admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-08-07T22:00:17.778336+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-08-07 22:03:13 +00:00
parent 2260d26f35
commit 431b6899e4
125 changed files with 5555 additions and 578 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CVE-2005/CVE-2005-02xx/CVE-2005-0296.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2005-0296",
"sourceIdentifier": "cve@mitre.org",
"published": "2005-01-17T05:00:00.000",
"lastModified": "2024-05-17T00:23:58.583",
"lastModified": "2024-08-07T21:15:27.473",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-44xx/CVE-2006-4445.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-4445",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-08-29T23:04:00.000",
"lastModified": "2024-05-17T00:30:10.450",
"lastModified": "2024-08-07T20:15:26.230",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-44xx/CVE-2006-4455.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-4455",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-08-30T16:04:00.000",
"lastModified": "2024-05-17T00:30:10.943",
"lastModified": "2024-08-07T20:15:26.420",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-44xx/CVE-2006-4465.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-4465",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-08-31T20:04:00.000",
"lastModified": "2024-05-17T00:30:11.423",
"lastModified": "2024-08-07T20:15:26.593",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-45xx/CVE-2006-4545.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-4545",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-09-06T00:04:00.000",
"lastModified": "2024-05-17T00:30:15.073",
"lastModified": "2024-08-07T20:15:27.760",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-45xx/CVE-2006-4556.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-4556",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-09-06T00:04:00.000",
"lastModified": "2024-05-17T00:30:15.640",
"lastModified": "2024-08-07T20:15:27.957",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-45xx/CVE-2006-4557.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-4557",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-09-06T00:04:00.000",
"lastModified": "2024-05-17T00:30:15.727",
"lastModified": "2024-08-07T20:15:28.027",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-45xx/CVE-2006-4562.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-4562",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-09-06T00:04:00.000",
"lastModified": "2024-05-17T00:30:15.987",
"lastModified": "2024-08-07T20:15:28.143",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-46xx/CVE-2006-4609.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-4609",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-09-07T00:04:00.000",
"lastModified": "2024-05-17T00:30:17.970",
"lastModified": "2024-08-07T20:15:29.100",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-46xx/CVE-2006-4663.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-4663",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-09-09T00:04:00.000",
"lastModified": "2024-05-17T00:30:20.427",
"lastModified": "2024-08-07T20:15:29.860",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-46xx/CVE-2006-4677.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-4677",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-09-11T17:04:00.000",
"lastModified": "2024-05-17T00:30:21.090",
"lastModified": "2024-08-07T20:15:30.090",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-48xx/CVE-2006-4848.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-4848",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-09-19T01:07:00.000",
"lastModified": "2024-05-17T00:30:27.840",
"lastModified": "2024-08-07T20:15:32.113",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-48xx/CVE-2006-4863.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-4863",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-09-19T18:07:00.000",
"lastModified": "2024-05-17T00:30:28.543",
"lastModified": "2024-08-07T20:15:32.383",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-50xx/CVE-2006-5036.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5036",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-09-27T23:07:00.000",
"lastModified": "2024-05-17T00:30:35.663",
"lastModified": "2024-08-07T20:15:34.700",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-50xx/CVE-2006-5037.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5037",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-09-27T23:07:00.000",
"lastModified": "2024-05-17T00:30:35.777",
"lastModified": "2024-08-07T20:15:34.800",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-50xx/CVE-2006-5067.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5067",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-09-28T00:07:00.000",
"lastModified": "2024-05-17T00:30:37.080",
"lastModified": "2024-08-07T20:15:35.253",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-50xx/CVE-2006-5089.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5089",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-09-29T20:07:00.000",
"lastModified": "2024-05-17T00:30:38.090",
"lastModified": "2024-08-07T20:15:35.580",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-50xx/CVE-2006-5095.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5095",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-09-29T21:07:00.000",
"lastModified": "2024-05-17T00:30:38.410",
"lastModified": "2024-08-07T20:15:35.723",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-50xx/CVE-2006-5097.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5097",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-09-29T21:07:00.000",
"lastModified": "2024-05-17T00:30:38.540",
"lastModified": "2024-08-07T20:15:35.803",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-51xx/CVE-2006-5159.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5159",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-10-05T04:04:00.000",
"lastModified": "2024-05-17T00:30:41.463",
"lastModified": "2024-08-07T20:15:36.697",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-51xx/CVE-2006-5160.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5160",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-10-05T04:04:00.000",
"lastModified": "2024-05-17T00:30:41.587",
"lastModified": "2024-08-07T20:15:36.797",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-52xx/CVE-2006-5232.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5232",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-10-11T00:07:00.000",
"lastModified": "2024-05-17T00:30:44.830",
"lastModified": "2024-08-07T20:15:37.730",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-52xx/CVE-2006-5234.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5234",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-10-11T01:07:00.000",
"lastModified": "2024-05-17T00:30:44.997",
"lastModified": "2024-08-07T20:15:37.827",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-52xx/CVE-2006-5255.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5255",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-10-12T22:07:00.000",
"lastModified": "2024-05-17T00:30:45.890",
"lastModified": "2024-08-07T20:15:38.100",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-53xx/CVE-2006-5380.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5380",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-10-18T04:06:00.000",
"lastModified": "2024-05-17T00:30:51.027",
"lastModified": "2024-08-07T20:15:39.687",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-54xx/CVE-2006-5435.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5435",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-10-20T23:07:00.000",
"lastModified": "2024-05-17T00:30:53.543",
"lastModified": "2024-08-07T20:15:40.390",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-54xx/CVE-2006-5437.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5437",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-10-20T23:07:00.000",
"lastModified": "2024-05-17T00:30:53.680",
"lastModified": "2024-08-07T20:15:40.480",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-54xx/CVE-2006-5460.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5460",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-10-23T17:07:00.000",
"lastModified": "2024-05-17T00:30:54.753",
"lastModified": "2024-08-07T20:15:40.863",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-54xx/CVE-2006-5473.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5473",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-10-24T20:07:00.000",
"lastModified": "2024-05-17T00:30:55.333",
"lastModified": "2024-08-07T20:15:41.320",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-55xx/CVE-2006-5549.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5549",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-10-26T17:07:00.000",
"lastModified": "2024-05-17T00:30:58.560",
"lastModified": "2024-08-07T20:15:42.320",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-56xx/CVE-2006-5678.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5678",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-11-03T11:07:00.000",
"lastModified": "2024-05-17T00:31:03.780",
"lastModified": "2024-08-07T20:15:43.797",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-57xx/CVE-2006-5776.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5776",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-11-07T00:07:00.000",
"lastModified": "2024-05-17T00:31:07.863",
"lastModified": "2024-08-07T20:15:45.150",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-57xx/CVE-2006-5783.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5783",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-11-07T23:07:00.000",
"lastModified": "2024-05-17T00:31:08.240",
"lastModified": "2024-08-07T20:15:45.333",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-58xx/CVE-2006-5840.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5840",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-11-10T02:07:00.000",
"lastModified": "2024-05-17T00:31:10.733",
"lastModified": "2024-08-07T20:15:46.190",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-58xx/CVE-2006-5899.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5899",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-11-15T15:07:00.000",
"lastModified": "2024-05-17T00:31:13.320",
"lastModified": "2024-08-07T20:15:47.153",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-59xx/CVE-2006-5906.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5906",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-11-15T15:07:00.000",
"lastModified": "2024-05-17T00:31:13.650",
"lastModified": "2024-08-07T20:15:47.290",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-59xx/CVE-2006-5920.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5920",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-11-15T15:07:00.000",
"lastModified": "2024-05-17T00:31:14.303",
"lastModified": "2024-08-07T20:15:47.547",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-59xx/CVE-2006-5957.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-5957",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-11-17T01:07:00.000",
"lastModified": "2024-05-17T00:31:15.870",
"lastModified": "2024-08-07T20:15:48.023",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-60xx/CVE-2006-6018.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-6018",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-11-21T23:07:00.000",
"lastModified": "2024-05-17T00:31:18.113",
"lastModified": "2024-08-07T20:15:48.647",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-60xx/CVE-2006-6023.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-6023",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-11-21T23:07:00.000",
"lastModified": "2024-05-17T00:31:18.390",
"lastModified": "2024-08-07T20:15:48.777",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-61xx/CVE-2006-6165.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-6165",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-11-29T01:28:00.000",
"lastModified": "2024-05-17T00:31:24.433",
"lastModified": "2024-08-07T21:15:28.493",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-61xx/CVE-2006-6167.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-6167",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-11-29T02:28:00.000",
"lastModified": "2024-05-17T00:31:24.590",
"lastModified": "2024-08-07T21:15:28.583",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-61xx/CVE-2006-6171.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-6171",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-11-30T15:28:00.000",
"lastModified": "2024-05-17T00:31:24.843",
"lastModified": "2024-08-07T21:15:28.733",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-62xx/CVE-2006-6207.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-6207",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-12-01T01:28:00.000",
"lastModified": "2024-05-17T00:31:26.377",
"lastModified": "2024-08-07T21:15:29.263",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-62xx/CVE-2006-6285.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-6285",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-12-04T11:28:00.000",
"lastModified": "2024-05-17T00:31:29.590",
"lastModified": "2024-08-07T21:15:30.170",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-63xx/CVE-2006-6308.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-6308",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-12-06T20:28:00.000",
"lastModified": "2024-05-17T00:31:30.647",
"lastModified": "2024-08-07T21:15:30.553",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-63xx/CVE-2006-6397.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-6397",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-12-08T01:28:00.000",
"lastModified": "2024-05-17T00:31:33.657",
"lastModified": "2024-08-07T21:15:31.460",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-64xx/CVE-2006-6415.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-6415",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-12-10T11:28:00.000",
"lastModified": "2024-05-17T00:31:34.403",
"lastModified": "2024-08-07T21:15:31.683",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-64xx/CVE-2006-6465.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-6465",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-12-11T18:28:00.000",
"lastModified": "2024-05-17T00:31:36.453",
"lastModified": "2024-08-07T21:15:32.260",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-65xx/CVE-2006-6541.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-6541",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-12-14T02:28:00.000",
"lastModified": "2024-05-17T00:31:39.620",
"lastModified": "2024-08-07T21:15:33.547",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-65xx/CVE-2006-6549.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-6549",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-12-14T18:28:00.000",
"lastModified": "2024-05-17T00:31:40.010",
"lastModified": "2024-08-07T21:15:33.717",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-65xx/CVE-2006-6550.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-6550",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-12-14T18:28:00.000",
"lastModified": "2024-05-17T00:31:40.107",
"lastModified": "2024-08-07T21:15:33.793",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-68xx/CVE-2006-6863.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-6863",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-12-31T05:00:00.000",
"lastModified": "2024-05-17T00:31:53.263",
"lastModified": "2024-08-07T21:15:37.010",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-68xx/CVE-2006-6883.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-6883",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-12-31T05:00:00.000",
"lastModified": "2024-05-17T00:31:54.293",
"lastModified": "2024-08-07T21:15:37.277",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-69xx/CVE-2006-6975.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-6975",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-02-08T17:28:00.000",
"lastModified": "2024-05-17T00:31:58.270",
"lastModified": "2024-08-07T21:15:38.217",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-70xx/CVE-2006-7006.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-7006",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-02-12T23:28:00.000",
"lastModified": "2024-05-17T00:31:59.613",
"lastModified": "2024-08-07T21:15:38.543",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-70xx/CVE-2006-7011.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-7011",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-02-15T02:28:00.000",
"lastModified": "2024-05-17T00:31:59.893",
"lastModified": "2024-08-07T21:15:38.657",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-70xx/CVE-2006-7013.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-7013",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-02-15T02:28:00.000",
"lastModified": "2024-05-17T00:32:00.043",
"lastModified": "2024-08-07T21:15:38.733",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-70xx/CVE-2006-7015.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-7015",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-02-15T02:28:00.000",
"lastModified": "2024-05-17T00:32:00.190",
"lastModified": "2024-08-07T21:15:38.833",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-71xx/CVE-2006-7105.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-7105",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-03-03T21:19:00.000",
"lastModified": "2024-05-17T00:32:04.257",
"lastModified": "2024-08-07T21:15:39.700",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-71xx/CVE-2006-7120.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-7120",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-03-06T01:19:00.000",
"lastModified": "2024-05-17T00:32:05.113",
"lastModified": "2024-08-07T21:15:39.933",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-71xx/CVE-2006-7141.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-7141",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-03-07T20:19:00.000",
"lastModified": "2024-05-17T00:32:06.080",
"lastModified": "2024-08-07T21:15:40.193",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-71xx/CVE-2006-7146.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-7146",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-03-07T20:19:00.000",
"lastModified": "2024-05-17T00:32:06.363",
"lastModified": "2024-08-07T21:15:40.320",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-71xx/CVE-2006-7181.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-7181",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-03-30T10:19:00.000",
"lastModified": "2024-05-17T00:32:07.847",
"lastModified": "2024-08-07T21:15:40.727",
"vulnStatus": "Modified",
"cveTags": [
{

2
CVE-2006/CVE-2006-71xx/CVE-2006-7193.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-7193",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-04-12T19:19:00.000",
"lastModified": "2024-05-17T00:32:08.403",
"lastModified": "2024-08-07T21:15:40.890",
"vulnStatus": "Modified",
"cveTags": [
{

105
CVE-2022/CVE-2022-487xx/CVE-2022-48789.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48789",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-16T12:15:03.773",
"lastModified": "2024-07-16T13:43:58.773",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T20:06:32.680",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,27 +15,116 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nvme-tcp: soluciona el posible use-after-free en el transporte error_recovery work Mientras nvme_tcp_submit_async_event_work verifica el control y el estado de la cola antes de preparar el comando AER y programar io_work, para evitar completamente una ejecuci\u00f3n donde esta verificaci\u00f3n no es confiable, el trabajo de recuperaci\u00f3n de errores debe eliminar async_event_work antes de continuar destruyendo la cola de administraci\u00f3n despu\u00e9s de configurar el estado de control en RESETTING de manera que no haya ejecuci\u00f3n .submit_async_event y el propio controlador de recuperaci\u00f3n de errores cambie el estado de control."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.181",
"matchCriteriaId": "F65EF1C2-2C77-47DB-9A30-F79E2CF7C2D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.102",
"matchCriteriaId": "DAD66A9A-8D06-48D1-8AA8-FC060496FF53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.25",
"matchCriteriaId": "D098AA16-8E21-4EB7-AE2F-1EEB58E1A3A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.11",
"matchCriteriaId": "0D327234-5D4A-43DC-A6DF-BCA0CEBEC039"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/5e42fca37ccc76f39f73732661bd47254cad5982",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/61a26ffd5ad3ece456d74c4c79f7b5e3f440a141",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bb0d8fb35c4ff00a503c2c4dca4cce8d102a21c4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e192184cf8bce8dd55d619f5611a2eaba996fa05",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ff9fc7ebf5c06de1ef72a69f9b1ab40af8b07f9e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

117
CVE-2022/CVE-2022-487xx/CVE-2022-48790.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48790",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-16T12:15:03.843",
"lastModified": "2024-07-16T13:43:58.773",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T20:06:57.857",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,130 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: nvme: corrige un posible use-after-free en el reinicio del controlador durante la carga. A diferencia de .queue_rq, en .submit_async_event es posible que los controladores no verifiquen la preparaci\u00f3n de Ctrl para el env\u00edo de AER. Esto puede provocar una condici\u00f3n de use-after-free que se observ\u00f3 con nvme-tcp. La condici\u00f3n de ejecuci\u00f3n puede ocurrir en el siguiente escenario: 1. el controlador ejecuta su reset_ctrl_work 2. -> nvme_stop_ctrl - vac\u00eda ctrl async_event_work 3. ctrl env\u00eda AEN que es recibido por el host, que a su vez programa el manejo de AEN 4. desmontaje de la cola de administraci\u00f3n (que libera el socket de la cola) 5. AEN procesado, env\u00eda otro AER, llamando al controlador para enviar 6. el controlador intenta enviar el cmd ==> use-after-free Para solucionar eso, agregue la verificaci\u00f3n de estado de ctrl para validar que ctrl es realmente capaz de aceptar la presentaci\u00f3n de la ARE. Esto soluciona la ejecuci\u00f3n anterior en los reinicios del controlador porque el controlador durante el desmontaje debe: 1. cambiar el estado de Ctrl a RESTABLECER 2. vaciar async_event_work (as\u00ed como otros elementos de trabajo as\u00edncronos) Entonces, despu\u00e9s de 1,2, cualquier otro comando AER encontrar\u00e1 el estado de Ctrl estar RESETING y rescatar sin presentar la AER."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.231",
"matchCriteriaId": "BED6719E-2004-42C8-8CA4-4E4CD159B63F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.181",
"matchCriteriaId": "FB33213E-1A45-4E3B-A129-58AAA2EB921D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.102",
"matchCriteriaId": "DAD66A9A-8D06-48D1-8AA8-FC060496FF53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.25",
"matchCriteriaId": "D098AA16-8E21-4EB7-AE2F-1EEB58E1A3A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.11",
"matchCriteriaId": "0D327234-5D4A-43DC-A6DF-BCA0CEBEC039"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0ead57ceb21bbf15963b4874c2ac67143455382f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0fa0f99fc84e41057cbdd2efbfe91c6b2f47dd9d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/70356b756a58704e5c8818cb09da5854af87e765",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9e956a2596ae276124ef0d96829c013dd0faf861",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a25e460fbb0340488d119fb2e28fe3f829b7417e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e043fb5a0336ee74614e26f0d9f36f1f5bb6d606",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

93
CVE-2022/CVE-2022-487xx/CVE-2022-48796.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48796",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-16T12:15:04.293",
"lastModified": "2024-07-16T13:43:58.773",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T20:07:22.920",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,102 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: iommu: corrige el posible use-after-free durante la prueba Kasan ha informado el siguiente use-after-free en dev->iommu. cuando falla la sonda de un dispositivo y est\u00e1 en proceso de liberar dev->iommu en la funci\u00f3n dev_iommu_free, una deferred_probe_work_func se ejecuta en paralelo e intenta acceder a dev->iommu->fwspec en la ruta of_iommu_configure, lo que provoca el use-after-free. ERROR: KASAN: use-after-free en of_iommu_configure+0xb4/0x4a4 Lectura de tama\u00f1o 8 en la direcci\u00f3n ffffff87a2f1acb8 por tarea kworker/u16:2/153 Cola de trabajo: events_unbound deferred_probe_work_func Seguimiento de llamadas: dump_backtrace+0x0/0x33c show_stack+0x18/0x24 dump_stack_ nivel+ 0x16c/0x1e0 print_address_description+0x84/0x39c __kasan_report+0x184/0x308 kasan_report+0x50/0x78 __asan_load8+0xc0/0xc4 of_iommu_configure+0xb4/0x4a4 of_dma_configure_id+0x2fc/0x4d4 platform_ dma_configure+0x40/0x5c very_probe+0x1b4/0xb74 driver_probe_device+0x11c/0x228 __device_attach_driver+ 6 970 work_thread+0x5c8/0xaec kthread+0x1f8/0x220 ret_from_fork+0x10/0x18 Asignado por tarea 1: ____kasan_kmalloc+0xd4/0x114 __kasan_kmalloc+0x10/0x1c kmem_cache_alloc_trace+0xe4/0x3d4 __iommu_probe_device+0x90/0x394 probe_iommu_group+0x70/0x9c bus_for_each_dev+0x11c/0x19c bus_ iommu_probe+0xb8/0x7d4 bus_set_iommu+0xcc/0x13c arm_smmu_bus_init+0x44/0x130 [arm_smmu ] arm_smmu_device_probe+0xb88/0xc54 [arm_smmu] platform_drv_probe+0xe4/0x13c very_probe+0x2c8/0xb74 driver_probe_device+0x11c/0x228 dispositivo_driver_attach+0xf0/0x16c __driver_attach+0x80/0x320 _for_each_dev+0x11c/0x19c driver_attach+0x38/0x48 bus_add_driver+0x1dc/0x3a4 driver_register +0x18c/0x244 __platform_driver_register+0x88/0x9c init_module+0x64/0xff4 [arm_smmu] do_one_initcall+0x17c/0x2f0 do_init_module+0xe8/0x378 load_module+0x3f80/0x4a40 __se_sys_finit_module+ 0x1a0/0x1e4 __arm64_sys_finit_module+0x44/0x58 el0_svc_common+0x100/0x264 do_el0_svc+0x38 /0xa4 el0_svc+0x20/0x30 el0_sync_handler+0x68/0xac el0_sync+0x160/0x180 Liberado por la tarea 1: kasan_set_track+0x4c/0x84 kasan_set_free_info+0x28/0x4c ____kasan_slab_free+0x120/0x15c 0x18/0x28 slab_free_freelist_hook+0x204/0x2fc kfree+0xfc /0x3a4 __iommu_probe_device+0x284/0x394 probe_iommu_group+0x70/0x9c bus_for_each_dev+0x11c/0x19c bus_iommu_probe+0xb8/0x7d4 bus_set_iommu+0xcc/0x13c arm_smmu_bus_init+0x44/0x130 [arm_smmu] arm_smmu_device_probe+0xb88/0xc54 [arm_smmu] platform_drv_probe+0xe4/0x13c realmente_probe+ 0x2c8/0xb74 driver_probe_device+0x11c/0x228 dispositivo_driver_attach+0xf0/0x16c __driver_attach+0x80/0x320 bus_for_each_dev+0x11c/0x19c driver_attach+0x38/0x48 bus_add_driver+0x1dc/0x3a4 ister+0x18c/0x244 __platform_driver_register+0x88/0x9c init_module+0x64/0xff4 [arm_smmu ] do_one_initcall+0x17c/0x2f0 do_init_module+0xe8/0x378 load_module+0x3f80/0x4a40 __se_sys_finit_module+0x1a0/0x1e4 __arm64_sys_finit_module+0x44/0x58 el0_svc_common+0x100/ 0x264 do_el0_svc+0x38/0xa4 el0_svc+0x20/0x30 el0_sync_handler+0x68/0xac el0_sync+0x160/ 0x180 Solucione este problema configurando dev->iommu en NULL primero y luego liberando la estructura dev_iommu en la funci\u00f3n dev_iommu_free."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.101",
"matchCriteriaId": "F37E3FA0-7A8B-4AAF-9748-96E34396B25B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.24",
"matchCriteriaId": "866451F0-299E-416C-B0B8-AE6B33E62CCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.10",
"matchCriteriaId": "679523BA-1392-404B-AB85-F5A5408B1ECC"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/65ab30f6a6952fa9ee13009862736cf8d110e6e5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b54240ad494300ff0994c4539a531727874381f4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cb86e511e78e796de6947b8f3acca1b7c76fb2ff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f74fc4b5bd533ea3d30ce47cccb8ef8d21fda85a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

61
CVE-2023/CVE-2023-288xx/CVE-2023-28806.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2023-28806",
"sourceIdentifier": "cve@zscaler.com",
"published": "2024-08-06T16:15:46.453",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T21:29:17.760",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Validation of signature in Zscaler Client Connector on Windows allows an authenticated user to disable anti-tampering. This issue affects Client Connector on Windows <4.2.0.190."
},
{
"lang": "es",
"value": "Una validaci\u00f3n incorrecta de la firma en Zscaler Client Connector en Windows permite a un usuario autenticado desactivar la manipulaci\u00f3n. Este problema afecta a Client Connector en Windows &lt;4.2.0.190."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "cve@zscaler.com",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
},
{
"source": "cve@zscaler.com",
"type": "Secondary",
@ -47,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "4.2.0.190",
"matchCriteriaId": "260C3474-C82C-4E8A-9C63-FABD53E163BD"
}
]
}
]
}
],
"references": [
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=windows&applicable_version=4.2.0.190",
"source": "cve@zscaler.com"
"source": "cve@zscaler.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-234xx/CVE-2024-23456.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-23456",
"sourceIdentifier": "cve@zscaler.com",
"published": "2024-08-06T16:15:47.060",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T21:30:09.227",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Anti-tampering can be disabled under certain conditions without signature validation. This affects Zscaler Client Connector <4.2.0.190 with anti-tampering enabled."
},
{
"lang": "es",
"value": "La protecci\u00f3n contra manipulaciones se puede desactivar bajo ciertas condiciones sin validaci\u00f3n de firma. Esto afecta a Zscaler Client Connector &lt;4.2.0.190 con la funci\u00f3n antimanipulaci\u00f3n habilitada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve@zscaler.com",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
},
{
"source": "cve@zscaler.com",
"type": "Secondary",
@ -47,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "4.2.0.190",
"matchCriteriaId": "260C3474-C82C-4E8A-9C63-FABD53E163BD"
}
]
}
]
}
],
"references": [
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=windows&applicable_version=4.2.0.190",
"source": "cve@zscaler.com"
"source": "cve@zscaler.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-234xx/CVE-2024-23458.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-23458",
"sourceIdentifier": "cve@zscaler.com",
"published": "2024-08-06T16:15:47.260",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T21:29:09.537",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. This issue affects Zscaler Client Connector on Windows <4.2.0.190."
},
{
"lang": "es",
"value": "Al copiar archivos de registro de actualizaci\u00f3n autom\u00e1tica individuales, faltaba la verificaci\u00f3n del punto de an\u00e1lisis, lo que podr\u00eda dar lugar a ataques elaborados, lo que podr\u00eda provocar una escalada de privilegios locales. Este problema afecta a Zscaler Client Connector en Windows &lt;4.2.0.190."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "cve@zscaler.com",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-346"
}
]
},
{
"source": "cve@zscaler.com",
"type": "Secondary",
@ -47,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "4.2.0.190",
"matchCriteriaId": "260C3474-C82C-4E8A-9C63-FABD53E163BD"
}
]
}
]
}
],
"references": [
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=windows&applicable_version=4.2.0.190",
"source": "cve@zscaler.com"
"source": "cve@zscaler.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-234xx/CVE-2024-23460.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-23460",
"sourceIdentifier": "cve@zscaler.com",
"published": "2024-08-06T16:15:47.460",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T21:29:01.067",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Zscaler Updater process does not validate the digital signature of the installer before execution, allowing arbitrary code to be locally executed. This affects Zscaler Client Connector on MacOS <4.2."
},
{
"lang": "es",
"value": "El proceso Zscaler Updater no valida la firma digital del instalador antes de la ejecuci\u00f3n, lo que permite ejecutar c\u00f3digo arbitrario localmente. Esto afecta a Zscaler Client Connector en MacOS &lt;4.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "cve@zscaler.com",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
},
{
"source": "cve@zscaler.com",
"type": "Secondary",
@ -47,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:macos:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "44636F3C-BC75-49FD-9CC4-D451810B0898"
}
]
}
]
}
],
"references": [
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=macos&applicable_version=4.2",
"source": "cve@zscaler.com"
"source": "cve@zscaler.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-234xx/CVE-2024-23464.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-23464",
"sourceIdentifier": "cve@zscaler.com",
"published": "2024-08-06T16:15:47.643",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T21:23:59.990",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin rights. This affects Zscaler Client Connector on Windows <4.2.1"
},
{
"lang": "es",
"value": "En ciertos casos, Zscaler Internet Access (ZIA) se puede desactivar mediante comandos de PowerShell con derechos de administrador. Esto afecta a Zscaler Client Connector en Windows &lt;4.2.1"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "cve@zscaler.com",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cve@zscaler.com",
"type": "Secondary",
@ -47,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "4.2.1",
"matchCriteriaId": "2D2DCA8F-AE47-4F23-A0F0-E72721B13BDE"
}
]
}
]
}
],
"references": [
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=Windows&applicable_version=4.2.1",
"source": "cve@zscaler.com"
"source": "cve@zscaler.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-234xx/CVE-2024-23483.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-23483",
"sourceIdentifier": "cve@zscaler.com",
"published": "2024-08-06T16:15:47.850",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T21:23:09.080",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Input Validation vulnerability in Zscaler Client Connector on MacOS allows OS Command Injection.\u00a0This issue affects Zscaler Client Connector on MacOS <4.2."
},
{
"lang": "es",
"value": "Una vulnerabilidad de validaci\u00f3n de entrada incorrecta en Zscaler Client Connector en MacOS permite la inyecci\u00f3n de comandos del sistema operativo. Este problema afecta a Zscaler Client Connector en MacOS &lt;4.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cve@zscaler.com",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "cve@zscaler.com",
"type": "Secondary",
@ -47,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:macos:*:*",
"versionEndExcluding": "4.2",
"matchCriteriaId": "44636F3C-BC75-49FD-9CC4-D451810B0898"
}
]
}
]
}
],
"references": [
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=macos&applicable_version=4.2",
"source": "cve@zscaler.com"
"source": "cve@zscaler.com",
"tags": [
"Vendor Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-254xx/CVE-2024-25421.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-25421",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-26T21:15:52.773",
"lastModified": "2024-03-27T12:29:30.307",
"lastModified": "2024-08-07T21:35:02.880",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Un problema en Ignite Realtime Openfire v.4.9.0 y anteriores permite a un atacante remoto escalar privilegios a trav\u00e9s del componente ROOM_CACHE."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-250"
}
]
}
],
"references": [
{
"url": "https://github.com/igniterealtime/Openfire/blob/main/xmppserver/src/main/java/org/jivesoftware/openfire/muc/spi/LocalMUCRoomManager.java",

27
CVE-2024/CVE-2024-280xx/CVE-2024-28009.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-28009",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2024-03-28T01:15:47.400",
"lastModified": "2024-04-02T06:15:15.013",
"lastModified": "2024-08-07T20:35:15.713",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Vulnerabilidad de autenticaci\u00f3n incorrecta en NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF8 00HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP , WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR41 00N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S , WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN y MR02LN, todas las versiones permiten a un atacante ejecutar un comando arbitrario con privilegios de root a trav\u00e9s de Internet."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt-info@cyber.jp.nec.com",

39
CVE-2024/CVE-2024-280xx/CVE-2024-28048.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-28048",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-03-26T10:15:09.170",
"lastModified": "2024-03-26T12:55:05.010",
"lastModified": "2024-08-07T20:35:15.970",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en ffBull ver.4.11, que puede permitir que un atacante remoto no autenticado ejecute un comando del sistema operativo arbitrario con el privilegio del servidor web en ejecuci\u00f3n. Tenga en cuenta que no se pudo localizar al desarrollador, por lo tanto, los usuarios deber\u00edan considerar dejar de usar ffBull ver.4.11."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN17176449/",

27
CVE-2024/CVE-2024-28xx/CVE-2024-2843.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-2843",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-08-01T06:15:02.367",
"lastModified": "2024-08-01T12:42:36.933",
"lastModified": "2024-08-07T20:35:16.833",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": " El complemento de WordPress WooCommerce Customers Manager anterior a 30.1 no tiene comprobaciones CSRF en algunos lugares, lo que podr\u00eda permitir a los atacantes hacer que los usuarios administradores registrados eliminen usuarios mediante ataques CSRF."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/fec4e077-4c4e-4618-bfe8-61fdba59b696/",

39
CVE-2024/CVE-2024-293xx/CVE-2024-29303.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-29303",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-26T00:15:08.703",
"lastModified": "2024-03-26T12:55:05.010",
"lastModified": "2024-08-07T21:35:03.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La funci\u00f3n de eliminaci\u00f3n de usuarios administradores de SourceCodester PHP Task Management System 1.0 es vulnerable a la inyecci\u00f3n SQL"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://packetstormsecurity.com/files/177737/Task-Management-System-1.0-SQL-Injection.html",

39
CVE-2024/CVE-2024-344xx/CVE-2024-34448.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-34448",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T16:15:10.580",
"lastModified": "2024-05-22T18:59:20.240",
"lastModified": "2024-08-07T21:35:04.863",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Ghost anterior a 5.82.0 permite la inyecci\u00f3n de CSV durante la exportaci\u00f3n de CSV de un miembro."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"references": [
{
"url": "https://github.com/phulelouch/CVEs/blob/main/CVE-2024-34448.md",

39
CVE-2024/CVE-2024-344xx/CVE-2024-34479.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-34479",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T16:15:44.327",
"lastModified": "2024-08-07T19:09:46.290",
"lastModified": "2024-08-07T20:35:17.290",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://cxsecurity.com/issue/WLB-2024080004",

39
CVE-2024/CVE-2024-349xx/CVE-2024-34936.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-34936",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:30.363",
"lastModified": "2024-05-24T01:15:30.977",
"lastModified": "2024-08-07T21:35:05.650",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de inyecci\u00f3n SQL en /view/event1.php en Campcodes Complete Web-Based School Management System 1.0 permite a un atacante ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro mes."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%2029.pdf",

39
CVE-2024/CVE-2024-350xx/CVE-2024-35090.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35090",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-23T17:15:31.033",
"lastModified": "2024-05-24T01:15:30.977",
"lastModified": "2024-08-07T20:35:18.150",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que J2EEFAST v2.7.0 contiene una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s de la funci\u00f3n findPage en SysUreportFileMapper.xml."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/35090.txt",

39
CVE-2024/CVE-2024-353xx/CVE-2024-35340.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35340",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-24T15:15:24.467",
"lastModified": "2024-05-24T18:09:20.027",
"lastModified": "2024-08-07T20:35:18.973",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que Tenda FH1206 V1.2.0.8(8155) contiene una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s del par\u00e1metro cmdinput en ip/goform/formexeCommand."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://palm-vertebra-fe9.notion.site/formexeCommand_RCE-91a5f12ae23a42b4a25f5d1d4de308da",

814
CVE-2024/CVE-2024-392xx/CVE-2024-39225.json
View File

@ -2,24 +2,828 @@
"id": "CVE-2024-39225",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-06T16:15:48.647",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T20:56:03.757",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a remote code execution (RCE) vulnerability."
},
{
"lang": "es",
"value": "Productos GL-iNet AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4. 3.16, E750 v4. 3.12, AP1300/S1300 v4.3.13 y XE3000/X3000 v4.4 conten\u00edan una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mt6000_firmware:4.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "25FB0820-4ABA-4998-86BB-878B17468245"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mt6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCDE99A6-DA15-4E4B-8C60-CCB9D580BD82"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:a1300_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "72ECCE6C-E44B-4165-8FB6-55008C376274"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:a1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6DBF472-E98E-4E00-B6A0-6D8FA1678AEA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:x300b_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "FBA22E2A-8C0B-44D4-917F-4A929C266AD3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:x300b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AA4BAC-C6D1-42C0-94E9-5B05AC24A235"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ax1800_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "C75FBC4F-7547-47F4-8577-FA31CF9A95EA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ax1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB312FD-370C-4DF9-961F-F0C4920AA368"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:axt1800_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "43114B40-C368-435A-91EC-B4666CC691CB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:axt1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF453954-BC32-4577-8CE4-066812193495"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mt2500_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "5222AC63-91C6-4B99-8FDD-2CCFD1CA66EF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mt2500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADF5BF3-0F52-4947-8BC2-3505EDEEDF28"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mt3000_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "70AC521D-2DE4-4B7F-846D-A945A5EC0931"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mt3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF2DBFD-2AE0-41BC-B614-9836098119F4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:x3000_firmware:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "95C80395-9A66-4952-8259-89623C5EC065"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:x3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9479FFAA-9C87-4530-884D-B96055A3D41C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:xe3000_firmware:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1123CE79-1C08-4408-A19A-DC1A4E74DA91"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:xe3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "265EDD5D-B879-4E8A-A6DE-400BC6273A41"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:xe300_firmware:4.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "96241919-0E87-4966-B94F-58DA4DFDA607"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:xe300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57D82B62-F057-42A4-8530-86145AE91AC2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:e750_firmware:4.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D99FD7EE-B736-452B-B0F4-B045592023B7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:e750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3590B0-7F4B-49C2-BE77-57AD27A91018"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:x750_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "61925658-3785-4E1C-B1B3-2F88B3F5FE52"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:x750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D1EDFF0-F67C-4801-815C-309940BD7338"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:sft1200_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2E77ACF4-385E-48CB-87FC-F631A04ACBE5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:sft1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E656351D-E06E-435F-B1E5-34B89FD8B54B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ar300m_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC51E4D-9784-4264-83BF-CB7DF70087E6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ar300m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F040AC86-5D7A-4E57-B272-A425DDDE1698"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ar300m16_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9AA29E-C1C0-4F18-AB85-DA8285B74EE3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ar300m16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA3E349B-C40F-4DE6-B977-CF677B2F9814"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ar750_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3C49C8A1-EA3A-4954-95C1-7691EEF6A532"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ar750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "749A6936-392E-430C-ABD3-33D4C5B3D178"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ar750s_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AC5207-7130-4B6A-A8E3-763050749DFA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ar750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F18E5F1D-55CD-4F6A-A349-90DD27B29955"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:b1300_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0D132DF3-58FC-4F9B-9518-B668A9564D97"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:b1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A47EFE3F-D217-469E-BEE6-5D78037C71C3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mt1300_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "8E513879-5A56-4B91-913D-7C68B7323B8C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mt1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CECA41F-E807-4234-8C41-477DE132210E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mt300n-v2_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "96D4CCC3-BFB2-449D-8947-FDDC722F15F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mt300n-v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "797DD304-0AF8-4E2C-8F72-ADF31B8AD6F4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ap1300_firmware:3.217:*:*:*:*:*:*:*",
"matchCriteriaId": "24CFCB1B-1AA2-4D05-9545-D8864517F52E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ap1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72D7EFDB-E10E-4D75-ABE2-CC3CE321F584"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:b2200_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "C725432A-2F3B-46F9-B705-34ECC4299FED"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:b2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBB4C645-59AA-4682-A487-C0DB2CF0A4F1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mv1000_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1BD239-D370-4F14-A6B2-2C078170ECEB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mv1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB8DF06-507E-4933-ABAD-1FB7D70CD3C2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mv1000w_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "C6E3539B-172C-4AF3-AD1E-AED4937F1BB0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mv1000w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23E9E6FC-346D-4D58-BD4E-84A81722A155"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:usb150_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "FABD5B0B-9763-4020-8858-1B67FACB125A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:usb150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBDE54D-5475-41A6-8E17-EFF445B3C2F1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:sf1200_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5D0C75-04DE-4315-9980-E8F31AE6F261"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:sf1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F5BAAA-AE8C-41F3-8C41-B0223BDB4314"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:n300_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "AF760DF0-D192-4FF8-BC24-F9F71EA365F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:n300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F805B376-E08F-4D66-A301-59EF92E4082B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:s1300_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "F83CD9FC-F9BE-4B76-B387-AA2588631780"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:s1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B6BB55-8107-490B-90FD-F7EE3A89C7D9"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://ar750ar750sar300mar300m16mt300n-v2b1300mt1300sft1200x750.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Bypass%20the%20login%20mechanism.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

814
CVE-2024/CVE-2024-392xx/CVE-2024-39226.json
View File

@ -2,24 +2,828 @@
"id": "CVE-2024-39226",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-06T16:15:48.757",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T20:55:49.350",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain insecure permissions in the endpoint /cgi-bin/glc. This vulnerability allows unauthenticated attackers to execute arbitrary code or possibly a directory traversal via crafted JSON data."
},
{
"lang": "es",
"value": "Productos GL-iNet AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4. 3.16, E750 v4. 3.12, AP1300/S1300 v4.3.13 y XE3000/X3000 v4.4 conten\u00edan permisos inseguros en el endpoint /cgi-bin/glc. Esta vulnerabilidad permite a atacantes no autenticados ejecutar c\u00f3digo arbitrario o posiblemente atravesar un directorio a trav\u00e9s de datos JSON manipulados."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mt6000_firmware:4.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "25FB0820-4ABA-4998-86BB-878B17468245"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mt6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCDE99A6-DA15-4E4B-8C60-CCB9D580BD82"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:a1300_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "72ECCE6C-E44B-4165-8FB6-55008C376274"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:a1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6DBF472-E98E-4E00-B6A0-6D8FA1678AEA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:x300b_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "FBA22E2A-8C0B-44D4-917F-4A929C266AD3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:x300b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AA4BAC-C6D1-42C0-94E9-5B05AC24A235"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ax1800_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "C75FBC4F-7547-47F4-8577-FA31CF9A95EA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ax1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB312FD-370C-4DF9-961F-F0C4920AA368"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:axt1800_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "43114B40-C368-435A-91EC-B4666CC691CB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:axt1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF453954-BC32-4577-8CE4-066812193495"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mt2500_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "5222AC63-91C6-4B99-8FDD-2CCFD1CA66EF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mt2500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADF5BF3-0F52-4947-8BC2-3505EDEEDF28"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mt3000_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "70AC521D-2DE4-4B7F-846D-A945A5EC0931"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mt3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF2DBFD-2AE0-41BC-B614-9836098119F4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:x3000_firmware:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "95C80395-9A66-4952-8259-89623C5EC065"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:x3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9479FFAA-9C87-4530-884D-B96055A3D41C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:xe3000_firmware:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1123CE79-1C08-4408-A19A-DC1A4E74DA91"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:xe3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "265EDD5D-B879-4E8A-A6DE-400BC6273A41"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:xe300_firmware:4.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "96241919-0E87-4966-B94F-58DA4DFDA607"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:xe300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57D82B62-F057-42A4-8530-86145AE91AC2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:e750_firmware:4.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D99FD7EE-B736-452B-B0F4-B045592023B7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:e750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3590B0-7F4B-49C2-BE77-57AD27A91018"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:x750_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "61925658-3785-4E1C-B1B3-2F88B3F5FE52"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:x750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D1EDFF0-F67C-4801-815C-309940BD7338"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:sft1200_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2E77ACF4-385E-48CB-87FC-F631A04ACBE5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:sft1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E656351D-E06E-435F-B1E5-34B89FD8B54B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ar300m_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC51E4D-9784-4264-83BF-CB7DF70087E6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ar300m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F040AC86-5D7A-4E57-B272-A425DDDE1698"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ar300m16_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9AA29E-C1C0-4F18-AB85-DA8285B74EE3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ar300m16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA3E349B-C40F-4DE6-B977-CF677B2F9814"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ar750_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3C49C8A1-EA3A-4954-95C1-7691EEF6A532"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ar750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "749A6936-392E-430C-ABD3-33D4C5B3D178"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ar750s_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AC5207-7130-4B6A-A8E3-763050749DFA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ar750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F18E5F1D-55CD-4F6A-A349-90DD27B29955"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:b1300_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0D132DF3-58FC-4F9B-9518-B668A9564D97"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:b1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A47EFE3F-D217-469E-BEE6-5D78037C71C3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mt1300_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "8E513879-5A56-4B91-913D-7C68B7323B8C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mt1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CECA41F-E807-4234-8C41-477DE132210E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mt300n-v2_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "96D4CCC3-BFB2-449D-8947-FDDC722F15F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mt300n-v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "797DD304-0AF8-4E2C-8F72-ADF31B8AD6F4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ap1300_firmware:3.217:*:*:*:*:*:*:*",
"matchCriteriaId": "24CFCB1B-1AA2-4D05-9545-D8864517F52E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ap1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72D7EFDB-E10E-4D75-ABE2-CC3CE321F584"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:b2200_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "C725432A-2F3B-46F9-B705-34ECC4299FED"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:b2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBB4C645-59AA-4682-A487-C0DB2CF0A4F1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mv1000_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1BD239-D370-4F14-A6B2-2C078170ECEB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mv1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB8DF06-507E-4933-ABAD-1FB7D70CD3C2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mv1000w_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "C6E3539B-172C-4AF3-AD1E-AED4937F1BB0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mv1000w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23E9E6FC-346D-4D58-BD4E-84A81722A155"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:usb150_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "FABD5B0B-9763-4020-8858-1B67FACB125A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:usb150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBDE54D-5475-41A6-8E17-EFF445B3C2F1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:sf1200_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5D0C75-04DE-4315-9980-E8F31AE6F261"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:sf1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F5BAAA-AE8C-41F3-8C41-B0223BDB4314"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:n300_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "AF760DF0-D192-4FF8-BC24-F9F71EA365F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:n300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F805B376-E08F-4D66-A301-59EF92E4082B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:s1300_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "F83CD9FC-F9BE-4B76-B387-AA2588631780"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:s1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B6BB55-8107-490B-90FD-F7EE3A89C7D9"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://ar750ar750sar300mar300m16mt300n-v2b1300mt1300sft1200x750.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/s2s%20interface%20shell%20injection.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

814
CVE-2024/CVE-2024-392xx/CVE-2024-39228.json
View File

@ -2,24 +2,828 @@
"id": "CVE-2024-39228",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-06T16:15:48.850",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T20:55:20.677",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, XE3000/X3000 v4, and B2200/MV1000/MV1000W/USB150/N300/SF1200 v3.216 were discovered to contain a shell injection vulnerability via the interface check_config."
},
{
"lang": "es",
"value": "Productos GL-iNet AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4. 3.16, E750 v4. 3.12, AP1300/S1300 v4.3.13, XE3000/X3000 v4 y B2200/MV1000/MV1000W/USB150/N300/SF1200 v3.216 conten\u00edan una vulnerabilidad de inyecci\u00f3n de shell a trav\u00e9s de la interfaz check_config."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mt6000_firmware:4.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "25FB0820-4ABA-4998-86BB-878B17468245"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mt6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCDE99A6-DA15-4E4B-8C60-CCB9D580BD82"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:a1300_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "72ECCE6C-E44B-4165-8FB6-55008C376274"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:a1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6DBF472-E98E-4E00-B6A0-6D8FA1678AEA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:x300b_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "FBA22E2A-8C0B-44D4-917F-4A929C266AD3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:x300b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AA4BAC-C6D1-42C0-94E9-5B05AC24A235"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ax1800_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "C75FBC4F-7547-47F4-8577-FA31CF9A95EA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ax1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB312FD-370C-4DF9-961F-F0C4920AA368"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:axt1800_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "43114B40-C368-435A-91EC-B4666CC691CB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:axt1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF453954-BC32-4577-8CE4-066812193495"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mt2500_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "5222AC63-91C6-4B99-8FDD-2CCFD1CA66EF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mt2500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADF5BF3-0F52-4947-8BC2-3505EDEEDF28"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mt3000_firmware:4.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "70AC521D-2DE4-4B7F-846D-A945A5EC0931"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mt3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF2DBFD-2AE0-41BC-B614-9836098119F4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:x3000_firmware:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "95C80395-9A66-4952-8259-89623C5EC065"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:x3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9479FFAA-9C87-4530-884D-B96055A3D41C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:xe3000_firmware:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1123CE79-1C08-4408-A19A-DC1A4E74DA91"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:xe3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "265EDD5D-B879-4E8A-A6DE-400BC6273A41"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:xe300_firmware:4.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "96241919-0E87-4966-B94F-58DA4DFDA607"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:xe300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57D82B62-F057-42A4-8530-86145AE91AC2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:e750_firmware:4.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D99FD7EE-B736-452B-B0F4-B045592023B7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:e750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3590B0-7F4B-49C2-BE77-57AD27A91018"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:x750_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "61925658-3785-4E1C-B1B3-2F88B3F5FE52"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:x750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D1EDFF0-F67C-4801-815C-309940BD7338"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:sft1200_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2E77ACF4-385E-48CB-87FC-F631A04ACBE5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:sft1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E656351D-E06E-435F-B1E5-34B89FD8B54B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ar300m_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC51E4D-9784-4264-83BF-CB7DF70087E6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ar300m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F040AC86-5D7A-4E57-B272-A425DDDE1698"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ar300m16_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9AA29E-C1C0-4F18-AB85-DA8285B74EE3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ar300m16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA3E349B-C40F-4DE6-B977-CF677B2F9814"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ar750_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3C49C8A1-EA3A-4954-95C1-7691EEF6A532"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ar750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "749A6936-392E-430C-ABD3-33D4C5B3D178"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ar750s_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AC5207-7130-4B6A-A8E3-763050749DFA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ar750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F18E5F1D-55CD-4F6A-A349-90DD27B29955"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:b1300_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0D132DF3-58FC-4F9B-9518-B668A9564D97"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:b1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A47EFE3F-D217-469E-BEE6-5D78037C71C3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mt1300_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "8E513879-5A56-4B91-913D-7C68B7323B8C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mt1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CECA41F-E807-4234-8C41-477DE132210E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mt300n-v2_firmware:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "96D4CCC3-BFB2-449D-8947-FDDC722F15F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mt300n-v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "797DD304-0AF8-4E2C-8F72-ADF31B8AD6F4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:ap1300_firmware:3.217:*:*:*:*:*:*:*",
"matchCriteriaId": "24CFCB1B-1AA2-4D05-9545-D8864517F52E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:ap1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72D7EFDB-E10E-4D75-ABE2-CC3CE321F584"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:b2200_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "C725432A-2F3B-46F9-B705-34ECC4299FED"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:b2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBB4C645-59AA-4682-A487-C0DB2CF0A4F1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mv1000_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1BD239-D370-4F14-A6B2-2C078170ECEB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mv1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB8DF06-507E-4933-ABAD-1FB7D70CD3C2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:mv1000w_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "C6E3539B-172C-4AF3-AD1E-AED4937F1BB0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:mv1000w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23E9E6FC-346D-4D58-BD4E-84A81722A155"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:usb150_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "FABD5B0B-9763-4020-8858-1B67FACB125A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:usb150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBDE54D-5475-41A6-8E17-EFF445B3C2F1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:sf1200_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5D0C75-04DE-4315-9980-E8F31AE6F261"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:sf1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F5BAAA-AE8C-41F3-8C41-B0223BDB4314"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:n300_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "AF760DF0-D192-4FF8-BC24-F9F71EA365F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:n300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F805B376-E08F-4D66-A301-59EF92E4082B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:s1300_firmware:3.216:*:*:*:*:*:*:*",
"matchCriteriaId": "F83CD9FC-F9BE-4B76-B387-AA2588631780"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:s1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B6BB55-8107-490B-90FD-F7EE3A89C7D9"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://ar750ar750sar300mar300m16mt300n-v2b1300mt1300sft1200x750.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Ovpn%20interface%20shell%20injection.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2024/CVE-2024-407xx/CVE-2024-40724.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40724",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-07-19T08:15:02.070",
"lastModified": "2024-08-01T13:57:55.270",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-07T20:15:57.773",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -39,18 +59,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:assimp:assimp:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.2",
"matchCriteriaId": "9F8D5F8A-B06B-4076-B192-7136B0E743FB"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/assimp/assimp/pull/5651/commits/614911bb3b1bfc3a1799ae2b3cca306270f3fb97",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/assimp/assimp/releases/tag/v5.4.2",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Release Notes"
]
},
{
"url": "https://jvn.jp/en/jp/JVN87710540/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-411xx/CVE-2024-41172.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41172",
"sourceIdentifier": "security@apache.org",
"published": "2024-07-19T09:15:05.640",
"lastModified": "2024-08-01T13:58:23.907",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-07T20:16:45.237",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +71,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.6.0",
"versionEndExcluding": "3.6.4",
"matchCriteriaId": "7D6F6603-DD23-4DD5-8B90-0BAB0EB7E1D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.0.5",
"matchCriteriaId": "ACAFECF5-75A5-4397-A588-F51D09717335"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

41
CVE-2024/CVE-2024-412xx/CVE-2024-41240.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41240",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T18:15:37.627",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T21:35:06.560",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "A Reflected Cross Site Scripting (XSS) vulnerability was found in \" /smsa/teacher_login.php\" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via the \"error\" parameter."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Reflected%20XSS%20-%20Teacher.pdf",

41
CVE-2024/CVE-2024-412xx/CVE-2024-41242.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41242",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T18:15:37.757",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T21:35:07.870",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "A Reflected Cross Site Scripting (XSS) vulnerability was found in /smsa/student_login.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via \"error\" parameter."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Reflected%20XSS%20-%20Student.pdf",

39
CVE-2024/CVE-2024-412xx/CVE-2024-41248.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-41248",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T16:15:45.717",
"lastModified": "2024-08-07T19:09:46.290",
"lastModified": "2024-08-07T20:35:20.683",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "An Incorrect Access Control vulnerability was found in /smsa/add_subject.php and /smsa/add_subject_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new subject entry."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20Master%20-%20Add%20Subject.pdf",

39
CVE-2024/CVE-2024-412xx/CVE-2024-41249.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-41249",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T16:15:45.780",
"lastModified": "2024-08-07T19:09:46.290",
"lastModified": "2024-08-07T20:35:21.500",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "An Incorrect Access Control vulnerability was found in /smsa/view_subject.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view SUBJECT details."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20-%20View%20Subjects.pdf",

41
CVE-2024/CVE-2024-412xx/CVE-2024-41264.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41264",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-01T16:15:06.573",
"lastModified": "2024-08-01T16:45:25.400",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T20:35:22.313",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,42 @@
"value": " Un problema descubierto en casdoor v1.636.0 permite a los atacantes obtener informaci\u00f3n confidencial a trav\u00e9s del m\u00e9todo ssh.InsecureIgnoreHostKey()."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/nyxfqq/33ceaccbc9b05d439a944c2b55fa1c0f",

39
CVE-2024/CVE-2024-413xx/CVE-2024-41308.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-41308",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T16:15:45.977",
"lastModified": "2024-08-07T19:09:46.290",
"lastModified": "2024-08-07T21:35:09.417",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "An issue in the Ping feature of IT Solutions Enjay CRM OS v1.0 allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://the-it-wonders.blogspot.com/2024/07/enjay-crm-10-multiple-code-executions.html",

74
CVE-2024/CVE-2024-413xx/CVE-2024-41333.json
View File

@ -2,24 +2,88 @@
"id": "CVE-2024-41333",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-06T16:15:49.180",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T20:54:44.060",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A reflected cross-site scripting (XSS) vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter."
},
{
"lang": "es",
"value": "Una vulnerabilidad Cross-Site Scripting (XSS) Reflejado en Phpgurukul Tourism Management System v2.0 permite a los atacantes ejecutar c\u00f3digo arbitrario en el contexto del navegador de un usuario mediante la inyecci\u00f3n de un payload manipulado en el par\u00e1metro uname."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpgurukul:tourism_management_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1980D2A4-171E-4B0E-99C2-9330E4757362"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://packetstormsecurity.com/files/179891/Tourism-Management-System-2.0-Cross-Site-Scripting.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.linkedin.com/in/sampath-kumar-kadajari-4b18891a7",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
}
]
}

78
CVE-2024/CVE-2024-416xx/CVE-2024-41616.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-41616",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-06T16:15:49.260",
"lastModified": "2024-08-06T16:35:17.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T20:54:20.793",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service."
},
{
"lang": "es",
"value": "D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contiene credenciales codificadas en el servicio Telnet."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,14 +81,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-300_firmware:1.06b05_ww:*:*:*:*:*:*:*",
"matchCriteriaId": "36A2AF0E-E92C-49FA-B98B-615956616275"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-300:a:*:*:*:*:*:*:*",
"matchCriteriaId": "EDA56E33-B2C7-4D57-B70A-D1ED9FEDB644"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/LYaoBoL/IOTsec/blob/main/D-Link/DIR300/CVE-2024-41616",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/LYaoBoL/IOTsec/blob/main/D-Link/DIR300/D-Link300.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-418xx/CVE-2024-41824.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41824",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-07-22T15:15:04.400",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T20:46:14.917",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "cve@jetbrains.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
},
{
"source": "cve@jetbrains.com",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.07",
"matchCriteriaId": "C0DC3613-1A6E-48C5-96EF-7918EE0CDC3A"
}
]
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
"source": "cve@jetbrains.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-418xx/CVE-2024-41825.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41825",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-07-22T15:15:04.630",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T20:45:33.243",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cve@jetbrains.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cve@jetbrains.com",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.07",
"matchCriteriaId": "C0DC3613-1A6E-48C5-96EF-7918EE0CDC3A"
}
]
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
"source": "cve@jetbrains.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-418xx/CVE-2024-41826.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41826",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2024-07-22T15:15:04.847",
"lastModified": "2024-07-24T12:55:13.223",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-07T20:44:55.327",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "cve@jetbrains.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cve@jetbrains.com",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.07",
"matchCriteriaId": "C0DC3613-1A6E-48C5-96EF-7918EE0CDC3A"
}
]
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
"source": "cve@jetbrains.com",
"tags": [
"Vendor Advisory"
]
}
]
}

Some files were not shown because too many files have changed in this diff Show More