admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-01-08T19:00:22.213675+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-01-08 19:03:45 +00:00
parent d5b6930fdf
commit 525d096ba8
160 changed files with 10633 additions and 1182 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
CVE-2018/CVE-2018-43xx/CVE-2018-4301.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2018-4301",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-08T00:15:24.030",
"lastModified": "2025-01-08T00:15:24.030",
"lastModified": "2025-01-08T18:15:12.493",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This issue is fixed in SCSSU-201801. A potential stack based buffer overflow existed in GemaltoKeyHandle.cpp."
},
{
"lang": "es",
"value": "Este problema se solucion\u00f3 en SCSSU-201801. Exist\u00eda un posible desbordamiento de b\u00fafer basado en pila en GemaltoKeyHandle.cpp."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://smartcardservices.github.io/security/",

152
CVE-2021/CVE-2021-469xx/CVE-2021-46965.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-46965",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-27T19:04:07.087",
"lastModified": "2024-11-21T06:35:02.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T17:16:07.213",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,131 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mtd: physmap: physmap-bt1-rom: corrige el acceso involuntario a la pila. Transmite &data a (char *) para evitar el acceso involuntario a la pila. Tenga en cuenta que los datos son de tipo u32, por lo que cualquier incremento en &data ser\u00e1 del orden de fragmentos de 4 bytes, y este fragmento de c\u00f3digo en realidad est\u00e1 destinado a ser un desplazamiento de bytes. Direcciones-Coverity-ID: 1497765 (\"Acceso fuera de l\u00edmites\")"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/34ec706bf0b7c4ca249a729c1bcb91f706c7a7be",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/4d786870e3262ec098a3b4ed10b895176bc66ecb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/4e4ebb827bf09311469ffd9d0c14ed40ed9747aa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/683313993dbe1651c7aa00bb42a041d70e914925",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/34ec706bf0b7c4ca249a729c1bcb91f706c7a7be",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/4d786870e3262ec098a3b4ed10b895176bc66ecb",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/4e4ebb827bf09311469ffd9d0c14ed40ed9747aa",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/683313993dbe1651c7aa00bb42a041d70e914925",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10",
"versionEndExcluding": "5.10.36",
"matchCriteriaId": "A3C0C655-F217-444C-9131-45D82FAF3CFF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.11.20",
"matchCriteriaId": "EEC03413-9760-46D4-AC1D-EB084A1D4111"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.12.3",
"matchCriteriaId": "F9D6B2DE-7E4A-4B3B-9AEE-3A2C5F23DA32"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/34ec706bf0b7c4ca249a729c1bcb91f706c7a7be",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4d786870e3262ec098a3b4ed10b895176bc66ecb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4e4ebb827bf09311469ffd9d0c14ed40ed9747aa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/683313993dbe1651c7aa00bb42a041d70e914925",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/34ec706bf0b7c4ca249a729c1bcb91f706c7a7be",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4d786870e3262ec098a3b4ed10b895176bc66ecb",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4e4ebb827bf09311469ffd9d0c14ed40ed9747aa",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/683313993dbe1651c7aa00bb42a041d70e914925",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

94
CVE-2021/CVE-2021-469xx/CVE-2021-46969.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-46969",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-27T19:04:07.260",
"lastModified": "2024-11-21T06:35:04.420",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T17:19:50.777",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,89 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: bus: mhi: core: corrige el error no v\u00e1lido que regresa en mhi_queue mhi_queue devuelve un error cuando no se puede acceder al timbre en el estado actual. Esto puede suceder cuando el dispositivo no est\u00e1 en un estado M0, como M3, y es necesario activarlo antes de llamar a la base de datos. Este caso se gestiona anteriormente activando una salida asincr\u00f3nica de M3 a trav\u00e9s de devoluciones de llamada de reanudaci\u00f3n/suspensi\u00f3n del controlador, que a su vez provocar\u00e1 la transici\u00f3n de M0 y la actualizaci\u00f3n de la base de datos. Entonces, dado que no es un error sino simplemente un retraso en la actualizaci\u00f3n del timbre, no hay raz\u00f3n para devolver un error. Esto tambi\u00e9n corrige un error de uso despu\u00e9s de la liberaci\u00f3n para el caso de skb; de hecho, una persona que llama al skb en cola intentar\u00e1 liberar el skb si la cola falla, pero en ese caso la cola ya se realiz\u00f3."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/0ecc1c70dcd32c0f081b173a1a5d89952686f271",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/a99b661c3187365f81026d89b1133a76cd2652b3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/0ecc1c70dcd32c0f081b173a1a5d89952686f271",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/a99b661c3187365f81026d89b1133a76cd2652b3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.12.3",
"matchCriteriaId": "F9D6B2DE-7E4A-4B3B-9AEE-3A2C5F23DA32"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0ecc1c70dcd32c0f081b173a1a5d89952686f271",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a99b661c3187365f81026d89b1133a76cd2652b3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0ecc1c70dcd32c0f081b173a1a5d89952686f271",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a99b661c3187365f81026d89b1133a76cd2652b3",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

123
CVE-2021/CVE-2021-469xx/CVE-2021-46970.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-46970",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-27T19:04:07.303",
"lastModified": "2024-11-21T06:35:04.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T17:22:48.013",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,110 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bus: mhi: pci_generic: Eliminar el indicador WQ_MEM_RECLAIM de la cola de trabajo de estado Un cambio reciente cre\u00f3 una cola de trabajo dedicada para el trabajo de cambio de estado con los indicadores WQ_HIGHPRI (sin ninguna raz\u00f3n importante para ello) y WQ_MEM_RECLAIM. pero el trabajo de cambio de estado (mhi_pm_st_worker) no garantiza el progreso hacia adelante bajo presi\u00f3n de la memoria, e incluso esperar\u00e1 varias asignaciones de memoria cuando, por ejemplo, se crean dispositivos, se carga firmware, etc... El trabajo entonces no forma parte de una ruta de recuperaci\u00f3n de memoria. .. Adem\u00e1s, esto provoca una advertencia en check_flush_dependency() ya que terminamos en un c\u00f3digo que vac\u00eda una cola de trabajo que no es de recuperaci\u00f3n: [ 40.969601] cola de trabajo: WQ_MEM_RECLAIM mhi_hiprio_wq:mhi_pm_st_worker [mhi] est\u00e1 descargando !WQ_MEM_RECLAIM events_highpri:flush_backlog [ 40.969612] ADVERTENCIA : CPU: 4 PID: 158 en kernel/workqueue.c:2607 check_flush_dependency+0x11c/0x140 [40.969733] Seguimiento de llamadas: [40.969740] __flush_work+0x97/0x1d0 [40.969745]? proceso_despertador+0x15/0x20 [40.969749]? insertar_trabajo+0x70/0x80 [40.969750]? __queue_work+0x14a/0x3e0 [ 40.969753] Flush_work+0x10/0x20 [ 40.969756] rollback_registered_many+0x1c9/0x510 [ 40.969759] unregister_netdevice_queue+0x94/0x120 [ 40.969761] anular el registro _netdev+0x1d/0x30 [ 40.969765] mhi_net_remove+0x1a/0x40 [mhi_net] [ 40.969770 ] mhi_driver_remove+0x124/0x250 [mhi] [ 40.969776] dispositivo_release_driver_internal+0xf0/0x1d0 [ 40.969778] dispositivo_release_driver+0x12/0x20 [ 40.969782] bus_remove_device+0xe1/0x150 [ 40.9 69786] dispositivo_del+0x17b/0x3e0 [ 40.969791] mhi_destroy_device+0x9a/0x100 [ mhi] [40.969796]? mhi_unmap_single_use_bb+0x50/0x50 [mhi] [ 40.969799] dispositivo_para_cada_ni\u00f1o+0x5e/0xa0 [ 40.969804] mhi_pm_st_worker+0x921/0xf50 [mhi]"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/0fccbf0a3b690b162f53b13ed8bc442ea33437dc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/abd1510c08a13c88d24b622a83c82e87ff1d3135",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/ed541cff35cbdb695f0c98ef506dd7218883fc07",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/0fccbf0a3b690b162f53b13ed8bc442ea33437dc",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/abd1510c08a13c88d24b622a83c82e87ff1d3135",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/ed541cff35cbdb695f0c98ef506dd7218883fc07",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.11.20",
"matchCriteriaId": "EEC03413-9760-46D4-AC1D-EB084A1D4111"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.12.3",
"matchCriteriaId": "F9D6B2DE-7E4A-4B3B-9AEE-3A2C5F23DA32"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0fccbf0a3b690b162f53b13ed8bc442ea33437dc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/abd1510c08a13c88d24b622a83c82e87ff1d3135",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ed541cff35cbdb695f0c98ef506dd7218883fc07",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0fccbf0a3b690b162f53b13ed8bc442ea33437dc",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/abd1510c08a13c88d24b622a83c82e87ff1d3135",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ed541cff35cbdb695f0c98ef506dd7218883fc07",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

181
CVE-2021/CVE-2021-469xx/CVE-2021-46971.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-46971",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-27T19:04:07.343",
"lastModified": "2024-11-21T06:35:04.757",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T17:26:07.483",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,152 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: perf/core: corrige la llamada incondicional a security_locked_down() Actualmente, el estado de bloqueo se consulta incondicionalmente, aunque su resultado se usa solo si el bit PERF_SAMPLE_REGS_INTR est\u00e1 establecido en attr.sample_type. Si bien eso no importa en el caso del Lockdown LSM, causa problemas con la implementaci\u00f3n del gancho de bloqueo de SELinux. SELinux implementa el gancho lock_down comprobando si el tipo de tarea actual tiene el correspondiente permiso de clase de \"bloqueo\" (\"integridad\" o \"confidencialidad\") permitido en la pol\u00edtica. Esto significa que llamar al enlace cuando se ignorar\u00eda la decisi\u00f3n de control de acceso genera una verificaci\u00f3n de permisos y un registro de auditor\u00eda falsos. Solucione este problema verificando sample_type primero y solo llamando al gancho cuando se respete su resultado."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/08ef1af4de5fe7de9c6d69f1e22e51b66e385d9b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
{
"url": "https://git.kernel.org/stable/c/4348d3b5027bc3ff6336368b6c60605d4ef8e1ce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/b246759284d6a2bc5b6f1009caeeb3abce2ec9ff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/c7b0208ee370b89d20486fae71cd9abb759819c1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f5809ca4c311b71bfaba6d13f4e39eab0557895e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/08ef1af4de5fe7de9c6d69f1e22e51b66e385d9b",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/4348d3b5027bc3ff6336368b6c60605d4ef8e1ce",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/b246759284d6a2bc5b6f1009caeeb3abce2ec9ff",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/c7b0208ee370b89d20486fae71cd9abb759819c1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/f5809ca4c311b71bfaba6d13f4e39eab0557895e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.4.117",
"matchCriteriaId": "4363F793-1288-4880-BF20-479612C7CA60"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.35",
"matchCriteriaId": "4CF5C6B5-56F0-4FA4-8D35-E62F982951FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.11.19",
"matchCriteriaId": "491D6D53-3D80-40F9-8458-A0B83CCE0F64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.12.2",
"matchCriteriaId": "CD9444EF-C1C3-4896-897A-2F3A4C436567"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/08ef1af4de5fe7de9c6d69f1e22e51b66e385d9b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4348d3b5027bc3ff6336368b6c60605d4ef8e1ce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b246759284d6a2bc5b6f1009caeeb3abce2ec9ff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c7b0208ee370b89d20486fae71cd9abb759819c1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f5809ca4c311b71bfaba6d13f4e39eab0557895e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/08ef1af4de5fe7de9c6d69f1e22e51b66e385d9b",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4348d3b5027bc3ff6336368b6c60605d4ef8e1ce",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b246759284d6a2bc5b6f1009caeeb3abce2ec9ff",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c7b0208ee370b89d20486fae71cd9abb759819c1",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f5809ca4c311b71bfaba6d13f4e39eab0557895e",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

152
CVE-2021/CVE-2021-469xx/CVE-2021-46972.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-46972",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-27T19:04:07.403",
"lastModified": "2024-11-21T06:35:04.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T17:30:28.093",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,131 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ovl: corrige la dentry filtrada Desde el commit 6815f479ca90 (\"ovl: usa solo el estado de metacopia superior en ovl_lookup()\"), overlayfs no coloca la dentry temporal cuando hay un error de metacopia, lo que conduce a fugas de dentry al cerrar el superbloque relacionado: overlayfs: se niega a seguir el origen de la metacopia para (/file0)... ERROR: Dentry (____ptrval____){i=3f33,n=file3} todav\u00eda est\u00e1 en uso (1) [desmontaje de superposici\u00f3n superpuesta]... ADVERTENCIA: CPU: 1 PID: 432 en umount_check.cold+0x107/0x14d CPU: 1 PID: 432 Comm: unmount-overlay No contaminado 5.12.0-rc5 #1... RIP: 0010:umount_check .cold+0x107/0x14d... Seguimiento de llamadas: d_walk+0x28c/0x950 ? dentry_lru_isolate+0x2b0/0x2b0? __kasan_slab_free+0x12/0x20 do_one_tree+0x33/0x60 encogimiento_dcache_for_umount+0x78/0x1d0 generic_shutdown_super+0x70/0x440 kill_anon_super+0x3e/0x70 deactivate_locked_super+0xc4/0x160 deactivate_super+0xfa/0x140 clean up_mnt+0x22e/0x370 __cleanup_mnt+0x1a/0x30 task_work_run+0x139/0x210 do_exit+0xb0c/0x2820? __kasan_check_read+0x1d/0x30 ? find_held_lock+0x35/0x160? lock_release+0x1b6/0x660? mm_update_next_owner+0xa20/0xa20? \u00bfreaquirir_held_locks+0x3f0/0x3f0? __sanitizer_cov_trace_const_cmp4+0x22/0x30 do_group_exit+0x135/0x380 __do_sys_exit_group.isra.0+0x20/0x20 __x64_sys_exit_group+0x3c/0x50 do_syscall_64+0x45/0x70 entrada_SYSCALL_64 _after_hwframe+0x44/0xae... VFS: Inodos ocupados despu\u00e9s de desmontar la superposici\u00f3n. Autodestrucci\u00f3n en 5 segundos. Que tengas un buen d\u00eda... Esta soluci\u00f3n ha sido probada con un reproductor syzkaller."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/71d58457a8afc650da5d3292a7f7029317654d95",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/cf3e3330bc5719fa9d658e3e2f596bde89344a94",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/d587cfaef72b1b6f4b2774827123bce91f497cc8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/eaab1d45cdb4bb0c846bd23c3d666d5b90af7b41",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/71d58457a8afc650da5d3292a7f7029317654d95",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/cf3e3330bc5719fa9d658e3e2f596bde89344a94",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/d587cfaef72b1b6f4b2774827123bce91f497cc8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/eaab1d45cdb4bb0c846bd23c3d666d5b90af7b41",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.8",
"versionEndExcluding": "5.10.35",
"matchCriteriaId": "460C9D63-8799-4FD7-B512-6CE6409FED25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.11.19",
"matchCriteriaId": "491D6D53-3D80-40F9-8458-A0B83CCE0F64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.12.2",
"matchCriteriaId": "CD9444EF-C1C3-4896-897A-2F3A4C436567"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/71d58457a8afc650da5d3292a7f7029317654d95",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cf3e3330bc5719fa9d658e3e2f596bde89344a94",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d587cfaef72b1b6f4b2774827123bce91f497cc8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eaab1d45cdb4bb0c846bd23c3d666d5b90af7b41",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/71d58457a8afc650da5d3292a7f7029317654d95",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cf3e3330bc5719fa9d658e3e2f596bde89344a94",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d587cfaef72b1b6f4b2774827123bce91f497cc8",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eaab1d45cdb4bb0c846bd23c3d666d5b90af7b41",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

157
CVE-2021/CVE-2021-469xx/CVE-2021-46977.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-46977",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-28T09:15:37.140",
"lastModified": "2024-11-21T06:35:05.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T17:34:32.217",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,136 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: KVM: VMX: deshabilite la preferencia al sondear los MSR devueltos por el usuario. Deshabilite la preferencia al sondear el MSR devuelto por un usuario a trav\u00e9s de RDSMR/WRMSR. Si MSR tiene un valor diferente por CPU l\u00f3gica, WRMSR podr\u00eda da\u00f1ar el valor del host si KVM se adelanta entre RDMSR y WRMSR y luego se reprograma en una CPU diferente. De manera oportunista, coloque el asistente en x86 com\u00fan, SVM usar\u00e1 el asistente en una confirmaci\u00f3n futura."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/31f29749ee970c251b3a7e5b914108425940d089",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/5104d7ffcf24749939bea7fdb5378d186473f890",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/5adcdeb57007ccf8ab7ac20bf787ffb6fafb1a94",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/e3ea1895df719c4ef87862501bb10d95f4177bed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/31f29749ee970c251b3a7e5b914108425940d089",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/5104d7ffcf24749939bea7fdb5378d186473f890",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/5adcdeb57007ccf8ab7ac20bf787ffb6fafb1a94",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/e3ea1895df719c4ef87862501bb10d95f4177bed",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.38",
"matchCriteriaId": "2BB4E5E8-4AAD-475A-A1B9-F287254C7D72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.11.22",
"matchCriteriaId": "83B53E9A-F426-4C03-9A5F-A931FF79827E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.12.5",
"matchCriteriaId": "0274929A-B36C-4F4C-AB22-30A0DD6B995B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/31f29749ee970c251b3a7e5b914108425940d089",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5104d7ffcf24749939bea7fdb5378d186473f890",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5adcdeb57007ccf8ab7ac20bf787ffb6fafb1a94",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e3ea1895df719c4ef87862501bb10d95f4177bed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/31f29749ee970c251b3a7e5b914108425940d089",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5104d7ffcf24749939bea7fdb5378d186473f890",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5adcdeb57007ccf8ab7ac20bf787ffb6fafb1a94",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e3ea1895df719c4ef87862501bb10d95f4177bed",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

210
CVE-2021/CVE-2021-469xx/CVE-2021-46999.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-46999",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-28T09:15:38.130",
"lastModified": "2024-11-21T06:35:09.490",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T17:36:29.443",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,55 +15,173 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: sctp: haga una actualizaci\u00f3n anterior en sctp_sf_do_dupcook_a Hay un p\u00e1nico que ocurre en algunos de los entornos, el seguimiento de la llamada es el siguiente: [] falla de protecci\u00f3n general, ... 0x29acd70f1000a: 0000 [#1] SMP PTI [] RIP: 0010:sctp_ulpevent_notify_peer_addr_change+0x4b/0x1fa [sctp] [] sctp_assoc_control_transport+0x1b9/0x210 [sctp] [] sctp_do_8_2_transport_strike.isra.16+0x15c/0x220 [sctp] [] sctp_cmd_interpreter.isra. 21+0x1231/0x1a10 [sctp] [] sctp_do_sm+0xc3/0x2a0 [sctp] [] sctp_generate_timeout_event+0x81/0xf0 [sctp] Esto se debe a un problema de use-after-free del transporte. Al procesar un fragmento COOKIE-ECHO duplicado en sctp_sf_do_dupcook_a(), tanto los fragmentos COOKIE-ACK como SHUTDOWN se asignan con el transort del nuevo asoc. Sin embargo, m\u00e1s adelante en la m\u00e1quina de efectos secundarios, el antiguo asoc se utiliza para enviarlos y el Shutdown_last_sent_to del antiguo asoc se configura en el transporte al que se adjunt\u00f3 el fragmento SHUTDOWN en sctp_cmd_setup_t2(), que en realidad pertenece al nuevo asoc. Despu\u00e9s de que se libera el new_asoc y se agota el tiempo de espera T2 del antiguo asoc, se acceder\u00e1 al Shutdown_last_sent_to del antiguo asoc que ya est\u00e1 liberado en sctp_sf_t2_timer_expire(). Gracias Alexander y Jere por ayudarnos a profundizar en este problema. Para solucionarlo, este parche consiste en realizar primero la actualizaci\u00f3n de asoc y luego asignar los fragmentos COOKIE-ACK y SHUTDOWN con el antiguo asoc 'actualizado'. Esto tendr\u00eda m\u00e1s sentido, ya que un fragmento de una asoc no deber\u00eda enviarse con otra asoc. Hemos solucionado bastantes problemas causados por esto."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/0bfd913c2121b3d553bfd52810fe6061d542d625",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/35b4f24415c854cd718ccdf38dbea6297f010aae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/61b877bad9bb0d82b7d8841be50872557090a704",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/b1b31948c0af44628e43353828453461bb74098f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d624f2991b977821375fbd56c91b0c91d456a697",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f01988ecf3654f805282dce2d3bb9afe68d2691e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0bfd913c2121b3d553bfd52810fe6061d542d625",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/35b4f24415c854cd718ccdf38dbea6297f010aae",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/61b877bad9bb0d82b7d8841be50872557090a704",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/b1b31948c0af44628e43353828453461bb74098f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/d624f2991b977821375fbd56c91b0c91d456a697",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/f01988ecf3654f805282dce2d3bb9afe68d2691e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.19.123",
"versionEndExcluding": "4.19.191",
"matchCriteriaId": "D20BDA16-5AB8-4904-BD6D-95AA2838AC18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4.41",
"versionEndExcluding": "5.4.120",
"matchCriteriaId": "D251349F-754D-42A1-9056-739E6B415320"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.7",
"versionEndExcluding": "5.10.38",
"matchCriteriaId": "4EC70BEE-8480-4726-B12A-17BED681CD70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.11.22",
"matchCriteriaId": "83B53E9A-F426-4C03-9A5F-A931FF79827E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.12.5",
"matchCriteriaId": "0274929A-B36C-4F4C-AB22-30A0DD6B995B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0bfd913c2121b3d553bfd52810fe6061d542d625",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/35b4f24415c854cd718ccdf38dbea6297f010aae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/61b877bad9bb0d82b7d8841be50872557090a704",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b1b31948c0af44628e43353828453461bb74098f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d624f2991b977821375fbd56c91b0c91d456a697",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f01988ecf3654f805282dce2d3bb9afe68d2691e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0bfd913c2121b3d553bfd52810fe6061d542d625",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/35b4f24415c854cd718ccdf38dbea6297f010aae",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/61b877bad9bb0d82b7d8841be50872557090a704",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b1b31948c0af44628e43353828453461bb74098f",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d624f2991b977821375fbd56c91b0c91d456a697",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f01988ecf3654f805282dce2d3bb9afe68d2691e",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

152
CVE-2021/CVE-2021-470xx/CVE-2021-47001.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47001",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-28T09:15:38.213",
"lastModified": "2024-11-21T06:35:09.803",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T17:38:47.230",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,131 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: xprtrdma: corrige el orden de actualizaci\u00f3n de cwnd Despu\u00e9s de una reconexi\u00f3n, el controlador de respuesta abre cwnd (y as\u00ed permite que se env\u00eden m\u00e1s llamadas RPC) /antes/ rpcrdma_post_recvs() puede publicar suficiente recepci\u00f3n WR para recibir sus respuestas. Esto provoca un RNR y la nueva conexi\u00f3n se pierde inmediatamente. La ejecuci\u00f3n se expone m\u00e1s claramente cuando KASAN y la inyecci\u00f3n de desconexi\u00f3n est\u00e1n habilitados. Esto ralentiza rpcrdma_rep_create() lo suficiente como para permitir que el lado de env\u00edo publique un mont\u00f3n de llamadas RPC antes de que el controlador de finalizaci\u00f3n de recepci\u00f3n pueda invocar ib_post_recv()."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/19b5fa9489b5706bc878c3a522a7f771079e2fa0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/35d8b10a25884050bb3b0149b62c3818ec59f77c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/8834ecb5df22b7ff3c9b0deba7726579bb613f95",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/eddae8be7944096419c2ae29477a45f767d0fcd4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/19b5fa9489b5706bc878c3a522a7f771079e2fa0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/35d8b10a25884050bb3b0149b62c3818ec59f77c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/8834ecb5df22b7ff3c9b0deba7726579bb613f95",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/eddae8be7944096419c2ae29477a45f767d0fcd4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.38",
"matchCriteriaId": "2BB4E5E8-4AAD-475A-A1B9-F287254C7D72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.11.22",
"matchCriteriaId": "83B53E9A-F426-4C03-9A5F-A931FF79827E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.12.5",
"matchCriteriaId": "0274929A-B36C-4F4C-AB22-30A0DD6B995B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/19b5fa9489b5706bc878c3a522a7f771079e2fa0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/35d8b10a25884050bb3b0149b62c3818ec59f77c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8834ecb5df22b7ff3c9b0deba7726579bb613f95",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eddae8be7944096419c2ae29477a45f767d0fcd4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/19b5fa9489b5706bc878c3a522a7f771079e2fa0",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/35d8b10a25884050bb3b0149b62c3818ec59f77c",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8834ecb5df22b7ff3c9b0deba7726579bb613f95",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eddae8be7944096419c2ae29477a45f767d0fcd4",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

152
CVE-2021/CVE-2021-470xx/CVE-2021-47004.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47004",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-28T09:15:38.353",
"lastModified": "2024-11-21T06:35:10.143",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T17:43:50.870",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,131 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: f2fs: correcci\u00f3n para evitar tocar datos con puntos de control en get_victim() En el modo de desactivaci\u00f3n de CP, hay dos problemas al usar LFS o SSR | Modo AT_SSR para seleccionar a la v\u00edctima: 1. LFS est\u00e1 configurado para buscar la secci\u00f3n de origen durante la GC, la v\u00edctima no debe tener datos de puntos de control, ya que despu\u00e9s de la GC, la secci\u00f3n no se puede liberar para su reutilizaci\u00f3n. Anteriormente, solo verific\u00e1bamos los bloques chpt v\u00e1lidos en el segmento actual en lugar de en la secci\u00f3n, lo arreglamos. 2. RSS | AT_SSR est\u00e1 configurado para encontrar un segmento de destino para escrituras que se puede llenar completamente con bloques reci\u00e9n escritos y con puntos de control. Nunca debemos seleccionar dicho segmento; de lo contrario, puede causar p\u00e1nico o corrupci\u00f3n de datos durante la asignaci\u00f3n. El caso potencial se describe a continuaci\u00f3n: a) segmento de destino tiene 'n' (n < 512) ckpt bloques v\u00e1lidos b) GC migra 'n' bloques v\u00e1lidos a otro segmento (el segmento todav\u00eda est\u00e1 en la lista sucia) c) GC migra '512 - n' bloques al segmento objetivo (el segmento tiene 'n ' cp_vblocks y '512 - n' vblocks) d) Si GC selecciona el segmento de destino mediante el asignador {AT,}SSR, sin embargo, no hay espacio libre en el segmento de destino."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/105155a8146ddb54c119d8318964eef3859d109d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/1e116f87825f01a6380286472196882746b16f63",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/211372b2571520e394b56b431a0705586013b3ff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/61461fc921b756ae16e64243f72af2bfc2e620db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/105155a8146ddb54c119d8318964eef3859d109d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/1e116f87825f01a6380286472196882746b16f63",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/211372b2571520e394b56b431a0705586013b3ff",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/61461fc921b756ae16e64243f72af2bfc2e620db",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.10.38",
"matchCriteriaId": "7B942F1E-8607-4DB5-90A9-F497E0DCFF88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.11.22",
"matchCriteriaId": "83B53E9A-F426-4C03-9A5F-A931FF79827E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.12.5",
"matchCriteriaId": "0274929A-B36C-4F4C-AB22-30A0DD6B995B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/105155a8146ddb54c119d8318964eef3859d109d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1e116f87825f01a6380286472196882746b16f63",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/211372b2571520e394b56b431a0705586013b3ff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/61461fc921b756ae16e64243f72af2bfc2e620db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/105155a8146ddb54c119d8318964eef3859d109d",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1e116f87825f01a6380286472196882746b16f63",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/211372b2571520e394b56b431a0705586013b3ff",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/61461fc921b756ae16e64243f72af2bfc2e620db",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

152
CVE-2021/CVE-2021-470xx/CVE-2021-47007.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47007",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-28T09:15:38.507",
"lastModified": "2024-11-21T06:35:10.633",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T17:58:51.337",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,131 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: f2fs: corrige el p\u00e1nico durante f2fs_resize_fs() f2fs_resize_fs() se bloquea en la pila de llamadas debajo con el caso de prueba: - imagen mkfs de 16 GB y montaje de imagen - dd archivo A de 8 GB - agrega archivo B de 8 GB - sincronizaci\u00f3n - archivo rm A - sincronizaci\u00f3n - cambiar el tama\u00f1o del sistema de archivos al kernel de 8 GB \u00a1ERROR en segment.c:2484! Seguimiento de llamadas: allocate_segment_by_default+0x92/0xf0 [f2fs] f2fs_allocate_data_block+0x44b/0x7e0 [f2fs] do_write_page+0x5a/0x110 [f2fs] f2fs_outplace_write_data+0x55/0x100 [f2fs] f2fs_do_write_data_page +0x392/0x850 [f2fs] mover_p\u00e1gina_datos+0x233/0x320 [f2fs] ] do_garbage_collect+0x14d9/0x1660 [f2fs] free_segment_range+0x1f7/0x310 [f2fs] f2fs_resize_fs+0x118/0x330 [f2fs] __f2fs_ioctl+0x487/0x3680 [f2fs] __x64_sys_ioct l+0x8e/0xd0 do_syscall_64+0x33/0x80 Entry_SYSCALL_64_after_hwframe+0x44/0xa9 La ra\u00edz Porque olvidamos verificar si tenemos suficiente espacio en el sistema de archivos redimensionado para almacenar todos los bloques v\u00e1lidos en el sistema de archivos antes de cambiar el tama\u00f1o, entonces el asignador se quedar\u00e1 sin espacio durante la migraci\u00f3n de bloques en free_segment_range()."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/1c20a4896409f5ca1c770e1880c33d0a28a8b10f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/3ab0598e6d860ef49d029943ba80f627c15c15d6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/822054e5026c43b1dd60cf387dd999e95ee2ecc2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/860afd680d9cc1dabd61cda3cd246f60aa1eb705",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1c20a4896409f5ca1c770e1880c33d0a28a8b10f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/3ab0598e6d860ef49d029943ba80f627c15c15d6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/822054e5026c43b1dd60cf387dd999e95ee2ecc2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/860afd680d9cc1dabd61cda3cd246f60aa1eb705",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-754"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.8",
"versionEndExcluding": "5.10.38",
"matchCriteriaId": "48EEEAD2-D08A-422C-8830-6CCF86E89E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.11.22",
"matchCriteriaId": "83B53E9A-F426-4C03-9A5F-A931FF79827E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.12.5",
"matchCriteriaId": "0274929A-B36C-4F4C-AB22-30A0DD6B995B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1c20a4896409f5ca1c770e1880c33d0a28a8b10f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3ab0598e6d860ef49d029943ba80f627c15c15d6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/822054e5026c43b1dd60cf387dd999e95ee2ecc2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/860afd680d9cc1dabd61cda3cd246f60aa1eb705",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1c20a4896409f5ca1c770e1880c33d0a28a8b10f",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3ab0598e6d860ef49d029943ba80f627c15c15d6",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/822054e5026c43b1dd60cf387dd999e95ee2ecc2",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/860afd680d9cc1dabd61cda3cd246f60aa1eb705",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

152
CVE-2021/CVE-2021-470xx/CVE-2021-47011.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47011",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-28T09:15:38.703",
"lastModified": "2024-11-21T06:35:11.193",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:02:38.837",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,131 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm: memcontrol: slab: fix obtener una referencia a una serie de parches de liberaci\u00f3n de memcg \"Utilice las API de obj_cgroup para cargar p\u00e1ginas kmem\", v5. Desde que se aplic\u00f3 la serie de Roman \"El nuevo controlador de memoria losa de cgroup\". Todos los objetos de losa se cargan con las nuevas API de obj_cgroup. Las nuevas API introducen una estructura obj_cgroup para cargar objetos de losa. Evita que los objetos de larga duraci\u00f3n fijen el grupo de memoria original en la memoria. Pero todav\u00eda hay algunos objetos de esquina (por ejemplo, asignaciones mayores que la p\u00e1gina de pedido 1 en SLUB) que no se cargan con las nuevas API. Esos objetos (incluidas las p\u00e1ginas que se asignan directamente desde el asignador de amigos) se cargan como p\u00e1ginas kmem que a\u00fan contienen una referencia al grupo de memoria. Por ejemplo, sabemos que la pila del kernel se carga como p\u00e1ginas kmem porque el tama\u00f1o de la pila del kernel puede ser mayor que 2 p\u00e1ginas (por ejemplo, 16 KB en x86_64 o arm64). Si creamos un subproceso (supongamos que la pila de subprocesos se carga en el grupo c de memoria A) y luego lo movemos del grupo c de memoria A al grupo c de memoria B. Porque la pila del n\u00facleo del subproceso contiene una referencia al grupo c de memoria A. El hilo puede anclar la memoria cgroup A en la memoria incluso si eliminamos el cgroup A. Si queremos ver este escenario usando el siguiente script. Podemos ver que el sistema ha agregado 500 cgroups moribundos (esto no es un problema del mundo real, solo un script para mostrar que los kmallocs grandes se cargan como p\u00e1ginas kmem que pueden fijar el cgroup de memoria en la memoria). #!/bin/bash cat /proc/cgroups | grep memoria cd /sys/fs/cgroup/memory echo 1 > memoria.move_charge_at_immigrate para i en el rango{1..500} hacer mkdir kmem_test echo $$ > kmem_test/cgroup.procs sleep 3600 & echo $$ > cgroup.procs echo `cat kmem_test/cgroup.procs` > cgroup.procs rmdir kmem_test hecho cat /proc/cgroups | grep memoria Este conjunto de parches tiene como objetivo hacer que esas p\u00e1ginas kmem eliminen la referencia a la memoria cgroup mediante el uso de las API de obj_cgroup. Finalmente, podemos ver que el n\u00famero de cgroups moribundos no aumentar\u00e1 si ejecutamos el script de prueba anterior. Este parche (de 7): rcu_read_lock/unlock solo puede garantizar que el memcg no se libere, pero no puede garantizar el \u00e9xito de css_get (que est\u00e1 en refill_stock cuando se cambia el memcg en cach\u00e9) a memcg. rcu_read_lock() memcg = obj_cgroup_memcg(old) __memcg_kmem_uncharge(memcg) refill_stock(memcg) if (stock->cached != memcg) // css_get puede cambiar el contador de referencia de 0 a 1. css_get(&memcg->css) rcu_read_unlock( ) Esta soluci\u00f3n es muy parecida a el commit: eefbfa7fd678 (\"mm: memcg/slab: fix use after free in obj_cgroup_charge\") Solucione este problema manteniendo una referencia al memcg que se pasa a __memcg_kmem_uncharge() antes de llamar a __memcg_kmem_uncharge()."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/31df8bc4d3feca9f9c6b2cd06fd64a111ae1a0e6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/89b1ed358e01e1b0417f5d3b0082359a23355552",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/9f38f03ae8d5f57371b71aa6b4275765b65454fd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/c3ae6a3f3ca4f02f6ccddf213c027302586580d0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/31df8bc4d3feca9f9c6b2cd06fd64a111ae1a0e6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/89b1ed358e01e1b0417f5d3b0082359a23355552",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/9f38f03ae8d5f57371b71aa6b4275765b65454fd",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/c3ae6a3f3ca4f02f6ccddf213c027302586580d0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10.11",
"versionEndExcluding": "5.10.37",
"matchCriteriaId": "EDC4144D-717D-43A1-8F8D-FE6FC95AF795"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.11.21",
"matchCriteriaId": "8CBB94EC-EC33-4464-99C5-03E5542715F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.12.4",
"matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/31df8bc4d3feca9f9c6b2cd06fd64a111ae1a0e6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/89b1ed358e01e1b0417f5d3b0082359a23355552",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9f38f03ae8d5f57371b71aa6b4275765b65454fd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c3ae6a3f3ca4f02f6ccddf213c027302586580d0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/31df8bc4d3feca9f9c6b2cd06fd64a111ae1a0e6",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/89b1ed358e01e1b0417f5d3b0082359a23355552",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9f38f03ae8d5f57371b71aa6b4275765b65454fd",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c3ae6a3f3ca4f02f6ccddf213c027302586580d0",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

94
CVE-2021/CVE-2021-470xx/CVE-2021-47014.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47014",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-28T09:15:38.860",
"lastModified": "2024-11-21T06:35:11.560",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:08:16.180",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/sched: act_ct: corrige el acceso salvaje a la memoria al borrar fragmentos mientras se prueba el reensamblaje/refragmentaci\u00f3n usando act_ct, es posible observar un bloqueo como el siguiente: KASAN: tal vez acceso a memoria salvaje en el rango [0x0001000000000448-0x000100000000044f] CPU: 50 PID: 0 Comunicaciones: swapper/50 Tainted: GS 5.12.0-rc7+ #424 Nombre de hardware: Dell Inc. PowerEdge R730/072T6D, BIOS 2.4.3 01 /17/2017 RIP: 0010:inet_frag_rbtree_purge+0x50/0xc0 C\u00f3digo: 00 fc ff df 48 89 c3 31 ed 48 89 df e8 a9 7a 38 ff 4c 89 fe 48 89 df 49 89 c6 e8 5b 3a 38 ff 48 8d 7b 40 48 89 f8 48 c1 e8 03 <42> 80 3c 20 00 75 59 48 8d bb d0 00 00 00 4c 8b 6b 40 48 89 f8 48 RSP: 0018:ffff888c31449db8 EFLAGS: 00010203 RAX: 00 00200000000089 RBX: 000100000000040e RCX: ffffffff989eb960 RDX: 0000000000000140 RSI: ffffffff97cfb977 RDI: 000100000000044e RBP: 0000000000000900 R08: 00000000000000000 R09: ffffed1186289350 R10: 00000000 00000003 R11: ffffed1186289350 R12: dffffc0000000000 R13: 000100000000040e R14: 00000000000000000 R15: ffff888155e02160 FS: 00000000000000000 (0000) GS:ffff888c31440000(0000) knlGS:0000000000000000 CS : 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00005600cb70a5b8 CR3: 0000000a2c014005 CR4: 00000000003706e0 DR0: 0000000000000000 DR1: 0 000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 00000000000000400 Seguimiento de llamadas: inet_frag_destroy+0xa9/0x150 call_timer_fn +0x2d/0x180 run_timer_softirq+0x4fe/0xe70 __do_softirq+0x197/0x5a0 irq_exit_rcu+0x1de/0x200 sysvec_apic_timer_interrupt+0x6b/0x80 cuando act_ct almacena temporalmente un fragmento de IP, la restauraci\u00f3n de skb qdisc cb da como resultado la colocaci\u00f3n de datos aleatorios en FR AG_CB() , y esto provoca esos accesos a la memoria \"salvajes\" m\u00e1s adelante, cuando se purga el rbtree. Nunca sobrescriba el skb cb en caso de que tcf_ct_handle_fragments() devuelva -EINPROGRESS."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/0648941f4c8bbf8b4b6c0b270889ae7aa769b921",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/f77bd544a6bbe69aa50d9ed09f13494cf36ff806",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/0648941f4c8bbf8b4b6c0b270889ae7aa769b921",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/f77bd544a6bbe69aa50d9ed09f13494cf36ff806",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-754"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.8",
"versionEndExcluding": "5.12.4",
"matchCriteriaId": "B83B558B-3437-4078-802C-F4C861C91D63"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0648941f4c8bbf8b4b6c0b270889ae7aa769b921",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f77bd544a6bbe69aa50d9ed09f13494cf36ff806",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0648941f4c8bbf8b4b6c0b270889ae7aa769b921",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f77bd544a6bbe69aa50d9ed09f13494cf36ff806",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

181
CVE-2021/CVE-2021-470xx/CVE-2021-47015.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47015",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-28T09:15:38.913",
"lastModified": "2024-11-21T06:35:11.660",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:12:23.737",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,152 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: bnxt_en: corrige la l\u00f3gica del \u00edndice del consumidor RX en la ruta del error. En bnxt_rx_pkt(), se espera que los buffers RX se completen en orden. Si el \u00edndice del consumidor RX indica que el b\u00fafer est\u00e1 fuera de servicio, significa que estamos sufriendo un error de hardware y el controlador cancelar\u00e1 todos los paquetes RX restantes y restablecer\u00e1 el anillo RX. El \u00edndice de consumidores RX que pasamos a bnxt_discard_rx() no es correcto. Deber\u00edamos pasar el \u00edndice actual (tmp_raw_cons) en lugar del \u00edndice anterior (raw_cons). Este error puede hacer que estemos en el \u00edndice incorrecto al intentar abortar el siguiente paquete RX. Puede fallar as\u00ed: #0 [ffff9bbcdf5c39a8] machine_kexec en ffffffff9b05e007 #1 [ffff9bbcdf5c3a00] __crash_kexec en ffffffff9b111232 #2 [ffff9bbcdf5c3ad0] p\u00e1nico en ffffffff9b07d61e #3 [ffff9bbcdf5c3b50 ] oops_end en ffffffff9b030978 #4 [ffff9bbcdf5c3b78] no_context en ffffffff9b06aaf0 #5 [ffff9bbcdf5c3bd8 ] __bad_area_nosemaphore en ffffffff9b06ae2e #6 [ffff9bbcdf5c3c28] bad_area_nosemaphore en ffffffff9b06af24 #7 [ffff9bbcdf5c3c38] __do_page_fault en ffffffff9b06b67e #8 [ffff9bbcdf5c3cb0] do_page_fault en ffffffff9b06bb12 #9 [ffff9bbcdf5c3ce0] page_fault en ffffffff9bc015c5 [excepci\u00f3n RIP: bnxt_rx_pkt+237] RIP: ffffffffc0259cdd RSP: ffff9bbcdf5c3d98 RFLAGS: 00010213 RAX: 000000005dd8097f RBX: ffff9ba4cb11b7e0 RCX: ffffa923cf6e9000 RDX: 0000000000000fff RSI: 0000000000000627 RDI: 0000000000000100 0 RBP: ffff9bbcdf5c3e60 R8: 0000000000420003 R9: 000000000000020d R10: ffffa923cf6ec138 R11: ffff9bbcdf5c3e83 R12: ffff9ba4d6f928c0 R13: ffff9ba4cac28080 R14: ffff9ba4cb11b7f0 R15: ffff9ba4d5a30000 ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/3fbc5bc651d688fbea2a59cdc91520a2f5334d0a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/4fcaad2b7dac3f16704f8118c7e481024ddbd3ed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/b1523e4ba293b2a32d9fabaf70c1dcaa6e3e2847",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/bbd6f0a948139970f4a615dff189d9a503681a39",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e187ef83c04a5d23e68d39cfdff1a1931e29890c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3fbc5bc651d688fbea2a59cdc91520a2f5334d0a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/4fcaad2b7dac3f16704f8118c7e481024ddbd3ed",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/b1523e4ba293b2a32d9fabaf70c1dcaa6e3e2847",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/bbd6f0a948139970f4a615dff189d9a503681a39",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/e187ef83c04a5d23e68d39cfdff1a1931e29890c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1",
"versionEndExcluding": "5.4.119",
"matchCriteriaId": "3CAD77FE-8526-497E-BC33-C8E0B087BFB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.37",
"matchCriteriaId": "7A4CF5D6-ACBA-4980-ABFD-3D7A53B5BB4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.11.21",
"matchCriteriaId": "8CBB94EC-EC33-4464-99C5-03E5542715F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.12.4",
"matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3fbc5bc651d688fbea2a59cdc91520a2f5334d0a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4fcaad2b7dac3f16704f8118c7e481024ddbd3ed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b1523e4ba293b2a32d9fabaf70c1dcaa6e3e2847",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bbd6f0a948139970f4a615dff189d9a503681a39",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e187ef83c04a5d23e68d39cfdff1a1931e29890c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3fbc5bc651d688fbea2a59cdc91520a2f5334d0a",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4fcaad2b7dac3f16704f8118c7e481024ddbd3ed",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b1523e4ba293b2a32d9fabaf70c1dcaa6e3e2847",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bbd6f0a948139970f4a615dff189d9a503681a39",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e187ef83c04a5d23e68d39cfdff1a1931e29890c",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

94
CVE-2021/CVE-2021-470xx/CVE-2021-47019.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47019",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-28T09:15:39.053",
"lastModified": "2024-11-21T06:35:12.143",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T17:01:03.423",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mt76: mt7921: corrige un posible acceso no v\u00e1lido al registro. Deshabilite la interrupci\u00f3n y la sincronizaci\u00f3n de los controladores irq pendientes para garantizar que el tasklet irq no se programe despu\u00e9s de la suspensi\u00f3n para evitar el posible acceso no v\u00e1lido al registro. act\u00faa cuando el controlador pcie del host est\u00e1 suspendido. [17932.910534] mt7921e 0000:01:00.0: pci_pm_suspend+0x0/0x22c devolvi\u00f3 0 despu\u00e9s de 21375 usos [17932.910590] pcieport 0000:00:00.0: llamando a pci_pm_suspend+0x0/0x22c @ 18565, padre: pci0000:00 [17932.910602] pcieport 0000: 00:00.0: pci_pm_suspend+0x0/0x22c devolvi\u00f3 0 despu\u00e9s de 8 usos [17932.910671] mtk-pcie 11230000.pcie: llamando a platform_pm_suspend+0x0/0x60 @ 22783, padre: soc [17932.910674] mtk-pcie 11230 000.pcie: plataforma_pm_suspend+0x0/ 0x60 devolvi\u00f3 0 despu\u00e9s de 0 usos... 17933.615352] x1: 00000000000d4200 x0: ffffff8269ca2300 [17933.620666] Rastreo de llamadas: [17933.623127] mt76_mmio_rr+0x28/0xf0 [mt76] [1 7933.627234] mt7921_rr+0x38/0x44 [mt7921e] [17933.631339] mt7921_irq_tasklet+ 0x54/0x1d8 [mt7921e] [17933.636309] tasklet_action_common+0x12c/0x16c [17933.640754] tasklet_action+0x24/0x2c [17933.644418] __do_softirq+0x16c/0x344 [17933.648 082] irq_exit+0xa8/0xac [17933.651224] planificador_ipi+0xd4/0x148 [17933.654890] handle_IPI +0x164/0x2d4 [17933.658379] gic_handle_irq+0x140/0x178 [17933.662216] el1_irq+0xb8/0x180 [17933.665361] cpuidle_enter_state+0xf8/0x204 [17933.669544] c puidle_enter+0x38/0x4c [17933.673122] do_idle+0x1a4/0x2a8 [17933.676352] cpu_startup_entry+0x24 /0x28 [17933.680276] rest_init+0xd4/0xe0 [17933.683508] arch_call_rest_init+0x10/0x18 [17933.687606] start_kernel+0x340/0x3b4 [17933.691279] C\u00f3digo: aa0003f5 d5032 01f f953eaa8 8b344108 (b9400113) [17933.697373] ---[ final de seguimiento a24b8e26ffbda3c5 ]- -- [17933.767846] P\u00e1nico del kernel: no se sincroniza: excepci\u00f3n fatal en la interrupci\u00f3n"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/b13cbc536990ff609afa878b6211cd6f6265ba60",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/fe3fccde8870764ba3e60610774bd7bc9f8faeff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/b13cbc536990ff609afa878b6211cd6f6265ba60",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/fe3fccde8870764ba3e60610774bd7bc9f8faeff",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.12.4",
"matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/b13cbc536990ff609afa878b6211cd6f6265ba60",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fe3fccde8870764ba3e60610774bd7bc9f8faeff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b13cbc536990ff609afa878b6211cd6f6265ba60",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fe3fccde8870764ba3e60610774bd7bc9f8faeff",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

98
CVE-2022/CVE-2022-433xx/CVE-2022-43384.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43384",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-05-30T12:15:09.420",
"lastModified": "2024-11-21T07:26:22.690",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T17:25:10.063",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,22 +71,78 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/238645",
"source": "psirt@us.ibm.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.4.0",
"versionEndIncluding": "3.4.2",
"matchCriteriaId": "5E704943-929C-470A-AD69-3A652C4CCD99"
},
{
"url": "https://www.ibm.com/support/pages/node/7155215",
"source": "psirt@us.ibm.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_1:*:*:*:*:*:*",
"matchCriteriaId": "04A1A613-67C4-4980-A707-D43638F9108D"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/238645",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_2:*:*:*:*:*:*",
"matchCriteriaId": "00824D6B-F2FD-4E2B-A8E9-9552883D190C"
},
{
"url": "https://www.ibm.com/support/pages/node/7155215",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_3:*:*:*:*:*:*",
"matchCriteriaId": "C0D15741-C6AD-45A9-A6C8-1848A51FC630"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_4:*:*:*:*:*:*",
"matchCriteriaId": "833812B2-9142-437C-8EF7-8B27D0AC4D39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_5:*:*:*:*:*:*",
"matchCriteriaId": "E6F2E6AB-3865-4CCD-96C6-55A0C9065EB8"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/238645",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7155215",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/238645",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7155215",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

98
CVE-2022/CVE-2022-435xx/CVE-2022-43575.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43575",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-05-30T12:15:09.750",
"lastModified": "2024-11-21T07:26:49.163",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T17:22:30.183",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,22 +71,78 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/238680",
"source": "psirt@us.ibm.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.4.0",
"versionEndIncluding": "3.4.2",
"matchCriteriaId": "5E704943-929C-470A-AD69-3A652C4CCD99"
},
{
"url": "https://www.ibm.com/support/pages/node/7155215",
"source": "psirt@us.ibm.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_1:*:*:*:*:*:*",
"matchCriteriaId": "04A1A613-67C4-4980-A707-D43638F9108D"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/238680",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_2:*:*:*:*:*:*",
"matchCriteriaId": "00824D6B-F2FD-4E2B-A8E9-9552883D190C"
},
{
"url": "https://www.ibm.com/support/pages/node/7155215",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_3:*:*:*:*:*:*",
"matchCriteriaId": "C0D15741-C6AD-45A9-A6C8-1848A51FC630"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_4:*:*:*:*:*:*",
"matchCriteriaId": "833812B2-9142-437C-8EF7-8B27D0AC4D39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_5:*:*:*:*:*:*",
"matchCriteriaId": "E6F2E6AB-3865-4CCD-96C6-55A0C9065EB8"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/238680",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7155215",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/238680",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7155215",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

118
CVE-2022/CVE-2022-438xx/CVE-2022-43841.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43841",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-05-30T12:15:10.000",
"lastModified": "2024-11-21T07:27:15.813",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T17:13:14.077",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.5,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -49,24 +69,110 @@
"value": "CWE-525"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.4.0",
"versionEndIncluding": "3.4.2",
"matchCriteriaId": "5E704943-929C-470A-AD69-3A652C4CCD99"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_1:*:*:*:*:*:*",
"matchCriteriaId": "04A1A613-67C4-4980-A707-D43638F9108D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_2:*:*:*:*:*:*",
"matchCriteriaId": "00824D6B-F2FD-4E2B-A8E9-9552883D190C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_3:*:*:*:*:*:*",
"matchCriteriaId": "C0D15741-C6AD-45A9-A6C8-1848A51FC630"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_4:*:*:*:*:*:*",
"matchCriteriaId": "833812B2-9142-437C-8EF7-8B27D0AC4D39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_5:*:*:*:*:*:*",
"matchCriteriaId": "E6F2E6AB-3865-4CCD-96C6-55A0C9065EB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_6:*:*:*:*:*:*",
"matchCriteriaId": "D16849BE-F970-45E9-AF1D-C60125D19AA1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_7:*:*:*:*:*:*",
"matchCriteriaId": "77AE8E47-A401-4461-9642-B02310DB425D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_8:*:*:*:*:*:*",
"matchCriteriaId": "84E045D4-E23B-4EB1-A5B1-D4AEEE109F2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_9:*:*:*:*:*:*",
"matchCriteriaId": "4880764E-A954-4EC6-8710-30212C60B609"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/239078",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7155202",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/239078",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7155202",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

47
CVE-2022/CVE-2022-451xx/CVE-2022-45185.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2022-45185",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-07T20:15:28.173",
"lastModified": "2025-01-07T20:15:28.173",
"lastModified": "2025-01-08T18:15:13.847",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in SuiteCRM 7.12.7. Authenticated users can use CRM functions to upload malicious files. Then, deserialization can be used to achieve code execution."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en SuiteCRM 7.12.7. Los usuarios autenticados pueden usar funciones de CRM para cargar archivos maliciosos. Luego, se puede usar la deserializaci\u00f3n para lograr la ejecuci\u00f3n del c\u00f3digo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://docs.suitecrm.com/admin/releases/7.12.x/",
@ -24,6 +63,10 @@
{
"url": "https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_SuiteCRM.py",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_SuiteCRM.py",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

89
CVE-2022/CVE-2022-460xx/CVE-2022-46088.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-46088",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-05T16:15:49.190",
"lastModified": "2024-11-21T07:30:06.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:53:10.857",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,22 +81,51 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/ASR511-OO7/CVE-2022-46088/blob/main/CVE-36",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://packetstormsecurity.com",
"source": "cve@mitre.org"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://github.com/ASR511-OO7/CVE-2022-46088/blob/main/CVE-36",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://packetstormsecurity.com",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:online_flight_booking_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A53A76E-CE64-49FA-BA89-A008711B8044"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ASR511-OO7/CVE-2022-46088/blob/main/CVE-36",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://packetstormsecurity.com",
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://github.com/ASR511-OO7/CVE-2022-46088/blob/main/CVE-36",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://packetstormsecurity.com",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
]
}
]
}

34
CVE-2022/CVE-2022-49xx/CVE-2022-4946.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4946",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-05T14:15:09.577",
"lastModified": "2024-11-21T07:36:18.467",
"lastModified": "2025-01-08T17:15:07.773",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,9 +32,41 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"configurations": [
{
"nodes": [

34
CVE-2023/CVE-2023-01xx/CVE-2023-0152.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0152",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-05T14:15:09.660",
"lastModified": "2024-11-21T07:36:39.110",
"lastModified": "2025-01-08T17:15:10.267",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,9 +32,41 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [

22
CVE-2023/CVE-2023-05xx/CVE-2023-0545.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0545",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-05T14:15:09.727",
"lastModified": "2024-11-21T07:37:22.757",
"lastModified": "2025-01-08T17:15:10.463",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},

22
CVE-2023/CVE-2023-09xx/CVE-2023-0900.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0900",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-05T14:15:09.793",
"lastModified": "2024-11-21T07:38:03.610",
"lastModified": "2025-01-08T17:15:10.747",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},

22
CVE-2023/CVE-2023-23xx/CVE-2023-2337.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2337",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-05T14:15:10.040",
"lastModified": "2024-11-21T07:58:24.733",
"lastModified": "2025-01-08T17:15:11.033",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},

22
CVE-2023/CVE-2023-24xx/CVE-2023-2488.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2488",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-05T14:15:10.173",
"lastModified": "2024-11-21T07:58:42.703",
"lastModified": "2025-01-08T17:15:11.237",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},

22
CVE-2023/CVE-2023-24xx/CVE-2023-2489.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2489",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-05T14:15:10.243",
"lastModified": "2024-11-21T07:58:42.803",
"lastModified": "2025-01-08T17:15:11.450",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},

22
CVE-2023/CVE-2023-25xx/CVE-2023-2503.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2503",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-05T14:15:10.300",
"lastModified": "2024-11-21T07:58:44.210",
"lastModified": "2025-01-08T18:15:14.640",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},

22
CVE-2023/CVE-2023-25xx/CVE-2023-2572.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2572",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-05T14:15:10.423",
"lastModified": "2024-11-21T07:58:51.363",
"lastModified": "2025-01-08T17:15:11.603",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},

22
CVE-2023/CVE-2023-26xx/CVE-2023-2634.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2634",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-05T14:15:10.483",
"lastModified": "2024-11-21T07:58:58.397",
"lastModified": "2025-01-08T17:15:11.783",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},

36
CVE-2023/CVE-2023-30xx/CVE-2023-3027.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3027",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-06-05T22:15:12.293",
"lastModified": "2024-11-21T08:16:16.473",
"lastModified": "2025-01-08T17:15:13.653",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,13 +32,33 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
@ -48,13 +68,23 @@
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-30xx/CVE-2023-3079.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3079",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-06-05T22:15:12.383",
"lastModified": "2024-11-21T08:16:23.833",
"lastModified": "2025-01-08T18:15:15.897",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-843"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-334xx/CVE-2023-33460.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33460",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-06T12:15:09.447",
"lastModified": "2024-11-21T08:05:35.557",
"lastModified": "2025-01-08T17:15:12.020",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-401"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-335xx/CVE-2023-33569.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33569",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-06T20:15:14.050",
"lastModified": "2024-11-21T08:05:44.253",
"lastModified": "2025-01-08T17:15:12.283",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-434"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-336xx/CVE-2023-33613.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33613",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-06T18:15:11.357",
"lastModified": "2024-11-21T08:05:45.750",
"lastModified": "2025-01-08T17:15:12.537",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-336xx/CVE-2023-33651.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33651",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-06T19:15:12.103",
"lastModified": "2024-11-21T08:05:49.143",
"lastModified": "2025-01-08T17:15:12.777",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-863"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-344xx/CVE-2023-34407.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-34407",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-05T02:15:09.407",
"lastModified": "2024-11-21T08:07:10.453",
"lastModified": "2025-01-08T17:15:13.003",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-344xx/CVE-2023-34410.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-34410",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-05T03:15:09.390",
"lastModified": "2024-11-21T08:07:10.897",
"lastModified": "2025-01-08T17:15:13.230",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-295"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-344xx/CVE-2023-34411.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-34411",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-05T04:15:11.153",
"lastModified": "2024-11-21T08:07:11.063",
"lastModified": "2025-01-08T17:15:13.440",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-611"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"configurations": [

21
CVE-2023/CVE-2023-356xx/CVE-2023-35685.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2023-35685",
"sourceIdentifier": "security@android.com",
"published": "2025-01-08T18:15:15.033",
"lastModified": "2025-01-08T18:15:15.033",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In DevmemIntMapPages of devicemem_server.c, there is a possible physical\u00a0page uaf due to a logic error in the code. This could lead to local\u00a0escalation of privilege in the kernel with no additional execution\u00a0privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://issuetracker.google.com/issues/42420027",
"source": "security@android.com"
}
]
}

12
CVE-2023/CVE-2023-439xx/CVE-2023-43902.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-43902",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-14T05:15:08.833",
"lastModified": "2024-11-21T08:24:59.313",
"lastModified": "2025-01-08T17:15:14.070",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [

12
CVE-2023/CVE-2023-458xx/CVE-2023-45878.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-45878",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-14T06:15:29.040",
"lastModified": "2024-11-21T08:27:32.643",
"lastModified": "2025-01-08T17:15:14.387",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

60
CVE-2023/CVE-2023-522xx/CVE-2023-52226.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52226",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-28T17:15:08.150",
"lastModified": "2024-11-21T08:39:26.327",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T17:01:20.007",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -51,14 +71,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/advanced-flamingo/wordpress-advanced-flamingo-plugin-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
},
"nodes": [
{
"url": "https://patchstack.com/database/vulnerability/advanced-flamingo/wordpress-advanced-flamingo-plugin-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bluecoral:advanced-flamingo:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0",
"matchCriteriaId": "CCBAE548-C024-4028-AC8A-963AF74F9755"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/advanced-flamingo/wordpress-advanced-flamingo-plugin-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/advanced-flamingo/wordpress-advanced-flamingo-plugin-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

84
CVE-2023/CVE-2023-65xx/CVE-2023-6525.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6525",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-16T03:15:06.730",
"lastModified": "2024-11-21T08:44:01.810",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:14:29.763",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,33 +36,101 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmet:elementskit_elementor_addons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.0.4",
"matchCriteriaId": "AE5BF211-C0AC-4C88-BEA3-A6AC61FDB878"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/elementskit-lite/tags/3.0.3/widgets/progressbar/progressbar.php#L535",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3011323/elementskit-lite/trunk/widgets/progressbar/progressbar.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e724394d-97aa-42e4-b36e-6e49bfefa2f6?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/elementskit-lite/tags/3.0.3/widgets/progressbar/progressbar.php#L535",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3011323/elementskit-lite/trunk/widgets/progressbar/progressbar.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e724394d-97aa-42e4-b36e-6e49bfefa2f6?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

140
CVE-2024/CVE-2024-03xx/CVE-2024-0326.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0326",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:10.410",
"lastModified": "2024-11-21T08:46:19.863",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:33:51.347",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,46 +39,106 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/includes/class-premium-template-tags.php#L1638",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/modules/premium-wrapper-link/module.php#L173",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/widgets/premium-button.php#L1709",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3022824/premium-addons-for-elementor/trunk/modules/premium-wrapper-link/module.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/22ba0eaf-f514-420a-9680-8126f6dcdde9?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/includes/class-premium-template-tags.php#L1638",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/modules/premium-wrapper-link/module.php#L173",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/widgets/premium-button.php#L1709",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3022824/premium-addons-for-elementor/trunk/modules/premium-wrapper-link/module.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/22ba0eaf-f514-420a-9680-8126f6dcdde9?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:leap13:premium_addons_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.10.18",
"matchCriteriaId": "E7B3E45C-917D-4845-A0F1-03CAD242489C"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/includes/class-premium-template-tags.php#L1638",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/modules/premium-wrapper-link/module.php#L173",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/widgets/premium-button.php#L1709",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3022824/premium-addons-for-elementor/trunk/modules/premium-wrapper-link/module.php",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/22ba0eaf-f514-420a-9680-8126f6dcdde9?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/includes/class-premium-template-tags.php#L1638",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/modules/premium-wrapper-link/module.php#L173",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/widgets/premium-button.php#L1709",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3022824/premium-addons-for-elementor/trunk/modules/premium-wrapper-link/module.php",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/22ba0eaf-f514-420a-9680-8126f6dcdde9?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-03xx/CVE-2024-0385.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0385",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:11.293",
"lastModified": "2024-11-21T08:46:28.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:32:52.073",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3034410/categorify",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c7c74cf-a109-4f77-a740-5a43ccd4e96a?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3034410/categorify",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c7c74cf-a109-4f77-a740-5a43ccd4e96a?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:frenify:categorify:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.7.5",
"matchCriteriaId": "7553E2C6-8DE2-4518-8C3F-53B95EE0BAF9"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3034410/categorify",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c7c74cf-a109-4f77-a740-5a43ccd4e96a?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3034410/categorify",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c7c74cf-a109-4f77-a740-5a43ccd4e96a?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

140
CVE-2024/CVE-2024-04xx/CVE-2024-0442.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0442",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-29T01:43:12.037",
"lastModified": "2024-11-21T08:46:35.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:48:34.583",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,46 +39,106 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3032004/royal-elementor-addons/tags/1.3.88/modules/advanced-slider/widgets/wpr-advanced-slider.php?old=3026824&old_path=royal-elementor-addons%2Ftags%2F1.3.87%2Fmodules%2Fadvanced-slider%2Fwidgets%2Fwpr-advanced-slider.php",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3032004/royal-elementor-addons/tags/1.3.88/modules/dual-button/widgets/wpr-dual-button.php?old=3026824&old_path=royal-elementor-addons%2Ftags%2F1.3.87%2Fmodules%2Fdual-button%2Fwidgets%2Fwpr-dual-button.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3032004/royal-elementor-addons/tags/1.3.88/modules/pricing-table/widgets/pricing-table.php?old=3026824&old_path=royal-elementor-addons%2Ftags%2F1.3.87%2Fmodules%2Fpricing-table%2Fwidgets%2Fpricing-table.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/royal-elementor-addons/tags/1.3.87&new_path=/royal-elementor-addons/tags/1.3.88&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/256b4818-290b-4660-8e83-c18b068a8959?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3032004/royal-elementor-addons/tags/1.3.88/modules/advanced-slider/widgets/wpr-advanced-slider.php?old=3026824&old_path=royal-elementor-addons%2Ftags%2F1.3.87%2Fmodules%2Fadvanced-slider%2Fwidgets%2Fwpr-advanced-slider.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3032004/royal-elementor-addons/tags/1.3.88/modules/dual-button/widgets/wpr-dual-button.php?old=3026824&old_path=royal-elementor-addons%2Ftags%2F1.3.87%2Fmodules%2Fdual-button%2Fwidgets%2Fwpr-dual-button.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3032004/royal-elementor-addons/tags/1.3.88/modules/pricing-table/widgets/pricing-table.php?old=3026824&old_path=royal-elementor-addons%2Ftags%2F1.3.87%2Fmodules%2Fpricing-table%2Fwidgets%2Fpricing-table.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/royal-elementor-addons/tags/1.3.87&new_path=/royal-elementor-addons/tags/1.3.88&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/256b4818-290b-4660-8e83-c18b068a8959?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.88",
"matchCriteriaId": "93085B8A-2E52-4B61-A114-D7DD96727501"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3032004/royal-elementor-addons/tags/1.3.88/modules/advanced-slider/widgets/wpr-advanced-slider.php?old=3026824&old_path=royal-elementor-addons%2Ftags%2F1.3.87%2Fmodules%2Fadvanced-slider%2Fwidgets%2Fwpr-advanced-slider.php",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3032004/royal-elementor-addons/tags/1.3.88/modules/dual-button/widgets/wpr-dual-button.php?old=3026824&old_path=royal-elementor-addons%2Ftags%2F1.3.87%2Fmodules%2Fdual-button%2Fwidgets%2Fwpr-dual-button.php",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3032004/royal-elementor-addons/tags/1.3.88/modules/pricing-table/widgets/pricing-table.php?old=3026824&old_path=royal-elementor-addons%2Ftags%2F1.3.87%2Fmodules%2Fpricing-table%2Fwidgets%2Fpricing-table.php",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/royal-elementor-addons/tags/1.3.87&new_path=/royal-elementor-addons/tags/1.3.88&sfp_email=&sfph_mail=",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/256b4818-290b-4660-8e83-c18b068a8959?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3032004/royal-elementor-addons/tags/1.3.88/modules/advanced-slider/widgets/wpr-advanced-slider.php?old=3026824&old_path=royal-elementor-addons%2Ftags%2F1.3.87%2Fmodules%2Fadvanced-slider%2Fwidgets%2Fwpr-advanced-slider.php",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3032004/royal-elementor-addons/tags/1.3.88/modules/dual-button/widgets/wpr-dual-button.php?old=3026824&old_path=royal-elementor-addons%2Ftags%2F1.3.87%2Fmodules%2Fdual-button%2Fwidgets%2Fwpr-dual-button.php",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3032004/royal-elementor-addons/tags/1.3.88/modules/pricing-table/widgets/pricing-table.php?old=3026824&old_path=royal-elementor-addons%2Ftags%2F1.3.87%2Fmodules%2Fpricing-table%2Fwidgets%2Fpricing-table.php",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/royal-elementor-addons/tags/1.3.87&new_path=/royal-elementor-addons/tags/1.3.88&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/256b4818-290b-4660-8e83-c18b068a8959?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-05xx/CVE-2024-0512.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0512",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-29T01:43:17.710",
"lastModified": "2024-11-21T08:46:45.727",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:52:15.113",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b2ff2954-f494-4cd7-9f29-ee0e8551e339?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b2ff2954-f494-4cd7-9f29-ee0e8551e339?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.88",
"matchCriteriaId": "93085B8A-2E52-4B61-A114-D7DD96727501"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b2ff2954-f494-4cd7-9f29-ee0e8551e339?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b2ff2954-f494-4cd7-9f29-ee0e8551e339?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-05xx/CVE-2024-0513.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0513",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-29T01:43:17.860",
"lastModified": "2024-11-21T08:46:45.880",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:58:49.240",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3d3516e7-cce4-4def-be38-d16be3110d59?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3d3516e7-cce4-4def-be38-d16be3110d59?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.88",
"matchCriteriaId": "93085B8A-2E52-4B61-A114-D7DD96727501"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3d3516e7-cce4-4def-be38-d16be3110d59?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3d3516e7-cce4-4def-be38-d16be3110d59?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-05xx/CVE-2024-0514.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0514",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-29T01:43:18.027",
"lastModified": "2024-11-21T08:46:46.017",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:59:31.757",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b0955689-43a0-442c-974b-5db5e4171f6a?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b0955689-43a0-442c-974b-5db5e4171f6a?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.88",
"matchCriteriaId": "93085B8A-2E52-4B61-A114-D7DD96727501"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b0955689-43a0-442c-974b-5db5e4171f6a?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026824%40royal-elementor-addons%2Ftags%2F1.3.87&new=3032004%40royal-elementor-addons%2Ftags%2F1.3.88",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b0955689-43a0-442c-974b-5db5e4171f6a?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-07xx/CVE-2024-0766.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0766",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-28T09:15:41.740",
"lastModified": "2024-11-21T08:47:19.503",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:43:16.317",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/browser/envo-elementor-for-woocommerce/trunk/includes/admin/include/template-library.php",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/996c7433-dd82-4216-86b9-005f43c06c3a?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/envo-elementor-for-woocommerce/trunk/includes/admin/include/template-library.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/996c7433-dd82-4216-86b9-005f43c06c3a?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:envothemes:envo\\'s_elementor_templates_\\&_widgets_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.4.5",
"matchCriteriaId": "7CFA40B6-7D65-4E40-BE98-733FEAC2D0DE"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/envo-elementor-for-woocommerce/trunk/includes/admin/include/template-library.php",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/996c7433-dd82-4216-86b9-005f43c06c3a?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/envo-elementor-for-woocommerce/trunk/includes/admin/include/template-library.php",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/996c7433-dd82-4216-86b9-005f43c06c3a?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-07xx/CVE-2024-0767.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0767",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-28T09:15:41.903",
"lastModified": "2024-11-21T08:47:19.623",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:42:46.573",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/browser/envo-elementor-for-woocommerce/trunk/includes/admin/include/template-library.php#L332",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cca71257-05dc-43d5-8de6-faf0a2feab2e?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/envo-elementor-for-woocommerce/trunk/includes/admin/include/template-library.php#L332",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cca71257-05dc-43d5-8de6-faf0a2feab2e?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:envothemes:envo\\'s_elementor_templates_\\&_widgets_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.4.5",
"matchCriteriaId": "7CFA40B6-7D65-4E40-BE98-733FEAC2D0DE"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/envo-elementor-for-woocommerce/trunk/includes/admin/include/template-library.php#L332",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cca71257-05dc-43d5-8de6-faf0a2feab2e?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/envo-elementor-for-woocommerce/trunk/includes/admin/include/template-library.php#L332",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cca71257-05dc-43d5-8de6-faf0a2feab2e?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-07xx/CVE-2024-0768.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0768",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-28T09:15:42.063",
"lastModified": "2024-11-21T08:47:19.743",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:42:05.587",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/browser/envo-elementor-for-woocommerce/trunk/includes/admin/include/template-library.php#L367",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6504ae5c-a36d-495e-aa93-40a3753857c6?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/envo-elementor-for-woocommerce/trunk/includes/admin/include/template-library.php#L367",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6504ae5c-a36d-495e-aa93-40a3753857c6?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:envothemes:envo\\'s_elementor_templates_\\&_widgets_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.4.5",
"matchCriteriaId": "7CFA40B6-7D65-4E40-BE98-733FEAC2D0DE"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/envo-elementor-for-woocommerce/trunk/includes/admin/include/template-library.php#L367",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6504ae5c-a36d-495e-aa93-40a3753857c6?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/envo-elementor-for-woocommerce/trunk/includes/admin/include/template-library.php#L367",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6504ae5c-a36d-495e-aa93-40a3753857c6?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-10xx/CVE-2024-1095.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1095",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-05T02:15:26.130",
"lastModified": "2024-11-21T08:49:47.093",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:05:01.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/browser/control-block-patterns/trunk/classes/Settings/SettingsPage.php#L166",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/38f09a45-2b11-47c7-af16-c7f9c3a46e0e?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/control-block-patterns/trunk/classes/Settings/SettingsPage.php#L166",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/38f09a45-2b11-47c7-af16-c7f9c3a46e0e?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:themeperch:build_\\&_control_block_pattern:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3.5.4",
"matchCriteriaId": "14745584-E914-4C7B-9BCA-9E08253939C4"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/control-block-patterns/trunk/classes/Settings/SettingsPage.php#L166",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/38f09a45-2b11-47c7-af16-c7f9c3a46e0e?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/control-block-patterns/trunk/classes/Settings/SettingsPage.php#L166",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/38f09a45-2b11-47c7-af16-c7f9c3a46e0e?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

76
CVE-2024/CVE-2024-11xx/CVE-2024-1178.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1178",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-05T02:15:26.290",
"lastModified": "2024-11-21T08:49:58.357",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T17:16:27.800",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,66 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3043889%40sportspress&new=3043889%40sportspress&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/098dfee2-ba0b-420f-89ed-8ad1e41faec4?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3043889%40sportspress&new=3043889%40sportspress&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/098dfee2-ba0b-420f-89ed-8ad1e41faec4?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:themeboy:sportspress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.7.18",
"matchCriteriaId": "DBC50606-3BF7-4BEF-803E-E049971FB859"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3043889%40sportspress&new=3043889%40sportspress&sfp_email=&sfph_mail=",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/098dfee2-ba0b-420f-89ed-8ad1e41faec4?source=cve",
"source": "security@wordfence.com",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3043889%40sportspress&new=3043889%40sportspress&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/098dfee2-ba0b-420f-89ed-8ad1e41faec4?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

79
CVE-2024/CVE-2024-128xx/CVE-2024-12898.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12898",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-12-23T01:15:06.840",
"lastModified": "2024-12-23T01:15:06.840",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:48:06.917",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -111,7 +131,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -122,28 +142,71 @@
"value": "CWE-89"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:1000projects:attendance_tracking_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "108AEB9D-CD44-4A0D-8CB6-82EA6162A0B4"
}
]
}
]
}
],
"references": [
{
"url": "https://1000projects.org/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/onupset/CVE/issues/1",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.289168",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.289168",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.467424",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

79
CVE-2024/CVE-2024-128xx/CVE-2024-12899.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12899",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-12-23T01:15:07.020",
"lastModified": "2024-12-23T01:15:07.020",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:47:51.863",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -111,7 +131,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -122,28 +142,71 @@
"value": "CWE-89"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:1000projects:attendance_tracking_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "108AEB9D-CD44-4A0D-8CB6-82EA6162A0B4"
}
]
}
]
}
],
"references": [
{
"url": "https://1000projects.org/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/Murrayzed/CVE/issues/1",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.289169",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.289169",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?submit.467628",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-12xx/CVE-2024-1242.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1242",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-29T01:43:44.673",
"lastModified": "2024-11-21T08:50:08.620",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:36:55.487",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3035504%40premium-addons-for-elementor%2Ftrunk&old=3025571%40premium-addons-for-elementor%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1026b753-e82b-4fa3-9023-c36ab9863b29?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3035504%40premium-addons-for-elementor%2Ftrunk&old=3025571%40premium-addons-for-elementor%2Ftrunk&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1026b753-e82b-4fa3-9023-c36ab9863b29?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:leap13:premium_addons_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.10.19",
"matchCriteriaId": "6D6ECA8B-93B1-4F6E-AECE-F783FE31BDA3"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3035504%40premium-addons-for-elementor%2Ftrunk&old=3025571%40premium-addons-for-elementor%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1026b753-e82b-4fa3-9023-c36ab9863b29?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3035504%40premium-addons-for-elementor%2Ftrunk&old=3025571%40premium-addons-for-elementor%2Ftrunk&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1026b753-e82b-4fa3-9023-c36ab9863b29?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

96
CVE-2024/CVE-2024-12xx/CVE-2024-1276.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1276",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-29T01:43:46.490",
"lastModified": "2024-11-21T08:50:13.050",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:37:36.067",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,30 +39,78 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/5.9.8/includes/Elements/Content_Ticker.php#L815",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3034127%40essential-addons-for-elementor-lite%2Ftrunk&old=3029928%40essential-addons-for-elementor-lite%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/af8bee01-15bc-485e-8b01-8b68b199b34d?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/5.9.8/includes/Elements/Content_Ticker.php#L815",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3034127%40essential-addons-for-elementor-lite%2Ftrunk&old=3029928%40essential-addons-for-elementor-lite%2Ftrunk&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/af8bee01-15bc-485e-8b01-8b68b199b34d?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "5.9.9",
"matchCriteriaId": "B1DB6564-07FC-44EF-B4CD-54000424D5DD"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/5.9.8/includes/Elements/Content_Ticker.php#L815",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3034127%40essential-addons-for-elementor-lite%2Ftrunk&old=3029928%40essential-addons-for-elementor-lite%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/af8bee01-15bc-485e-8b01-8b68b199b34d?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/tags/5.9.8/includes/Elements/Content_Ticker.php#L815",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3034127%40essential-addons-for-elementor-lite%2Ftrunk&old=3029928%40essential-addons-for-elementor-lite%2Ftrunk&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/af8bee01-15bc-485e-8b01-8b68b199b34d?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-12xx/CVE-2024-1285.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1285",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-05T02:15:26.447",
"lastModified": "2024-11-21T08:50:13.903",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T17:13:54.647",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/browser/page-builder-sandwich/tags/5.1.0/class-page-builder-sandwich.php#L958",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/69d3d66c-5557-4fb4-8bd7-05d76d6b86ab?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/page-builder-sandwich/tags/5.1.0/class-page-builder-sandwich.php#L958",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/69d3d66c-5557-4fb4-8bd7-05d76d6b86ab?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pagebuildersandwich:page_builder_sandwich:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.1.0",
"matchCriteriaId": "D3BFF465-28EE-4E56-9C04-984E790DD567"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/page-builder-sandwich/tags/5.1.0/class-page-builder-sandwich.php#L958",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/69d3d66c-5557-4fb4-8bd7-05d76d6b86ab?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/page-builder-sandwich/tags/5.1.0/class-page-builder-sandwich.php#L958",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/69d3d66c-5557-4fb4-8bd7-05d76d6b86ab?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

141
CVE-2024/CVE-2024-131xx/CVE-2024-13187.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-13187",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-08T17:15:15.410",
"lastModified": "2025-01-08T17:15:15.410",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Kingsoft WPS Office 6.14.0 on macOS. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component TCC Handler. The manipulation leads to code injection. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 4.3,
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.1,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/Rsec-1/wps",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.290779",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.290779",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.468013",
"source": "cna@vuldb.com"
}
]
}

96
CVE-2024/CVE-2024-13xx/CVE-2024-1398.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1398",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-02T13:15:06.890",
"lastModified": "2024-11-21T08:50:29.950",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:39:21.643",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,30 +39,78 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/browser/ultimate-bootstrap-elements-for-elementor/tags/1.3.6/templates/elements/heading.php#L50",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://plugins.trac.wordpress.org/browser/ultimate-bootstrap-elements-for-elementor/tags/1.3.6/templates/elements/heading.php#L61",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ed191380-6037-4d59-8db7-cb33136a304e?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/ultimate-bootstrap-elements-for-elementor/tags/1.3.6/templates/elements/heading.php#L50",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://plugins.trac.wordpress.org/browser/ultimate-bootstrap-elements-for-elementor/tags/1.3.6/templates/elements/heading.php#L61",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ed191380-6037-4d59-8db7-cb33136a304e?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:g5plus:ultimate_bootstrap_elements_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.7",
"matchCriteriaId": "7D8B37EA-AB15-4031-9316-1B027B7752CA"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/ultimate-bootstrap-elements-for-elementor/tags/1.3.6/templates/elements/heading.php#L50",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/ultimate-bootstrap-elements-for-elementor/tags/1.3.6/templates/elements/heading.php#L61",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ed191380-6037-4d59-8db7-cb33136a304e?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/ultimate-bootstrap-elements-for-elementor/tags/1.3.6/templates/elements/heading.php#L50",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/ultimate-bootstrap-elements-for-elementor/tags/1.3.6/templates/elements/heading.php#L61",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ed191380-6037-4d59-8db7-cb33136a304e?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

96
CVE-2024/CVE-2024-14xx/CVE-2024-1448.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1448",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-29T01:43:51.147",
"lastModified": "2024-11-21T08:50:36.353",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:38:49.883",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,30 +39,78 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/browser/sassy-social-share/tags/3.3.56/includes/class-sassy-social-share-shortcodes.php",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3038227%40sassy-social-share%2Ftrunk&old=2996153%40sassy-social-share%2Ftrunk&sfp_email=&sfph_mail=#file8",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c2f4b74-2568-4e5a-b55f-0130096bc19f?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/sassy-social-share/tags/3.3.56/includes/class-sassy-social-share-shortcodes.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3038227%40sassy-social-share%2Ftrunk&old=2996153%40sassy-social-share%2Ftrunk&sfp_email=&sfph_mail=#file8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c2f4b74-2568-4e5a-b55f-0130096bc19f?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:heateor:sassy_social_share:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.3.56",
"matchCriteriaId": "07847694-BC38-41DB-B499-CED35003FE66"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/sassy-social-share/tags/3.3.56/includes/class-sassy-social-share-shortcodes.php",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3038227%40sassy-social-share%2Ftrunk&old=2996153%40sassy-social-share%2Ftrunk&sfp_email=&sfph_mail=#file8",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c2f4b74-2568-4e5a-b55f-0130096bc19f?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/sassy-social-share/tags/3.3.56/includes/class-sassy-social-share-shortcodes.php",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3038227%40sassy-social-share%2Ftrunk&old=2996153%40sassy-social-share%2Ftrunk&sfp_email=&sfph_mail=#file8",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c2f4b74-2568-4e5a-b55f-0130096bc19f?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-14xx/CVE-2024-1478.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1478",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-05T02:15:26.773",
"lastModified": "2024-11-21T08:50:40.173",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T17:07:21.747",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://wordpress.org/plugins/hkdev-maintenance-mode/",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/36def628-e09e-4da0-ab14-35aefcb67f73?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/hkdev-maintenance-mode/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/36def628-e09e-4da0-ab14-35aefcb67f73?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:helderk:maintenance_mode:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.0.2",
"matchCriteriaId": "00F9028B-CA76-43F5-A0FC-752B9F1D4D05"
}
]
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/hkdev-maintenance-mode/",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/36def628-e09e-4da0-ab14-35aefcb67f73?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://wordpress.org/plugins/hkdev-maintenance-mode/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/36def628-e09e-4da0-ab14-35aefcb67f73?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

118
CVE-2024/CVE-2024-15xx/CVE-2024-1500.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1500",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-07T06:15:50.460",
"lastModified": "2024-11-21T08:50:42.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:34:33.033",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,38 +39,92 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/trunk/modules/logo/widgets/wpr-logo.php#L644",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/trunk/modules/logo/widgets/wpr-logo.php#L664",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3037411%40royal-elementor-addons%2Ftags%2F1.3.91&new=3038353%40royal-elementor-addons%2Ftags%2F1.3.92",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8619c999-5cf7-4888-bdb2-815238411303?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/trunk/modules/logo/widgets/wpr-logo.php#L644",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/trunk/modules/logo/widgets/wpr-logo.php#L664",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3037411%40royal-elementor-addons%2Ftags%2F1.3.91&new=3038353%40royal-elementor-addons%2Ftags%2F1.3.92",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8619c999-5cf7-4888-bdb2-815238411303?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.92",
"matchCriteriaId": "90A97511-FFB8-4D5B-8271-27E9D38BF789"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/trunk/modules/logo/widgets/wpr-logo.php#L644",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/trunk/modules/logo/widgets/wpr-logo.php#L664",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3037411%40royal-elementor-addons%2Ftags%2F1.3.91&new=3038353%40royal-elementor-addons%2Ftags%2F1.3.92",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8619c999-5cf7-4888-bdb2-815238411303?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/trunk/modules/logo/widgets/wpr-logo.php#L644",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/trunk/modules/logo/widgets/wpr-logo.php#L664",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3037411%40royal-elementor-addons%2Ftags%2F1.3.91&new=3038353%40royal-elementor-addons%2Ftags%2F1.3.92",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8619c999-5cf7-4888-bdb2-815238411303?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-15xx/CVE-2024-1536.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1536",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:24.270",
"lastModified": "2024-11-21T08:50:46.770",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:32:08.960",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3037755/essential-addons-for-elementor-lite/tags/5.9.10/includes/Elements/Event_Calendar.php",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/12dc9e63-17bb-4755-be3c-ae8b26edd3cd?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3037755/essential-addons-for-elementor-lite/tags/5.9.10/includes/Elements/Event_Calendar.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/12dc9e63-17bb-4755-be3c-ae8b26edd3cd?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "5.9.10",
"matchCriteriaId": "782C2137-4E65-42D7-8075-56AFC7F5C400"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3037755/essential-addons-for-elementor-lite/tags/5.9.10/includes/Elements/Event_Calendar.php",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/12dc9e63-17bb-4755-be3c-ae8b26edd3cd?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3037755/essential-addons-for-elementor-lite/tags/5.9.10/includes/Elements/Event_Calendar.php",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/12dc9e63-17bb-4755-be3c-ae8b26edd3cd?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

79
CVE-2024/CVE-2024-16xx/CVE-2024-1625.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1625",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-10T17:15:52.727",
"lastModified": "2024-11-21T08:50:57.063",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:58:39.100",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -49,24 +71,69 @@
"value": "CWE-863"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lunary:lunary:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28E0EFA7-B041-4D28-82F5-F7415CEA91E8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/lunary-ai/lunary/commit/88f98e29f19da9d1f5de45c5b163fd5b48e0bcec",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/cf6dd625-e6c9-44df-a072-13686816de21",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/lunary-ai/lunary/commit/88f98e29f19da9d1f5de45c5b163fd5b48e0bcec",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/cf6dd625-e6c9-44df-a072-13686816de21",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-17xx/CVE-2024-1731.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1731",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-05T02:15:26.937",
"lastModified": "2024-11-21T08:51:11.123",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T17:02:59.463",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/browser/auto-refresh-single-page/trunk/auto-refresh-single-page.php#L42",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5f8f8d46-d7e7-4b07-9b10-15e579973474?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/auto-refresh-single-page/trunk/auto-refresh-single-page.php#L42",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5f8f8d46-d7e7-4b07-9b10-15e579973474?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rymera:auto_refresh_single_page:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1",
"matchCriteriaId": "73B0BE79-BF20-4EA4-8AAC-AFA6AB4BCFDA"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/auto-refresh-single-page/trunk/auto-refresh-single-page.php#L42",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5f8f8d46-d7e7-4b07-9b10-15e579973474?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/auto-refresh-single-page/trunk/auto-refresh-single-page.php#L42",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5f8f8d46-d7e7-4b07-9b10-15e579973474?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-19xx/CVE-2024-1943.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1943",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-28T07:15:09.150",
"lastModified": "2024-11-21T08:51:39.290",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:47:34.333",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmoose:yuki:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3.14",
"matchCriteriaId": "3CEF55FA-63AE-491D-98BA-02D31D6BEF37"
}
]
}
]
}
],
"references": [
{
"url": "https://themes.trac.wordpress.org/changeset/218603/yuki/1.3.15/inc/extensions/class-reset-extension.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dfb760fb-f281-4649-9bd3-92f8e281f07e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://themes.trac.wordpress.org/changeset/218603/yuki/1.3.15/inc/extensions/class-reset-extension.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dfb760fb-f281-4649-9bd3-92f8e281f07e?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

60
CVE-2024/CVE-2024-217xx/CVE-2024-21749.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21749",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-28T17:15:08.543",
"lastModified": "2024-11-21T08:54:56.303",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T17:03:30.207",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -51,14 +71,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/first-graders-toolbox/wordpress-1-click-disable-all-plugin-1-0-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
},
"nodes": [
{
"url": "https://patchstack.com/database/vulnerability/first-graders-toolbox/wordpress-1-click-disable-all-plugin-1-0-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atakanau:click_disable_all:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.1",
"matchCriteriaId": "C0CBA50B-A4F0-4C68-8C85-F5638272ED37"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/first-graders-toolbox/wordpress-1-click-disable-all-plugin-1-0-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/first-graders-toolbox/wordpress-1-click-disable-all-plugin-1-0-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-21xx/CVE-2024-2110.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2110",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-28T02:15:09.990",
"lastModified": "2024-11-21T09:09:03.200",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:20:25.510",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3054883/events-manager/trunk/classes/em-bookings-table.php",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c0538999-0a09-4d24-a530-a32fb5b4e5e6?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3054883/events-manager/trunk/classes/em-bookings-table.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c0538999-0a09-4d24-a530-a32fb5b4e5e6?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pixelite:events_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.4.7.2",
"matchCriteriaId": "6AB8AF29-713D-4DAB-947A-5F55D1774FFC"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3054883/events-manager/trunk/classes/em-bookings-table.php",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c0538999-0a09-4d24-a530-a32fb5b4e5e6?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3054883/events-manager/trunk/classes/em-bookings-table.php",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c0538999-0a09-4d24-a530-a32fb5b4e5e6?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-21xx/CVE-2024-2111.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2111",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-28T02:15:10.397",
"lastModified": "2024-11-21T09:09:03.313",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:23:37.207",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pixelite:events_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.4.7.2",
"matchCriteriaId": "6AB8AF29-713D-4DAB-947A-5F55D1774FFC"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3054883%40events-manager&new=3054883%40events-manager&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/95ded4bf-9964-4bb3-b6e5-5ad37360f87d?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3054883%40events-manager&new=3054883%40events-manager&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/95ded4bf-9964-4bb3-b6e5-5ad37360f87d?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-21xx/CVE-2024-2115.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2115",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-05T08:15:07.470",
"lastModified": "2024-11-21T09:09:03.650",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-08T18:02:33.007",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3061953/learnpress/tags/4.0.1/inc/admin/class-lp-admin.php",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/342a4482-f5d3-4cc9-a998-e3abac7142cf?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3061953/learnpress/tags/4.0.1/inc/admin/class-lp-admin.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/342a4482-f5d3-4cc9-a998-e3abac7142cf?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.0.1",
"matchCriteriaId": "DB2DA696-332A-4762-BDED-A6587675DC7C"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3061953/learnpress/tags/4.0.1/inc/admin/class-lp-admin.php",
"source": "security@wordfence.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/342a4482-f5d3-4cc9-a998-e3abac7142cf?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3061953/learnpress/tags/4.0.1/inc/admin/class-lp-admin.php",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/342a4482-f5d3-4cc9-a998-e3abac7142cf?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

103
CVE-2024/CVE-2024-21xx/CVE-2024-2149.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2149",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-03-03T18:15:10.723",
"lastModified": "2024-11-21T09:09:08.230",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:09:38.630",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -76,30 +96,67 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/JiaDongGao1/CVE_Hunter/blob/main/SQLi-2.md",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.255502",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.255502",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/JiaDongGao1/CVE_Hunter/blob/main/SQLi-2.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://vuldb.com/?ctiid.255502",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://vuldb.com/?id.255502",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:codeastro:membership_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3A341555-1CAF-480B-978A-9AE299540FA3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/JiaDongGao1/CVE_Hunter/blob/main/SQLi-2.md",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.255502",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.255502",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/JiaDongGao1/CVE_Hunter/blob/main/SQLi-2.md",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.255502",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.255502",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

91
CVE-2024/CVE-2024-233xx/CVE-2024-23328.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23328",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-29T01:44:08.483",
"lastModified": "2024-11-21T08:57:31.160",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:52:16.350",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
@ -49,32 +69,87 @@
"value": "CWE-502"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.18.15",
"matchCriteriaId": "F4D9FEA5-987A-4605-9998-BEB7C22702C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.3.0",
"matchCriteriaId": "5260CE59-BCBB-4015-8FCC-AB4BBE4CB15B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/dataease/dataease/commit/4128adf5fc4592b55fa1722a53b178967545d46a",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/dataease/dataease/commit/bb540e6dc83df106ac3253f331066129a7487d1a",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/dataease/dataease/security/advisories/GHSA-8x8q-p622-jf25",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://github.com/dataease/dataease/commit/4128adf5fc4592b55fa1722a53b178967545d46a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/dataease/dataease/commit/bb540e6dc83df106ac3253f331066129a7487d1a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/dataease/dataease/security/advisories/GHSA-8x8q-p622-jf25",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-235xx/CVE-2024-23519.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23519",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-29T01:44:09.110",
"lastModified": "2024-11-21T08:57:52.640",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T17:10:44.600",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -51,14 +71,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/email-before-download/wordpress-email-before-download-plugin-6-9-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
},
"nodes": [
{
"url": "https://patchstack.com/database/vulnerability/email-before-download/wordpress-email-before-download-plugin-6-9-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mandsconsulting:email_before_download:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "6.9.7",
"matchCriteriaId": "A34B976C-1033-49BC-B692-5600D999C305"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/email-before-download/wordpress-email-before-download-plugin-6-9-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/email-before-download/wordpress-email-before-download-plugin-6-9-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-247xx/CVE-2024-24701.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24701",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-29T01:44:12.680",
"lastModified": "2024-11-21T08:59:32.317",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T17:11:18.907",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -51,14 +71,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/setka-editor/wordpress-setka-editor-plugin-2-1-20-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
},
"nodes": [
{
"url": "https://patchstack.com/database/vulnerability/setka-editor/wordpress-setka-editor-plugin-2-1-20-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tiny:setka_workflow:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1.20",
"matchCriteriaId": "C20082BB-1FB4-4DC3-89B8-7950A13C8033"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/setka-editor/wordpress-setka-editor-plugin-2-1-20-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/setka-editor/wordpress-setka-editor-plugin-2-1-20-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-248xx/CVE-2024-24833.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24833",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-05-08T14:15:07.730",
"lastModified": "2024-11-21T08:59:48.913",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T17:14:47.103",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -51,14 +71,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/happy-elementor-addons/wordpress-happy-addons-for-elementor-plugin-3-10-1-broken-access-control-on-post-clone-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
},
"nodes": [
{
"url": "https://patchstack.com/database/vulnerability/happy-elementor-addons/wordpress-happy-addons-for-elementor-plugin-3-10-1-broken-access-control-on-post-clone-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:leevio:happy_addons_for_elementor:*:*:*:*:free:wordpress:*:*",
"versionEndIncluding": "3.10.1",
"matchCriteriaId": "1A44FF86-0054-47D5-8B93-E11DA0E7023E"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/happy-elementor-addons/wordpress-happy-addons-for-elementor-plugin-3-10-1-broken-access-control-on-post-clone-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/happy-elementor-addons/wordpress-happy-addons-for-elementor-plugin-3-10-1-broken-access-control-on-post-clone-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-259xx/CVE-2024-25930.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25930",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-29T01:44:17.050",
"lastModified": "2024-11-21T09:01:35.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T17:11:38.167",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -51,14 +71,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/custom-order-statuses-for-woocommerce/wordpress-custom-order-statuses-for-woocommerce-plugin-1-5-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
},
"nodes": [
{
"url": "https://patchstack.com/database/vulnerability/custom-order-statuses-for-woocommerce/wordpress-custom-order-statuses-for-woocommerce-plugin-1-5-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nuggethon:custom_order_status_manager_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.5.2",
"matchCriteriaId": "67A30BFB-B677-430D-8625-EDCDA9A0E11B"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/custom-order-statuses-for-woocommerce/wordpress-custom-order-statuses-for-woocommerce-plugin-1-5-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/custom-order-statuses-for-woocommerce/wordpress-custom-order-statuses-for-woocommerce-plugin-1-5-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

82
CVE-2024/CVE-2024-279xx/CVE-2024-27915.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27915",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-06T20:15:47.930",
"lastModified": "2024-11-21T09:05:24.810",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:37:37.653",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
@ -49,24 +69,74 @@
"value": "CWE-863"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sulu:sulu:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.2.0",
"versionEndExcluding": "2.4.17",
"matchCriteriaId": "552E4458-5771-4AF7-B8CB-D742280EF855"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sulu:sulu:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.5.0",
"versionEndExcluding": "2.5.13",
"matchCriteriaId": "9A934DEB-DB97-4461-8542-588A268F9060"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sulu/sulu/commit/ec9c3f99e15336dc4f6877f512300f231c17c6da",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-jr83-m233-gg6p",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://github.com/sulu/sulu/commit/ec9c3f99e15336dc4f6877f512300f231c17c6da",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-jr83-m233-gg6p",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-27xx/CVE-2024-2733.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2733",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-10T04:15:09.630",
"lastModified": "2024-11-21T09:10:23.930",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T17:52:18.777",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bold-themes:bold_page_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.8.9",
"matchCriteriaId": "FC6F8754-2DCF-47CC-9602-6F37E9596D11"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3064413/bold-page-builder/trunk/content_elements/bt_bb_separator/bt_bb_separator.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2db39ae2-6c44-4a4c-84de-9b7041bece37?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3064413/bold-page-builder/trunk/content_elements/bt_bb_separator/bt_bb_separator.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2db39ae2-6c44-4a4c-84de-9b7041bece37?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-27xx/CVE-2024-2734.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2734",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-10T05:15:49.127",
"lastModified": "2024-11-21T09:10:24.050",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T17:52:29.340",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bold-themes:bold_page_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.8.9",
"matchCriteriaId": "FC6F8754-2DCF-47CC-9602-6F37E9596D11"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3064413%40bold-page-builder&new=3064413%40bold-page-builder&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/650b5677-7c70-415f-81bf-12514393e4c9?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3064413%40bold-page-builder&new=3064413%40bold-page-builder&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/650b5677-7c70-415f-81bf-12514393e4c9?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-27xx/CVE-2024-2735.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2735",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-10T05:15:49.427",
"lastModified": "2024-11-21T09:10:24.170",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T17:52:42.690",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bold-themes:bold_page_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.8.9",
"matchCriteriaId": "FC6F8754-2DCF-47CC-9602-6F37E9596D11"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3064413/bold-page-builder/trunk/bold-builder.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6cc4a67b-81fa-4ef6-9167-eab5cb9002ec?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3064413/bold-page-builder/trunk/bold-builder.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6cc4a67b-81fa-4ef6-9167-eab5cb9002ec?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-27xx/CVE-2024-2736.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2736",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-10T05:15:49.640",
"lastModified": "2024-11-21T09:10:24.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T17:24:59.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bold-themes:bold_page_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.8.9",
"matchCriteriaId": "FC6F8754-2DCF-47CC-9602-6F37E9596D11"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3064413/bold-page-builder/trunk/content_elements/bt_bb_headline/bt_bb_headline.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86cf664f-5de1-4692-96b3-2fd8ae35110b?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3064413/bold-page-builder/trunk/content_elements/bt_bb_headline/bt_bb_headline.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86cf664f-5de1-4692-96b3-2fd8ae35110b?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

185
CVE-2024/CVE-2024-288xx/CVE-2024-28855.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28855",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-18T22:15:08.963",
"lastModified": "2024-11-21T09:07:03.350",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:14:28.137",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,72 +69,201 @@
"value": "CWE-20"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.41.15",
"matchCriteriaId": "FFD391D1-3498-46AB-B74F-5EAB21A2E33C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.42.0",
"versionEndExcluding": "2.42.15",
"matchCriteriaId": "A9A5738D-E435-4BC1-8B95-50C8DCE2A82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.43.0",
"versionEndExcluding": "2.43.9",
"matchCriteriaId": "6A5FC2D7-DF8A-48ED-98B3-48B85DD5FE18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.44.0",
"versionEndExcluding": "2.44.3",
"matchCriteriaId": "44939A24-65F7-4D03-805E-585F2AEC7A31"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.47.0",
"versionEndExcluding": "2.47.4",
"matchCriteriaId": "345DE50B-483E-4B0F-A391-E68BEF04AF2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:2.45.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CDF0C992-982C-4963-BFE4-1592B681D69E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:2.45.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "BDA3827B-80DF-4A2A-A103-97FE37352090"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:2.46.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B3FE712E-6B93-4374-A2A8-8A6C51007F1D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:2.46.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CCEA9592-45E4-4C4A-906F-62732495B2D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:2.46.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "D5C0396B-7FFB-4700-BBFF-AC7D2748B00A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.41.15",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.42.15",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.43.9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.44.3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.45.1",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.46.1",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.47.3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-hfrg-4jwr-jfpj",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.41.15",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.42.15",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.43.9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.44.3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.45.1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.46.1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.47.3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-hfrg-4jwr-jfpj",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

42
CVE-2024/CVE-2024-289xx/CVE-2024-28916.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28916",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-03-21T00:15:09.533",
"lastModified": "2024-11-21T09:07:11.097",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:35:14.683",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,16 +49,50 @@
"value": "CWE-59"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:xbox_gaming_services:*:*:*:*:*:*:*:*",
"versionEndExcluding": "19.87.13001.0",
"matchCriteriaId": "F6DE7E4E-9F52-4492-BFBE-6B65EEDC26FD"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28916",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28916",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

434
CVE-2024/CVE-2024-290xx/CVE-2024-29059.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29059",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-03-23T00:15:09.150",
"lastModified": "2024-11-21T09:07:28.230",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:33:02.303",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,16 +49,442 @@
"value": "CWE-209"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-209"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23317443-1968-4791-9F20-AD3B308A83D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23317443-1968-4791-9F20-AD3B308A83D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E332666-2E03-468E-BC30-299816D6E8ED"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F513002-D8C1-4D3A-9F79-4B52498F67E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8DC08D-A860-493A-8AA6-1AD4A0A511AD"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB4AE761-6FAC-4000-A63D-42CE3FAB8412"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDC4407-7E92-4E60-82F0-0C87D1860D3A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D400E856-2B2E-4CEA-8CA5-309FDF371CEA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23317443-1968-4791-9F20-AD3B308A83D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "280FE663-23BE-45D2-9B31-5F577E390B48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "A045AC0A-471E-444C-B3B0-4CABC23E8CFB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "28A7FEE9-B473-48A0-B0ED-A5CC1E44194C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23317443-1968-4791-9F20-AD3B308A83D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "934D4E46-12C1-41DC-A28C-A2C430E965E4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F513002-D8C1-4D3A-9F79-4B52498F67E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8DC08D-A860-493A-8AA6-1AD4A0A511AD"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB4AE761-6FAC-4000-A63D-42CE3FAB8412"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4793BFB-2E4E-4067-87A5-4B8749025CA3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42D329B2-432D-4029-87EB-4C3C5F55CD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75CCACE6-A0EE-4A6F-BD5A-7AA504B02717"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "734112B3-1383-4BE3-8721-C0F84566B764"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36B0E40A-84EF-4099-A395-75D6B8CDA196"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

174
CVE-2024/CVE-2024-298xx/CVE-2024-29891.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29891",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-27T20:15:07.780",
"lastModified": "2024-11-21T09:08:33.593",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:16:59.630",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 5.8
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 5.8
}
]
},
@ -49,72 +69,190 @@
"value": "CWE-434"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.42.17",
"matchCriteriaId": "220712AC-B9A7-4C02-972F-F69A3C93EA5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.43.0",
"versionEndExcluding": "2.43.11",
"matchCriteriaId": "E63D00B9-2C3C-48BA-9C87-DA3B3895DDCB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.44.0",
"versionEndExcluding": "2.44.7",
"matchCriteriaId": "B72E7A77-7537-4872-8038-A92E68A1451B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.45.0",
"versionEndExcluding": "2.45.5",
"matchCriteriaId": "A0B9428D-76F8-4121-809B-AEC937D6419A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.46.0",
"versionEndExcluding": "2.46.5",
"matchCriteriaId": "5829B90F-DCE0-44DB-AC75-9BC923774CD7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.47.0",
"versionEndExcluding": "2.47.8",
"matchCriteriaId": "0C29110B-3ADA-4388-A9AF-773574F03094"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.48.0",
"versionEndExcluding": "2.48.3",
"matchCriteriaId": "63C71265-8561-48A6-9D9F-1A94A89A64D8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.42.17",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.43.11",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.44.7",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.45.5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.46.5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.47.8",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.48.3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-hr5w-cwwq-2v4m",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.42.17",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.43.11",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.44.7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.45.5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.46.5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.47.8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.48.3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-hr5w-cwwq-2v4m",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

174
CVE-2024/CVE-2024-298xx/CVE-2024-29892.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29892",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-27T20:15:08.303",
"lastModified": "2024-11-21T09:08:33.727",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:20:34.003",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.9,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
@ -49,72 +69,190 @@
"value": "CWE-863"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.42.17",
"matchCriteriaId": "220712AC-B9A7-4C02-972F-F69A3C93EA5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.43.0",
"versionEndExcluding": "2.43.11",
"matchCriteriaId": "E63D00B9-2C3C-48BA-9C87-DA3B3895DDCB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.44.0",
"versionEndExcluding": "2.44.7",
"matchCriteriaId": "B72E7A77-7537-4872-8038-A92E68A1451B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.45.0",
"versionEndExcluding": "2.45.5",
"matchCriteriaId": "A0B9428D-76F8-4121-809B-AEC937D6419A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.46.0",
"versionEndExcluding": "2.46.5",
"matchCriteriaId": "5829B90F-DCE0-44DB-AC75-9BC923774CD7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.47.0",
"versionEndExcluding": "2.47.8",
"matchCriteriaId": "0C29110B-3ADA-4388-A9AF-773574F03094"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.48.0",
"versionEndExcluding": "2.48.3",
"matchCriteriaId": "63C71265-8561-48A6-9D9F-1A94A89A64D8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.42.17",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.43.11",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.44.7",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.45.5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.46.5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.47.8",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.48.3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-gp8g-f42f-95q2",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.42.17",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.43.11",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.44.7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.45.5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.46.5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.47.8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/releases/tag/v2.48.3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-gp8g-f42f-95q2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

84
CVE-2024/CVE-2024-29xx/CVE-2024-2925.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2925",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-02T07:16:13.470",
"lastModified": "2024-11-21T09:10:51.240",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:28:36.057",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,33 +36,101 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fastlinemedia:beaver_builder:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "2.8.0.7",
"matchCriteriaId": "0FF56C6B-F345-4234-BF72-A9F9CA7E82F9"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/beaver-builder-lite-version/tags/2.8.0.4/modules/button/includes/frontend.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3062187/beaver-builder-lite-version/trunk/modules/button/includes/frontend.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d311170c-db2b-4c23-aa43-98d7e92839bb?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/beaver-builder-lite-version/tags/2.8.0.4/modules/button/includes/frontend.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3062187/beaver-builder-lite-version/trunk/modules/button/includes/frontend.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d311170c-db2b-4c23-aa43-98d7e92839bb?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

72
CVE-2024/CVE-2024-300xx/CVE-2024-30042.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30042",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-05-14T17:17:14.283",
"lastModified": "2024-11-21T09:11:07.643",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:59:45.373",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,16 +49,80 @@
"value": "CWE-502"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "40C15EDD-98D4-4D06-BA06-21AE0F33C72D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "09BF0981-749E-470B-A7AC-95AD087797EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "FF177984-A906-43FA-BF60-298133FBBD6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:*:*",
"matchCriteriaId": "6C9D7C93-E8CB-4A8A-BA15-093B03ACC62F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*",
"matchCriteriaId": "BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office_online_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.10410.20003",
"matchCriteriaId": "80D9A0D3-5662-433E-8CA9-B036D9114895"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office_online_server:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C0BD17-4324-4DFF-9804-1825C4C182A1"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30042",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30042",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

72
CVE-2024/CVE-2024-300xx/CVE-2024-30043.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30043",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-05-14T17:17:15.180",
"lastModified": "2024-11-21T09:11:07.770",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:56:55.587",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,16 +69,60 @@
"value": "CWE-611"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*",
"versionEndExcluding": "16.0.17328.20292",
"matchCriteriaId": "E86449BF-E013-44C2-B9E7-E98CF0185B51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "F815EF1D-7B60-47BE-9AC2-2548F99F10E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "6122D014-5BF1-4AF4-8B4D-80205ED7785E"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30043",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30043",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

52
CVE-2024/CVE-2024-300xx/CVE-2024-30044.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30044",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-05-14T17:17:16.107",
"lastModified": "2024-11-21T09:11:07.893",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:50:31.400",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,16 +49,60 @@
"value": "CWE-502"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*",
"versionEndExcluding": "16.0.17328.20292",
"matchCriteriaId": "E86449BF-E013-44C2-B9E7-E98CF0185B51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "F815EF1D-7B60-47BE-9AC2-2548F99F10E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "6122D014-5BF1-4AF4-8B4D-80205ED7785E"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30044",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30044",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

90
CVE-2024/CVE-2024-300xx/CVE-2024-30045.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30045",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-05-14T17:17:17.023",
"lastModified": "2024-11-22T12:15:18.707",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:36:30.457",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,20 +49,100 @@
"value": "CWE-122"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.19",
"matchCriteriaId": "98AEF40E-333C-4B7C-A1A7-522459C01F90"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.0.5",
"matchCriteriaId": "19A6ED34-B810-42BF-9256-8632F965EBED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4",
"versionEndExcluding": "7.4.3",
"matchCriteriaId": "7D708FAC-81E3-4E60-B9D9-7C7AA614A503"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.4.0",
"versionEndExcluding": "17.4.19",
"matchCriteriaId": "A8851D8F-C0FC-4957-846E-BEF69B88B9D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.6.0",
"versionEndExcluding": "17.6.15",
"matchCriteriaId": "24B799F3-962A-4366-9B5C-2F60E2098B7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.8.0",
"versionEndExcluding": "17.8.10",
"matchCriteriaId": "55C50579-44BA-4C6A-9CD5-A71D3D80F4E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.9.0",
"versionEndExcluding": "17.9.7",
"matchCriteriaId": "DA2D642F-B4D4-4B84-ACCA-653201079267"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30045",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30045",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20241122-0001/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

78
CVE-2024/CVE-2024-300xx/CVE-2024-30046.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30046",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-05-14T17:17:17.880",
"lastModified": "2024-11-21T09:11:08.140",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:29:04.867",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,16 +49,86 @@
"value": "CWE-362"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.19",
"matchCriteriaId": "98AEF40E-333C-4B7C-A1A7-522459C01F90"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.0.5",
"matchCriteriaId": "19A6ED34-B810-42BF-9256-8632F965EBED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.4.0",
"versionEndExcluding": "17.4.19",
"matchCriteriaId": "A8851D8F-C0FC-4957-846E-BEF69B88B9D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.6.0",
"versionEndExcluding": "17.6.15",
"matchCriteriaId": "24B799F3-962A-4366-9B5C-2F60E2098B7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.8.0",
"versionEndExcluding": "17.8.10",
"matchCriteriaId": "55C50579-44BA-4C6A-9CD5-A71D3D80F4E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.9.0",
"versionEndExcluding": "17.9.7",
"matchCriteriaId": "DA2D642F-B4D4-4B84-ACCA-653201079267"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30046",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30046",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-300xx/CVE-2024-30047.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30047",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-05-14T17:17:18.830",
"lastModified": "2024-11-21T09:11:08.260",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:28:16.327",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 4.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 1.4
}
]
},
@ -49,16 +69,50 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:dynamics_365_customer_insights:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.38813.80",
"matchCriteriaId": "138D73EF-1626-43D5-8FF6-660E688A8029"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30047",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30047",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-300xx/CVE-2024-30048.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30048",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-05-14T17:17:19.713",
"lastModified": "2024-11-21T09:11:08.380",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:20:38.433",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 4.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 1.4
}
]
},
@ -49,16 +69,50 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:dynamics_365_customer_insights:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.38813.80",
"matchCriteriaId": "138D73EF-1626-43D5-8FF6-660E688A8029"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30048",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30048",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

134
CVE-2024/CVE-2024-300xx/CVE-2024-30049.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30049",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-05-14T17:17:20.603",
"lastModified": "2024-11-21T09:11:08.507",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:18:56.370",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,16 +49,142 @@
"value": "CWE-416"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20651",
"matchCriteriaId": "3CAB1AF9-3205-47E7-9F73-B4F29CB7499E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20651",
"matchCriteriaId": "17FA38AD-A8CD-4141-A555-0756F05C69B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6981",
"matchCriteriaId": "208A4966-0B4A-44BD-A94E-D432529D4A7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6981",
"matchCriteriaId": "D0993DA2-43E8-4E09-A8FE-9D4EC48A881D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.5820",
"matchCriteriaId": "7CA2824B-BEA1-438D-A606-65BF5C85AF19"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.4412",
"matchCriteriaId": "64DEDA09-D9D3-4974-A4C1-36D2A7C27916"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2960",
"matchCriteriaId": "8C65169A-BEF8-4C27-8F3C-F30401DFDB71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.3593",
"matchCriteriaId": "D96D1BF2-D11D-4355-A9E8-7F89485772D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22631.3593",
"matchCriteriaId": "44D7840D-388C-46D8-9782-A49FE9D54704"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6981",
"matchCriteriaId": "7B922822-E4BC-4538-9E88-EDA645062A44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.5820",
"matchCriteriaId": "4A3B72F9-A2EA-4C74-98B5-3543A98B9098"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.2461",
"matchCriteriaId": "64742A11-4335-4D12-9112-B94B6FF44F41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.887",
"matchCriteriaId": "7510F630-1C49-4F21-A814-2406F94CA5C7"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30049",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30049",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

140
CVE-2024/CVE-2024-300xx/CVE-2024-30050.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30050",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-05-14T17:17:21.443",
"lastModified": "2024-11-21T09:11:08.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:13:48.903",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,16 +49,148 @@
"value": "CWE-693"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20651",
"matchCriteriaId": "3CAB1AF9-3205-47E7-9F73-B4F29CB7499E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20651",
"matchCriteriaId": "17FA38AD-A8CD-4141-A555-0756F05C69B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6981",
"matchCriteriaId": "208A4966-0B4A-44BD-A94E-D432529D4A7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6981",
"matchCriteriaId": "D0993DA2-43E8-4E09-A8FE-9D4EC48A881D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.5820",
"matchCriteriaId": "7CA2824B-BEA1-438D-A606-65BF5C85AF19"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.4412",
"matchCriteriaId": "64DEDA09-D9D3-4974-A4C1-36D2A7C27916"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.4412",
"matchCriteriaId": "1EAF4860-124C-4A1B-AF4B-12C676E545DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2960",
"matchCriteriaId": "8C65169A-BEF8-4C27-8F3C-F30401DFDB71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.3593",
"matchCriteriaId": "D96D1BF2-D11D-4355-A9E8-7F89485772D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22631.3593",
"matchCriteriaId": "44D7840D-388C-46D8-9782-A49FE9D54704"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6981",
"matchCriteriaId": "7B922822-E4BC-4538-9E88-EDA645062A44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.5820",
"matchCriteriaId": "4A3B72F9-A2EA-4C74-98B5-3543A98B9098"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.2461",
"matchCriteriaId": "64742A11-4335-4D12-9112-B94B6FF44F41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.887",
"matchCriteriaId": "7510F630-1C49-4F21-A814-2406F94CA5C7"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30050",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30050",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-300xx/CVE-2024-30053.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30053",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-05-14T17:17:22.243",
"lastModified": "2024-11-21T09:11:09.060",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-08T18:09:06.970",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,16 +69,50 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:azure_migrate:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.294.1008",
"matchCriteriaId": "32611809-CAE6-4195-BE27-013B6E90C805"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30053",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30053",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

Some files were not shown because too many files have changed in this diff Show More