admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-05 10:18:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-02-10T19:00:21.268128+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-02-10 19:03:49 +00:00
parent 9a07e96403
commit 1d16e6dadb
116 changed files with 4007 additions and 519 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
CVE-2010/CVE-2010-33xx/CVE-2010-3333.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-3333",
"sourceIdentifier": "secure@microsoft.com",
"published": "2010-11-10T03:00:02.087",
"lastModified": "2024-12-19T18:20:37.733",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:09.133",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -78,6 +98,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

34
CVE-2015/CVE-2015-16xx/CVE-2015-1642.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-1642",
"sourceIdentifier": "secure@microsoft.com",
"published": "2015-08-15T00:59:00.110",
"lastModified": "2025-01-17T21:14:52.883",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:21.377",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -78,6 +98,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

24
CVE-2015/CVE-2015-16xx/CVE-2015-1671.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-1671",
"sourceIdentifier": "secure@microsoft.com",
"published": "2015-05-13T10:59:03.910",
"lastModified": "2025-01-22T17:14:02.217",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:21.813",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

24
CVE-2015/CVE-2015-17xx/CVE-2015-1701.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-1701",
"sourceIdentifier": "secure@microsoft.com",
"published": "2015-04-21T10:59:00.073",
"lastModified": "2025-01-22T17:13:40.250",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:22.080",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

34
CVE-2015/CVE-2015-17xx/CVE-2015-1770.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-1770",
"sourceIdentifier": "secure@microsoft.com",
"published": "2015-06-10T01:59:36.483",
"lastModified": "2025-01-22T17:14:22.697",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:22.347",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -78,6 +98,16 @@
"value": "CWE-824"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-824"
}
]
}
],
"configurations": [

34
CVE-2015/CVE-2015-25xx/CVE-2015-2502.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-2502",
"sourceIdentifier": "secure@microsoft.com",
"published": "2015-08-19T10:59:00.090",
"lastModified": "2025-01-17T21:36:28.900",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:22.627",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -78,6 +98,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

24
CVE-2015/CVE-2015-25xx/CVE-2015-2545.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-2545",
"sourceIdentifier": "secure@microsoft.com",
"published": "2015-09-09T00:59:52.190",
"lastModified": "2025-01-17T21:36:34.027",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:22.913",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

24
CVE-2015/CVE-2015-25xx/CVE-2015-2590.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-2590",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2015-07-16T10:59:17.050",
"lastModified": "2025-01-22T17:14:47.177",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:23.163",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [

24
CVE-2015/CVE-2015-61xx/CVE-2015-6175.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-6175",
"sourceIdentifier": "secure@microsoft.com",
"published": "2015-12-09T11:59:56.580",
"lastModified": "2025-01-28T18:49:04.947",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:23.560",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

24
CVE-2016/CVE-2016-00xx/CVE-2016-0040.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-0040",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-02-10T11:59:06.440",
"lastModified": "2025-01-23T18:53:55.303",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:09.997",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

34
CVE-2016/CVE-2016-00xx/CVE-2016-0099.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-0099",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-03-09T11:59:09.590",
"lastModified": "2025-01-23T18:53:58.553",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:10.217",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -77,6 +97,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

34
CVE-2016/CVE-2016-01xx/CVE-2016-0151.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-0151",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-04-12T23:59:15.890",
"lastModified": "2025-01-23T18:54:02.340",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:10.453",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -78,6 +98,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

24
CVE-2016/CVE-2016-01xx/CVE-2016-0162.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-0162",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-04-12T23:59:26.410",
"lastModified": "2025-01-23T18:54:05.493",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:10.663",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [

24
CVE-2016/CVE-2016-01xx/CVE-2016-0165.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-0165",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-04-12T23:59:28.303",
"lastModified": "2025-01-28T18:49:19.287",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:10.867",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

24
CVE-2016/CVE-2016-01xx/CVE-2016-0167.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-0167",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-04-12T23:59:30.430",
"lastModified": "2025-01-28T18:49:24.557",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:23.807",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

24
CVE-2016/CVE-2016-01xx/CVE-2016-0185.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-0185",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-05-11T01:59:26.097",
"lastModified": "2025-01-28T18:49:41.717",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:24.027",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

34
CVE-2016/CVE-2016-01xx/CVE-2016-0189.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-0189",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-05-11T01:59:30.537",
"lastModified": "2025-01-28T18:18:29.837",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:11.080",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -78,6 +98,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

24
CVE-2016/CVE-2016-32xx/CVE-2016-3235.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-3235",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-06-16T01:59:36.983",
"lastModified": "2025-01-28T18:19:16.473",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:11.317",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

24
CVE-2016/CVE-2016-32xx/CVE-2016-3298.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-3298",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-10-14T02:59:13.893",
"lastModified": "2025-01-28T18:19:22.623",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:11.570",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [

24
CVE-2016/CVE-2016-33xx/CVE-2016-3309.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-3309",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-08-09T21:59:16.113",
"lastModified": "2025-01-28T18:19:06.723",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:11.780",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

24
CVE-2016/CVE-2016-33xx/CVE-2016-3351.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-3351",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-09-14T10:59:24.357",
"lastModified": "2025-01-28T18:19:10.320",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:11.983",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [

24
CVE-2016/CVE-2016-33xx/CVE-2016-3393.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-3393",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-10-14T02:59:30.290",
"lastModified": "2025-01-28T18:19:26.667",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:12.217",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

35
CVE-2016/CVE-2016-72xx/CVE-2016-7200.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-7200",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-11-10T06:59:15.733",
"lastModified": "2025-02-04T21:29:20.137",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:12.430",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -78,6 +98,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
@ -223,6 +253,7 @@
"url": "https://github.com/theori-io/chakra-2016-11",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
},

34
CVE-2016/CVE-2016-72xx/CVE-2016-7201.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-7201",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-11-10T06:59:16.810",
"lastModified": "2025-02-04T21:30:04.133",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:12.673",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -78,6 +98,16 @@
"value": "CWE-843"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"configurations": [

24
CVE-2016/CVE-2016-72xx/CVE-2016-7255.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-7255",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-11-10T07:00:09.460",
"lastModified": "2025-02-04T21:30:08.313",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:12.877",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

24
CVE-2016/CVE-2016-72xx/CVE-2016-7256.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-7256",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-11-10T07:00:10.537",
"lastModified": "2025-02-04T21:30:19.967",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:13.110",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

24
CVE-2016/CVE-2016-72xx/CVE-2016-7262.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-7262",
"sourceIdentifier": "secure@microsoft.com",
"published": "2016-12-20T06:59:00.373",
"lastModified": "2025-02-04T21:30:24.030",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:13.300",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

34
CVE-2017/CVE-2017-00xx/CVE-2017-0037.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-0037",
"sourceIdentifier": "secure@microsoft.com",
"published": "2017-02-26T23:59:00.150",
"lastModified": "2025-02-04T21:30:28.147",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T17:15:13.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -78,6 +98,16 @@
"value": "CWE-843"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"configurations": [

32
CVE-2017/CVE-2017-01xx/CVE-2017-0148.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-0148",
"sourceIdentifier": "secure@microsoft.com",
"published": "2017-03-17T00:59:04.150",
"lastModified": "2024-11-21T03:02:26.143",
"lastModified": "2025-02-10T17:15:13.767",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -78,6 +98,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2017/CVE-2017-01xx/CVE-2017-0149.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-0149",
"sourceIdentifier": "secure@microsoft.com",
"published": "2017-03-17T00:59:04.180",
"lastModified": "2024-11-21T03:02:26.330",
"lastModified": "2025-02-10T17:15:14.060",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -78,6 +98,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

22
CVE-2017/CVE-2017-01xx/CVE-2017-0199.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-0199",
"sourceIdentifier": "secure@microsoft.com",
"published": "2017-04-12T14:59:01.157",
"lastModified": "2024-11-21T03:02:32.430",
"lastModified": "2025-02-10T17:15:14.327",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

22
CVE-2017/CVE-2017-02xx/CVE-2017-0210.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-0210",
"sourceIdentifier": "secure@microsoft.com",
"published": "2017-04-12T14:59:01.420",
"lastModified": "2024-11-21T03:02:33.517",
"lastModified": "2025-02-10T17:15:14.643",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

22
CVE-2017/CVE-2017-02xx/CVE-2017-0213.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-0213",
"sourceIdentifier": "secure@microsoft.com",
"published": "2017-05-12T14:29:01.393",
"lastModified": "2024-11-21T03:02:33.890",
"lastModified": "2025-02-10T17:15:14.897",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
],
"cvssMetricV2": [

32
CVE-2017/CVE-2017-02xx/CVE-2017-0222.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-0222",
"sourceIdentifier": "secure@microsoft.com",
"published": "2017-05-12T14:29:02.143",
"lastModified": "2024-11-21T03:02:34.867",
"lastModified": "2025-02-10T17:15:15.137",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -78,6 +98,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

12
CVE-2019/CVE-2019-33xx/CVE-2019-3396.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-3396",
"sourceIdentifier": "security@atlassian.com",
"published": "2019-03-25T19:29:01.647",
"lastModified": "2025-02-07T13:15:27.390",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-10T18:56:33.027",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -119,16 +119,16 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.12",
"matchCriteriaId": "8701B6A3-95BA-4C0C-B89D-29326EFFCABE"
"matchCriteriaId": "EE0A6BCA-F10E-4CFD-B740-AEAC08A6A5A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7.0",
"versionEndExcluding": "6.12.3",
"matchCriteriaId": "1923B735-5D8A-4BDE-8200-EFF85FB5C362"
"matchCriteriaId": "2253D975-8194-437C-958A-55ECF152E0AC"
},
{
"vulnerable": true,

21
CVE-2019/CVE-2019-33xx/CVE-2019-3398.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-3398",
"sourceIdentifier": "security@atlassian.com",
"published": "2019-04-18T18:29:00.970",
"lastModified": "2025-02-07T13:15:27.623",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-10T18:54:57.053",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -119,17 +119,17 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0",
"versionEndExcluding": "6.6.13",
"matchCriteriaId": "87FD8FA0-0FC8-4882-B6BD-574E0D4151C2"
"matchCriteriaId": "0D168206-104A-4472-B80C-53C690AAD3AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7.0",
"versionEndExcluding": "6.12.4",
"matchCriteriaId": "B5B684B7-7174-4844-93BF-B34FA16AAB1D"
"matchCriteriaId": "913A98A6-05F2-44D3-9997-C9665B00CC1F"
},
{
"vulnerable": true,
@ -144,6 +144,13 @@
"versionStartIncluding": "6.14.0",
"versionEndExcluding": "6.14.3",
"matchCriteriaId": "0302809C-5A6C-4698-B2AE-69021A96AD67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.15.0",
"versionEndExcluding": "6.15.2",
"matchCriteriaId": "21CD506C-79B6-4E96-80CC-9CC996E8E428"
}
]
}

4
CVE-2021/CVE-2021-260xx/CVE-2021-26084.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-26084",
"sourceIdentifier": "security@atlassian.com",
"published": "2021-08-30T07:15:06.587",
"lastModified": "2025-02-04T15:15:12.120",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-10T18:02:37.233",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

145
CVE-2022/CVE-2022-248xx/CVE-2022-24810.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-24810",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-04-16T20:15:09.227",
"lastModified": "2024-11-21T06:51:08.977",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-10T18:59:51.857",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,64 +69,157 @@
"value": "CWE-476"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:net-snmp:net-snmp:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.9.2",
"matchCriteriaId": "79AD3D1F-9090-4939-8C82-E676C8C0FBC7"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2103225",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105241",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Product"
]
},
{
"url": "https://security.gentoo.org/glsa/202210-29",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2022/dsa-5209",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2103225",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105241",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Product"
]
},
{
"url": "https://security.gentoo.org/glsa/202210-29",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2022/dsa-5209",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2022/CVE-2022-268xx/CVE-2022-26871.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26871",
"sourceIdentifier": "security@trendmicro.com",
"published": "2022-03-29T21:15:07.760",
"lastModified": "2025-01-29T17:15:18.650",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-10T18:58:50.293",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

32
CVE-2022/CVE-2022-470xx/CVE-2022-47053.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47053",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-12T13:15:07.297",
"lastModified": "2024-11-21T07:31:27.103",
"lastModified": "2025-02-10T17:15:15.457",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-473xx/CVE-2022-47338.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47338",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-04-11T12:15:07.353",
"lastModified": "2024-11-21T07:31:45.330",
"lastModified": "2025-02-10T18:15:24.483",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-668"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-473xx/CVE-2022-47362.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47362",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-04-11T12:15:07.387",
"lastModified": "2024-11-21T07:31:49.763",
"lastModified": "2025-02-10T18:15:24.720",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-474xx/CVE-2022-47463.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47463",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-04-11T12:15:07.423",
"lastModified": "2024-11-21T07:32:00.863",
"lastModified": "2025-02-10T18:15:24.947",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-474xx/CVE-2022-47464.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47464",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-04-11T12:15:07.460",
"lastModified": "2024-11-21T07:32:00.987",
"lastModified": "2025-02-10T18:15:25.173",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-484xx/CVE-2022-48437.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48437",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-12T05:15:07.653",
"lastModified": "2024-11-21T07:33:20.810",
"lastModified": "2025-02-10T17:15:15.690",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-295"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-19xx/CVE-2023-1906.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1906",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-04-12T22:15:11.967",
"lastModified": "2024-11-21T07:40:07.200",
"lastModified": "2025-02-10T17:15:15.963",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,13 +32,33 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
@ -48,6 +68,16 @@
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{

12
CVE-2023/CVE-2023-225xx/CVE-2023-22518.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22518",
"sourceIdentifier": "security@atlassian.com",
"published": "2023-10-31T15:15:08.573",
"lastModified": "2025-02-03T17:15:12.607",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-10T17:57:38.567",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -97,9 +97,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionStartIncluding": "1.0",
"versionEndExcluding": "7.19.16",
"matchCriteriaId": "3B807590-F41A-4F12-87DF-698D83853191"
"matchCriteriaId": "6EFE3358-3C6B-4C54-98B4-E573AC0C6A43"
},
{
"vulnerable": true,
@ -140,9 +140,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionStartIncluding": "1.0",
"versionEndExcluding": "7.19.16",
"matchCriteriaId": "3E147060-0403-4D4C-8E87-453077B4C4CE"
"matchCriteriaId": "949F14BD-CBDD-4633-8A72-3CA2B6310CBB"
},
{
"vulnerable": true,

32
CVE-2023/CVE-2023-226xx/CVE-2023-22616.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-22616",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-12T13:15:07.370",
"lastModified": "2024-11-21T07:45:03.920",
"lastModified": "2025-02-10T17:15:16.200",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-610"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-610"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-226xx/CVE-2023-22620.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-22620",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-12T23:15:06.943",
"lastModified": "2024-11-21T07:45:04.387",
"lastModified": "2025-02-10T17:15:16.413",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-863"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [

4
CVE-2023/CVE-2023-410xx/CVE-2023-41064.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41064",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-07T18:15:07.727",
"lastModified": "2025-02-03T14:15:35.367",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-10T17:52:50.483",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2023/CVE-2023-419xx/CVE-2023-41990.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41990",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-12T00:15:09.463",
"lastModified": "2025-02-03T14:15:35.587",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-10T17:54:22.390",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2023/CVE-2023-419xx/CVE-2023-41991.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41991",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-21T19:15:11.283",
"lastModified": "2025-02-03T14:15:35.770",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-10T17:53:40.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2023/CVE-2023-419xx/CVE-2023-41992.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41992",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-21T19:15:11.520",
"lastModified": "2025-02-03T14:15:35.983",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-10T17:54:46.227",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2023/CVE-2023-428xx/CVE-2023-42824.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42824",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-04T19:15:10.490",
"lastModified": "2025-02-03T14:15:36.527",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-10T17:55:03.120",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2023/CVE-2023-429xx/CVE-2023-42917.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42917",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-11-30T23:15:07.280",
"lastModified": "2025-02-03T14:15:36.743",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-10T17:55:21.300",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

96
CVE-2023/CVE-2023-62xx/CVE-2023-6241.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6241",
"sourceIdentifier": "arm-security@arm.com",
"published": "2024-03-04T13:15:43.807",
"lastModified": "2024-11-21T08:43:26.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-10T18:52:33.147",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "Vulnerabilidad de Use After Free en Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver permite a un usuario local sin privilegios explotar una condici\u00f3n de ejecuci\u00f3n de software para realizar operaciones de procesamiento de memoria inadecuadas. Si el usuario prepara cuidadosamente la memoria del sistema, esto a su vez provocar\u00e1 un Use After Free. Este problema afecta al controlador del kernel de GPU Midgard: de r13p0 a r32p0; Controlador del kernel de GPU Bifrost: desde r11p0 hasta r25p0; Controlador del kernel de GPU Valhall: de r19p0 a r25p0, de r29p0 a r46p0; Controlador del kernel de arquitectura de GPU Arm de quinta generaci\u00f3n: desde r41p0 hasta r46p0."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "arm-security@arm.com",
@ -26,16 +49,79 @@
"value": "CWE-416"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r41p0",
"versionEndExcluding": "r47p0",
"matchCriteriaId": "1CD584E0-3C44-465E-886B-8013B9A19AE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r11p0",
"versionEndExcluding": "r26p0",
"matchCriteriaId": "5FA2DB36-E877-47AC-AF64-180B7846A5F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r13p0",
"versionEndIncluding": "r32p0",
"matchCriteriaId": "48B2F411-CC76-4D35-98DB-1CC997C36F84"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r19p0",
"versionEndExcluding": "r26p0",
"matchCriteriaId": "BF5A1114-306D-40E7-B92C-F81166BAEE5F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r29p0",
"versionEndExcluding": "r47p0",
"matchCriteriaId": "E0CA2690-26AA-4B23-91F8-D3649510242F"
}
]
}
]
}
],
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities",
"source": "arm-security@arm.com"
"source": "arm-security@arm.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2024/CVE-2024-117xx/CVE-2024-11782.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11782",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-03T10:15:05.320",
"lastModified": "2024-12-03T10:15:05.320",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-10T18:10:42.510",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,18 +71,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmailster:wp_mailster:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.8.18",
"matchCriteriaId": "C4835553-E3F3-49CF-B474-CF106FE8D6A0"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-mailster/tags/1.8.17.0/mailster/subscr/SubscriberPlugin.php#L216",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3198497/wp-mailster/trunk/mailster/subscr/SubscriberPlugin.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/909beed4-06a9-4ec4-bf00-4072a38af82b?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

41
CVE-2024/CVE-2024-351xx/CVE-2024-35106.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35106",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-07T15:15:16.877",
"lastModified": "2025-02-07T15:15:16.877",
"vulnStatus": "Received",
"lastModified": "2025-02-10T18:15:25.960",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "NEXTU FLETA AX1500 WIFI6 v1.0.3 was discovered to contain a buffer overflow at /boafrm/formIpQoS. This vulnerability allows attackers to cause a Denial of Service (DoS) or potentially arbitrary code execution via a crafted POST request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.5,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://ez-net.co.kr/new_2012/customer/download_view.php?cid=&sid=&goods=&cate=&q=&seq=233",

47
CVE-2024/CVE-2024-374xx/CVE-2024-37453.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37453",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:25.677",
"lastModified": "2024-11-01T20:24:53.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-10T18:26:41.637",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:metagauss:profilegrid:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.8.8",
"matchCriteriaId": "EAEA4AEA-E39D-49B3-96F2-9121D74A1C9E"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/profilegrid-user-profiles-groups-and-communities/wordpress-profilegrid-user-profiles-groups-and-communities-plugin-5-8-7-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-432xx/CVE-2024-43253.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43253",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:43.387",
"lastModified": "2024-11-01T20:24:53.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-10T18:28:35.737",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zaytech:smart_online_order_for_clover:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.5.7",
"matchCriteriaId": "17941315-083A-447A-A325-9D11B15C15D4"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/clover-online-orders/wordpress-smart-online-order-for-clover-plugin-1-5-6-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-432xx/CVE-2024-43254.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43254",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:43.600",
"lastModified": "2024-11-01T20:24:53.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-10T18:30:20.773",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zaytech:smart_online_order_for_clover:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.5.7",
"matchCriteriaId": "17941315-083A-447A-A325-9D11B15C15D4"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/clover-online-orders/wordpress-smart-online-order-for-clover-plugin-1-5-6-broken-access-control-vulnerability-2?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

41
CVE-2024/CVE-2024-480xx/CVE-2024-48091.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-48091",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-07T16:15:36.510",
"lastModified": "2025-02-07T16:15:36.510",
"vulnStatus": "Received",
"lastModified": "2025-02-10T17:15:17.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "Tally Prime Edit Log v2.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/singhmanpreet493/0f1df7fa4e744a3317877ab85d187937#file-gistfile1-txt",

21
CVE-2024/CVE-2024-481xx/CVE-2024-48170.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-48170",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-10T18:15:26.243",
"lastModified": "2025-02-10T18:15:26.243",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload injected into the name in the profile.php."
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/@jose.inaciot/cve-2024-48170-bee6ccb773d4",
"source": "cve@mitre.org"
}
]
}

34
CVE-2024/CVE-2024-500xx/CVE-2024-50051.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50051",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:24.427",
"lastModified": "2025-02-03T15:17:25.700",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:26.457",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

47
CVE-2024/CVE-2024-524xx/CVE-2024-52478.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-52478",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-12-02T14:15:09.327",
"lastModified": "2024-12-02T14:15:09.327",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-10T18:14:49.300",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:astoundify:jobify:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.2.4",
"matchCriteriaId": "E0D0D4E7-C7F1-44BD-B4EF-D166E7A40C80"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/jobify/vulnerability/wordpress-jobify-theme-4-2-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-524xx/CVE-2024-52479.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-52479",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-12-02T14:15:09.467",
"lastModified": "2024-12-02T14:15:09.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-10T18:14:10.453",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:astoundify:jobify:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.2.4",
"matchCriteriaId": "E0D0D4E7-C7F1-44BD-B4EF-D166E7A40C80"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/jobify/vulnerability/wordpress-jobify-plugin-4-2-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-524xx/CVE-2024-52481.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-52481",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-28T11:15:49.610",
"lastModified": "2024-11-28T11:15:49.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-10T18:23:27.147",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:astoundify:jobify:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.2.4",
"matchCriteriaId": "E0D0D4E7-C7F1-44BD-B4EF-D166E7A40C80"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/jobify/vulnerability/wordpress-jobify-theme-4-2-3-unauthenticated-arbitrary-file-read-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

41
CVE-2024/CVE-2024-528xx/CVE-2024-52881.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-52881",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-07T16:15:36.623",
"lastModified": "2025-02-07T16:15:36.623",
"vulnStatus": "Received",
"lastModified": "2025-02-10T17:15:17.687",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "An issue was discovered in AudioCodes One Voice Operations Center (OVOC) before 8.4.582. Due to the use of a hard-coded key, an attacker is able to decrypt sensitive data such as passwords extracted from the topology file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-321"
}
]
}
],
"references": [
{
"url": "https://www.audiocodes.com/solutions-products/products/management-products-solutions/one-voice-operations-center",

41
CVE-2024/CVE-2024-528xx/CVE-2024-52882.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-52882",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-07T16:15:36.740",
"lastModified": "2025-02-07T16:15:36.740",
"vulnStatus": "Received",
"lastModified": "2025-02-10T17:15:17.860",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "An issue was discovered in AudioCodes One Voice Operations Center (OVOC) before 8.4.582. Due to improper neutralization of input via the devices API, an attacker can inject malicious JavaScript code (XSS) to attack logged-in administrator sessions."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.audiocodes.com/solutions-products/products/management-products-solutions/one-voice-operations-center",

41
CVE-2024/CVE-2024-528xx/CVE-2024-52883.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-52883",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-07T16:15:36.860",
"lastModified": "2025-02-07T16:15:36.860",
"vulnStatus": "Received",
"lastModified": "2025-02-10T17:15:18.027",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "An issue was discovered in AudioCodes One Voice Operations Center (OVOC) before 8.4.582. Due to a path traversal vulnerability, sensitive data can be read without any authentication."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://www.audiocodes.com/solutions-products/products/management-products-solutions/one-voice-operations-center",

41
CVE-2024/CVE-2024-528xx/CVE-2024-52884.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-52884",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-07T16:15:36.993",
"lastModified": "2025-02-07T16:15:36.993",
"vulnStatus": "Received",
"lastModified": "2025-02-10T17:15:18.190",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "An issue was discovered in AudioCodes Mediant Session Border Controller (SBC) before 7.40A.501.841. Due to the use of weak password obfuscation/encryption, an attacker with access to configuration exports (INI) is able to decrypt the passwords."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"references": [
{
"url": "https://www.audiocodes.com/solutions-products/products/session-border-controllers-sbcs",

34
CVE-2024/CVE-2024-531xx/CVE-2024-53166.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53166",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T14:15:23.703",
"lastModified": "2025-01-16T16:44:19.953",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:26.717",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-531xx/CVE-2024-53168.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53168",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T14:15:23.940",
"lastModified": "2025-02-03T15:25:51.667",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:26.970",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-531xx/CVE-2024-53170.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-53170",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T14:15:24.183",
"lastModified": "2025-01-23T17:15:14.837",
"lastModified": "2025-02-10T18:15:27.237",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-531xx/CVE-2024-53179.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53179",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T14:15:25.307",
"lastModified": "2025-01-14T17:18:40.840",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:27.533",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-531xx/CVE-2024-53185.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-53185",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T14:15:25.973",
"lastModified": "2025-02-02T11:15:11.533",
"lastModified": "2025-02-10T18:15:28.080",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-476"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-531xx/CVE-2024-53186.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53186",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T14:15:26.083",
"lastModified": "2025-01-14T17:20:36.107",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:28.447",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -53,6 +73,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-532xx/CVE-2024-53232.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53232",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T14:15:31.510",
"lastModified": "2025-02-03T15:29:38.760",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:28.727",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -53,6 +73,16 @@
"value": "CWE-476"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-532xx/CVE-2024-53239.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53239",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T14:15:32.373",
"lastModified": "2025-02-03T15:18:12.257",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:28.977",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

47
CVE-2024/CVE-2024-537xx/CVE-2024-53737.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53737",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-28T11:15:54.407",
"lastModified": "2024-11-28T11:15:54.407",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-10T18:22:34.850",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmailster:wp_mailster:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.8.17",
"matchCriteriaId": "148128A7-337C-4FA5-8517-5483AE4D2C48"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wp-mailster/vulnerability/wordpress-wp-mailster-plugin-1-8-16-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

14
CVE-2024/CVE-2024-538xx/CVE-2024-53899.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-53899",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-24T16:15:06.647",
"lastModified": "2024-11-26T18:23:09.517",
"lastModified": "2025-02-10T18:12:06.107",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -22,19 +22,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{

34
CVE-2024/CVE-2024-546xx/CVE-2024-54680.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54680",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:27.340",
"lastModified": "2025-01-16T15:17:54.520",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:29.233",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-667"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

25
CVE-2024/CVE-2024-549xx/CVE-2024-54954.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-54954",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-10T18:15:29.663",
"lastModified": "2025-02-10T18:15:29.663",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OneBlog v2.3.6 was discovered to contain a template injection vulnerability via the template management department."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/kaoniniang2/03658cc78e789b992b378f4951bedfb7",
"source": "cve@mitre.org"
},
{
"url": "https://gitee.com/yadong.zhang/DBlog/issues/IB6552",
"source": "cve@mitre.org"
}
]
}

41
CVE-2024/CVE-2024-552xx/CVE-2024-55213.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55213",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-07T16:15:37.440",
"lastModified": "2025-02-07T16:15:37.440",
"vulnStatus": "Received",
"lastModified": "2025-02-10T18:15:29.957",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "Directory Traversal vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote attacker to obtain sensitive information via the File Listing function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.5,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
}
],
"references": [
{
"url": "https://dhtmlx.com/docs/products/demoApps/dhtmlxFileExplorerDemo/",

41
CVE-2024/CVE-2024-552xx/CVE-2024-55214.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55214",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-07T16:15:37.557",
"lastModified": "2025-02-07T16:15:37.557",
"vulnStatus": "Received",
"lastModified": "2025-02-10T18:15:30.243",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "Local File Inclusion vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote attacker to obtain sensitive information via the file download functionality."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.5,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
}
],
"references": [
{
"url": "https://dhtmlx.com",

10
CVE-2024/CVE-2024-556xx/CVE-2024-55630.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55630",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-02-07T23:15:13.293",
"lastModified": "2025-02-07T23:15:13.293",
"vulnStatus": "Received",
"lastModified": "2025-02-10T18:15:30.540",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -59,6 +59,10 @@
{
"url": "https://github.com/laurent22/joplin/security/advisories/GHSA-5cch-jr52-qffh",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/laurent22/joplin/security/advisories/GHSA-5cch-jr52-qffh",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

34
CVE-2024/CVE-2024-565xx/CVE-2024-56554.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56554",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T15:15:14.183",
"lastModified": "2025-01-14T17:23:07.117",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:30.680",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-565xx/CVE-2024-56556.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56556",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T15:15:14.410",
"lastModified": "2025-01-14T17:23:22.327",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:30.940",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -53,6 +73,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-566xx/CVE-2024-56635.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56635",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T15:15:23.207",
"lastModified": "2025-02-03T15:20:10.453",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:31.183",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -53,6 +73,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-566xx/CVE-2024-56653.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56653",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T15:15:25.133",
"lastModified": "2025-01-06T22:33:30.837",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:31.423",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-566xx/CVE-2024-56672.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-56672",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T15:15:27.107",
"lastModified": "2025-02-02T11:15:12.000",
"lastModified": "2025-02-10T18:15:31.643",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-566xx/CVE-2024-56675.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56675",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T15:15:27.420",
"lastModified": "2025-01-06T15:03:31.087",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:31.870",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

39
CVE-2024/CVE-2024-566xx/CVE-2024-56693.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-56693",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-28T10:15:14.833",
"lastModified": "2024-12-28T10:15:14.833",
"lastModified": "2025-02-10T18:15:32.100",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: brd: aplazar la creaci\u00f3n autom\u00e1tica de discos hasta que la inicializaci\u00f3n del m\u00f3dulo tenga \u00e9xito. Mi colega Wupeng encontr\u00f3 los siguientes problemas durante la inyecci\u00f3n de fallas: ERROR: no se puede gestionar la falla de p\u00e1gina para la direcci\u00f3n: fffffbfff809d073 PGD 6e648067 P4D 123ec8067 PUD 123ec4067 PMD 100e38067 PTE 0 Oops: Oops: 0000 [#1] PREEMPT SMP KASAN NOPTI CPU: 5 UID: 0 PID: 755 Comm: modprobe No contaminado 6.12.0-rc3+ #17 Nombre del hardware: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.1-2.fc37 04/01/2014 RIP: 0010:__asan_load8+0x4c/0xa0 ... Seguimiento de llamadas: blkdev_put_whole+0x41/0x70 bdev_release+0x1a3/0x250 blkdev_release+0x11/0x20 __fput+0x1d7/0x4a0 task_work_run+0xfc/0x180 syscall_exit_to_user_mode+0x1de/0x1f0 do_syscall_64+0x6b/0x170 entry_SYSCALL_64_after_hwframe+0x76/0x7e loop_init() est\u00e1 llamando a loop_add() despu\u00e9s de que __register_blkdev() tenga \u00e9xito e ignora el error de disk_add() de loop_add(), ya que el error de loop_add() no es fatal y los discos creados correctamente ya est\u00e1n visibles para bdev_open().brd_init() actualmente est\u00e1 llamando a brd_alloc() antes de que __register_blkdev() tenga \u00e9xito y est\u00e1 liberando discos creados exitosamente cuando brd_init() devuelve un error. Esto puede causar UAF para los \u00faltimos dos casos: caso 1: T1: modprobe brd brd_init brd_alloc(0) // \u00e9xito add_disk disk_scan_partitions bdev_file_open_by_dev // asignar archivo fput // no se liberar\u00e1 hasta que regrese al espacio de usuario brd_alloc(1) // fall\u00f3 debido a un error de asignaci\u00f3n de memoria inject // error la ruta para modprobe liberar\u00e1 el segmento de c\u00f3digo // de regreso al espacio de usuario __fput blkdev_release bdev_release blkdev_put_whole bdev->bd_disk->fops->release // fops est\u00e1 liberado ahora, \u00a1UAF! caso 2: T1: T2: modprobe brd brd_init brd_alloc(0) // \u00e9xito open(/dev/ram0) brd_alloc(1) // error // ruta de error para modprobe close(/dev/ram0) ... /* UAF! */ bdev->bd_disk->fops->release Solucione este problema siguiendo lo que hace loop_init(). Adem\u00e1s, vuelva a introducir brd_devices_mutex para ayudar a serializar las modificaciones a brd_list."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/259bf925583ec9e3781df778cadf00594095090d",

34
CVE-2024/CVE-2024-567xx/CVE-2024-56772.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56772",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-08T18:15:17.897",
"lastModified": "2025-01-09T20:57:26.077",
"vulnStatus": "Analyzed",
"lastModified": "2025-02-10T18:15:32.330",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

41
CVE-2024/CVE-2024-572xx/CVE-2024-57248.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57248",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-07T16:15:38.043",
"lastModified": "2025-02-07T16:15:38.043",
"vulnStatus": "Received",
"lastModified": "2025-02-10T18:15:32.563",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "Directory Traversal in File Upload in Gleamtech FileVista 9.2.0.0 allows remote attackers to achieve Code Execution, Information Disclosure, and Escalation of Privileges via injecting malicious payloads in HTTP requests to manipulate file paths, bypass access controls, and upload malicious files."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://packetstorm.news/files/id/189021",

41
CVE-2024/CVE-2024-572xx/CVE-2024-57249.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57249",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-07T16:15:38.180",
"lastModified": "2025-02-07T16:15:38.180",
"vulnStatus": "Received",
"lastModified": "2025-02-10T18:15:32.860",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "Incorrect Access Control in the Preview Function of Gleamtech FileVista 9.2.0.0 allows remote attackers to gain unauthorized access via exploiting a vulnerability in access control mechanisms by removing authentication-related HTTP headers, such as the Cookie header, in the request. This bypasses the authentication process and grants attackers access to sensitive image files without proper login credentials."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://packetstorm.news/files/id/189019",

25
CVE-2024/CVE-2024-574xx/CVE-2024-57407.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-57407",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-10T18:15:33.160",
"lastModified": "2025-02-10T18:15:33.160",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability in the component /userPicture of Timo v2.0.3 allows attackers to execute arbitrary code via uploading a crafted file."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/kaoniniang2/71f6a39535490ea2eeac371f33faec9c",
"source": "cve@mitre.org"
},
{
"url": "https://gitee.com/aun/Timo/issues/IBBTZI",
"source": "cve@mitre.org"
}
]
}

29
CVE-2024/CVE-2024-574xx/CVE-2024-57408.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-57408",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-10T18:15:33.370",
"lastModified": "2025-02-10T18:15:33.370",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability in the component /comm/upload of cool-admin-java v1.0 allows attackers to execute arbitrary code via uploading a crafted file."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/kaoniniang2/2cfc83a612ba929279ed5fb8b91b45ba",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/cool-team-official/cool-admin-java",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/kaoniniang2/exploit/blob/main/Cool-admin-File%20upload%20vulnerability.md",
"source": "cve@mitre.org"
}
]
}

29
CVE-2024/CVE-2024-574xx/CVE-2024-57409.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-57409",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-10T18:15:33.593",
"lastModified": "2025-02-10T18:15:33.593",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in the Parameter List module of cool-admin-java v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the internet pictures field."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/kaoniniang2/05c2d0acdf8002b7121edff93d5230d6",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/cool-team-official/cool-admin-java",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/kaoniniang2/exploit/blob/main/Cool-admin-xss.md",
"source": "cve@mitre.org"
}
]
}

41
CVE-2024/CVE-2024-577xx/CVE-2024-57707.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57707",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-07T16:15:38.993",
"lastModified": "2025-02-07T16:15:38.993",
"vulnStatus": "Received",
"lastModified": "2025-02-10T17:15:18.353",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "An issue in DataEase v1 allows an attacker to execute arbitrary code via the user account and password components."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/shigophilo/CVE/blob/main/DataEase-v1-code-execute.md",

Some files were not shown because too many files have changed in this diff Show More