admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-10T22:00:19.901138+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-10 22:03:52 +00:00
parent b667d5d07b
commit 4264ca4a8f
111 changed files with 2516 additions and 657 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
CVE-2021/CVE-2021-350xx/CVE-2021-35002.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-35002",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-07T23:15:14.313",
"lastModified": "2025-03-05T19:44:20.867",
"lastModified": "2025-04-10T21:05:11.153",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -71,6 +71,16 @@
"value": "CWE-434"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-381xx/CVE-2021-38117.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-38117",
"sourceIdentifier": "security@opentext.com",
"published": "2024-11-22T16:15:18.823",
"lastModified": "2025-03-04T16:37:20.153",
"lastModified": "2025-04-10T20:25:24.830",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-94"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

24
CVE-2022/CVE-2022-248xx/CVE-2022-24894.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-24894",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-02-03T22:15:10.823",
"lastModified": "2025-02-13T17:15:38.807",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:54:30.097",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -65,6 +65,16 @@
"value": "CWE-285"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
@ -131,7 +141,10 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://github.com/symfony/symfony/commit/d2f6322af9444ac5cd1ef3ac6f280dbef7f9d1fb",
@ -149,7 +162,10 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

19
CVE-2022/CVE-2022-317xx/CVE-2022-31766.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-31766",
"sourceIdentifier": "productcert@siemens.com",
"published": "2022-10-11T11:15:09.810",
"lastModified": "2025-02-11T11:15:11.210",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:26:39.307",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-20"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
@ -552,7 +562,10 @@
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-697140.html",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf",

32
CVE-2022/CVE-2022-343xx/CVE-2022-34322.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-34322",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-01T08:15:10.007",
"lastModified": "2024-11-21T07:09:17.810",
"lastModified": "2025-04-10T21:15:43.603",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

22
CVE-2022/CVE-2022-39xx/CVE-2022-3922.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3922",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-12-28T11:15:09.233",
"lastModified": "2024-11-21T07:20:32.363",
"lastModified": "2025-04-10T21:15:44.220",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},

24
CVE-2022/CVE-2022-406xx/CVE-2022-40656.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-40656",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2022-09-15T16:15:12.317",
"lastModified": "2025-01-07T19:15:27.777",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:51:02.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -71,6 +71,16 @@
"value": "CWE-125"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
@ -101,11 +111,17 @@
},
{
"url": "https://www.software-dl.microscope.healthcare.nikon.com/vuln/index.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.software-dl.microscope.healthcare.nikon.com/vuln/pdf/Vulnerabilities_on_NIS-Elements_Freeware_and_L_en_240917_02.pdf",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1212/",

24
CVE-2022/CVE-2022-406xx/CVE-2022-40661.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-40661",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2022-09-15T16:15:12.683",
"lastModified": "2025-01-07T19:15:28.407",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:40:16.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -71,6 +71,16 @@
"value": "CWE-122"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
@ -101,11 +111,17 @@
},
{
"url": "https://www.software-dl.microscope.healthcare.nikon.com/vuln/index.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.software-dl.microscope.healthcare.nikon.com/vuln/pdf/Vulnerabilities_on_NIS-Elements_Freeware_and_L_en_240917_02.pdf",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1217/",

22
CVE-2022/CVE-2022-40xx/CVE-2022-4059.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4059",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:15.950",
"lastModified": "2024-11-21T07:34:31.680",
"lastModified": "2025-04-10T20:15:18.110",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},

32
CVE-2022/CVE-2022-452xx/CVE-2022-45213.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45213",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-01T08:15:10.550",
"lastModified": "2024-11-21T07:28:58.323",
"lastModified": "2025-04-10T20:15:16.950",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-73"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-476xx/CVE-2022-47634.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47634",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-01T08:15:10.603",
"lastModified": "2024-11-21T07:32:17.643",
"lastModified": "2025-04-10T20:15:17.677",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-479xx/CVE-2022-47952.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47952",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-01T06:15:09.860",
"lastModified": "2024-11-21T07:32:37.827",
"lastModified": "2025-04-10T20:15:17.877",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-203"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-47xx/CVE-2022-4779.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4779",
"sourceIdentifier": "vulnerability@ncsc.ch",
"published": "2022-12-29T00:15:09.497",
"lastModified": "2024-11-21T07:35:55.607",
"lastModified": "2025-04-10T21:15:44.930",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

12
CVE-2023/CVE-2023-244xx/CVE-2023-24466.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24466",
"sourceIdentifier": "security@opentext.com",
"published": "2024-11-22T16:15:19.673",
"lastModified": "2025-03-04T16:23:34.943",
"lastModified": "2025-04-10T20:36:16.743",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-611"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"configurations": [

12
CVE-2023/CVE-2023-244xx/CVE-2023-24467.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24467",
"sourceIdentifier": "security@opentext.com",
"published": "2024-11-22T16:15:19.810",
"lastModified": "2025-03-04T16:29:21.890",
"lastModified": "2025-04-10T20:47:00.127",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -73,6 +73,16 @@
"value": "CWE-78"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

24
CVE-2023/CVE-2023-286xx/CVE-2023-28625.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28625",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-03T14:15:07.507",
"lastModified": "2025-02-13T17:16:15.970",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:46:37.130",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -65,6 +65,16 @@
"value": "CWE-476"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
@ -124,7 +134,10 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WIBKFC22PDH6UXMSZ23PHTD7736ZC7BB/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5405",
@ -170,7 +183,10 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WIBKFC22PDH6UXMSZ23PHTD7736ZC7BB/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5405",

44
CVE-2023/CVE-2023-287xx/CVE-2023-28724.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28724",
"sourceIdentifier": "f5sirt@f5.com",
"published": "2023-05-03T15:15:13.020",
"lastModified": "2025-02-13T17:16:16.667",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:32:16.720",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-276"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [
@ -90,7 +120,10 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20230609-0006/",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://my.f5.com/manage/s/article/K000133233",
@ -101,7 +134,10 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20230609-0006/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

14
CVE-2023/CVE-2023-340xx/CVE-2023-34095.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34095",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-14T17:15:09.243",
"lastModified": "2025-02-13T17:16:34.413",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:35:56.547",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -65,6 +65,16 @@
"value": "CWE-121"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

24
CVE-2023/CVE-2023-368xx/CVE-2023-36813.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36813",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-05T22:15:09.770",
"lastModified": "2025-02-13T17:16:43.040",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:47:18.573",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -65,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
@ -110,7 +120,10 @@
},
{
"url": "https://www.debian.org/security/2023/dsa-5454",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://github.com/kanboard/kanboard/commit/25b93343baeaf8ad018dcd87b094e47a5c6a3e0a",
@ -136,7 +149,10 @@
},
{
"url": "https://www.debian.org/security/2023/dsa-5454",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

24
CVE-2023/CVE-2023-368xx/CVE-2023-36824.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36824",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-11T17:15:13.223",
"lastModified": "2025-02-13T17:16:43.233",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:54:22.217",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-131"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
@ -143,7 +153,10 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20230814-0009/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/redis/redis/releases/tag/7.0.12",
@ -177,7 +190,10 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20230814-0009/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-372xx/CVE-2023-37266.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37266",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-17T21:15:09.733",
"lastModified": "2024-12-12T21:15:07.550",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:31:47.747",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -65,6 +65,16 @@
"value": "CWE-287"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
@ -103,7 +113,11 @@
},
{
"url": "https://www.sonarsource.com/blog/security-vulnerabilities-in-casaos",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/IceWhaleTech/CasaOS/commit/705bf1facbffd2ca40b159b0303132b6fdf657ad",

24
CVE-2023/CVE-2023-387xx/CVE-2023-38703.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38703",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-06T14:15:12.020",
"lastModified": "2025-02-13T17:16:49.830",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:31:40.987",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
@ -107,7 +117,10 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00019.html",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d",
@ -126,7 +139,10 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00019.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

24
CVE-2023/CVE-2023-393xx/CVE-2023-39350.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39350",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-31T20:15:08.170",
"lastModified": "2025-02-13T17:16:51.620",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:51:24.923",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-191"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-191"
}
]
}
],
"configurations": [
@ -176,7 +186,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202401-16",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/FreeRDP/FreeRDP/commit/e204fc8be5a372626b13f66daf2abafe71dbc2dc",
@ -224,7 +237,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202401-16",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-393xx/CVE-2023-39356.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39356",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-31T21:15:08.390",
"lastModified": "2025-02-13T17:16:52.087",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T21:05:20.653",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
@ -190,7 +200,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202401-16",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/FreeRDP/FreeRDP/blob/63a2f65618748c12f79ff7450d46c6e194f2db76/include/freerdp/primary.h#L186-L196",
@ -252,7 +265,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202401-16",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-395xx/CVE-2023-39511.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39511",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-06T18:15:08.627",
"lastModified": "2025-02-13T17:16:53.577",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:43:41.213",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
@ -127,7 +137,10 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/",
@ -153,7 +166,10 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/",

34
CVE-2023/CVE-2023-395xx/CVE-2023-39514.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39514",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-05T21:15:47.297",
"lastModified": "2025-02-13T17:16:53.803",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:54:10.250",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
@ -127,7 +137,10 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/",
@ -138,7 +151,10 @@
},
{
"url": "https://www.debian.org/security/2023/dsa-5550",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6hrc-2cfc-8hm7",
@ -157,7 +173,10 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/",
@ -168,7 +187,10 @@
},
{
"url": "https://www.debian.org/security/2023/dsa-5550",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

44
CVE-2023/CVE-2023-395xx/CVE-2023-39516.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39516",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-05T22:15:09.180",
"lastModified": "2025-02-13T17:16:53.973",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:51:38.110",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
@ -120,7 +130,10 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/",
@ -131,7 +144,10 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/",
@ -142,7 +158,10 @@
},
{
"url": "https://www.debian.org/security/2023/dsa-5550",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-r8qq-88g3-hmgv",
@ -154,7 +173,10 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/",
@ -165,7 +187,10 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/",
@ -176,7 +201,10 @@
},
{
"url": "https://www.debian.org/security/2023/dsa-5550",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

14
CVE-2023/CVE-2023-395xx/CVE-2023-39520.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39520",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-07T20:15:09.987",
"lastModified": "2024-11-21T08:15:35.470",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:53:51.327",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -65,6 +65,16 @@
"value": "CWE-269"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [

24
CVE-2023/CVE-2023-428xx/CVE-2023-42822.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42822",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-27T18:15:11.903",
"lastModified": "2025-02-13T17:17:09.803",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:44:22.397",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
@ -126,7 +136,10 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5FPGA4M7IYCP7OILDF2ZJEVSXUOFEFQ6/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFGL22QQF65OIZRMCKUZCVJQCKGUBRYE/",
@ -160,7 +173,10 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5FPGA4M7IYCP7OILDF2ZJEVSXUOFEFQ6/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFGL22QQF65OIZRMCKUZCVJQCKGUBRYE/",

12
CVE-2023/CVE-2023-455xx/CVE-2023-45591.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-45591",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-03-05T12:15:45.833",
"lastModified": "2025-03-03T22:17:25.743",
"lastModified": "2025-04-10T20:35:32.530",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-122"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

12
CVE-2023/CVE-2023-455xx/CVE-2023-45592.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-45592",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-03-05T12:15:46.037",
"lastModified": "2025-03-03T22:29:27.443",
"lastModified": "2025-04-10T20:50:53.050",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-250"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-455xx/CVE-2023-45593.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-45593",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-03-05T12:15:46.213",
"lastModified": "2025-03-03T22:32:00.433",
"lastModified": "2025-04-10T20:24:58.750",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-184"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [

12
CVE-2023/CVE-2023-455xx/CVE-2023-45597.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-45597",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-03-05T12:15:47.107",
"lastModified": "2025-03-03T22:38:12.927",
"lastModified": "2025-04-10T20:36:09.827",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-1236"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-462xx/CVE-2023-46234.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46234",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-26T15:15:09.087",
"lastModified": "2025-02-13T18:15:34.370",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:47:25.493",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-347"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
}
],
"configurations": [
@ -133,11 +143,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5539",
@ -169,11 +185,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5539",

16
CVE-2023/CVE-2023-497xx/CVE-2023-49785.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49785",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-12T00:15:26.383",
"lastModified": "2025-02-26T16:35:58.917",
"lastModified": "2025-04-10T20:35:48.800",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -73,6 +73,20 @@
"value": "CWE-918"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [

24
CVE-2023/CVE-2023-502xx/CVE-2023-50250.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50250",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-22T17:15:09.127",
"lastModified": "2025-02-13T18:15:49.430",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:31:34.587",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
@ -107,7 +117,10 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/templates_import.php",
@ -127,7 +140,10 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
}
]
}

34
CVE-2023/CVE-2023-516xx/CVE-2023-51698.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51698",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-12T21:15:10.150",
"lastModified": "2025-02-13T18:15:53.257",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:53:57.400",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-78"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
@ -107,11 +117,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT3UIQOSZ6UNH5QTFOOY2DJ4MITM2C2C/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZKXNZ3HGH6KH65OEKVCEAOZJWNZ32FQ/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://github.com/mate-desktop/atril/commit/ce41df6467521ff9fd4f16514ae7d6ebb62eb1ed",
@ -130,11 +146,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT3UIQOSZ6UNH5QTFOOY2DJ4MITM2C2C/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZKXNZ3HGH6KH65OEKVCEAOZJWNZ32FQ/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

12
CVE-2023/CVE-2023-54xx/CVE-2023-5456.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5456",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-03-05T11:15:07.657",
"lastModified": "2025-03-03T22:16:43.967",
"lastModified": "2025-04-10T20:49:39.320",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-798"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"configurations": [

12
CVE-2023/CVE-2023-55xx/CVE-2023-5505.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5505",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-17T09:15:07.160",
"lastModified": "2025-02-28T22:47:27.527",
"lastModified": "2025-04-10T20:50:45.543",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-22"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-104xx/CVE-2024-10443.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-10443",
"sourceIdentifier": "security@synology.com",
"published": "2024-11-15T11:15:09.750",
"lastModified": "2025-01-14T19:29:55.853",
"lastModified": "2025-04-10T20:47:07.587",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-77"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

8
CVE-2024/CVE-2024-109xx/CVE-2024-10904.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-10904",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:39.990",
"lastModified": "2025-03-06T12:26:57.820",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:18.297",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

22
CVE-2024/CVE-2024-14xx/CVE-2024-1436.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-1436",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-26T16:27:52.123",
"lastModified": "2025-02-27T03:15:54.380",
"lastModified": "2025-04-10T20:25:31.120",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},

12
CVE-2024/CVE-2024-216xx/CVE-2024-21609.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-21609",
"sourceIdentifier": "sirt@juniper.net",
"published": "2024-04-12T15:15:23.770",
"lastModified": "2025-03-05T18:20:25.177",
"lastModified": "2025-04-10T20:44:13.873",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -93,6 +93,16 @@
"value": "CWE-401"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-247xx/CVE-2024-24767.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24767",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-06T18:15:46.983",
"lastModified": "2025-02-26T17:47:54.940",
"lastModified": "2025-04-10T20:31:56.250",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-307"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
}
],
"configurations": [

8
CVE-2024/CVE-2024-256xx/CVE-2024-25691.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-25691",
"sourceIdentifier": "psirt@esri.com",
"published": "2024-10-04T18:15:05.840",
"lastModified": "2024-10-15T14:35:02.133",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:18.427",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 11.1, 10.9.1 and 10.8.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser."
"value": "There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 11.1 and below which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2024/CVE-2024-256xx/CVE-2024-25694.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-25694",
"sourceIdentifier": "psirt@esri.com",
"published": "2024-10-04T18:15:06.167",
"lastModified": "2024-10-16T21:00:18.683",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:18.547",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise versions 10.8.1 \u2013 10.9.1 that may allow a remote, authenticated attacker to create a crafted link that is stored in the Layer Showcase application configuration which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high. The attack could disclose a privileged token which may result in the attacker gaining full control of the Portal."
"value": "There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link that is stored in the Layer Showcase application configuration which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high. The attack could disclose a privileged token which may result in the attacker gaining full control of the Portal."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2024/CVE-2024-257xx/CVE-2024-25701.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-25701",
"sourceIdentifier": "psirt@esri.com",
"published": "2024-10-04T18:15:06.390",
"lastModified": "2024-10-16T21:00:36.173",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:18.670",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Experience Builder versions 10.8.1 \u2013 11.1 that may allow a remote, authenticated attacker to create a crafted link that is stored in the Experience Builder Embed widget which when loaded could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high. The attack could disclose a privileged token which may result in the attacker gaining full control of the Portal."
"value": "There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Experience Builder versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link that is stored in the Experience Builder Embed widget which when loaded could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high. The attack could disclose a privileged token which may result in the attacker gaining full control of the Portal."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2024/CVE-2024-257xx/CVE-2024-25702.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-25702",
"sourceIdentifier": "psirt@esri.com",
"published": "2024-10-04T18:15:06.593",
"lastModified": "2024-10-16T21:03:33.347",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:18.787",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.8.1 \u2013 11.1 that may allow a remote, authenticated attacker to create a crafted link that is stored in the site configuration which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high. The attack could disclose a privileged token which may result in the attacker gaining full control of the Portal."
"value": "There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link that is stored in the site configuration which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high. The attack could disclose a privileged token which may result in the attacker gaining full control of the Portal."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

12
CVE-2024/CVE-2024-25xx/CVE-2024-2585.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-2585",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:10.290",
"lastModified": "2025-03-24T13:26:33.507",
"lastModified": "2025-04-10T20:47:32.580",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-272xx/CVE-2024-27268.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27268",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-04-04T18:15:13.823",
"lastModified": "2025-02-27T18:04:48.507",
"lastModified": "2025-04-10T21:05:27.080",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-770"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-277xx/CVE-2024-27776.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27776",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2024-06-02T13:15:08.510",
"lastModified": "2025-03-04T18:21:57.800",
"lastModified": "2025-04-10T20:24:31.270",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-22"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-281xx/CVE-2024-28198.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-28198",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-11T20:15:07.643",
"lastModified": "2025-02-26T18:43:17.017",
"lastModified": "2025-04-10T20:46:19.227",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-611"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"configurations": [

24
CVE-2024/CVE-2024-288xx/CVE-2024-28877.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-28877",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-06-11T21:15:52.643",
"lastModified": "2025-03-01T02:05:56.853",
"lastModified": "2025-04-10T20:20:01.400",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -80,6 +80,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -96,7 +116,7 @@
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",

12
CVE-2024/CVE-2024-304xx/CVE-2024-30405.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-30405",
"sourceIdentifier": "sirt@juniper.net",
"published": "2024-04-12T15:15:25.133",
"lastModified": "2025-03-05T18:16:35.370",
"lastModified": "2025-04-10T20:51:31.397",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -93,6 +93,16 @@
"value": "CWE-131"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-131"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-305xx/CVE-2024-30550.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-30550",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-31T20:15:09.193",
"lastModified": "2025-03-21T19:11:47.910",
"lastModified": "2025-04-10T20:44:07.733",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-31xx/CVE-2024-3192.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3192",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-29T07:15:07.480",
"lastModified": "2025-03-21T17:42:18.840",
"lastModified": "2025-04-10T20:54:16.063",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -94,6 +94,16 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-31xx/CVE-2024-3193.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3193",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-29T07:15:07.773",
"lastModified": "2025-03-21T17:28:13.070",
"lastModified": "2025-04-10T20:46:54.317",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -94,6 +94,16 @@
"value": "CWE-78"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-31xx/CVE-2024-3195.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3195",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-29T07:15:08.400",
"lastModified": "2025-03-21T17:14:03.730",
"lastModified": "2025-04-10T20:42:17.977",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -94,6 +94,16 @@
"value": "CWE-22"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-329xx/CVE-2024-32977.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32977",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-05-14T16:17:12.590",
"lastModified": "2025-03-05T16:10:27.033",
"lastModified": "2025-04-10T20:33:40.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-290"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
}
],
"configurations": [

22
CVE-2024/CVE-2024-335xx/CVE-2024-33552.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-33552",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-05-17T09:15:41.367",
"lastModified": "2025-03-03T15:04:04.093",
"lastModified": "2025-04-10T20:26:27.177",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},

12
CVE-2024/CVE-2024-347xx/CVE-2024-34757.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-34757",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-05-17T06:15:52.890",
"lastModified": "2025-03-21T18:10:15.770",
"lastModified": "2025-04-10T20:51:08.813",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-352xx/CVE-2024-35225.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35225",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-06-11T22:15:09.520",
"lastModified": "2025-02-26T21:07:11.367",
"lastModified": "2025-04-10T20:35:41.367",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -73,6 +73,16 @@
"value": "CWE-116"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

28
CVE-2024/CVE-2024-360xx/CVE-2024-36046.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-36046",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-27T23:15:36.953",
"lastModified": "2025-02-28T16:15:36.987",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-10T20:14:10.703",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:infoblox:nios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.6.0",
"versionEndIncluding": "8.6.4",
"matchCriteriaId": "A0684E5E-1EFD-48A0-BB7D-6DD0E44DECD8"
}
]
}
]
}
],
"references": [
{
"url": "https://support.infoblox.com/s/article/000010390",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

22
CVE-2024/CVE-2024-37xx/CVE-2024-3783.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3783",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-04-15T14:15:08.400",
"lastModified": "2025-02-27T16:15:29.367",
"lastModified": "2025-04-10T20:20:37.443",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},

32
CVE-2024/CVE-2024-37xx/CVE-2024-3789.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3789",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-05-14T15:42:16.860",
"lastModified": "2025-02-27T16:31:48.040",
"lastModified": "2025-04-10T20:26:19.700",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-400"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-37xx/CVE-2024-3794.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3794",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-05-14T15:42:19.673",
"lastModified": "2025-02-27T16:13:54.250",
"lastModified": "2025-04-10T20:26:11.567",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

8
CVE-2024/CVE-2024-380xx/CVE-2024-38038.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-38038",
"sourceIdentifier": "psirt@esri.com",
"published": "2024-10-04T18:15:07.413",
"lastModified": "2024-10-15T14:33:46.730",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:19.323",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser."
"value": "There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 11.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

12
CVE-2024/CVE-2024-395xx/CVE-2024-39561.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-39561",
"sourceIdentifier": "sirt@juniper.net",
"published": "2024-07-10T23:15:13.383",
"lastModified": "2025-03-05T18:22:47.983",
"lastModified": "2025-04-10T20:40:55.503",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -93,6 +93,16 @@
"value": "CWE-754"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-399xx/CVE-2024-39903.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-39903",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-12T15:15:11.177",
"lastModified": "2025-03-05T15:04:27.553",
"lastModified": "2025-04-10T20:31:22.160",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-22"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-515xx/CVE-2024-51547.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-51547",
"sourceIdentifier": "cybersecurity@ch.abb.com",
"published": "2025-02-06T05:15:12.850",
"lastModified": "2025-02-27T17:41:33.443",
"lastModified": "2025-04-10T20:19:50.540",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -93,6 +113,16 @@
"value": "CWE-798"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"configurations": [

8
CVE-2024/CVE-2024-519xx/CVE-2024-51942.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51942",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:40.167",
"lastModified": "2025-03-06T12:29:45.010",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:19.447",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2024/CVE-2024-519xx/CVE-2024-51944.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51944",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:40.327",
"lastModified": "2025-03-06T13:29:21.940",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:19.567",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-519xx/CVE-2024-51945.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51945",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:40.483",
"lastModified": "2025-03-06T14:43:04.163",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:19.690",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-519xx/CVE-2024-51946.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51946",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:40.640",
"lastModified": "2025-03-06T14:43:16.590",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:19.797",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-519xx/CVE-2024-51947.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51947",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:40.797",
"lastModified": "2025-03-06T14:43:29.150",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:19.910",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-519xx/CVE-2024-51948.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51948",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:40.953",
"lastModified": "2025-03-06T14:43:40.873",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:20.023",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-519xx/CVE-2024-51949.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51949",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:41.110",
"lastModified": "2025-03-06T14:43:51.640",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:20.140",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-519xx/CVE-2024-51950.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51950",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:41.277",
"lastModified": "2025-03-06T14:40:44.070",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:20.270",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-519xx/CVE-2024-51951.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51951",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:41.437",
"lastModified": "2025-03-06T14:40:58.963",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:20.387",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-519xx/CVE-2024-51952.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51952",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:41.593",
"lastModified": "2025-03-06T14:41:12.610",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:20.497",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-519xx/CVE-2024-51953.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51953",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:41.747",
"lastModified": "2025-03-06T14:41:23.883",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:20.617",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2024/CVE-2024-519xx/CVE-2024-51954.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51954",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:41.903",
"lastModified": "2025-03-06T14:42:21.397",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:20.743",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an improper access control issue in ArcGIS Server versions 10.9.1 through 11.3 on Windows and Linux, which under unique circumstances, could potentially allow a remote, low privileged authenticated attacker to access secure services published a standalone\u00a0(Unfederated)\n\nArcGIS Server instance.\u00a0 If successful this compromise would have a high impact on Confidentiality, low impact on integrity and no impact to availability of the software."
"value": "There is an improper access control issue in ArcGIS Server versions 11.3 and below on Windows and Linux, which under unique circumstances, could potentially allow a remote, low privileged authenticated attacker to access secure services published a standalone\u00a0(Unfederated)\n\nArcGIS Server instance.\u00a0 If successful this compromise would have a high impact on Confidentiality, low impact on integrity and no impact to availability of the software."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-519xx/CVE-2024-51956.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51956",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:42.063",
"lastModified": "2025-03-06T14:39:06.440",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:20.883",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-519xx/CVE-2024-51957.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51957",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:42.217",
"lastModified": "2025-03-06T14:39:18.807",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:21.020",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-519xx/CVE-2024-51958.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51958",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:42.397",
"lastModified": "2025-03-06T14:39:33.097",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:21.150",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a path traversal vulnerability in ESRI ArcGIS Server versions 10.9.1 thru 11.3. Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory.\u00a0 There is no impact to integrity or availability due to the nature of the files that can be accessed, but there is a potential high impact to confidentiality."
"value": "There is a path traversal vulnerability in ESRI ArcGIS Server versions 11.3 and below. Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory.\u00a0 There is no impact to integrity or availability due to the nature of the files that can be accessed, but there is a potential high impact to confidentiality."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-519xx/CVE-2024-51959.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51959",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:42.550",
"lastModified": "2025-03-06T14:39:48.943",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:21.250",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-519xx/CVE-2024-51960.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51960",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:42.707",
"lastModified": "2025-03-06T14:40:01.000",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:21.360",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-519xx/CVE-2024-51961.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51961",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:42.863",
"lastModified": "2025-03-06T14:33:47.030",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:21.467",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a local file inclusion vulnerability in ArcGIS Server 10.9.1 thru 11.3 that may allow a remote, unauthenticated attacker to craft a URL that could potentially disclose sensitive configuration information by reading internal files from the remote server.\u00a0 Due to the nature of the files accessible in this vulnerability the impact to confidentiality is High there is no impact to both integrity or availability."
"value": "There is a local file inclusion vulnerability in ArcGIS Server 11.3 and below that may allow a remote, unauthenticated attacker to craft a URL that could potentially disclose sensitive configuration information by reading internal files from the remote server.\u00a0 Due to the nature of the files accessible in this vulnerability the impact to confidentiality is High there is no impact to both integrity or availability."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-519xx/CVE-2024-51963.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51963",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:43.240",
"lastModified": "2025-03-06T14:35:47.813",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:21.723",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and follow that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-519xx/CVE-2024-51966.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-51966",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:43.387",
"lastModified": "2025-03-06T14:36:14.687",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:21.850",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a path traversal vulnerability in ESRI ArcGIS Server versions 10.9.1 thru 11.3. Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory. There is no impact to integrity or availability due to the nature of the files that can be accessed, but there is a potential high impact to confidentiality."
"value": "There is a path traversal vulnerability in ESRI ArcGIS Server versions 11.3 and below. Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory. There is no impact to integrity or availability due to the nature of the files that can be accessed, but there is a potential high impact to confidentiality."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2024/CVE-2024-58xx/CVE-2024-5888.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-5888",
"sourceIdentifier": "psirt@esri.com",
"published": "2025-03-03T20:15:43.940",
"lastModified": "2025-03-06T14:38:24.893",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T20:15:21.987",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 10.9.1 \u2013 11.3 that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
"value": "There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high, requiring publisher capabilities. The impact is low to both confidentiality and integrity while having no impact to availability."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

12
CVE-2024/CVE-2024-70xx/CVE-2024-7031.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-7031",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-03T09:15:30.353",
"lastModified": "2025-03-01T01:37:44.717",
"lastModified": "2025-04-10T20:35:21.603",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-862"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-75xx/CVE-2024-7574.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-7574",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-12T13:38:43.940",
"lastModified": "2025-03-01T02:23:12.537",
"lastModified": "2025-04-10T20:42:04.943",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -49,6 +49,16 @@
"value": "CWE-352"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [

86
CVE-2025/CVE-2025-11xx/CVE-2025-1163.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-1163",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-11T00:15:29.230",
"lastModified": "2025-02-11T16:15:49.973",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-10T20:25:15.893",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -122,32 +142,82 @@
"value": "CWE-121"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:code-projects:vehicle_parking_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9AEAEFBE-AACE-4EAF-839D-DE2395E622C9"
}
]
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/J0hnFFFF/j0hn_upload_three/blob/main/binary1.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.295066",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.295066",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.494008",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://github.com/J0hnFFFF/j0hn_upload_three/blob/main/binary1.pdf",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

60
CVE-2025/CVE-2025-14xx/CVE-2025-1492.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-1492",
"sourceIdentifier": "cve@gitlab.com",
"published": "2025-02-20T02:15:38.553",
"lastModified": "2025-02-20T02:15:38.553",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-10T20:03:01.333",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -51,14 +71,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2.0",
"versionEndIncluding": "4.2.10",
"matchCriteriaId": "87198EAB-099F-4C19-B6FC-8C939C17FEF6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.0",
"versionEndIncluding": "4.4.3",
"matchCriteriaId": "98E03C00-915A-4DC0-93A1-9640B9C29DA6"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/wireshark/wireshark/-/issues/20373",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://www.wireshark.org/security/wnpa-sec-2025-01.html",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Vendor Advisory"
]
}
]
}

39
CVE-2025/CVE-2025-229xx/CVE-2025-22926.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-22926",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-03T14:15:29.267",
"lastModified": "2025-04-07T14:18:34.453",
"lastModified": "2025-04-10T21:15:48.503",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Un problema en OS4ED openSIS v8.0 a v9.1 permite a los atacantes ejecutar un directory traversal enviando una solicitud POST manipulada a /Modules.php?modname=messaging/Inbox.php&modfunc=save&filename."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/OS4ED/openSIS-Classic",

29
CVE-2025/CVE-2025-230xx/CVE-2025-23008.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-23008",
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2025-04-10T19:16:00.617",
"lastModified": "2025-04-10T19:16:00.617",
"lastModified": "2025-04-10T20:15:22.113",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,11 +11,34 @@
"value": "An improper privilege management vulnerability in the SonicWall NetExtender Windows (32 and 64 bit) client allows a low privileged attacker to modify configurations."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.5,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "PSIRT@sonicwall.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

29
CVE-2025/CVE-2025-230xx/CVE-2025-23010.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-23010",
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2025-04-10T19:16:00.933",
"lastModified": "2025-04-10T19:16:00.933",
"lastModified": "2025-04-10T20:15:22.327",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,11 +11,34 @@
"value": "An Improper Link Resolution Before File Access ('Link Following') vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to manipulate file paths."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "PSIRT@sonicwall.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

32
CVE-2025/CVE-2025-263xx/CVE-2025-26378.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-26378",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2025-02-12T14:15:39.163",
"lastModified": "2025-03-03T22:06:52.163",
"lastModified": "2025-04-10T20:25:15.307",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-862"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [

79
CVE-2025/CVE-2025-265xx/CVE-2025-26596.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-26596",
"sourceIdentifier": "secalert@redhat.com",
"published": "2025-02-25T16:15:38.603",
"lastModified": "2025-03-21T16:15:18.887",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T20:19:41.853",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -126,47 +146,80 @@
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2025:2500",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:2502",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:2861",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:2862",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:2865",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:2866",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:2873",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:2874",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:2875",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:2879",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:2880",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2025-26596",

Some files were not shown because too many files have changed in this diff Show More