admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-02-06T03:02:33.355590+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-02-06 03:06:01 +00:00
parent 2ad9d9eb46
commit 399a67387e
137 changed files with 5182 additions and 633 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
CVE-2020/CVE-2020-360xx/CVE-2020-36084.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2020-36084",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-05T22:15:27.180",
"lastModified": "2025-02-05T22:15:27.180",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in SourceCodester Responsive E-Learning System 1.0 allows remote attackers to inject sql query in /elearning/delete_teacher_students.php?id= parameter via id field."
}
],
"metrics": {},
"references": [
{
"url": "https://www.exploit-db.com/exploits/49357",
"source": "cve@mitre.org"
}
]
}

12
CVE-2021/CVE-2021-01xx/CVE-2021-0185.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-0185",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-10T23:15:09.860",
"lastModified": "2024-11-21T05:42:09.387",
"lastModified": "2025-02-05T21:15:11.550",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-08xx/CVE-2021-0872.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-0872",
"sourceIdentifier": "security@android.com",
"published": "2023-04-19T20:15:10.270",
"lastModified": "2024-11-21T05:43:11.897",
"lastModified": "2025-02-05T21:15:12.663",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-190"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-08xx/CVE-2021-0873.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-0873",
"sourceIdentifier": "security@android.com",
"published": "2023-04-19T20:15:10.323",
"lastModified": "2024-11-21T05:43:12.017",
"lastModified": "2025-02-05T21:15:12.843",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-190"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-08xx/CVE-2021-0874.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-0874",
"sourceIdentifier": "security@android.com",
"published": "2023-04-19T20:15:10.370",
"lastModified": "2024-11-21T05:43:12.113",
"lastModified": "2025-02-05T21:15:13.010",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-190"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-08xx/CVE-2021-0875.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-0875",
"sourceIdentifier": "security@android.com",
"published": "2023-04-19T20:15:10.413",
"lastModified": "2024-11-21T05:43:12.210",
"lastModified": "2025-02-05T21:15:13.183",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-190"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-08xx/CVE-2021-0876.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-0876",
"sourceIdentifier": "security@android.com",
"published": "2023-04-19T20:15:10.453",
"lastModified": "2024-11-21T05:43:12.303",
"lastModified": "2025-02-05T21:15:13.353",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-190"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [

12
CVE-2021/CVE-2021-262xx/CVE-2021-26251.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-26251",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:10.840",
"lastModified": "2024-11-21T05:55:58.883",
"lastModified": "2025-02-05T21:15:13.517",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

12
CVE-2021/CVE-2021-330xx/CVE-2021-33076.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33076",
"sourceIdentifier": "secure@intel.com",
"published": "2022-09-20T15:15:10.057",
"lastModified": "2024-11-21T06:08:14.593",
"lastModified": "2025-02-05T21:15:13.660",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-287"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [

12
CVE-2021/CVE-2021-330xx/CVE-2021-33079.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33079",
"sourceIdentifier": "secure@intel.com",
"published": "2022-09-20T15:15:10.197",
"lastModified": "2024-11-21T06:08:14.967",
"lastModified": "2025-02-05T21:15:13.850",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-693"
}
]
}
],
"configurations": [

12
CVE-2021/CVE-2021-330xx/CVE-2021-33081.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33081",
"sourceIdentifier": "secure@intel.com",
"published": "2022-09-20T15:15:10.333",
"lastModified": "2024-11-21T06:08:15.230",
"lastModified": "2025-02-05T21:15:14.030",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-693"
}
]
}
],
"configurations": [

12
CVE-2021/CVE-2021-331xx/CVE-2021-33159.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33159",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:11.440",
"lastModified": "2024-11-21T06:08:26.420",
"lastModified": "2025-02-05T21:15:14.210",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-287"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-217xx/CVE-2022-21794.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-21794",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:11.780",
"lastModified": "2024-11-21T06:45:26.980",
"lastModified": "2025-02-05T21:15:14.367",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-287"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-260xx/CVE-2022-26045.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26045",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:12.227",
"lastModified": "2024-11-21T06:53:20.937",
"lastModified": "2025-02-05T21:15:14.570",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-119"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-260xx/CVE-2022-26079.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26079",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:12.450",
"lastModified": "2024-11-21T06:53:23.627",
"lastModified": "2025-02-05T21:15:14.717",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-754"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-260xx/CVE-2022-26086.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26086",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:12.527",
"lastModified": "2024-11-21T06:53:24.237",
"lastModified": "2025-02-05T21:15:14.867",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-427"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-263xx/CVE-2022-26341.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26341",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:12.700",
"lastModified": "2024-11-21T06:53:46.960",
"lastModified": "2025-02-05T21:15:15.053",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-522"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-263xx/CVE-2022-26367.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26367",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:12.790",
"lastModified": "2024-11-21T06:53:50.757",
"lastModified": "2025-02-05T21:15:15.263",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-119"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-263xx/CVE-2022-26369.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26369",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:12.877",
"lastModified": "2024-11-21T06:53:51.040",
"lastModified": "2025-02-05T21:15:15.413",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-265xx/CVE-2022-26508.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26508",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:12.953",
"lastModified": "2024-11-21T06:54:05.070",
"lastModified": "2025-02-05T21:15:15.563",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-287"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-265xx/CVE-2022-26513.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26513",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:13.073",
"lastModified": "2024-11-21T06:54:05.687",
"lastModified": "2025-02-05T21:15:15.693",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-268xx/CVE-2022-26845.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26845",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:13.177",
"lastModified": "2024-11-21T06:54:38.240",
"lastModified": "2025-02-05T21:15:15.827",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-287"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-271xx/CVE-2022-27187.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27187",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:13.270",
"lastModified": "2024-11-21T06:55:22.193",
"lastModified": "2025-02-05T21:15:15.980",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-427"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-272xx/CVE-2022-27233.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27233",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:13.347",
"lastModified": "2024-11-21T06:55:27.810",
"lastModified": "2025-02-05T21:15:16.120",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-91"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-91"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-274xx/CVE-2022-27497.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27497",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:13.443",
"lastModified": "2024-11-21T06:55:50.670",
"lastModified": "2025-02-05T21:15:16.263",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-476"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-274xx/CVE-2022-27499.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27499",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:13.543",
"lastModified": "2024-11-21T06:55:50.907",
"lastModified": "2025-02-05T21:15:16.403",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-672"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-672"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-276xx/CVE-2022-27638.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27638",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:13.627",
"lastModified": "2024-11-21T06:56:04.430",
"lastModified": "2025-02-05T21:15:16.537",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-427"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-276xx/CVE-2022-27639.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27639",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:13.700",
"lastModified": "2024-11-21T06:56:04.533",
"lastModified": "2025-02-05T21:15:16.670",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-459"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-459"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-278xx/CVE-2022-27874.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27874",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:13.787",
"lastModified": "2024-11-21T06:56:23.123",
"lastModified": "2025-02-05T21:15:16.797",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-287"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-281xx/CVE-2022-28126.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-28126",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:13.873",
"lastModified": "2024-11-21T06:56:48.007",
"lastModified": "2025-02-05T21:15:16.950",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-286xx/CVE-2022-28611.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-28611",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:13.947",
"lastModified": "2024-11-21T06:57:34.677",
"lastModified": "2025-02-05T21:15:17.083",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-294xx/CVE-2022-29466.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-29466",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:14.110",
"lastModified": "2024-11-21T06:59:08.083",
"lastModified": "2025-02-05T21:15:17.223",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-294xx/CVE-2022-29486.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-29486",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:14.213",
"lastModified": "2024-11-21T06:59:10.383",
"lastModified": "2025-02-05T21:15:17.360",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-119"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-295xx/CVE-2022-29515.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-29515",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:14.327",
"lastModified": "2024-11-21T06:59:14.343",
"lastModified": "2025-02-05T21:15:17.497",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-401"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-298xx/CVE-2022-29893.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-29893",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:14.397",
"lastModified": "2024-11-21T06:59:55.290",
"lastModified": "2025-02-05T21:15:17.623",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-287"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-302xx/CVE-2022-30297.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30297",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:14.490",
"lastModified": "2024-11-21T07:02:31.407",
"lastModified": "2025-02-05T21:15:17.813",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-305xx/CVE-2022-30548.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30548",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:14.710",
"lastModified": "2024-11-21T07:02:55.240",
"lastModified": "2025-02-05T21:15:17.943",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-427"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-306xx/CVE-2022-30691.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30691",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:14.813",
"lastModified": "2024-11-21T07:03:10.773",
"lastModified": "2025-02-05T21:15:18.073",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-400"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-325xx/CVE-2022-32569.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32569",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:14.933",
"lastModified": "2024-11-21T07:06:39.303",
"lastModified": "2025-02-05T21:15:18.657",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-119"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-331xx/CVE-2022-33176.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-33176",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:15.023",
"lastModified": "2024-11-21T07:07:39.543",
"lastModified": "2025-02-05T21:15:18.800",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-339xx/CVE-2022-33942.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-33942",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:15.097",
"lastModified": "2024-11-21T07:08:39.130",
"lastModified": "2025-02-05T21:15:18.953",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-693"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-341xx/CVE-2022-34152.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-34152",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:15.283",
"lastModified": "2024-11-21T07:08:57.570",
"lastModified": "2025-02-05T21:15:19.090",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-343xx/CVE-2022-34345.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-34345",
"sourceIdentifier": "secure@intel.com",
"published": "2022-08-18T21:15:08.730",
"lastModified": "2024-11-21T07:09:19.847",
"lastModified": "2025-02-05T21:15:19.230",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -49,6 +49,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-363xx/CVE-2022-36367.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-36367",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:15.533",
"lastModified": "2024-11-21T07:12:52.800",
"lastModified": "2025-02-05T21:15:19.370",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-276"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-367xx/CVE-2022-36789.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-36789",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:16.053",
"lastModified": "2024-11-21T07:13:44.907",
"lastModified": "2025-02-05T21:15:19.493",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-373xx/CVE-2022-37345.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-37345",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:16.217",
"lastModified": "2024-11-21T07:14:48.320",
"lastModified": "2025-02-05T21:15:19.663",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-287"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [

36
CVE-2023/CVE-2023-273xx/CVE-2023-27325.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27325",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T02:15:08.847",
"lastModified": "2024-11-21T07:52:39.467",
"lastModified": "2025-02-05T21:15:20.070",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -42,7 +64,17 @@
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-665"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",

32
CVE-2023/CVE-2023-276xx/CVE-2023-27652.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27652",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-20T14:15:08.387",
"lastModified": "2024-11-21T07:53:20.813",
"lastModified": "2025-02-05T21:15:20.250",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-400"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"configurations": [

36
CVE-2023/CVE-2023-321xx/CVE-2023-32140.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32140",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T02:15:17.567",
"lastModified": "2024-11-21T08:02:46.930",
"lastModified": "2025-02-05T21:15:21.790",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -42,13 +64,23 @@
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [

36
CVE-2023/CVE-2023-321xx/CVE-2023-32143.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32143",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T02:15:18.053",
"lastModified": "2024-11-21T08:02:47.267",
"lastModified": "2025-02-05T21:15:21.963",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -42,7 +64,17 @@
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-197"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",

36
CVE-2023/CVE-2023-321xx/CVE-2023-32146.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32146",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T02:15:18.553",
"lastModified": "2024-11-21T08:02:47.600",
"lastModified": "2025-02-05T21:15:22.137",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -42,7 +64,17 @@
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",

36
CVE-2023/CVE-2023-321xx/CVE-2023-32167.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32167",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T02:15:21.880",
"lastModified": "2024-11-21T08:02:50.083",
"lastModified": "2025-02-05T21:15:22.310",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -42,7 +64,17 @@
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",

82
CVE-2023/CVE-2023-462xx/CVE-2023-46241.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46241",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-21T16:15:49.240",
"lastModified": "2024-11-21T08:28:08.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T22:33:59.533",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
@ -49,32 +69,78 @@
"value": "CWE-863"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:microsoft_authentication:*:*:*:*:*:discourse:*:*",
"versionEndExcluding": "2024-02-20",
"matchCriteriaId": "908CC034-7605-4385-A3D6-41BBD2D30AF1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse-microsoft-auth/commit/c40665f44509724b64938c85def9fb2e79f62ec8",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/discourse/discourse-microsoft-auth/security/advisories/GHSA-2w32-w539-3m7r",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://learn.microsoft.com/en-us/security/zero-trust/develop/identity-supported-account-types",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
]
},
{
"url": "https://github.com/discourse/discourse-microsoft-auth/commit/c40665f44509724b64938c85def9fb2e79f62ec8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/discourse/discourse-microsoft-auth/security/advisories/GHSA-2w32-w539-3m7r",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://learn.microsoft.com/en-us/security/zero-trust/develop/identity-supported-account-types",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
]
}
]
}

74
CVE-2023/CVE-2023-57xx/CVE-2023-5775.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5775",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-26T16:27:49.230",
"lastModified": "2024-11-21T08:42:27.783",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-05T21:31:23.983",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 0.7,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 2.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:inpsyde:backwpup:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.0.3",
"matchCriteriaId": "C651CFE3-5346-4299-B33A-395EF5F447C2"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3039678/backwpup",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4bce4f04-e622-468a-ac7e-5903ad50cc13?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3039678/backwpup",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4bce4f04-e622-468a-ac7e-5903ad50cc13?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

114
CVE-2023/CVE-2023-62xx/CVE-2023-6260.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6260",
"sourceIdentifier": "57dba5dd-1a03-47f6-8b36-e84e47d335d8",
"published": "2024-02-19T22:15:48.460",
"lastModified": "2024-11-21T08:43:29.020",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-05T22:35:57.283",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,24 +69,106 @@
"value": "CWE-78"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:brivo:acs100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.2.4",
"versionEndIncluding": "6.2.4.3",
"matchCriteriaId": "80906C11-31EB-496E-A5E6-CCC61AA1AF41"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:brivo:acs100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B21FAE09-C308-4E75-87C0-15F6637D139C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:brivo:acs300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.2.4",
"versionEndExcluding": "6.2.4.3",
"matchCriteriaId": "E455B577-1BD1-45CA-B744-4459B18B9E99"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:brivo:acs300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC69BFA4-EAD9-4C60-BE90-5722C07F2B65"
}
]
}
]
}
],
"references": [
{
"url": "https://sra.io/advisories/",
"source": "57dba5dd-1a03-47f6-8b36-e84e47d335d8"
"source": "57dba5dd-1a03-47f6-8b36-e84e47d335d8",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3",
"source": "57dba5dd-1a03-47f6-8b36-e84e47d335d8"
"source": "57dba5dd-1a03-47f6-8b36-e84e47d335d8",
"tags": [
"Release Notes"
]
},
{
"url": "https://sra.io/advisories/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
}
]
}

72
CVE-2024/CVE-2024-02xx/CVE-2024-0240.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0240",
"sourceIdentifier": "product-security@silabs.com",
"published": "2024-02-15T21:15:08.673",
"lastModified": "2024-11-21T08:46:07.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-05T22:37:50.810",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,24 +69,64 @@
"value": "CWE-401"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:silabs:gecko_software_development_kit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.0",
"matchCriteriaId": "F092FC23-87F8-4D0F-B12C-90CD70E79D8B"
}
]
}
]
}
],
"references": [
{
"url": "https://community.silabs.com/069Vm000001AjEfIAK",
"source": "product-security@silabs.com"
"source": "product-security@silabs.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://github.com/SiliconLabs/gecko_sdk",
"source": "product-security@silabs.com"
"source": "product-security@silabs.com",
"tags": [
"Product"
]
},
{
"url": "https://community.silabs.com/069Vm000001AjEfIAK",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
]
},
{
"url": "https://github.com/SiliconLabs/gecko_sdk",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}
]
}

8
CVE-2024/CVE-2024-119xx/CVE-2024-11931.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-11931",
"sourceIdentifier": "cve@gitlab.com",
"published": "2025-01-24T03:15:06.590",
"lastModified": "2025-01-24T03:15:06.590",
"lastModified": "2025-02-05T21:15:22.473",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,6 +55,10 @@
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/480901",
"source": "cve@gitlab.com"
},
{
"url": "https://about.gitlab.com/releases/2025/01/22/patch-release-gitlab-17-8-1-released/https://about.gitlab.com/releases/2025/01/22/patch-release-gitlab-17-8-1-released/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

74
CVE-2024/CVE-2024-13xx/CVE-2024-1360.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1360",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-23T11:15:08.310",
"lastModified": "2024-11-21T08:50:24.707",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-05T21:46:19.363",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:colibriwp:colibri:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.1.101",
"matchCriteriaId": "C32EA7EB-1F41-4F67-B050-816A4B29FE4B"
}
]
}
]
}
],
"references": [
{
"url": "https://themes.trac.wordpress.org/changeset/218308/colibri-wp/1.0.101/inc/src/PluginsManager.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/db56844f-9988-4f6a-ba1d-f190ff009f2b?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://themes.trac.wordpress.org/changeset/218308/colibri-wp/1.0.101/inc/src/PluginsManager.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/db56844f-9988-4f6a-ba1d-f190ff009f2b?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-15xx/CVE-2024-1559.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1559",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-20T04:15:07.330",
"lastModified": "2024-11-21T08:50:50.073",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T22:35:20.253",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ylefebvre:link_library:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "7.6.1",
"matchCriteriaId": "60538BF7-4E3A-4806-94F9-EF6ABCF8D462"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3037265%40link-library&new=3037265%40link-library&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/407a5c69-cce0-4868-aef0-ffc88981e256?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3037265%40link-library&new=3037265%40link-library&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/407a5c69-cce0-4868-aef0-ffc88981e256?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-18xx/CVE-2024-1810.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1810",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-24T05:15:43.977",
"lastModified": "2024-11-21T08:51:22.260",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-05T21:33:39.590",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ericteubert:archivist:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.7.6",
"matchCriteriaId": "D7D1BAFD-537A-46F4-8043-621841E8B515"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3040242%40archivist-custom-archive-templates&new=3040242%40archivist-custom-archive-templates&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0e230f9f-5eda-4362-973b-ada9cf425697?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3040242%40archivist-custom-archive-templates&new=3040242%40archivist-custom-archive-templates&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0e230f9f-5eda-4362-973b-ada9cf425697?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

8
CVE-2024/CVE-2024-203xx/CVE-2024-20397.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-20397",
"sourceIdentifier": "psirt@cisco.com",
"published": "2024-12-04T17:15:11.913",
"lastModified": "2024-12-04T17:15:11.913",
"lastModified": "2025-02-05T21:15:22.590",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification.\r\n\r\nThis vulnerability is due to insecure bootloader settings. An attacker could exploit this vulnerability by executing a series of bootloader commands. A successful exploit could allow the attacker to bypass NX-OS image signature verification and load unverified software."
"value": "A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification. \r\n\r\nThis vulnerability is due to insecure bootloader settings. An attacker could exploit this vulnerability by executing a series of bootloader commands. A successful exploit could allow the attacker to bypass NX-OS image signature verification and load unverified software."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@cisco.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

90
CVE-2024/CVE-2024-233xx/CVE-2024-23346.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23346",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-21T17:15:09.377",
"lastModified": "2024-11-21T08:57:33.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T22:10:07.683",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.5,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,36 +69,88 @@
"value": "CWE-77"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:materialsvirtuallab:pymatgen:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.2.20",
"matchCriteriaId": "09620EF2-A9DF-47EB-80A8-185BE5C5FFB1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/materialsproject/pymatgen/blob/master/pymatgen/symmetry/settings.py#L97C1-L111C108",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/materialsproject/pymatgen/commit/c231cbd3d5147ee920a37b6ee9dd236b376bcf5a",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/materialsproject/pymatgen/security/advisories/GHSA-vgv8-5cpj-qj2f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://github.com/materialsproject/pymatgen/blob/master/pymatgen/symmetry/settings.py#L97C1-L111C108",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/materialsproject/pymatgen/commit/c231cbd3d5147ee920a37b6ee9dd236b376bcf5a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/materialsproject/pymatgen/security/advisories/GHSA-vgv8-5cpj-qj2f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://www.vicarius.io/vsociety/posts/critical-security-flaw-in-pymatgen-library-cve-2024-23346",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

72
CVE-2024/CVE-2024-236xx/CVE-2024-23654.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23654",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-21T21:15:09.060",
"lastModified": "2024-11-21T08:58:05.963",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T22:04:36.977",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,24 +69,64 @@
"value": "CWE-918"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:ai:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024-02-21",
"matchCriteriaId": "884AE777-8F5B-401E-815D-71A4E7F8D8BF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse-ai/commit/94ba0dadc2cf38e8f81c3936974c167219878edd",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/discourse/discourse-ai/security/advisories/GHSA-32cj-rm2q-22cc",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/discourse/discourse-ai/commit/94ba0dadc2cf38e8f81c3936974c167219878edd",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/discourse/discourse-ai/security/advisories/GHSA-32cj-rm2q-22cc",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

72
CVE-2024/CVE-2024-248xx/CVE-2024-24817.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24817",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-22T18:15:48.587",
"lastModified": "2024-11-21T08:59:46.640",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T21:59:51.047",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,24 +69,64 @@
"value": "CWE-200"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:calendar:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.4",
"matchCriteriaId": "B76C6885-834A-41E6-98BF-2122BB83BBF6"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse-calendar/commit/84ef46a38cf02748ecacad16c5d9c6fec12dc8da",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/discourse/discourse-calendar/security/advisories/GHSA-wwq5-g5cp-c69f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/discourse/discourse-calendar/commit/84ef46a38cf02748ecacad16c5d9c6fec12dc8da",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/discourse/discourse-calendar/security/advisories/GHSA-wwq5-g5cp-c69f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

95
CVE-2024/CVE-2024-251xx/CVE-2024-25117.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25117",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-21T17:15:09.617",
"lastModified": "2024-11-21T09:00:17.343",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T22:09:42.130",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.5,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -53,32 +73,91 @@
"value": "CWE-502"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-610"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dompdf:php-svg-lib:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.5.2",
"matchCriteriaId": "DDAC86B1-0B10-409C-9FE6-C3790DA07BC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.0.0",
"matchCriteriaId": "6F81E35A-6A5C-4EA8-9290-6BA5CDF6F08B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/dompdf/php-svg-lib/commit/732faa9fb4309221e2bd9b2fda5de44f947133aa",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/dompdf/php-svg-lib/commit/8ffcc41bbde39f09f94b9760768086f12bbdce42",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/dompdf/php-svg-lib/security/advisories/GHSA-f3qr-qr4x-j273",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/dompdf/php-svg-lib/commit/732faa9fb4309221e2bd9b2fda5de44f947133aa",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/dompdf/php-svg-lib/commit/8ffcc41bbde39f09f94b9760768086f12bbdce42",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/dompdf/php-svg-lib/security/advisories/GHSA-f3qr-qr4x-j273",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

136
CVE-2024/CVE-2024-251xx/CVE-2024-25124.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25124",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-21T21:15:09.250",
"lastModified": "2024-11-21T09:00:18.337",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T22:03:51.013",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -53,72 +73,152 @@
"value": "CWE-942"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-346"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gofiber:fiber:*:*:*:*:*:go:*:*",
"versionEndExcluding": "2.52.1",
"matchCriteriaId": "FE99D46C-AA78-4C2D-B608-48B3FAAB2882"
}
]
}
]
}
],
"references": [
{
"url": "http://blog.portswigger.net/2016/10/exploiting-cors-misconfigurations-for.html",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://codeql.github.com/codeql-query-help/javascript/js-cors-misconfiguration-for-credentials",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
]
},
{
"url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS/Errors/CORSNotSupportingCredentials",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
]
},
{
"url": "https://fetch.spec.whatwg.org/#cors-protocol-and-credentials",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
]
},
{
"url": "https://github.com/gofiber/fiber/commit/f0cd3b44b086544a37886232d0530601f2406c23",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/gofiber/fiber/releases/tag/v2.52.1",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/gofiber/fiber/security/advisories/GHSA-fmg4-x8pw-hjhg",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://saturncloud.io/blog/cors-cannot-use-wildcard-in-accesscontrolalloworigin-when-credentials-flag-is-true",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://blog.portswigger.net/2016/10/exploiting-cors-misconfigurations-for.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://codeql.github.com/codeql-query-help/javascript/js-cors-misconfiguration-for-credentials",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
]
},
{
"url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS/Errors/CORSNotSupportingCredentials",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
]
},
{
"url": "https://fetch.spec.whatwg.org/#cors-protocol-and-credentials",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
]
},
{
"url": "https://github.com/gofiber/fiber/commit/f0cd3b44b086544a37886232d0530601f2406c23",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/gofiber/fiber/releases/tag/v2.52.1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/gofiber/fiber/security/advisories/GHSA-fmg4-x8pw-hjhg",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://saturncloud.io/blog/cors-cannot-use-wildcard-in-accesscontrolalloworigin-when-credentials-flag-is-true",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
}
]
}

82
CVE-2024/CVE-2024-251xx/CVE-2024-25129.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25129",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-22T19:15:08.600",
"lastModified": "2024-11-21T09:00:18.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T21:59:18.317",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.0,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,32 +69,78 @@
"value": "CWE-611"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:github:codeql_cli:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.3",
"matchCriteriaId": "AE556CF1-FDBE-4849-A1E2-F6E94315AD11"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/github/codeql-cli-binaries/releases/tag/v2.16.3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/github/codeql-cli-binaries/security/advisories/GHSA-gf8p-v3g3-3wph",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/github/codeql/blob/main/java/ql/src/Security/CWE/CWE-611/XXELocal.ql",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/github/codeql-cli-binaries/releases/tag/v2.16.3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/github/codeql-cli-binaries/security/advisories/GHSA-gf8p-v3g3-3wph",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/github/codeql/blob/main/java/ql/src/Security/CWE/CWE-611/XXELocal.ql",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
}
]
}

107
CVE-2024/CVE-2024-251xx/CVE-2024-25130.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25130",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-22T19:15:08.823",
"lastModified": "2024-11-21T09:00:19.023",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T21:55:35.147",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,40 +69,107 @@
"value": "CWE-200"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:enalean:tuleap:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding": "15.4-7",
"matchCriteriaId": "00C1AA2F-2986-49C6-A558-A479543600CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:enalean:tuleap:*:*:*:*:community:*:*:*",
"versionEndExcluding": "15.5.99.76",
"matchCriteriaId": "BE65762A-F5B7-451D-B081-9424FE3A4FE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:enalean:tuleap:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "15.5",
"versionEndExcluding": "15.5-4",
"matchCriteriaId": "8DA2EE66-8C5E-4E15-903E-3DE016F5207A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Enalean/tuleap/commit/57978a32508f5c6d0365419b6eaeb368aee20667",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/Enalean/tuleap/security/advisories/GHSA-mq7f-m6mj-hjj5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=57978a32508f5c6d0365419b6eaeb368aee20667",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://tuleap.net/plugins/tracker/?aid=36803",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/Enalean/tuleap/commit/57978a32508f5c6d0365419b6eaeb368aee20667",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/Enalean/tuleap/security/advisories/GHSA-mq7f-m6mj-hjj5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=57978a32508f5c6d0365419b6eaeb368aee20667",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "https://tuleap.net/plugins/tracker/?aid=36803",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

127
CVE-2024/CVE-2024-256xx/CVE-2024-25629.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25629",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-23T15:15:09.237",
"lastModified": "2024-11-21T09:01:06.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T21:41:30.157",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,48 +69,131 @@
"value": "CWE-127"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:c-ares:c-ares:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.27.0",
"matchCriteriaId": "33B2994F-77FD-46CD-B5DC-9DD93A338656"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/c-ares/c-ares/commit/a804c04ddc8245fc8adf0e92368709639125e183",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/c-ares/c-ares/security/advisories/GHSA-mg26-v6qh-x48q",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2P76QYINQNPEHUTEEDOUYIRZ2X6UVZ5K/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSCMTSPDIE2UHU34TIXQQHZ6JTE3Y3VF/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GX37LFPFQ3T6FFMMFYQTEGIQXXN7F27U/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://github.com/c-ares/c-ares/commit/a804c04ddc8245fc8adf0e92368709639125e183",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/c-ares/c-ares/security/advisories/GHSA-mg26-v6qh-x48q",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2P76QYINQNPEHUTEEDOUYIRZ2X6UVZ5K/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSCMTSPDIE2UHU34TIXQQHZ6JTE3Y3VF/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GX37LFPFQ3T6FFMMFYQTEGIQXXN7F27U/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

102
CVE-2024/CVE-2024-256xx/CVE-2024-25636.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25636",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-19T20:15:46.077",
"lastModified": "2024-11-21T09:01:07.693",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T22:36:30.963",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,48 +69,106 @@
"value": "CWE-434"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:misskey:misskey:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.2.0",
"matchCriteriaId": "88A71974-F179-4C37-91EB-4F233EA958DA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/misskey-dev/misskey/blob/2024.2.0-beta.10/packages/backend/src/core/activitypub/ApResolverService.ts#L69-L119",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/misskey-dev/misskey/blob/2024.2.0-beta.10/packages/backend/src/core/activitypub/models/ApNoteService.ts#L112-L308",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/misskey-dev/misskey/blob/2024.2.0-beta.10/packages/backend/src/server/api/endpoints/ap/show.ts#L125-L143",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/misskey-dev/misskey/commit/9a70ce8f5ea9df00001894809f5ce7bc69b14c8a",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/misskey-dev/misskey/security/advisories/GHSA-qqrm-9grj-6v32",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/misskey-dev/misskey/blob/2024.2.0-beta.10/packages/backend/src/core/activitypub/ApResolverService.ts#L69-L119",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://github.com/misskey-dev/misskey/blob/2024.2.0-beta.10/packages/backend/src/core/activitypub/models/ApNoteService.ts#L112-L308",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://github.com/misskey-dev/misskey/blob/2024.2.0-beta.10/packages/backend/src/server/api/endpoints/ap/show.ts#L125-L143",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://github.com/misskey-dev/misskey/commit/9a70ce8f5ea9df00001894809f5ce7bc69b14c8a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/misskey-dev/misskey/security/advisories/GHSA-qqrm-9grj-6v32",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

85
CVE-2024/CVE-2024-261xx/CVE-2024-26130.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26130",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-21T17:15:09.863",
"lastModified": "2024-11-21T09:01:59.757",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T22:09:20.427",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,32 +69,81 @@
"value": "CWE-476"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cryptography.io:cryptography:*:*:*:*:*:python:*:*",
"versionStartIncluding": "38.0.0",
"versionEndExcluding": "42.0.4",
"matchCriteriaId": "BDAE857E-8C66-4574-88CD-615D866340CA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/pyca/cryptography/pull/10423",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/pyca/cryptography/pull/10423",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

72
CVE-2024/CVE-2024-261xx/CVE-2024-26136.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26136",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-20T22:15:08.767",
"lastModified": "2024-11-21T09:02:00.540",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T22:35:04.903",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,24 +69,64 @@
"value": "CWE-200"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openjsf:electroncord:*:*:*:*:*:discord:*:*",
"versionEndExcluding": "2024-02-19",
"matchCriteriaId": "842F22A0-96AA-432E-874C-47DD7653D77A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/kedi/ElectronCord/commit/aaaeaf4e6c99893827b2eea4dd02f755e1e24041",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/kedi/ElectronCord/security/advisories/GHSA-ppwc-5vwp-mhw8",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/kedi/ElectronCord/commit/aaaeaf4e6c99893827b2eea4dd02f755e1e24041",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/kedi/ElectronCord/security/advisories/GHSA-ppwc-5vwp-mhw8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

85
CVE-2024/CVE-2024-261xx/CVE-2024-26138.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26138",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-21T17:15:10.257",
"lastModified": "2024-11-21T09:02:00.660",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T22:08:58.287",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,32 +69,81 @@
"value": "CWE-862"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:application_licensing:*:*:*:*:*:xwiki:*:*",
"versionStartIncluding": "1.0",
"versionEndExcluding": "1.24.2",
"matchCriteriaId": "15E8458E-09F6-4486-A367-E447A4AFBABC"
}
]
}
]
}
],
"references": [
{
"url": "https://extensions.xwiki.org/xwiki/bin/view/Extension/Active%20Installs%202%20API",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/xwikisas/application-licensing/commit/d168fb88fc0d121bf95e769ea21c55c00bebe5a6",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/xwikisas/application-licensing/security/advisories/GHSA-4hfp-m9gv-m753",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://extensions.xwiki.org/xwiki/bin/view/Extension/Active%20Installs%202%20API",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://github.com/xwikisas/application-licensing/commit/d168fb88fc0d121bf95e769ea21c55c00bebe5a6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/xwikisas/application-licensing/security/advisories/GHSA-4hfp-m9gv-m753",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

108
CVE-2024/CVE-2024-261xx/CVE-2024-26140.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26140",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-20T22:15:08.950",
"lastModified": "2024-11-21T09:02:00.903",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T22:34:32.020",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,48 +69,112 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yetanalytics:lrs:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.17",
"matchCriteriaId": "CA215B85-84E9-4032-A0B1-BEA4B6F27F5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yetanalytics:sql_lrs:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.7.5",
"matchCriteriaId": "AB697355-88AA-48FC-A35B-FCABBB7B16DA"
}
]
}
]
}
],
"references": [
{
"url": "https://clojars.org/com.yetanalytics/lrs/versions/1.2.17",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/yetanalytics/lrs/commit/d7f4883bc2252337d25e8bba2c7f9d172f5b0621",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/yetanalytics/lrs/releases/tag/v1.2.17",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/yetanalytics/lrs/security/advisories/GHSA-7rw2-3hhp-rc46",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/yetanalytics/lrsql/releases/tag/v0.7.5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://clojars.org/com.yetanalytics/lrs/versions/1.2.17",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://github.com/yetanalytics/lrs/commit/d7f4883bc2252337d25e8bba2c7f9d172f5b0621",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/yetanalytics/lrs/releases/tag/v1.2.17",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/yetanalytics/lrs/security/advisories/GHSA-7rw2-3hhp-rc46",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/yetanalytics/lrsql/releases/tag/v0.7.5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
}
]
}

72
CVE-2024/CVE-2024-261xx/CVE-2024-26145.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26145",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-21T18:15:51.870",
"lastModified": "2024-11-21T09:02:01.567",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T22:04:56.303",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -49,24 +69,64 @@
"value": "CWE-863"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:calendar:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024-02-21",
"matchCriteriaId": "E0BA2147-2D70-4014-99EE-85C4D62467D1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse-calendar/commit/dfc4fa15f340189f177a1d1ab2cc94ffed3c1190",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/discourse/discourse-calendar/security/advisories/GHSA-4hh7-6m34-p2jp",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/discourse/discourse-calendar/commit/dfc4fa15f340189f177a1d1ab2cc94ffed3c1190",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/discourse/discourse-calendar/security/advisories/GHSA-4hh7-6m34-p2jp",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

86
CVE-2024/CVE-2024-261xx/CVE-2024-26148.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26148",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-21T23:15:08.970",
"lastModified": "2024-11-21T09:02:01.957",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T22:02:41.717",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,32 +69,82 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pinterest:querybook:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.31.1",
"matchCriteriaId": "5252F0A1-2653-47CE-A19A-FD558B64FCC3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pinterest/querybook/commit/bc620dabaaf13ff1dcb30af0b46a490403fb9908",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/pinterest/querybook/pull/1412",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/pinterest/querybook/security/advisories/GHSA-fh6g-gvvp-587f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/pinterest/querybook/commit/bc620dabaaf13ff1dcb30af0b46a490403fb9908",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/pinterest/querybook/pull/1412",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/pinterest/querybook/security/advisories/GHSA-fh6g-gvvp-587f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

104
CVE-2024/CVE-2024-261xx/CVE-2024-26150.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26150",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-23T16:15:48.570",
"lastModified": "2024-11-21T09:02:02.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T21:36:57.573",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 5.8
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,40 +69,104 @@
"value": "CWE-22"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:backstage_backend-common:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "0.19.10",
"matchCriteriaId": "9535A5B5-0A1C-43EB-9B33-DD2A915768F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:backstage_backend-common:*:*:*:*:*:node.js:*:*",
"versionStartIncluding": "0.20.0",
"versionEndExcluding": "0.20.2",
"matchCriteriaId": "D311CF67-703E-463A-AE95-6806241E0C54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:backstage_backend-common:0.21.0:*:*:*:*:node.js:*:*",
"matchCriteriaId": "83796E3D-719E-4B94-94F3-FC34973CF0ED"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/backstage/backstage/commit/1ad2b1b61ebb430051f7d804b0cc7ebfe7922b6f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/backstage/backstage/commit/78f892b3a84d63de2ba167928f171154c447b717",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/backstage/backstage/commit/edf65d7d31e027599c2415f597d085ee84807871",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/backstage/backstage/security/advisories/GHSA-2fc9-xpp8-2g9h",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/backstage/backstage/commit/1ad2b1b61ebb430051f7d804b0cc7ebfe7922b6f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/backstage/backstage/commit/78f892b3a84d63de2ba167928f171154c447b717",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/backstage/backstage/commit/edf65d7d31e027599c2415f597d085ee84807871",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/backstage/backstage/security/advisories/GHSA-2fc9-xpp8-2g9h",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

109
CVE-2024/CVE-2024-261xx/CVE-2024-26151.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26151",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-22T19:15:09.300",
"lastModified": "2024-11-21T09:02:02.330",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T21:52:15.070",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 5.3
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,52 +69,115 @@
"value": "CWE-20"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:felixschwarz:mjml-python:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C7B3A43-C31C-4105-8FC7-6220776CE487"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/FelixSchwarz/mjml-python/commit/84c495da20a91640a1ca551ace17df7f3be644aa",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/FelixSchwarz/mjml-python/commit/8d410b7a500703080bb14ed7e3d2663fe16767e6",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/FelixSchwarz/mjml-python/issues/52",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://github.com/FelixSchwarz/mjml-python/releases/tag/v0.11.0",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/FelixSchwarz/mjml-python/security/advisories/GHSA-578p-fxmm-6229",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/FelixSchwarz/mjml-python/commit/84c495da20a91640a1ca551ace17df7f3be644aa",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/FelixSchwarz/mjml-python/commit/8d410b7a500703080bb14ed7e3d2663fe16767e6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/FelixSchwarz/mjml-python/issues/52",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://github.com/FelixSchwarz/mjml-python/releases/tag/v0.11.0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/FelixSchwarz/mjml-python/security/advisories/GHSA-578p-fxmm-6229",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2024-26151-mjml-python-vulnerability-1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

10
CVE-2024/CVE-2024-269xx/CVE-2024-26932.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26932",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-01T06:15:07.810",
"lastModified": "2024-11-21T09:03:24.980",
"lastModified": "2025-02-05T22:15:28.717",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -42,20 +42,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 7.1,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
"impactScore": 5.9
}
]
},

74
CVE-2024/CVE-2024-288xx/CVE-2024-28852.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28852",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-27T14:15:10.340",
"lastModified": "2024-11-21T09:07:02.927",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-05T21:20:47.810",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,24 +69,66 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.3.1",
"matchCriteriaId": "A9E60433-868B-4354-93F8-C418983B189A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ampache/ampache/blob/bcaa9a4624acf8c8cc4c135be77b846731fb1ba2/src/Repository/Model/Search.php#L1732-L1740",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/ampache/ampache/security/advisories/GHSA-g7hx-hm68-f639",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://github.com/ampache/ampache/blob/bcaa9a4624acf8c8cc4c135be77b846731fb1ba2/src/Repository/Model/Search.php#L1732-L1740",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://github.com/ampache/ampache/security/advisories/GHSA-g7hx-hm68-f639",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-28xx/CVE-2024-2842.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2842",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-29T06:15:07.817",
"lastModified": "2024-11-21T09:10:39.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T21:12:25.330",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:easy-appointments:easy_appointments:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.11.9",
"matchCriteriaId": "B52CBE9A-C161-4687-BE01-C8F6D8A9D013"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3059359%40easy-appointments&new=3059359%40easy-appointments&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9e1514c8-3752-4d0a-87a3-3f245a7cb914?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3059359%40easy-appointments&new=3059359%40easy-appointments&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9e1514c8-3752-4d0a-87a3-3f245a7cb914?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

96
CVE-2024/CVE-2024-28xx/CVE-2024-2844.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2844",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-29T06:15:08.153",
"lastModified": "2024-11-21T09:10:39.643",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-05T21:03:26.840",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,30 +39,78 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/browser/easy-appointments/trunk/src/ajax.php#L380",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3059359%40easy-appointments&new=3059359%40easy-appointments&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c0d8ac01-ac73-47ea-839b-edc820436f27?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/easy-appointments/trunk/src/ajax.php#L380",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3059359%40easy-appointments&new=3059359%40easy-appointments&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c0d8ac01-ac73-47ea-839b-edc820436f27?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:easy-appointments:easy_appointments:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.11.19",
"matchCriteriaId": "69ED07FF-0418-4593-BF21-CA8CE8C54861"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/easy-appointments/trunk/src/ajax.php#L380",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3059359%40easy-appointments&new=3059359%40easy-appointments&sfp_email=&sfph_mail=",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c0d8ac01-ac73-47ea-839b-edc820436f27?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/easy-appointments/trunk/src/ajax.php#L380",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3059359%40easy-appointments&new=3059359%40easy-appointments&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c0d8ac01-ac73-47ea-839b-edc820436f27?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-30xx/CVE-2024-3052.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3052",
"sourceIdentifier": "product-security@silabs.com",
"published": "2024-04-26T22:15:08.460",
"lastModified": "2024-11-21T09:28:46.413",
"lastModified": "2025-02-05T22:15:29.877",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-248"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-248"
}
]
}
],
"references": [

34
CVE-2024/CVE-2024-335xx/CVE-2024-33542.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-33542",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-29T06:15:10.220",
"lastModified": "2024-11-21T09:17:06.957",
"lastModified": "2025-02-05T22:15:29.690",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -36,13 +36,43 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",

14
CVE-2024/CVE-2024-34xx/CVE-2024-3411.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3411",
"sourceIdentifier": "cret@cert.org",
"published": "2024-04-30T19:15:23.353",
"lastModified": "2024-11-21T09:29:32.587",
"lastModified": "2025-02-05T22:15:30.070",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-331"
}
]
}
],
"references": [
{
"url": "https://kb.cert.org/vuls/id/163057",

56
CVE-2024/CVE-2024-383xx/CVE-2024-38316.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38316",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-05T23:15:08.480",
"lastModified": "2025-02-05T23:15:08.480",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Aspera Shares\u00a01.9.0 through 1.10.0 PL6 does not properly rate limit the frequency that an authenticated user can send emails, which could result in email flooding or a denial of service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182490",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-383xx/CVE-2024-38317.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38317",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-05T23:15:09.407",
"lastModified": "2025-02-05T23:15:09.407",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Aspera Shares\u00a01.9.0 through 1.10.0 PL6 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182490",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-383xx/CVE-2024-38318.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38318",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-05T23:15:09.557",
"lastModified": "2025-02-05T23:15:09.557",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Aspera Shares\u00a01.9.0 through 1.10.0 PL6 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-80"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182490",
"source": "psirt@us.ibm.com"
}
]
}

34
CVE-2024/CVE-2024-43xx/CVE-2024-4349.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-4349",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-30T23:15:07.020",
"lastModified": "2024-11-21T09:42:40.587",
"lastModified": "2025-02-05T22:15:30.347",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
@ -67,7 +87,17 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",

21
CVE-2024/CVE-2024-483xx/CVE-2024-48394.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-48394",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-05T22:15:30.240",
"lastModified": "2025-02-05T22:15:30.240",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the driver of the NDD Print solution, which could allow an unprivileged user to exploit this flaw and gain SYSTEM-level access on the device. The vulnerability affects version 5.24.3 and before of the software."
}
],
"metrics": {},
"references": [
{
"url": "https://helpcenter-nddprint.ndd.tech/pt/seguranca-e-compliance/Current/dezembro-2024#0",
"source": "cve@mitre.org"
}
]
}

56
CVE-2024/CVE-2024-497xx/CVE-2024-49791.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49791",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-06T00:15:26.420",
"lastModified": "2025-02-06T00:15:26.420",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182522",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-497xx/CVE-2024-49792.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49792",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-06T00:15:26.570",
"lastModified": "2025-02-06T00:15:26.570",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182522",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-497xx/CVE-2024-49793.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49793",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-06T00:15:26.723",
"lastModified": "2025-02-06T00:15:26.723",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182522",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-497xx/CVE-2024-49794.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49794",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-06T00:15:26.873",
"lastModified": "2025-02-06T00:15:26.873",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182522",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-497xx/CVE-2024-49795.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49795",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-06T00:15:27.020",
"lastModified": "2025-02-06T00:15:27.020",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182522",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-497xx/CVE-2024-49796.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49796",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-06T00:15:27.183",
"lastModified": "2025-02-06T00:15:27.183",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM ApplinX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-451"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182522",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-497xx/CVE-2024-49797.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49797",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-06T00:15:27.330",
"lastModified": "2025-02-06T00:15:27.330",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182522",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-497xx/CVE-2024-49798.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49798",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-06T00:15:27.473",
"lastModified": "2025-02-06T00:15:27.473",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-209"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182522",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-498xx/CVE-2024-49800.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49800",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-06T00:15:27.620",
"lastModified": "2025-02-06T00:15:27.620",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM ApplinX 11.1 stores sensitive information in cleartext in memory that could be obtained by an authenticated user."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-316"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182522",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-498xx/CVE-2024-49814.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49814",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-02-06T01:15:08.230",
"lastModified": "2025-02-06T01:15:08.230",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Verify Access Appliance 10.0.0 through 10.0.3 could allow a locally authenticated user to increase their privileges due to execution with unnecessary privileges."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-250"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182558",
"source": "psirt@us.ibm.com"
}
]
}

Some files were not shown because too many files have changed in this diff Show More