13c7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/c3cf8b74c57924c0985e49a1fdf02d3395111f39",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.85",
"matchCriteriaId": "B62CF0EC-6C39-4DAD-A6CC-C31C3277A460"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.26",
"matchCriteriaId": "C520696A-A594-4FFC-A32D-12DA535CE911"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.5",
"matchCriteriaId": "DBD6C99E-4250-4DFE-8447-FF2075939D10"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0865ffefea197b437ba78b5dd8d8e256253efd65",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/16b7d785775eb03929766819415055e367398f49",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1e12f0d5c66f07c934041621351973a116fa13c7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c3cf8b74c57924c0985e49a1fdf02d3395111f39",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/29/2",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/30/1",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/30/2",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/0865ffefea197b437ba78b5dd8d8e256253efd65",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/16b7d785775eb03929766819415055e367398f49",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1e12f0d5c66f07c934041621351973a116fa13c7",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c3cf8b74c57924c0985e49a1fdf02d3395111f39",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

161
CVE-2024/CVE-2024-358xx/CVE-2024-35868.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35868",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-19T09:15:08.267",
"lastModified": "2024-11-21T09:21:05.247",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-30T17:37:00.887",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,140 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en cifs_stats_proc_write() Omita las sesiones que se est\u00e1n eliminando (estado == SES_EXITING) para evitar UAF."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/5b5475ce69f02ecc1b13ea23106e5b89c690429b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/8fefd166fcb368c5fcf48238e3f7c8af829e0a72",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/cf03020c56d3ed28c4942280957a007b5e9544f7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/d3da25c5ac84430f89875ca7485a3828150a7e0a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5b5475ce69f02ecc1b13ea23106e5b89c690429b",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/8fefd166fcb368c5fcf48238e3f7c8af829e0a72",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/cf03020c56d3ed28c4942280957a007b5e9544f7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/d3da25c5ac84430f89875ca7485a3828150a7e0a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.85",
"matchCriteriaId": "B62CF0EC-6C39-4DAD-A6CC-C31C3277A460"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.26",
"matchCriteriaId": "C520696A-A594-4FFC-A32D-12DA535CE911"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.5",
"matchCriteriaId": "DBD6C99E-4250-4DFE-8447-FF2075939D10"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/5b5475ce69f02ecc1b13ea23106e5b89c690429b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8fefd166fcb368c5fcf48238e3f7c8af829e0a72",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cf03020c56d3ed28c4942280957a007b5e9544f7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d3da25c5ac84430f89875ca7485a3828150a7e0a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5b5475ce69f02ecc1b13ea23106e5b89c690429b",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8fefd166fcb368c5fcf48238e3f7c8af829e0a72",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cf03020c56d3ed28c4942280957a007b5e9544f7",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d3da25c5ac84430f89875ca7485a3828150a7e0a",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

104
CVE-2024/CVE-2024-358xx/CVE-2024-35874.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35874",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-19T09:15:08.767",
"lastModified": "2024-11-21T09:21:06.160",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-30T17:37:18.307",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,99 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: aio: corrige el ptr deref null en aio_complete() wakeup list_del_init_careful() debe ser el \u00faltimo acceso a la entrada de la cola de espera; efectivamente desbloquea el acceso. Anteriormente, Finish_wait() ve\u00eda el encabezado de la lista vac\u00eda y omit\u00eda tomar el bloqueo, y luego regresabamos, pero la ruta de finalizaci\u00f3n a\u00fan intentar\u00eda realizar la reactivaci\u00f3n despu\u00e9s de que se hubiera sobrescrito el puntero task_struct."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/9678bcc6234d83759fe091c197f5017a32b468da",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/caeb4b0a11b3393e43f7fa8e0a5a18462acc66bd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/9678bcc6234d83759fe091c197f5017a32b468da",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/caeb4b0a11b3393e43f7fa8e0a5a18462acc66bd",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.8.5",
"matchCriteriaId": "7733C2C9-77AB-41F9-BE33-99FF60A64DBB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/9678bcc6234d83759fe091c197f5017a32b468da",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/caeb4b0a11b3393e43f7fa8e0a5a18462acc66bd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9678bcc6234d83759fe091c197f5017a32b468da",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/caeb4b0a11b3393e43f7fa8e0a5a18462acc66bd",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

162
CVE-2024/CVE-2024-358xx/CVE-2024-35891.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35891",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-19T09:15:10.157",
"lastModified": "2024-11-21T09:21:08.410",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-30T17:07:18.617",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,141 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: phy: micrel: corrige una posible desreferencia del puntero null en lan8814_get_sig_rx() y lan8814_get_sig_tx() ptp_parse_header() puede devolver NULL como ptp_header debido a un tipo de paquete anormal o a un paquete da\u00f1ado. Corrija este error agregando ptp_header check. Encontrado por el Centro de verificaci\u00f3n de Linux (linuxtesting.org) con SVACE."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/10608161696c2768f53426642f78a42bcaaa53e8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/49767b0df276f12e3e7184601e09ee7430e252dc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/95c1016a2d92c4c28a9d1b6d09859c00b19c0ea4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/96c155943a703f0655c0c4cab540f67055960e91",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/10608161696c2768f53426642f78a42bcaaa53e8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/49767b0df276f12e3e7184601e09ee7430e252dc",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/95c1016a2d92c4c28a9d1b6d09859c00b19c0ea4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/96c155943a703f0655c0c4cab540f67055960e91",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "6.1.85",
"matchCriteriaId": "960181B5-7D91-47C6-A39C-7713DBE982AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.26",
"matchCriteriaId": "C520696A-A594-4FFC-A32D-12DA535CE911"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.5",
"matchCriteriaId": "DBD6C99E-4250-4DFE-8447-FF2075939D10"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/10608161696c2768f53426642f78a42bcaaa53e8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/49767b0df276f12e3e7184601e09ee7430e252dc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/95c1016a2d92c4c28a9d1b6d09859c00b19c0ea4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/96c155943a703f0655c0c4cab540f67055960e91",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/10608161696c2768f53426642f78a42bcaaa53e8",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/49767b0df276f12e3e7184601e09ee7430e252dc",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/95c1016a2d92c4c28a9d1b6d09859c00b19c0ea4",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/96c155943a703f0655c0c4cab540f67055960e91",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

115
CVE-2024/CVE-2024-358xx/CVE-2024-35894.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35894",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-19T09:15:10.397",
"lastModified": "2024-11-21T09:21:08.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-30T17:09:05.570",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,27 +15,106 @@
"value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: mptcp: impide que BPF acceda a lowat desde un socket de subflujo. Alexei inform\u00f3 el siguiente s\u00edmbolo: ADVERTENCIA: CPU: 32 PID: 3276 en net/mptcp/subflow.c:1430 subflow_data_ready+0x147/0x1c0 M\u00f3dulos vinculados en: ficticio bpf_testmod(O) [\u00faltima descarga: bpf_test_no_cfi(O)] CPU: 32 PID: 3276 Comunicaciones: test_progs Contaminado: GO 6.8.0-12873-g2c43c33bfd23 Seguimiento de llamadas: mptcp_set_rcvlowat+0x79/0x1d0 sk_setsockopt+0x6c0/0x1540 __bpf_setsockopt+0x6f/0x90 ock_ops_setsockopt+0x3c/0x90 bpf_prog_509ce5db2c7f9981_bpf_test_sockopt_int+0xb4/0x11b bpf_prog_dce07e362d941d2b_bpf_test_socket_sockopt+0x12b /0x132 bpf_prog_348c9b5faaf10092_skops_sockopt+0x954/0xe86 __cgroup_bpf_run_filter_sock_ops+0xbc/0x250 tcp_connect+0x879/0x1160 tcp_v6_connect+0x50c/0x870 x129/0x280 __inet_stream_connect+0xce/0x370 inet_stream_connect+0x36/0x50 bpf_trampoline_6442491565+0x49/0xef inet_stream_connect+0x5/0x50 __sys_connect+0x63 /0x90 __x64_sys_connect+0x14/0x20 La causa principal del problema es que bpf permite acceder a proto_ops de nivel mptcp desde un alcance de subflujo tcp. Solucione el problema al detectar la llamada problem\u00e1tica y evitar cualquier acci\u00f3n."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/3ffb1ab698376f09cc33101c07c1be229389fe29",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/ee3c845787b621cfe82c2e52c513024a9d7a78f5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/fcf4692fa39e86a590c14a4af2de704e1d20a3b5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/3ffb1ab698376f09cc33101c07c1be229389fe29",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/fcf4692fa39e86a590c14a4af2de704e1d20a3b5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.5",
"matchCriteriaId": "DBD6C99E-4250-4DFE-8447-FF2075939D10"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3ffb1ab698376f09cc33101c07c1be229389fe29",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ee3c845787b621cfe82c2e52c513024a9d7a78f5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fcf4692fa39e86a590c14a4af2de704e1d20a3b5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3ffb1ab698376f09cc33101c07c1be229389fe29",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fcf4692fa39e86a590c14a4af2de704e1d20a3b5",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

275
CVE-2024/CVE-2024-358xx/CVE-2024-35895.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35895",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-19T09:15:10.477",
"lastModified": "2024-12-27T13:15:19.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-30T17:12:29.817",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,67 +15,226 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf, sockmap: Evitar el punto muerto de inversi\u00f3n de bloqueo en la eliminaci\u00f3n del mapa elem syzkaller comenz\u00f3 a usar corpus donde un programa de seguimiento BPF elimina elementos de un mapa sockmap/sockhash. Debido a que los programas de seguimiento BPF se pueden invocar desde cualquier contexto de interrupci\u00f3n, los bloqueos realizados durante una operaci\u00f3n map_delete_elem deben ser seguros. De lo contrario, es posible que se produzca un punto muerto debido a la inversi\u00f3n del bloqueo, como lo informa lockdep: CPU0 CPU1 ---- ---- lock(&htab->buckets[i].lock); local_irq_disable(); bloquear(&host->bloquear); lock(&htab->cubos[i].lock); bloqueo(&host->bloqueo); Los bloqueos en sockmap son dif\u00edciles de inseguro por dise\u00f1o. Esperamos que los elementos se eliminen de sockmap/sockhash solo en el contexto de la tarea (normal) con las interrupciones habilitadas o en el contexto de softirq. Detecta cu\u00e1ndo se invoca la operaci\u00f3n map_delete_elem desde un contexto que _no_ es hardirq-inseguro, es decir, las interrupciones est\u00e1n deshabilitadas y sale con un error. Tenga en cuenta que las actualizaciones de mapas no se ven afectadas por este problema. El verificador de BPF no permite actualizar sockmap/sockhash desde un programa de seguimiento de BPF en la actualidad."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/668b3074aa14829e2ac2759799537a93b60fef86",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/6af057ccdd8e7619960aca1f0428339f213b31cd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/a44770fed86515eedb5a7c00b787f847ebb134a5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/d1e73fb19a4c872d7a399ad3c66e8ca30e0875ec",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dd54b48db0c822ae7b520bc80751f0a0a173ef75",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f7990498b05ac41f7d6a190dc0418ef1d21bf058",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ff91059932401894e6c86341915615c5eb0eca48",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/668b3074aa14829e2ac2759799537a93b60fef86",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/6af057ccdd8e7619960aca1f0428339f213b31cd",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/a44770fed86515eedb5a7c00b787f847ebb134a5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/d1e73fb19a4c872d7a399ad3c66e8ca30e0875ec",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/dd54b48db0c822ae7b520bc80751f0a0a173ef75",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/f7990498b05ac41f7d6a190dc0418ef1d21bf058",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/ff91059932401894e6c86341915615c5eb0eca48",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.274",
"matchCriteriaId": "F45A0F3C-C16D-49C4-86D6-D021C3D4B834"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.215",
"matchCriteriaId": "9CD5894E-58E9-4B4A-B0F4-3E6BC134B8F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.154",
"matchCriteriaId": "577E212E-7E95-4A71-9B5C-F1D1A3AFFF46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.85",
"matchCriteriaId": "325665BF-2409-49D9-B391-39AD4566FDBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.26",
"matchCriteriaId": "C520696A-A594-4FFC-A32D-12DA535CE911"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.5",
"matchCriteriaId": "DBD6C99E-4250-4DFE-8447-FF2075939D10"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/668b3074aa14829e2ac2759799537a93b60fef86",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6af057ccdd8e7619960aca1f0428339f213b31cd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a44770fed86515eedb5a7c00b787f847ebb134a5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d1e73fb19a4c872d7a399ad3c66e8ca30e0875ec",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dd54b48db0c822ae7b520bc80751f0a0a173ef75",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f7990498b05ac41f7d6a190dc0418ef1d21bf058",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ff91059932401894e6c86341915615c5eb0eca48",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/668b3074aa14829e2ac2759799537a93b60fef86",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6af057ccdd8e7619960aca1f0428339f213b31cd",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a44770fed86515eedb5a7c00b787f847ebb134a5",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d1e73fb19a4c872d7a399ad3c66e8ca30e0875ec",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dd54b48db0c822ae7b520bc80751f0a0a173ef75",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f7990498b05ac41f7d6a190dc0418ef1d21bf058",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ff91059932401894e6c86341915615c5eb0eca48",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

246
CVE-2024/CVE-2024-358xx/CVE-2024-35896.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35896",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-19T09:15:10.557",
"lastModified": "2024-11-21T09:21:09.050",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-30T17:35:35.940",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,59 +15,205 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: netfilter: validar la entrada del usuario para la longitud esperada. Recib\u00ed varios informes de syzbot que muestran errores antiguos expuestos por BPF despu\u00e9s de la confirmaci\u00f3n 20f2505fb436 (\"bpf: intente evitar kzalloc en cgroup/{s,g} etsockopt\") setsockopt() El argumento @optlen debe tenerse en cuenta antes de copiar datos. ERROR: KASAN: losa fuera de l\u00edmites en copy_from_sockptr_offset include/linux/sockptr.h:49 [en l\u00ednea] ERROR: KASAN: losa fuera de l\u00edmites en copy_from_sockptr include/linux/sockptr.h:55 [en l\u00ednea] ERROR: KASAN: losa fuera de los l\u00edmites en do_replace net/ipv4/netfilter/ip_tables.c:1111 [en l\u00ednea] ERROR: KASAN: losa fuera de los l\u00edmites en do_ipt_set_ctl+0x902/0x3dd0 net/ipv4/netfilter/ ip_tables.c:1627 Lectura del tama\u00f1o 96 en la direcci\u00f3n ffff88802cd73da0 mediante la tarea syz-executor.4/7238 CPU: 1 PID: 7238 Comm: syz-executor.4 No contaminado 6.9.0-rc2-next-20240403-syzkaller #0 Hardware nombre: Google Google Compute Engine/Google Compute Engine, BIOS Google 27/03/2024 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:88 [en l\u00ednea] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 print_address_description mm/ kasan/report.c:377 [en l\u00ednea] print_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 kasan_check_range+0x282/0x290 mm/kasan/generic.c :189 __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105 copy_from_sockptr_offset include/linux/sockptr.h:49 [en l\u00ednea] copy_from_sockptr include/linux/sockptr.h:55 [en l\u00ednea] do_replace net/ipv4/netfilter/ip_tables .c:1111 [en l\u00ednea] do_ipt_set_ctl+0x902/0x3dd0 net/ipv4/netfilter/ip_tables.c:1627 nf_setsockopt+0x295/0x2c0 net/netfilter/nf_sockopt.c:101 do_sock_setsockopt+0x3af/0x720 net/socket.c:2 311 __sys_setsockopt +0x1ae/0x250 net/socket.c:2334 __do_sys_setsockopt net/socket.c:2343 [en l\u00ednea] __se_sys_setsockopt net/socket.c:2340 [en l\u00ednea] __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340 +0xfb/0x240 Entry_SYSCALL_64_after_hwframe+0x72/0x7a RIP: 0033:0x7fd22067dde9 C\u00f3digo: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fd21f9ff0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000 00036 RAX: ffffffffffffffda RBX: 00007fd2207abf80 RCX: 00007fd22067dde9 RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003 RBP: 00007fd2206ca47a R08: 0000000000000001 R09: 0000000000000000 R10: 0000000020000880 R11: 0000000000000246 R12: 0000000000000000 R13: 000000000000000b R14: 00007fd2207abf80 R15: 00007ffd2d0170d8 Asignado por la tarea 7238: kasan_save_stack mm/kasan/common. c:47 [en l\u00ednea] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:370 [en l\u00ednea] __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387 kasan_kmalloc include/ linux/kasan.h: 211 [en l\u00ednea] __do_kmalloc_node mm/slub.c: 4069 [inline] __kmalloc_noprof+0x200/0x410 mm/slub.c: 4082 kmalloc_noproof include/linux/slab.h: 664 [inline] __cgraGrempf_filup 47/ 0x1050 kernel/bpf/cgroup.c:1869 do_sock_setsockopt+0x6b4/0x720 net/socket.c:2293 __sys_setsockopt+0x1ae/0x250 net/socket.c:2334 __do_sys_setsockopt net/socket.c:2343 __se_sys _setsockopt net/socket. c:2340 [en l\u00ednea] __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340 do_syscall_64+0xfb/0x240 Entry_SYSCALL_64_after_hwframe+0x72/0x7a La direcci\u00f3n con errores pertenece al objeto en ffff88802cd73da0 que pertenece al cach\u00e9 kmalloc-8 de talla 8 el cochecito La direcci\u00f3n se encuentra a 0 bytes dentro de la regi\u00f3n asignada de 1 byte [ffff88802cd73da0, ffff88802cd73da1) La direcci\u00f3n con errores pertenece a la p\u00e1gina f\u00edsica: p\u00e1gina: refcount:1 mapcount:0 mapeo:00000000000000000 index:0xffff88802cd73020 pfn:0x2cd73 flags: 0xfff8000000 0000(nodo=0 |zone=1|lastcpupid=0xfff) tipo de p\u00e1gina: 0xfffffff(slab) raw: 00fff80000000000 ffff888015041280 dead000000000100 dead000000000122 raw: ffff88802cd73020 000000008080007f 00000001ffffefff 00"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/0c83842df40f86e529db6842231154772c20edcc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/0f038242b77ddfc505bf4163d4904c1abd2e74d6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/18aae2cb87e5faa9c5bd865260ceadac60d5a6c5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/440e948cf0eff32cfe322dcbca3f2525354b159b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/58f2bfb789e6bd3bc24a2c9c1580f3c67aec3018",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/81d51b9b7c95e791ba3c1a2dd77920a9d3b3f525",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0c83842df40f86e529db6842231154772c20edcc",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/0f038242b77ddfc505bf4163d4904c1abd2e74d6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/18aae2cb87e5faa9c5bd865260ceadac60d5a6c5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/440e948cf0eff32cfe322dcbca3f2525354b159b",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/58f2bfb789e6bd3bc24a2c9c1580f3c67aec3018",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/81d51b9b7c95e791ba3c1a2dd77920a9d3b3f525",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.12",
"versionEndExcluding": "5.10.215",
"matchCriteriaId": "002799BC-F3A0-4FEA-8CE5-91A6FA0D1A6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.154",
"matchCriteriaId": "577E212E-7E95-4A71-9B5C-F1D1A3AFFF46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.85",
"matchCriteriaId": "325665BF-2409-49D9-B391-39AD4566FDBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.26",
"matchCriteriaId": "C520696A-A594-4FFC-A32D-12DA535CE911"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.5",
"matchCriteriaId": "DBD6C99E-4250-4DFE-8447-FF2075939D10"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0c83842df40f86e529db6842231154772c20edcc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0f038242b77ddfc505bf4163d4904c1abd2e74d6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/18aae2cb87e5faa9c5bd865260ceadac60d5a6c5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/440e948cf0eff32cfe322dcbca3f2525354b159b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/58f2bfb789e6bd3bc24a2c9c1580f3c67aec3018",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/81d51b9b7c95e791ba3c1a2dd77920a9d3b3f525",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0c83842df40f86e529db6842231154772c20edcc",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0f038242b77ddfc505bf4163d4904c1abd2e74d6",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/18aae2cb87e5faa9c5bd865260ceadac60d5a6c5",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/440e948cf0eff32cfe322dcbca3f2525354b159b",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/58f2bfb789e6bd3bc24a2c9c1580f3c67aec3018",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/81d51b9b7c95e791ba3c1a2dd77920a9d3b3f525",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

56
CVE-2024/CVE-2024-465xx/CVE-2024-46542.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-46542",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-12-30T18:15:09.557",
"lastModified": "2024-12-30T18:15:09.557",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Veritas / Arctera Data Insight before 7.1.1 allows Application Administrators to conduct SQL injection attacks."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://www.veritas.com/support/en_US/security/ARC24-001",
"source": "cve@mitre.org"
}
]
}

64
CVE-2024/CVE-2024-522xx/CVE-2024-52294.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-52294",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-12-30T17:15:09.467",
"lastModified": "2024-12-30T17:15:09.467",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Khoj is a self-hostable artificial intelligence app. Prior to version 1.29.10, an Insecure Direct Object Reference (IDOR) vulnerability in the update_subscription endpoint allows any authenticated user to manipulate other users' Stripe subscriptions by simply modifying the email parameter in the request. The vulnerability exists in the subscription endpoint at `/api/subscription`. The endpoint uses an email parameter as a direct reference to user subscriptions without verifying object ownership. While authentication is required, there is no authorization check to verify if the authenticated user owns the referenced subscription. The issue was fixed in version 1.29.10. Support for arbitrarily presenting an email for update has been deprecated."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"references": [
{
"url": "https://github.com/khoj-ai/khoj/commit/47d3c8c23597900af708bdc60aced3ae5d2064c1",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/khoj-ai/khoj/security/advisories/GHSA-hq4h-w933-jm6c",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/khoj-ai/khoj/security/advisories/GHSA-hq4h-w933-jm6c",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

82
CVE-2024/CVE-2024-565xx/CVE-2024-56516.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2024-56516",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-12-30T17:15:09.687",
"lastModified": "2024-12-30T17:15:09.687",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "free-one-api allows users to access large language model reverse engineering libraries through the standard OpenAI API format. In versions up to and including 1.0.1, MD5 is used to hash passwords before sending them to the backend. MD5 is a cryptographically broken hashing algorithm and is no longer considered secure for password storage or transmission. It is vulnerable to collision attacks and can be easily cracked using modern hardware, exposing user credentials to potential compromise. As of time of publication, a replacement for MD5 has not been committed to the free-one-api GitHub repository."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-328"
}
]
}
],
"references": [
{
"url": "https://github.com/RockChinQ/free-one-api/blob/4d6ee42ffbb224b95be32c26cabc28d54d01bf78/web/src/main.js#L15",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/RockChinQ/free-one-api/security/advisories/GHSA-36cc-58vm-wm4h",
"source": "security-advisories@github.com"
}
]
}

86
CVE-2024/CVE-2024-565xx/CVE-2024-56517.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2024-56517",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-12-30T17:15:09.840",
"lastModified": "2024-12-30T17:15:09.840",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LGSL (Live Game Server List) provides online status lists for online video games. Versions up to and including 6.2.1 contain a reflected cross-site scripting vulnerability in the `Referer` HTTP header. The vulnerability allows attackers to inject arbitrary JavaScript code, which is reflected in the HTML response without proper sanitization. When crafted malicious input is provided in the `Referer` header, it is echoed back into an HTML attribute in the application\u2019s response. Commit 7ecb839df9358d21f64cdbff5b2536af25a77de1 contains a patch for the issue."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "LOW",
"subsequentSystemIntegrity": "LOW",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/tltneon/lgsl/blob/master/lgsl_files/lgsl_list.php#L20-L24",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/tltneon/lgsl/commit/7ecb839df9358d21f64cdbff5b2536af25a77de1",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/tltneon/lgsl/security/advisories/GHSA-ggwq-xc72-33r3",
"source": "security-advisories@github.com"
}
]
}

56
CVE-2024/CVE-2024-567xx/CVE-2024-56733.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56733",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-12-30T17:15:09.990",
"lastModified": "2024-12-30T17:15:09.990",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Password Pusher is an open source application to communicate sensitive information over the web. A vulnerability has been reported in versions 1.50.3 and prior where an attacker can copy the session cookie before a user logs out, potentially allowing session hijacking. Although the session token is replaced and invalidated upon logout, if an attacker manages to capture the session cookie before this process, they can use the token to gain unauthorized access to the user's session until the token expires or is manually cleared. This vulnerability hinges on the attacker's ability to access the session cookie during an active session, either through a man-in-the-middle attack, by exploiting another vulnerability like XSS, or via direct access to the victim's device. Although there is no direct resolution to this vulnerability, it is recommended to always use the latest version of Password Pusher to best mitigate risk. If self-hosting, ensure Password Pusher is hosted exclusively over SSL connections to encrypt traffic and prevent session cookies from being intercepted in transit. Additionally, implement best practices in local security to safeguard user systems, browsers, and data against unauthorized access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.5,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-384"
}
]
}
],
"references": [
{
"url": "https://github.com/pglombardo/PasswordPusher/security/advisories/GHSA-4fwj-m62q-pp47",
"source": "security-advisories@github.com"
}
]
}

82
CVE-2024/CVE-2024-567xx/CVE-2024-56734.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2024-56734",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-12-30T17:15:10.133",
"lastModified": "2024-12-30T17:15:10.133",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Better Auth is an authentication library for TypeScript. An open redirect vulnerability has been identified in the verify email endpoint of all versions of Better Auth prior to v1.1.6, potentially allowing attackers to redirect users to malicious websites. This issue affects users relying on email verification links generated by the library. The verify email callback endpoint accepts a `callbackURL` parameter. Unlike other verification methods, email verification only uses JWT to verify and redirect without proper validation of the target domain. The origin checker is bypassed in this scenario because it only checks for `POST` requests. An attacker can manipulate this parameter to redirect users to arbitrary URLs controlled by the attacker. Version 1.1.6 contains a patch for the issue."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://github.com/better-auth/better-auth/commit/deb3d73aea90d0468d92723f4511542b593e522f",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/better-auth/better-auth/security/advisories/GHSA-8jhw-6pjj-8723",
"source": "security-advisories@github.com"
}
]
}

58
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-12-30T17:00:22.637383+00:00
2024-12-30T19:00:27.598572+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-12-30T16:15:11.920000+00:00
2024-12-30T18:59:10.807000+00:00
```
### Last Data Feed Release
@ -33,33 +33,53 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
275172
275183
```
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `11`
- [CVE-2024-50701](CVE-2024/CVE-2024-507xx/CVE-2024-50701.json) (`2024-12-30T15:15:10.430`)
- [CVE-2024-50702](CVE-2024/CVE-2024-507xx/CVE-2024-50702.json) (`2024-12-30T15:15:10.567`)
- [CVE-2024-50703](CVE-2024/CVE-2024-507xx/CVE-2024-50703.json) (`2024-12-30T15:15:10.693`)
- [CVE-2024-12754](CVE-2024/CVE-2024-127xx/CVE-2024-12754.json) (`2024-12-30T17:15:07.127`)
- [CVE-2024-12828](CVE-2024/CVE-2024-128xx/CVE-2024-12828.json) (`2024-12-30T17:15:07.717`)
- [CVE-2024-12834](CVE-2024/CVE-2024-128xx/CVE-2024-12834.json) (`2024-12-30T17:15:07.857`)
- [CVE-2024-12835](CVE-2024/CVE-2024-128xx/CVE-2024-12835.json) (`2024-12-30T17:15:08.000`)
- [CVE-2024-12836](CVE-2024/CVE-2024-128xx/CVE-2024-12836.json) (`2024-12-30T17:15:08.137`)
- [CVE-2024-46542](CVE-2024/CVE-2024-465xx/CVE-2024-46542.json) (`2024-12-30T18:15:09.557`)
- [CVE-2024-52294](CVE-2024/CVE-2024-522xx/CVE-2024-52294.json) (`2024-12-30T17:15:09.467`)
- [CVE-2024-56516](CVE-2024/CVE-2024-565xx/CVE-2024-56516.json) (`2024-12-30T17:15:09.687`)
- [CVE-2024-56517](CVE-2024/CVE-2024-565xx/CVE-2024-56517.json) (`2024-12-30T17:15:09.840`)
- [CVE-2024-56733](CVE-2024/CVE-2024-567xx/CVE-2024-56733.json) (`2024-12-30T17:15:09.990`)
- [CVE-2024-56734](CVE-2024/CVE-2024-567xx/CVE-2024-56734.json) (`2024-12-30T17:15:10.133`)
### CVEs modified in the last Commit
Recently modified CVEs: `11`
Recently modified CVEs: `23`
- [CVE-2022-31640](CVE-2022/CVE-2022-316xx/CVE-2022-31640.json) (`2024-12-30T16:15:06.100`)
- [CVE-2022-31641](CVE-2022/CVE-2022-316xx/CVE-2022-31641.json) (`2024-12-30T16:15:08.253`)
- [CVE-2022-31642](CVE-2022/CVE-2022-316xx/CVE-2022-31642.json) (`2024-12-30T16:15:08.893`)
- [CVE-2022-31644](CVE-2022/CVE-2022-316xx/CVE-2022-31644.json) (`2024-12-30T16:15:09.530`)
- [CVE-2022-31645](CVE-2022/CVE-2022-316xx/CVE-2022-31645.json) (`2024-12-30T16:15:10.130`)
- [CVE-2022-31646](CVE-2022/CVE-2022-316xx/CVE-2022-31646.json) (`2024-12-30T15:15:06.637`)
- [CVE-2023-35149](CVE-2023/CVE-2023-351xx/CVE-2023-35149.json) (`2024-12-30T16:15:11.097`)
- [CVE-2024-12967](CVE-2024/CVE-2024-129xx/CVE-2024-12967.json) (`2024-12-30T15:15:08.143`)
- [CVE-2024-12986](CVE-2024/CVE-2024-129xx/CVE-2024-12986.json) (`2024-12-30T15:15:08.390`)
- [CVE-2024-35862](CVE-2024/CVE-2024-358xx/CVE-2024-35862.json) (`2024-12-30T15:00:09.317`)
- [CVE-2024-56522](CVE-2024/CVE-2024-565xx/CVE-2024-56522.json) (`2024-12-30T16:15:11.920`)
- [CVE-2021-47253](CVE-2021/CVE-2021-472xx/CVE-2021-47253.json) (`2024-12-30T18:59:10.807`)
- [CVE-2024-10903](CVE-2024/CVE-2024-109xx/CVE-2024-10903.json) (`2024-12-30T18:15:06.253`)
- [CVE-2024-11223](CVE-2024/CVE-2024-112xx/CVE-2024-11223.json) (`2024-12-30T18:15:08.090`)
- [CVE-2024-13021](CVE-2024/CVE-2024-130xx/CVE-2024-13021.json) (`2024-12-30T18:15:08.877`)
- [CVE-2024-13025](CVE-2024/CVE-2024-130xx/CVE-2024-13025.json) (`2024-12-30T18:15:09.273`)
- [CVE-2024-13038](CVE-2024/CVE-2024-130xx/CVE-2024-13038.json) (`2024-12-30T17:15:08.473`)
- [CVE-2024-13039](CVE-2024/CVE-2024-130xx/CVE-2024-13039.json) (`2024-12-30T17:15:08.597`)
- [CVE-2024-35846](CVE-2024/CVE-2024-358xx/CVE-2024-35846.json) (`2024-12-30T17:39:04.807`)
- [CVE-2024-35847](CVE-2024/CVE-2024-358xx/CVE-2024-35847.json) (`2024-12-30T17:41:16.633`)
- [CVE-2024-35850](CVE-2024/CVE-2024-358xx/CVE-2024-35850.json) (`2024-12-30T17:42:02.767`)
- [CVE-2024-35851](CVE-2024/CVE-2024-358xx/CVE-2024-35851.json) (`2024-12-30T18:10:36.050`)
- [CVE-2024-35852](CVE-2024/CVE-2024-358xx/CVE-2024-35852.json) (`2024-12-30T18:11:22.623`)
- [CVE-2024-35855](CVE-2024/CVE-2024-358xx/CVE-2024-35855.json) (`2024-12-30T18:11:57.997`)
- [CVE-2024-35856](CVE-2024/CVE-2024-358xx/CVE-2024-35856.json) (`2024-12-30T18:12:11.003`)
- [CVE-2024-35858](CVE-2024/CVE-2024-358xx/CVE-2024-35858.json) (`2024-12-30T18:12:40.047`)
- [CVE-2024-35866](CVE-2024/CVE-2024-358xx/CVE-2024-35866.json) (`2024-12-30T17:35:00.177`)
- [CVE-2024-35867](CVE-2024/CVE-2024-358xx/CVE-2024-35867.json) (`2024-12-30T17:36:49.973`)
- [CVE-2024-35868](CVE-2024/CVE-2024-358xx/CVE-2024-35868.json) (`2024-12-30T17:37:00.887`)
- [CVE-2024-35874](CVE-2024/CVE-2024-358xx/CVE-2024-35874.json) (`2024-12-30T17:37:18.307`)
- [CVE-2024-35891](CVE-2024/CVE-2024-358xx/CVE-2024-35891.json) (`2024-12-30T17:07:18.617`)
- [CVE-2024-35894](CVE-2024/CVE-2024-358xx/CVE-2024-35894.json) (`2024-12-30T17:09:05.570`)
- [CVE-2024-35895](CVE-2024/CVE-2024-358xx/CVE-2024-35895.json) (`2024-12-30T17:12:29.817`)
- [CVE-2024-35896](CVE-2024/CVE-2024-358xx/CVE-2024-35896.json) (`2024-12-30T17:35:35.940`)
## Download and Usage

85
_state.csv
View File

@ -187440,7 +187440,7 @@ CVE-2021-47249,0,0,f9a6bc9ecd2b8dc9b5687638b894d4bbdef04fe768174b0c3d7f5556528f9
CVE-2021-47250,0,0,f676c191f733fd3ce6e94fa46c8f09423009bcad69975a226187b0c200458b72,2024-11-21T06:35:43.443000
CVE-2021-47251,0,0,910383b3bb8c00e34855fcda8c3ec1d6bd52252a19036ebff555cedb288a9861,2024-11-21T06:35:43.570000
CVE-2021-47252,0,0,8f2ae53195e1d344dcddbea9cafebc6f137c371b83b1765850464be0bba730c1,2024-11-21T06:35:43.683000
CVE-2021-47253,0,0,d22a2ab32baa0e0507e7beac8d5549b0a1c9c309c54f58263b3a9314058a8770,2024-11-21T06:35:43.807000
CVE-2021-47253,0,1,9bc677a4b5d13cd8fd06f4b9374a9aa62a3778e7b12c1d5302b8dc1a583e0856,2024-12-30T18:59:10.807000
CVE-2021-47254,0,0,6fe70480f164ca2acf94053fec55c31f639aaa36f5787b5158dd37649c0ccc4f,2024-11-21T06:35:43.917000
CVE-2021-47255,0,0,ab70f22d16c8786e854f11454b2eea8afe54254c834b2d2bd6063c66081a9479,2024-11-21T06:35:44.037000
CVE-2021-47256,0,0,0f51de379b692c2d0a857a25782e52c1e5499b2d759e9b9b493c9ede6fbb425a,2024-11-21T06:35:44.143000
@ -199836,13 +199836,13 @@ CVE-2022-31636,0,0,3dde94b5af6733fb77f8357055347d897ee2984f52a5eb2f297bff7574e2b
CVE-2022-31637,0,0,7e118aefb900f1b8771bfb03c3f88a05095e573d84c8f798deca45c7a537e9d6,2024-11-21T07:04:55.353000
CVE-2022-31638,0,0,2059d84d26545dd04336453f64b35e323c5ddc67e0fdd01032a49e7d96e0e32b,2024-11-21T07:04:55.950000
CVE-2022-31639,0,0,2db9867db165c9710bd5f24a4058d245249a75be5ab8aab9a798192b24a8bc65,2024-11-21T07:04:56.547000
CVE-2022-31640,0,1,f11ab96742ffed0fb0a866e562fccf8c44d323795437840f01b1c6fa62caafe8,2024-12-30T16:15:06.100000
CVE-2022-31641,0,1,19b2fb0e0f951485c4ce9094635fe73b00e4bc17b8e05ad62063edc0869672a9,2024-12-30T16:15:08.253000
CVE-2022-31642,0,1,bff5cf87808677159fc9a6eb9ac18eb2800300e0308ae0d505b80b1cf22db0b8,2024-12-30T16:15:08.893000
CVE-2022-31640,0,0,f11ab96742ffed0fb0a866e562fccf8c44d323795437840f01b1c6fa62caafe8,2024-12-30T16:15:06.100000
CVE-2022-31641,0,0,19b2fb0e0f951485c4ce9094635fe73b00e4bc17b8e05ad62063edc0869672a9,2024-12-30T16:15:08.253000
CVE-2022-31642,0,0,bff5cf87808677159fc9a6eb9ac18eb2800300e0308ae0d505b80b1cf22db0b8,2024-12-30T16:15:08.893000
CVE-2022-31643,0,0,fa151018684c6953f65551b56a139dc61374f7ada3432debb6b95888226f8cf1,2024-11-21T07:05:00.397000
CVE-2022-31644,0,1,d2f1b7ae6d968ce9af9272f45757253f626b70e3243e9918d28b589a4ed2702d,2024-12-30T16:15:09.530000
CVE-2022-31645,0,1,6b86f17d92883acc5c3abbb67b419eb61386e37b9ab3a1471447601d2947bf99,2024-12-30T16:15:10.130000
CVE-2022-31646,0,1,995785360bc01cd17d07f522fdbaaa941afdaafaa0ddeb6d1e5740ab63223713,2024-12-30T15:15:06.637000
CVE-2022-31644,0,0,d2f1b7ae6d968ce9af9272f45757253f626b70e3243e9918d28b589a4ed2702d,2024-12-30T16:15:09.530000
CVE-2022-31645,0,0,6b86f17d92883acc5c3abbb67b419eb61386e37b9ab3a1471447601d2947bf99,2024-12-30T16:15:10.130000
CVE-2022-31646,0,0,995785360bc01cd17d07f522fdbaaa941afdaafaa0ddeb6d1e5740ab63223713,2024-12-30T15:15:06.637000
CVE-2022-31647,0,0,686a0c7255434abb33926aae8f59dfa7c9274563a0096c9e0644efa512bf620d,2024-11-21T07:05:02.257000
CVE-2022-31648,0,0,344ed376a4cfa12222e8b7aecf75bd89b2d9d6886b929fc17ec8e6e7b5447d92,2024-11-21T07:05:02.450000
CVE-2022-31649,0,0,f63981d3365b98465059d41e02f9513486e43c621f49a87e2c3ed4c211bfcf49,2024-11-21T07:05:02.637000
@ -227238,7 +227238,7 @@ CVE-2023-35145,0,0,1a86cee39ac4e4407c4314d5b2e1552e4baaf436309a563e839ead9ccfcda
CVE-2023-35146,0,0,44a63ad040fd2edfccf8b6f97433b38f373080f85f689126729db827ad535a71,2024-11-21T08:08:01.803000
CVE-2023-35147,0,0,233b4938779d512532f422e30243b34ce634214a9f795e026d2cfb954c4c9d83,2024-11-21T08:08:01.930000
CVE-2023-35148,0,0,f8e216cbe98b2f220d321401798e26f42833a9b49e6fbdce4af0c486619ddf05,2024-11-21T08:08:02.047000
CVE-2023-35149,0,1,55df5d32cebf1e44be6bb756e411e1e6672b4e82fde779c5a3dcde946aa755db,2024-12-30T16:15:11.097000
CVE-2023-35149,0,0,55df5d32cebf1e44be6bb756e411e1e6672b4e82fde779c5a3dcde946aa755db,2024-12-30T16:15:11.097000
CVE-2023-3515,0,0,35dd4df8483f4213f98d9836b0fc238555087f3031c5695b66fd64b78ece979b,2024-11-21T08:17:26.130000
CVE-2023-35150,0,0,65b755d7ced4323ca0a24d92979a2dbd96132af8a1df7aaf083274d3763cc197,2024-11-21T08:08:02.300000
CVE-2023-35151,0,0,cedc948a948a15c9fc98f318f978208ed5642808a6da0b0532a1276bd30cb9a7,2024-11-21T08:08:02.453000
@ -243838,7 +243838,7 @@ CVE-2024-10898,0,0,d9a5fb3426672bd932cc2ebb845531319083e29bf1e7e7f09eeff58772f4f
CVE-2024-10899,0,0,3278ed9055fdf20d3bd937513eb10691156bd1e9c65996b252cdb3333f0a4c29,2024-11-26T21:01:21.643000
CVE-2024-1090,0,0,25394912143750ca3ffe33d94e93f357a3dc60f87581aca09b64a7b29ccebdf4,2024-12-27T15:41:41.897000
CVE-2024-10900,0,0,5438023601d5947725ce57a2b51b24b31a697395c49ac1553534945223b38a58,2024-11-29T20:58:31.967000
CVE-2024-10903,0,0,b048cf9032aa628ec8fdf50d1a6a74ed5579a3ad5e274d3b91c9d9d1aa7bbbd6,2024-12-26T06:15:05.397000
CVE-2024-10903,0,1,4b83af475b2ee1b428df17dee5389cac414e31e1e9acd0596c2e9a6f9d70e177,2024-12-30T18:15:06.253000
CVE-2024-10905,0,0,98e243c9c6d3626765a0f5bec050b58ca35d0a0d124978428fd582cb710fa7ee,2024-12-06T18:15:22.207000
CVE-2024-10909,0,0,8a3e5be040021a81e0e5e83c9e95ad90e5ace916bf19a03e529e43ec6a7f9976,2024-12-06T10:15:05.107000
CVE-2024-1091,0,0,d045bb00be6b727b8446a1313ae1a5f17faa5a6975f018f9a79f0e7c5bff1bb0,2024-12-27T15:45:27.200000
@ -244088,7 +244088,7 @@ CVE-2024-11217,0,0,ed759533e03aa35e8c0da432c074a17d944b8c610b5fc002d28480855d6fc
CVE-2024-11219,0,0,e0425cf1f1ca40cc6d95ef04e03e17b5776d09d72a88fcf5abbcb2ac00f59570,2024-11-27T06:15:18.110000
CVE-2024-1122,0,0,4a647161edb6d6dbac08921722ee9f0f3f3f764af2a44d6cd56ac17a7d3d92e5,2024-11-21T08:49:50.943000
CVE-2024-11220,0,0,5638e4c56cecb636c7b9e9af730cca60f5085a7f9cf6e6a192a2c97c73abab40,2024-12-06T18:15:22.407000
CVE-2024-11223,0,0,ab0dbe78cd7ea825dd57a60a07cb329c1c9ff1f4931e44127b31a1df544b27ba,2024-12-26T06:15:05.617000
CVE-2024-11223,0,1,d75d95a61775726397d8c97460b74fd5ed2ab0335df998c9281fea9bc6ff2b7b,2024-12-30T18:15:08.090000
CVE-2024-11224,0,0,2cdc35f700571377d770dfe6d7a5c097f3055ab07c10acabf750a1174f4e07dd,2024-11-19T21:57:32.967000
CVE-2024-11225,0,0,49e01dccad3ee4a4adc9a23405324c84c815ee3ae2fa63f77a3607812451f386,2024-11-22T06:15:19.283000
CVE-2024-11227,0,0,4429f46befcca636641488313efda0ce9e85d610d1a8222594e7b609e2557ec7,2024-11-23T10:15:04.083000
@ -245096,6 +245096,7 @@ CVE-2024-12744,0,0,db2cef6174f0f203336fd1a602951ac160bef125d0730a8230a23f49ec8a8
CVE-2024-12745,0,0,d39132eefd07723f30fb227ef12fb8aaf3a83b250d0f3b28d89ab1e076f94541,2024-12-26T15:15:06.527000
CVE-2024-12746,0,0,df5c191123ddac7611e41b52ec167446638f37d1f7bfb5919f7163608ca92308,2024-12-26T15:15:06.650000
CVE-2024-1275,0,0,55e303d499b7cd70146b064f11442ebd0ad45cafbb26b305d69871c04faa255a,2024-11-21T08:50:12.913000
CVE-2024-12754,1,1,cc49a740b9b02282be04809e0ec9e9f9181e846c2c42209dd24ca5d17558bc72,2024-12-30T17:15:07.127000
CVE-2024-1276,0,0,342e07ea1475f57185158b84be14279572eebbc1b91e4c07c491730599e6701d,2024-11-21T08:50:13.050000
CVE-2024-1277,0,0,fdccc6e1d66b4b759fea691d8a9a7ad4f8cc0afd5b2fb224e654b3bd9de12942,2024-11-21T08:50:13.170000
CVE-2024-12771,0,0,adaa7480d8738512efdcfd2f9f87c67eebbb8482c06b61f78400b2b84e02b742,2024-12-21T07:15:09.997000
@ -245118,11 +245119,15 @@ CVE-2024-12798,0,0,b22bdeb2b26785654d91d487c4f06e7b2dd400c4d39acc123e4464236a6ce
CVE-2024-12801,0,0,b51e57fd4685baecb02f8ee1865a503e8f152614c2fcdb897096f0c66b52c6b2,2024-12-19T17:15:08.930000
CVE-2024-12814,0,0,9d88ed8035fdc2fe3c6fe32e0accb8f4976205d682521fcc6260cfe967c9dc43,2024-12-24T07:15:10.800000
CVE-2024-1282,0,0,e6b07825f0f3597687613e3a6164d0e157f6f527c33c61eb8d90ec07193bdec2,2024-11-21T08:50:13.520000
CVE-2024-12828,1,1,28c200a13b14baa13804e935d3333b64f6d1e673d0788df4553ec7bcec7ebadb,2024-12-30T17:15:07.717000
CVE-2024-12829,0,0,257aa5df9a65e5a26a5dfff61b975b444549e902804125a56862b419688fda02,2024-12-20T01:15:05.737000
CVE-2024-1283,0,0,b1c9571efecc70819ed9018aef1b79e079809dddea59c76e732d84247ac1db52,2024-11-21T08:50:13.640000
CVE-2024-12830,0,0,d470cb6fc3fe8e8aa0a6c4cc1287ddbc0c157e9dcd1c9d995dc3b5da98b62d5f,2024-12-20T01:15:06.537000
CVE-2024-12831,0,0,ee990a01207fe908765da10e76490fce24db7a9bcc474453114918459a915730,2024-12-20T01:15:06.670000
CVE-2024-12832,0,0,c36c4dbfbed5d52ec77f535bcad057707bcb3f30150d33c83f565d39d6ff7c5f,2024-12-20T01:15:06.793000
CVE-2024-12834,1,1,42c1eae502d28c98db195f540a9c8f4947fcef6a936ce9383d090aeedf31e01d,2024-12-30T17:15:07.857000
CVE-2024-12835,1,1,456551b469a3e0837a51a7b87cad89a81e52a63efb0e82cd825df7f15bc00b7a,2024-12-30T17:15:08
CVE-2024-12836,1,1,947a6526b2f3576c89b08ea6819418230607e057855f6bcd272df393ac987473,2024-12-30T17:15:08.137000
CVE-2024-1284,0,0,2e71db4897104f6683ee75152cd91e2f417b7912ff1c292da5c27be659017dd1,2024-11-21T08:50:13.780000
CVE-2024-12840,0,0,e7528a4b68539dcba75aad0835821b79ed34f43bac74e1052c7303bbe2f9c53b,2024-12-20T16:15:23.417000
CVE-2024-12841,0,0,c738525065181f5fd675eaeda283796811d753e1465fe11eed1df9a607acfd7a,2024-12-20T19:15:06.097000
@ -245205,7 +245210,7 @@ CVE-2024-12963,0,0,57f82207620016a08e0cb80b0791f36983b5234c758838adbd8c3ad91e56b
CVE-2024-12964,0,0,d513e19faa5f3847ffc26f78baf6678142a42a5a46d88fa1ccbe6fd4373f497d,2024-12-27T17:15:07.477000
CVE-2024-12965,0,0,0f5c2540cdb5ac873ce2cfe31073cd5dedecd4e0bfda6d5a77312d614a188bf7,2024-12-27T17:15:07.593000
CVE-2024-12966,0,0,2b9f12982839474c2e9bdcaa35313f34a8e49674ee4c820004a347386206e514,2024-12-27T17:15:07.733000
CVE-2024-12967,0,1,373940667d19816c3418d961d099af60d3af6231ff28cd91d7af64f003be34e3,2024-12-30T15:15:08.143000
CVE-2024-12967,0,0,373940667d19816c3418d961d099af60d3af6231ff28cd91d7af64f003be34e3,2024-12-30T15:15:08.143000
CVE-2024-12968,0,0,0365cfa50aed25aedb7b14e0121254d6a1ab1fc0b7f758bc56f083b331d8bb13,2024-12-27T17:15:07.867000
CVE-2024-12969,0,0,11cb52c0f3a8d2b5e3f9f455e34a756b2b5e55ad686d92ced4ed9827b4f944c8,2024-12-27T17:15:07.993000
CVE-2024-1297,0,0,2270a35f58f01dfb2d035ead28d39deb5680170c865c1d2b9c2476f9e60aaf13,2024-11-21T08:50:15.770000
@ -245220,7 +245225,7 @@ CVE-2024-12982,0,0,893f77442fc90837f9fe8793b451cee087a15ccc8805ad197e0839b6fe5fa
CVE-2024-12983,0,0,660e4511105a84d2089d110a972b11b03704d82ea07b70bce67e29a844922ccc,2024-12-27T16:15:23.683000
CVE-2024-12984,0,0,2c297c29fb447d1430461a9ec66143a0de7d14670d4c271bfba67150b1a1dbab,2024-12-27T15:15:11.957000
CVE-2024-12985,0,0,2bdd786ff99684e2940fbb368bbbfcd24bd850484328bf10ddf8e8613423ca24,2024-12-27T16:15:23.807000
CVE-2024-12986,0,1,9fe6763e6eaae8601cf98cfafc9a1a86fa65061195b84f986c70f384863d74a7,2024-12-30T15:15:08.390000
CVE-2024-12986,0,0,9fe6763e6eaae8601cf98cfafc9a1a86fa65061195b84f986c70f384863d74a7,2024-12-30T15:15:08.390000
CVE-2024-12987,0,0,c34eb558d4755dfea413aff63fb504ec6d0dd703cae8adfb47244c5b6d7c7934,2024-12-27T21:15:07.510000
CVE-2024-12988,0,0,d49ef682e5362e9795b8ee2b72556738a81fba0241a7492ab219be161b1a2c53,2024-12-27T19:15:08.260000
CVE-2024-12989,0,0,2bcfe5274c1815d529b34a7951b77a117c72887b42dca93dbd01b232b34b8745,2024-12-27T18:15:24.777000
@ -245253,11 +245258,11 @@ CVE-2024-13018,0,0,083b5e4e2fa86246983f0fd476b84784f9dac25dcba6ed963c92124634ebb
CVE-2024-13019,0,0,618d68837dff8847c83ac8da5f6bf61151a37eacb8552c1b36b157fc0963ce39,2024-12-29T19:15:06.097000
CVE-2024-1302,0,0,50e21539c22b43b4db748f33a4680786d0cd3b39c9a7a5fc858bc75c33660782,2024-11-21T08:50:16.467000
CVE-2024-13020,0,0,2916e522cf2b8d14142afa8629cb0d2116b3867d136a09d1c87f4d9b5a62f928,2024-12-29T19:15:07.273000
CVE-2024-13021,0,0,521ad71af2c0629838bea435a2fcdf80dc49a418cbb2c1adaa365efc2f54aa2c,2024-12-29T20:15:05.043000
CVE-2024-13021,0,1,db94a67fd5023220dfcd097aa849d00631aaccd25e2ab01bcc8f620ec54fee4a,2024-12-30T18:15:08.877000
CVE-2024-13022,0,0,31946f46234a2f885529fc55fb9df522feaa7112e2244bd255db91f99134c814,2024-12-29T20:15:05.980000
CVE-2024-13023,0,0,a6002ae756a126843e0244f11dec8062c69ff459b14d4771d8dead00e17d6b47,2024-12-29T21:15:06.020000
CVE-2024-13024,0,0,e340e51a3df794ede6df3c6be7e441d083b7ba4e9dc9e86eed36ca28aec27427,2024-12-29T21:15:06.220000
CVE-2024-13025,0,0,a87750376ff6243f001740c9bce13c9b5fe6fd7c08ed899ff608efcb535952c9,2024-12-29T23:15:05.460000
CVE-2024-13025,0,1,6867582f47f172a3b53dbcaf1c90af96cf474ce9f490e0420f40da6fbd24221d,2024-12-30T18:15:09.273000
CVE-2024-13028,0,0,9c7c8ebb025b45a51d90b3c21686bdb8a4bd0ad2279542d46cda94901b741f1b,2024-12-29T23:15:06.030000
CVE-2024-13029,0,0,b5072dc5bc09f8cacb09ffc8e511fa77cd763986efcaa6d43b5f9a8ec7809208,2024-12-30T00:15:04.837000
CVE-2024-1303,0,0,922ad92b627c1129d744b1f80cb5c88d28598a22649a8dddf52c9956281bb86f,2024-11-21T08:50:16.593000
@ -245269,8 +245274,8 @@ CVE-2024-13034,0,0,69cb0d3f29c23b4b7fc920d34536c6278d7de06cd50576381c7ac05e3dd5f
CVE-2024-13035,0,0,e1f689ff483053555ac9885351229a7477a3d6f2684d5e5ad5f1d1e5180870f4,2024-12-30T03:15:06.413000
CVE-2024-13036,0,0,cc787097d94873a8d64f651dd3d62e36330079400cb1055ccbea025c43303e77,2024-12-30T03:15:06.580000
CVE-2024-13037,0,0,ad1a2687fd8ca034a4ba7eb450dd7b7cb6ce76af79e47f53a4dcc006981f21de,2024-12-30T04:15:05.200000
CVE-2024-13038,0,0,cbf9071eca24ba5f5babd558a8179f543c51ae52d32abf3e80b13bda8d856ec3,2024-12-30T04:15:05.387000
CVE-2024-13039,0,0,b01215443cbf3b546fae19ca4360b2d76399675e646f86704febf42b9d5e60db,2024-12-30T05:15:06.170000
CVE-2024-13038,0,1,4583c4724ce1695329d04a091cf334038675ae1fc4b89e1e9c52332e7b115d63,2024-12-30T17:15:08.473000
CVE-2024-13039,0,1,5fcf5529e0f60e939c342e8ff9bcb8e9371ea109f210669df3b0c791fd94ef0a,2024-12-30T17:15:08.597000
CVE-2024-1304,0,0,7f3d377d10786bd7b29e3437adfa1f791151a43db698785def3901d685804d14,2024-11-21T08:50:16.717000
CVE-2024-1305,0,0,61bd2e20ff0aa394ece1e84d5d848dafdcba1e6f1c6375393ac194bd0f52a153,2024-11-21T08:50:16.840000
CVE-2024-1306,0,0,0542247252f536db3d3f5f372f6b06cf8f9322e7de2b3d2f5040c13d3f80547b,2024-11-21T08:50:17.053000
@ -257868,37 +257873,37 @@ CVE-2024-35842,0,0,21799788b8cabbdbe91ce360d73547600eac3d87cf8b3a9121a26fc502f4f
CVE-2024-35843,0,0,cee4d8898f6914b8a5b7084ed783fb99cdcb67df53f69204c30554d92d2abafa,2024-11-21T09:21:01.610000
CVE-2024-35844,0,0,e455f18abaea3dc4d1db31120c214fd99fdb8338e5af324899cc254293b36b90,2024-11-21T09:21:01.800000
CVE-2024-35845,0,0,44b3b895cd6d2bea6a3e16b3eca058f25b779ab6e6011e6d3e2a1d44c3a51b33,2024-11-21T09:21:01.927000
CVE-2024-35846,0,0,7f282f22638f58964faf6d58ce0ee68af6e0e4beaf7d761a8dd61c057b90f9cd,2024-11-21T09:21:02.143000
CVE-2024-35847,0,0,e7d1b392d3689dff94d0f98d884b943772ff3187f182b1aa88751e9a94730c7d,2024-11-21T09:21:02.257000
CVE-2024-35846,0,1,101b63b47715dfcd1937f81d7256a8b1f132c1f3deb04357825f0a420f5f983a,2024-12-30T17:39:04.807000
CVE-2024-35847,0,1,c19f8b9d9e4e40da285a56f7c18b34eb12c16e10c0279d23a4a26aa6f00f9b02,2024-12-30T17:41:16.633000
CVE-2024-35848,0,0,e9417d782de3122a29e67db81cddb3ed4f28d7595ee031c686c61d6bf64985bc,2024-11-21T09:21:02.400000
CVE-2024-35849,0,0,2f6a4f53ef5872b81302925b1ba7c2122deb0c6f8fdd55122c6692944d083e1b,2024-11-21T09:21:02.527000
CVE-2024-3585,0,0,894aef8c5de424b4c5d49a8c6c0e86b182b8c577f8d117c3cb6bff919e3e5349,2024-11-21T09:29:55.827000
CVE-2024-35850,0,0,828e1084af82896da504defd8bc2367369f7a0d3d16f9955e5bb0933f7a4ab81,2024-11-21T09:21:02.670000
CVE-2024-35851,0,0,31431da2aaafef151a3048e9a134c9f3a5f88d52940ac6bcc46f9c6b1faafd79,2024-11-21T09:21:02.783000
CVE-2024-35852,0,0,ae4ccb6ff55e6132ec36de24d210d265a8701a85806f0beda0196b8a5f07ff76,2024-11-21T09:21:02.917000
CVE-2024-35850,0,1,12722b1120f71a5eb5d7518257aed463cb126b32302f1674085f355595dc5fd9,2024-12-30T17:42:02.767000
CVE-2024-35851,0,1,cfaa8771ba8102c5f82be86956f3138ef358159ff5b710b057e85eada5fbb5da,2024-12-30T18:10:36.050000
CVE-2024-35852,0,1,c173be03d86fa74cfa1d5b5940bc1a7fde8e91c95a66d24ca15faea02b348cb3,2024-12-30T18:11:22.623000
CVE-2024-35853,0,0,cb559653e153f56ec99fbf74401ade5a2e266d653108c3b3983e672957445419,2024-11-21T09:21:03.077000
CVE-2024-35854,0,0,3e7741be6b13224b614012cd2016f3866786b72041d898782a56d23756e44fe8,2024-11-21T09:21:03.313000
CVE-2024-35855,0,0,7a6faf3fcaecb6b661ac7ec41702f837a2e1537874669c3061dc3c21e26e76dc,2024-11-21T09:21:03.530000
CVE-2024-35856,0,0,7a750785ddda031f0c2c2133f5be715df274a80681442602c160152b367e46b8,2024-11-21T09:21:03.643000
CVE-2024-35855,0,1,af6ad0f1f53c67284472bddd127f352a74fa2ced2e6dfece16be9ab2f083d3f3,2024-12-30T18:11:57.997000
CVE-2024-35856,0,1,e2e6b1d9aa7dbc7ef1fd324e4a35cf2800c22c475926267639c988e223fd2d72,2024-12-30T18:12:11.003000
CVE-2024-35857,0,0,9a8493f8933ae7958584ba04394475c5875746737f5a6103bce569ea317574a6,2024-11-21T09:21:03.753000
CVE-2024-35858,0,0,835d4c6bf85ca7e777257ca004d86a711bd336e3900f92516acf3e6905a95467,2024-11-21T09:21:03.940000
CVE-2024-35858,0,1,d92789fb602aeebaae2afc6d75c5ab61d0f2045dcfdcb9aa6facab039d3d87f1,2024-12-30T18:12:40.047000
CVE-2024-35859,0,0,090dc5bf02e7c7d608c72cf966d6235f0f902fd4d32b75455323662e70ffeb00,2024-11-21T09:21:04.043000
CVE-2024-35860,0,0,c5798de33a4d522c0a7519af72aed3025e7d3ee6c474d15bcff6cc1547c4e999,2024-11-21T09:21:04.220000
CVE-2024-35861,0,0,7bda632b0af7fb912c1fc80a6b51e401a9c4f2c781ca02e4240d4b9ba6044d7a,2024-12-30T14:57:32.627000
CVE-2024-35862,0,1,c3e67a013d1c51ddc061c7d30dc247c7cf7c410ac824d19ddc4ec43799fe8b49,2024-12-30T15:00:09.317000
CVE-2024-35862,0,0,c3e67a013d1c51ddc061c7d30dc247c7cf7c410ac824d19ddc4ec43799fe8b49,2024-12-30T15:00:09.317000
CVE-2024-35863,0,0,b81c5679910d1847fbf7862e8247b87fbb3204b0718f830872294595c3959792,2024-12-30T14:58:23.177000
CVE-2024-35864,0,0,31226063ea69d29e428d6ad9d6921f8854f38c9e5b1a81fdb73fb251b4513c60,2024-12-30T14:58:03.057000
CVE-2024-35865,0,0,cf6f175d533ee10d6f54c3ebcfdb93d935e02aa77be3f7308461df9f59e1e2eb,2024-11-21T09:21:04.827000
CVE-2024-35866,0,0,c17b7eb7d18b16ffbff97a229ebf9264a87c8ae22c90d5977022f079fb65a342,2024-11-21T09:21:05.010000
CVE-2024-35867,0,0,c342e7d3df1be6823e978f1d318831dc21f55a15f922a36a4b4a54348d830895,2024-11-21T09:21:05.120000
CVE-2024-35868,0,0,2e33ca17a2a10f1b2c66f872b7b0c9878cb3e8e880ae1aab87f41e4f8019bbcb,2024-11-21T09:21:05.247000
CVE-2024-35866,0,1,abcc613c29138ad93e4484ed4178e50c40819975904876187d18e6849d25e00c,2024-12-30T17:35:00.177000
CVE-2024-35867,0,1,8e95fb505b7b53669d48ce83b635c337b6e7aff7fd795842c6e2773bdc0f852d,2024-12-30T17:36:49.973000
CVE-2024-35868,0,1,e8b95ad6bcd307204263d2d8707c5b297bc3637fd97a489fe51ccf8435e7faa9,2024-12-30T17:37:00.887000
CVE-2024-35869,0,0,9e772bd1e5376287508f6583e2db244b20584459ba81d52dde963845ce612bb5,2024-11-21T09:21:05.373000
CVE-2024-3587,0,0,d796127fe00036180574bc0acf0ef97c6e42b5586ad9b2a144bef2e5bc673425,2024-11-21T09:29:55.960000
CVE-2024-35870,0,0,e01caf0034f5c573ded3dc4c9863e56440e0d15b6ca4477633a9ab58bc063bfc,2024-12-19T19:15:06.820000
CVE-2024-35871,0,0,62c73a2b71b01d2d57ed37cbe47d0adce8debd2269edbe6ac03bbceb9a016f1e,2024-11-21T09:21:05.780000
CVE-2024-35872,0,0,f484ec88c2f57c80229210904c6ec0cfee742498945d8a4724f47902ecde9e63,2024-11-21T09:21:05.920000
CVE-2024-35873,0,0,5659988900f7f8a163916c98d92e289e3f0a1be264b1c80106a7972ef9e5fa89,2024-11-21T09:21:06.037000
CVE-2024-35874,0,0,1272462bf352485f1972e5919c9c70774c89b0fce1fa46b139d0273bb1b95a09,2024-11-21T09:21:06.160000
CVE-2024-35874,0,1,6a07e6874b5d577b8208e72670a65096d30bbd6262dfde26a08df4cdd46686ee,2024-12-30T17:37:18.307000
CVE-2024-35875,0,0,4fcfb904ece0da9a34e2cf7857e4f24c0ea2ada20782e80c356408630e976ae9,2024-11-21T09:21:06.273000
CVE-2024-35876,0,0,21d4e04307171f23eb20581ae687ed873b8b572985d4124c23ec05853b41f51c,2024-05-23T14:15:09.830000
CVE-2024-35877,0,0,47f91ecb3b8685cd3beea9e61cc4aaa83dbbb710cacf7a3c1584914c9a987a69,2024-11-21T09:21:06.417000
@ -257916,12 +257921,12 @@ CVE-2024-35887,0,0,2bec1c5bc4c530b3d141e18ebb957d75fe0d25760ef9db20f954509ce0ed4
CVE-2024-35888,0,0,6bf0ec8c17367dc341ce782cd402aac605c61aacc6e47d6a8eda07b899880bc7,2024-11-21T09:21:07.963000
CVE-2024-35889,0,0,3faf32e7c6fe80946cbcf92f7ac750cbb9f8e1ab9e4f1fbf1e83203da8d9952f,2024-11-21T09:21:08.173000
CVE-2024-35890,0,0,b48c0adaf3ad6503b6bc1a56362fe63c2fde4acbc88f69296d9596a816c20388,2024-11-21T09:21:08.290000
CVE-2024-35891,0,0,793ce9a7581fc1f9655e8a3bbe05ad39139c5e534fa600787c206ef13a85db1a,2024-11-21T09:21:08.410000
CVE-2024-35891,0,1,885f68d54afe493b940360469ba789a1bf06796f950be8c3e2597b6e4d1c8051,2024-12-30T17:07:18.617000
CVE-2024-35892,0,0,69a045f4582c781dfa4942d8e2e4da93d09d9d5ba8e90e9166c3822ae028e3d9,2024-11-21T09:21:08.533000
CVE-2024-35893,0,0,4a1d265eb79d94b0c1d5d35b602a251fd1d2908be4bb19174906ebb9036b62f0,2024-11-21T09:21:08.660000
CVE-2024-35894,0,0,e07697653aa4d238ff91c6dd5508d412935ed89d3765995364bfebd17cd5688b,2024-11-21T09:21:08.797000
CVE-2024-35895,0,0,e26dca18be3d61a22a73f11baae4a23a2f94059dcf5b8b2ea938dd3b22ad5c2f,2024-12-27T13:15:19.797000
CVE-2024-35896,0,0,ba73434c305e835934f4d1d052fec72c6128b328d43b5c492991e413e8e0288b,2024-11-21T09:21:09.050000
CVE-2024-35894,0,1,d592ddaff67a21402bfa035a261e094b1a052f83477a4787a2065c63bf3ec895,2024-12-30T17:09:05.570000
CVE-2024-35895,0,1,c018cf47702f32fa7c01b5f49cfa8a67a520bd4738b435c3a53610d90bd10732,2024-12-30T17:12:29.817000
CVE-2024-35896,0,1,636f09e80c279bf656f939a3415a57cf0758915fa2b8b8b0ab7d92a2e979e562,2024-12-30T17:35:35.940000
CVE-2024-35897,0,0,0516a56c89d43cf4bf0e00a483ae8808e72493de016922add00ab07985299ae2,2024-11-21T09:21:09.183000
CVE-2024-35898,0,0,2b19af62e4da32f554d6bf40a3b42f6e30dee8f2419aa52b6846f1820743e701,2024-11-21T09:21:09.313000
CVE-2024-35899,0,0,11a2b23cf941f9839b39efc317ac13f10c84ba39dab1cd8d40a7557ebbc83814,2024-11-21T09:21:09.523000
@ -265377,6 +265382,7 @@ CVE-2024-46538,0,0,36ab03c909d91ed67f1af19450c3d6e48453f6f51660df666d70bd09393db
CVE-2024-46539,0,0,ae91e2d70102a1f16abd97afb097daba74795893f1a3d024416684e8f573e136,2024-10-10T12:56:30.817000
CVE-2024-4654,0,0,3ba1a7fb0c9b6d7f54909c48e7df48bad4f328f4a19665a74071d60aed80ba01,2024-11-21T09:43:18.787000
CVE-2024-46540,0,0,5c4d8363d4bde694b44e99e56f90b2898aba08a12423dcef920dec1f4e57f71e,2024-10-04T13:51:25.567000
CVE-2024-46542,1,1,f7059bcdf3899b66efcf9da1696d9768b721594a66924474a7a79598b2874adf,2024-12-30T18:15:09.557000
CVE-2024-46544,0,0,18fdd73b046b2ee0cd6f9e6a9d70043cfeda335681c354a0d0e609ab48ccce27,2024-11-21T09:38:43.193000
CVE-2024-46547,0,0,86eb89be00821f13d31344ba6fcc2c24d55708d9a9aae2e9fadfe4852acc82dd,2024-12-11T16:15:11.573000
CVE-2024-46548,0,0,ecfe181e9afdc259eed5f8be096dc10a92316fd358c5fa43e082d2e50cbd68ce,2024-10-04T13:51:25.567000
@ -268447,9 +268453,9 @@ CVE-2024-50672,0,0,a506f4d2b4e62571040ff3dd4b935bbaea397a7aabe2668687c8152c3cc15
CVE-2024-50677,0,0,41d5addef3c1d4fcaf4d23ee7f34aa0575b53eb368f3af05bd4b5c5da2166101,2024-12-06T17:15:10.180000
CVE-2024-5069,0,0,ad719aec2191fa4733004e376bcb495f235c4247fa2915a6912d571066c414e6,2024-11-21T09:46:53.973000
CVE-2024-50699,0,0,b7bfb9ce8d871e66c8bc846d040c669e65be2a2e4a5ca2c2838499d7e02651cc,2024-12-11T16:15:12.720000
CVE-2024-50701,1,1,8a425dcfc4eae8298f28fabf6b33fe72be02546da5f5ac786e872bfaa5711eae,2024-12-30T16:15:11.387000
CVE-2024-50702,1,1,2571d2b76c3720865aadb0aca0493774cd9be2477d44e0732f58f6a3463bf26b,2024-12-30T16:15:11.550000
CVE-2024-50703,1,1,3ca543686c5a223cd6a966e24a4095e2a8fb771b46dd2bf6c556fada9156fae6,2024-12-30T16:15:11.713000
CVE-2024-50701,0,0,8a425dcfc4eae8298f28fabf6b33fe72be02546da5f5ac786e872bfaa5711eae,2024-12-30T16:15:11.387000
CVE-2024-50702,0,0,2571d2b76c3720865aadb0aca0493774cd9be2477d44e0732f58f6a3463bf26b,2024-12-30T16:15:11.550000
CVE-2024-50703,0,0,3ca543686c5a223cd6a966e24a4095e2a8fb771b46dd2bf6c556fada9156fae6,2024-12-30T16:15:11.713000
CVE-2024-5071,0,0,6dfa056d4abe7e6b37a7311009a7ee0087dcbc392285cd9b9ee51e94d1bed9a4,2024-11-21T09:46:54.120000
CVE-2024-50713,0,0,ef6222df7fefcdb4ff0c05dd5195e429baad1ae292e8f58093855db0cd9cdceb,2024-12-27T21:15:07.837000
CVE-2024-50714,0,0,16a84fabc05c17c54dc3f6c81da670e09dd8653b1c5c6f9870ff04492fd544cd,2024-12-28T18:15:08.193000
@ -269316,6 +269322,7 @@ CVE-2024-5229,0,0,63153433f9d0f04fca69495bce1a183063fdaf2e1bafea11f69a4b454a7347
CVE-2024-52291,0,0,67366554fa12fc5f80ea7a37ab4efbcf755b65176915cc467a885e5d178f478a,2024-11-19T18:06:42.973000
CVE-2024-52292,0,0,98ff7782d74c8a880b21aa3925ef392e3d7f9afb5fb086d700b2918ea0d38572,2024-11-19T18:27:21.567000
CVE-2024-52293,0,0,48995c1833d437873320d2a00d4716843128fee61b180655a95bba4546c3a839,2024-11-19T17:51:39.460000
CVE-2024-52294,1,1,dae835dc1a3f0b470fc75df7d6a6195197f58544ab8b18be85a4fbb5ed6f9de0,2024-12-30T17:15:09.467000
CVE-2024-52295,0,0,e730c6e09fd9fd9e28e10b0ed526a93e0a22272d88079810e21b865a0086f60a,2024-11-21T15:15:32.900000
CVE-2024-52296,0,0,b562f18595b8ca53024157f705b18f7c73f8b643fe6d08b20dc5b815792285b0,2024-11-13T17:01:58.603000
CVE-2024-52297,0,0,5528a19c9c06652e4abd378b7e62659078889b6d0c1cac57d71cfe9d52fe1e73,2024-11-13T17:01:58.603000
@ -271257,11 +271264,13 @@ CVE-2024-56509,0,0,9eaeae1f7b8c8e75d17552f014dec0e2f8e3eb274c4a7605543f4a62406c3
CVE-2024-5651,0,0,1b52d2c21baa1eebb0031be2e17eaf5cabf9f1b7ab486745a4d7c4c1e8ed2d60,2024-08-30T14:15:16.820000
CVE-2024-56510,0,0,455df6502629948cebf0de2208b49dba0ad1ef07f23a212f1e45f8c101d4f935,2024-12-26T21:15:06.743000
CVE-2024-56512,0,0,fb4379c8a390a1b759f4166891b605054b948310a82def3157334ebd2bad532f,2024-12-28T17:15:07.967000
CVE-2024-56516,1,1,e289a49884350d8e97e9919ccb1e372d3094ed3378a92522ef92eda6cf2f092f,2024-12-30T17:15:09.687000
CVE-2024-56517,1,1,65c6507911433d4cc6f529fa655b3eded381be11e52e2d7cbe5b07f95e44efda,2024-12-30T17:15:09.840000
CVE-2024-56519,0,0,ba6a49ecaaf54f8458a0d69c5d70c7a58a8b2dfa4fff4d4173a1ded6a5dca02f,2024-12-27T05:15:07.677000
CVE-2024-5652,0,0,1dda3b28a95a3027cca32754d8e2a9cb8bd181dca86e7b0a455abcf575817afc,2024-11-21T09:48:05.750000
CVE-2024-56520,0,0,d5cf08096a86ee5091a69d63f922a02ae7d505f736e95f2dafa31155ab9b2521,2024-12-27T05:15:07.837000
CVE-2024-56521,0,0,6c08543a38146e5fc1fde79ac98f99bec226bbcb111f67da05a8800cf78ac8d9,2024-12-27T05:15:07.977000
CVE-2024-56522,0,1,c0719b044dbc0fcdc0d4eaed012a8c95725e84ecda329fba60f601478e6101fc,2024-12-30T16:15:11.920000
CVE-2024-56522,0,0,c0719b044dbc0fcdc0d4eaed012a8c95725e84ecda329fba60f601478e6101fc,2024-12-30T16:15:11.920000
CVE-2024-56527,0,0,bc553a98c63c830a826f605f9380ce4cabbc6f74db77f93c30b7ece0efc5737f,2024-12-28T19:15:07.800000
CVE-2024-5653,0,0,6a43b27cee3d2293652e8e6e2ccb4fc0236822263be85c5365c247a4f0b2a7b5,2024-11-21T09:48:05.873000
CVE-2024-56531,0,0,29081dacccdc16bd19c2c0276ad13d26d67c523fb953bef36fddd8fa7ad7aad5,2024-12-27T14:15:32.503000
@ -271484,6 +271493,8 @@ CVE-2024-56729,0,0,e8d0bcd62c0fa625da9b73039367afc32a9ac21f2bc943be1fd0e28592a75
CVE-2024-5673,0,0,f8b3774ce465f722b68e8727929e95d8d546e4b203a41a4244c7e4dffeee7a73,2024-11-21T09:48:08.057000
CVE-2024-56730,0,0,8c0489a2be6826ac090f4c7143c5a1ce20538326cb249c1bf4efa4ce53c3426d,2024-12-29T12:15:07.130000
CVE-2024-56732,0,0,287b71ca5ec03d5825a19e7eb68f3eaf02e994b222dd83ad368ff3860bd04893,2024-12-28T17:15:08.190000
CVE-2024-56733,1,1,bb7ab60192d128c5924c9681713573d2d6ee23c38f0427411ab8458f0d80d941,2024-12-30T17:15:09.990000
CVE-2024-56734,1,1,2497b230c6d0aecf91aef170893b52e8572cbc936227f00c99e840956d0d53ab,2024-12-30T17:15:10.133000
CVE-2024-56737,0,0,c5b53d74a7d8becee9d7686cadbd97c81361cafe48dbaf7f17677fffdb74d569,2024-12-29T07:15:06
CVE-2024-56738,0,0,dbe898f2fe3f1be88a29cc27198d8199547b6c9a324db196d7c00718a50e331e,2024-12-29T07:15:06.183000
CVE-2024-56739,0,0,76854638c5197df86d13e9907fc31b51cb0725dcb6db0a6b52c0c727fdee40a6,2024-12-29T12:15:07.240000

Can't render this file because it is too large.