diff --git a/CVE-2024/CVE-2024-111xx/CVE-2024-11139.json b/CVE-2024/CVE-2024-111xx/CVE-2024-11139.json new file mode 100644 index 00000000000..706365274cc --- /dev/null +++ b/CVE-2024/CVE-2024-111xx/CVE-2024-11139.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-11139", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2025-01-17T09:15:06.370", + "lastModified": "2025-01-17T09:15:06.370", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that\ncould allow local attackers to exploit these issues to potentially execute arbitrary code when opening a\nmalicious project file." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 4.6, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "ACTIVE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-014-09&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-014-09.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-114xx/CVE-2024-11425.json b/CVE-2024/CVE-2024-114xx/CVE-2024-11425.json new file mode 100644 index 00000000000..85e496ee542 --- /dev/null +++ b/CVE-2024/CVE-2024-114xx/CVE-2024-11425.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2024-11425", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2025-01-17T09:15:07.613", + "lastModified": "2025-01-17T09:15:07.613", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "CWE-131: Incorrect Calculation of Buffer Size vulnerability exists that could cause Denial-of-Service of the\nproduct when an unauthenticated user is sending a crafted HTTPS packet to the webserver." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-131" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-014-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-014-01.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-123xx/CVE-2024-12370.json b/CVE-2024/CVE-2024-123xx/CVE-2024-12370.json new file mode 100644 index 00000000000..9aaf017a431 --- /dev/null +++ b/CVE-2024/CVE-2024-123xx/CVE-2024-12370.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-12370", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-17T09:15:07.810", + "lastModified": "2025-01-17T09:15:07.810", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WP Hotel Booking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check when adding rooms in all versions up to, and including, 2.1.5. This makes it possible for unauthenticated attackers to add rooms with custom prices." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3210798%40wp-hotel-booking%2Ftags%2F2.1.5&new=3214765%40wp-hotel-booking%2Ftags%2F2.1.6", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5df32365-5381-48e0-9313-7e83c4c6c440?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-123xx/CVE-2024-12399.json b/CVE-2024/CVE-2024-123xx/CVE-2024-12399.json new file mode 100644 index 00000000000..dd7e0aedf3e --- /dev/null +++ b/CVE-2024/CVE-2024-123xx/CVE-2024-12399.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2024-12399", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2025-01-17T10:15:06.697", + "lastModified": "2025-01-17T10:15:06.697", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability\nexists that could cause partial loss of confidentiality, loss of integrity and availability of the HMI when attacker performs\nman in the middle attack by intercepting the communication." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.5 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-924" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-014-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-014-02.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-124xx/CVE-2024-12476.json b/CVE-2024/CVE-2024-124xx/CVE-2024-12476.json new file mode 100644 index 00000000000..a78be9cfc0c --- /dev/null +++ b/CVE-2024/CVE-2024-124xx/CVE-2024-12476.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2024-12476", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2025-01-17T10:15:07.013", + "lastModified": "2025-01-17T10:15:07.013", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could\ncause information disclosure, impacts workstation integrity and potential remote code execution on the\ncompromised computer, when specific crafted XML file is imported in the Web Designer configuration tool." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.4, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "ACTIVE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-611" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-014-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-014-04.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-133xx/CVE-2024-13377.json b/CVE-2024/CVE-2024-133xx/CVE-2024-13377.json new file mode 100644 index 00000000000..dc24d494518 --- /dev/null +++ b/CVE-2024/CVE-2024-133xx/CVE-2024-13377.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13377", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-17T10:15:07.240", + "lastModified": "2025-01-17T10:15:07.240", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018alt\u2019 parameter in all versions up to, and including, 2.9.1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://docs.gravityforms.com/gravityforms-change-log/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/03623f00-2c3c-4590-92fe-a5eaac15b944?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-133xx/CVE-2024-13378.json b/CVE-2024/CVE-2024-133xx/CVE-2024-13378.json new file mode 100644 index 00000000000..b9066c5545d --- /dev/null +++ b/CVE-2024/CVE-2024-133xx/CVE-2024-13378.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13378", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-17T10:15:07.457", + "lastModified": "2025-01-17T10:15:07.457", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018style_settings\u2019 parameter in versions 2.9.0.1 up to, and including, 2.9.1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The attack is only successful in the Chrome web browser, and requires directly browsing the media file via the attachment post." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.2, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://docs.gravityforms.com/gravityforms-change-log/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f884ea43-e1a5-4b44-8a24-f68f71b0fcfb?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21630.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21630.json index 697ecc70296..a93090ccd72 100644 --- a/CVE-2025/CVE-2025-216xx/CVE-2025-21630.json +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21630.json @@ -2,28 +2,15 @@ "id": "CVE-2025-21630", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-01-15T13:15:15.330", - "lastModified": "2025-01-15T13:15:15.330", - "vulnStatus": "Received", + "lastModified": "2025-01-17T09:15:08.000", + "vulnStatus": "Rejected", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/net: always initialize kmsg->msg.msg_inq upfront\n\nsyzbot reports that ->msg_inq may get used uinitialized from the\nfollowing path:\n\nBUG: KMSAN: uninit-value in io_recv_buf_select io_uring/net.c:1094 [inline]\nBUG: KMSAN: uninit-value in io_recv+0x930/0x1f90 io_uring/net.c:1158\n io_recv_buf_select io_uring/net.c:1094 [inline]\n io_recv+0x930/0x1f90 io_uring/net.c:1158\n io_issue_sqe+0x420/0x2130 io_uring/io_uring.c:1740\n io_queue_sqe io_uring/io_uring.c:1950 [inline]\n io_req_task_submit+0xfa/0x1d0 io_uring/io_uring.c:1374\n io_handle_tw_list+0x55f/0x5c0 io_uring/io_uring.c:1057\n tctx_task_work_run+0x109/0x3e0 io_uring/io_uring.c:1121\n tctx_task_work+0x6d/0xc0 io_uring/io_uring.c:1139\n task_work_run+0x268/0x310 kernel/task_work.c:239\n io_run_task_work+0x43a/0x4a0 io_uring/io_uring.h:343\n io_cqring_wait io_uring/io_uring.c:2527 [inline]\n __do_sys_io_uring_enter io_uring/io_uring.c:3439 [inline]\n __se_sys_io_uring_enter+0x204f/0x4ce0 io_uring/io_uring.c:3330\n __x64_sys_io_uring_enter+0x11f/0x1a0 io_uring/io_uring.c:3330\n x64_sys_call+0xce5/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:427\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nand it is correct, as it's never initialized upfront. Hence the first\nsubmission can end up using it uninitialized, if the recv wasn't\nsuccessful and the networking stack didn't honor ->msg_get_inq being set\nand filling in the output value of ->msg_inq as requested.\n\nSet it to 0 upfront when it's allocated, just to silence this KMSAN\nwarning. There's no side effect of using it uninitialized, it'll just\npotentially cause the next receive to use a recv value hint that's not\naccurate." - }, - { - "lang": "es", - "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: io_uring/net: siempre inicializar kmsg->msg.msg_inq por adelantado syzbot informa que ->msg_inq puede usarse sin inicializar desde la siguiente ruta: ERROR: KMSAN: valor no inicializado en io_recv_buf_select io_uring/net.c:1094 [en l\u00ednea] ERROR: KMSAN: valor no inicializado en io_recv+0x930/0x1f90 io_uring/net.c:1158 io_recv_buf_select io_uring/net.c:1094 [en l\u00ednea] io_recv+0x930/0x1f90 io_uring/net.c:1158 io_issue_sqe+0x420/0x2130 io_uring/io_uring.c:1740 io_queue_sqe io_uring/io_uring.c:1950 [en l\u00ednea] io_req_task_submit+0xfa/0x1d0 io_uring/io_uring.c:1374 io_handle_tw_list+0x55f/0x5c0 io_uring/io_uring.c:1057 tctx_task_work_run+0x109/0x3e0 io_uring/io_uring.c:1121 tctx_task_work+0x6d/0xc0 io_uring/io_uring.c:1139 task_work_run+0x268/0x310 kernel/task_work.c:239 io_run_task_work+0x43a/0x4a0 io_uring/io_uring.h:343 io_cqring_wait io_uring/io_uring.c:2527 [en l\u00ednea] __do_sys_io_uring_enter io_uring/io_uring.c:3439 [en l\u00ednea] __se_sys_io_uring_enter+0x204f/0x4ce0 io_uring/io_uring.c:3330 __x64_sys_io_uring_enter+0x11f/0x1a0 io_uring/io_uring.c:3330 x64_sys_call+0xce5/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:427 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f y es correcto, ya que nunca se inicializa por adelantado. Por lo tanto, el primer env\u00edo puede terminar us\u00e1ndolo sin inicializar, si la recepci\u00f3n no fue exitosa y la pila de red no respet\u00f3 la configuraci\u00f3n de ->msg_get_inq y no complet\u00f3 el valor de salida de ->msg_inq como se solicit\u00f3. Config\u00farelo en 0 por adelantado cuando se asigne, solo para silenciar esta advertencia de KMSAN. No hay ning\u00fan efecto secundario por usarlo sin inicializar, solo provocar\u00e1 potencialmente que la pr\u00f3xima recepci\u00f3n use una sugerencia de valor de recepci\u00f3n que no sea precisa." + "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ], "metrics": {}, - "references": [ - { - "url": "https://git.kernel.org/stable/c/127c280067167beb88461cd930f7c7a4bb3c7239", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/c6e60a0a68b7e6b3c7e33863a16e8e88ba9eee6f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - } - ] + "references": [] } \ No newline at end of file diff --git a/README.md b/README.md index a679f654e79..c9574bb23dd 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-01-17T09:00:27.245656+00:00 +2025-01-17T11:00:29.484097+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-01-17T08:15:24.690000+00:00 +2025-01-17T10:15:07.457000+00:00 ``` ### Last Data Feed Release @@ -33,29 +33,27 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -277939 +277946 ``` ### CVEs added in the last Commit -Recently added CVEs: `8` +Recently added CVEs: `7` -- [CVE-2024-12203](CVE-2024/CVE-2024-122xx/CVE-2024-12203.json) (`2025-01-17T07:15:25.990`) -- [CVE-2024-12466](CVE-2024/CVE-2024-124xx/CVE-2024-12466.json) (`2025-01-17T07:15:26.203`) -- [CVE-2024-12508](CVE-2024/CVE-2024-125xx/CVE-2024-12508.json) (`2025-01-17T07:15:26.387`) -- [CVE-2024-12598](CVE-2024/CVE-2024-125xx/CVE-2024-12598.json) (`2025-01-17T07:15:26.577`) -- [CVE-2024-12637](CVE-2024/CVE-2024-126xx/CVE-2024-12637.json) (`2025-01-17T07:15:26.773`) -- [CVE-2024-13366](CVE-2024/CVE-2024-133xx/CVE-2024-13366.json) (`2025-01-17T07:15:26.947`) -- [CVE-2024-13367](CVE-2024/CVE-2024-133xx/CVE-2024-13367.json) (`2025-01-17T07:15:27.123`) -- [CVE-2024-13386](CVE-2024/CVE-2024-133xx/CVE-2024-13386.json) (`2025-01-17T07:15:27.300`) +- [CVE-2024-11139](CVE-2024/CVE-2024-111xx/CVE-2024-11139.json) (`2025-01-17T09:15:06.370`) +- [CVE-2024-11425](CVE-2024/CVE-2024-114xx/CVE-2024-11425.json) (`2025-01-17T09:15:07.613`) +- [CVE-2024-12370](CVE-2024/CVE-2024-123xx/CVE-2024-12370.json) (`2025-01-17T09:15:07.810`) +- [CVE-2024-12399](CVE-2024/CVE-2024-123xx/CVE-2024-12399.json) (`2025-01-17T10:15:06.697`) +- [CVE-2024-12476](CVE-2024/CVE-2024-124xx/CVE-2024-12476.json) (`2025-01-17T10:15:07.013`) +- [CVE-2024-13377](CVE-2024/CVE-2024-133xx/CVE-2024-13377.json) (`2025-01-17T10:15:07.240`) +- [CVE-2024-13378](CVE-2024/CVE-2024-133xx/CVE-2024-13378.json) (`2025-01-17T10:15:07.457`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `1` -- [CVE-2024-11146](CVE-2024/CVE-2024-111xx/CVE-2024-11146.json) (`2025-01-17T07:15:25.503`) -- [CVE-2024-9137](CVE-2024/CVE-2024-91xx/CVE-2024-9137.json) (`2025-01-17T08:15:24.690`) +- [CVE-2025-21630](CVE-2025/CVE-2025-216xx/CVE-2025-21630.json) (`2025-01-17T09:15:08.000`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 14fecd0dc26..ef636a16126 100644 --- a/_state.csv +++ b/_state.csv @@ -244203,11 +244203,12 @@ CVE-2024-1113,0,0,90572d47b15d75a1b5b46414b43b02fcca134882a5755a9a69a3d4ba79038a CVE-2024-11130,0,0,2031b0d91a76a3ae308e67f748474890b1fb080d7d4cbebe58df244865c594b4,2024-11-15T17:57:53.270000 CVE-2024-11136,0,0,725bf56498e2623c27a356d77c56c56ec2fbb4238d9582d18b0c73a291d687b6,2024-11-15T13:58:08.913000 CVE-2024-11138,0,0,7a4f991a93172e8f92a25ff85e41fd89c92d700227aa3b95284768518268aadd,2024-12-10T21:11:45.043000 +CVE-2024-11139,1,1,9a636d7e00ed43684be5ff553773bc308cc3b2f0b00cb2e6383b017e86c1a7bb,2025-01-17T09:15:06.370000 CVE-2024-1114,0,0,26f8d922f7817a26291214f4551b12b577ca7b3e88078b0c0c71e617799dfdd6,2024-11-21T08:49:49.727000 CVE-2024-11143,0,0,686e238b18cb6e6b1a398192b44515340df593fe49d6838dfcc7892698b7fdab,2024-11-18T15:03:56.927000 CVE-2024-11144,0,0,af8503925b3320c38a284c525e2190ceb29e6df01cd47b8de568143dcfdf0384,2024-12-16T17:15:07.327000 CVE-2024-11145,0,0,49d8db8e9affdc9bd928055d93b635f15e5703854689b5be5f582242400a9150,2024-11-26T20:15:25.270000 -CVE-2024-11146,0,1,00878ff146c1ec8d83287918976f133eefd41b02eea4182499d3a859bf22c478,2025-01-17T07:15:25.503000 +CVE-2024-11146,0,0,00878ff146c1ec8d83287918976f133eefd41b02eea4182499d3a859bf22c478,2025-01-17T07:15:25.503000 CVE-2024-11148,0,0,98721a67b15a1bf200a0df48032e3c1b10f0381f700111d548ae742962375902,2024-12-05T20:15:21.577000 CVE-2024-11149,0,0,bed9c80af9d2c073bb9f97513f448d6c4275a45d3277b166d6da853b66ab77cf,2024-12-06T02:15:18.127000 CVE-2024-1115,0,0,dd875c679e12a582e34ee954cd3620e780335d232c345f8362745b6ecc6a1bb8,2024-11-21T08:49:49.887000 @@ -244446,6 +244447,7 @@ CVE-2024-11420,0,0,1711c7ba1ba8c097f09567c5d53d049cbf7bb1bf6f7b471b4caaac9c33673 CVE-2024-11422,0,0,208170e182c3d2142ba69174b9f95e68a4bb28d469a940741629daad460705a0,2024-12-17T16:15:23.557000 CVE-2024-11423,0,0,5fd92d7acac7c9d9434b04e44769038fcd9ed45fc5418a964960dfeca17d19b3,2025-01-08T11:15:06.003000 CVE-2024-11424,0,0,d50ad6baffad28053a50f50d0d95ca3de9adf87a3fb1a59a3e023fabb9b6d399,2024-11-21T13:57:24.187000 +CVE-2024-11425,1,1,651ca114106ef272ecc2d3d9edf7988ef7bfd2b301b1b93ab2a3eec6d6b5bcae,2025-01-17T09:15:07.613000 CVE-2024-11426,0,0,b92664b1e686c3f02127b23b083fb58b958de57166c1605ab7455364a1793bde,2024-11-23T05:15:07.153000 CVE-2024-11427,0,0,c3fcf7998beeb6a903337e5ecaceaa89f8054cbdaaa765548243de887ca3fc67,2024-12-12T04:15:05.637000 CVE-2024-11428,0,0,46d666ca3d541ca25437787d528f9a48f72c3211fef85014e6eea357fe3616d1,2024-11-21T13:57:24.187000 @@ -245121,7 +245123,7 @@ CVE-2024-1220,0,0,9554836c8027e0b7a98d02c469b0640f37340ff8518df5c7c53c1851829f88 CVE-2024-12200,0,0,23413f89ab73dcfe4f53913520af84d44004f8074e56a4f24db9e34101f9d57a,2024-12-17T16:15:24.897000 CVE-2024-12201,0,0,24aea21415169e4ceff164eedb7fa32646ef24d523e6e014144846720c08c29c,2024-12-12T07:15:09.607000 CVE-2024-12202,0,0,f8e879b581e6948b8611c91e34e77898ab31ee3bd4fed08e5a23f457acda7001,2025-01-07T08:15:25.090000 -CVE-2024-12203,1,1,8e061fb04c409051f931184cc0168daebd8cb730c46fb5138a848c8c64e89294,2025-01-17T07:15:25.990000 +CVE-2024-12203,0,0,8e061fb04c409051f931184cc0168daebd8cb730c46fb5138a848c8c64e89294,2025-01-17T07:15:25.990000 CVE-2024-12204,0,0,dd2419f837ae2e8153f295f52cb2a01f412a1909c214527d0037cf9f21b9c1a9,2025-01-11T03:15:20.997000 CVE-2024-12205,0,0,3f132fb045992282c7f82c5a064b4363ee95bb769165d08b8391a552ea18c9e1,2025-01-08T05:15:09.667000 CVE-2024-12206,0,0,2d268b18f02f4bd906dad5a4345fbb5bf68ec20740bfded288226575e3fdc866,2025-01-09T11:15:12.070000 @@ -245256,6 +245258,7 @@ CVE-2024-12363,0,0,8bf95d170f6881f24ef42d227f38a0cf0a0a8682e2906a9aa2aaa1e3f316a CVE-2024-12365,0,0,e44342e05a0b6e2262a493fac9edc68519495d51c0acf8bc24f40ad738356cb8,2025-01-16T21:31:22.633000 CVE-2024-12369,0,0,fcd74b43ea72489fd8099497c673c3afa2054b03bb7ec4819b8a995ebe30e685,2024-12-09T21:15:08.203000 CVE-2024-1237,0,0,7608b762d209f55f10a23dbde634d086adad1d6240344714ec7de5c458d836b6,2024-11-21T08:50:07.910000 +CVE-2024-12370,1,1,985c17dc1204cc21afd2ca8b801e8e77323afdb870d6158e6bc1f7791471f3a6,2025-01-17T09:15:07.810000 CVE-2024-12371,0,0,ad8806dfee353fdb9887f497d244b3ccfcec0ca669e819f5ec6c72aa1dddd27b,2024-12-18T20:15:21.193000 CVE-2024-12372,0,0,61d0814cd7351773a7f17ecab5c027fade58fdedeaf091e4269b15064d9c21b9,2024-12-18T20:15:22.167000 CVE-2024-12373,0,0,83b846beefe400aa9231cc84fd600de52fbf3fd7f422b967ec41c6b980048087,2024-12-18T20:15:22.280000 @@ -245270,6 +245273,7 @@ CVE-2024-12394,0,0,c9fba954279bfd0e370c88894a9572158e1b0315e8ae3de4dd675a4e1ed31 CVE-2024-12395,0,0,75ff5ef98722c35fb11d383db877ddbb73a300c7cb334e918191d763e24090f0,2024-12-17T12:15:20.377000 CVE-2024-12397,0,0,661288be67552f431f0a0bf144bed2d313b12b592e50cdc78451d7c1272f6fb5,2024-12-12T09:15:05.570000 CVE-2024-12398,0,0,edce43a555297dcf503d2b9755d2cabdf06ebe415f26cf31fc5ce1bbfc43a72b,2025-01-14T02:15:07.990000 +CVE-2024-12399,1,1,24fcc833311859ac1371d7a2b9e2e1ed18027e45f09a9024ddf8b022c61477a7,2025-01-17T10:15:06.697000 CVE-2024-1240,0,0,28733ede53b96385ee0de4a7c5187b3db0d925b1e4ab6e977522dc277dee75de,2024-11-19T19:04:53.913000 CVE-2024-12401,0,0,ba741c7b51198b95eba245807f65253a1c54ea777ddd918337cd97bd144396fe,2024-12-12T09:15:05.790000 CVE-2024-12402,0,0,36e3ce185be6b6d4714b97d0b9e949abc75eb52a2fa273901aa2b4c0f962b168,2025-01-07T04:15:07.990000 @@ -245324,7 +245328,7 @@ CVE-2024-12462,0,0,cab939d75095835b9cd7c3974182ba9f75ca922feb4b5a49ec456a8c518ba CVE-2024-12463,0,0,bf2ad951357546047d42b0aefb8a66347583691f5449e603983c94f9bac4eadf,2024-12-12T05:15:13.197000 CVE-2024-12464,0,0,ffa0068749df08a838ed800b533933f2488b98e069e2e1b69fda93eb15a6a6a0,2025-01-07T06:15:16.823000 CVE-2024-12465,0,0,71cf8d099f9bc4306dd9d21cf13805ebee4cfad62908f99a6e3f6ef7ca285117,2024-12-13T09:15:09.060000 -CVE-2024-12466,1,1,877b09c7e5b268b1bdcb35d6c2b2c83051779af0798fb16f32dd22717490c927,2025-01-17T07:15:26.203000 +CVE-2024-12466,0,0,877b09c7e5b268b1bdcb35d6c2b2c83051779af0798fb16f32dd22717490c927,2025-01-17T07:15:26.203000 CVE-2024-12468,0,0,20d3be8a82fb7f9b6094ff27e59754b2c2151696c1841d3d96ac080fb2a03b3f,2024-12-24T09:15:06.227000 CVE-2024-12469,0,0,871c3c1e000bdae5610f745ffefecdbdcd7d22ba906daf923687641c197ab750,2024-12-17T10:15:05.997000 CVE-2024-1247,0,0,87dd54613b1838220658d2242080e8fb0b79934df6e5afef144b61ee319c0ba1,2024-11-21T08:50:09.013000 @@ -245334,6 +245338,7 @@ CVE-2024-12472,0,0,013d43dc4a3d5efd4111c39ad69495f245cd45b07cd96990fce217b14e23c CVE-2024-12473,0,0,689b1037bf2be3b6c18837d1a5884011766b273a34f635be024ca16a6702e2df,2025-01-10T04:15:18.623000 CVE-2024-12474,0,0,2858a766a8bcbd6035c2be4131a605cddb7bb17f787cc233f6060efa0069c36f,2024-12-14T06:15:19.627000 CVE-2024-12475,0,0,ef161022c17bfffe57f2c972fe120be00d3d8c013647d5e0ab15260b6747ad0b,2025-01-04T12:15:24.650000 +CVE-2024-12476,1,1,44987868e854f7dd3e7c300cee9b010ccf929052e14ff24ad02acc25981a5743,2025-01-17T10:15:07.013000 CVE-2024-12478,0,0,9740cd4243776bc4b985718131b1bfcc5e0a94370bd612144af92e9b380848b7,2024-12-16T11:15:04.890000 CVE-2024-12479,0,0,71e9962db709a4fb365c50c76ea2678c0c0be3cc10bb9fad5f99b55609975bac,2024-12-13T17:10:45.860000 CVE-2024-12480,0,0,278aebffcfd2515ae9c7caddd55ce9bc13fc09babf1329c96da477d94bc16635,2024-12-13T17:11:08.800000 @@ -245363,7 +245368,7 @@ CVE-2024-12503,0,0,e53e761e34d39e4e7df36516ec31d7b0a69f9ff2ae79d7b9e9b3c291572b8 CVE-2024-12505,0,0,6e23574bf5253c388571f4ef44148ced29b99ef24c9d63d1f08aa5602c56ebdd,2025-01-11T03:15:21.430000 CVE-2024-12506,0,0,ad7226add7d6241daa2317f2d019a78aac67392c449b8b39c4b609b26c120917,2024-12-20T07:15:11.940000 CVE-2024-12507,0,0,f098eff6e3ef53742e66474a6ac17418c00af6d9e6800445130b20da01af7c21,2024-12-24T05:15:06.627000 -CVE-2024-12508,1,1,8ef20a5b0e36709cd72d8cc7fcfb39bc0fc5714680eee5747355f5497bbe1081,2025-01-17T07:15:26.387000 +CVE-2024-12508,0,0,8ef20a5b0e36709cd72d8cc7fcfb39bc0fc5714680eee5747355f5497bbe1081,2025-01-17T07:15:26.387000 CVE-2024-12509,0,0,8448cb7b981b452e7bee8263b7d56776b70a911630dc0596718dc3941caa2300,2024-12-20T07:15:12.177000 CVE-2024-1251,0,0,8c0214d9f05a1f50e84514dc27e8bafe56d249b59ef6b0b677b5e947e572faed,2024-11-21T08:50:09.497000 CVE-2024-12513,0,0,6393dedffea01c8a6ef2142d1a8a9d6ba57b27f731b145d36f16e844db01eb62,2024-12-18T03:15:26.427000 @@ -245429,7 +245434,7 @@ CVE-2024-12593,0,0,1fe841292f8460cce03e6fb573f45da092e954880ca5d7e3ec21e091f7a50 CVE-2024-12594,0,0,594b37b561926a174996b6f220ac2c193da316e698a771fbe44cfee2e4625e76,2024-12-24T06:15:33.297000 CVE-2024-12595,0,0,d10767ce84f7e81d5a6ad487503289a59f4d01b86cd7eb0b224ee74e49237f41,2025-01-06T21:15:14.003000 CVE-2024-12596,0,0,5fc66f30988060a8b7bb1a593c82bd6c3fc2c995268e617c35d93ef410dc9a09,2024-12-18T04:15:08.253000 -CVE-2024-12598,1,1,b4b0a6659afcdc69603678a7c62d1ef16396bd4a4d3aef9c5175bcc4e5497e46,2025-01-17T07:15:26.577000 +CVE-2024-12598,0,0,b4b0a6659afcdc69603678a7c62d1ef16396bd4a4d3aef9c5175bcc4e5497e46,2025-01-17T07:15:26.577000 CVE-2024-1260,0,0,237fdcd6650ec6f817190c6cbe0c450181ce5f478e263f9f314859cdec5f8244,2024-11-21T08:50:10.880000 CVE-2024-12601,0,0,f9b91f2d20d6914a3b5ca3c9af2a431f615ff9e20926a30171bf1c35967a6eba,2024-12-17T12:15:20.543000 CVE-2024-12603,0,0,b77b6c9527bd0798c4124cb6a67b3eb0384daf1c81bc149052bbc09ab0e74875,2024-12-13T03:15:05.187000 @@ -245454,7 +245459,7 @@ CVE-2024-12632,0,0,b2981d9ae0d79f88557270498f7d8919df56f26fc08631dba371165f9d0f4 CVE-2024-12633,0,0,aa2de65b34cad526fad2ad4462ad560794d8e7fd2121b7b4323cbcbfceffb766,2025-01-07T06:15:17.417000 CVE-2024-12635,0,0,3c7aa75fcbe7aad344d7ab6a29830b91315b8c91a45f35c3746137d636be222e,2024-12-21T07:15:09.380000 CVE-2024-12636,0,0,42a82168ce07b7a4b358fd4a7a39c0f3a390399d55754f2ae0215aa2892ce194,2024-12-25T05:15:08.067000 -CVE-2024-12637,1,1,a775faa28ccf08a54fd8e3f20098a0b96684553da4c0ed82d501fce962b5c073,2025-01-17T07:15:26.773000 +CVE-2024-12637,0,0,a775faa28ccf08a54fd8e3f20098a0b96684553da4c0ed82d501fce962b5c073,2025-01-17T07:15:26.773000 CVE-2024-1264,0,0,0a400b50d7c5417af4540851d66c40fe9607cfb1bbd030ca37354551feca3778,2024-11-21T08:50:11.460000 CVE-2024-12641,0,0,6e6b1aa53bd8553222049d57d01527b85aa1b46f94f8dd550c03e6967ee19a5d,2024-12-16T07:15:05.787000 CVE-2024-12642,0,0,a401d76248880d01d3fa48196afb4bda331b127bc27a94608f221d11c2863778,2024-12-16T07:15:06.023000 @@ -245958,11 +245963,13 @@ CVE-2024-1335,0,0,82fb69da532892baa7a81804ae338bd46e69a8bbbad77be8c22b678b91bcc8 CVE-2024-13351,0,0,82f0f1a80f8f2950e9c84e7abdd61c165fb4e8543af42fe1c6d847744006626a,2025-01-15T10:15:07.993000 CVE-2024-13355,0,0,a8ca28e00f9b89c07eec0e25ac16094e44f167607aaa2b464e1b01d07777823a,2025-01-16T10:15:08.750000 CVE-2024-1336,0,0,5ac217bb74b5afa6bf4a3181b1971e5eb197bf861678b67cc85953b7d0e71d82,2024-12-31T16:51:04.857000 -CVE-2024-13366,1,1,52930bc7cd2e8d5261f84160d83c017e0f7cbd584fe7086fcaa9f5020fdc367b,2025-01-17T07:15:26.947000 -CVE-2024-13367,1,1,7b3c9fe6b6a75095c7bf0b4220858dcbb9d598d40e7d68274474817fb746d22b,2025-01-17T07:15:27.123000 +CVE-2024-13366,0,0,52930bc7cd2e8d5261f84160d83c017e0f7cbd584fe7086fcaa9f5020fdc367b,2025-01-17T07:15:26.947000 +CVE-2024-13367,0,0,7b3c9fe6b6a75095c7bf0b4220858dcbb9d598d40e7d68274474817fb746d22b,2025-01-17T07:15:27.123000 CVE-2024-1337,0,0,ecd9569d803b0ad7e93765437336dbe54b6bca900bd0d8d6a4265ae95a2bd0fa,2024-11-21T08:50:21.857000 +CVE-2024-13377,1,1,d2e5e5b6c9d72523b231e2a995e42c2db86bf26fcce0b464f64d583457d9feaf,2025-01-17T10:15:07.240000 +CVE-2024-13378,1,1,d33d502ff2fbbc3f8d0f87c3c71df788e9b8939d004587a73c5e70f72d603643,2025-01-17T10:15:07.457000 CVE-2024-1338,0,0,dc2761903a1c29795472be9ec50c80e554c7222ddc44792707b7eb37ea2462f8,2024-12-31T16:51:41.113000 -CVE-2024-13386,1,1,33296b5ae68cf2b5e3d42fc886f9e8ca0ae875dfd7724d3675314a55698f5a38,2025-01-17T07:15:27.300000 +CVE-2024-13386,0,0,33296b5ae68cf2b5e3d42fc886f9e8ca0ae875dfd7724d3675314a55698f5a38,2025-01-17T07:15:27.300000 CVE-2024-13387,0,0,6dc34c1690f397ff8c8c3331579d380bce906690020b30857f4fdc2d82342f2f,2025-01-16T10:15:09.103000 CVE-2024-1339,0,0,a64c4c68c8a9a926adb37b05ad26ad3fdfdc4a14ba534fc12b29b0c3bcb239b6,2024-12-31T16:52:24.407000 CVE-2024-13394,0,0,b6fcea27182fbefcf0642745a1f133fbfca8eb302a1dddd2465056b203356454,2025-01-15T06:15:16.150000 @@ -276288,7 +276295,7 @@ CVE-2024-9132,0,0,5e02bb4fdacfd190b910e289b623c8275522b9fa0b9681662d79e5e5dd9dc6 CVE-2024-9133,0,0,6aa4c7ce050da09ef15b902483e174a9acb44b76477eb064e81df31f6a2ce005,2025-01-10T22:15:26.907000 CVE-2024-9134,0,0,cda1908980e6deea1fa8d2182b915b4b49e9eeec5e605c4e8a824a8066d73532,2025-01-10T22:15:27.033000 CVE-2024-9136,0,0,440b3409a14907c29d57b03ac063b5d398f0722a11dac00ea875af9fd1c6005e,2024-10-01T14:28:31.027000 -CVE-2024-9137,0,1,c5ec4625d90142b1b9ff664e82a5d1574ffac90a7294ba0e126897b0851d3e14,2025-01-17T08:15:24.690000 +CVE-2024-9137,0,0,c5ec4625d90142b1b9ff664e82a5d1574ffac90a7294ba0e126897b0851d3e14,2025-01-17T08:15:24.690000 CVE-2024-9138,0,0,a81b81868b0978ee3f26a8278c212cba398f6cf06063add4ee50660e7d201861,2025-01-03T09:15:06.370000 CVE-2024-9139,0,0,83938595f8962bac6f6fc335d42f9f22b2d606998dfde57a86094aba45150b17,2024-10-15T12:57:46.880000 CVE-2024-9140,0,0,6c5aa3b354c1ca64b82bfa5e0cf27e16ccfe9f9c8e639982b4fec0ac31a223a7,2025-01-03T09:15:06.570000 @@ -277388,7 +277395,7 @@ CVE-2025-21623,0,0,11a3a4b165ac7ea35d006622a2c31920fdd49ec8509c7c0bc152edfb3b703 CVE-2025-21624,0,0,67d81661ccc165bcb7a2d55cd4301b8865debac4b78d0af97080ff58ad5f038c,2025-01-07T17:15:32.417000 CVE-2025-21628,0,0,0075ad45f4e081e6b1d4b87e45ccf38954b3b032c76d5db5fcb797ed5fc6213f,2025-01-09T18:15:30.070000 CVE-2025-21629,0,0,0a55b872d6685ac8b474198c6b676d3355054a0573b455caf5ce0d0ece6d4823,2025-01-15T13:15:15.220000 -CVE-2025-21630,0,0,9103fc0b7a8df8ecab854c50942abccdea1f371e0f825e1f802a2e1f3509d808,2025-01-15T13:15:15.330000 +CVE-2025-21630,0,1,b687cde38a98e756a80e569a98743dbd03093e3308ce5058c13044fa43b51e41,2025-01-17T09:15:08 CVE-2025-22130,0,0,a71c51c8237898c4394724aa5ef423b90094196082b564075e1f1cf6c2992343,2025-01-08T16:15:38.543000 CVE-2025-22132,0,0,92f694afc6ce174171da36824da367c743ab8d73a418a3347309264d0570fa9a,2025-01-07T22:15:31.590000 CVE-2025-22133,0,0,32df1a7a06703aea1606771b300b1836f84903a2a4b183527a9471791c589465,2025-01-08T15:15:21.727000