From 3421beccb383c71183b01817b24a6f6d72108b00 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 27 Feb 2025 15:03:50 +0000 Subject: [PATCH] Auto-Update: 2025-02-27T15:00:20.056532+00:00 --- CVE-2024/CVE-2024-134xx/CVE-2024-13402.json | 60 +++++ CVE-2024/CVE-2024-14xx/CVE-2024-1424.json | 74 +++++- CVE-2024/CVE-2024-15xx/CVE-2024-1571.json | 74 +++++- CVE-2024/CVE-2024-266xx/CVE-2024-26691.json | 116 ++++++++- CVE-2024/CVE-2024-266xx/CVE-2024-26699.json | 99 +++++++- CVE-2024/CVE-2024-267xx/CVE-2024-26724.json | 100 +++++++- CVE-2024/CVE-2024-267xx/CVE-2024-26767.json | 120 ++++++++- CVE-2024/CVE-2024-267xx/CVE-2024-26774.json | 140 ++++++++++- CVE-2024/CVE-2024-267xx/CVE-2024-26776.json | 172 +++++++++++-- CVE-2024/CVE-2024-267xx/CVE-2024-26777.json | 211 ++++++++++++++-- CVE-2024/CVE-2024-267xx/CVE-2024-26778.json | 211 ++++++++++++++-- CVE-2024/CVE-2024-267xx/CVE-2024-26796.json | 127 +++++++++- CVE-2024/CVE-2024-268xx/CVE-2024-26805.json | 265 ++++++++++++++++++-- CVE-2024/CVE-2024-304xx/CVE-2024-30427.json | 52 +++- CVE-2024/CVE-2024-304xx/CVE-2024-30428.json | 52 +++- CVE-2024/CVE-2024-304xx/CVE-2024-30429.json | 52 +++- CVE-2024/CVE-2024-304xx/CVE-2024-30430.json | 52 +++- CVE-2024/CVE-2024-304xx/CVE-2024-30478.json | 52 +++- CVE-2024/CVE-2024-501xx/CVE-2024-50146.json | 6 +- CVE-2024/CVE-2024-50xx/CVE-2024-5084.json | 64 ++++- CVE-2024/CVE-2024-525xx/CVE-2024-52559.json | 6 +- CVE-2024/CVE-2024-579xx/CVE-2024-57977.json | 6 +- CVE-2024/CVE-2024-580xx/CVE-2024-58002.json | 6 +- CVE-2024/CVE-2024-93xx/CVE-2024-9334.json | 60 +++++ CVE-2025/CVE-2025-12xx/CVE-2025-1247.json | 10 +- CVE-2025/CVE-2025-16xx/CVE-2025-1634.json | 14 +- CVE-2025/CVE-2025-16xx/CVE-2025-1691.json | 56 +++++ CVE-2025/CVE-2025-16xx/CVE-2025-1692.json | 56 +++++ CVE-2025/CVE-2025-16xx/CVE-2025-1693.json | 56 +++++ CVE-2025/CVE-2025-17xx/CVE-2025-1738.json | 56 +++++ CVE-2025/CVE-2025-17xx/CVE-2025-1739.json | 56 +++++ CVE-2025/CVE-2025-217xx/CVE-2025-21712.json | 6 +- CVE-2025/CVE-2025-217xx/CVE-2025-21721.json | 6 +- CVE-2025/CVE-2025-217xx/CVE-2025-21746.json | 10 +- CVE-2025/CVE-2025-222xx/CVE-2025-22280.json | 56 +++++ CVE-2025/CVE-2025-271xx/CVE-2025-27154.json | 90 +++++++ README.md | 49 +++- _state.csv | 73 +++--- 38 files changed, 2543 insertions(+), 228 deletions(-) create mode 100644 CVE-2024/CVE-2024-134xx/CVE-2024-13402.json create mode 100644 CVE-2024/CVE-2024-93xx/CVE-2024-9334.json create mode 100644 CVE-2025/CVE-2025-16xx/CVE-2025-1691.json create mode 100644 CVE-2025/CVE-2025-16xx/CVE-2025-1692.json create mode 100644 CVE-2025/CVE-2025-16xx/CVE-2025-1693.json create mode 100644 CVE-2025/CVE-2025-17xx/CVE-2025-1738.json create mode 100644 CVE-2025/CVE-2025-17xx/CVE-2025-1739.json create mode 100644 CVE-2025/CVE-2025-222xx/CVE-2025-22280.json create mode 100644 CVE-2025/CVE-2025-271xx/CVE-2025-27154.json diff --git a/CVE-2024/CVE-2024-134xx/CVE-2024-13402.json b/CVE-2024/CVE-2024-134xx/CVE-2024-13402.json new file mode 100644 index 00000000000..1b02934f8dd --- /dev/null +++ b/CVE-2024/CVE-2024-134xx/CVE-2024-13402.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13402", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-02-27T13:15:09.947", + "lastModified": "2025-02-27T13:15:09.947", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018link_title\u2019 parameter in all versions up to, and including, 2.7.70 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.buddyboss.com/resources/buddyboss-platform-releases/2-8-00/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/42743c2f-053b-4f14-bf11-865f978ec017?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-14xx/CVE-2024-1424.json b/CVE-2024/CVE-2024-14xx/CVE-2024-1424.json index 0a83ef6d38e..0f36ab0304f 100644 --- a/CVE-2024/CVE-2024-14xx/CVE-2024-1424.json +++ b/CVE-2024/CVE-2024-14xx/CVE-2024-1424.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1424", "sourceIdentifier": "security@wordfence.com", "published": "2024-04-09T19:15:17.040", - "lastModified": "2024-11-21T08:50:33.260", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T14:53:37.577", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,25 +36,87 @@ }, "exploitabilityScore": 3.1, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:givewp:givewp:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.6.0", + "matchCriteriaId": "338481E6-7694-44AD-B020-39299E0A3B72" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3050712%40give%2Ftrunk&old=3046618%40give%2Ftrunk&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c1710f84-e3c1-4fbc-841e-c7c9ccf3a2e5?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3050712%40give%2Ftrunk&old=3046618%40give%2Ftrunk&sfp_email=&sfph_mail=", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c1710f84-e3c1-4fbc-841e-c7c9ccf3a2e5?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-15xx/CVE-2024-1571.json b/CVE-2024/CVE-2024-15xx/CVE-2024-1571.json index babbc09093b..a72a11c0828 100644 --- a/CVE-2024/CVE-2024-15xx/CVE-2024-1571.json +++ b/CVE-2024/CVE-2024-15xx/CVE-2024-1571.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1571", "sourceIdentifier": "security@wordfence.com", "published": "2024-04-09T19:15:18.417", - "lastModified": "2024-11-21T08:50:51.597", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T14:53:37.577", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,25 +36,87 @@ }, "exploitabilityScore": 1.3, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:bootstrapped:wp_recipe_maker:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "9.3.0", + "matchCriteriaId": "73E443BA-9B25-4AA8-853D-7E4B9E675A0D" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3046892/wp-recipe-maker/trunk/includes/public/class-wprm-recipe-sanitizer.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6c098b35-606e-4dde-8683-4c90f518ddb5?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3046892/wp-recipe-maker/trunk/includes/public/class-wprm-recipe-sanitizer.php", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6c098b35-606e-4dde-8683-4c90f518ddb5?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26691.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26691.json index bcfe52fac9a..4293280ff1d 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26691.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26691.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26691", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-03T15:15:52.550", - "lastModified": "2024-11-21T09:02:51.377", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T14:34:43.180", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,129 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: KVM: arm64: corrige la dependencia de bloqueo circular La regla dentro de kvm exige que vcpu->mutex se tome *dentro* de kvm->lock. La regla es violada por pkvm_create_hyp_vm() que adquiere el bloqueo kvm->mientras ya mantiene el bloqueo vcpu->mutex de kvm_vcpu_ioctl(). Evite por completo la dependencia del bloqueo circular protegiendo el identificador hyp vm con config_lock, de forma muy similar a como lo hacemos con otras formas de datos con alcance de VM." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.6.18", + "matchCriteriaId": "594220C3-83E4-47DB-86F0-93F7BC642107" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.6", + "matchCriteriaId": "C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*", + "matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*", + "matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*", + "matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*", + "matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/10c02aad111df02088d1a81792a709f6a7eca6cc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3ab1c40a1e915e350d9181a4603af393141970cc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3d16cebf01127f459dcfeb79ed77bd68b124c228", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/10c02aad111df02088d1a81792a709f6a7eca6cc", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3ab1c40a1e915e350d9181a4603af393141970cc", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3d16cebf01127f459dcfeb79ed77bd68b124c228", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-266xx/CVE-2024-26699.json b/CVE-2024/CVE-2024-266xx/CVE-2024-26699.json index 828d1dd24c9..665b908db10 100644 --- a/CVE-2024/CVE-2024-266xx/CVE-2024-26699.json +++ b/CVE-2024/CVE-2024-266xx/CVE-2024-26699.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26699", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-03T15:15:52.980", - "lastModified": "2024-11-21T09:02:52.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T14:34:43.180", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,108 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drm/amd/display: corrige el \u00edndice de matriz fuera de los l\u00edmites en dcn35_clkmgr [Por qu\u00e9] Existe una posible infracci\u00f3n de acceso a la memoria al iterar a trav\u00e9s de una matriz de clks dcn35. [C\u00f3mo] Limitar la iteraci\u00f3n por tama\u00f1o de matriz." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.7.6", + "matchCriteriaId": "73A68EB5-7019-4CD5-81D0-D69C4FD854FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*", + "matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*", + "matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*", + "matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*", + "matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/46806e59a87790760870d216f54951a5b4d545bc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ca400d8e0c1c9d79c08dfb6b7f966e26c8cae7fb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/46806e59a87790760870d216f54951a5b4d545bc", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ca400d8e0c1c9d79c08dfb6b7f966e26c8cae7fb", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26724.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26724.json index 8230b3ad1d5..4af80e1fa56 100644 --- a/CVE-2024/CVE-2024-267xx/CVE-2024-26724.json +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26724.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26724", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-03T15:15:54.203", - "lastModified": "2024-11-21T09:02:55.540", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T14:34:43.180", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,109 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net/mlx5: DPLL, corrige el posible uso despu\u00e9s de la activaci\u00f3n del temporizador de trabajo retrasado despu\u00e9s de la liberaci\u00f3n. Logr\u00e9 alcanzar el siguiente uso despu\u00e9s de la advertencia de la liberaci\u00f3n gratuita recientemente: [2169.711665] ======== ==================================================== ======== [2169.714009] ERROR: KASAN: slab-use-after-free en __run_timers.part.0+0x179/0x4c0 [2169.716293] Escritura de tama\u00f1o 8 en la direcci\u00f3n ffff88812b326a70 mediante task swapper/4/0 [ 2169.719022] CPU: 4 PID: 0 Comm: swapper/4 No contaminado 6.8.0-rc2jiri+ #2 [2169.720974] Nombre de hardware: PC est\u00e1ndar QEMU (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02- prebuilt.qemu.org 01/04/2014 [2169.722457] Seguimiento de llamadas: [2169.722756] [2169.723024] dump_stack_lvl+0x58/0xb0 [2169.723417] print_report+0xc5/0x630 [2169.72 3807] ? __virt_addr_valid+0x126/0x2b0 [ 2169.724268] kasan_report+0xbe/0xf0 [ 2169.724667] ? __run_timers.part.0+0x179/0x4c0 [2169.725116]? __run_timers.part.0+0x179/0x4c0 [2169.725570] __run_timers.part.0+0x179/0x4c0 [2169.726003]? call_timer_fn+0x320/0x320 [2169.726404]? lock_downgrade+0x3a0/0x3a0 [2169.726820]? kvm_clock_get_cycles+0x14/0x20 [2169.727257]? ktime_get+0x92/0x150 [2169.727630]? lapic_next_deadline+0x35/0x60 [ 2169.728069] run_timer_softirq+0x40/0x80 [ 2169.728475] __do_softirq+0x1a1/0x509 [ 2169.728866] irq_exit_rcu+0x95/0xc0 [ 2169.7 29241] sysvec_apic_timer_interrupt+0x6b/0x80 [ 2169.729718] [ 2169.729993] [ 2169.730259] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 2169.730755] RIP: 0010:default_idle+0x13/0x20 [ 2169.731190] C\u00f3digo: c0 08 00 00 00 4d 29 c8 4c 01 c7 4c 29 c2 e9 72 ff ff ff cc cc cc cc 8b 05 9a 7f 1f 02 85 c0 7e 07 0f 00 2d cf 69 43 00 fb f4 c3 66 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 04 25 c0 93 04 00 [ 2169.732759 ] RSP: 0018:ffff888100dbfe10 EFLAGS : 00000242 [ 2169.733264] RAX: 00000000000000001 RBX: ffff888100d9c200 RCX: ffffffff8241bd62 [ 2169.733925] RDX: ffffed109a848b15 RSI: 000000000 0000004 RDI: ffffffff8127ac55 [ 2169.734566] RBP: 0000000000000004 R08: 0000000000000000 R09: ffffed109a848b14 [ 2169.735200] R10: ffff8884d4245 8a3 R11: 000000000000ba7e R12: ffffffff83d7d3a0 [2169.735835] R13: 1ffff110201b7fc6 R14: 0000000000000000 R15: ffff888100d9c200 [2169.736478] ? ct_kernel_exit.constprop.0+0xa2/0xc0 [2169.736954]? do_idle+0x285/0x290 [ 2169.737323] default_idle_call+0x63/0x90 [ 2169.737730] do_idle+0x285/0x290 [ 2169.738089] ? arch_cpu_idle_exit+0x30/0x30 [2169.738511]? mark_held_locks+0x1a/0x80 [2169.738917]? lockdep_hardirqs_on_prepare+0x12e/0x200 [ 2169.739417] cpu_startup_entry+0x30/0x40 [ 2169.739825] start_secondary+0x19a/0x1c0 [ 2169.740229] ? set_cpu_sibling_map+0xbd0/0xbd0 [ 2169.740673] second_startup_64_no_verify+0x15d/0x16b [ 2169.741179] [ 2169.741686] Asignado por la tarea 1098: [ 2169.742058] kasan_save_s tachuela+0x1c/0x40 [ 2169.742456] kasan_save_track+0x10/0x30 [ 2169.742852] __kasan_kmalloc+0x83 /0x90 [ 2169.743246] mlx5_dpll_probe+0xf5/0x3c0 [mlx5_dpll] [ 2169.743730] sonda_bus_auxiliar+0x62/0xb0 [ 2169.744148] sonda_real+0x127/0x590 [ 2169.744534] __driver_probe_device+0xd2/0x200 [ 2169.744973] dispositivo_driver_attach+0x6b/0xf0 [ 2169.745402] bind_store+ 0x90/0xe0 [ 2169.745761] kernfs_fop_write_iter+0x1df/0x2a0 [ 2169.746210] vfs_write+0x41f/0x790 [ 2169.746579] ksys_write+0xc7/0x160 [ 2169.746947 ] do_syscall_64+0x6f/0x140 [ 2169.747333] Entry_SYSCALL_64_after_hwframe+0x46/0x4e [ 2169.748049] Liberado por la tarea 1220 : [ 2169.748393] kasan_save_stack+0x1c/0x40 [ 2169.748789] kasan_save_track+0x10/0x30 [ 2169.749188] kasan_save_free_info+0x3b/0x50 [ 2169.749621] veneno_slab_object+0x106 /0x180 [ 2169.750044] __kasan_slab_free+0x14/0x50 [ 2169.750451] kfree+0x118/0x330 [ 2169.750792] mlx5_dpll_remove+0xf5/0x110 [mlx5_dpll] [ 2169.751271] auxiliar_bus_remove+0x2e/0x40 ---truncado---" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.6", + "matchCriteriaId": "C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*", + "matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*", + "matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*", + "matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*", + "matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1596126ea50228f0ed96697bae4e9368fda02c56", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/aa1eec2f546f2afa8c98ec41e5d8ee488165d685", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1596126ea50228f0ed96697bae4e9368fda02c56", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/aa1eec2f546f2afa8c98ec41e5d8ee488165d685", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26767.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26767.json index 57ec810b45a..193816ab153 100644 --- a/CVE-2024/CVE-2024-267xx/CVE-2024-26767.json +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26767.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26767", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-03T17:15:52.747", - "lastModified": "2024-11-21T09:03:01.447", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T14:34:43.180", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,133 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: tipos de enteros fijos y ubicaciones de verificaci\u00f3n nula [por qu\u00e9]: problemas solucionados: - comparaci\u00f3n con un tipo de entero m\u00e1s amplio en condici\u00f3n de bucle que puede causar bucles infinitos - desreferencia del puntero antes cheque nulo" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + }, + { + "lang": "en", + "value": "CWE-835" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.6.19", + "matchCriteriaId": "2C48661B-D5EB-4653-8E9E-92897A23FB1B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.7", + "matchCriteriaId": "575EE16B-67F2-4B5B-B5F8-1877715C898B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*", + "matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*", + "matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*", + "matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*", + "matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0484e05d048b66d01d1f3c1d2306010bb57d8738", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/71783d1ff65204d69207fd156d4b2eb1d3882375", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/beea9ab9080cd2ef46296070bb327af066ee09d7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0484e05d048b66d01d1f3c1d2306010bb57d8738", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/71783d1ff65204d69207fd156d4b2eb1d3882375", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/beea9ab9080cd2ef46296070bb327af066ee09d7", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26774.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26774.json index 75702595932..f1b5db5d437 100644 --- a/CVE-2024/CVE-2024-267xx/CVE-2024-26774.json +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26774.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26774", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-03T17:15:53.130", - "lastModified": "2024-11-21T09:03:02.507", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T14:34:43.180", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,47 +15,161 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: evitar dividir por 0 en mb_update_avg_fragment_size() cuando el mapa de bits del bloque est\u00e1 da\u00f1ado. Determine si bb_fragments es 0 en lugar de determinar bb_free para eliminar el riesgo de dividir por cero cuando el mapa de bits del bloque est\u00e1 da\u00f1ado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-369" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.15.150", + "matchCriteriaId": "7A7524E0-82D9-422E-BD7A-99C27CD188A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.80", + "matchCriteriaId": "BA7850CE-97C9-4408-A348-6173296BCA2B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.19", + "matchCriteriaId": "8D82004C-B2AE-4048-9344-32EFF65953B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.7", + "matchCriteriaId": "575EE16B-67F2-4B5B-B5F8-1877715C898B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*", + "matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*", + "matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/687061cfaa2ac3095170e136dd9c29a4974f41d4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8b40eb2e716b503f7a4e1090815a17b1341b2150", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8cf9cc602cfb40085967c0d140e32691c8b71cf3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/993bf0f4c393b3667830918f9247438a8f6fdb5b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f32d2a745b02123258026e105a008f474f896d6a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/687061cfaa2ac3095170e136dd9c29a4974f41d4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8b40eb2e716b503f7a4e1090815a17b1341b2150", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8cf9cc602cfb40085967c0d140e32691c8b71cf3", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/993bf0f4c393b3667830918f9247438a8f6fdb5b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f32d2a745b02123258026e105a008f474f896d6a", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26776.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26776.json index 1b36ccacfb4..2596990f196 100644 --- a/CVE-2024/CVE-2024-267xx/CVE-2024-26776.json +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26776.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26776", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-03T17:15:53.253", - "lastModified": "2024-11-21T09:03:02.773", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T14:34:43.180", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,59 +15,199 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: spi: hisi-sfc-v3xx: Devuelve IRQ_NONE si no se detectaron interrupciones. Devuelve IRQ_NONE del controlador de interrupciones cuando no se detect\u00f3 ninguna interrupci\u00f3n. Porque una interrupci\u00f3n vac\u00eda causar\u00e1 un error de puntero nulo: No se puede manejar la desreferencia del puntero NULL del kernel en la direcci\u00f3n virtual 0000000000000008 Seguimiento de llamadas: completo+0x54/0x100 hisi_sfc_v3xx_isr+0x2c/0x40 [spi_hisi_sfc_v3xx] __handle_irq_event_percpu+0x64/0x1e0 handle_ evento_irq+0x7c/0x1cc" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.10.211", + "matchCriteriaId": "DC6905D6-5F33-4718-AAFD-C356351E82B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.150", + "matchCriteriaId": "CB6C60DE-9E0C-46C5-904D-D4F4031F8E95" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.80", + "matchCriteriaId": "BA7850CE-97C9-4408-A348-6173296BCA2B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.19", + "matchCriteriaId": "8D82004C-B2AE-4048-9344-32EFF65953B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.7", + "matchCriteriaId": "575EE16B-67F2-4B5B-B5F8-1877715C898B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*", + "matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0399d7eba41d9b28f5bdd7757ec21a5b7046858d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d637b5118274701e8448f35953877daf04df18b4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/de8b6e1c231a95abf95ad097b993d34b31458ec9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e4168ac25b4bd378bd7dda322d589482a136c1fd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e94da8aca2e78ef9ecca02eb211869eacd5504e5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f19361d570c67e7e014896fa2dacd7d721bf0aa8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0399d7eba41d9b28f5bdd7757ec21a5b7046858d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d637b5118274701e8448f35953877daf04df18b4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/de8b6e1c231a95abf95ad097b993d34b31458ec9", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e4168ac25b4bd378bd7dda322d589482a136c1fd", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e94da8aca2e78ef9ecca02eb211869eacd5504e5", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f19361d570c67e7e014896fa2dacd7d721bf0aa8", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26777.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26777.json index c0852496b1c..d4b63d2e925 100644 --- a/CVE-2024/CVE-2024-267xx/CVE-2024-26777.json +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26777.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26777", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-03T17:15:53.303", - "lastModified": "2024-11-21T09:03:02.893", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T14:34:43.180", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,79 +15,248 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fbdev: sis: error si pixclock es igual a cero. El programa de espacio de usuario podr\u00eda pasar cualquier valor al controlador a trav\u00e9s de la interfaz ioctl(). Si el controlador no verifica el valor de pixclock, puede causar un error de divisi\u00f3n por cero. En sisfb_check_var(), var->pixclock se usa como divisor para calcular la velocidad antes de compararla con cero. Solucione este problema marc\u00e1ndolo al principio. Esto es similar a CVE-2022-3061 en i740fb que se solucion\u00f3 mediante el commit 15cf0b8." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-369" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.19.308", + "matchCriteriaId": "B6FB6042-3E0F-4A36-8DED-B3C350612BDC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.270", + "matchCriteriaId": "5D8044B1-C7E8-44A4-9F03-A4D7BCDB1721" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.211", + "matchCriteriaId": "7DDA4DCF-671D-415D-94DF-6E3C77DF0704" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.150", + "matchCriteriaId": "CB6C60DE-9E0C-46C5-904D-D4F4031F8E95" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.80", + "matchCriteriaId": "BA7850CE-97C9-4408-A348-6173296BCA2B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.19", + "matchCriteriaId": "8D82004C-B2AE-4048-9344-32EFF65953B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.7", + "matchCriteriaId": "575EE16B-67F2-4B5B-B5F8-1877715C898B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*", + "matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1d11dd3ea5d039c7da089f309f39c4cd363b924b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6db07619d173765bd8622d63809cbfe361f04207", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/84246c35ca34207114055a87552a1c4289c8fd7e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/99f1abc34a6dde248d2219d64aa493c76bbdd9eb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cd36da760bd1f78c63c7078407baf01dd724f313", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/df6e2088c6f4cad539cf67cba2d6764461e798d1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e421946be7d9bf545147bea8419ef8239cb7ca52", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f329523f6a65c3bbce913ad35473d83a319d5d99", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1d11dd3ea5d039c7da089f309f39c4cd363b924b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6db07619d173765bd8622d63809cbfe361f04207", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/84246c35ca34207114055a87552a1c4289c8fd7e", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/99f1abc34a6dde248d2219d64aa493c76bbdd9eb", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cd36da760bd1f78c63c7078407baf01dd724f313", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/df6e2088c6f4cad539cf67cba2d6764461e798d1", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e421946be7d9bf545147bea8419ef8239cb7ca52", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f329523f6a65c3bbce913ad35473d83a319d5d99", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26778.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26778.json index caed96ba19b..26f47d75fba 100644 --- a/CVE-2024/CVE-2024-267xx/CVE-2024-26778.json +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26778.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26778", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-03T17:15:53.370", - "lastModified": "2024-11-21T09:03:03.020", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T14:34:43.180", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,79 +15,248 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fbdev: savage: error si pixclock es igual a cero. El programa de espacio de usuario podr\u00eda pasar cualquier valor al controlador a trav\u00e9s de la interfaz ioctl(). Si el controlador no verifica el valor de pixclock, puede causar un error de divisi\u00f3n por cero. Aunque pixclock est\u00e1 marcado en savagefb_decode_var(), no est\u00e1 marcado correctamente en savagefb_probe(). Solucione este problema verificando si pixclock es cero en la funci\u00f3n savagefb_check_var() antes de usar info->var.pixclock como divisor. Esto es similar a CVE-2022-3061 en i740fb que se solucion\u00f3 mediante el commit 15cf0b8." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-369" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.19.308", + "matchCriteriaId": "B6FB6042-3E0F-4A36-8DED-B3C350612BDC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.270", + "matchCriteriaId": "5D8044B1-C7E8-44A4-9F03-A4D7BCDB1721" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.211", + "matchCriteriaId": "7DDA4DCF-671D-415D-94DF-6E3C77DF0704" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.150", + "matchCriteriaId": "CB6C60DE-9E0C-46C5-904D-D4F4031F8E95" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.80", + "matchCriteriaId": "BA7850CE-97C9-4408-A348-6173296BCA2B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.19", + "matchCriteriaId": "8D82004C-B2AE-4048-9344-32EFF65953B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.7", + "matchCriteriaId": "575EE16B-67F2-4B5B-B5F8-1877715C898B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*", + "matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/04e5eac8f3ab2ff52fa191c187a46d4fdbc1e288", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/070398d32c5f3ab0e890374904ad94551c76aec4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/224453de8505aede1890f007be973925a3edf6a1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/512ee6d6041e007ef5bf200c6e388e172a2c5b24", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/84dce0f6a4cc5b7bfd7242ef9290db8ac1dd77ff", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8c54acf33e5adaad6374bf3ec1e3aff0591cc8e1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a9ca4e80d23474f90841251f4ac0d941fa337a01", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bc3c2e58d73b28b9a8789fca84778ee165a72d13", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/04e5eac8f3ab2ff52fa191c187a46d4fdbc1e288", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/070398d32c5f3ab0e890374904ad94551c76aec4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/224453de8505aede1890f007be973925a3edf6a1", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/512ee6d6041e007ef5bf200c6e388e172a2c5b24", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/84dce0f6a4cc5b7bfd7242ef9290db8ac1dd77ff", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8c54acf33e5adaad6374bf3ec1e3aff0591cc8e1", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a9ca4e80d23474f90841251f4ac0d941fa337a01", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bc3c2e58d73b28b9a8789fca84778ee165a72d13", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-267xx/CVE-2024-26796.json b/CVE-2024/CVE-2024-267xx/CVE-2024-26796.json index 7fab0a27260..0d0bb4802c4 100644 --- a/CVE-2024/CVE-2024-267xx/CVE-2024-26796.json +++ b/CVE-2024/CVE-2024-267xx/CVE-2024-26796.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26796", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-04T09:15:08.790", - "lastModified": "2024-11-21T09:03:05.557", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T14:35:09.517", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,140 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: controladores: perf: ctr_get_width la funci\u00f3n para legado no est\u00e1 definida Con los par\u00e1metros CONFIG_RISCV_PMU_LEGACY=y y CONFIG_RISCV_PMU_SBI=n el kernel de Linux falla cuando intenta el registro de rendimiento: $ perf record ls [ 46.749286] No se puede manejar la desreferencia del puntero NULL del kernel en la direcci\u00f3n virtual 0000000000000000 [ 46.750199] Ups [#1] [ 46.750342] M\u00f3dulos vinculados en: [ 46.750608] CPU: 0 PID: 107 Comm: perf-exec Not tainted 6.6.0 #2 [ 46.750906] Nombre del hardware : riscv-virtio,qemu (DT) [ 46.751184] epc : 0x0 [ 46.751430 ] ra : arch_perf_update_userpage+0x54/0x13e [ 46.751680] epc : 00000000000000000 ra : ffffffff8072ee52 sp : ff20000 00022b8f0 [46.751958] gp: ffffffff81505988 tp: ff6000000290d400 t0: ff2000000022b9c0 [ 46.752229] t1 : 0000000000000001 t2 : 0000000000000003 s0 : ff2000000022b930 [ 46.752451] s1 : ff600000028fb000 a0 : 0000000000000000 a 1: ff600000028fb000 [46.752673] a2: 0000000ae2751268 a3: 00000000004fb708 a4: 00000000000000004 [46.752895] a5: 0000000000000000 a6: 000000000017ffe3 a7: 00000000000000d2 [46.753117] s2: ff600000028fb000 s3: 0000000ae2751268 s4: 0000000000000000 [46.753338] s5: ffffffff8153e290 s6: ff600000863b9000 s7: ff60000002 961078 [46.753562] s8: ff60000002961048 s9: ff60000002961058 s10: 00000000000000001 [46.753783] s11: 0000000000000018 t3: ffffffffffffff ff t4 : ffffffffffffffff [ 46.754005] t5 : ff6000000292270c t6: ff2000000022bb30 [46.754179] estado: 0000000200000100 badaddr: 00000000000000000 causa: 0000000000000000c [46.754653] C\u00f3digo: No se puede acceder instrucci\u00f3n en 0xffffffffffffffec. [ 46.754939] ---[ end trace 0000000000000000 ]--- [ 46.755131] nota: perf-exec[107] sali\u00f3 con irqs deshabilitados [ 46.755546] nota: perf-exec[107] sali\u00f3 con preempt_count 4 Esto sucede porque en el legado En este caso, la funci\u00f3n ctr_get_width no se defini\u00f3, pero se usa en arch_perf_update_userpage. Tambi\u00e9n elimine el control adicional en riscv_pmu_ctr_get_width_mask" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6", + "versionEndExcluding": "6.6.21", + "matchCriteriaId": "084897EF-9F0A-4459-ADD9-E47D969EF093" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.9", + "matchCriteriaId": "1C538467-EDA0-4A9A-82EB-2925DE9FF827" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*", + "matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*", + "matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*", + "matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*", + "matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*", + "matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc6:*:*:*:*:*:*", + "matchCriteriaId": "AEB9199B-AB8F-4877-8964-E2BA95B5F15C" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/682dc133f83e0194796e6ea72eb642df1c03dfbe", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e0d17ee872cf8d0f51cc561329b8e1a0aa792bbb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e4f50e85de5a6b21dfdc0d7ca435eba4f62935c3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/682dc133f83e0194796e6ea72eb642df1c03dfbe", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e0d17ee872cf8d0f51cc561329b8e1a0aa792bbb", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e4f50e85de5a6b21dfdc0d7ca435eba4f62935c3", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-268xx/CVE-2024-26805.json b/CVE-2024/CVE-2024-268xx/CVE-2024-26805.json index ea3064c3f0c..b1089e3326c 100644 --- a/CVE-2024/CVE-2024-268xx/CVE-2024-26805.json +++ b/CVE-2024/CVE-2024-268xx/CVE-2024-26805.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26805", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-04T09:15:09.277", - "lastModified": "2024-11-21T09:03:06.857", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T14:35:09.517", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,79 +15,302 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: netlink: Fix kernel-infoleak-after-free en __skb_datagram_iter syzbot inform\u00f3 el siguiente problema de acceso al valor uninit [1]: netlink_to_full_skb() crea un nuevo `skb` y coloca el ` skb->data` pas\u00f3 como primer argumento de netlink_to_full_skb() al nuevo `skb`. El tama\u00f1o de los datos se especifica como `len` y se pasa a skb_put_data(). Este `len` se basa en `skb->end` que no es un desplazamiento de datos sino un desplazamiento del b\u00fafer. El `skb->end` contiene datos y espacio de adaptaci\u00f3n. Dado que el tailroom no se inicializa cuando se crea el nuevo `skb`, KMSAN detecta un \u00e1rea de memoria no inicializada al copiar los datos. Este parche resolvi\u00f3 este problema corrigiendo la longitud de `skb->end` a `skb->len`, que es el desplazamiento de datos real. ERROR: KMSAN: kernel-infoleak-after-free en instrument_copy_to_user include/linux/instrumented.h:114 [en l\u00ednea] ERROR: KMSAN: kernel-infoleak-after-free en copy_to_user_iter lib/iov_iter.c:24 [en l\u00ednea] ERROR: KMSAN: kernel-infoleak-after-free en iterate_ubuf include/linux/iov_iter.h:29 [en l\u00ednea] ERROR: KMSAN: kernel-infoleak-after-free en iterate_and_advance2 include/linux/iov_iter.h:245 [en l\u00ednea] ERROR: KMSAN: kernel-infoleak-after-free en iterate_and_advance include/linux/iov_iter.h:271 [en l\u00ednea] ERROR: KMSAN: kernel-infoleak-after-free en _copy_to_iter+0x364/0x2520 lib/iov_iter.c:186 instrument_copy_to_user include/ linux/instrumented.h:114 [en l\u00ednea] copy_to_user_iter lib/iov_iter.c:24 [en l\u00ednea] iterate_ubuf include/linux/iov_iter.h:29 [en l\u00ednea] iterate_and_advance2 include/linux/iov_iter.h:245 [en l\u00ednea] iterate_and_advance include/ linux/iov_iter.h:271 [en l\u00ednea] _copy_to_iter+0x364/0x2520 lib/iov_iter.c:186 copy_to_iter include/linux/uio.h:197 [en l\u00ednea] simple_copy_to_iter+0x68/0xa0 net/core/datagram.c:532 __skb_datagram_iter +0x123/0xdc0 net/core/datagram.c:420 skb_copy_datagram_iter+0x5c/0x200 net/core/datagram.c:546 skb_copy_datagram_msg include/linux/skbuff.h:3960 [en l\u00ednea] paquete_recvmsg+0xd9c/0x2000 net/packet/af_packet .c:3482 sock_recvmsg_nosec net/socket.c:1044 [en l\u00ednea] sock_recvmsg net/socket.c:1066 [en l\u00ednea] sock_read_iter+0x467/0x580 net/socket.c:1136 call_read_iter include/linux/fs.h:2014 [en l\u00ednea ] new_sync_read fs/read_write.c:389 [en l\u00ednea] vfs_read+0x8f6/0xe00 fs/read_write.c:470 ksys_read+0x20f/0x4c0 fs/read_write.c:613 __do_sys_read fs/read_write.c:623 [en l\u00ednea] __se_sys_read fs/ read_write.c:621 [en l\u00ednea] __x64_sys_read+0x93/0xd0 fs/read_write.c:621 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0x44/0x110 arch/x86/entry/common.c: 83 Entry_SYSCALL_64_after_hwframe+0x63/0x6b Uninit se almacen\u00f3 en la memoria en: skb_put_data include/linux/skbuff.h:2622 [en l\u00ednea] netlink_to_full_skb net/netlink/af_netlink.c:181 [en l\u00ednea] __netlink_deliver_tap_skb net/netlink/af_netlink.c:298 [ en l\u00ednea] __netlink_deliver_tap+0x5be/0xc90 net/netlink/af_netlink.c:325 netlink_deliver_tap net/netlink/af_netlink.c:338 [en l\u00ednea] netlink_deliver_tap_kernel net/netlink/af_netlink.c:347 [en l\u00ednea] netlink_unicast_kernel net/netlink/af_netlink.c :1341 [en l\u00ednea] netlink_unicast+0x10f1/0x1250 net/netlink/af_netlink.c:1368 netlink_sendmsg+0x1238/0x13d0 net/netlink/af_netlink.c:1910 sock_sendmsg_nosec net/socket.c:730 [en l\u00ednea] __sock_sendmsg net/socket.c :745 [en l\u00ednea] ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584 ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638 __sys_sendmsg net/socket.c:2667 [en l\u00ednea] __do_sys_sendmsg net/socket.c:267 6 [en l\u00ednea ] __se_sys_sendmsg net/socket.c:2674 [en l\u00ednea] __x64_sys_sendmsg+0x307/0x490 net/socket.c:2674 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0x44/0x110 arch/x86/ entrada/ common.c:83 Entry_SYSCALL_64_after_hwframe+0x63/0x6b Uninit se cre\u00f3 en: free_pages_prepare mm/page_alloc.c:1087 [en l\u00ednea] free_unref_page_prepare+0xb0/0xa40 mm/page_alloc.c:2347 ---truncado---" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-908" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.12.49", + "versionEndExcluding": "3.13", + "matchCriteriaId": "E3FB0A4C-A480-4167-9E8B-E25DA07010DC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.14.54", + "versionEndExcluding": "3.15", + "matchCriteriaId": "DC114028-1F95-4659-B03C-439E9DBBE9F1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.18.23", + "versionEndExcluding": "3.19", + "matchCriteriaId": "DFEB996F-37AA-4FE9-9E1E-7158BD2B7CA9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.1.10", + "versionEndExcluding": "4.2", + "matchCriteriaId": "3B568F4B-8057-4D69-9552-BE2DFAC4F975" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.2.3", + "versionEndExcluding": "4.19.309", + "matchCriteriaId": "5EC96BB4-056D-4926-9E34-B6DEA728F78B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.271", + "matchCriteriaId": "7BE17E30-58A5-468C-A06E-28C355F4F8DD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.212", + "matchCriteriaId": "01B34738-A022-44A9-9250-DCBC76539CB9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.151", + "matchCriteriaId": "EEAFD33E-C22F-4FB1-A417-9C96AB3E0358" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.81", + "matchCriteriaId": "EC825B0E-DFCA-4034-9B92-F111A4E2A732" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.21", + "matchCriteriaId": "B19074A2-9FE5-4E7D-9E2D-020F95013ADA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.9", + "matchCriteriaId": "1C538467-EDA0-4A9A-82EB-2925DE9FF827" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*", + "matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*", + "matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*", + "matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*", + "matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*", + "matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc6:*:*:*:*:*:*", + "matchCriteriaId": "AEB9199B-AB8F-4877-8964-E2BA95B5F15C" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0b27bf4c494d61e5663baa34c3edd7ccebf0ea44", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/59fc3e3d049e39e7d0d271f20dd5fb47c57faf1d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/661779e1fcafe1b74b3f3fe8e980c1e207fea1fd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9ae51361da43270f4ba0eb924427a07e87e48777", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c71ed29d15b1a1ed6c464f8c3536996963046285", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d3ada42e534a83b618bbc1e490d23bf0fdae4736", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ec343a55b687a452f5e87f3b52bf9f155864df65", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f19d1f98e60e68b11fc60839105dd02a30ec0d77", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0b27bf4c494d61e5663baa34c3edd7ccebf0ea44", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/59fc3e3d049e39e7d0d271f20dd5fb47c57faf1d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/661779e1fcafe1b74b3f3fe8e980c1e207fea1fd", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9ae51361da43270f4ba0eb924427a07e87e48777", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c71ed29d15b1a1ed6c464f8c3536996963046285", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d3ada42e534a83b618bbc1e490d23bf0fdae4736", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ec343a55b687a452f5e87f3b52bf9f155864df65", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f19d1f98e60e68b11fc60839105dd02a30ec0d77", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-304xx/CVE-2024-30427.json b/CVE-2024/CVE-2024-304xx/CVE-2024-30427.json index e3f9fa55775..7aa4a693589 100644 --- a/CVE-2024/CVE-2024-304xx/CVE-2024-30427.json +++ b/CVE-2024/CVE-2024-304xx/CVE-2024-30427.json @@ -2,8 +2,8 @@ "id": "CVE-2024-30427", "sourceIdentifier": "audit@patchstack.com", "published": "2024-03-29T14:15:09.433", - "lastModified": "2024-11-21T09:11:54.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T14:53:37.577", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 } ] }, @@ -51,14 +71,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:spiffyplugins:spiffy_calendar:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "4.9.10", + "matchCriteriaId": "6D6BAA36-BA5C-4A67-8E45-72D45FBC1FA4" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/spiffy-calendar/wordpress-spiffy-calendar-plugin-4-9-7-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://patchstack.com/database/vulnerability/spiffy-calendar/wordpress-spiffy-calendar-plugin-4-9-7-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-304xx/CVE-2024-30428.json b/CVE-2024/CVE-2024-304xx/CVE-2024-30428.json index a3b46f98848..77de068292b 100644 --- a/CVE-2024/CVE-2024-304xx/CVE-2024-30428.json +++ b/CVE-2024/CVE-2024-304xx/CVE-2024-30428.json @@ -2,8 +2,8 @@ "id": "CVE-2024-30428", "sourceIdentifier": "audit@patchstack.com", "published": "2024-03-29T14:15:09.677", - "lastModified": "2024-11-21T09:11:54.170", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T14:53:37.577", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 } ] }, @@ -51,14 +71,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:contest-gallery:contest_gallery:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "24.0.4", + "matchCriteriaId": "E9847C30-2603-453B-88C8-762710809D79" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/contest-gallery/wordpress-contest-gallery-plugin-21-3-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://patchstack.com/database/vulnerability/contest-gallery/wordpress-contest-gallery-plugin-21-3-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-304xx/CVE-2024-30429.json b/CVE-2024/CVE-2024-304xx/CVE-2024-30429.json index 05dffa777f2..c8bdc94b5fe 100644 --- a/CVE-2024/CVE-2024-304xx/CVE-2024-30429.json +++ b/CVE-2024/CVE-2024-304xx/CVE-2024-30429.json @@ -2,8 +2,8 @@ "id": "CVE-2024-30429", "sourceIdentifier": "audit@patchstack.com", "published": "2024-03-29T14:15:09.957", - "lastModified": "2024-11-21T09:11:54.287", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T14:53:37.577", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.3, "impactScore": 3.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, @@ -51,14 +71,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tuxlog:wp-forecast:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "9.3", + "matchCriteriaId": "67A87FCD-C4E7-4678-BF4D-2F887111D5C6" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wp-forecast/wordpress-wp-forecast-plugin-9-2-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://patchstack.com/database/vulnerability/wp-forecast/wordpress-wp-forecast-plugin-9-2-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-304xx/CVE-2024-30430.json b/CVE-2024/CVE-2024-304xx/CVE-2024-30430.json index 70f9c42e91a..04e39545cef 100644 --- a/CVE-2024/CVE-2024-304xx/CVE-2024-30430.json +++ b/CVE-2024/CVE-2024-304xx/CVE-2024-30430.json @@ -2,8 +2,8 @@ "id": "CVE-2024-30430", "sourceIdentifier": "audit@patchstack.com", "published": "2024-03-29T14:15:10.230", - "lastModified": "2024-11-21T09:11:54.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T14:53:37.577", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.7, "impactScore": 3.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 } ] }, @@ -51,14 +71,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpmanageninja:fluentcrm:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.8.45", + "matchCriteriaId": "B52F0783-D5C9-4B1F-B439-D605A2B25DDF" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/fluent-crm/wordpress-fluentcrm-plugin-2-8-44-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://patchstack.com/database/vulnerability/fluent-crm/wordpress-fluentcrm-plugin-2-8-44-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-304xx/CVE-2024-30478.json b/CVE-2024/CVE-2024-304xx/CVE-2024-30478.json index baadf3a9f35..29a544af73a 100644 --- a/CVE-2024/CVE-2024-304xx/CVE-2024-30478.json +++ b/CVE-2024/CVE-2024-304xx/CVE-2024-30478.json @@ -2,8 +2,8 @@ "id": "CVE-2024-30478", "sourceIdentifier": "audit@patchstack.com", "published": "2024-03-29T14:15:10.490", - "lastModified": "2024-11-21T09:12:00.170", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T14:53:37.577", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.3, "impactScore": 4.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 } ] }, @@ -51,14 +71,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:rocksolidplugins:bulletin:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.9.0", + "matchCriteriaId": "2FEE5997-2B0B-4E31-BC18-97C5E66BEEE7" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/bulletin-announcements/wordpress-announcement-notification-banner-bulletin-plugin-3-8-5-sql-injection-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://patchstack.com/database/vulnerability/bulletin-announcements/wordpress-announcement-notification-banner-bulletin-plugin-3-8-5-sql-injection-vulnerability?_s_id=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-501xx/CVE-2024-50146.json b/CVE-2024/CVE-2024-501xx/CVE-2024-50146.json index 3a00717f8e5..10290f2f48b 100644 --- a/CVE-2024/CVE-2024-501xx/CVE-2024-50146.json +++ b/CVE-2024/CVE-2024-501xx/CVE-2024-50146.json @@ -2,7 +2,7 @@ "id": "CVE-2024-50146", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-11-07T10:15:06.443", - "lastModified": "2025-01-02T14:15:08.170", + "lastModified": "2025-02-27T13:15:10.813", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -100,6 +100,10 @@ "Patch" ] }, + { + "url": "https://git.kernel.org/stable/c/d6fe973c8873c998734a050f366b28facc03d32a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/db84cb4c8c565e6d4de84b23c2818b63991adfdd", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" diff --git a/CVE-2024/CVE-2024-50xx/CVE-2024-5084.json b/CVE-2024/CVE-2024-50xx/CVE-2024-5084.json index 372064b9ea7..96ec33475be 100644 --- a/CVE-2024/CVE-2024-50xx/CVE-2024-5084.json +++ b/CVE-2024/CVE-2024-50xx/CVE-2024-5084.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5084", "sourceIdentifier": "security@wordfence.com", "published": "2024-05-23T15:15:15.970", - "lastModified": "2024-11-21T09:46:56.063", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-02-27T13:30:57.937", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,30 +39,78 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hashthemes:hash_form:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.1.1", + "matchCriteriaId": "05B3CE44-8EB8-4C20-B8D6-7AC2F062EF09" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/hash-form/trunk/admin/classes/HashFormBuilder.php#L764", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3090341/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/eef9e2fa-d8f0-42bf-95ac-ee4cafff0b14?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/hash-form/trunk/admin/classes/HashFormBuilder.php#L764", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3090341/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/eef9e2fa-d8f0-42bf-95ac-ee4cafff0b14?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52559.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52559.json index 44b765f9e2c..6593dd9395d 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52559.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52559.json @@ -2,7 +2,7 @@ "id": "CVE-2024-52559", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-02-27T03:15:10.477", - "lastModified": "2025-02-27T03:15:10.477", + "lastModified": "2025-02-27T13:15:10.943", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -13,6 +13,10 @@ ], "metrics": {}, "references": [ + { + "url": "https://git.kernel.org/stable/c/2b99b2c4621d13bd4374ef384e8f1fc188d0a5df", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/2f1845e46c41ed500789d53dc45b383b7745c96c", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" diff --git a/CVE-2024/CVE-2024-579xx/CVE-2024-57977.json b/CVE-2024/CVE-2024-579xx/CVE-2024-57977.json index 16620236cb4..138cf76f089 100644 --- a/CVE-2024/CVE-2024-579xx/CVE-2024-57977.json +++ b/CVE-2024/CVE-2024-579xx/CVE-2024-57977.json @@ -2,7 +2,7 @@ "id": "CVE-2024-57977", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-02-27T02:15:10.890", - "lastModified": "2025-02-27T02:15:10.890", + "lastModified": "2025-02-27T13:15:11.053", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -17,6 +17,10 @@ "url": "https://git.kernel.org/stable/c/46576834291869457d4772bb7df72d7c2bb3d57f", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, + { + "url": "https://git.kernel.org/stable/c/972486d37169fe85035e81b8c5dff21f70df1173", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/ade81479c7dda1ce3eedb215c78bc615bbd04f06", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" diff --git a/CVE-2024/CVE-2024-580xx/CVE-2024-58002.json b/CVE-2024/CVE-2024-580xx/CVE-2024-58002.json index 94c9f8f550f..ae2da9b3fbf 100644 --- a/CVE-2024/CVE-2024-580xx/CVE-2024-58002.json +++ b/CVE-2024/CVE-2024-580xx/CVE-2024-58002.json @@ -2,7 +2,7 @@ "id": "CVE-2024-58002", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-02-27T03:15:11.180", - "lastModified": "2025-02-27T03:15:11.180", + "lastModified": "2025-02-27T13:15:11.153", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -21,6 +21,10 @@ "url": "https://git.kernel.org/stable/c/438bda062b2c40ddd7df23b932e29ffe0a448cac", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, + { + "url": "https://git.kernel.org/stable/c/4dbaa738c583a0e947803c69e8996e88cf98d971", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/9edc7d25f7e49c33a1ce7a5ffadea2222065516c", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9334.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9334.json new file mode 100644 index 00000000000..8df9ad9264b --- /dev/null +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9334.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-9334", + "sourceIdentifier": "iletisim@usom.gov.tr", + "published": "2025-02-27T14:15:34.783", + "lastModified": "2025-02-27T14:15:34.783", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Use of Hard-coded Credentials, Storage of Sensitive Data in a Mechanism without Access Control vulnerability in E-Kent Pallium Vehicle Tracking allows Authentication Bypass.This issue affects Pallium Vehicle Tracking: before 17.10.2024." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "iletisim@usom.gov.tr", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "iletisim@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-798" + }, + { + "lang": "en", + "value": "CWE-921" + } + ] + } + ], + "references": [ + { + "url": "https://www.usom.gov.tr/bildirim/tr-25-0044", + "source": "iletisim@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-12xx/CVE-2025-1247.json b/CVE-2025/CVE-2025-12xx/CVE-2025-1247.json index 28ed11e38c8..e511540754c 100644 --- a/CVE-2025/CVE-2025-12xx/CVE-2025-1247.json +++ b/CVE-2025/CVE-2025-12xx/CVE-2025-1247.json @@ -2,7 +2,7 @@ "id": "CVE-2025-1247", "sourceIdentifier": "secalert@redhat.com", "published": "2025-02-13T14:16:18.400", - "lastModified": "2025-02-13T14:16:18.400", + "lastModified": "2025-02-27T14:15:35.523", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -19,7 +19,7 @@ "cvssMetricV31": [ { "source": "secalert@redhat.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L", @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "secalert@redhat.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -52,6 +52,10 @@ } ], "references": [ + { + "url": "https://access.redhat.com/errata/RHSA-2025:1885", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2025-1247", "source": "secalert@redhat.com" diff --git a/CVE-2025/CVE-2025-16xx/CVE-2025-1634.json b/CVE-2025/CVE-2025-16xx/CVE-2025-1634.json index f07478edefe..ed20066005b 100644 --- a/CVE-2025/CVE-2025-16xx/CVE-2025-1634.json +++ b/CVE-2025/CVE-2025-16xx/CVE-2025-1634.json @@ -2,20 +2,24 @@ "id": "CVE-2025-1634", "sourceIdentifier": "secalert@redhat.com", "published": "2025-02-26T17:15:22.083", - "lastModified": "2025-02-26T17:15:22.083", + "lastModified": "2025-02-27T14:15:35.650", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A flaw was found in the quarkus-resteasy extension, which causes memory leaks when client requests with low timeouts are made. If a client request times out, a buffer is not released correctly, leading to increased memory usage and eventual application crash due to OutOfMemoryError." + }, + { + "lang": "es", + "value": "Se ha encontrado un error en la extensi\u00f3n quarkus-resteasy, que ocasiona p\u00e9rdidas de memoria cuando los clientes efect\u00faan peticiones con timeouts bajos. Si la petici\u00f3n de un cliente caduca, no se libera correctamente un buffer, lo que ocasiona un mayor uso de memoria y una eventual finalizaci\u00f3n de la aplicaci\u00f3n debido a un OutOfMemoryError." } ], "metrics": { "cvssMetricV31": [ { "source": "secalert@redhat.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", @@ -38,7 +42,7 @@ "weaknesses": [ { "source": "secalert@redhat.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -48,6 +52,10 @@ } ], "references": [ + { + "url": "https://access.redhat.com/errata/RHSA-2025:1885", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2025-1634", "source": "secalert@redhat.com" diff --git a/CVE-2025/CVE-2025-16xx/CVE-2025-1691.json b/CVE-2025/CVE-2025-16xx/CVE-2025-1691.json new file mode 100644 index 00000000000..473d98fb902 --- /dev/null +++ b/CVE-2025/CVE-2025-16xx/CVE-2025-1691.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-1691", + "sourceIdentifier": "cna@mongodb.com", + "published": "2025-02-27T13:15:11.253", + "lastModified": "2025-02-27T13:15:11.253", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The MongoDB Shell may be susceptible to control character injection where an attacker with control of the mongosh autocomplete feature, can use the autocompletion feature to input and run obfuscated malicious text. This requires user interaction in the form of the user using \u2018tab\u2019 to autocomplete text that is a prefix of the attacker\u2019s prepared autocompletion. This issue affects mongosh versions prior to\u00a02.3.9.\u00a0\n\n\n\n\nThe vulnerability is exploitable only when mongosh is connected to a cluster that is partially or fully controlled by an attacker." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@mongodb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "cna@mongodb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + } + ] + } + ], + "references": [ + { + "url": "https://jira.mongodb.org/browse/MONGOSH-2024", + "source": "cna@mongodb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-16xx/CVE-2025-1692.json b/CVE-2025/CVE-2025-16xx/CVE-2025-1692.json new file mode 100644 index 00000000000..6731df19000 --- /dev/null +++ b/CVE-2025/CVE-2025-16xx/CVE-2025-1692.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-1692", + "sourceIdentifier": "cna@mongodb.com", + "published": "2025-02-27T13:15:11.413", + "lastModified": "2025-02-27T13:15:11.413", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The MongoDB Shell may be susceptible to control character injection where an attacker with control of the user\u2019s clipboard could manipulate them to paste text into mongosh that evaluates arbitrary code. Control characters in the pasted text can be used to obfuscate malicious code. This issue affects mongosh versions prior to 2.3.9" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@mongodb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.3, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cna@mongodb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-150" + } + ] + } + ], + "references": [ + { + "url": "https://jira.mongodb.org/browse/MONGOSH-2025", + "source": "cna@mongodb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-16xx/CVE-2025-1693.json b/CVE-2025/CVE-2025-16xx/CVE-2025-1693.json new file mode 100644 index 00000000000..01fc2560b9a --- /dev/null +++ b/CVE-2025/CVE-2025-16xx/CVE-2025-1693.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-1693", + "sourceIdentifier": "cna@mongodb.com", + "published": "2025-02-27T13:15:11.563", + "lastModified": "2025-02-27T13:15:11.563", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The MongoDB Shell may be susceptible to control character injection where an attacker with control over the database cluster contents can inject control characters into the shell output. This may result in the display of falsified messages that appear to originate from mongosh or the underlying operating system, potentially misleading users into executing unsafe actions.\n\n\nThe vulnerability is exploitable only when mongosh is connected to a cluster that is partially or fully controlled by an attacker.\n\n\nThis issue affects mongosh versions prior to 2.3.9" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@mongodb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L", + "baseScore": 3.9, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 0.5, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "cna@mongodb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-150" + } + ] + } + ], + "references": [ + { + "url": "https://jira.mongodb.org/browse/MONGOSH-2026", + "source": "cna@mongodb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-17xx/CVE-2025-1738.json b/CVE-2025/CVE-2025-17xx/CVE-2025-1738.json new file mode 100644 index 00000000000..31a34c17a83 --- /dev/null +++ b/CVE-2025/CVE-2025-17xx/CVE-2025-1738.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-1738", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2025-02-27T13:15:11.720", + "lastModified": "2025-02-27T13:15:11.720", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A Password Transmitted over Query String vulnerability has been found in Trivision Camera NC227WF v5.8.0 from TrivisionSecurity, exposing this sensitive information to a third party." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.2, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.5, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-598" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-trivision-camera-nc227wf", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-17xx/CVE-2025-1739.json b/CVE-2025/CVE-2025-17xx/CVE-2025-1739.json new file mode 100644 index 00000000000..dd9e86ec9b2 --- /dev/null +++ b/CVE-2025/CVE-2025-17xx/CVE-2025-1739.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-1739", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2025-02-27T13:15:11.883", + "lastModified": "2025-02-27T13:15:11.883", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An Authentication Bypass vulnerability has been found in Trivision Camera NC227WF v5.8.0 from TrivisionSecurity. This vulnerability allows an attacker to retrieve administrator's credentials in cleartext by sending a request against the server using curl with random credentials to \"/en/player/activex_pal.asp\" and successfully authenticating the application." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-288" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-trivision-camera-nc227wf", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-217xx/CVE-2025-21712.json b/CVE-2025/CVE-2025-217xx/CVE-2025-21712.json index 9f9a2c6697c..11b4e0a96bc 100644 --- a/CVE-2025/CVE-2025-217xx/CVE-2025-21712.json +++ b/CVE-2025/CVE-2025-217xx/CVE-2025-21712.json @@ -2,7 +2,7 @@ "id": "CVE-2025-21712", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-02-27T02:15:14.863", - "lastModified": "2025-02-27T02:15:14.863", + "lastModified": "2025-02-27T13:15:12.043", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -21,6 +21,10 @@ "url": "https://git.kernel.org/stable/c/4e9316eee3885bfb311b4759513f2ccf37891c09", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, + { + "url": "https://git.kernel.org/stable/c/52848a095b55a302af92f52ca0de5b3112059bb8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/8d28d0ddb986f56920ac97ae704cc3340a699a30", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" diff --git a/CVE-2025/CVE-2025-217xx/CVE-2025-21721.json b/CVE-2025/CVE-2025-217xx/CVE-2025-21721.json index 20955b0b67c..8268f36e60e 100644 --- a/CVE-2025/CVE-2025-217xx/CVE-2025-21721.json +++ b/CVE-2025/CVE-2025-217xx/CVE-2025-21721.json @@ -2,7 +2,7 @@ "id": "CVE-2025-21721", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-02-27T02:15:15.787", - "lastModified": "2025-02-27T02:15:15.787", + "lastModified": "2025-02-27T13:15:12.150", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -17,6 +17,10 @@ "url": "https://git.kernel.org/stable/c/481136234dfe96c7f92770829bec6111c7c5f5dd", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, + { + "url": "https://git.kernel.org/stable/c/7891ac3b0a5c56f7148af507306308ab841cdc31", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/eddd3176b8c4c83a46ab974574cda7c3dfe09388", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" diff --git a/CVE-2025/CVE-2025-217xx/CVE-2025-21746.json b/CVE-2025/CVE-2025-217xx/CVE-2025-21746.json index eb36fc3ad61..e4d14891c6c 100644 --- a/CVE-2025/CVE-2025-217xx/CVE-2025-21746.json +++ b/CVE-2025/CVE-2025-217xx/CVE-2025-21746.json @@ -2,7 +2,7 @@ "id": "CVE-2025-21746", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-02-27T03:15:15.243", - "lastModified": "2025-02-27T03:15:15.243", + "lastModified": "2025-02-27T13:15:12.240", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -17,9 +17,17 @@ "url": "https://git.kernel.org/stable/c/08bd5b7c9a2401faabdaa1472d45c7de0755fd7e", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, + { + "url": "https://git.kernel.org/stable/c/3e179d3f1ada963475395d81bfe91daef4d1a24c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/87da1ea93ec9f9f0004e5b12e78789bc94e360bf", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a2cbcd70133dc0d4d4c95ad4cd5412b935354c7c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-222xx/CVE-2025-22280.json b/CVE-2025/CVE-2025-222xx/CVE-2025-22280.json new file mode 100644 index 00000000000..4064d9217d4 --- /dev/null +++ b/CVE-2025/CVE-2025-222xx/CVE-2025-22280.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22280", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-02-27T14:15:36.033", + "lastModified": "2025-02-27T14:15:36.033", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in revmakx DefendWP Firewall allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DefendWP Firewall: from n/a through 1.1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/defend-wp-firewall/vulnerability/wordpress-defendwp-firewall-plugin-1-1-0-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-271xx/CVE-2025-27154.json b/CVE-2025/CVE-2025-271xx/CVE-2025-27154.json new file mode 100644 index 00000000000..3013326b034 --- /dev/null +++ b/CVE-2025/CVE-2025-271xx/CVE-2025-27154.json @@ -0,0 +1,90 @@ +{ + "id": "CVE-2025-27154", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-02-27T14:15:36.180", + "lastModified": "2025-02-27T14:15:36.180", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Spotipy is a lightweight Python library for the Spotify Web API. The `CacheHandler` class creates a cache file to store the auth token. Prior to version 2.25.1, the file created has `rw-r--r--` (644) permissions by default, when it could be locked down to `rw-------` (600) permissions. This leads to overly broad exposure of the spotify auth token. If this token can be read by an attacker (another user on the machine, or a process running as another user), it can be used to perform administrative actions on the Spotify account, depending on the scope granted to the token. Version 2.25.1 tightens the cache file permissions." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.4, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/spotipy-dev/spotipy/blob/master/spotipy/cache_handler.py#L93-L98", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/spotipy-dev/spotipy/commit/1ca453f6ef87a2a9e9876f52b6cb38d13532ccf2", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/spotipy-dev/spotipy/releases/tag/2.25.1", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/spotipy-dev/spotipy/security/advisories/GHSA-pwhh-q4h6-w599", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 0f41389ba2f..b52316880f6 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-02-27T13:00:19.288930+00:00 +2025-02-27T15:00:20.056532+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-02-27T12:15:35.030000+00:00 +2025-02-27T14:53:37.577000+00:00 ``` ### Last Data Feed Release @@ -33,24 +33,53 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -283358 +283367 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `9` -- [CVE-2024-10918](CVE-2024/CVE-2024-109xx/CVE-2024-10918.json) (`2025-02-27T12:15:33.807`) -- [CVE-2024-13217](CVE-2024/CVE-2024-132xx/CVE-2024-13217.json) (`2025-02-27T12:15:34.857`) -- [CVE-2025-1751](CVE-2025/CVE-2025-17xx/CVE-2025-1751.json) (`2025-02-27T12:15:35.030`) +- [CVE-2024-13402](CVE-2024/CVE-2024-134xx/CVE-2024-13402.json) (`2025-02-27T13:15:09.947`) +- [CVE-2024-9334](CVE-2024/CVE-2024-93xx/CVE-2024-9334.json) (`2025-02-27T14:15:34.783`) +- [CVE-2025-1691](CVE-2025/CVE-2025-16xx/CVE-2025-1691.json) (`2025-02-27T13:15:11.253`) +- [CVE-2025-1692](CVE-2025/CVE-2025-16xx/CVE-2025-1692.json) (`2025-02-27T13:15:11.413`) +- [CVE-2025-1693](CVE-2025/CVE-2025-16xx/CVE-2025-1693.json) (`2025-02-27T13:15:11.563`) +- [CVE-2025-1738](CVE-2025/CVE-2025-17xx/CVE-2025-1738.json) (`2025-02-27T13:15:11.720`) +- [CVE-2025-1739](CVE-2025/CVE-2025-17xx/CVE-2025-1739.json) (`2025-02-27T13:15:11.883`) +- [CVE-2025-22280](CVE-2025/CVE-2025-222xx/CVE-2025-22280.json) (`2025-02-27T14:15:36.033`) +- [CVE-2025-27154](CVE-2025/CVE-2025-271xx/CVE-2025-27154.json) (`2025-02-27T14:15:36.180`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `27` -- [CVE-2024-1635](CVE-2024/CVE-2024-16xx/CVE-2024-1635.json) (`2025-02-27T11:15:10.813`) -- [CVE-2025-1244](CVE-2025/CVE-2025-12xx/CVE-2025-1244.json) (`2025-02-27T11:15:12.050`) +- [CVE-2024-26691](CVE-2024/CVE-2024-266xx/CVE-2024-26691.json) (`2025-02-27T14:34:43.180`) +- [CVE-2024-26699](CVE-2024/CVE-2024-266xx/CVE-2024-26699.json) (`2025-02-27T14:34:43.180`) +- [CVE-2024-26724](CVE-2024/CVE-2024-267xx/CVE-2024-26724.json) (`2025-02-27T14:34:43.180`) +- [CVE-2024-26767](CVE-2024/CVE-2024-267xx/CVE-2024-26767.json) (`2025-02-27T14:34:43.180`) +- [CVE-2024-26774](CVE-2024/CVE-2024-267xx/CVE-2024-26774.json) (`2025-02-27T14:34:43.180`) +- [CVE-2024-26776](CVE-2024/CVE-2024-267xx/CVE-2024-26776.json) (`2025-02-27T14:34:43.180`) +- [CVE-2024-26777](CVE-2024/CVE-2024-267xx/CVE-2024-26777.json) (`2025-02-27T14:34:43.180`) +- [CVE-2024-26778](CVE-2024/CVE-2024-267xx/CVE-2024-26778.json) (`2025-02-27T14:34:43.180`) +- [CVE-2024-26796](CVE-2024/CVE-2024-267xx/CVE-2024-26796.json) (`2025-02-27T14:35:09.517`) +- [CVE-2024-26805](CVE-2024/CVE-2024-268xx/CVE-2024-26805.json) (`2025-02-27T14:35:09.517`) +- [CVE-2024-30427](CVE-2024/CVE-2024-304xx/CVE-2024-30427.json) (`2025-02-27T14:53:37.577`) +- [CVE-2024-30428](CVE-2024/CVE-2024-304xx/CVE-2024-30428.json) (`2025-02-27T14:53:37.577`) +- [CVE-2024-30429](CVE-2024/CVE-2024-304xx/CVE-2024-30429.json) (`2025-02-27T14:53:37.577`) +- [CVE-2024-30430](CVE-2024/CVE-2024-304xx/CVE-2024-30430.json) (`2025-02-27T14:53:37.577`) +- [CVE-2024-30478](CVE-2024/CVE-2024-304xx/CVE-2024-30478.json) (`2025-02-27T14:53:37.577`) +- [CVE-2024-50146](CVE-2024/CVE-2024-501xx/CVE-2024-50146.json) (`2025-02-27T13:15:10.813`) +- [CVE-2024-5084](CVE-2024/CVE-2024-50xx/CVE-2024-5084.json) (`2025-02-27T13:30:57.937`) +- [CVE-2024-52559](CVE-2024/CVE-2024-525xx/CVE-2024-52559.json) (`2025-02-27T13:15:10.943`) +- [CVE-2024-57977](CVE-2024/CVE-2024-579xx/CVE-2024-57977.json) (`2025-02-27T13:15:11.053`) +- [CVE-2024-58002](CVE-2024/CVE-2024-580xx/CVE-2024-58002.json) (`2025-02-27T13:15:11.153`) +- [CVE-2025-1247](CVE-2025/CVE-2025-12xx/CVE-2025-1247.json) (`2025-02-27T14:15:35.523`) +- [CVE-2025-1634](CVE-2025/CVE-2025-16xx/CVE-2025-1634.json) (`2025-02-27T14:15:35.650`) +- [CVE-2025-21712](CVE-2025/CVE-2025-217xx/CVE-2025-21712.json) (`2025-02-27T13:15:12.043`) +- [CVE-2025-21721](CVE-2025/CVE-2025-217xx/CVE-2025-21721.json) (`2025-02-27T13:15:12.150`) +- [CVE-2025-21746](CVE-2025/CVE-2025-217xx/CVE-2025-21746.json) (`2025-02-27T13:15:12.240`) ## Download and Usage diff --git a/_state.csv b/_state.csv index c29ff880669..972ab044d21 100644 --- a/_state.csv +++ b/_state.csv @@ -245070,7 +245070,7 @@ CVE-2024-10914,0,0,0c0e1d2bc49848006e629bb079ed677411f0de4d90fb8273d64b81628c286 CVE-2024-10915,0,0,f4d1f5fde3e41011229b6dda50918740fae123d55bbcbdab068e5991f4642cf8,2024-11-08T20:11:10.973000 CVE-2024-10916,0,0,c185625e4e8251922509c643eb1e03f44cb369b9bc576eca97c8d131f0a248b3,2024-11-08T20:11:37.567000 CVE-2024-10917,0,0,84897b64fd1cc994ca19c4da8d78c402e8655004c7da87e25c0ffb4739accfa2,2025-01-09T18:08:16.097000 -CVE-2024-10918,1,1,6d3cf93298428a9fc817210bfb69b84bcba8bef0653e35f02fcc62e673f13239,2025-02-27T12:15:33.807000 +CVE-2024-10918,0,0,6d3cf93298428a9fc817210bfb69b84bcba8bef0653e35f02fcc62e673f13239,2025-02-27T12:15:33.807000 CVE-2024-10919,0,0,a1bcc0bbdb4661c8e486fd4d8b01a051ebf0ba38e9253021ca78ae5b5fc3b9aa,2024-11-08T21:07:58.383000 CVE-2024-1092,0,0,47c9be5ad5d6bfb5c86e50521ea7c7460de8f4234d2b7a56d90fcf159ceb457a,2024-11-21T08:49:46.720000 CVE-2024-10920,0,0,ceba72435cf6aaa11cd42a90b3be4de81e949f934bd61b9a123731c509825d85,2024-11-22T20:05:52.530000 @@ -247155,7 +247155,7 @@ CVE-2024-13212,0,0,5d3d9340b90adc02a73b2a397cbc7b9a824f5e41958bbb77ca0e0a733f439 CVE-2024-13213,0,0,3077bf102e80b6ad26d9de82b06cecbfeedc1b0a01c454e5ec2b3b19555a517b,2025-01-09T04:15:12.453000 CVE-2024-13215,0,0,17507f2f85733790cb9f937f15c22b6e61ece58878b7af9bb53a95a8347aa1ca,2025-01-23T17:35:41.723000 CVE-2024-13216,0,0,8e20e17dfd694aa546f801508f99d3bd9309e38995daac8ba087dc79f8652c64,2025-01-31T06:15:28.267000 -CVE-2024-13217,1,1,1261caf401c1f2edbdadeed242293457b426a0d5d7c06b5e41d49dcb9835b203,2025-02-27T12:15:34.857000 +CVE-2024-13217,0,0,1261caf401c1f2edbdadeed242293457b426a0d5d7c06b5e41d49dcb9835b203,2025-02-27T12:15:34.857000 CVE-2024-13218,0,0,fb17e546372d6349ad8fbb91244b222e6f7b0e9a3d15756039cd734c4dbf9af4,2025-02-18T19:15:12.813000 CVE-2024-13219,0,0,a03a53f4e8ee76aae1f68ea77b3d02d84a8b663ce18b5d410a5e09c6d7e9e3fe,2025-01-31T16:15:31.617000 CVE-2024-1322,0,0,a87df03aa9d8a817a942ae8ebad8afc3111ac175155d7ee73a384181ec986bff,2024-11-21T08:50:19.883000 @@ -247336,6 +247336,7 @@ CVE-2024-13399,0,0,ae1b981aa62bfabc1644fd540791945410e14b2403d65b8acc8ef844a0568 CVE-2024-1340,0,0,779cbb4786989b99b13d0df5bfadd47a6bb17fb76227d8a826f245b565dc9020,2024-11-21T08:50:22.180000 CVE-2024-13400,0,0,a0da00543409991e4d6711b443cdf6fcdbfddf916acf7563da4678bdf041bb43,2025-01-31T18:02:33.637000 CVE-2024-13401,0,0,5efe32d869945c8cf2c8e98762f61d5eb40d85526a7f385be1d59dce88509538,2025-01-17T05:15:09.077000 +CVE-2024-13402,1,1,a466c3ff7432d3a23760e319c7411c50d1b433d39d2428e9327926ba492124bb,2025-02-27T13:15:09.947000 CVE-2024-13403,0,0,f48009abe82bf9e29ae1b7a46417bc2967746c0b5702def33976d86176d1ffc8,2025-02-04T09:15:09.303000 CVE-2024-13404,0,0,c306a147bdbb783a3f22c9c4f49bd90e70cf49c0fec041c52ab9283c517d7448,2025-01-31T20:18:46.230000 CVE-2024-13405,0,0,fb551ac182383da8fdfe04e2d83ed2b2737ab3967b873d712814245495cdf68c,2025-02-19T08:15:15.167000 @@ -247729,7 +247730,7 @@ CVE-2024-1420,0,0,87cbde692a44b30138e5311554a8fe03ab6752ef419e674117c5a1abadbc52 CVE-2024-1421,0,0,fce1981b75bfc198cf465137dc2c270b1d9fba91a6f00b707f307cdaadc63f73,2025-01-22T17:41:50.340000 CVE-2024-1422,0,0,c910d0586a998d32e26f3d43ad0e4a4057e510585a23426b26fef7d51c99eee6,2025-01-17T19:56:49.607000 CVE-2024-1423,0,0,cf9424b269ea30f1f1f93fb8aca6f7020e19a4ef0b7ad3a1dcf8f2e9317f1810,2024-02-27T15:15:07.460000 -CVE-2024-1424,0,0,3a0dddd030d6706d7ea56e2d0d2580f7738e1c15b83c7969d9f91a85b7900a41,2024-11-21T08:50:33.260000 +CVE-2024-1424,0,1,00e086e6d4dcaadb6e71fa58e95992435cd427a273bb86ed3bcc8f96b780d214,2025-02-27T14:53:37.577000 CVE-2024-1425,0,0,5f21d9d2efc76ee4284336e12fe4e6efc369aee3b9a89ab878da35914f23bb10,2024-12-31T17:16:58.103000 CVE-2024-1426,0,0,0ef7fe6cf1c59dc132db1b4ef41bf1d02ea3e90e47eef266595245fb0be9e4ec,2025-01-21T19:48:55.403000 CVE-2024-1427,0,0,045d36306302d266d38f2f3182a2a05490c1c0ad4388299e4f45dc3722894b2a,2024-11-21T08:50:33.653000 @@ -247867,7 +247868,7 @@ CVE-2024-1567,0,0,6cdbaee71c1770d77caf03403af77d158a420504c05e33f36e632e6fe2f3ce CVE-2024-1568,0,0,4660f06f13504a73ee731b062d7289c45d2cdd5ee8fbad08955ed262bed14189,2025-01-16T15:34:31.447000 CVE-2024-1569,0,0,cc3fd6764ddebd625443ddcd2f6dd2aba14c01115654ddd2b36f709166cad3a4,2024-11-21T08:50:51.360000 CVE-2024-1570,0,0,25898391ded7988cd2da012ae2a7ccaf83daa0ac2ffc39f3073e6c6025585cb6,2025-01-22T16:31:46.067000 -CVE-2024-1571,0,0,59f01ab78b4f7b0f9ac0a699e09826fef03bb32078a1a72f10d58201a8f77caf,2024-11-21T08:50:51.597000 +CVE-2024-1571,0,1,f3d49b2468436cc55f43430be000f569c341c5bb488502d391ca8d5ab3df2145,2025-02-27T14:53:37.577000 CVE-2024-1572,0,0,a83548f030b810663477d0b6737646927187cff3fac85148113c7069e7392583,2024-11-21T08:50:51.713000 CVE-2024-1573,0,0,55326b48e714bd45f8a7f03a13179fac399e55741cedcbe359268a4ab07b26b6,2024-11-21T08:50:51.837000 CVE-2024-1574,0,0,4b773e15e20eaa265c844cea28d7f429a990bf0f316d61c1be91dcdcc753dad5,2024-11-21T08:50:51.953000 @@ -247919,7 +247920,7 @@ CVE-2024-1631,0,0,e9e6578f8c2841fcf55accc66d2d8ed4ff49074482673094d89548de7e2bc4 CVE-2024-1632,0,0,2cc9b424d1e45f344508e96412d6a0780302c60e8fef2d13cc2533af910269a7,2024-12-16T21:04:13.760000 CVE-2024-1633,0,0,56d60136a7442b514c5e6b403331b5f9aef17563c47e24eae33412d5bd81684c,2025-01-24T15:21:06.727000 CVE-2024-1634,0,0,45305cb187d566717a04251929f56eb3faac05db3d2b4efc70507b416ff13ab0,2024-11-21T08:50:58.150000 -CVE-2024-1635,0,1,a45e8df046020dab7d7c53111f1b795e8e98ceea7601897848c16e1a6894c3fd,2025-02-27T11:15:10.813000 +CVE-2024-1635,0,0,a45e8df046020dab7d7c53111f1b795e8e98ceea7601897848c16e1a6894c3fd,2025-02-27T11:15:10.813000 CVE-2024-1636,0,0,39caa7ca41ae1683c62ffcaad59925dff9e09968a84b20eec7448789c4ba6505,2024-12-16T21:05:49.493000 CVE-2024-1637,0,0,b7437c704fbfb1b3fca1af15d0ef06f6ecbdc8f18471c8100476373d9e2e55cd,2024-11-21T08:50:58.600000 CVE-2024-1638,0,0,3645fc3fd5a53c71cfa58f98ad075d1348bbc5dcf758960e5203009589cfd13a,2025-01-17T16:26:03.767000 @@ -253462,7 +253463,7 @@ CVE-2024-26688,0,0,a0933753ecf706512391da968c1bf6e01179d03229619ccebb51447535c3b CVE-2024-26689,0,0,45aef623305996e79be3f7e9accf7726333231f3f2e12fd9e4b9fa27d10e7a24,2025-01-14T17:26:26.393000 CVE-2024-2669,0,0,f9471b163440c0cdda967029f9665700cf935edd6c2a1bb0a81b9e232cd43f09,2025-02-21T15:14:07.237000 CVE-2024-26690,0,0,2c7b24fb82937969d4004e2fcf893dbb69bba8a0a64d7e77bdd23c96decb3399,2024-11-21T09:02:51.193000 -CVE-2024-26691,0,0,7878b9be6d1b840ce81b6b9ba5d2bb037a477b0ec0114b4a6fa216b7702e37ca,2024-11-21T09:02:51.377000 +CVE-2024-26691,0,1,d1f693a33132027d826f7d1db5c60571c371f5304e71ee8c92392bba83ed7578,2025-02-27T14:34:43.180000 CVE-2024-26692,0,0,e7f487356d74c96106975bf2abfe9db6d6da6422f0939133b174aaec264ed9e0,2024-11-21T09:02:51.487000 CVE-2024-26693,0,0,0d216053635f1d975b6125d601423966cfb8e3352e6cb20eea467a9c7f54bfc5,2024-11-21T09:02:51.593000 CVE-2024-26694,0,0,31366aaef63a6678374a95d259ee5e17e7b5f964d9e410ff050a98b8f6c7cbb0,2025-01-07T20:53:53.143000 @@ -253470,7 +253471,7 @@ CVE-2024-26695,0,0,1ae7cd1e1e85f699df2959b2788d7af1c813dbc8bb82849f43b281e54bed1 CVE-2024-26696,0,0,265278528371538cc023600a4c7d8dbbc5ef61d12e3796a87a5522e53c60b655,2024-11-21T09:02:51.970000 CVE-2024-26697,0,0,45e5cf8cc205b6572bf2614df87fc02ee354aaf14f2ce522f92421e8870dc643,2024-11-21T09:02:52.090000 CVE-2024-26698,0,0,f3c474569b48f60e66044478a18c11a89915914693da10adf07718688bd99993,2024-11-21T09:02:52.217000 -CVE-2024-26699,0,0,0b80c7a4d186d8dc0c9dedc04a03a65f2409d878d3e6a8441dd6b732b9a45aeb,2024-11-21T09:02:52.340000 +CVE-2024-26699,0,1,8794599b2be132b74a60620b18f1bc35cf946a4e08c6c6986dddbe97f78e8469,2025-02-27T14:34:43.180000 CVE-2024-2670,0,0,8bf571b45e5a0f9f2f2f7f29218c47b9f435fc3d26bbb11853c68d013882dc52,2025-02-21T15:15:55.763000 CVE-2024-26700,0,0,d340b64f76c76c9e47b3fd93523ba35bc98d09d990c5461e898e1d4216e0399a,2025-01-07T20:26:40.460000 CVE-2024-26701,0,0,b03e1ce32248050afb32bc7948ab24791df0affca83332817771b6e5cd8267b8,2024-04-03T17:15:50.720000 @@ -253498,7 +253499,7 @@ CVE-2024-26720,0,0,1ca9f5c1cf45272d711bbb341b9a3a3e8a66cb323b330efba47b2d4d73910 CVE-2024-26721,0,0,ca9a0496ef9381a3510ada8cf6ba88673a4cc89acefb09f26c80679837546878,2024-11-21T09:02:55.100000 CVE-2024-26722,0,0,12d674d56dcf1067f7c24e779fb92b06855d0b7019ccfecfbfdcc292981abf0d,2025-01-07T17:35:32.710000 CVE-2024-26723,0,0,f35d3a0170fc204ff63f3cb0d2c569463d0cc7f7c48d6a9fa170a41519069565,2024-11-21T09:02:55.350000 -CVE-2024-26724,0,0,43e9a149198997f589b6cd208e12f3a69d3baa8ce56112adffc81394841c146d,2024-11-21T09:02:55.540000 +CVE-2024-26724,0,1,9a896f13cd8770e9ab35aeeacbd0a9c7720b799c08f7ee4ef97296609559f74c,2025-02-27T14:34:43.180000 CVE-2024-26725,0,0,e9fe20a5c5e5470547a40a8d97f1401a07214b8c6c4b76fbce65efa947d2335c,2025-01-07T17:28:15.293000 CVE-2024-26726,0,0,a2e6006099000b7188e7331f1757708510f6f822879749731a4c6d16b7b3a5dc,2024-11-21T09:02:55.767000 CVE-2024-26727,0,0,f9e493a2bebe6568fa8635c090fa7c3e7b404bd3fd35053c77015e7873b7cdd0,2024-11-21T09:02:55.880000 @@ -253545,7 +253546,7 @@ CVE-2024-26763,0,0,ea60cb10ec181dc23fe842240e1437c7c10aef932cbc953d9703f81ca6ffe CVE-2024-26764,0,0,182584c1b22dec918cc3c58a7bf9ff6e42e4473d6f7b976355d13ff4ba65cc27,2024-11-21T09:03:01.100000 CVE-2024-26765,0,0,86639deee47c82199c185bbb9e529948404a232a3b8d78621e9c695bf46ea544,2024-11-21T09:03:01.213000 CVE-2024-26766,0,0,68fc4b89d6403948bcb3c1a46456d541b6b2a5a051c19a0f4b0d3b1b2c0898ad,2024-11-21T09:03:01.327000 -CVE-2024-26767,0,0,e4a372ff53fbe10d1d76dcedc9f9b1e20359a57170473ffbbac7226ab5aeb4f4,2024-11-21T09:03:01.447000 +CVE-2024-26767,0,1,3e5c80746b7511c9f6aeb36b1c8b59eb41a7b9be4ad7426cc19cb790b7c56f61,2025-02-27T14:34:43.180000 CVE-2024-26768,0,0,6fafd2ec3e7cdf9346d5cf413e5e98785829ef156a7452d7bcbd56c557bb4b27,2024-11-21T09:03:01.570000 CVE-2024-26769,0,0,9ba21540aec936514403e64bdad200b6edb1d7f751bc14c530bdb954115ae255,2024-11-21T09:03:01.763000 CVE-2024-2677,0,0,6a44ca783f96afdf6daeb2ac346e3e6dbf371bf3fa88ba024936355e01095fea,2025-02-21T16:16:38.053000 @@ -253553,11 +253554,11 @@ CVE-2024-26770,0,0,8d08eaa70a2e2e3d40574f2b704a77374cb9e6669a6ba5b5bad3773130c49 CVE-2024-26771,0,0,5e3318a5219a1562a00396de2c61a0fa558f01729e9603c0306f834212e0432f,2025-01-27T14:59:26.887000 CVE-2024-26772,0,0,fe8524e99fc68d449508f3ebfd8f6afb4c482f632501c09f5f84e454baa54b83,2024-11-21T09:03:02.190000 CVE-2024-26773,0,0,7ef5aed49abdb8b41013d862bea1395e73f0e319d07ad740410642ca0777300e,2024-11-21T09:03:02.380000 -CVE-2024-26774,0,0,e1b47f609864ec2bf2c985b00a1f42e9a22977ef025fa7997c7afa306e1199e8,2024-11-21T09:03:02.507000 +CVE-2024-26774,0,1,53353673b281eeac1b74af43d28278d8b02200ca0fea5b71264bfc12751890f5,2025-02-27T14:34:43.180000 CVE-2024-26775,0,0,285e0acd81a3ae287fc503b023988af78322228ca5a120edc7cd1b3b8dae3d03,2025-01-07T17:29:01.727000 -CVE-2024-26776,0,0,df60d24175807dcc1374919feb99e25e818fb7996e5941b5c63c03df3065b99e,2024-11-21T09:03:02.773000 -CVE-2024-26777,0,0,8288575773c8b9e98cd7567bfb1c915cea2788a3ad332ac377ebf312fe765642,2024-11-21T09:03:02.893000 -CVE-2024-26778,0,0,eaee91601af1eee3696590fba0d785b9e73f9a5f1749926c481404d032d40a2b,2024-11-21T09:03:03.020000 +CVE-2024-26776,0,1,6bd87b054cf379d80339f7b74cece11c8ce7d6e9252343ded58770b6f5c3e5cd,2025-02-27T14:34:43.180000 +CVE-2024-26777,0,1,e82143173d149baee9cf08e82a0784ad67a75b7eb7359cdea4b0c77c6ef99130,2025-02-27T14:34:43.180000 +CVE-2024-26778,0,1,a00564862a522e80b3ed45f867d89afedb852ff78077cdaeaa7915b05eb358ad,2025-02-27T14:34:43.180000 CVE-2024-26779,0,0,d1dc3ab9d0793413ef8d6f7d472f6b251827d39f169d2e3624611da23e742948,2024-11-21T09:03:03.160000 CVE-2024-2678,0,0,1b8569b660baa62f28f36408544cf75e14fd1bbcb0868691da73c3b9150b92e8,2025-02-21T16:19:14.340000 CVE-2024-26780,0,0,fee0ab2d14222179966bcf01d07c058d2d30ea8f43041aa94eb3ef9c96c6dd91,2024-11-21T09:03:03.370000 @@ -253577,7 +253578,7 @@ CVE-2024-26792,0,0,785771b4bfd2e03416e2a07ada6b7ec1391a403eee900f868d4d1d8145ef2 CVE-2024-26793,0,0,aa90abb3d1121ccaaf349ab01239e4c0a4a16759efda564be699ec746faed484,2024-12-20T15:56:00.320000 CVE-2024-26794,0,0,23d739d3565f17af447122df5e00eeef05a8ec54d56457d32b6380cc23d7ee66,2024-11-21T09:03:05.240000 CVE-2024-26795,0,0,5d4eabef0c456f46f9992c03723452a3a8d635aa76f96f4b5da9c93ac3ba4967,2024-11-21T09:03:05.433000 -CVE-2024-26796,0,0,aca8e32fdc5cd17befaa7f3f672c165db4946a599ea680ba270a021c886d5cbc,2024-11-21T09:03:05.557000 +CVE-2024-26796,0,1,03c45ba40e27605dd519c5ab37d3d0d1746ee35a9b66965cb2322da1cdf0ae28,2025-02-27T14:35:09.517000 CVE-2024-26797,0,0,d555849e5fdf34e0c546a7c8e0d877b819832c74438f586ca3128c8a5874d4a2,2024-11-21T09:03:05.660000 CVE-2024-26798,0,0,0a31e852f2f7b601301225ce2a65456a90e397455c97cc5be42b040cfac0e775,2024-11-21T09:03:05.853000 CVE-2024-26799,0,0,94e40360a58865d9d67dfe9e60236d4a43830fc422ed0bb78cda58451cb646a0,2024-11-21T09:03:05.970000 @@ -253587,7 +253588,7 @@ CVE-2024-26801,0,0,d616c47816b367b14619cbeef905892d5b398628baa089c4b9bb3e31bba83 CVE-2024-26802,0,0,c3eb25f159f3d9e97001cc75436ed032ab724692e7cfb5cb782ce74be6d22c98,2024-11-21T09:03:06.387000 CVE-2024-26803,0,0,da1a5e4a8e1ccdf52da3c008697a74e25b55e57ecff04da71adde2377c898cae,2024-11-21T09:03:06.517000 CVE-2024-26804,0,0,59bfb883bba3b84feb6cabc2a731628af8063660636b34871b628531b08d0367,2024-11-21T09:03:06.640000 -CVE-2024-26805,0,0,55a6ef843d10ac1e4484500c9587308383947430c9b78138bed0fca9cd431b03,2024-11-21T09:03:06.857000 +CVE-2024-26805,0,1,6145167443e14e76f499ad74849672ed15ebdfd5fc7470da88f90504d2566084,2025-02-27T14:35:09.517000 CVE-2024-26806,0,0,fa7b569795b93812c90f444b0d8a3e8553cdcd19a61fca66229df1fb76bf9338,2024-11-21T09:03:07.020000 CVE-2024-26807,0,0,e784ff7229ad9502ed5252e14bf11afcea7ca1c4def17960827a9c3d29e5d37e,2024-11-21T09:03:07.157000 CVE-2024-26808,0,0,32e7e1684e8180e17c00c1a0297443beb6ce1f9164af83c298f9e4ac426327fb,2024-11-21T09:03:07.277000 @@ -256423,11 +256424,11 @@ CVE-2024-30423,0,0,5b1517d395b5f8158dfe3dfb9c31f1c8a0fee969a59141fbef55b4ecb5784 CVE-2024-30424,0,0,48524e69984a1ed7696a166e148f60ba365f7f7962129b44ff4524ebe85c89bb,2024-11-25T15:07:22.740000 CVE-2024-30425,0,0,d68c222db45dd584e58dce13133847ff4ad6b955db2902ac4a600d2a9429d974,2025-01-31T19:59:44.457000 CVE-2024-30426,0,0,cca737ed45c2f700e4297a282f888b853848134669a65254ac719723adb2bbcf,2025-02-24T12:31:39.620000 -CVE-2024-30427,0,0,b583ab18064a620cf708fae7edd264770b29614eec9d69625d8d81dc5ac7bc99,2024-11-21T09:11:54.047000 -CVE-2024-30428,0,0,212a6d12d8d9bab252093d8e5391900a84b3eb1abbe7321d2f2824af9e593979,2024-11-21T09:11:54.170000 -CVE-2024-30429,0,0,1dbc5e86acdd404c50f8615fbd748b2df1bdb49f7289b1ef298053ffb1617055,2024-11-21T09:11:54.287000 +CVE-2024-30427,0,1,376d55f813869862413ca39c53d02961e8acba30eb8052b6277669dec8e46801,2025-02-27T14:53:37.577000 +CVE-2024-30428,0,1,120a48de3044f1581e586fcd9879a9594ed268412fffadfa250d034ebbba9635,2025-02-27T14:53:37.577000 +CVE-2024-30429,0,1,4144738f097005e0e5cc3b821762e2c42993cc372bfb50764aa04fcc38bf746a,2025-02-27T14:53:37.577000 CVE-2024-3043,0,0,8e21ed0042b558d8edd83b12ee0b4291bdba5ec46b953c6e95eadc7fdd76f95c,2024-11-21T09:28:44.967000 -CVE-2024-30430,0,0,8cd9796d1ce3d07f37f55e1cefd9343a38efcf61ca6e16b522c764cef2530879,2024-11-21T09:11:54.413000 +CVE-2024-30430,0,1,1a4ba08c73bf48d8bdf6ec5e5d5c0da4833965a567eef766a1e7b315f3e0ab38,2025-02-27T14:53:37.577000 CVE-2024-30431,0,0,2af38fbded82d170dca915df62a9abfa07549ebdef29a51d4a86e17f57c22b03,2024-11-21T09:11:54.533000 CVE-2024-30432,0,0,aabe80294bbaca58cfd6d3e8a149021d2d178d3a7b6f451157000984f416f3ba,2024-11-21T09:11:54.657000 CVE-2024-30433,0,0,7e68f751b7f02ed630e16851eb13de7ab852867ef0832b251d2b3e44dc66dc64,2024-11-21T09:11:54.810000 @@ -256475,7 +256476,7 @@ CVE-2024-30471,0,0,7f05159d7b1bb52c7f44f1503d91bcf3ddb878300d6d0f685babe2188a880 CVE-2024-30472,0,0,f99421b44702b1bfa7591fc35986a5e44a7c75afd2395131e35a18241f34b854,2024-11-21T09:11:59.780000 CVE-2024-30473,0,0,8a48066726a6946e8d6fbf02f4834d5e17669616d02513742cf7028713d497f7,2025-02-04T17:22:53.270000 CVE-2024-30477,0,0,5f48ccb06e4867f2a1b2058d885b227a439282c1bc0b756765407174c49f98c0,2024-11-21T09:12:00.047000 -CVE-2024-30478,0,0,ca853d36566aeeb15fe38053a898ca56d8cdaaea4d1ee2a0cd42feec7f182dc4,2024-11-21T09:12:00.170000 +CVE-2024-30478,0,1,1a1ff03ce377a4dc26f2c869f5dac4b5e50db58aca9c14b2002c0634901a6a42,2025-02-27T14:53:37.577000 CVE-2024-30479,0,0,3a1c45d84b195b84f8d4de162f387c14126668af368e7be294e7e3937eb3e371,2024-11-21T09:12:00.287000 CVE-2024-3048,0,0,b45859794096e9789b16af327bbbaf4ffd55ea7d3fdff52dc4d2a53dcaa166fc,2024-11-21T09:28:45.697000 CVE-2024-30480,0,0,2e15e0231151aa8e84d8885d70d7113ba628105d9affd7bdb295edcc9c141e57,2024-11-21T09:12:00.427000 @@ -271227,7 +271228,7 @@ CVE-2024-50142,0,0,b2c5af1ce969bd7983e3442069ed7f8b24fed69937dc954f24e0354d022df CVE-2024-50143,0,0,567c2b16c7d43252518c662df6881aa0eec229fd63f18528756c7fbeaa09ed4b,2024-11-15T22:22:40.397000 CVE-2024-50144,0,0,5ae604a667d8dead888173efe4f3293be9a6b09a9f1785582a531cf96a2fc7d4,2024-11-18T21:16:17.367000 CVE-2024-50145,0,0,98f53d30fdb8b23e9497c3781c9f52abd6382f34216b5d55340deb28868421c7,2024-11-15T19:50:44.203000 -CVE-2024-50146,0,0,03b7a4ed2179da44a1e2d7de1b08544b75084df39016ce2d0b9763f85a4bc3dd,2025-01-02T14:15:08.170000 +CVE-2024-50146,0,1,653d976e592938c412896a37ce85cb2e2a18fe1aa601d7b63cef839bf54c4f1a,2025-02-27T13:15:10.813000 CVE-2024-50147,0,0,b3b71bdc694c103dbc53ae8dd319728eabf98a5d7ef19dbedccdab8d20522d05,2024-11-18T21:19:21.917000 CVE-2024-50148,0,0,29eee073fa03f15b890aa5c0bce0077794c99acb699f53407212567151a1a25f,2024-11-18T21:24:05.020000 CVE-2024-50149,0,0,c787490f93b85be8fc6ccda6ac0403d02734503c1dbcd49a6038dc27a90e3da9,2024-12-11T15:15:13.170000 @@ -271808,7 +271809,7 @@ CVE-2024-50836,0,0,2b207118e0a8a4ce500ad2ad82cbd68c1c17f6445a35919a8ad8d19d94e8a CVE-2024-50837,0,0,e4f50cb608a9502c76a99235bbbc28b472f4d4fa633e2640771600ede0bee6df,2024-11-15T13:58:08.913000 CVE-2024-50838,0,0,7b54b2e271a063a818d0bf4dff1ca05c047467f8817d2c7f31bf268cb99e8d34,2024-11-15T13:58:08.913000 CVE-2024-50839,0,0,fb7575ee1c3ee269ac106b6dd0ebe8c613257013972de7a3961ad74520bdcf56,2024-11-15T13:58:08.913000 -CVE-2024-5084,0,0,e151f03e849e3cf6df738551eed9e1b4ae6dfcc8cac2a3d57f25de7ff1ebf769,2024-11-21T09:46:56.063000 +CVE-2024-5084,0,1,03c6027f11a8a05a61aeb37221e721820960f6c5aca582f8538c6c13f3a6433a,2025-02-27T13:30:57.937000 CVE-2024-50840,0,0,7f2672a897fefdffc52751836cb370e512db5cd32670b90dac2503d33dbff2c2,2024-11-15T13:58:08.913000 CVE-2024-50841,0,0,1b7ead830a48947d153ded94e12295c6952d0a7046aa507547ebb0fc4f177b31,2024-11-15T13:58:08.913000 CVE-2024-50842,0,0,f7b07a1b2b830ed92801fa7f1b54eb1abc0607cca9e6a36c8e0f57711c48f153,2024-11-15T13:58:08.913000 @@ -272961,7 +272962,7 @@ CVE-2024-52554,0,0,6c54306f2e6d9fb6f74be49581a8d7a732bed7e140bab05d7cfce43a22fc3 CVE-2024-52555,0,0,0e7650262da77965578e51615ed2e240e4965fb0467279926cec95693ddd0fcd,2025-01-31T14:37:51.653000 CVE-2024-52557,0,0,ae48eb61b089aed52fa7fc65aa860d697df20451b58d606dded631522ecb778c,2025-02-27T03:15:10.373000 CVE-2024-52558,0,0,fa32c6dd3f7f7069c5222cac92732c751cdcd8c311d81175627dacc022aec1da,2024-12-06T18:15:26.007000 -CVE-2024-52559,0,0,5ed9bae35bea9c5d1b3ad59f75164c59eac9f89c5fdcec306aabd851b9cae929,2025-02-27T03:15:10.477000 +CVE-2024-52559,0,1,86cc88640f1d86168320f0656d2a7fa7c043dc88da01526969a8ccc338d93a46,2025-02-27T13:15:10.943000 CVE-2024-5256,0,0,351ec0133ebd6057956e3a32f156ca3c6d3a5e82f4f6d83d2ed56c2cf43e8b33,2024-11-21T09:47:17.300000 CVE-2024-52560,0,0,c9377755687e3f124f4fb8ae71bf4f5bf247464d322cf8d0c6998968d4e49ff5,2025-02-27T03:15:10.573000 CVE-2024-52564,0,0,082fb97e963e24eeaf48108489383b26257575861650145a72a41c8a27e90eeb,2024-12-05T10:31:40.663000 @@ -276100,7 +276101,7 @@ CVE-2024-57973,0,0,880ae8920cff383c83382a12f0aed951c431326b6251c9eee5046fcc771c1 CVE-2024-57974,0,0,9283c31329c8c79a7c2d7ba850e2fae6c4866efb0bc89895bb99f52893ea9871,2025-02-27T02:15:10.590000 CVE-2024-57975,0,0,cb69d9a311887f4b534587384c990ff308b1380cbfc2d7252bdcecd7dbc0f8f1,2025-02-27T02:15:10.687000 CVE-2024-57976,0,0,7f09566c0feeca43e88331a7b08960623ddee4f005b52f57b309033e09c409f6,2025-02-27T02:15:10.790000 -CVE-2024-57977,0,0,4f237dafd1e6ace4e31e2e5c82f0ec86aff38bde08d8f751a737bee240393643,2025-02-27T02:15:10.890000 +CVE-2024-57977,0,1,95d6e3cfdf7d059ffc8f36aea59ffac8f831718016b7d9622c1ff999e22b555d,2025-02-27T13:15:11.053000 CVE-2024-57978,0,0,e8ec9a121960a685f9c435a7ce1a5bc00fc9f8a0953711b3760133a98ea218ac,2025-02-27T02:15:10.990000 CVE-2024-57979,0,0,022cf17af330e8a9f7ce941e4c03648881e6a5a964e2654b247615aeae7964b8,2025-02-27T02:15:11.087000 CVE-2024-5798,0,0,1cf6b5fddcb53bc6e432a6a3428f56651407d96c3d029c184944ae69fb8dd23b,2024-11-21T09:48:21.013000 @@ -276128,7 +276129,7 @@ CVE-2024-57999,0,0,48c9ed92d08de2fcae4026c9ef9257a4176bfcbb954c4a8c091b9b36e1a3e CVE-2024-5800,0,0,0f1ba4e6921bceda8aa9f69d4954ff1ca271a0069f260f484c22f7b777658fee,2024-08-12T13:41:36.517000 CVE-2024-58000,0,0,e6779467396c4c7b4b8a6e267dadc7356f5669ed597352b30c7f4e3a2fade9bc,2025-02-27T02:15:14.033000 CVE-2024-58001,0,0,1ca7135605c27baa2ff41ca14b97a1158622dc893de3d0edc4ce91d0223c6eba,2025-02-27T03:15:11.080000 -CVE-2024-58002,0,0,9b6e05376a084e6321ba036d58b5e3e0abde23ab3d03d974972d25a2d54b8e0a,2025-02-27T03:15:11.180000 +CVE-2024-58002,0,1,25a27b0d9fe28835ea1c6e57d50ea8f1336ba2eaaf36ddd02cc630480d326e28,2025-02-27T13:15:11.153000 CVE-2024-58003,0,0,46450a09a6f54addf43be0c82d79310bab68cc144d2932a834ba9b37fe69f0c4,2025-02-27T03:15:11.277000 CVE-2024-58004,0,0,8b7c12b136527252508ad830ab80dd313ff57c70923621f086f1770af781b569,2025-02-27T03:15:11.380000 CVE-2024-58005,0,0,2b8445c1f31120a62745ed9659109edc5b61c3c950d5ba8ee2d0774104a846c8,2025-02-27T03:15:11.480000 @@ -279249,6 +279250,7 @@ CVE-2024-9327,0,0,8a7521488d62c373c38a9df28f71f3a103861ac4cdfbc479de5d63bb5149cd CVE-2024-9328,0,0,b8494e2a763df9275472fb9e08e10e2bb0b4c6d4079a2b9786105d6097553f18,2024-10-01T11:34:57.773000 CVE-2024-9329,0,0,5a3d931a38804f6849af226ecca4156ce845f1dbc4dbfeaa3d64e1e03750be87,2024-11-21T09:54:17.147000 CVE-2024-9333,0,0,86a4f29dc34e46aec9774e41cb3aeff2bbdc214a06b4147e3c438b765ac175a1,2024-10-04T13:50:43.727000 +CVE-2024-9334,1,1,f453d5c150390effbe6392cc4e6a0011770b5896b016001268c79fdbc21d7ef9,2025-02-27T14:15:34.783000 CVE-2024-9341,0,0,5254cd0407dba4163e45bfc4ed2a071202e5ab922b5099bdcba8d28a558c1e38,2024-12-11T04:15:06.090000 CVE-2024-9344,0,0,947aeadb28a081f51ccba5cfed355aa11f035786814ba0789ea30b60063bb469,2024-10-08T15:06:57.470000 CVE-2024-9345,0,0,1092198f3341340c84b195f1fb0718cf68fae0e79a30c397da7978c7a50c2c5b,2024-10-08T16:10:17.567000 @@ -280512,8 +280514,8 @@ CVE-2025-1231,0,0,53b09d0e70e608d42ef2315cf58b2a0031ad64c29b00c44d026df29aef3338 CVE-2025-1239,0,0,6a31294ac2475a5f4cf013905a0ebd1264b78acdf12a9a65f2d79fa7affa2205,2025-02-14T14:15:32.687000 CVE-2025-1240,0,0,363ac0ec488e57d295d78c481b595c1c1507ba076f5813d8f4f20530988afa84,2025-02-11T22:15:29.800000 CVE-2025-1243,0,0,cc81de32b5d05e39147da539415b77f22c0d2f7ae5860780f62e8e275e3c2c4c,2025-02-12T01:15:09.073000 -CVE-2025-1244,0,1,a597843e6aa6eb4c7c250951319b52c2666290fdc4f71a7756fc0b1cc4210c74,2025-02-27T11:15:12.050000 -CVE-2025-1247,0,0,e0153bae3362c83882a00e373f05f61681964ee52d16af66c9ce73b6be435d9c,2025-02-13T14:16:18.400000 +CVE-2025-1244,0,0,a597843e6aa6eb4c7c250951319b52c2666290fdc4f71a7756fc0b1cc4210c74,2025-02-27T11:15:12.050000 +CVE-2025-1247,0,1,29f4b020e3b05ec6e0daa3bc3acfe65ff38610a46609196b503d4e1e7958dbf1,2025-02-27T14:15:35.523000 CVE-2025-1249,0,0,93399ea1aab7846ff3005cc3013f42e420495dbd53698c66dd2894c536c541a3,2025-02-26T15:15:24.470000 CVE-2025-1258,0,0,e60d49e74992453b0cd2d8b93f0bc7a60901e2447adb1d6d0cde7627e3bb44f5,2025-02-20T18:15:26.217000 CVE-2025-1262,0,0,08f99db194238254f28713e2d46d598cdff03dede7f449d79e504f7931daff4e,2025-02-25T13:15:10.077000 @@ -280647,7 +280649,7 @@ CVE-2025-1617,0,0,f8b5d497942700d9485e4f9475a52f7ce71fe3f54483032059a95f27d690d0 CVE-2025-1618,0,0,5653f37c834d7e927ebdf4835f8b4b2db1c30742d0495922546989d808169e24,2025-02-24T05:15:10.980000 CVE-2025-1629,0,0,60983f0ba0e5f0b685c866a67c52df667d2bfe57a6c3421095271a3cf3a2da01,2025-02-24T05:15:11.280000 CVE-2025-1632,0,0,e4d830f0038f1d0ec1a385180555c2b78df11cbe25ede30530c1c285ee3eb6b4,2025-02-24T15:15:13.217000 -CVE-2025-1634,0,0,57c3aa057b9abce98178b3eddc3db7fc4caa714d3b659dc8bdf3263d8c184245,2025-02-26T17:15:22.083000 +CVE-2025-1634,0,1,b84319fa754bec4570231dc05c3084557d2efe0ac1489ee15c893f5e7d2a4ff4,2025-02-27T14:15:35.650000 CVE-2025-1640,0,0,c9144f1d36a671c5c294220717c102bbee784a06194946bddd82d757b17db602,2025-02-25T00:15:09.723000 CVE-2025-1641,0,0,3e60680d02c32355c7c51637987e868a5b83b44bf51944f0dde54e34ed255aca,2025-02-25T00:15:09.913000 CVE-2025-1642,0,0,eb1ad85c96cb940c08a5097dfefa119ff4b08ca6e6f0f41907372556779e3a83,2025-02-25T01:15:09.057000 @@ -280663,11 +280665,16 @@ CVE-2025-1676,0,0,73eee89d98e983375dedac852336dab7a9ecc8ee838aaa1b83c8304d12c3e6 CVE-2025-1686,0,0,f49e5f83c745c7a168547441c7be7e25329e3426cb9cf0c6f371fd736542e27e,2025-02-27T05:15:14.143000 CVE-2025-1689,0,0,1c00c32eaad5939943566023d14c1be06a7ba8ec73ab77384240a530eef75a6b,2025-02-27T07:15:35.400000 CVE-2025-1690,0,0,b484cbf975316cdfffb848000f1942fa8662b09171f29f2f7abcd4816c9d0170,2025-02-27T09:15:10.697000 +CVE-2025-1691,1,1,6bb17ce0adfb4005455e7cd40fb4ea2452a50f070aac1aebbbeac4612b38c54b,2025-02-27T13:15:11.253000 +CVE-2025-1692,1,1,f19d2f3d51d6b58c4d2f95ef7b4b6cd1e259542d76210593d23c4537af12197b,2025-02-27T13:15:11.413000 +CVE-2025-1693,1,1,a0109cea3a1ec609b1e54b89e09375134f157dcaf9bb0b02d6ba359b475266be,2025-02-27T13:15:11.563000 CVE-2025-1716,0,0,8a7e7768592d932d97a9d455845c05847d58dcca59512369f8a7ffd36f47bf6c,2025-02-26T15:15:24.653000 CVE-2025-1717,0,0,b0c0ad726c8af064a3d2e1309a09d880998fbb19c4d5853e91430d93130f76bf,2025-02-27T08:15:31.130000 CVE-2025-1726,0,0,9e943efd00091e453c109ba8e244c1de6e22713989bebe809d937c0962ed1af8,2025-02-26T20:15:13.510000 CVE-2025-1728,0,0,126b29abd5a8b7142eab21be075a4425d5b9e0d4bb1eedd2c9477807954e2152,2025-02-26T22:15:14.333000 -CVE-2025-1751,1,1,e01d857b710fac9b7b6217b59ced116e365117c6a164f06207b3b6874d6bb32a,2025-02-27T12:15:35.030000 +CVE-2025-1738,1,1,5e1b2b2b1d4db3558f89d0488b29d771876500128261550d8395e9a1552dcb39,2025-02-27T13:15:11.720000 +CVE-2025-1739,1,1,474bd41a40b4d7e6fdfff026df5b08f6be7f300b56e56bcc0fdd145be437283a,2025-02-27T13:15:11.883000 +CVE-2025-1751,0,0,e01d857b710fac9b7b6217b59ced116e365117c6a164f06207b3b6874d6bb32a,2025-02-27T12:15:35.030000 CVE-2025-20014,0,0,9692e5cd581a413def58e50a6734c5a89401a76673de37fc6a41ad824a4429cc,2025-01-29T20:15:35.207000 CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000 CVE-2025-20029,0,0,9b8781ac9a16d1f4940e1c86f8d87c8f1f8e66cb5b362950b6fdcd60c25126c4,2025-02-05T18:15:29.573000 @@ -281225,7 +281232,7 @@ CVE-2025-21708,0,0,d933c334c327268dfe94797007314260d74aab59fc77728e72b8d8b7e7bbb CVE-2025-21709,0,0,566fb484d81c3d6984d7001ae650972c150e021d1439e30cdbdee6e879e9cae0,2025-02-27T02:15:14.560000 CVE-2025-21710,0,0,caac5a8cd4f59a38798bb65050c056c6ac14dc33ba2554c9f9132c182247504c,2025-02-27T02:15:14.657000 CVE-2025-21711,0,0,1ad137bce1c83de2777c91aff300be1d715180746549ec95097915a0e6f83f97,2025-02-27T02:15:14.760000 -CVE-2025-21712,0,0,8c926eda33cada82fee3f8d26c054cba500718472d3a633e09eaf38efd4e00f0,2025-02-27T02:15:14.863000 +CVE-2025-21712,0,1,0d2ee91f96988cef698a87645cfd8480b918f5263551051bca1f5bac6a7c256e,2025-02-27T13:15:12.043000 CVE-2025-21713,0,0,c0471bfe099bcdf2eb9fbfdd85133612e7add0d99f327db2a3131e92e92f3a86,2025-02-27T02:15:14.960000 CVE-2025-21714,0,0,0443c9d2a524f4163004ed6af8df0ace54b54c7c2169bb90bedac2c54123834a,2025-02-27T02:15:15.050000 CVE-2025-21715,0,0,ab25a9824a2d6ca4a0cf91a33e78b3602f2fce2d0cd3fcd6725106a8eba7d908,2025-02-27T02:15:15.167000 @@ -281234,7 +281241,7 @@ CVE-2025-21717,0,0,7ca6cd69efbb56fd36ed628b74ce2e13274561c37d021271d3bfd71e8ee64 CVE-2025-21718,0,0,5fb025932012588e486a67bbb8003b6c391d3e39000a93f80ecbca817adbd3c0,2025-02-27T02:15:15.473000 CVE-2025-21719,0,0,157d53c5a8fa7b32509ec25adac9f4941a4f315dbe964473d128ebd5d2106061,2025-02-27T02:15:15.580000 CVE-2025-21720,0,0,c2a7c6189229fd84b828b80d035a48cf5be9b44c4fdaaa3cb13d86df8037388f,2025-02-27T02:15:15.683000 -CVE-2025-21721,0,0,231bc7f36f4032e5c345e09bb6f199b9529768cc539fa62f152f8658cb5cdb67,2025-02-27T02:15:15.787000 +CVE-2025-21721,0,1,0f9bd98b6879198ba8cb006a744eda8143b70b9014761347ae9f9283e95be19a,2025-02-27T13:15:12.150000 CVE-2025-21722,0,0,4ff28cbb7db6f566613f999667bae8e043c8ef362dbc89d551947bea584f4f92,2025-02-27T02:15:15.883000 CVE-2025-21723,0,0,dae0449f384656e24d333a5692bdb0c67d65760a84aa08200fd65093c57cece1,2025-02-27T02:15:15.993000 CVE-2025-21724,0,0,87af61e9bb904173709cf188d0701c3b5e1fc2fa500e06d42307eb73dd3567c4,2025-02-27T02:15:16.113000 @@ -281259,7 +281266,7 @@ CVE-2025-21742,0,0,51c376b8442050e3ecce4cd435613cc2fa3091d1d17189e7df759dc221b5a CVE-2025-21743,0,0,67d0f2265465e77221734c331d253f7fc354211b176cc2dca3ec8c8422af76a2,2025-02-27T03:15:14.933000 CVE-2025-21744,0,0,47422ad751d060765f01a5efc42c50639eae4ea758b465c4063846c39e11c32c,2025-02-27T03:15:15.037000 CVE-2025-21745,0,0,be9c70871a86f55f03e75d0139a528ae87f70bff7945ffa31b101fe624299975,2025-02-27T03:15:15.137000 -CVE-2025-21746,0,0,2aa41a8980071b0567544aaf47daa564939c3b305a89838fed4c4b5cc9a687a9,2025-02-27T03:15:15.243000 +CVE-2025-21746,0,1,36306adb9a963e16a67d91ae9de437b5d52b2819ace643674f9f14e9d35e0c26,2025-02-27T13:15:12.240000 CVE-2025-21747,0,0,b4c7b8e9bbe08c3621e3d19d7432493cfeaae5b0fc274069a49e2619d118b55b,2025-02-27T03:15:15.337000 CVE-2025-21748,0,0,3c89dfc075db5c3cfdcdd002206c2f3c37c4cb82a3a4b4823a2372ec53398649,2025-02-27T03:15:15.440000 CVE-2025-21749,0,0,a7a8fa1c39a893df0dbcfcec02a053688ff8871d74d4e9c34c4774d7189b8c61,2025-02-27T03:15:15.543000 @@ -281358,6 +281365,7 @@ CVE-2025-22265,0,0,51006a5fb12dad2a881e7b25e5673794091472c79149c473510be2ae25b43 CVE-2025-22267,0,0,f20afa71bc4d80e805bd92045ab58754dc4544d5a2500dd19c3f675f1704780a,2025-01-21T18:15:15.100000 CVE-2025-22275,0,0,dc0905974c721b278910237158fbbf2db7a66a5bd4b529c9d9744ba0c53260f3,2025-01-03T07:15:25.297000 CVE-2025-22276,0,0,5a96987c782440e555f7f8980bf83cb51411fc2fe9b353a8ca4c203659e7b960,2025-01-21T18:15:15.303000 +CVE-2025-22280,1,1,36b57de6430c09432b283d29b57dfb0829f9a3d1e3f25ed71ed6457697f2c437,2025-02-27T14:15:36.033000 CVE-2025-22284,0,0,370c5c60e996c4b6559ca9bd6a1392b16df8aec67b8cecdd196304ea4ccbf961,2025-02-16T23:15:09.280000 CVE-2025-22286,0,0,44135cef202ec1b1c9d4f0252ad614abd14631ba5cdbd8f36ca1d7fd4944fbe5,2025-02-16T23:15:09.427000 CVE-2025-22289,0,0,c7670fed37bc75554b393a65a800a4550d1fe20759eceb18daee859ae095fb32,2025-02-16T23:15:09.567000 @@ -283305,6 +283313,7 @@ CVE-2025-27144,0,0,1943a5ebc9fa4ebdac773d12aa5884bfb6e27a53701e1ad9e8e73a5ce013e CVE-2025-27145,0,0,38c5004ff48d2670f12fb99a3982f3e02a12208e5ab880775c9f41ae19934057,2025-02-25T14:15:31.567000 CVE-2025-27146,0,0,1949c93bb4c1257d1700888fb7aa70bba73c2053b702350dbd7e6c46a590f25c,2025-02-25T20:15:38.030000 CVE-2025-27148,0,0,5163b56718d84c64a6427ae7a494a2fc79bb8ffbfb0430ce497f1576aee3262b,2025-02-25T21:15:18.073000 +CVE-2025-27154,1,1,b16b780bdbace94e9ec6c7dea1fe2169cd03d4b06f255988b7df51a8bfc9aad3,2025-02-27T14:15:36.180000 CVE-2025-27218,0,0,efa55c2dc9300fcbe5554c514f0fd9c100e33cfb72ff20b2eedb0bf35dee5b0b,2025-02-20T21:15:26.510000 CVE-2025-27265,0,0,f92ef224928c265ed828ba40cf1c61290404ad79163953c8c2df56f81d7b8ab6,2025-02-24T15:15:14.310000 CVE-2025-27266,0,0,7b4f333de7657eb474765345c5822ee79cdee853af3b515f2a266de5b5a75147,2025-02-24T15:15:14.443000