admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-10-23T18:00:25.728102+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-10-23 18:03:27 +00:00
parent 9dfd72c97e
commit 54f6035d8e
98 changed files with 7454 additions and 899 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2023/CVE-2023-200xx/CVE-2023-20063.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2023-20063",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-11-01T18:15:08.967",
"lastModified": "2024-01-25T17:15:28.157",
"lastModified": "2024-10-23T17:15:13.320",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device."
"value": "A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device."
},
{
"lang": "es",

22
CVE-2023/CVE-2023-251xx/CVE-2023-25195.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25195",
"sourceIdentifier": "security@apache.org",
"published": "2023-03-28T12:15:07.280",
"lastModified": "2023-11-07T04:08:56.857",
"lastModified": "2024-10-23T16:35:02.517",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},

22
CVE-2023/CVE-2023-259xx/CVE-2023-25956.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25956",
"sourceIdentifier": "security@apache.org",
"published": "2023-02-24T12:15:30.867",
"lastModified": "2023-11-07T04:09:16.070",
"lastModified": "2024-10-23T17:35:01.983",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

22
CVE-2023/CVE-2023-264xx/CVE-2023-26464.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26464",
"sourceIdentifier": "security@apache.org",
"published": "2023-03-10T14:15:10.453",
"lastModified": "2023-05-05T20:15:10.253",
"lastModified": "2024-10-23T17:35:02.213",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

22
CVE-2023/CVE-2023-272xx/CVE-2023-27296.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27296",
"sourceIdentifier": "security@apache.org",
"published": "2023-03-27T15:15:08.650",
"lastModified": "2023-11-07T04:09:53.790",
"lastModified": "2024-10-23T17:35:02.430",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

22
CVE-2023/CVE-2023-275xx/CVE-2023-27522.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27522",
"sourceIdentifier": "security@apache.org",
"published": "2023-03-07T16:15:09.613",
"lastModified": "2023-09-08T22:15:10.817",
"lastModified": "2024-10-23T17:35:02.630",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

22
CVE-2023/CVE-2023-283xx/CVE-2023-28326.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-28326",
"sourceIdentifier": "security@apache.org",
"published": "2023-03-28T13:15:07.153",
"lastModified": "2023-11-07T04:10:28.880",
"lastModified": "2024-10-23T16:35:03.653",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},

14
CVE-2023/CVE-2023-520xx/CVE-2023-52098.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52098",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T09:15:07.610",
"lastModified": "2024-01-19T19:12:13.717",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-23T16:35:05.387",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,16 @@
"value": "CWE-400"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-116"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-521xx/CVE-2023-52102.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52102",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T10:15:07.693",
"lastModified": "2024-01-19T19:30:49.283",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-23T16:35:06.720",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-116"
}
]
}
],
"configurations": [

131
CVE-2024/CVE-2024-101xx/CVE-2024-10193.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10193",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-20T08:15:02.300",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:16:11.837",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,121 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wavlink:wn530h4_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20221028",
"matchCriteriaId": "FC6EC91A-7820-4387-ACB7-3747313DBDB0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wavlink:wn530h4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA1D9AB-9DD2-42A8-BE96-6A07CB232C48"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wavlink:wn530hg4_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20221028",
"matchCriteriaId": "80C4ED9C-1FC9-40F2-807B-5C90B69EF406"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wavlink:wn530hg4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9ACAF792-450A-4C0D-81DF-CC61EBCA7305"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wavlink:wn572hg3_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20221028",
"matchCriteriaId": "4F946982-3A15-4E5D-838B-CBDC56A813A2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wavlink:wn572hg3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D85484EB-22F0-4140-9B9F-AC5EB24159DA"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.google.com/document/d/13XWnFITW31u5J8HeQj8Zm-7oLt-M1DtQ/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.280967",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.280967",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.422811",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

143
CVE-2024/CVE-2024-101xx/CVE-2024-10194.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10194",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-20T08:15:02.710",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:16:49.703",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -110,8 +130,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -120,22 +150,121 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wavlink:wn530h4_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20221028",
"matchCriteriaId": "FC6EC91A-7820-4387-ACB7-3747313DBDB0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wavlink:wn530h4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA1D9AB-9DD2-42A8-BE96-6A07CB232C48"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wavlink:wn530hg4_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20221028",
"matchCriteriaId": "80C4ED9C-1FC9-40F2-807B-5C90B69EF406"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wavlink:wn530hg4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9ACAF792-450A-4C0D-81DF-CC61EBCA7305"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wavlink:wn572hg3_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20221028",
"matchCriteriaId": "4F946982-3A15-4E5D-838B-CBDC56A813A2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wavlink:wn572hg3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D85484EB-22F0-4140-9B9F-AC5EB24159DA"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.google.com/document/d/1PodIMRe1f0Ql83jUXV5VIoc-Xsf9VC1K",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.280968",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.280968",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?submit.422834",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

137
CVE-2024/CVE-2024-102xx/CVE-2024-10291.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-10291",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T16:15:04.597",
"lastModified": "2024-10-23T16:15:04.597",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in ZZCMS 2023 and classified as critical. This vulnerability affects the function Ebak_DoExecSQL/Ebak_DotranExecutSQL of the file 3/Ebak5.1/upload/phome.php. The manipulation of the argument phome leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/LvZCh/zzcms2023/issues/3",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.281560",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.281560",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.427101",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2024/CVE-2024-102xx/CVE-2024-10292.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-10292",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T16:15:04.943",
"lastModified": "2024-10-23T16:15:04.943",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ZZCMS 2023 and classified as critical. This issue affects some unknown processing of the file 3/Ebak5.1/upload/ChangeTable.php. The manipulation of the argument savefilename leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/LvZCh/zzcms2023/issues/5",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.281561",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.281561",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.427136",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2024/CVE-2024-102xx/CVE-2024-10293.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-10293",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T16:15:05.207",
"lastModified": "2024-10-23T16:15:05.207",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ZZCMS 2023. It has been classified as critical. Affected is the function Ebak_SetGotoPak of the file 3/Ebbak5.1/upload/class/functions.php. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/LvZCh/zzcms2023/issues/6",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.281562",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.281562",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.427146",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2024/CVE-2024-102xx/CVE-2024-10296.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-10296",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T17:15:13.690",
"lastModified": "2024-10-23T17:15:13.690",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/card-bwdates-reports-details.php of the component Report of Medical Card Page. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://phpgurukul.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.281563",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.281563",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.427400",
"source": "cna@vuldb.com"
}
]
}

56
CVE-2024/CVE-2024-202xx/CVE-2024-20260.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-20260",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:13.950",
"lastModified": "2024-10-23T17:15:13.950",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the VPN and management web servers of the Cisco Adaptive Security Virtual Appliance (ASAv) and Cisco Secure Firewall Threat Defense Virtual (FTDv), formerly Cisco Firepower Threat Defense Virtual, platforms could allow an unauthenticated, remote attacker to cause the virtual devices to run out of system memory, which could cause SSL VPN connection processing to slow down and eventually cease all together.\r\n\r\nThis vulnerability is due to a lack of proper memory management for new incoming SSL/TLS connections on the virtual platforms. An attacker could exploit this vulnerability by sending a large number of new incoming SSL/TLS connections to the targeted virtual platform. A successful exploit could allow the attacker to deplete system memory, resulting in a denial of service (DoS) condition. The memory could be reclaimed slowly if the attack traffic is stopped, but a manual reload may be required to restore operations quickly."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-789"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdvirtual-dos-MuenGnYR",
"source": "ykramarz@cisco.com"
}
]
}

64
CVE-2024/CVE-2024-202xx/CVE-2024-20264.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-20264",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:14.180",
"lastModified": "2024-10-23T17:15:14.180",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-dhJxQYZs",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

64
CVE-2024/CVE-2024-202xx/CVE-2024-20268.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-20268",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:14.387",
"lastModified": "2024-10-23T17:15:14.387",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an unexpected reload of the device.\r\n\r\nThis vulnerability is due to insufficient input validation of SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device using IPv4 or IPv6. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects all versions of SNMP (versions 1, 2c, and 3) and requires a valid SNMP community string or valid SNMPv3 user credentials."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-231"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-7TcnzxTU",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

64
CVE-2024/CVE-2024-202xx/CVE-2024-20269.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-20269",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:14.610",
"lastModified": "2024-10-23T17:15:14.610",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-dhJxQYZs",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

64
CVE-2024/CVE-2024-202xx/CVE-2024-20273.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-20273",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:14.813",
"lastModified": "2024-10-23T17:15:14.813",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-dhJxQYZs",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

64
CVE-2024/CVE-2024-202xx/CVE-2024-20274.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-20274",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:15.027",
"lastModified": "2024-10-23T17:15:15.027",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document.\r\n\r\nThis vulnerability is due to improper validation of user-supplied data. An attacker could exploit this vulnerability by submitting malicious content to an affected device and using the device to generate a document that contains sensitive information. A successful exploit could allow the attacker to alter the standard layout of the device-generated documents, access arbitrary files from the underlying operating system, and conduct server-side request forgery (SSRF) attacks. To successfully exploit this vulnerability, an attacker would need valid credentials for a user account with policy-editing permissions, such as Network Admin, Intrusion Admin, or any custom user role with the same capabilities."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-html-inj-nfJeYHxz",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

64
CVE-2024/CVE-2024-202xx/CVE-2024-20275.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-20275",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:15.237",
"lastModified": "2024-10-23T17:15:15.237",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the cluster backup feature of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system.\r\n\r\nThis vulnerability is due to insufficient validation of user data that is supplied through the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute arbitrary operating system commands on the affected device. To exploit this vulnerability, an attacker would need valid credentials for a user account with at least the role of Network Administrator. In addition, the attacker would need to persuade a legitimate user to initiate a cluster backup on the affected device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-g8AOKnDP",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

64
CVE-2024/CVE-2024-202xx/CVE-2024-20297.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-20297",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:15.437",
"lastModified": "2024-10-23T17:15:15.437",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this vulnerability by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-acl-bypass-VvnLNKqf",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

64
CVE-2024/CVE-2024-202xx/CVE-2024-20298.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-20298",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:15.710",
"lastModified": "2024-10-23T17:15:15.710",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-dhJxQYZs",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

64
CVE-2024/CVE-2024-202xx/CVE-2024-20299.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-20299",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:16.900",
"lastModified": "2024-10-23T17:15:16.900",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this vulnerability by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-acl-bypass-VvnLNKqf",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

64
CVE-2024/CVE-2024-203xx/CVE-2024-20300.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-20300",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:17.253",
"lastModified": "2024-10-23T17:15:17.253",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-dhJxQYZs",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

64
CVE-2024/CVE-2024-203xx/CVE-2024-20329.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-20329",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:17.457",
"lastModified": "2024-10-23T17:15:17.457",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to execute operating system commands as root.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by submitting crafted input when executing remote CLI commands over SSH. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-146"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-rce-gRAuPEUF",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

64
CVE-2024/CVE-2024-203xx/CVE-2024-20330.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-20330",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:17.663",
"lastModified": "2024-10-23T17:15:17.663",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cause the Snort detection engine to restart unexpectedly.\r\n\r\nThis vulnerability is due to improper memory management when the Snort detection engine processes specific TCP or UDP packets. An attacker could exploit this vulnerability by sending crafted TCP or UDP packets through a device that is inspecting traffic using the Snort detection engine. A successful exploit could allow the attacker to restart the Snort detection engine repeatedly, which could cause a denial of service (DoS) condition. The DoS condition impacts only the traffic through the device that is examined by the Snort detection engine. The device can still be managed over the network.\r\nNote: Once a memory block is corrupted, it cannot be cleared until the Cisco Firepower 2100 Series Appliance is manually reloaded. This means that the Snort detection engine could crash repeatedly, causing traffic that is processed by the Snort detection engine to be dropped until the device is manually reloaded."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-788"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd2100-snort-dos-M9HuMt75",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

64
CVE-2024/CVE-2024-203xx/CVE-2024-20331.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-20331",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:17.870",
"lastModified": "2024-10-23T17:15:17.870",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to prevent users from authenticating.\r\n\r\nThis vulnerability is due to insufficient entropy in the authentication process. An attacker could exploit this vulnerability by determining the handle of an authenticating user and using it to terminate their authentication session. A successful exploit could allow the attacker to force a user to restart the authentication process, preventing a legitimate user from establishing remote access VPN sessions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-330"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-nyH3fhp",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

64
CVE-2024/CVE-2024-203xx/CVE-2024-20339.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-20339",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:18.097",
"lastModified": "2024-10-23T17:15:18.097",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to an issue that occurs when TLS traffic is processed. An attacker could exploit this vulnerability by sending certain TLS traffic over IPv4 through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition and impacting traffic to and through the affected device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-QXYE5Ufy",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

64
CVE-2024/CVE-2024-203xx/CVE-2024-20340.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-20340",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:18.300",
"lastModified": "2024-10-23T17:15:18.300",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to perform an SQL injection attack against an affected device. To exploit this vulnerability, an attacker must have a valid account on the device with the role of Security Approver, Intrusion Admin, Access Admin, or Network Admin.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to read the contents of databases on the affected device and also obtain limited read access to the underlying operating system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sql-inject-2EnmTC8v",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

68
CVE-2024/CVE-2024-203xx/CVE-2024-20341.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-20341",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:18.493",
"lastModified": "2024-10-23T17:15:18.493",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device. This vulnerability is due to improper validation of user-supplied input to application endpoints. An attacker could exploit this vulnerability by persuading a user to follow a link designed to submit malicious input to the affected application. A successful exploit could allow the attacker to execute arbitrary HTML or script code in the browser in the context of the web services page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-80"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-xss-yjj7ZjVq",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-yjj7ZjVq",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

68
CVE-2024/CVE-2024-203xx/CVE-2024-20342.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-20342",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:18.703",
"lastModified": "2024-10-23T17:15:18.703",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter.\r\n\r\nThis vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1025"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-xss-yjj7ZjVq",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-rf-bypass-OY8f3pnM",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

68
CVE-2024/CVE-2024-203xx/CVE-2024-20351.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-20351",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T17:15:18.913",
"lastModified": "2024-10-23T17:15:18.913",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service (DoS) condition.\r\n\r\nThis vulnerability is due to the improper handling of TCP/IP network traffic. An attacker could exploit this vulnerability by sending a large amount of TCP/IP network traffic through the affected device. A successful exploit could allow the attacker to cause the Cisco FTD device to drop network traffic, resulting in a DoS condition. The affected device must be rebooted to resolve the DoS condition."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-xss-yjj7ZjVq",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort-fw-BCJTZPMu",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300",
"source": "ykramarz@cisco.com"
}
]
}

4
CVE-2024/CVE-2024-223xx/CVE-2024-22329.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-22329",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-04-17T02:15:10.947",
"lastModified": "2024-04-17T12:48:07.510",
"lastModified": "2024-10-23T16:15:05.493",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nIBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 are vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker could exploit this vulnerability to conduct the SSRF attack. X-Force ID: 279951.\n\n"
"value": "IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 are vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker could exploit this vulnerability to conduct the SSRF attack. X-Force ID: 279951."
},
{
"lang": "es",

39
CVE-2024/CVE-2024-265xx/CVE-2024-26519.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26519",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-22T22:15:04.220",
"lastModified": "2024-10-23T15:12:34.673",
"lastModified": "2024-10-23T17:35:03.570",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " Un problema en Casa Systems NTC-221 versi\u00f3n 2.0.99.0 y anteriores permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado para el componente /www/cgi-bin/nas.cgi."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"references": [
{
"url": "https://cybercx.com.au/blog/zero-day-rce-in-netcomm-ntc-221-industrial-iot-m2m-lte-4g-router/",

44
CVE-2024/CVE-2024-301xx/CVE-2024-30124.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2024-30124",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-10-23T16:15:05.667",
"lastModified": "2024-10-23T16:15:05.667",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HCL Sametime is impacted by insecure services in-use on the UIM client by default. An unused legacy REST service was enabled by default using the HTTP protocol. An attacker could potentially use this service endpoint maliciously."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0115627",
"source": "psirt@hcl.com"
}
]
}

39
CVE-2024/CVE-2024-310xx/CVE-2024-31029.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31029",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-22T22:15:04.313",
"lastModified": "2024-10-23T15:12:34.673",
"lastModified": "2024-10-23T17:35:04.327",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Un problema en la funci\u00f3n server_handle_regular del archivo test_coap_server.c dentro del proyecto FreeCoAP permite a atacantes remotos provocar una denegaci\u00f3n de servicio a trav\u00e9s de paquetes especialmente manipulados."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/dqp10515/41ec400b7eecfcae7578d505598ab85f",

39
CVE-2024/CVE-2024-404xx/CVE-2024-40493.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40493",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-22T22:15:04.407",
"lastModified": "2024-10-23T15:12:34.673",
"lastModified": "2024-10-23T16:35:08.327",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " La desreferencia de puntero nulo en la funci\u00f3n `coap_client_exchange_blockwise2` en Keith Cullen FreeCoAP 1.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio y potencialmente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un paquete CoAP especialmente manipulado que hace que `coap_msg_get_payload(resp)` devuelva un puntero nulo, que luego se desreferencia en una llamada a `memcpy`."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/dqp10515/fe80005e2fb58ed8ada178ac017e4ad4",

39
CVE-2024/CVE-2024-404xx/CVE-2024-40494.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40494",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-22T22:15:04.493",
"lastModified": "2024-10-23T15:12:34.673",
"lastModified": "2024-10-23T17:35:05.100",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " El desbordamiento de b\u00fafer en coap_msg.c en FreeCoAP permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria ) a trav\u00e9s de un paquete manipulado espec\u00edficamente para ello."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/dqp10515/e9d7d663cb89187bfe7b39bb3aeb0113",

93
CVE-2024/CVE-2024-468xx/CVE-2024-46871.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46871",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T14:15:07.533",
"lastModified": "2024-10-10T12:51:56.987",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:10:48.077",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,102 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Corrija el valor definido para AMDGPU_DMUB_NOTIFICATION_MAX [Por qu\u00e9 y c\u00f3mo] En realidad, expone '6' tipos en la enumeraci\u00f3n dmub_notification_type. No 5. El uso de un n\u00famero menor para crear la matriz dmub_callback y dmub_thread_offload tiene el potencial de acceder a un elemento fuera del l\u00edmite de la matriz. Arr\u00e9glelo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-129"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.109",
"matchCriteriaId": "EFD3BACD-EA1D-4437-A135-A3E7A761F54F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.50",
"matchCriteriaId": "A56A0460-B122-44D6-B0E6-26CE9C891536"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.9",
"matchCriteriaId": "F4469C96-A86B-4CC3-B2D5-C21B6B72641B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/800a5ab673c4a61ca220cce177386723d91bdb37",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9f404b0bc2df3880758fb3c3bc7496f596f347d7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ad28d7c3d989fc5689581664653879d664da76f0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c592b6355b9b57b8e59fc5978ce1e14f64488a98",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

81
CVE-2024/CVE-2024-476xx/CVE-2024-47658.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47658",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T14:15:07.603",
"lastModified": "2024-10-10T12:51:56.987",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:14:46.213",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,88 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: crypto: stm32/cryp - call finalize with bh disabled La operaci\u00f3n finalize en modo de interrupci\u00f3n produce una advertencia de recursi\u00f3n de spinlock. La raz\u00f3n es que BH debe estar deshabilitado durante este proceso."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.50",
"matchCriteriaId": "FAE86900-6239-4D0C-B6C0-70BF7C6BA610"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.9",
"matchCriteriaId": "F4469C96-A86B-4CC3-B2D5-C21B6B72641B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/56ddb9aa3b324c2d9645b5a7343e46010cf3f6ce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5d734665cd5d93270731e0ff1dd673fec677f447",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d93a2f86b0a998aa1f0870c85a2a60a0771ef89a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

141
CVE-2024/CVE-2024-476xx/CVE-2024-47659.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47659",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T14:15:07.660",
"lastModified": "2024-10-10T12:51:56.987",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:29:14.800",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,158 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smack: tcp: ipv4, corregir etiquetado incorrecto Actualmente, Smack refleja la etiqueta de las conexiones entrantes tcp/ipv4: cuando una etiqueta 'foo' se conecta a una etiqueta 'bar' con tcp/ipv4, 'foo' siempre obtiene 'foo' en los paquetes ipv4 devueltos. Por lo tanto, 1) los paquetes devueltos est\u00e1n etiquetados incorrectamente ('foo' en lugar de 'bar') 2) 'bar' puede escribir en 'foo' sin estar autorizado para escribir. Aqu\u00ed hay un escenario para ver esto: * Tome dos m\u00e1quinas, llam\u00e9moslas C y S, con Smack activo en el estado predeterminado (sin configuraciones, sin reglas, sin hosts etiquetados, solo etiquetas incorporadas) * En S, agregue la regla de Smack 'foo bar w' (las etiquetas 'foo' y 'bar' est\u00e1n instanciadas en S en este momento) * En S, en la etiqueta 'bar', inicie un programa que escuche conexiones entrantes tcp/ipv4 * Desde C, en la etiqueta 'foo', con\u00e9ctese al oyente en S. (la etiqueta 'foo' est\u00e1 instanciada en C en este momento) La conexi\u00f3n es exitosa y funciona. * Env\u00ede algunos datos en ambas direcciones. * Recolecte tr\u00e1fico de red de esta conexi\u00f3n. Todos los paquetes en ambas direcciones est\u00e1n etiquetados con el CIPSO de la etiqueta 'foo'. Por lo tanto, la etiqueta 'bar' escribe en 'foo' sin estar autorizada, e incluso sin ser conocida en C. Si a alguien le importa: exactamente lo mismo sucede con DCCP. Este comportamiento se manifest\u00f3 por primera vez en la versi\u00f3n 2.6.29.4 (ver Correcciones a continuaci\u00f3n) y parece no ser intencional. Al menos, no se proporcion\u00f3 ninguna explicaci\u00f3n. Cambi\u00e9 la etiqueta de los paquetes devueltos por \"barra\" para que coincida con lo que afirma la documentaci\u00f3n de Smack."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.322",
"matchCriteriaId": "29162FB8-5FA4-4DC4-86CE-5EB0CAEEF2F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.284",
"matchCriteriaId": "6265A402-9C3C-438F-BFC5-4194B2568B85"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.226",
"matchCriteriaId": "864FC17C-501A-4823-A643-6F35D65D8A97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.167",
"matchCriteriaId": "043405A4-25FE-45D4-A7BB-2A0C3B7D17C1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.109",
"matchCriteriaId": "790F505A-7933-48F1-B038-380A8BC5C153"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.50",
"matchCriteriaId": "A56A0460-B122-44D6-B0E6-26CE9C891536"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.9",
"matchCriteriaId": "F4469C96-A86B-4CC3-B2D5-C21B6B72641B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0776bcf9cb6de46fdd94d10118de1cf9b05f83b9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0aea09e82eafa50a373fc8a4b84c1d4734751e2c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2fe209d0ad2e2729f7e22b9b31a86cc3ff0db550",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4be9fd15c3c88775bdf6fa37acabe6de85beebff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5b4b304f196c070342e32a4752e1fa2e22fc0671",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a948ec993541db4ef392b555c37a1186f4d61670",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d3703fa94116fed91f64c7d1c7d284fb4369070f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d3f56c653c65f170b172d3c23120bc64ada645d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

117
CVE-2024/CVE-2024-476xx/CVE-2024-47660.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47660",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T14:15:07.730",
"lastModified": "2024-10-10T12:51:56.987",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T17:00:47.747",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,130 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fsnotify: borrar indicadores PARENT_WATCHED de forma diferida En algunas configuraciones, los directorios pueden tener muchas entradas (normalmente negativas). Por lo tanto, la funci\u00f3n __fsnotify_update_child_dentry_flags() puede tardar una cantidad significativa de tiempo. Dado que la mayor parte de esta funci\u00f3n se realiza en inode->i_lock, esto provoca una contenci\u00f3n significativa en el bloqueo cuando eliminamos la vigilancia del directorio, ya que la llamada __fsnotify_update_child_dentry_flags() desde fsnotify_recalc_mask() compite con las llamadas __fsnotify_update_child_dentry_flags() desde __fsnotify_parent() que ocurren en los hijos. Esto puede provocar informes de bloqueo suave informados por los usuarios. Solucione el problema llamando a fsnotify_update_children_dentry_flags() para establecer los indicadores PARENT_WATCHED solo cuando el padre comience a vigilar a los hijos. Cuando el padre deja de vigilar a los hijos, borra los indicadores de falsos positivos PARENT_WATCHED de forma diferida en __fsnotify_parent() para cada hijo al que acceda."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.226",
"matchCriteriaId": "2C67534D-8BBC-4069-8DEA-62295B16358C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.167",
"matchCriteriaId": "043405A4-25FE-45D4-A7BB-2A0C3B7D17C1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.109",
"matchCriteriaId": "790F505A-7933-48F1-B038-380A8BC5C153"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.50",
"matchCriteriaId": "A56A0460-B122-44D6-B0E6-26CE9C891536"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.9",
"matchCriteriaId": "F4469C96-A86B-4CC3-B2D5-C21B6B72641B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/172e422ffea20a89bfdc672741c1aad6fbb5044e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3f3ef1d9f66b93913ce2171120d9226b55acd41d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7ef1d2e240c32b1f337a37232d037b07e3919e1a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d8c42405fc3507cc43ba7e4986a773c3fc633f6e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f9a48bc3dd9099935751458a5bbbea4b7c28abc8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fc1b1e135c3f72382f792e6c319fc088d5523ad5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

69
CVE-2024/CVE-2024-476xx/CVE-2024-47662.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47662",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.080",
"lastModified": "2024-10-10T12:51:56.987",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:53:12.973",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,74 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Eliminar registro de la recopilaci\u00f3n de diagn\u00f3sticos DMCUB de DCN35 [Por qu\u00e9] Estos registros no se deben leer desde el controlador y desencadenar la violaci\u00f3n de seguridad cuando el tiempo de trabajo de DMCUB se agota y se recopilan los diagn\u00f3sticos bloquea la entrada Z8. [C\u00f3mo] Eliminar la lectura del registro de DCN35."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10.9",
"matchCriteriaId": "24175937-56EC-4F8D-B998-C00E8F09D4A8"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/466423c6dd8af23ebb3a69d43434d01aed0db356",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eba4b2a38ccdf074a053834509545703d6df1d57",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

160
CVE-2024/CVE-2024-476xx/CVE-2024-47663.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47663",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.150",
"lastModified": "2024-10-10T12:51:56.987",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:50:53.183",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,35 +15,175 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: staging: iio: frequency: ad9834: Validar el valor del par\u00e1metro de frecuencia En ad9834_write_frequency(), clk_get_rate() puede devolver 0. En tal caso, la llamada a ad9834_calc_freqreg() dar\u00e1 lugar a una divisi\u00f3n por cero. La comprobaci\u00f3n de 'if (fout > (clk_freq / 2))' no protege en caso de que 'fout' sea 0. ad9834_write_frequency() se llama desde ad9834_write(), donde fout se toma del b\u00fafer de texto, que puede contener cualquier valor. Comprobaci\u00f3n de modificaci\u00f3n de par\u00e1metros. Encontrado por Linux Verification Center (linuxtesting.org) con SVACE."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-369"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.38",
"versionEndExcluding": "5.4.284",
"matchCriteriaId": "F2BFB68D-5C59-4390-B406-2E9CD1A5D238"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.226",
"matchCriteriaId": "864FC17C-501A-4823-A643-6F35D65D8A97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.167",
"matchCriteriaId": "043405A4-25FE-45D4-A7BB-2A0C3B7D17C1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.110",
"matchCriteriaId": "6B1A95FC-7E7E-428B-BB59-F76640C652AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.51",
"matchCriteriaId": "E4529134-BAC4-4776-840B-304009E181A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.10",
"matchCriteriaId": "ACDEE48C-137A-4731-90D0-A675865E1BED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc6:*:*:*:*:*:*",
"matchCriteriaId": "B77A9280-37E6-49AD-B559-5B23A3B1DC3D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0e727707a239d5c519fc9abc2f0fd913516a7e47",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3ba9abfcaa9e16bb91ed7e0e2b42e94a157a953e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/41cc91e3138fe52f8da92a81bebcd0e6cf488c53",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8961b245e8f92bccbaacfbbdf69eba60e3e7c227",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b48aa991758999d4e8f9296c5bbe388f293ef465",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d8b09a5edc4a634373158c1a405491de3c52e58a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dc12e49f970b08d8b007b8981b97e2eb93c0e89d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

91
CVE-2024/CVE-2024-476xx/CVE-2024-47664.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47664",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.223",
"lastModified": "2024-10-10T12:51:56.987",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:47:35.643",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,98 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: spi: hisi-kunpeng: Agregar verificaci\u00f3n para max_frequency proporcionada por el firmware Si el valor de max_speed_hz es 0, puede causar un error de divisi\u00f3n por cero en hisi_calc_effective_speed(). El valor de max_speed_hz lo proporciona el firmware. El firmware generalmente se considera un dominio confiable. Sin embargo, como los errores de divisi\u00f3n por cero pueden causar fallas del sistema, como medida de defensa, el valor de max_speed se valida aqu\u00ed. Entonces, 0 se considera inv\u00e1lido y se devuelve un c\u00f3digo de error."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-369"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.51",
"matchCriteriaId": "D4954ED0-8229-4D57-B4B3-CB5154734977"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.10",
"matchCriteriaId": "ACDEE48C-137A-4731-90D0-A675865E1BED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/16ccaf581da4fcf1e4d66086cf37263f9a656d43",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5127c42c77de18651aa9e8e0a3ced190103b449c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ee73a15d4a8ce8fb02d7866f7cf78fcdd16f0fcc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

105
CVE-2024/CVE-2024-476xx/CVE-2024-47665.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47665",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.290",
"lastModified": "2024-10-10T12:51:56.987",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:44:59.270",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,27 +15,116 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i3c: mipi-i3c-hci: Error en lugar de BUG_ON() en la configuraci\u00f3n de IBI DMA Definitivamente, la condici\u00f3n dma_get_cache_alignment * valor definido > 256 durante la inicializaci\u00f3n del controlador no es motivo para BUG_ON(). Convierta eso en un error elegante con -EINVAL."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.167",
"matchCriteriaId": "11023E9B-B046-4BF0-AB48-269A0E833DDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.110",
"matchCriteriaId": "6B1A95FC-7E7E-428B-BB59-F76640C652AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.51",
"matchCriteriaId": "E4529134-BAC4-4776-840B-304009E181A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.10",
"matchCriteriaId": "ACDEE48C-137A-4731-90D0-A675865E1BED"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2666085335bdfedf90d91f4071490ad3980be785",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5a022269abb22809f2a174b90f200fc4b9526058",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8a2be2f1db268ec735419e53ef04ca039fc027dc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cacb76df247a7cd842ff29755a523b1cba6c0508",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e2d14bfda9eb5393f8a17008afe2aa7fe0a29815",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

81
CVE-2024/CVE-2024-476xx/CVE-2024-47666.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47666",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.353",
"lastModified": "2024-10-10T12:51:56.987",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:34:49.307",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,88 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: pm80xx: Establecer phy->enable_completion solo cuando lo esperamos pm8001_phy_control() rellena el puntero enable_completion con una direcci\u00f3n de pila, env\u00eda un PHY_LINK_RESET / PHY_HARD_RESET, espera 300 ms y regresa. El problema surge cuando una respuesta de control phy llega tarde. Despu\u00e9s de 300 ms, la funci\u00f3n pm8001_phy_control() regresa y la direcci\u00f3n de pila enable_completion pasada ya no es v\u00e1lida. La respuesta de control phy tard\u00eda invoca complete() en un puntero enable_completion colgante que conduce a un bloqueo del kernel."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.51",
"matchCriteriaId": "D4954ED0-8229-4D57-B4B3-CB5154734977"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.10",
"matchCriteriaId": "ACDEE48C-137A-4731-90D0-A675865E1BED"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/7b1d779647afaea9185fa2f150b1721e7c1aae89",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e4f949ef1516c0d74745ee54a0f4882c1f6c7aea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f14d3e1aa613311c744af32d75125e95fc8ffb84",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

129
CVE-2024/CVE-2024-476xx/CVE-2024-47667.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47667",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-09T15:15:15.430",
"lastModified": "2024-10-10T12:51:56.987",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:31:43.003",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,35 +15,144 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: PCI: keystone: Agregar workaround para Errata #i2037 (AM65x SR 1.0) Errata #i2037 en procesadores AM65x/DRA80xM Silicon Revision 1.0 (SPRZ452D_julio de 2018_revisado en diciembre de 2019 [1]) menciona que cuando un TLP PCIe entrante abarca m\u00e1s de dos r\u00e1fagas internas AXI de 128 bytes, el bus puede da\u00f1ar el payload del paquete y los datos da\u00f1ados pueden hacer que las aplicaciones asociadas o el procesador se cuelguen. El workaround para Errata #i2037 es limitar el tama\u00f1o m\u00e1ximo de solicitud de lectura y el tama\u00f1o m\u00e1ximo de payloas a 128 bytes. Agregar workaround para Errata #i2037 aqu\u00ed. La errata y el workaround a son aplicables solo a AM65x SR 1.0 y las versiones posteriores del silicio tendr\u00e1n esto corregido. [1] -> https://www.ti.com/lit/er/sprz452i/sprz452i.pdf"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.284",
"matchCriteriaId": "B1C17E9C-479F-4AE4-8344-B7A213DE3E83"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.226",
"matchCriteriaId": "864FC17C-501A-4823-A643-6F35D65D8A97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.167",
"matchCriteriaId": "043405A4-25FE-45D4-A7BB-2A0C3B7D17C1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.110",
"matchCriteriaId": "6B1A95FC-7E7E-428B-BB59-F76640C652AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.51",
"matchCriteriaId": "E4529134-BAC4-4776-840B-304009E181A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.10",
"matchCriteriaId": "ACDEE48C-137A-4731-90D0-A675865E1BED"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/135843c351c08df72bdd4b4ebea53c8052a76881",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/576d0fb6f8d4bd4695e70eee173a1b9c7bae9572",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/86f271f22bbb6391410a07e08d6ca3757fda01fa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/af218c803fe298ddf00abef331aa526b20d7ea61",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cfb006e185f64edbbdf7869eac352442bc76b8f6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dd47051c76c8acd8cb983f01b4d1265da29cb66a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ebbdbbc580c1695dec283d0ba6448729dc993246",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

110
CVE-2024/CVE-2024-476xx/CVE-2024-47678.json
View File

@ -2,36 +2,130 @@
"id": "CVE-2024-47678",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T12:15:04.837",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T17:58:08.720",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nicmp: change the order of rate limits\n\nICMP messages are ratelimited :\n\nAfter the blamed commits, the two rate limiters are applied in this order:\n\n1) host wide ratelimit (icmp_global_allow())\n\n2) Per destination ratelimit (inetpeer based)\n\nIn order to avoid side-channels attacks, we need to apply\nthe per destination check first.\n\nThis patch makes the following change :\n\n1) icmp_global_allow() checks if the host wide limit is reached.\n But credits are not yet consumed. This is deferred to 3)\n\n2) The per destination limit is checked/updated.\n This might add a new node in inetpeer tree.\n\n3) icmp_global_consume() consumes tokens if prior operations succeeded.\n\nThis means that host wide ratelimit is still effective\nin keeping inetpeer tree small even under DDOS.\n\nAs a bonus, I removed icmp_global.lock as the fast path\ncan use a lock-free operation."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: icmp: cambia el orden de los l\u00edmites de velocidad Los mensajes ICMP est\u00e1n limitados por velocidad: despu\u00e9s de las confirmaciones culpables, se aplican los dos limitadores de velocidad en este orden: 1) l\u00edmite de velocidad de todo el host (icmp_global_allow()) 2) l\u00edmite de velocidad por destino (basado en inetpeer) Para evitar ataques de canales secundarios, primero debemos aplicar la comprobaci\u00f3n por destino. Este parche realiza el siguiente cambio: 1) icmp_global_allow() comprueba si se ha alcanzado el l\u00edmite de todo el host. Pero a\u00fan no se han consumido los cr\u00e9ditos. Esto se pospone a 3) 2) Se comprueba/actualiza el l\u00edmite por destino. Esto podr\u00eda agregar un nuevo nodo en el \u00e1rbol inetpeer. 3) icmp_global_consume() consume tokens si las operaciones anteriores tuvieron \u00e9xito. Esto significa que el l\u00edmite de velocidad de todo el host sigue siendo eficaz para mantener peque\u00f1o el \u00e1rbol inetpeer incluso bajo DDOS. Como beneficio adicional, elimin\u00e9 icmp_global.lock ya que la ruta r\u00e1pida puede usar una operaci\u00f3n sin bloqueo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.18",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "FBD751AA-4593-4525-B2FB-57EAC7F81608"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "D448821D-C085-4CAF-88FA-2DDE7BE21976"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/483397b4ba280813e4a9c161a0a85172ddb43d19",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/662ec52260cc07b9ae53ecd3925183c29d34288b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8c2bd38b95f75f3d2a08c93e35303e26d480d24e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/997ba8889611891f91e8ad83583466aeab6239a3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a7722921adb046e3836eb84372241f32584bdb07",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

110
CVE-2024/CVE-2024-477xx/CVE-2024-47730.json
View File

@ -2,36 +2,130 @@
"id": "CVE-2024-47730",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:03.160",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T17:03:23.140",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: hisilicon/qm - inject error before stopping queue\n\nThe master ooo cannot be completely closed when the\naccelerator core reports memory error. Therefore, the driver\nneeds to inject the qm error to close the master ooo. Currently,\nthe qm error is injected after stopping queue, memory may be\nreleased immediately after stopping queue, causing the device to\naccess the released memory. Therefore, error is injected to close master\nooo before stopping queue to ensure that the device does not access\nthe released memory."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: crypto: hisilicon/qm - inyectar error antes de detener la cola El master ooo no se puede cerrar por completo cuando el n\u00facleo del acelerador informa un error de memoria. Por lo tanto, el controlador debe inyectar el error qm para cerrar el master ooo. Actualmente, el error qm se inyecta despu\u00e9s de detener la cola, la memoria puede liberarse inmediatamente despu\u00e9s de detener la cola, lo que hace que el dispositivo acceda a la memoria liberada. Por lo tanto, se inyecta un error para cerrar el master ooo antes de detener la cola para garantizar que el dispositivo no acceda a la memoria liberada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.8",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "DF0452F4-0785-476F-8776-1A8833B71888"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "D448821D-C085-4CAF-88FA-2DDE7BE21976"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/98d3be34c9153eceadb56de50d9f9347e88d86e4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aa3e0db35a60002fb34ef0e4ad203aa59fd00203",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b04f06fc0243600665b3b50253869533b7938468",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c5f5b813e546f7fe133539c3d7a5086cc8dd2aa1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f8024f12752e32ffbbf59e1c09d949f977ff743f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

110
CVE-2024/CVE-2024-477xx/CVE-2024-47731.json
View File

@ -2,36 +2,130 @@
"id": "CVE-2024-47731",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:03.260",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T17:06:14.323",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/perf: Fix ali_drw_pmu driver interrupt status clearing\n\nThe alibaba_uncore_pmu driver forgot to clear all interrupt status\nin the interrupt processing function. After the PMU counter overflow\ninterrupt occurred, an interrupt storm occurred, causing the system\nto hang.\n\nTherefore, clear the correct interrupt status in the interrupt handling\nfunction to fix it."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drivers/perf: Fix ali_drw_pmu driver interval clearing El controlador alibaba_uncore_pmu olvid\u00f3 borrar todos los estados de interrupci\u00f3n en la funci\u00f3n de procesamiento de interrupciones. Despu\u00e9s de que se produjo la interrupci\u00f3n por desbordamiento del contador de PMU, se produjo una tormenta de interrupciones, lo que provoc\u00f3 que el sistema se colgara. Por lo tanto, borre el estado de interrupci\u00f3n correcto en la funci\u00f3n de manejo de interrupciones para solucionarlo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-459"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "C9833DA6-D5C8-4B44-9B42-1FF7CB895D7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "D448821D-C085-4CAF-88FA-2DDE7BE21976"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/062b7176e484678b2c9072d28fbecea47846b274",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/24f30b34ff76648d26872dd4eaa002f074225058",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3b839d4619042b02eecdfc986484ac6e6be6acbf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/85702fddba70d2b63f5646793d77de2ad4fc3784",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a3dd920977dccc453c550260c4b7605b280b79c3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

86
CVE-2024/CVE-2024-477xx/CVE-2024-47732.json
View File

@ -2,28 +2,102 @@
"id": "CVE-2024-47732",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:03.363",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:31:03.873",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: iaa - Fix potential use after free bug\n\nThe free_device_compression_mode(iaa_device, device_mode) function frees\n\"device_mode\" but it iss passed to iaa_compression_modes[i]->free() a few\nlines later resulting in a use after free.\n\nThe good news is that, so far as I can tell, nothing implements the\n->free() function and the use after free happens in dead code. But, with\nthis fix, when something does implement it, we'll be ready. :)"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: crypto: iaa - Fix potential use after free bug La funci\u00f3n free_device_compression_mode(iaa_device, device_mode) libera \"device_mode\" pero se pasa a iaa_compression_modes[i]->free() unas l\u00edneas m\u00e1s adelante, lo que da como resultado un use after free. La buena noticia es que, hasta donde puedo decir, nada implementa la funci\u00f3n ->free() y el use after free ocurre en c\u00f3digo muerto. Pero, con esta soluci\u00f3n, cuando algo la implemente, estaremos listos. :)"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "C22AF5AC-7F54-4360-A603-8A032CC9087A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/b5d534b473e2c8d3e4560be2dd6c12a8eb9d61e9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c66f0be993ba52410edab06124c54ecf143b05c1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e0d3b845a1b10b7b5abdad7ecc69d45b2aab3209",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

86
CVE-2024/CVE-2024-477xx/CVE-2024-47733.json
View File

@ -2,28 +2,102 @@
"id": "CVE-2024-47733",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:03.450",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T17:11:29.537",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfs: Delete subtree of 'fs/netfs' when netfs module exits\n\nIn netfs_init() or fscache_proc_init(), we create dentry under 'fs/netfs',\nbut in netfs_exit(), we only delete the proc entry of 'fs/netfs' without\ndeleting its subtree. This triggers the following WARNING:\n\n==================================================================\nremove_proc_entry: removing non-empty directory 'fs/netfs', leaking at least 'requests'\nWARNING: CPU: 4 PID: 566 at fs/proc/generic.c:717 remove_proc_entry+0x160/0x1c0\nModules linked in: netfs(-)\nCPU: 4 UID: 0 PID: 566 Comm: rmmod Not tainted 6.11.0-rc3 #860\nRIP: 0010:remove_proc_entry+0x160/0x1c0\nCall Trace:\n <TASK>\n netfs_exit+0x12/0x620 [netfs]\n __do_sys_delete_module.isra.0+0x14c/0x2e0\n do_syscall_64+0x4b/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n==================================================================\n\nTherefore use remove_proc_subtree() instead of remove_proc_entry() to\nfix the above problem."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfs: Eliminar sub\u00e1rbol de 'fs/netfs' cuando el m\u00f3dulo netfs sale En netfs_init() o fscache_proc_init(), creamos una dentry bajo 'fs/netfs', pero en netfs_exit(), solo eliminamos la entrada de procedimiento de 'fs/netfs' sin eliminar su sub\u00e1rbol. Esto activa la siguiente ADVERTENCIA: == ... netfs_exit+0x12/0x620 [netfs] __do_sys_delete_module.isra.0+0x14c/0x2e0 do_syscall_64+0x4b/0x110 entry_SYSCALL_64_after_hwframe+0x76/0x7e ======================================================================= Por lo tanto, utilice remove_proc_subtree() en lugar de remove_proc_entry() para solucionar el problema anterior."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-772"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "C22AF5AC-7F54-4360-A603-8A032CC9087A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3c58a9575e02c2b90a3180007d57105ceaa7c246",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/603f95cefbee06a31b03137b777f03e3c2163d72",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7a9eaf97d56625e55b31a7beb558e1ee185ca461",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

122
CVE-2024/CVE-2024-477xx/CVE-2024-47734.json
View File

@ -2,40 +2,144 @@
"id": "CVE-2024-47734",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:03.547",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T17:16:13.457",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave()\n\nsyzbot reported a WARNING in bond_xdp_get_xmit_slave. To reproduce\nthis[1], one bond device (bond1) has xdpdrv, which increases\nbpf_master_redirect_enabled_key. Another bond device (bond0) which is\nunsupported by XDP but its slave (veth3) has xdpgeneric that returns\nXDP_TX. This triggers WARN_ON_ONCE() from the xdp_master_redirect().\nTo reduce unnecessary warnings and improve log management, we need to\ndelete the WARN_ON_ONCE() and add ratelimit to the netdev_err().\n\n[1] Steps to reproduce:\n # Needs tx_xdp with return XDP_TX;\n ip l add veth0 type veth peer veth1\n ip l add veth3 type veth peer veth4\n ip l add bond0 type bond mode 6 # BOND_MODE_ALB, unsupported by XDP\n ip l add bond1 type bond # BOND_MODE_ROUNDROBIN by default\n ip l set veth0 master bond1\n ip l set bond1 up\n # Increases bpf_master_redirect_enabled_key\n ip l set dev bond1 xdpdrv object tx_xdp.o section xdp_tx\n ip l set veth3 master bond0\n ip l set bond0 up\n ip l set veth4 up\n # Triggers WARN_ON_ONCE() from the xdp_master_redirect()\n ip l set veth3 xdpgeneric object tx_xdp.o section xdp_tx"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bonding: Corrija las advertencias y registros innecesarios de bond_xdp_get_xmit_slave() syzbot inform\u00f3 una ADVERTENCIA en bond_xdp_get_xmit_slave. Para reproducir esto[1], un dispositivo de enlace (bond1) tiene xdpdrv, que aumenta bpf_master_redirect_enabled_key. Otro dispositivo de enlace (bond0) que no es compatible con XDP pero su esclavo (veth3) tiene xdpgeneric que devuelve XDP_TX. Esto activa WARN_ON_ONCE() desde xdp_master_redirect(). Para reducir las advertencias innecesarias y mejorar la gesti\u00f3n de registros, debemos eliminar WARN_ON_ONCE() y agregar ratelimit a netdev_err(). [1] Pasos para reproducir: # Necesita tx_xdp con return XDP_TX; ip l add veth0 type veth peer veth1 ip l add veth3 type veth peer veth4 ip l add bond0 type bond mode 6 # BOND_MODE_ALB, no compatible con XDP ip l add bond1 type bond # BOND_MODE_ROUNDROBIN de forma predeterminada ip l set veth0 master bond1 ip l set bond1 up # Aumenta bpf_master_redirect_enabled_key ip l set dev bond1 xdpdrv object tx_xdp.o section xdp_tx ip l set veth3 master bond0 ip l set bond0 up ip l set veth4 up # Activa WARN_ON_ONCE() desde xdp_master_redirect() ip l set veth3 xdpgeneric object tx_xdp.o section xdp_tx"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "151D0F58-4482-4AA5-87D2-803A6F5164C1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "D448821D-C085-4CAF-88FA-2DDE7BE21976"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0cbfd45fbcf0cb26d85c981b91c62fe73cdee01c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/57b5fba55c6f8b1d83312a34bd656166fcd95658",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6b64197b4bf1a5703a8b105367baf20f1e627a75",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/72e2c0825a480e19ee999cee9d018850d38c82b9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c1be35e774f8ed415e01209fddd963c5a74e8e9f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ccd3e6ff05e5236d1b9535f23f3e6622e0bb32b8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

134
CVE-2024/CVE-2024-477xx/CVE-2024-47737.json
View File

@ -2,44 +2,158 @@
"id": "CVE-2024-47737",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:03.833",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T17:00:01.357",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: call cache_put if xdr_reserve_space returns NULL\n\nIf not enough buffer space available, but idmap_lookup has triggered\nlookup_fn which calls cache_get and returns successfully. Then we\nmissed to call cache_put here which pairs with cache_get.\n\nReviwed-by: Jeff Layton <jlayton@kernel.org>"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nfsd: llamar a cache_put si xdr_reserve_space devuelve NULL Si no hay suficiente espacio de b\u00fafer disponible, pero idmap_lookup ha activado lookup_fn que llama a cache_get y devuelve correctamente. Entonces, nos olvidamos de llamar a cache_put aqu\u00ed, que se empareja con cache_get. Revisado por: Jeff Layton "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.16",
"versionEndExcluding": "5.10.227",
"matchCriteriaId": "C0D97D0B-F854-4066-B9AF-B7EFA41FA724"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "D448821D-C085-4CAF-88FA-2DDE7BE21976"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/81821617312988096f5deccf0f7da6f888e98056",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8d0765f86135e27f0bb5c950c136495719b4c834",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9803ab882d565a8fb2dde5999d98866d1c499dfd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9f03f0016ff797932551881c7e06ae50e9c39134",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a1afbbb5276f943ad7173d0b4c626b8c75a260da",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d078cbf5c38de83bc31f83c47dcd2184c04a50c7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e32ee6a61041925d1a05c14d10352dcfce9ef029",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

134
CVE-2024/CVE-2024-477xx/CVE-2024-47739.json
View File

@ -2,44 +2,158 @@
"id": "CVE-2024-47739",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:04.017",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:58:37.707",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: use integer wrap around to prevent deadlock on seq_nr overflow\n\nWhen submitting more than 2^32 padata objects to padata_do_serial, the\ncurrent sorting implementation incorrectly sorts padata objects with\noverflowed seq_nr, causing them to be placed before existing objects in\nthe reorder list. This leads to a deadlock in the serialization process\nas padata_find_next cannot match padata->seq_nr and pd->processed\nbecause the padata instance with overflowed seq_nr will be selected\nnext.\n\nTo fix this, we use an unsigned integer wrap around to correctly sort\npadata objects in scenarios with integer overflow."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: padata: usar un envoltorio de enteros para evitar un bloqueo en el desbordamiento de seq_nr Al enviar m\u00e1s de 2^32 objetos padata a padata_do_serial, la implementaci\u00f3n de clasificaci\u00f3n actual ordena incorrectamente los objetos padata con seq_nr desbordado, lo que hace que se coloquen antes de los objetos existentes en la lista de reordenamiento. Esto conduce a un bloqueo en el proceso de serializaci\u00f3n ya que padata_find_next no puede coincidir con padata-&gt;seq_nr y pd-&gt;processed porque la instancia de padata con seq_nr desbordado se seleccionar\u00e1 a continuaci\u00f3n. Para solucionar esto, usamos un envoltorio de enteros sin signo para ordenar correctamente los objetos padata en escenarios con desbordamiento de enteros."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.10.227",
"matchCriteriaId": "114E45ED-C336-4B21-B1A8-759F9542EC7C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "D448821D-C085-4CAF-88FA-2DDE7BE21976"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1b8cf11b3ca593a8802a51802cd0c28c38501428",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1bd712de96ad7167fe0d608e706cd60587579f16",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/46c4079460f4dcaf445860679558eedef4e1bc91",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/72164d5b648951684b1a593996b37a6083c61d7d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9a22b2812393d93d84358a760c347c21939029a6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9e279e6c1f012b82628b89e1b9c65dbefa8ca25a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ab205e1c3846326f162180e56825b4ba38ce9c30",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

97
CVE-2024/CVE-2024-477xx/CVE-2024-47745.json
View File

@ -2,32 +2,115 @@
"id": "CVE-2024-47745",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:04.580",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T17:25:19.657",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: call the security_mmap_file() LSM hook in remap_file_pages()\n\nThe remap_file_pages syscall handler calls do_mmap() directly, which\ndoesn't contain the LSM security check. And if the process has called\npersonality(READ_IMPLIES_EXEC) before and remap_file_pages() is called for\nRW pages, this will actually result in remapping the pages to RWX,\nbypassing a W^X policy enforced by SELinux.\n\nSo we should check prot by security_mmap_file LSM hook in the\nremap_file_pages syscall handler before do_mmap() is called. Otherwise, it\npotentially permits an attacker to bypass a W^X policy enforced by\nSELinux.\n\nThe bypass is similar to CVE-2016-10044, which bypass the same thing via\nAIO and can be found in [1].\n\nThe PoC:\n\n$ cat > test.c\n\nint main(void) {\n\tsize_t pagesz = sysconf(_SC_PAGE_SIZE);\n\tint mfd = syscall(SYS_memfd_create, \"test\", 0);\n\tconst char *buf = mmap(NULL, 4 * pagesz, PROT_READ | PROT_WRITE,\n\t\tMAP_SHARED, mfd, 0);\n\tunsigned int old = syscall(SYS_personality, 0xffffffff);\n\tsyscall(SYS_personality, READ_IMPLIES_EXEC | old);\n\tsyscall(SYS_remap_file_pages, buf, pagesz, 0, 2, 0);\n\tsyscall(SYS_personality, old);\n\t// show the RWX page exists even if W^X policy is enforced\n\tint fd = open(\"/proc/self/maps\", O_RDONLY);\n\tunsigned char buf2[1024];\n\twhile (1) {\n\t\tint ret = read(fd, buf2, 1024);\n\t\tif (ret <= 0) break;\n\t\twrite(1, buf2, ret);\n\t}\n\tclose(fd);\n}\n\n$ gcc test.c -o test\n$ ./test | grep rwx\n7f1836c34000-7f1836c35000 rwxs 00002000 00:01 2050 /memfd:test (deleted)\n\n[PM: subject line tweaks]"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm: llamar al gancho LSM security_mmap_file() en remap_file_pages() El controlador de llamadas al sistema remap_file_pages llama a do_mmap() directamente, que no contiene la comprobaci\u00f3n de seguridad LSM. Y si el proceso ha llamado a personality(READ_IMPLIES_EXEC) antes y se llama a remap_file_pages() para p\u00e1ginas RW, esto realmente dar\u00e1 como resultado la reasignaci\u00f3n de las p\u00e1ginas a RWX, omitiendo una pol\u00edtica W^X aplicada por SELinux. Por lo tanto, deber\u00edamos comprobar prot mediante el gancho LSM security_mmap_file en el controlador de llamadas al sistema remap_file_pages antes de que se llame a do_mmap(). De lo contrario, potencialmente permite que un atacante omita una pol\u00edtica W^X aplicada por SELinux. La omisi\u00f3n es similar a CVE-2016-10044, que omite lo mismo a trav\u00e9s de AIO y se puede encontrar en [1]. La PoC: $ cat &gt; test.c int main(void) { size_t pagesz = sysconf(_SC_PAGE_SIZE); int mfd = syscall(SYS_memfd_create, \"test\", 0); const char *buf = mmap(NULL, 4 * pagesz, PROT_READ | PROT_WRITE, MAP_SHARED, mfd, 0); unsigned int old = syscall(SYS_personality, 0xffffffff); syscall(SYS_personality, READ_IMPLIES_EXEC | old); syscall(SYS_remap_file_pages, buf, pagesz, 0, 2, 0); syscall(SYS_personality, old); // muestra que la p\u00e1gina RWX existe incluso si se aplica la pol\u00edtica W^X int fd = open(\"/proc/self/maps\", O_RDONLY); unsigned char buf2[1024]; while (1) { int ret = read(fd, buf2, 1024); if (ret &lt;= 0) break; write(1, buf2, ret); } close(fd); } $ gcc test.c -o test $ ./test | grep rwx 7f1836c34000-7f1836c35000 rwxs 00002000 00:01 2050 /memfd:test (eliminado) [MP: ajustes en la l\u00ednea de asunto]"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-670"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "C071AD88-76A0-45A5-9C1C-8DA6DBF2084B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3393fddbfa947c8e1fdcc4509226905ffffd8b89",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/49d3a4ad57c57227c3b0fd6cd4188b2a5ebd6178",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ce14f38d6ee9e88e37ec28427b4b93a7c33c70d3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ea7e2d5e49c05e5db1922387b09ca74aa40f46e2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

134
CVE-2024/CVE-2024-477xx/CVE-2024-47748.json
View File

@ -2,44 +2,158 @@
"id": "CVE-2024-47748",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:04.857",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T17:28:00.460",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost_vdpa: assign irq bypass producer token correctly\n\nWe used to call irq_bypass_unregister_producer() in\nvhost_vdpa_setup_vq_irq() which is problematic as we don't know if the\ntoken pointer is still valid or not.\n\nActually, we use the eventfd_ctx as the token so the life cycle of the\ntoken should be bound to the VHOST_SET_VRING_CALL instead of\nvhost_vdpa_setup_vq_irq() which could be called by set_status().\n\nFixing this by setting up irq bypass producer's token when handling\nVHOST_SET_VRING_CALL and un-registering the producer before calling\nvhost_vring_ioctl() to prevent a possible use after free as eventfd\ncould have been released in vhost_vring_ioctl(). And such registering\nand unregistering will only be done if DRIVER_OK is set."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: vhost_vdpa: asignar correctamente el token del productor de omisi\u00f3n de irq Sol\u00edamos llamar a irq_bypass_unregister_producer() en vhost_vdpa_setup_vq_irq(), lo cual es problem\u00e1tico ya que no sabemos si el puntero del token sigue siendo v\u00e1lido o no. En realidad, usamos eventfd_ctx como token, por lo que el ciclo de vida del token deber\u00eda estar vinculado a VHOST_SET_VRING_CALL en lugar de a vhost_vdpa_setup_vq_irq(), que podr\u00eda llamarse mediante set_status(). Para solucionar esto, configuramos el token del productor de omisi\u00f3n de irq al manejar VHOST_SET_VRING_CALL y anulamos el registro del productor antes de llamar a vhost_vring_ioctl() para evitar un posible use after free, ya que eventfd podr\u00eda haberse liberado en vhost_vring_ioctl(). Y dicho registro y anulaci\u00f3n de registro solo se realizar\u00e1 si DRIVER_OK est\u00e1 configurado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.9",
"versionEndExcluding": "5.10.227",
"matchCriteriaId": "C44A23B8-33E9-4DB6-8E6F-AF0B4E5CD507"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "D448821D-C085-4CAF-88FA-2DDE7BE21976"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/02e9e9366fefe461719da5d173385b6685f70319",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0c170b1e918b9afac25e2bbd01eaa2bfc0ece8c0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7cf2fb51175cafe01df8c43fa15a06194a59c6e2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/927a2580208e0f9b0b47b08f1c802b7233a7ba3c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ca64edd7ae93402af2596a952e0d94d545e2b9c0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ec5f1b54ceb23475049ada6e7a43452cf4df88d1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fae9b1776f53aab93ab345bdbf653b991aed717d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

110
CVE-2024/CVE-2024-477xx/CVE-2024-47750.json
View File

@ -2,36 +2,130 @@
"id": "CVE-2024-47750",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:05.037",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T17:29:01.330",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix Use-After-Free of rsv_qp on HIP08\n\nCurrently rsv_qp is freed before ib_unregister_device() is called\non HIP08. During the time interval, users can still dereg MR and\nrsv_qp will be used in this process, leading to a UAF. Move the\nrelease of rsv_qp after calling ib_unregister_device() to fix it."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/hns: Se corrige el use after free de rsv_qp en HIP08 Actualmente, rsv_qp se libera antes de que se llame a ib_unregister_device() en HIP08. Durante el intervalo de tiempo, los usuarios a\u00fan pueden anular la regulaci\u00f3n de MR y rsv_qp se usar\u00e1 en este proceso, lo que genera un UAF. Mueva la liberaci\u00f3n de rsv_qp despu\u00e9s de llamar a ib_unregister_device() para solucionarlo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "F61A7CD6-359A-4A6B-8E7A-D0876BDC43AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "D448821D-C085-4CAF-88FA-2DDE7BE21976"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2ccf1c75d39949d8ea043d04a2e92d7100ea723d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/60595923371c2ebe7faf82536c47eb0c967e3425",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d2d9c5127122745da6e887f451dd248cfeffca33",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dac2723d8bfa9cf5333f477741e6e5fa1ed34645",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fd8489294dd2beefb70f12ec4f6132aeec61a4d0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

110
CVE-2024/CVE-2024-477xx/CVE-2024-47751.json
View File

@ -2,36 +2,130 @@
"id": "CVE-2024-47751",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:05.123",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T17:33:52.440",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: kirin: Fix buffer overflow in kirin_pcie_parse_port()\n\nWithin kirin_pcie_parse_port(), the pcie->num_slots is compared to\npcie->gpio_id_reset size (MAX_PCI_SLOTS) which is correct and would lead\nto an overflow.\n\nThus, fix condition to pcie->num_slots + 1 >= MAX_PCI_SLOTS and move\npcie->num_slots increment below the if-statement to avoid out-of-bounds\narray access.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[kwilczynski: commit log]"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: PCI: kirin: Se ha corregido el desbordamiento de b\u00fafer en kirin_pcie_parse_port(). En kirin_pcie_parse_port(), el tama\u00f1o de pcie-&gt;num_slots se compara con el tama\u00f1o de pcie-&gt;gpio_id_reset (MAX_PCI_SLOTS), que es correcto y provocar\u00eda un desbordamiento. Por lo tanto, se ha corregido la condici\u00f3n a pcie-&gt;num_slots + 1 &gt;= MAX_PCI_SLOTS y se ha movido el incremento de pcie-&gt;num_slots por debajo de la instrucci\u00f3n if para evitar el acceso a la matriz fuera de los l\u00edmites. Encontrado por Linux Verification Center (linuxtesting.org) con SVACE. [kwilczynski: registro de confirmaciones]"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "D448821D-C085-4CAF-88FA-2DDE7BE21976"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/6dcc5b49d6607a741a14122bf3105f3ac50d259e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/95248d7497bcbfe7deed4805469c6ff6ddd7f9d1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a5f795f9412854df28e66679c5e6b68b0b79c229",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aeb0335971806e15ac91e838ca471936c8e7efd5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c500a86693a126c9393e602741e348f80f1b0fc5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

47
CVE-2024/CVE-2024-480xx/CVE-2024-48049.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-48049",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-20T08:15:03.000",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:12:12.127",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mightyplugins:mighty_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.2",
"matchCriteriaId": "08AB5C4B-4974-4BBD-A1EE-FF3D19E48ECF"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/mighty-builder/wordpress-mighty-builder-plugin-1-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-484xx/CVE-2024-48415.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48415",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-22T22:15:05.890",
"lastModified": "2024-10-23T15:12:34.673",
"lastModified": "2024-10-23T16:35:09.317",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "itsourcecode Loan Management System v1.0 es vulnerable a cross-site scripting (XSS) a trav\u00e9s de un payload manipulado para los par\u00e1metros lastname, firstname, middlename, address, contact_no, email y tax_id en la funcionalidad de nuevos prestatarios en la p\u00e1gina Prestatarios."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.5,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/khaliquesX/CVE-2024-48415/blob/main/README.md",

39
CVE-2024/CVE-2024-486xx/CVE-2024-48652.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48652",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-22T22:15:06.057",
"lastModified": "2024-10-23T15:12:34.673",
"lastModified": "2024-10-23T16:35:10.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " La vulnerabilidad de cross-site scripting en camaleon-cms v.2.7.5 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del campo de group name de contenido."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/paragbagul111/CVE-2024-48652/",

39
CVE-2024/CVE-2024-486xx/CVE-2024-48656.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48656",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-22T22:15:06.147",
"lastModified": "2024-10-23T15:12:34.673",
"lastModified": "2024-10-23T16:35:12.613",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " Vulnerabilidad de cross-site scripting en el sistema de gesti\u00f3n de estudiantes en php con c\u00f3digo fuente v.1.0.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/LeiPudd/Student-Management-System-v1.0-has-Cross-site-Scripting-XSS-",

39
CVE-2024/CVE-2024-486xx/CVE-2024-48657.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48657",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-22T22:15:06.233",
"lastModified": "2024-10-23T15:12:34.673",
"lastModified": "2024-10-23T16:35:13.890",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " Vulnerabilidad de inyecci\u00f3n SQL en el sistema de gesti\u00f3n hospitalaria en php con c\u00f3digo fuente v.1.0.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/LeiPudd/Hospital-Management-System-v1.0-has-SQL-Injection-SQLDET-",

47
CVE-2024/CVE-2024-492xx/CVE-2024-49286.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49286",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-20T08:15:03.233",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:13:37.823",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moridrin:ssv_events:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.2.7",
"matchCriteriaId": "500E1791-C34E-4C18-8707-1732E8CA5D8F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ssv-events/wordpress-ssv-events-plugin-3-2-7-local-file-inclusion-to-rce-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-493xx/CVE-2024-49323.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49323",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-20T08:15:03.460",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:05:49.617",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sourav:all_in_one_slider:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1",
"matchCriteriaId": "95D283AB-827E-411F-B192-081B2E1AD427"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/all-in-one-slider/wordpress-all-in-one-slider-plugin-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2024/CVE-2024-493xx/CVE-2024-49328.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49328",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-20T08:15:03.667",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T17:08:31.910",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -41,8 +61,18 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vivektamrakar:wp_rest_api_fns:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.0",
"matchCriteriaId": "266FC67B-4447-4127-BB23-E79FE3E44A20"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/rest-api-fns/wordpress-wp-rest-api-fns-plugin-plugin-1-0-0-account-takeover-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-493xx/CVE-2024-49334.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49334",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-20T08:15:03.907",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:08:01.277",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:unizoewebsolutions:jlayer_parallax_slider:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0",
"matchCriteriaId": "0005017E-DBF8-4C56-B2A7-5258707DD9B8"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/jlayer-parallax-slider-wp/wordpress-jlayer-parallax-slider-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-496xx/CVE-2024-49652.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49652",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-23T16:15:06.027",
"lastModified": "2024-10-23T16:15:06.027",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in ReneeCussack 3D Work In Progress allows Upload a Web Shell to a Web Server.This issue affects 3D Work In Progress: from n/a through 1.0.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/renee-work-in-progress/wordpress-3d-work-in-progress-plugin-1-0-3-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-496xx/CVE-2024-49653.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49653",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-23T16:15:06.243",
"lastModified": "2024-10-23T16:15:06.243",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in James Eggers Portfolleo portfolleo allows Upload a Web Shell to a Web Server.This issue affects Portfolleo: from n/a through 1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/portfolleo/wordpress-portfolleo-plugin-1-2-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-496xx/CVE-2024-49657.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49657",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-23T16:15:06.450",
"lastModified": "2024-10-23T16:15:06.450",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in ReneeCussack 3D Work In Progress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D Work In Progress: from n/a through 1.0.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/renee-work-in-progress/wordpress-3d-work-in-progress-plugin-1-0-3-arbitrary-file-deletion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-496xx/CVE-2024-49658.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49658",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-23T16:15:06.660",
"lastModified": "2024-10-23T16:15:06.660",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Ecomerciar Woocommerce Custom Profile Picture allows Upload a Web Shell to a Web Server.This issue affects Woocommerce Custom Profile Picture: from n/a through 1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woo-custom-profile-picture/wordpress-woocommerce-custom-profile-picture-plugin-1-0-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-496xx/CVE-2024-49668.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49668",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-23T16:15:06.970",
"lastModified": "2024-10-23T16:15:06.970",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Admin Verbalize WP Upload a Web Shell to a Web Server.This issue affects Verbalize WP: from n/a through 1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/verbalize-wp/wordpress-verbalize-wp-plugin-1-0-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-496xx/CVE-2024-49669.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49669",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-23T16:15:07.330",
"lastModified": "2024-10-23T16:15:07.330",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Alexander De Ridder INK Official allows Upload a Web Shell to a Web Server.This issue affects INK Official: from n/a through 4.1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ink-official/wordpress-ink-official-plugin-4-1-2-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-496xx/CVE-2024-49671.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49671",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-23T16:15:08.260",
"lastModified": "2024-10-23T16:15:08.260",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Dogu Pekgoz AI Image Generator for Your Content & Featured Images \u2013 AI Postpix allows Upload a Web Shell to a Web Server.This issue affects AI Image Generator for Your Content & Featured Images \u2013 AI Postpix: from n/a through 1.1.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ai-postpix/wordpress-ai-postpix-plugin-1-1-8-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-496xx/CVE-2024-49676.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49676",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-23T16:15:09.040",
"lastModified": "2024-10-23T16:15:09.040",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Michael Bourne Custom Icons for Elementor allows Upload a Web Shell to a Web Server.This issue affects Custom Icons for Elementor: from n/a through 0.3.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/custom-icons-for-elementor/wordpress-custom-icons-for-elementor-plugin-0-3-3-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-496xx/CVE-2024-49684.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49684",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-23T16:15:09.620",
"lastModified": "2024-10-23T16:15:09.620",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in Revmakx Backup and Staging by WP Time Capsule allows Object Injection.This issue affects Backup and Staging by WP Time Capsule: from n/a through 1.22.21."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-time-capsule/wordpress-backup-and-staging-by-wp-time-capsule-plugin-1-22-21-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-496xx/CVE-2024-49690.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49690",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-23T16:15:09.867",
"lastModified": "2024-10-23T16:15:09.867",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Qode Interactive Qi Blocks.This issue affects Qi Blocks: from n/a through 1.3.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/qi-blocks/wordpress-qi-blocks-plugin-1-3-2-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-497xx/CVE-2024-49701.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49701",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-23T16:15:10.097",
"lastModified": "2024-10-23T16:15:10.097",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Theme Horse Mags.This issue affects Mags: from n/a through 1.1.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/mags/wordpress-mags-theme-1-1-6-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

82
CVE-2024/CVE-2024-497xx/CVE-2024-49751.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2024-49751",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-10-23T16:15:10.310",
"lastModified": "2024-10-23T16:15:10.310",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). Prior to commit 5d118a902872d7941f099ad1fb918e2421e79ccd, a user could inject HTML through SaaS signup inputs. The user who injected the unsafe HTML code would only affect themselves and would not affect other users. Commit 5d118a902872d7941f099ad1fb918e2421e79ccd patches this bug."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "ACTIVE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "LOW",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "UNREPORTED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 1.2,
"baseSeverity": "LOW"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/frappe/press/commit/5d118a902872d7941f099ad1fb918e2421e79ccd",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/frappe/press/security/advisories/GHSA-rf69-h96f-rf2j",
"source": "security-advisories@github.com"
}
]
}

68
CVE-2024/CVE-2024-497xx/CVE-2024-49756.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-49756",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-10-23T17:15:19.250",
"lastModified": "2024-10-23T17:15:19.250",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "AshPostgres is the PostgreSQL data layer for Ash Framework. Starting in version 2.0.0 and prior to version 2.4.10, in certain very specific situations, it was possible for the policies of an update action to be skipped. This occurred only on \"empty\" update actions (no changing fields), and would allow their hooks (side effects) to be performed when they should not have been. Note that this does not allow reading new data that the user should not have had access to, only triggering a side effect a user should not have been able to trigger.\n\nTo be vulnerable, an affected user must have an update action that is on a resource with no attributes containing an \"update default\" (updated_at timestamp, for example); can be performed atomically; does not have `require_atomic? false`; has at least one authorizer (typically `Ash.Policy.Authorizer`); and has at least one `change` (on the resource's `changes` block or in the action itself). This is where the side-effects would be performed when they should not have been.\n\nThis problem has been patched in `2.4.10` of `ash_postgres`. Several workarounds are available. Potentially affected users may determine that none of their actions are vulnerable using a script the maintainers provide in the GitHub Security Advisory, add `require_atomic? false` to any potentially affected update action, replace any usage of `Ash.update` with `Ash.bulk_update` for an affected action, and/or add an update timestamp to their action."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
}
],
"references": [
{
"url": "https://elixirforum.com/t/empty-update-action-with-policies/66954",
"source": "security-advisories@github.com"
},
{
"url": "https://gist.github.com/zachdaniel/e49166b765978c48dfaf998d06df436e",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/ash-project/ash_postgres/commit/1228fcd851f29a68609e236f7d6a2622a4b5c4ba",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/ash-project/ash_postgres/security/advisories/GHSA-hf59-7rwq-785m",
"source": "security-advisories@github.com"
}
]
}

134
CVE-2024/CVE-2024-498xx/CVE-2024-49851.json
View File

@ -2,44 +2,158 @@
"id": "CVE-2024-49851",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:05.883",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:00:52.597",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Clean up TPM space after command failure\n\ntpm_dev_transmit prepares the TPM space before attempting command\ntransmission. However if the command fails no rollback of this\npreparation is done. This can result in transient handles being leaked\nif the device is subsequently closed with no further commands performed.\n\nFix this by flushing the space in the event of command transmission\nfailure."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tpm: Limpiar el espacio TPM despu\u00e9s de un error de comando tpm_dev_transmit prepara el espacio TPM antes de intentar la transmisi\u00f3n del comando. Sin embargo, si el comando falla, no se realiza ninguna reversi\u00f3n de esta preparaci\u00f3n. Esto puede provocar que se filtren los identificadores transitorios si el dispositivo se cierra posteriormente sin que se realicen m\u00e1s comandos. Solucione esto vaciando el espacio en caso de que falle la transmisi\u00f3n del comando."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-459"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.12",
"versionEndExcluding": "5.10.227",
"matchCriteriaId": "8E629794-ADD6-44B5-8F8E-B768F34539E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "D448821D-C085-4CAF-88FA-2DDE7BE21976"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2c9b228938e9266a1065a3f4fe5c99b7235dc439",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3f9f72d843c92fb6f4ff7460d774413cde7f254c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/82478cb8a23bd4f97935bbe60d64528c6d9918b4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/adf4ce162561222338cf2c9a2caa294527f7f721",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c84ceb546f30432fccea4891163f7050f5bee5dd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e3aaebcbb7c6b403416f442d1de70d437ce313a7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ebc4e1f4492d114f9693950621b3ea42b2f82bec",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

122
CVE-2024/CVE-2024-498xx/CVE-2024-49852.json
View File

@ -2,40 +2,144 @@
"id": "CVE-2024-49852",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:05.977",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:14:01.857",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: elx: libefc: Fix potential use after free in efc_nport_vport_del()\n\nThe kref_put() function will call nport->release if the refcount drops to\nzero. The nport->release release function is _efc_nport_free() which frees\n\"nport\". But then we dereference \"nport\" on the next line which is a use\nafter free. Re-order these lines to avoid the use after free."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: elx: libefc: Se corrige el potencial use after freea nport-&gt;release si el recuento de referencias cae a cero. La funci\u00f3n de liberaci\u00f3n nport-&gt;release es _efc_nport_free() que libera \"nport\". Pero luego desreferenciamos \"nport\" en la siguiente l\u00ednea que es un use after free. Reordena estas l\u00edneas para evitar el use after free."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.14",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "5CD3CB21-008A-4AF9-9337-0FF92043AE5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "D448821D-C085-4CAF-88FA-2DDE7BE21976"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/16a570f07d870a285b0c0b0d1ca4dff79e8aa5ff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2e4b02fad094976763af08fec2c620f4f8edd9ae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7c2908985e4ae0ea1b526b3916de9e5351650908",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/98752fcd076a8cbc978016eae7125b4971be1eec",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/abc71e89170ed32ecf0a5a29f31aa711e143e941",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/baeb8628ab7f4577740f00e439d3fdf7c876b0ff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

110
CVE-2024/CVE-2024-498xx/CVE-2024-49853.json
View File

@ -2,36 +2,130 @@
"id": "CVE-2024-49853",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:06.083",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:14:30.750",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Fix double free in OPTEE transport\n\nChannels can be shared between protocols, avoid freeing the same channel\ndescriptors twice when unloading the stack."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: firmware: arm_scmi: Correcci\u00f3n de doble liberaci\u00f3n en el transporte OPTEE Los canales se pueden compartir entre protocolos, evitando liberar los mismos descriptores de canal dos veces al descargar la pila."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "F61A7CD6-359A-4A6B-8E7A-D0876BDC43AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "D448821D-C085-4CAF-88FA-2DDE7BE21976"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/6699567b0bbb378600a4dc0a1f929439a4e84a2c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aef6ae124bb3cc12e34430fed91fbb7efd7a444d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d7f4fc2bc101e666da649605a9ece2bd42529c7a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dc9543a4f2a5498a4a12d6d2427492a6f1a28056",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e98dba934b2fc587eafb83f47ad64d9053b18ae0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

122
CVE-2024/CVE-2024-498xx/CVE-2024-49854.json
View File

@ -2,40 +2,144 @@
"id": "CVE-2024-49854",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:06.203",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:29:32.857",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix uaf for accessing waker_bfqq after splitting\n\nAfter commit 42c306ed7233 (\"block, bfq: don't break merge chain in\nbfq_split_bfqq()\"), if the current procress is the last holder of bfqq,\nthe bfqq can be freed after bfq_split_bfqq(). Hence recored the bfqq and\nthen access bfqq->waker_bfqq may trigger UAF. What's more, the waker_bfqq\nmay in the merge chain of bfqq, hence just recored waker_bfqq is still\nnot safe.\n\nFix the problem by adding a helper bfq_waker_bfqq() to check if\nbfqq->waker_bfqq is in the merge chain, and current procress is the only\nholder."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bloqueo, bfq: arregle uaf por acceder waker_bfqq despues de separar Despu\u00e9s de el commit 42c306ed7233 (\"block, bfq: don't break merge chain in bfq_split_bfqq()\"), si el proceso actual es el \u00faltimo contenedor de bfqq, el bfqq se puede liberar despu\u00e9s de bfq_split_bfqq(). Por lo tanto, grabar el bfqq y luego acceder a bfqq-&gt;waker_bfqq puede activar UAF. Adem\u00e1s, waker_bfqq puede estar en la cadena de fusi\u00f3n de bfqq, por lo tanto, grabar solo waker_bfqq sigue sin ser seguro. Solucione el problema a\u00f1adiendo un ayudante bfq_waker_bfqq() para comprobar si bfqq-&gt;waker_bfqq est\u00e1 en la cadena de fusi\u00f3n y el proceso actual es el \u00fanico contenedor."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10.227",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "A18D7AFF-3C9E-46FF-B2A9-3CEB860CD094"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "D448821D-C085-4CAF-88FA-2DDE7BE21976"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0780451f03bf518bc032a7c584de8f92e2d39d7f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0b8bda0ff17156cd3f60944527c9d8c9f99f1583",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1ba0403ac6447f2d63914fb760c44a3b19c44eaf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/63a07379fdb6c72450cb05294461c6016b8b7726",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cae58d19121a70329cf971359e2518c93fec04fe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/de0456460f2abf921e356ed2bd8da87a376680bd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

122
CVE-2024/CVE-2024-498xx/CVE-2024-49856.json
View File

@ -2,40 +2,144 @@
"id": "CVE-2024-49856",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:06.353",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:33:20.857",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/sgx: Fix deadlock in SGX NUMA node search\n\nWhen the current node doesn't have an EPC section configured by firmware\nand all other EPC sections are used up, CPU can get stuck inside the\nwhile loop that looks for an available EPC page from remote nodes\nindefinitely, leading to a soft lockup. Note how nid_of_current will\nnever be equal to nid in that while loop because nid_of_current is not\nset in sgx_numa_mask.\n\nAlso worth mentioning is that it's perfectly fine for the firmware not\nto setup an EPC section on a node. While setting up an EPC section on\neach node can enhance performance, it is not a requirement for\nfunctionality.\n\nRework the loop to start and end on *a* node that has SGX memory. This\navoids the deadlock looking for the current SGX-lacking node to show up\nin the loop when it never will."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86/sgx: Se solucion\u00f3 el bloqueo en la b\u00fasqueda de nodos NUMA de SGX Cuando el nodo actual no tiene una secci\u00f3n EPC configurada por el firmware y todas las dem\u00e1s secciones EPC est\u00e1n agotadas, la CPU puede quedar atrapada dentro del bucle while que busca una p\u00e1gina EPC disponible de los nodos remotos de forma indefinida, lo que lleva a un bloqueo suave. Tenga en cuenta que nid_of_current nunca ser\u00e1 igual a nid en ese bucle while porque nid_of_current no est\u00e1 configurado en sgx_numa_mask. Tambi\u00e9n vale la pena mencionar que est\u00e1 perfectamente bien que el firmware no configure una secci\u00f3n EPC en un nodo. Si bien configurar una secci\u00f3n EPC en cada nodo puede mejorar el rendimiento, no es un requisito para la funcionalidad. Rehaga el bucle para que comience y termine en *un* nodo que tenga memoria SGX. Esto evita el bloqueo que busca el nodo actual que carece de SGX para que aparezca en el bucle cuando nunca lo har\u00e1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.13",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "71269D77-D25F-4909-8E7A-405593B279FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "D448821D-C085-4CAF-88FA-2DDE7BE21976"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0f89fb4042c08fd143bfc28af08bf6c8a0197eea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/20c96d0aaabfe361fc2a11c173968dc67feadbbf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/40fb64257dab507d86b5f1f2a62f3669ef0c91a8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8132510c915815e6b537ab937d94ed66893bc7b8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9c936844010466535bd46ea4ce4656ef17653644",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fb2d057539eda67ec7cfc369bf587e6518a9b99d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

133
CVE-2024/CVE-2024-498xx/CVE-2024-49858.json
View File

@ -2,44 +2,157 @@
"id": "CVE-2024-49858",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:06.543",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:35:10.097",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nefistub/tpm: Use ACPI reclaim memory for event log to avoid corruption\n\nThe TPM event log table is a Linux specific construct, where the data\nproduced by the GetEventLog() boot service is cached in memory, and\npassed on to the OS using an EFI configuration table.\n\nThe use of EFI_LOADER_DATA here results in the region being left\nunreserved in the E820 memory map constructed by the EFI stub, and this\nis the memory description that is passed on to the incoming kernel by\nkexec, which is therefore unaware that the region should be reserved.\n\nEven though the utility of the TPM2 event log after a kexec is\nquestionable, any corruption might send the parsing code off into the\nweeds and crash the kernel. So let's use EFI_ACPI_RECLAIM_MEMORY\ninstead, which is always treated as reserved by the E820 conversion\nlogic."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: efistub/tpm: Utilizar la memoria de recuperaci\u00f3n ACPI para el registro de eventos para evitar la corrupci\u00f3n La tabla de registro de eventos TPM es una construcci\u00f3n espec\u00edfica de Linux, donde los datos producidos por el servicio de arranque GetEventLog() se almacenan en cach\u00e9 en la memoria y se pasan al sistema operativo mediante una tabla de configuraci\u00f3n EFI. El uso de EFI_LOADER_DATA aqu\u00ed da como resultado que la regi\u00f3n quede sin reservar en el mapa de memoria E820 construido por el stub EFI, y esta es la descripci\u00f3n de memoria que se pasa al kernel entrante por kexec, que por lo tanto no sabe que la regi\u00f3n debe reservarse. Aunque la utilidad del registro de eventos TPM2 despu\u00e9s de un kexec es cuestionable, cualquier corrupci\u00f3n podr\u00eda enviar el c\u00f3digo de an\u00e1lisis a la maleza y bloquear el kernel. As\u00ed que usemos EFI_ACPI_RECLAIM_MEMORY en su lugar, que siempre se trata como reservado por la l\u00f3gica de conversi\u00f3n E820."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.227",
"matchCriteriaId": "EB525A44-6338-4857-AD90-EA2860D1AD1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "D448821D-C085-4CAF-88FA-2DDE7BE21976"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/11690d7e76842f29b60fbb5b35bc97d206ea0e83",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/19fd2f2c5fb36b61506d3208474bfd8fdf1cada3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2e6871a632a99d9b9e2ce3a7847acabe99e5a26e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/38d9b07d99b789efb6d8dda21f1aaad636c38993",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5b22c038fb2757c652642933de5664da471f8cb7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/77d48d39e99170b528e4f2e9fc5d1d64cdedd386",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f76b69ab9cf04358266e3cea5748c0c2791fbb08",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

134
CVE-2024/CVE-2024-498xx/CVE-2024-49860.json
View File

@ -2,44 +2,158 @@
"id": "CVE-2024-49860",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:06.723",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:44:58.473",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: sysfs: validate return type of _STR method\n\nOnly buffer objects are valid return values of _STR.\n\nIf something else is returned description_show() will access invalid\nmemory."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ACPI: sysfs: validar el tipo de retorno del m\u00e9todo _STR. Solo los objetos de b\u00fafer son valores de retorno v\u00e1lidos de _STR. Si se devuelve algo diferente, description_show() acceder\u00e1 a memoria no v\u00e1lida."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.7",
"versionEndExcluding": "5.10.227",
"matchCriteriaId": "3B73A13A-D7BE-4035-BEF2-2821D9D5CB6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "D448821D-C085-4CAF-88FA-2DDE7BE21976"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0cdfb9178a3bba843c95c2117c82c15f1a64b9ce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4b081991c4363e072e1748efed0bbec8a77daba5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4bb1e7d027413835b086aed35bc3f0713bc0f72b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5c8d007c14aefc3f2ddf71e4c40713733dc827be",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f0921ecd4ddc14646bb5511f49db4d7d3b0829f0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f51e5a88f2e7224858b261546cf6b3037dfb1323",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f51f711d36e61fbb87c67b524fd200e05172668d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

98
CVE-2024/CVE-2024-498xx/CVE-2024-49861.json
View File

@ -2,32 +2,116 @@
"id": "CVE-2024-49861",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:06.800",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:48:47.573",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix helper writes to read-only maps\n\nLonial found an issue that despite user- and BPF-side frozen BPF map\n(like in case of .rodata), it was still possible to write into it from\na BPF program side through specific helpers having ARG_PTR_TO_{LONG,INT}\nas arguments.\n\nIn check_func_arg() when the argument is as mentioned, the meta->raw_mode\nis never set. Later, check_helper_mem_access(), under the case of\nPTR_TO_MAP_VALUE as register base type, it assumes BPF_READ for the\nsubsequent call to check_map_access_type() and given the BPF map is\nread-only it succeeds.\n\nThe helpers really need to be annotated as ARG_PTR_TO_{LONG,INT} | MEM_UNINIT\nwhen results are written into them as opposed to read out of them. The\nlatter indicates that it's okay to pass a pointer to uninitialized memory\nas the memory is written to anyway.\n\nHowever, ARG_PTR_TO_{LONG,INT} is a special case of ARG_PTR_TO_FIXED_SIZE_MEM\njust with additional alignment requirement. So it is better to just get\nrid of the ARG_PTR_TO_{LONG,INT} special cases altogether and reuse the\nfixed size memory types. For this, add MEM_ALIGNED to additionally ensure\nalignment given these helpers write directly into the args via *<ptr> = val.\nThe .arg*_size has been initialized reflecting the actual sizeof(*<ptr>).\n\nMEM_ALIGNED can only be used in combination with MEM_FIXED_SIZE annotated\nargument types, since in !MEM_FIXED_SIZE cases the verifier does not know\nthe buffer size a priori and therefore cannot blindly write *<ptr> = val."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: Arregla las escrituras del ayudante en mapas de solo lectura Lonial encontr\u00f3 un problema que a pesar del mapa BPF congelado del lado del usuario y del BPF (como en el caso de .rodata), a\u00fan era posible escribir en \u00e9l desde el lado del programa BPF a trav\u00e9s de ayudantes espec\u00edficos que tienen ARG_PTR_TO_{LONG,INT} como argumentos. En check_func_arg() cuando el argumento es como se menciona, el meta-&gt;raw_mode nunca se establece. M\u00e1s tarde, check_helper_mem_access(), bajo el caso de PTR_TO_MAP_VALUE como tipo base de registro, asume BPF_READ para la llamada posterior a check_map_access_type() y dado que el mapa BPF es de solo lectura, tiene \u00e9xito. Los ayudantes realmente necesitan ser anotados como ARG_PTR_TO_{LONG,INT} | MEM_UNINIT cuando los resultados se escriben en ellos en lugar de leerse de ellos. Este \u00faltimo indica que est\u00e1 bien pasar un puntero a la memoria no inicializada, ya que la memoria se escribe de todos modos. Sin embargo, ARG_PTR_TO_{LONG,INT} es un caso especial de ARG_PTR_TO_FIXED_SIZE_MEM solo que con un requisito de alineaci\u00f3n adicional. Por lo tanto, es mejor deshacerse de los casos especiales ARG_PTR_TO_{LONG,INT} por completo y reutilizar los tipos de memoria de tama\u00f1o fijo. Para esto, agregue MEM_ALIGNED para garantizar adicionalmente la alineaci\u00f3n dado que estos ayudantes escriben directamente en los argumentos a trav\u00e9s de * = val. El .arg*_size se ha inicializado reflejando el tama\u00f1o real de (*). MEM_ALIGNED solo se puede usar en combinaci\u00f3n con los tipos de argumentos anotados MEM_FIXED_SIZE, ya que en los casos !MEM_FIXED_SIZE el verificador no conoce el tama\u00f1o del b\u00fafer a priori y, por lo tanto, no puede escribir ciegamente * = val."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.2",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "1C50745E-F1ED-43B5-A0AA-2ECE7194E14C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1e75d25133158b525e0456876e9bcfd6b2993fd5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2ed98ee02d1e08afee88f54baec39ea78dc8a23c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/32556ce93bc45c730829083cb60f95a2728ea48b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a2c8dc7e21803257e762b0bf067fd13e9c995da0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

98
CVE-2024/CVE-2024-498xx/CVE-2024-49862.json
View File

@ -2,32 +2,116 @@
"id": "CVE-2024-49862",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T13:15:06.893",
"lastModified": "2024-10-21T17:09:45.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-23T16:53:51.050",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowercap: intel_rapl: Fix off by one in get_rpi()\n\nThe rp->priv->rpi array is either rpi_msr or rpi_tpmi which have\nNR_RAPL_PRIMITIVES number of elements. Thus the > needs to be >=\nto prevent an off by one access."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: powercap: intel_rapl: Arreglo de un byte en get_rpi() La matriz rp-&gt;priv-&gt;rpi es rpi_msr o rpi_tpmi, que tienen una cantidad de elementos NR_RAPL_PRIMITIVES. Por lo tanto, el &gt; debe ser &gt;= para evitar un acceso de un byte."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-193"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.5",
"versionEndExcluding": "6.6.54",
"matchCriteriaId": "533A887F-F2B4-4445-8C73-11A8013D0A01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.13",
"matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.2",
"matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/288cbc505e2046638c615c36357cb78bc9fee1e0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6a34f3b0d7f11fb6ed72da315fd2360abd9c0737",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/851e7f7f14a15f4e47b7d0f70d5c4a2b95b824d6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/95f6580352a7225e619551febb83595bcb77ab17",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

33
CVE-2024/CVE-2024-503xx/CVE-2024-50382.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-50382",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-23T17:15:19.453",
"lastModified": "2024-10-23T17:15:19.453",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in AES-GCM. There is a branch instead of an XOR with carry. This was observed for Clang in LLVM 15 on RISC-V."
}
],
"metrics": {},
"references": [
{
"url": "https://arxiv.org/pdf/2410.13489",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/randombit/botan/commit/53b0cfde580e86b03d0d27a488b6c134f662e957",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/randombit/botan/compare/3.5.0...3.6.0",
"source": "cve@mitre.org"
},
{
"url": "https://news.ycombinator.com/item?id=41887153",
"source": "cve@mitre.org"
}
]
}

33
CVE-2024/CVE-2024-503xx/CVE-2024-50383.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-50383",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-23T17:15:19.540",
"lastModified": "2024-10-23T17:15:19.540",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 (used in Chacha-Poly1305 and x25519). An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i386. (Only 32-bit processors can be affected.)"
}
],
"metrics": {},
"references": [
{
"url": "https://arxiv.org/pdf/2410.13489",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/randombit/botan/commit/53b0cfde580e86b03d0d27a488b6c134f662e957",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/randombit/botan/compare/3.5.0...3.6.0",
"source": "cve@mitre.org"
},
{
"url": "https://news.ycombinator.com/item?id=41887153",
"source": "cve@mitre.org"
}
]
}

14
CVE-2024/CVE-2024-60xx/CVE-2024-6010.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-6010",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-07T12:15:12.067",
"lastModified": "2024-09-26T16:06:15.677",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-23T16:15:10.483",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Cost Calculator Builder PRO plugin for WordPress is vulnerable to price manipulation in all versions up to, and including, 3.1.96. This is due to the plugin allowing the price field to be manipulated prior to processing via the 'create_cc_order' function, called from the Cost Calculator Builder plugin. This makes it possible for unauthenticated attackers to manipulate the price of orders submitted via the calculator. Note: this vulnerability was partially patched with the release of Cost Calculator Builder version 3.2.17."
"value": "The Cost Calculator Builder PRO plugin for WordPress is vulnerable to price manipulation in all versions up to, and including, 3.2.1. This is due to the plugin allowing the price field to be manipulated prior to processing via the 'create_cc_order' function, called from the Cost Calculator Builder plugin. This makes it possible for unauthenticated attackers to manipulate the price of orders submitted via the calculator. Note: this vulnerability was partially patched with the release of Cost Calculator Builder version 3.2.17."
},
{
"lang": "es",
@ -80,6 +80,10 @@
}
],
"references": [
{
"url": "https://docs.stylemixthemes.com/cost-calculator-builder/changelog-1/changelog-pro-version",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/cost-calculator-builder/trunk/frontend/dist/order.js",
"source": "security@wordfence.com",
@ -87,6 +91,10 @@
"Issue Tracking"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3172590/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fc04e676-e394-488e-a239-95af5f865613?source=cve",
"source": "security@wordfence.com",

102
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-10-23T16:00:54.822569+00:00
2024-10-23T18:00:25.728102+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-10-23T15:53:06.410000+00:00
2024-10-23T17:58:08.720000+00:00
```
### Last Data Feed Release
@ -33,61 +33,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
266802
266841
```
### CVEs added in the last Commit
Recently added CVEs: `17`
Recently added CVEs: `39`
- [CVE-2024-10041](CVE-2024/CVE-2024-100xx/CVE-2024-10041.json) (`2024-10-23T14:15:03.970`)
- [CVE-2024-10250](CVE-2024/CVE-2024-102xx/CVE-2024-10250.json) (`2024-10-23T14:15:04.197`)
- [CVE-2024-10280](CVE-2024/CVE-2024-102xx/CVE-2024-10280.json) (`2024-10-23T14:15:04.500`)
- [CVE-2024-10281](CVE-2024/CVE-2024-102xx/CVE-2024-10281.json) (`2024-10-23T14:15:04.773`)
- [CVE-2024-10282](CVE-2024/CVE-2024-102xx/CVE-2024-10282.json) (`2024-10-23T15:15:29.590`)
- [CVE-2024-10283](CVE-2024/CVE-2024-102xx/CVE-2024-10283.json) (`2024-10-23T15:15:29.850`)
- [CVE-2024-10290](CVE-2024/CVE-2024-102xx/CVE-2024-10290.json) (`2024-10-23T15:15:30.110`)
- [CVE-2024-30122](CVE-2024/CVE-2024-301xx/CVE-2024-30122.json) (`2024-10-23T15:15:30.390`)
- [CVE-2024-47575](CVE-2024/CVE-2024-475xx/CVE-2024-47575.json) (`2024-10-23T15:15:30.707`)
- [CVE-2024-47901](CVE-2024/CVE-2024-479xx/CVE-2024-47901.json) (`2024-10-23T15:15:30.930`)
- [CVE-2024-47902](CVE-2024/CVE-2024-479xx/CVE-2024-47902.json) (`2024-10-23T15:15:31.163`)
- [CVE-2024-47903](CVE-2024/CVE-2024-479xx/CVE-2024-47903.json) (`2024-10-23T15:15:31.397`)
- [CVE-2024-47904](CVE-2024/CVE-2024-479xx/CVE-2024-47904.json) (`2024-10-23T15:15:31.687`)
- [CVE-2024-49370](CVE-2024/CVE-2024-493xx/CVE-2024-49370.json) (`2024-10-23T15:15:31.987`)
- [CVE-2024-49675](CVE-2024/CVE-2024-496xx/CVE-2024-49675.json) (`2024-10-23T15:15:32.120`)
- [CVE-2024-50050](CVE-2024/CVE-2024-500xx/CVE-2024-50050.json) (`2024-10-23T14:15:05.087`)
- [CVE-2024-5764](CVE-2024/CVE-2024-57xx/CVE-2024-5764.json) (`2024-10-23T15:15:32.340`)
- [CVE-2024-20300](CVE-2024/CVE-2024-203xx/CVE-2024-20300.json) (`2024-10-23T17:15:17.253`)
- [CVE-2024-20329](CVE-2024/CVE-2024-203xx/CVE-2024-20329.json) (`2024-10-23T17:15:17.457`)
- [CVE-2024-20330](CVE-2024/CVE-2024-203xx/CVE-2024-20330.json) (`2024-10-23T17:15:17.663`)
- [CVE-2024-20331](CVE-2024/CVE-2024-203xx/CVE-2024-20331.json) (`2024-10-23T17:15:17.870`)
- [CVE-2024-20339](CVE-2024/CVE-2024-203xx/CVE-2024-20339.json) (`2024-10-23T17:15:18.097`)
- [CVE-2024-20340](CVE-2024/CVE-2024-203xx/CVE-2024-20340.json) (`2024-10-23T17:15:18.300`)
- [CVE-2024-20341](CVE-2024/CVE-2024-203xx/CVE-2024-20341.json) (`2024-10-23T17:15:18.493`)
- [CVE-2024-20342](CVE-2024/CVE-2024-203xx/CVE-2024-20342.json) (`2024-10-23T17:15:18.703`)
- [CVE-2024-20351](CVE-2024/CVE-2024-203xx/CVE-2024-20351.json) (`2024-10-23T17:15:18.913`)
- [CVE-2024-30124](CVE-2024/CVE-2024-301xx/CVE-2024-30124.json) (`2024-10-23T16:15:05.667`)
- [CVE-2024-49652](CVE-2024/CVE-2024-496xx/CVE-2024-49652.json) (`2024-10-23T16:15:06.027`)
- [CVE-2024-49653](CVE-2024/CVE-2024-496xx/CVE-2024-49653.json) (`2024-10-23T16:15:06.243`)
- [CVE-2024-49657](CVE-2024/CVE-2024-496xx/CVE-2024-49657.json) (`2024-10-23T16:15:06.450`)
- [CVE-2024-49658](CVE-2024/CVE-2024-496xx/CVE-2024-49658.json) (`2024-10-23T16:15:06.660`)
- [CVE-2024-49668](CVE-2024/CVE-2024-496xx/CVE-2024-49668.json) (`2024-10-23T16:15:06.970`)
- [CVE-2024-49669](CVE-2024/CVE-2024-496xx/CVE-2024-49669.json) (`2024-10-23T16:15:07.330`)
- [CVE-2024-49671](CVE-2024/CVE-2024-496xx/CVE-2024-49671.json) (`2024-10-23T16:15:08.260`)
- [CVE-2024-49676](CVE-2024/CVE-2024-496xx/CVE-2024-49676.json) (`2024-10-23T16:15:09.040`)
- [CVE-2024-49684](CVE-2024/CVE-2024-496xx/CVE-2024-49684.json) (`2024-10-23T16:15:09.620`)
- [CVE-2024-49690](CVE-2024/CVE-2024-496xx/CVE-2024-49690.json) (`2024-10-23T16:15:09.867`)
- [CVE-2024-49701](CVE-2024/CVE-2024-497xx/CVE-2024-49701.json) (`2024-10-23T16:15:10.097`)
- [CVE-2024-49751](CVE-2024/CVE-2024-497xx/CVE-2024-49751.json) (`2024-10-23T16:15:10.310`)
- [CVE-2024-49756](CVE-2024/CVE-2024-497xx/CVE-2024-49756.json) (`2024-10-23T17:15:19.250`)
- [CVE-2024-50382](CVE-2024/CVE-2024-503xx/CVE-2024-50382.json) (`2024-10-23T17:15:19.453`)
- [CVE-2024-50383](CVE-2024/CVE-2024-503xx/CVE-2024-50383.json) (`2024-10-23T17:15:19.540`)
### CVEs modified in the last Commit
Recently modified CVEs: `469`
Recently modified CVEs: `57`
- [CVE-2024-50066](CVE-2024/CVE-2024-500xx/CVE-2024-50066.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-50311](CVE-2024/CVE-2024-503xx/CVE-2024-50311.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-50312](CVE-2024/CVE-2024-503xx/CVE-2024-50312.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-7587](CVE-2024/CVE-2024-75xx/CVE-2024-7587.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-8500](CVE-2024/CVE-2024-85xx/CVE-2024-8500.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-8852](CVE-2024/CVE-2024-88xx/CVE-2024-8852.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-8901](CVE-2024/CVE-2024-89xx/CVE-2024-8901.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-8980](CVE-2024/CVE-2024-89xx/CVE-2024-8980.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-9050](CVE-2024/CVE-2024-90xx/CVE-2024-9050.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-9129](CVE-2024/CVE-2024-91xx/CVE-2024-9129.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-9231](CVE-2024/CVE-2024-92xx/CVE-2024-9231.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-9287](CVE-2024/CVE-2024-92xx/CVE-2024-9287.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-9530](CVE-2024/CVE-2024-95xx/CVE-2024-9530.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-9541](CVE-2024/CVE-2024-95xx/CVE-2024-9541.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-9583](CVE-2024/CVE-2024-95xx/CVE-2024-9583.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-9588](CVE-2024/CVE-2024-95xx/CVE-2024-9588.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-9589](CVE-2024/CVE-2024-95xx/CVE-2024-9589.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-9590](CVE-2024/CVE-2024-95xx/CVE-2024-9590.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-9591](CVE-2024/CVE-2024-95xx/CVE-2024-9591.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-9627](CVE-2024/CVE-2024-96xx/CVE-2024-9627.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-9677](CVE-2024/CVE-2024-96xx/CVE-2024-9677.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-9829](CVE-2024/CVE-2024-98xx/CVE-2024-9829.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-9927](CVE-2024/CVE-2024-99xx/CVE-2024-9927.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-9947](CVE-2024/CVE-2024-99xx/CVE-2024-9947.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-9987](CVE-2024/CVE-2024-99xx/CVE-2024-9987.json) (`2024-10-23T15:12:34.673`)
- [CVE-2024-47737](CVE-2024/CVE-2024-477xx/CVE-2024-47737.json) (`2024-10-23T17:00:01.357`)
- [CVE-2024-47739](CVE-2024/CVE-2024-477xx/CVE-2024-47739.json) (`2024-10-23T16:58:37.707`)
- [CVE-2024-47745](CVE-2024/CVE-2024-477xx/CVE-2024-47745.json) (`2024-10-23T17:25:19.657`)
- [CVE-2024-47748](CVE-2024/CVE-2024-477xx/CVE-2024-47748.json) (`2024-10-23T17:28:00.460`)
- [CVE-2024-47750](CVE-2024/CVE-2024-477xx/CVE-2024-47750.json) (`2024-10-23T17:29:01.330`)
- [CVE-2024-47751](CVE-2024/CVE-2024-477xx/CVE-2024-47751.json) (`2024-10-23T17:33:52.440`)
- [CVE-2024-48049](CVE-2024/CVE-2024-480xx/CVE-2024-48049.json) (`2024-10-23T16:12:12.127`)
- [CVE-2024-48415](CVE-2024/CVE-2024-484xx/CVE-2024-48415.json) (`2024-10-23T16:35:09.317`)
- [CVE-2024-48652](CVE-2024/CVE-2024-486xx/CVE-2024-48652.json) (`2024-10-23T16:35:10.103`)
- [CVE-2024-48656](CVE-2024/CVE-2024-486xx/CVE-2024-48656.json) (`2024-10-23T16:35:12.613`)
- [CVE-2024-48657](CVE-2024/CVE-2024-486xx/CVE-2024-48657.json) (`2024-10-23T16:35:13.890`)
- [CVE-2024-49286](CVE-2024/CVE-2024-492xx/CVE-2024-49286.json) (`2024-10-23T16:13:37.823`)
- [CVE-2024-49323](CVE-2024/CVE-2024-493xx/CVE-2024-49323.json) (`2024-10-23T16:05:49.617`)
- [CVE-2024-49328](CVE-2024/CVE-2024-493xx/CVE-2024-49328.json) (`2024-10-23T17:08:31.910`)
- [CVE-2024-49334](CVE-2024/CVE-2024-493xx/CVE-2024-49334.json) (`2024-10-23T16:08:01.277`)
- [CVE-2024-49851](CVE-2024/CVE-2024-498xx/CVE-2024-49851.json) (`2024-10-23T16:00:52.597`)
- [CVE-2024-49852](CVE-2024/CVE-2024-498xx/CVE-2024-49852.json) (`2024-10-23T16:14:01.857`)
- [CVE-2024-49853](CVE-2024/CVE-2024-498xx/CVE-2024-49853.json) (`2024-10-23T16:14:30.750`)
- [CVE-2024-49854](CVE-2024/CVE-2024-498xx/CVE-2024-49854.json) (`2024-10-23T16:29:32.857`)
- [CVE-2024-49856](CVE-2024/CVE-2024-498xx/CVE-2024-49856.json) (`2024-10-23T16:33:20.857`)
- [CVE-2024-49858](CVE-2024/CVE-2024-498xx/CVE-2024-49858.json) (`2024-10-23T16:35:10.097`)
- [CVE-2024-49860](CVE-2024/CVE-2024-498xx/CVE-2024-49860.json) (`2024-10-23T16:44:58.473`)
- [CVE-2024-49861](CVE-2024/CVE-2024-498xx/CVE-2024-49861.json) (`2024-10-23T16:48:47.573`)
- [CVE-2024-49862](CVE-2024/CVE-2024-498xx/CVE-2024-49862.json) (`2024-10-23T16:53:51.050`)
- [CVE-2024-6010](CVE-2024/CVE-2024-60xx/CVE-2024-6010.json) (`2024-10-23T16:15:10.483`)
## Download and Usage

1109
_state.csv
View File

File diff suppressed because it is too large Load Diff