diff --git a/CVE-2018/CVE-2018-251xx/CVE-2018-25107.json b/CVE-2018/CVE-2018-251xx/CVE-2018-25107.json index b13bdc4059c..23dffb5aff0 100644 --- a/CVE-2018/CVE-2018-251xx/CVE-2018-25107.json +++ b/CVE-2018/CVE-2018-251xx/CVE-2018-25107.json @@ -2,16 +2,43 @@ "id": "CVE-2018-25107", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-29T07:15:05.287", - "lastModified": "2024-12-29T07:15:05.287", - "vulnStatus": "Received", + "lastModified": "2024-12-31T19:15:07.077", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Crypt::Random::Source package before 0.13 for Perl has a fallback to the built-in rand() function, which is not a secure source of random bits." + }, + { + "lang": "es", + "value": "El paquete Crypt::Random::Source anterior a 0.13 para Perl tiene como alternativa la funci\u00f3n rand() incorporada, que no es una fuente segura de bits aleatorios." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { "source": "cve@mitre.org", diff --git a/CVE-2021/CVE-2021-474xx/CVE-2021-47417.json b/CVE-2021/CVE-2021-474xx/CVE-2021-47417.json index c21b230bf3f..1184d036e06 100644 --- a/CVE-2021/CVE-2021-474xx/CVE-2021-47417.json +++ b/CVE-2021/CVE-2021-474xx/CVE-2021-47417.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47417", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:27.173", - "lastModified": "2024-11-21T06:36:06.070", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-31T20:10:18.403", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,109 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: libbpf: repara la p\u00e9rdida de memoria en strset Libera la estructura strset en s\u00ed, no solo sus partes internas." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.13", + "versionEndExcluding": "5.14.12", + "matchCriteriaId": "875EB25E-7BA6-4A16-B5F4-EA9A7B012B68" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*", + "matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*", + "matchCriteriaId": "0460DA88-8FE1-46A2-9DDA-1F1ABA552E71" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*", + "matchCriteriaId": "AF55383D-4DF2-45DC-93F7-571F4F978EAB" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/9e8e7504e09831c469b67d6dc11d9a72654bdb8c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b0e875bac0fab3e7a7431c2eee36a8ccc0c712ac", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9e8e7504e09831c469b67d6dc11d9a72654bdb8c", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b0e875bac0fab3e7a7431c2eee36a8ccc0c712ac", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-474xx/CVE-2021-47418.json b/CVE-2021/CVE-2021-474xx/CVE-2021-47418.json index f668077eec0..811c274dcbd 100644 --- a/CVE-2021/CVE-2021-474xx/CVE-2021-47418.json +++ b/CVE-2021/CVE-2021-474xx/CVE-2021-47418.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47418", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:27.257", - "lastModified": "2024-11-21T06:36:06.193", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-31T20:03:20.077", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,71 +15,235 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net_sched: corrige el deref NULL en fifo_set_limit() syzbot inform\u00f3 otro deref NULL en fifo_set_limit() [1] Podr\u00eda reproducir el problema con: unshare -n tc qd add dev lo root handle 1:0 tbf limit 200000 burst 70000 rate 100Mbit tc qd reemplazar dev lo parent 1:0 pfifo_fast tc qd cambiar dev lo root handle 1:0 tbf limit 300000 burst 70000 rate 100Mbit pfifo_fast no tiene una operaci\u00f3n de cambio(). Haga que fifo_set_limit() sea m\u00e1s s\u00f3lido al respecto. [1] BUG: desreferencia del puntero NULL del kernel, direcci\u00f3n: 0000000000000000 PGD 1cf99067 P4D 1cf99067 PUD 7ca49067 PMD 0 Ups: 0010 [#1] PREEMPT SMP KASAN CPU: 1 PID: 14443 Comm: syz-executor959 No contaminado 5. 15.0-rc3- syzkaller #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:0x0 C\u00f3digo: No se puede acceder a los bytes del c\u00f3digo de operaci\u00f3n en RIP 0xffffffffffffffd6. RSP: 0018:ffffc9000e2f7310 EFLAGS: 00010246 RAX: dffffc0000000000 RBX: ffffffff8d6ecc00 RCX: 0000000000000000 RDX: 0000000000000000 RSI: c27910 RDI: ffff888071e34000 RBP: ffff888071e34000 R08: 0000000000000001 R09: ffffffff8fcfb947 R10: 00000000000000001 R11: 0000000000000000 R12 : ffff888024c27910 R13: ffff888071e34018 R14: 00000000000000000 R15: ffff88801ef74800 FS: 00007f321d897700(0000) GS:ffff8880b9d00000(0000) knlGS:00000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 50033 CR2: ffffffffffffffd6 CR3: 00000000722c3000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 00000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Seguimiento de llamadas: fifo_set_limit net/sched/sch_fifo.c:242 [en l\u00ednea] fifo_set_limit+0x198/0x210 net/sched/sch_fifo.c:227 6ec/0x16d0 net/sched/sch_tbf.c: 418 qdisc_change net/sched/sch_api.c:1332 [en l\u00ednea] tc_modify_qdisc+0xd9a/0x1a60 net/sched/sch_api.c:1634 rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5572 netlink_rcv_skb+0x153/0x42 0 red/enlace de red /af_netlink.c:2504 netlink_unicast_kernel net/netlink/af_netlink.c:1314 [en l\u00ednea] netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1340 netlink_sendmsg+0x86d/0xdb0 net/netlink/af_netlink.c:1929 sock_sendmsg_nosec net/ socket.c:704 [en l\u00ednea] sock_sendmsg+0xcf/0x120 net/socket.c:724 ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409 ___sys_sendmsg+0xf3/0x170 net/socket.c:2463 __sys_sendmsg+0xe5/0 x1b0 neto /socket.c:2492 do_syscall_x64 arch/x86/entry/common.c:50 [en l\u00ednea] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 Entry_SYSCALL_64_after_hwframe+0x44/0xae" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.27", + "versionEndExcluding": "4.4.289", + "matchCriteriaId": "C8E4AEA6-BCA5-4AEE-B2EB-8859675FE509" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5", + "versionEndExcluding": "4.9.287", + "matchCriteriaId": "7D94FCF9-86AA-4CB2-96FC-F5EEC5E24530" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.251", + "matchCriteriaId": "E0CA000A-C041-41C7-BB29-59359F62F9AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.211", + "matchCriteriaId": "19F2BDAE-0E29-4C98-A02A-4DA148685995" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.153", + "matchCriteriaId": "99815E71-6131-41A5-B309-1917CBBDF09C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.73", + "matchCriteriaId": "83DBC258-8513-4ECB-A55E-57E743405733" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.14.12", + "matchCriteriaId": "20EB962C-32DC-448F-A900-BCF9A726F9EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*", + "matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*", + "matchCriteriaId": "0460DA88-8FE1-46A2-9DDA-1F1ABA552E71" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*", + "matchCriteriaId": "AF55383D-4DF2-45DC-93F7-571F4F978EAB" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/08d7056e8e250fd2e67dbea5be5fdecdd75bf6b4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0dd7ddc462b9c2d31eb5a9926a2cc63eaa3e9f52", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/26af64d71b6277841285fa40e3f7164a378dfda9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/560ee196fe9e5037e5015e2cdb14b3aecb1cd7dc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/acff2d182c0768a713cee77442caeb07668bd68f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c951a3be5e8803e93bb49a0aca0d30457d3c1b67", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d07098f45be868a9cdce6c616563c36c64dbbd87", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fb58cd7991747b5e0b110c98c922d7b0e47a1f14", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/08d7056e8e250fd2e67dbea5be5fdecdd75bf6b4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0dd7ddc462b9c2d31eb5a9926a2cc63eaa3e9f52", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/26af64d71b6277841285fa40e3f7164a378dfda9", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/560ee196fe9e5037e5015e2cdb14b3aecb1cd7dc", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/acff2d182c0768a713cee77442caeb07668bd68f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c951a3be5e8803e93bb49a0aca0d30457d3c1b67", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d07098f45be868a9cdce6c616563c36c64dbbd87", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fb58cd7991747b5e0b110c98c922d7b0e47a1f14", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-474xx/CVE-2021-47426.json b/CVE-2021/CVE-2021-474xx/CVE-2021-47426.json index c1a9b60b428..b42bb3f2331 100644 --- a/CVE-2021/CVE-2021-474xx/CVE-2021-47426.json +++ b/CVE-2021/CVE-2021-474xx/CVE-2021-47426.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47426", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:28.027", - "lastModified": "2024-11-21T06:36:07.227", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-31T20:03:39.283", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,151 @@ "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: bpf, s390: solucione una posible p\u00e9rdida de memoria sobre jit_data. Aseg\u00farese de liberar jit_data mediante kfree() en la ruta de error." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.4", + "versionEndExcluding": "5.4.153", + "matchCriteriaId": "CFAA6C32-1F8C-472E-8339-8FEAEE9723CC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.73", + "matchCriteriaId": "83DBC258-8513-4ECB-A55E-57E743405733" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.14.12", + "matchCriteriaId": "20EB962C-32DC-448F-A900-BCF9A726F9EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*", + "matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*", + "matchCriteriaId": "0460DA88-8FE1-46A2-9DDA-1F1ABA552E71" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*", + "matchCriteriaId": "AF55383D-4DF2-45DC-93F7-571F4F978EAB" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/29fdb11ca88d3c490a3d56f0dc77eb9444d086be", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/686cb8b9f6b46787f035afe8fbd132a74e6b1bdd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a326f9c01cfbee4450ae49ce618ae6cbc0f76842", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d590a410e472417a22336c7c37685bfb38e801f2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/29fdb11ca88d3c490a3d56f0dc77eb9444d086be", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/686cb8b9f6b46787f035afe8fbd132a74e6b1bdd", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a326f9c01cfbee4450ae49ce618ae6cbc0f76842", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d590a410e472417a22336c7c37685bfb38e801f2", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-474xx/CVE-2021-47427.json b/CVE-2021/CVE-2021-474xx/CVE-2021-47427.json index b79fcb57189..804df35af0b 100644 --- a/CVE-2021/CVE-2021-474xx/CVE-2021-47427.json +++ b/CVE-2021/CVE-2021-474xx/CVE-2021-47427.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47427", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:28.117", - "lastModified": "2024-11-21T06:36:07.337", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-31T20:04:00.207", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,109 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: iscsi: corrige el uso after free de iscsi_task. Confirmaci\u00f3n d39df158518c (\"scsi: iscsi: Have abort handler get ref to conn\") se agregaron llamadas iscsi_get_conn()/iscsi_put_conn() durante el manejo de abortos pero luego tambi\u00e9n cambi\u00f3 el manejo del caso en el que detectamos una tarea ya completada y ahora terminamos haciendo un acceso al c\u00f3digo com\u00fan de put/cleanup. Esto da como resultado un uso de iscsi_task despu\u00e9s de la liberaci\u00f3n, porque el c\u00f3digo de limpieza com\u00fan colocar\u00e1 iscsi_task. Esto revierte el ir a y mueve iscsi_get_conn() a despu\u00e9s de haber verificado si iscsi_task es v\u00e1lido." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.14", + "versionEndExcluding": "5.14.12", + "matchCriteriaId": "0212F5AF-8179-4A29-9B5A-E9060BD1F240" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*", + "matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*", + "matchCriteriaId": "0460DA88-8FE1-46A2-9DDA-1F1ABA552E71" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*", + "matchCriteriaId": "AF55383D-4DF2-45DC-93F7-571F4F978EAB" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1642f51ac0d4f2b55d5748094c49ff8f7191b93c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/258aad75c62146453d03028a44f2f1590d58e1f6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1642f51ac0d4f2b55d5748094c49ff8f7191b93c", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/258aad75c62146453d03028a44f2f1590d58e1f6", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48707.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48707.json index 8c7b1b5697d..7d7ac3d40e6 100644 --- a/CVE-2022/CVE-2022-487xx/CVE-2022-48707.json +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48707.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48707", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T16:15:12.173", - "lastModified": "2024-11-21T07:33:49.840", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-31T20:05:02.337", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,124 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: cxl/region: corrige la desreferencia del puntero null para restablecer el decodificador. No todos los decodificadores tienen una devoluci\u00f3n de llamada de reinicio. La especificaci\u00f3n CXL permite que un puente de host con un \u00fanico puerto ra\u00edz no tenga decodificadores HDM expl\u00edcitos. Actualmente, el controlador de regi\u00f3n supone que no hay ninguno. Como tal, el n\u00facleo CXL crea una instancia de decodificador de paso especial sin una devoluci\u00f3n de llamada de confirmaci\u00f3n/restablecimiento. Antes de este parche, la devoluci\u00f3n de llamada ->reset() se llamaba incondicionalmente al llamar a cxl_region_decode_reset. Por lo tanto, una configuraci\u00f3n con 1 puente de host, 1 puerto ra\u00edz y un dispositivo CXL tipo 3 conectado directamente o varios dispositivos CXL tipo 3 conectados a puertos descendentes de un conmutador puede provocar una desreferencia de puntero null. Antes de la soluci\u00f3n, se observaba un fallo del kernel cuando destru\u00edamos la regi\u00f3n y se restablec\u00eda un decodificador de paso. El problema se puede reproducir como se muestra a continuaci\u00f3n: 1) cree una regi\u00f3n con una configuraci\u00f3n CXL que incluya un HB con un \u00fanico puerto ra\u00edz bajo el cual se conecta directamente un memdev. 2) destruir la regi\u00f3n con cxl destroy-region regionX -f." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.0", + "versionEndExcluding": "6.1.12", + "matchCriteriaId": "FD182C18-2363-4CBE-AF50-6794BE787760" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*", + "matchCriteriaId": "FF501633-2F44-4913-A8EE-B021929F49F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*", + "matchCriteriaId": "2BDA597B-CAC1-4DF0-86F0-42E142C654E9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*", + "matchCriteriaId": "725C78C9-12CE-406F-ABE8-0813A01D66E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*", + "matchCriteriaId": "A127C155-689C-4F67-B146-44A57F4BFD85" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:*", + "matchCriteriaId": "D34127CC-68F5-4703-A5F6-5006F803E4AE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:*", + "matchCriteriaId": "4AB8D555-648E-4F2F-98BD-3E7F45BD12A8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc7:*:*:*:*:*:*", + "matchCriteriaId": "C64BDD9D-C663-4E75-AE06-356EDC392B82" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/4fa4302d6dc7de7e8e74dc7405611a2efb4bf54b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a04c7d062b537ff787d00da95bdfe343260d4beb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4fa4302d6dc7de7e8e74dc7405611a2efb4bf54b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a04c7d062b537ff787d00da95bdfe343260d4beb", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48708.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48708.json index 4af4179d090..25e3e76ef68 100644 --- a/CVE-2022/CVE-2022-487xx/CVE-2022-48708.json +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48708.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48708", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T16:15:12.253", - "lastModified": "2024-11-21T07:33:49.950", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-31T20:05:23.510", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,63 +15,229 @@ "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pinctrl: single: corrige una posible desreferencia NULL. Se agreg\u00f3 la verificaci\u00f3n de la \"funci\u00f3n\" del puntero en pcs_set_mux(). pinmux_generic_get_function() puede devolver NULL y se elimin\u00f3 la referencia al puntero \"funci\u00f3n\" sin compararlo con NULL. Encontrado por el Centro de verificaci\u00f3n de Linux (linuxtesting.org) con SVACE." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.11", + "versionEndExcluding": "4.14.306", + "matchCriteriaId": "9B85FB82-DEB6-48E9-9492-E2F0BB469A30" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.273", + "matchCriteriaId": "FC86F278-A337-4A8A-A7BB-758898345802" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.232", + "matchCriteriaId": "9C6E0696-3702-4B0C-A102-2753BDC8C3D3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.168", + "matchCriteriaId": "12258A3F-04BD-49C9-9C6B-D3C1945E8910" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.94", + "matchCriteriaId": "55EC7465-CE9A-4B9C-B0FA-97394061A77F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.12", + "matchCriteriaId": "63F0738E-F1B2-47A2-9329-E2B8BC87708A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*", + "matchCriteriaId": "FF501633-2F44-4913-A8EE-B021929F49F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*", + "matchCriteriaId": "2BDA597B-CAC1-4DF0-86F0-42E142C654E9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*", + "matchCriteriaId": "725C78C9-12CE-406F-ABE8-0813A01D66E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*", + "matchCriteriaId": "A127C155-689C-4F67-B146-44A57F4BFD85" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:*", + "matchCriteriaId": "D34127CC-68F5-4703-A5F6-5006F803E4AE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:*", + "matchCriteriaId": "4AB8D555-648E-4F2F-98BD-3E7F45BD12A8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc7:*:*:*:*:*:*", + "matchCriteriaId": "C64BDD9D-C663-4E75-AE06-356EDC392B82" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1177bdafe87cbe543a2dc48a9bbac265aa5864db", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2b763f7de108cb1a5ad5ed08e617d677341947cb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6e2a0521e4e84a2698f2da3950fb5c5496a4d208", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/71668706fbe7d20e6f172fa3287fa8aac1b56c26", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bcc487001a15f71f103d102cba4ac8145d7a68f2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d2d73e6d4822140445ad4a7b1c6091e0f5fe703b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e671e63587c92b3fd767cf82e73129f6d5feeb33", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1177bdafe87cbe543a2dc48a9bbac265aa5864db", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2b763f7de108cb1a5ad5ed08e617d677341947cb", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6e2a0521e4e84a2698f2da3950fb5c5496a4d208", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/71668706fbe7d20e6f172fa3287fa8aac1b56c26", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bcc487001a15f71f103d102cba4ac8145d7a68f2", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d2d73e6d4822140445ad4a7b1c6091e0f5fe703b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e671e63587c92b3fd767cf82e73129f6d5feeb33", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48709.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48709.json index cb9fb16e3ed..d3574c39239 100644 --- a/CVE-2022/CVE-2022-487xx/CVE-2022-48709.json +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48709.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48709", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T16:15:12.330", - "lastModified": "2024-11-21T07:33:50.073", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-31T20:08:49.373", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,124 @@ "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ice: switch: soluciona una posible fuga de memoria en ice_add_adv_recipe(). Cuando ice_add_special_words() falla, el 'rm' no se libera, lo que provocar\u00e1 una p\u00e9rdida de memoria. Solucione este problema yendo a la etiqueta 'err_unroll'. Compilaci\u00f3n probada \u00fanicamente." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.12", + "matchCriteriaId": "63F0738E-F1B2-47A2-9329-E2B8BC87708A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*", + "matchCriteriaId": "FF501633-2F44-4913-A8EE-B021929F49F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*", + "matchCriteriaId": "2BDA597B-CAC1-4DF0-86F0-42E142C654E9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*", + "matchCriteriaId": "725C78C9-12CE-406F-ABE8-0813A01D66E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*", + "matchCriteriaId": "A127C155-689C-4F67-B146-44A57F4BFD85" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:*", + "matchCriteriaId": "D34127CC-68F5-4703-A5F6-5006F803E4AE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:*", + "matchCriteriaId": "4AB8D555-648E-4F2F-98BD-3E7F45BD12A8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc7:*:*:*:*:*:*", + "matchCriteriaId": "C64BDD9D-C663-4E75-AE06-356EDC392B82" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/47f4ff6f23f00f5501ff2d7054c1a37c170a7aa0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4a606ce68426c88ff2563382b33cc34f3485fe57", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/47f4ff6f23f00f5501ff2d7054c1a37c170a7aa0", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4a606ce68426c88ff2563382b33cc34f3485fe57", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-487xx/CVE-2022-48710.json b/CVE-2022/CVE-2022-487xx/CVE-2022-48710.json index 8ac34c1a103..2901c06303f 100644 --- a/CVE-2022/CVE-2022-487xx/CVE-2022-48710.json +++ b/CVE-2022/CVE-2022-487xx/CVE-2022-48710.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48710", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T16:15:12.393", - "lastModified": "2024-11-21T07:33:50.177", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-31T20:09:11.503", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,79 +15,235 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/radeon: corrige una posible desreferencia del puntero null. En radeon_fp_native_mode(), el valor de retorno de drm_mode_duplicate() se asigna al modo, lo que conducir\u00e1 a una desreferencia del puntero NULL en caso de falla de drm_mode_duplicate(). Agregue una marca para evitar npd. Tambi\u00e9n se verifica el estado de falla de drm_cvt_mode() en la otra ruta." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.9.318", + "matchCriteriaId": "0D4D4067-974D-4560-8320-22FDA399E3F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.283", + "matchCriteriaId": "D6823775-2653-4644-A0D4-4E6E68F10C65" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.247", + "matchCriteriaId": "B8CFA0F4-2D75-41F4-9753-87944A08B53B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.198", + "matchCriteriaId": "3EC49633-14DE-4EBD-BB80-76AE2E3EABB9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.122", + "matchCriteriaId": "1B42AA01-44D8-4572-95E6-FF8E374CF9C5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.47", + "matchCriteriaId": "FC042EE3-4864-4325-BE0B-4BCDBF11AA61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "5.17.15", + "matchCriteriaId": "53E7AA2E-2FB4-45CA-A22B-08B4EDBB51AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.18", + "versionEndExcluding": "5.18.4", + "matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/140d9807b96e1303f6f2675a7ae8710a2094bd17", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/16a0f0b63c4c7eb46fc4c3f00bf2836e6ee46a9f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/28fd384c78d7d8ed8af0d086d778c3e438ba7f60", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7b7fba107b2c4ec7673d0f45bdbb9d1af697d9b9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8a89bfeef9abe93371e3ea8796377f2d132eee29", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a2b28708b645c5632dc93669ab06e97874c8244f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b33f7d99c9226892c7794dc2500fae35966020c9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e938d24f0b7392e142b8aa434f18590d99dbe479", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fee8ae0a0bb66eb7730c22f44fbd7203f63c2eab", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/140d9807b96e1303f6f2675a7ae8710a2094bd17", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/16a0f0b63c4c7eb46fc4c3f00bf2836e6ee46a9f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/28fd384c78d7d8ed8af0d086d778c3e438ba7f60", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7b7fba107b2c4ec7673d0f45bdbb9d1af697d9b9", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8a89bfeef9abe93371e3ea8796377f2d132eee29", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a2b28708b645c5632dc93669ab06e97874c8244f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b33f7d99c9226892c7794dc2500fae35966020c9", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e938d24f0b7392e142b8aa434f18590d99dbe479", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fee8ae0a0bb66eb7730c22f44fbd7203f63c2eab", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-13xx/CVE-2023-1329.json b/CVE-2023/CVE-2023-13xx/CVE-2023-1329.json index c41506d60cb..13901952bd6 100644 --- a/CVE-2023/CVE-2023-13xx/CVE-2023-1329.json +++ b/CVE-2023/CVE-2023-13xx/CVE-2023-1329.json @@ -2,7 +2,7 @@ "id": "CVE-2023-1329", "sourceIdentifier": "hp-security-alert@hp.com", "published": "2023-06-14T21:15:09.340", - "lastModified": "2024-11-21T07:38:56.117", + "lastModified": "2024-12-31T20:15:24.907", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -45,6 +45,16 @@ "value": "NVD-CWE-noinfo" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-527xx/CVE-2023-52702.json b/CVE-2023/CVE-2023-527xx/CVE-2023-52702.json index 3e95ac02020..4c6b239326f 100644 --- a/CVE-2023/CVE-2023-527xx/CVE-2023-52702.json +++ b/CVE-2023/CVE-2023-527xx/CVE-2023-52702.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52702", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T16:15:12.617", - "lastModified": "2024-11-21T08:40:23.813", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-31T20:19:13.377", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,171 @@ "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: openvswitch: corrige una posible p\u00e9rdida de memoria en ovs_meter_cmd_set() old_meter debe estar libre despu\u00e9s de desconectarlo, independientemente de si el nuevo medidor se conect\u00f3 correctamente." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.8", + "versionEndExcluding": "5.10.169", + "matchCriteriaId": "917E7F85-7459-4A31-AEC5-917EA65B5E57" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.95", + "matchCriteriaId": "8508F80E-8588-4976-A2BA-7A2D85018C4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.13", + "matchCriteriaId": "CE354BE6-0C0F-47EB-AD8A-1433F041AC20" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*", + "matchCriteriaId": "FF501633-2F44-4913-A8EE-B021929F49F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*", + "matchCriteriaId": "2BDA597B-CAC1-4DF0-86F0-42E142C654E9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*", + "matchCriteriaId": "725C78C9-12CE-406F-ABE8-0813A01D66E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*", + "matchCriteriaId": "A127C155-689C-4F67-B146-44A57F4BFD85" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:*", + "matchCriteriaId": "D34127CC-68F5-4703-A5F6-5006F803E4AE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:*", + "matchCriteriaId": "4AB8D555-648E-4F2F-98BD-3E7F45BD12A8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc7:*:*:*:*:*:*", + "matchCriteriaId": "C64BDD9D-C663-4E75-AE06-356EDC392B82" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc8:*:*:*:*:*:*", + "matchCriteriaId": "26544390-88E4-41CA-98BF-7BB1E9D4E243" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1563e998a938f095548054ef09e277b562b79536", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2fa28f5c6fcbfc794340684f36d2581b4f2d20b5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c0f65ee0a3329eb4b94beaef0268633696e2d0c6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e336a9e08618203a456fb5367f1387b14554f55e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1563e998a938f095548054ef09e277b562b79536", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2fa28f5c6fcbfc794340684f36d2581b4f2d20b5", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c0f65ee0a3329eb4b94beaef0268633696e2d0c6", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e336a9e08618203a456fb5367f1387b14554f55e", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-527xx/CVE-2023-52705.json b/CVE-2023/CVE-2023-527xx/CVE-2023-52705.json index 6e8e5acf9c4..a2ca357d547 100644 --- a/CVE-2023/CVE-2023-527xx/CVE-2023-52705.json +++ b/CVE-2023/CVE-2023-527xx/CVE-2023-52705.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52705", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T16:15:12.840", - "lastModified": "2024-11-21T08:40:24.293", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-31T20:18:52.900", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,63 +15,233 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nilfs2: corrige el desbordamiento en los c\u00e1lculos de la posici\u00f3n del segundo superbloque. La macro NILFS_SB2_OFFSET_BYTES, que calcula la posici\u00f3n del segundo superbloque, sufre un desbordamiento cuando el tama\u00f1o del dispositivo del argumento es inferior a 4096 bytes. Por lo tanto, al utilizar esta macro, es necesario comprobar de antemano que el tama\u00f1o del dispositivo no sea inferior a un l\u00edmite inferior, o al menos que no se produzca un desbordamiento insuficiente. La implementaci\u00f3n actual de nilfs2 carece de esta verificaci\u00f3n, lo que provoca un acceso a bloques fuera de los l\u00edmites al montar dispositivos de menos de 4096 bytes: error de E/S, dev loop0, sector 36028797018963960 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 NILFS (loop0 ): no se puede leer el superbloque secundario (tama\u00f1o de bloque = 1024) Adem\u00e1s, al intentar cambiar el tama\u00f1o del sistema de archivos a un tama\u00f1o inferior a 4096 bytes, este desbordamiento se produce en nilfs_resize_fs(), pasando una gran cantidad de segmentos a nilfs_sufile_resize(), corrompiendo par\u00e1metros como como el n\u00famero de segmentos en supermanzanas. Esto provoca iteraciones de bucle excesivas en nilfs_sufile_resize() durante un cambio de tama\u00f1o de ioctl posterior, lo que provoca que el sem\u00e1foro ns_segctor_sem se bloquee durante mucho tiempo y cuelgue el hilo de escritura: INFORMACI\u00d3N: tarea segctord:5067 bloqueada durante m\u00e1s de 143 segundos. No contaminado 6.2.0-rc8-syzkaller-00015-gf6feea56f66d #0 \"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" desactiva este mensaje. tarea:segctord estado:D pila:23456 pid:5067 ppid:2 banderas:0x00004000 Seguimiento de llamadas: context_switch kernel/sched/core.c:5293 [en l\u00ednea] __schedule+0x1409/0x43f0 kernel/sched/core.c: 6606 programaci\u00f3n+0xc3/0x190 kernel/sched/core.c:6682 rwsem_down_write_slowpath+0xfcf/0x14a0 kernel/locking/rwsem.c:1190 nilfs_transaction_lock+0x25c/0x4f0 fs/nilfs2/segment.c:357 nilfs_segctor_thread_construct fs /nilfs2/segmento. c:2486 [en l\u00ednea] nilfs_segctor_thread+0x52f/0x1140 fs/nilfs2/segment.c:2570 kthread+0x270/0x300 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 ... Seguimiento de llamadas: folio_mark_accessed+0x51c/0xf00 mm/swap.c:515 __nilfs_get_page_block fs/nilfs2/page.c:42 [en l\u00ednea] nilfs_grab_buffer+0x3d3/0x540 fs/nilfs2/page.c:61 nilfs_mdt_submit_block+0xd7/0x8f0 fs/nilfs2/mdt.c:121 nilfs_mdt_read_block+0xeb/0x430 fs/nilfs2/mdt.c:176 nilfs_mdt_get_block+0x12d/0xbb0 fs/nilfs2/mdt.c:251 _get_segment_usage_block fs/nilfs2/sufile.c :92 [en l\u00ednea] nilfs_sufile_truncate_range fs/nilfs2/sufile.c:679 [en l\u00ednea] nilfs_sufile_resize+0x7a3/0x12b0 fs/nilfs2/sufile.c:777 nilfs_resize_fs+0x20c/0xed0 fs/nilfs2/super.c:422 nilfs_ioctl_resize f s/nilfs2 /ioctl.c:1033 [en l\u00ednea] nilfs_ioctl+0x137c/0x2440 fs/nilfs2/ioctl.c:1301 ... Esto soluciona estos problemas insertando comprobaciones de tama\u00f1o m\u00ednimo de dispositivo adecuadas o comprobaciones anti-desbordamiento, dependiendo de d\u00f3nde se utilice la macro ." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-191" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.14.306", + "matchCriteriaId": "C3601A65-E0A1-4B9E-9AE3-31871BA7A14B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.273", + "matchCriteriaId": "FC86F278-A337-4A8A-A7BB-758898345802" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.232", + "matchCriteriaId": "9C6E0696-3702-4B0C-A102-2753BDC8C3D3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.169", + "matchCriteriaId": "D8E6784B-A00F-47F0-882B-7209E1F374B7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.95", + "matchCriteriaId": "8508F80E-8588-4976-A2BA-7A2D85018C4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.13", + "matchCriteriaId": "CE354BE6-0C0F-47EB-AD8A-1433F041AC20" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*", + "matchCriteriaId": "FF501633-2F44-4913-A8EE-B021929F49F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*", + "matchCriteriaId": "2BDA597B-CAC1-4DF0-86F0-42E142C654E9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*", + "matchCriteriaId": "725C78C9-12CE-406F-ABE8-0813A01D66E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*", + "matchCriteriaId": "A127C155-689C-4F67-B146-44A57F4BFD85" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:*", + "matchCriteriaId": "D34127CC-68F5-4703-A5F6-5006F803E4AE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:*", + "matchCriteriaId": "4AB8D555-648E-4F2F-98BD-3E7F45BD12A8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc7:*:*:*:*:*:*", + "matchCriteriaId": "C64BDD9D-C663-4E75-AE06-356EDC392B82" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc8:*:*:*:*:*:*", + "matchCriteriaId": "26544390-88E4-41CA-98BF-7BB1E9D4E243" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0ee5ed0126a2211f7174492da2ca2c29f43755c5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2f7a1135b202977b82457adde7db6c390056863b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/52844d8382cd9166d708032def8905ffc3ae550f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/99b9402a36f0799f25feee4465bfa4b8dfa74b4d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a158782b56b070485d54d25fc9aaf2c8f3752205", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a8ef5109f93cea9933bbac0455d8c18757b3fcb4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b96591e2c35c8b47db0ec816b5fc6cb8868000ff", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0ee5ed0126a2211f7174492da2ca2c29f43755c5", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2f7a1135b202977b82457adde7db6c390056863b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/52844d8382cd9166d708032def8905ffc3ae550f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/99b9402a36f0799f25feee4465bfa4b8dfa74b4d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a158782b56b070485d54d25fc9aaf2c8f3752205", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a8ef5109f93cea9933bbac0455d8c18757b3fcb4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b96591e2c35c8b47db0ec816b5fc6cb8868000ff", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-528xx/CVE-2023-52833.json b/CVE-2023/CVE-2023-528xx/CVE-2023-52833.json index 431d06abb8c..1ccc57bf9dc 100644 --- a/CVE-2023/CVE-2023-528xx/CVE-2023-52833.json +++ b/CVE-2023/CVE-2023-528xx/CVE-2023-52833.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52833", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T16:15:20.883", - "lastModified": "2024-11-21T08:40:41.060", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-31T20:09:52.303", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,55 +15,172 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: btusb: Agregar fecha->evt_skb es un fallo de correcci\u00f3n de verificaci\u00f3n NULL debido a punteros nulos [6104.969662] BUG: desreferencia del puntero NULL del kernel, direcci\u00f3n: 00000000000000c8 [6104.969667] #PF: supervisor acceso de lectura en modo kernel [6104.969668] #PF: error_code(0x0000) - p\u00e1gina no presente [6104.969670] PGD 0 P4D 0 [6104.969673] Ups: 0000 [#1] SMP NOPTI [6104.969684] RIP: k_hci_wmt_sync+0x144/ 0x220 [btusb] [ 6104.969688] RSP: 0018:ffffb8d681533d48 EFLAGS: 00010246 [ 6104.969689] RAX: 00000000000000000 RBX: ffff8ad560bb2000 RCX: 0000000006 [ 6104.969691] RDX: 00000000000000000 RSI: ffffb8d681533d08 RDI: 0000000000000000 [ 6104.969692] RBP: ffffb8d681533d70 R08: 000000000001 R09: 0000000000000001 [ 6104.969694] R10: 0000000000000001 R11: 00000000fa83b2da R12: ffff8ad461d1d7c0 [ 6104.969695] R13: 000000000000000 0 R14: ffff8ad459618c18 R15: ffffb8d681533d90 [ 6104.969697] FS: 00007f5a1cab9d40(0000) GS:ffff8ad578200000(0000) knlGS:00000 [ 6104.969699] CS: 0010DS : 0000 ES: 0000 CR0: 0000000080050033 [ 6104.969700] CR2: 00000000000000c8 CR3: 000000018620c001 CR4: 0000000000760ef0 [ 6104.969701] : 55555554 [6104.969702] Seguimiento de llamadas: [6104.969708] btusb_mtk_shutdown+0x44/0x80 [btusb] [6104.969732] hci_dev_do_close+0x470/ 0x5c0 [bluetooth] [ 6104.969748] hci_rfkill_set_block+0x56/0xa0 [bluetooth] [ 6104.969753] rfkill_set_block+0x92/0x160 [ 6104.969755] rfkill_fop_write+0x136/0x1e0 [ 6104.9 69759] __vfs_write+0x18/0x40 [ 6104.969761] vfs_write+0xdf/0x1c0 [ 6104.969763] ksys_write+0xb1/0xe0 [ 6104.969765] __x64_sys_write+0x1a/0x20 [ 6104.969769] do_syscall_64+0x51/0x180 [ 6104.969771] Entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 6104.969773] RIP: 0033:0x7f5a21f18fef [ 6104.9] RSP: 002b:00007ffeefe39010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 6104.969780] RAX: ffffffffffffffda RBX: 000055c10a7560a0 RCX: 00007f5a21f18fef [ 6104.969781] RDX: 0000000000000008 RSI: 0007ffeefe39060 RDI: 0000000000000012 [ 6104.969782] RBP: 00007ffeefe39060 R08: 00000000000000000 R09: 0000000000000017 [ 6104.969784] 00007ffeefe38d97 R11: 0000000000000293 R12: 0000000000000002 [ 6104.969785] R13: 00007ffeefe39220 R14: 00007ffeefe391a0 R15: 000055c10a72acf0" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.10.202", + "matchCriteriaId": "FF5E31E1-4DDB-480A-966E-3470C98B932E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.140", + "matchCriteriaId": "15D6C23C-78A3-40D2-B76B-4F1D9C2D95C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.64", + "matchCriteriaId": "8D7C884A-CAA2-4EA2-9FEB-5CE776D7B05F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.5.13", + "matchCriteriaId": "674C4F82-C336-4B49-BF64-1DE422E889C4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6", + "versionEndExcluding": "6.6.3", + "matchCriteriaId": "B58252FA-A49C-411F-9B28-DC5FE44BC5A0" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0048ddf045bddc4dacb3e783fd869a2f8fb5be30", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/13b1ebad4c175e6a9b0748acbf133c21a15d282a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/624820f7c8826dd010e8b1963303c145f99816e9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9f8e4d1a4ca1179aaeb43f91f3e2a386e7e616b3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a556f2ef556a04790f67f2fa272f1a77336d15a0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f9de14bde56dcbb0765284c6dfc35842b021733c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0048ddf045bddc4dacb3e783fd869a2f8fb5be30", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/13b1ebad4c175e6a9b0748acbf133c21a15d282a", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/624820f7c8826dd010e8b1963303c145f99816e9", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9f8e4d1a4ca1179aaeb43f91f3e2a386e7e616b3", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a556f2ef556a04790f67f2fa272f1a77336d15a0", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f9de14bde56dcbb0765284c6dfc35842b021733c", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-528xx/CVE-2023-52840.json b/CVE-2023/CVE-2023-528xx/CVE-2023-52840.json index c85341315d4..e4ba327e297 100644 --- a/CVE-2023/CVE-2023-528xx/CVE-2023-52840.json +++ b/CVE-2023/CVE-2023-528xx/CVE-2023-52840.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52840", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T16:15:21.377", - "lastModified": "2024-11-21T08:40:41.890", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-31T19:48:59.990", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,71 +15,215 @@ "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: Entrada: synaptics-rmi4 - corrige el use after free en rmi_unregister_function(). El put_device() llama a rmi_release_function() que libera \"fn\", por lo que se elimina la referencia en la siguiente l\u00ednea \"fn-> num_of_irqs\" es un uso despu\u00e9s de ser gratuito. Mueva put_device() hasta el final para solucionar este problema." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.18", + "versionEndExcluding": "4.19.299", + "matchCriteriaId": "E462D962-8CBA-4DF1-80C3-B1B7AB96E517" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.261", + "matchCriteriaId": "286E50BB-5A21-49BA-A6E5-526C72ADFE34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.201", + "matchCriteriaId": "AF1ADC4E-CCC4-498A-876F-5136DDD36C1D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.139", + "matchCriteriaId": "81424D14-B38F-47B3-A1B8-BC3B60BB96EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.63", + "matchCriteriaId": "80E1EA7E-2788-466C-9FFB-34AFA1B052F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.5.12", + "matchCriteriaId": "825F64D9-E99F-49AA-8A7B-EF7C2965C5B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6", + "versionEndExcluding": "6.6.2", + "matchCriteriaId": "4CBFF885-A4D3-4F21-B6FD-4D770034C048" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/2f236d8638f5b43e0c72919a6a27fe286c32053f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/303766bb92c5c225cf40f9bbbe7e29749406e2f2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/50d12253666195a14c6cd2b81c376e2dbeedbdff", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6c71e065befb2fae8f1461559b940c04e1071bd5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7082b1fb5321037bc11ba1cf2d7ed23c6b2b521f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c8e639f5743cf4b01f8c65e0df075fe4d782b585", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cc56c4d17721dcb10ad4e9c9266e449be1462683", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/eb988e46da2e4eae89f5337e047ce372fe33d5b1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2f236d8638f5b43e0c72919a6a27fe286c32053f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/303766bb92c5c225cf40f9bbbe7e29749406e2f2", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/50d12253666195a14c6cd2b81c376e2dbeedbdff", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6c71e065befb2fae8f1461559b940c04e1071bd5", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7082b1fb5321037bc11ba1cf2d7ed23c6b2b521f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c8e639f5743cf4b01f8c65e0df075fe4d782b585", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cc56c4d17721dcb10ad4e9c9266e449be1462683", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/eb988e46da2e4eae89f5337e047ce372fe33d5b1", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-528xx/CVE-2023-52841.json b/CVE-2023/CVE-2023-528xx/CVE-2023-52841.json index 033e316464e..96350b53e0b 100644 --- a/CVE-2023/CVE-2023-528xx/CVE-2023-52841.json +++ b/CVE-2023/CVE-2023-528xx/CVE-2023-52841.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52841", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T16:15:21.440", - "lastModified": "2024-11-21T08:40:42.013", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-31T19:49:20.297", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,55 +15,177 @@ "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: vidtv: mux: Add check and kfree for kstrdup. Agregue check para el valor de retorno de kstrdup() y devuelva el error si falla para evitar la desreferencia al puntero NULL. Adem\u00e1s, utilice kfree() en el manejo de errores posterior para evitar p\u00e9rdidas de memoria." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + }, + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.10.201", + "matchCriteriaId": "AA7751B5-4851-48EF-A993-E848F55A4CD4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.139", + "matchCriteriaId": "81424D14-B38F-47B3-A1B8-BC3B60BB96EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.63", + "matchCriteriaId": "80E1EA7E-2788-466C-9FFB-34AFA1B052F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.5.12", + "matchCriteriaId": "825F64D9-E99F-49AA-8A7B-EF7C2965C5B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6", + "versionEndExcluding": "6.6.2", + "matchCriteriaId": "4CBFF885-A4D3-4F21-B6FD-4D770034C048" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1fd6eb12642e0c32692924ff359c07de4b781d78", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/64863ba8e6b7651d994c6e6d506cc8aa2ac45edb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/980be4c3b0d51c0f873fd750117774561c66cf68", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a254ee1ddc592ae1efcce96b8c014e1bd2d5a2b4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/aae7598aff291d4d140be1355aa20930af948785", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cb13001411999adb158b39e76d94705eb2da100d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1fd6eb12642e0c32692924ff359c07de4b781d78", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/64863ba8e6b7651d994c6e6d506cc8aa2ac45edb", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/980be4c3b0d51c0f873fd750117774561c66cf68", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a254ee1ddc592ae1efcce96b8c014e1bd2d5a2b4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/aae7598aff291d4d140be1355aa20930af948785", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cb13001411999adb158b39e76d94705eb2da100d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-528xx/CVE-2023-52842.json b/CVE-2023/CVE-2023-528xx/CVE-2023-52842.json index 394a033757b..760edafaefa 100644 --- a/CVE-2023/CVE-2023-528xx/CVE-2023-52842.json +++ b/CVE-2023/CVE-2023-528xx/CVE-2023-52842.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52842", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T16:15:21.510", - "lastModified": "2024-11-21T08:40:42.140", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-31T19:50:07.140", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,103 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: virtio/vsock: corrige el valor uninit en virtio_transport_recv_pkt(). KMSAN inform\u00f3 el siguiente problema de acceso al valor uninit: ================ ===================================== ERROR: KMSAN: valor uninit en virtio_transport_recv_pkt+0x1dfb/0x26a0 net/vmw_vsock/virtio_transport_common.c:1421 virtio_transport_recv_pkt+0x1dfb/0x26a0 net/vmw_vsock/virtio_transport_common.c:1421 vsock_loopback_work+0x3bb/0x5a0 net/vmw_vsock/vsock_loopback.c:120 Process_one_work workqueue.c:2630 [en l\u00ednea] process_scheduled_works+ 0xff6/0x1e60 kernel/workqueue.c:2703 worker_thread+0xeca/0x14d0 kernel/workqueue.c:2784 kthread+0x3cc/0x520 kernel/kthread.c:388 ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304 Uninit se almacen\u00f3 en la memoria en: virtio_transport_space_update net/vmw_vsock/virtio_transport_common.c:1274 [en l\u00ednea] virtio_transport_recv_pkt+0x1ee8/0x26a0 net/vmw_vsock/virt io_transport_common.c:1415 vsock_loopback_work+0x3bb/0x5a0 net/vmw_vsock/vsock_loopback.c:120 Process_one_work kernel/workqueue.c:2630 [en l\u00ednea] Process_scheduled_works+0xff6/0x1e60 kernel/workqueue.c:2703 trabajador_thread+0xeca/0x14d0 kernel/workqueue.c:2784 hilo +0x3cc/0x520 kernel/kthread.c:388 ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304 Uninit se cre\u00f3 en: slab_post_alloc_hook+ 0x105/0xad0 mm/slab.h: 767 slab_alloc_node mm/slub.c: 3478 [inline] kmem_cache_alloc_node+0x5a2/0xaf0 mm/slub.c: 3523 kmalloc_reserve+0x13c/0x4a0 net/skbuff. fd /0x770 net/core/skbuff.c:650 alloc_skb include/linux/skbuff.h:1286 [en l\u00ednea] virtio_vsock_alloc_skb include/linux/virtio_vsock.h:66 [en l\u00ednea] virtio_transport_alloc_skb+0x90/0x11e0 net/vmw_vsock/virtio_transport_common.c: 58 virtio_transport_reset_no_sock net/vmw_vsock/virtio_transport_common.c:957 [en l\u00ednea] virtio_transport_recv_pkt+0x1279/0x26a0 net/vmw_vsock/virtio_transport_common.c:1387 vsock_loopback_work+0x3bb/0x5a0 net/vmw_vsock/v sock_loopback.c:120 proceso_one_work kernel/workqueue.c:2630 [en l\u00ednea] Process_scheduled_works+0xff6/0x1e60 kernel/workqueue.c:2703 trabajador_thread+0xeca/0x14d0 kernel/workqueue.c:2784 kthread+0x3cc/0x520 kernel/kthread.c:388 ret_from_fork+0x66/0x80 arch/x86/kernel/ Process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304 CPU: 1 PID: 10664 Comm: kworker/1:5 No contaminado 6.6.0-rc3-00146-g9f3ebbef746f #3 Nombre de hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS 1.16.2-1.fc38 01/04/2014 Cola de trabajo: vsock-loopback vsock_loopback_work ===================== ================================= El siguiente reproductor simple puede causar el problema descrito anteriormente: int main(void) { calcet\u00edn interno; struct sockaddr_vm addr = { .svm_family = AF_VSOCK, .svm_cid = VMADDR_CID_ANY, .svm_port = 1234, }; sock = socket(AF_VSOCK, SOCK_STREAM, 0); connect(socket, (struct sockaddr *)&addr, sizeof(addr)); return 0; } Este problema ocurre porque los campos `buf_alloc` y `fwd_cnt` de `struct virtio_vsock_hdr` no se inicializan cuando se asigna un nuevo skb en `virtio_transport_init_hdr()`. Este parche resuelve el problema inicializando estos campos durante la asignaci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-908" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.3", + "versionEndExcluding": "6.6.2", + "matchCriteriaId": "FAEE6030-A62C-4D18-8A7F-E88F936021CB" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0b8906fb48b99e993d6e8a12539f618f4854dd26", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/34c4effacfc329aeca5635a69fd9e0f6c90b4101", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cd12535b97dd7d18cf655ec78ce1cf1f29a576be", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0b8906fb48b99e993d6e8a12539f618f4854dd26", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/34c4effacfc329aeca5635a69fd9e0f6c90b4101", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cd12535b97dd7d18cf655ec78ce1cf1f29a576be", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-528xx/CVE-2023-52846.json b/CVE-2023/CVE-2023-528xx/CVE-2023-52846.json index 63a56994717..ada37a9b3c4 100644 --- a/CVE-2023/CVE-2023-528xx/CVE-2023-52846.json +++ b/CVE-2023/CVE-2023-528xx/CVE-2023-52846.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52846", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T16:15:21.800", - "lastModified": "2024-11-21T08:40:42.700", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-31T20:00:30.687", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,55 +15,173 @@ "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hsr: impedir el uso despu\u00e9s de liberar en prp_create_tagged_frame(). La funci\u00f3n prp_fill_rct() puede fallar. En esa situaci\u00f3n, libera el skb y devuelve NULL. Mientras tanto, en el camino hacia el \u00e9xito, devuelve el skb original. Por lo tanto, es sencillo corregir el error utilizando el valor devuelto." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.9", + "versionEndExcluding": "5.10.201", + "matchCriteriaId": "A30D430C-52B1-4816-90AC-B7A8073EA4B8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.139", + "matchCriteriaId": "81424D14-B38F-47B3-A1B8-BC3B60BB96EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.63", + "matchCriteriaId": "80E1EA7E-2788-466C-9FFB-34AFA1B052F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.5.12", + "matchCriteriaId": "825F64D9-E99F-49AA-8A7B-EF7C2965C5B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6", + "versionEndExcluding": "6.6.2", + "matchCriteriaId": "4CBFF885-A4D3-4F21-B6FD-4D770034C048" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1787b9f0729d318d67cf7c5a95f0c3dba9a7cc18", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6086258bd5ea7b5c706ff62da42b8e271b2401db", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/876f8ab52363f649bcc74072157dfd7adfbabc0d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a1a485e45d24b1cd8fe834fd6f1b06e2903827da", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d103fb6726904e353b4773188ee3d3acb4078363", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ddf4e04e946aaa6c458b8b6829617cc44af2bffd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1787b9f0729d318d67cf7c5a95f0c3dba9a7cc18", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6086258bd5ea7b5c706ff62da42b8e271b2401db", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/876f8ab52363f649bcc74072157dfd7adfbabc0d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a1a485e45d24b1cd8fe834fd6f1b06e2903827da", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d103fb6726904e353b4773188ee3d3acb4078363", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ddf4e04e946aaa6c458b8b6829617cc44af2bffd", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-528xx/CVE-2023-52848.json b/CVE-2023/CVE-2023-528xx/CVE-2023-52848.json index 472043db5d5..c4f5dfdcbd1 100644 --- a/CVE-2023/CVE-2023-528xx/CVE-2023-52848.json +++ b/CVE-2023/CVE-2023-528xx/CVE-2023-52848.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52848", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T16:15:21.947", - "lastModified": "2024-11-21T08:40:42.947", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-31T20:02:14.890", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,110 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: f2fs: correcci\u00f3n para eliminar el cach\u00e9 de la p\u00e1gina de meta_inode en f2fs_put_super() syzbot informa un error en el kernel como se muestra a continuaci\u00f3n: F2FS-fs (loop1): detecta p\u00e9rdida del recuento de referencias del sistema de archivos durante el desmontaje, escriba: 10 , recuento: \u00a11 BUG del kernel en fs/f2fs/super.c:1639! CPU: 0 PID: 15451 Comm: syz-executor.1 No contaminado 6.5.0-syzkaller-09338-ge0152e7481c6 #0 RIP: 0010:f2fs_put_super+0xce1/0xed0 fs/f2fs/super.c:1639 Seguimiento de llamadas: generic_shutdown_super+0x161 /0x3c0 fs/super.c:693 kill_block_super+0x3b/0x70 fs/super.c:1646 kill_f2fs_super+0x2b7/0x3d0 fs/f2fs/super.c:4879 deactivate_locked_super+0x9a/0x170 fs/super.c:481 deactivate_super+0xde /0x100 fs/super.c:514 cleanup_mnt+0x222/0x3d0 fs/namespace.c:1254 task_work_run+0x14d/0x240 kernel/task_work.c:179 resume_user_mode_work include/linux/resume_user_mode.h:49 [en l\u00ednea] exit_to_user_mode_loop kernel/entry /common.c:171 [en l\u00ednea] exit_to_user_mode_prepare+0x210/0x240 kernel/entry/common.c:204 __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [en l\u00ednea] syscall_exit_to_user_mode+0x1d/0x60 kernel/entry/common.c:296 do_syscall_64+0x44/0xb0 arch/x86/entry/common.c:86 Entry_SYSCALL_64_after_hwframe+0x63/0xcd En f2fs_put_super(), intenta realizar una verificaci\u00f3n de cordura en el recuento de referencias sucias y de IO de f2fs, una vez que hay alguna fuga en el recuento de referencias, provocar\u00e1 p\u00e1nico. El caso ra\u00edz es que, durante f2fs_put_super(), si hay alg\u00fan error de IO en f2fs_wait_on_all_pages(), no pudimos truncar el cach\u00e9 de la p\u00e1gina de meta_inode m\u00e1s tarde, lo que gener\u00f3 p\u00e1nico, solucionemos este caso." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.4.16", + "versionEndExcluding": "6.5.12", + "matchCriteriaId": "87C16A4D-F50C-48AD-A389-36C557A9EEC7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6", + "versionEndExcluding": "6.6.2", + "matchCriteriaId": "4CBFF885-A4D3-4F21-B6FD-4D770034C048" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/10b2a6c0dade67b5a2b2d17fb75c457ea1985fad", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a4639380bbe66172df329f8b54aa7d2e943f0f64", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/eb42e1862aa7934c2c21890097ce4993c5e0d192", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/10b2a6c0dade67b5a2b2d17fb75c457ea1985fad", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a4639380bbe66172df329f8b54aa7d2e943f0f64", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/eb42e1862aa7934c2c21890097ce4993c5e0d192", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-119xx/CVE-2024-11972.json b/CVE-2024/CVE-2024-119xx/CVE-2024-11972.json index 05c20587ffd..aaba4336c37 100644 --- a/CVE-2024/CVE-2024-119xx/CVE-2024-11972.json +++ b/CVE-2024/CVE-2024-119xx/CVE-2024-11972.json @@ -2,16 +2,43 @@ "id": "CVE-2024-11972", "sourceIdentifier": "contact@wpscan.com", "published": "2024-12-31T06:15:23.777", - "lastModified": "2024-12-31T06:15:23.777", - "vulnStatus": "Received", + "lastModified": "2024-12-31T19:15:07.720", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Hunk Companion WordPress plugin before 1.9.0 does not correctly authorize some REST API endpoints, allowing unauthenticated requests to install and activate arbitrary Hunk Companion WordPress plugin before 1.9.0 from the WordPress.org repo, including vulnerable Hunk Companion WordPress plugin before 1.9.0 that have been closed." + }, + { + "lang": "es", + "value": "El complemento Hunk Companion para WordPress anterior a la versi\u00f3n 1.9.0 no autoriza correctamente algunos endpoints de la API REST, lo que permite que solicitudes no autenticadas instalen y activen complementos Hunk Companion para WordPress anteriores a la versi\u00f3n 1.9.0 arbitrarios desde el repositorio de WordPress.org, incluido el complemento Hunk Companion para WordPress anterior a la versi\u00f3n 1.9.0 vulnerable que se ha cerrado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, "references": [ { "url": "https://wpscan.com/vulnerability/4963560b-e4ae-451d-8f94-482779c415e4/", diff --git a/CVE-2024/CVE-2024-130xx/CVE-2024-13077.json b/CVE-2024/CVE-2024-130xx/CVE-2024-13077.json new file mode 100644 index 00000000000..db0f34cef7b --- /dev/null +++ b/CVE-2024/CVE-2024-130xx/CVE-2024-13077.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-13077", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-31T19:15:07.880", + "lastModified": "2024-12-31T19:15:07.880", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as problematic, was found in PHPGurukul Land Record System 1.0. Affected is an unknown function of the file /admin/add-property.php. The manipulation of the argument Land Subtype leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "baseScore": 4.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://phpgurukul.com/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.289830", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.289830", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.472186", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-130xx/CVE-2024-13078.json b/CVE-2024/CVE-2024-130xx/CVE-2024-13078.json new file mode 100644 index 00000000000..3a60066bad5 --- /dev/null +++ b/CVE-2024/CVE-2024-130xx/CVE-2024-13078.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-13078", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-31T19:15:08.067", + "lastModified": "2024-12-31T19:15:08.067", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in PHPGurukul Land Record System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://phpgurukul.com/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.289831", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.289831", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.472187", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-130xx/CVE-2024-13079.json b/CVE-2024/CVE-2024-130xx/CVE-2024-13079.json new file mode 100644 index 00000000000..72006b673d8 --- /dev/null +++ b/CVE-2024/CVE-2024-130xx/CVE-2024-13079.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-13079", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-31T20:15:27.937", + "lastModified": "2024-12-31T20:15:27.937", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in PHPGurukul Land Record System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/property-details.php. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://phpgurukul.com/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.289832", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.289832", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.472188", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-130xx/CVE-2024-13080.json b/CVE-2024/CVE-2024-130xx/CVE-2024-13080.json new file mode 100644 index 00000000000..cc7e5f68aab --- /dev/null +++ b/CVE-2024/CVE-2024-130xx/CVE-2024-13080.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-13080", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-31T20:15:28.157", + "lastModified": "2024-12-31T20:15:28.157", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in PHPGurukul Land Record System 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/aboutus.php. The manipulation of the argument Page Description leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "baseScore": 4.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://phpgurukul.com/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.289833", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.289833", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.472190", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-206xx/CVE-2024-20661.json b/CVE-2024/CVE-2024-206xx/CVE-2024-20661.json index 055e75c9561..ac1bd759e3d 100644 --- a/CVE-2024/CVE-2024-206xx/CVE-2024-20661.json +++ b/CVE-2024/CVE-2024-206xx/CVE-2024-20661.json @@ -2,13 +2,13 @@ "id": "CVE-2024-20661", "sourceIdentifier": "secure@microsoft.com", "published": "2024-01-09T18:15:49.270", - "lastModified": "2024-11-21T08:52:51.913", + "lastModified": "2024-12-31T19:15:09.523", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Microsoft Message Queuing Denial of Service Vulnerability" + "value": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability" }, { "lang": "es", @@ -19,7 +19,7 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", diff --git a/CVE-2024/CVE-2024-366xx/CVE-2024-36694.json b/CVE-2024/CVE-2024-366xx/CVE-2024-36694.json index aeacc5f620f..cd7876b2566 100644 --- a/CVE-2024/CVE-2024-366xx/CVE-2024-36694.json +++ b/CVE-2024/CVE-2024-366xx/CVE-2024-36694.json @@ -2,7 +2,7 @@ "id": "CVE-2024-36694", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-18T20:15:22.637", - "lastModified": "2024-12-18T20:15:22.637", + "lastModified": "2024-12-31T20:16:06.013", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "OpenCart 4.0.2.3 es vulnerable a Server-Side Template Injection (SSTI) a trav\u00e9s de la funci\u00f3n del editor de temas." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], "references": [ { "url": "https://github.com/A3h1nt/CVEs/blob/main/OpenCart/Readme.md", @@ -32,6 +67,10 @@ { "url": "https://medium.com/@pawarit.sanguanpang/opencart-v4-0-2-3-server-side-template-injection-0b173a3bdcf9", "source": "cve@mitre.org" + }, + { + "url": "https://medium.com/@pawarit.sanguanpang/opencart-v4-0-2-3-server-side-template-injection-0b173a3bdcf9", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-376xx/CVE-2024-37649.json b/CVE-2024/CVE-2024-376xx/CVE-2024-37649.json index 9fad585276f..1df98d72196 100644 --- a/CVE-2024/CVE-2024-376xx/CVE-2024-37649.json +++ b/CVE-2024/CVE-2024-376xx/CVE-2024-37649.json @@ -2,7 +2,7 @@ "id": "CVE-2024-37649", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-18T23:15:07.440", - "lastModified": "2024-12-18T23:15:07.440", + "lastModified": "2024-12-31T20:16:06.253", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,11 +15,50 @@ "value": "La vulnerabilidad de permisos inseguros en SecureSTATION v.2.5.5.3116-S50-SMA-B20160811A y anteriores permite que un atacante f\u00edsicamente pr\u00f3ximo obtenga informaci\u00f3n confidencial mediante la modificaci\u00f3n de las credenciales del usuario." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.6, + "baseSeverity": "MEDIUM", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 0.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-281" + } + ] + } + ], "references": [ { "url": "https://github.com/kklzzcun/SecureSTATION-/blob/main/The%20SecureSTATION%20.md", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/kklzzcun/SecureSTATION-/blob/main/The%20SecureSTATION%20.md", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-390xx/CVE-2024-39025.json b/CVE-2024/CVE-2024-390xx/CVE-2024-39025.json index e1774f8311d..43892a7c88c 100644 --- a/CVE-2024/CVE-2024-390xx/CVE-2024-39025.json +++ b/CVE-2024/CVE-2024-390xx/CVE-2024-39025.json @@ -2,16 +2,55 @@ "id": "CVE-2024-39025", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-27T20:15:23.187", - "lastModified": "2024-12-27T20:15:23.187", + "lastModified": "2024-12-31T19:15:46.260", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Incorrect access control in the /users endpoint of Cpacker MemGPT v0.3.17 allows attackers to access sensitive data." + }, + { + "lang": "es", + "value": "El control de acceso incorrecto en el endpoint /users de Cpacker MemGPT v0.3.17 permite a los atacantes acceder a datos confidenciales." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/letta-ai/letta/releases/tag/0.3.17", diff --git a/CVE-2024/CVE-2024-434xx/CVE-2024-43441.json b/CVE-2024/CVE-2024-434xx/CVE-2024-43441.json index 708477cf1e5..a2fb1969e89 100644 --- a/CVE-2024/CVE-2024-434xx/CVE-2024-43441.json +++ b/CVE-2024/CVE-2024-434xx/CVE-2024-43441.json @@ -2,7 +2,7 @@ "id": "CVE-2024-43441", "sourceIdentifier": "security@apache.org", "published": "2024-12-24T12:15:21.697", - "lastModified": "2024-12-24T18:15:22.960", + "lastModified": "2024-12-31T19:15:46.423", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,30 @@ "value": "Omisi\u00f3n de autenticaci\u00f3n por vulnerabilidad de datos supuestamente inmutables en Apache HugeGraph-Server. Este problema afecta a Apache HugeGraph-Server: desde 1.0.0 antes de 1.5.0. Se recomienda a los usuarios actualizar a la versi\u00f3n 1.5.0, que soluciona el problema." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", diff --git a/CVE-2024/CVE-2024-453xx/CVE-2024-45338.json b/CVE-2024/CVE-2024-453xx/CVE-2024-45338.json index 7e00c10492d..424ffc1f2ce 100644 --- a/CVE-2024/CVE-2024-453xx/CVE-2024-45338.json +++ b/CVE-2024/CVE-2024-453xx/CVE-2024-45338.json @@ -2,7 +2,7 @@ "id": "CVE-2024-45338", "sourceIdentifier": "security@golang.org", "published": "2024-12-18T21:15:08.173", - "lastModified": "2024-12-18T21:15:08.173", + "lastModified": "2024-12-31T20:16:06.603", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Un atacante puede manipular una entrada para las funciones de an\u00e1lisis que se procesar\u00eda de forma no lineal con respecto a su longitud, lo que dar\u00eda como resultado un an\u00e1lisis extremadamente lento. Esto podr\u00eda causar una denegaci\u00f3n de servicio." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-1333" + } + ] + } + ], "references": [ { "url": "https://go.dev/cl/637536", diff --git a/CVE-2024/CVE-2024-458xx/CVE-2024-45818.json b/CVE-2024/CVE-2024-458xx/CVE-2024-45818.json index 37c799a4d36..48dfe4fbd9d 100644 --- a/CVE-2024/CVE-2024-458xx/CVE-2024-45818.json +++ b/CVE-2024/CVE-2024-458xx/CVE-2024-45818.json @@ -2,7 +2,7 @@ "id": "CVE-2024-45818", "sourceIdentifier": "security@xen.org", "published": "2024-12-19T12:15:16.540", - "lastModified": "2024-12-19T12:15:16.540", + "lastModified": "2024-12-31T19:15:46.603", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "El hipervisor contiene c\u00f3digo para acelerar los accesos a la memoria VGA para los invitados HVM, cuando el VGA (virtual) est\u00e1 en modo \"est\u00e1ndar\". El bloqueo involucrado all\u00ed tiene una disciplina inusual, dejando un bloqueo adquirido m\u00e1s all\u00e1 del retorno de la funci\u00f3n que lo adquiri\u00f3. Este comportamiento genera un problema al emular una instrucci\u00f3n con dos accesos a la memoria, ambos de los cuales tocan la memoria VGA (adem\u00e1s de algunas restricciones adicionales que no son relevantes aqu\u00ed). Al emular el segundo acceso, se intentar\u00eda volver a adquirir el bloqueo que ya se mantiene, lo que resultar\u00eda en un bloqueo. Este bloqueo ya se encontr\u00f3 cuando se introdujo el c\u00f3digo por primera vez, pero se analiz\u00f3 incorrectamente y la soluci\u00f3n fue incompleta. El an\u00e1lisis a la luz del nuevo hallazgo no puede encontrar una manera de hacer que funcione la disciplina de bloqueo existente. En la etapa de preparaci\u00f3n, se elimin\u00f3 toda esta l\u00f3gica porque se descubri\u00f3 que se hab\u00eda deshabilitado accidentalmente desde Xen 4.7. Por lo tanto, estamos solucionando el problema de bloqueo al incorporar la eliminaci\u00f3n de la mayor parte de la funci\u00f3n. Tenga en cuenta que incluso con la funci\u00f3n deshabilitada, el bloqueo a\u00fan se adquirir\u00eda para cualquier acceso a la regi\u00f3n MMIO de VGA." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.0, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], "references": [ { "url": "https://xenbits.xenproject.org/xsa/advisory-463.html", diff --git a/CVE-2024/CVE-2024-458xx/CVE-2024-45819.json b/CVE-2024/CVE-2024-458xx/CVE-2024-45819.json index e3b5275f988..e907d24a837 100644 --- a/CVE-2024/CVE-2024-458xx/CVE-2024-45819.json +++ b/CVE-2024/CVE-2024-458xx/CVE-2024-45819.json @@ -2,7 +2,7 @@ "id": "CVE-2024-45819", "sourceIdentifier": "security@xen.org", "published": "2024-12-19T12:15:16.673", - "lastModified": "2024-12-19T12:15:16.673", + "lastModified": "2024-12-31T19:15:46.797", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Las tablas ACPI de los invitados PVH se construyen mediante la pila de herramientas. La construcci\u00f3n implica la creaci\u00f3n de las tablas en la memoria local, que luego se copian en la memoria del invitado. Si bien las partes realmente utilizadas de la memoria local se completan correctamente, el espacio sobrante que se est\u00e1 asignando se deja con su contenido anterior." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + } + ], "references": [ { "url": "https://xenbits.xenproject.org/xsa/advisory-464.html", diff --git a/CVE-2024/CVE-2024-507xx/CVE-2024-50713.json b/CVE-2024/CVE-2024-507xx/CVE-2024-50713.json index b23e3e1b69c..1f5d2dddb43 100644 --- a/CVE-2024/CVE-2024-507xx/CVE-2024-50713.json +++ b/CVE-2024/CVE-2024-507xx/CVE-2024-50713.json @@ -2,16 +2,55 @@ "id": "CVE-2024-50713", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-27T21:15:07.837", - "lastModified": "2024-12-27T21:15:07.837", - "vulnStatus": "Received", + "lastModified": "2024-12-31T19:15:46.967", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "SmartAgent v1.1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tests/interface.php." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que SmartAgent v1.1.0 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro id en /tests/interface.php." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://packetstorm.news/files/id/182449/", diff --git a/CVE-2024/CVE-2024-535xx/CVE-2024-53580.json b/CVE-2024/CVE-2024-535xx/CVE-2024-53580.json index df8ee0081a5..59ff52e8288 100644 --- a/CVE-2024/CVE-2024-535xx/CVE-2024-53580.json +++ b/CVE-2024/CVE-2024-535xx/CVE-2024-53580.json @@ -2,7 +2,7 @@ "id": "CVE-2024-53580", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-18T23:15:17.010", - "lastModified": "2024-12-18T23:15:17.010", + "lastModified": "2024-12-31T20:16:06.953", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Se descubri\u00f3 que iperf v3.17.1 conten\u00eda una violaci\u00f3n de segmentaci\u00f3n a trav\u00e9s de la funci\u00f3n iperf_exchange_parameters()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], "references": [ { "url": "https://gist.github.com/neolead/663badf2ebefefa6fe4303695e7aa7a3", @@ -24,6 +59,10 @@ { "url": "https://github.com/esnet/iperf/releases/tag/3.18", "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/neolead/663badf2ebefefa6fe4303695e7aa7a3", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-544xx/CVE-2024-54453.json b/CVE-2024/CVE-2024-544xx/CVE-2024-54453.json index de80179fa53..63d9e2a5085 100644 --- a/CVE-2024/CVE-2024-544xx/CVE-2024-54453.json +++ b/CVE-2024/CVE-2024-544xx/CVE-2024-54453.json @@ -2,16 +2,55 @@ "id": "CVE-2024-54453", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-27T20:15:23.670", - "lastModified": "2024-12-27T20:15:23.670", + "lastModified": "2024-12-31T19:15:47.147", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15. A path traversal vulnerability in the DocServlet servlet allows remote attackers to retrieve any file from the Kurmi web application installation folder, e.g., files such as the obfuscated and/or compiled Kurmi source code." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Kurmi Provisioning Suite anterior a 7.9.0.35, 7.10.x a 7.10.0.18 y 7.11.x a 7.11.0.15. Una vulnerabilidad de path traversal en el servlet DocServlet permite a atacantes remotos recuperar cualquier archivo de la carpeta de instalaci\u00f3n de la aplicaci\u00f3n web Kurmi, por ejemplo, archivos como el c\u00f3digo fuente de Kurmi ofuscado y/o compilado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://kurmi-software.com", diff --git a/CVE-2024/CVE-2024-544xx/CVE-2024-54454.json b/CVE-2024/CVE-2024-544xx/CVE-2024-54454.json index 09fcb584df6..18a50a57b09 100644 --- a/CVE-2024/CVE-2024-544xx/CVE-2024-54454.json +++ b/CVE-2024/CVE-2024-544xx/CVE-2024-54454.json @@ -2,16 +2,55 @@ "id": "CVE-2024-54454", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-27T20:15:23.777", - "lastModified": "2024-12-27T20:15:23.777", + "lastModified": "2024-12-31T19:15:47.310", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15. An Observable Response Discrepancy vulnerability in the sendPasswordReinitLink action of the unlogged.do page allows remote attackers to test whether a username is valid or not. This allows confirmation of valid usernames." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Kurmi Provisioning Suite anterior a 7.9.0.35, 7.10.x a 7.10.0.18 y 7.11.x a 7.11.0.15. Una vulnerabilidad de discrepancia de respuesta observable en la acci\u00f3n sendPasswordReinitLink de la p\u00e1gina unlogged.do permite a atacantes remotos probar si un nombre de usuario es v\u00e1lido o no. Esto permite el commit de nombres de usuario v\u00e1lidos." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-203" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://kurmi-software.com", diff --git a/CVE-2024/CVE-2024-546xx/CVE-2024-54663.json b/CVE-2024/CVE-2024-546xx/CVE-2024-54663.json index 29556c95c35..c3e30718afa 100644 --- a/CVE-2024/CVE-2024-546xx/CVE-2024-54663.json +++ b/CVE-2024/CVE-2024-546xx/CVE-2024-54663.json @@ -2,7 +2,7 @@ "id": "CVE-2024-54663", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-19T23:15:07.023", - "lastModified": "2024-12-19T23:15:07.023", + "lastModified": "2024-12-31T19:15:47.500", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Se descubri\u00f3 un problema en Webmail Classic UI en Zimbra Collaboration (ZCS) 9.0, 10.0 y 10.1. Existe una vulnerabilidad de inclusi\u00f3n de archivos locales (LFI) en el endpoint /h/rest, que permite a atacantes remotos autenticados incluir y acceder a archivos confidenciales en el directorio WebRoot. La explotaci\u00f3n requiere un token de autenticaci\u00f3n v\u00e1lido e implica la manipulaci\u00f3n de una solicitud maliciosa dirigida a rutas de archivos espec\u00edficas." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-829" + } + ] + } + ], "references": [ { "url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.11#Security_Fixes", diff --git a/CVE-2024/CVE-2024-549xx/CVE-2024-54982.json b/CVE-2024/CVE-2024-549xx/CVE-2024-54982.json index 7347cbf303d..e179bad18e9 100644 --- a/CVE-2024/CVE-2024-549xx/CVE-2024-54982.json +++ b/CVE-2024/CVE-2024-549xx/CVE-2024-54982.json @@ -2,7 +2,7 @@ "id": "CVE-2024-54982", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-19T22:15:06.197", - "lastModified": "2024-12-19T22:15:06.197", + "lastModified": "2024-12-31T20:16:07.193", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Un problema en Quectel BC25 con la versi\u00f3n de firmware BC25PAR01A06 permite a los atacantes eludir la autenticaci\u00f3n a trav\u00e9s de un mensaje NAS manipulado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], "references": [ { "url": "https://github.com/haroldfeng/nbiot-va/blob/master/Quectel_BC25_Subscriber_Auth_Bypass.md", diff --git a/CVE-2024/CVE-2024-549xx/CVE-2024-54983.json b/CVE-2024/CVE-2024-549xx/CVE-2024-54983.json index 84090544297..6ce9dd3894c 100644 --- a/CVE-2024/CVE-2024-549xx/CVE-2024-54983.json +++ b/CVE-2024/CVE-2024-549xx/CVE-2024-54983.json @@ -2,7 +2,7 @@ "id": "CVE-2024-54983", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-19T22:15:06.387", - "lastModified": "2024-12-19T22:15:06.387", + "lastModified": "2024-12-31T20:16:07.363", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Un problema en Quectel BC95-CNV V100R001C00SPC051 permite a los atacantes eludir la autenticaci\u00f3n a trav\u00e9s de un mensaje NAS manipulado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], "references": [ { "url": "https://github.com/haroldfeng/nbiot-va/blob/master/Quecctel_BC95-CNV_Message_Auth_Bypass.md", diff --git a/CVE-2024/CVE-2024-549xx/CVE-2024-54984.json b/CVE-2024/CVE-2024-549xx/CVE-2024-54984.json index 00fa300dd3a..f1590f3c2ad 100644 --- a/CVE-2024/CVE-2024-549xx/CVE-2024-54984.json +++ b/CVE-2024/CVE-2024-549xx/CVE-2024-54984.json @@ -2,7 +2,7 @@ "id": "CVE-2024-54984", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-19T22:15:06.563", - "lastModified": "2024-12-19T22:15:06.563", + "lastModified": "2024-12-31T20:16:07.547", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Un problema en Quectel BG96 BG96MAR02A08M1G permite a los atacantes eludir la autenticaci\u00f3n a trav\u00e9s de un mensaje NAS manipulado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], "references": [ { "url": "https://github.com/haroldfeng/nbiot-va/blob/master/Quecctel_BG96_Message_Auth_Bypass.md", diff --git a/CVE-2024/CVE-2024-554xx/CVE-2024-55461.json b/CVE-2024/CVE-2024-554xx/CVE-2024-55461.json index eab22ef473b..94fa5b89a01 100644 --- a/CVE-2024/CVE-2024-554xx/CVE-2024-55461.json +++ b/CVE-2024/CVE-2024-554xx/CVE-2024-55461.json @@ -2,7 +2,7 @@ "id": "CVE-2024-55461", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-18T23:15:17.350", - "lastModified": "2024-12-18T23:15:17.350", + "lastModified": "2024-12-31T20:16:07.727", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,11 +15,50 @@ "value": "SeaCMS <=13.0 es vulnerable a la ejecuci\u00f3n de comandos en phome.php a trav\u00e9s de la funci\u00f3n Ebak_RepPathFiletext()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], "references": [ { "url": "https://gitee.com/FengFu01/sea/issues/IB8S1N", "source": "cve@mitre.org" + }, + { + "url": "https://gitee.com/FengFu01/sea/issues/IB8S1N", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-561xx/CVE-2024-56115.json b/CVE-2024/CVE-2024-561xx/CVE-2024-56115.json index 68294771686..12b34589bbf 100644 --- a/CVE-2024/CVE-2024-561xx/CVE-2024-56115.json +++ b/CVE-2024/CVE-2024-561xx/CVE-2024-56115.json @@ -2,7 +2,7 @@ "id": "CVE-2024-56115", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-18T23:15:17.687", - "lastModified": "2024-12-18T23:15:17.687", + "lastModified": "2024-12-31T20:16:07.903", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Existe una vulnerabilidad en Amiro.CMS anterior a la versi\u00f3n 7.8.4 debido a que no se toman medidas para neutralizar elementos especiales. Permite a atacantes remotos realizar un ataque Cross-Site Scripting (XSS)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], "references": [ { "url": "https://github.com/ComplianceControl/CVE-2024-56115", diff --git a/CVE-2024/CVE-2024-561xx/CVE-2024-56116.json b/CVE-2024/CVE-2024-561xx/CVE-2024-56116.json index e70b6dbddd6..55084a74e65 100644 --- a/CVE-2024/CVE-2024-561xx/CVE-2024-56116.json +++ b/CVE-2024/CVE-2024-561xx/CVE-2024-56116.json @@ -2,7 +2,7 @@ "id": "CVE-2024-56116", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-18T23:15:17.857", - "lastModified": "2024-12-18T23:15:17.857", + "lastModified": "2024-12-31T20:16:08.107", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Una vulnerabilidad de Cross-Site Request Forgery en Amiro.CMS anterior a 7.8.4 permite a atacantes remotos crear una cuenta de administrador." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], "references": [ { "url": "https://github.com/ComplianceControl/CVE-2024-56116", diff --git a/CVE-2024/CVE-2024-563xx/CVE-2024-56319.json b/CVE-2024/CVE-2024-563xx/CVE-2024-56319.json index 354a436db7e..d0b0572093f 100644 --- a/CVE-2024/CVE-2024-563xx/CVE-2024-56319.json +++ b/CVE-2024/CVE-2024-563xx/CVE-2024-56319.json @@ -2,7 +2,7 @@ "id": "CVE-2024-56319", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-18T23:15:18.373", - "lastModified": "2024-12-18T23:15:18.373", + "lastModified": "2024-12-31T20:16:08.380", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,30 @@ "value": "En Matter (tambi\u00e9n conocido como connectedhomeip o Project CHIP) hasta 1.4.0.0 antes de e3277eb, la adici\u00f3n ilimitada de etiquetas de usuario en un cl\u00faster de etiquetas de usuario puede provocar una denegaci\u00f3n de servicio (agotamiento de recursos)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { "source": "cve@mitre.org", @@ -40,6 +63,10 @@ { "url": "https://github.com/project-chip/connectedhomeip/pull/36843", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/project-chip/connectedhomeip/issues/36760", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-563xx/CVE-2024-56337.json b/CVE-2024/CVE-2024-563xx/CVE-2024-56337.json index 68c70305d15..edfc38df31c 100644 --- a/CVE-2024/CVE-2024-563xx/CVE-2024-56337.json +++ b/CVE-2024/CVE-2024-563xx/CVE-2024-56337.json @@ -2,7 +2,7 @@ "id": "CVE-2024-56337", "sourceIdentifier": "security@apache.org", "published": "2024-12-20T16:15:24.260", - "lastModified": "2024-12-20T16:15:24.260", + "lastModified": "2024-12-31T19:15:47.673", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,11 +15,34 @@ "value": "Vulnerabilidad de condici\u00f3n de ejecuci\u00f3n de tiempo de uso y tiempo de verificaci\u00f3n (TOCTOU) en Apache Tomcat. Este problema afecta a Apache Tomcat: desde 11.0.0-M1 hasta 11.0.1, desde 10.1.0-M1 hasta 10.1.33, desde 9.0.0.M1 hasta 9.0.97. La mitigaci\u00f3n de CVE-2024-50379 fue incompleta. Los usuarios que ejecuten Tomcat en un sistema de archivos que no distinga entre may\u00fasculas y min\u00fasculas con la escritura del servlet predeterminada habilitada (el par\u00e1metro de inicializaci\u00f3n de solo lectura establecido en el valor no predeterminado de falso) pueden necesitar una configuraci\u00f3n adicional para mitigar por completo CVE-2024-50379 seg\u00fan la versi\u00f3n de Java que est\u00e9n usando con Tomcat: - ejecut\u00e1ndose en Java 8 o Java 11: la propiedad del sistema sun.io.useCanonCaches debe establecerse expl\u00edcitamente en falso (el valor predeterminado es verdadero) - ejecut\u00e1ndose en Java 17: la propiedad del sistema sun.io.useCanonCaches, si est\u00e1 establecida, debe establecerse en falso (el valor predeterminado es falso) - ejecut\u00e1ndose en Java 21 en adelante: no se requiere ninguna configuraci\u00f3n adicional (la propiedad del sistema y el cach\u00e9 problem\u00e1tico se han eliminado) Tomcat 11.0.3, 10.1.35 y 9.0.99 en adelante incluir\u00e1n comprobaciones de que sun.io.useCanonCaches est\u00e9 configurado correctamente antes de permitir que el servlet predeterminado est\u00e9 habilitado para escritura en un sistema de archivos que no distinga entre may\u00fasculas y min\u00fasculas. Tomcat tambi\u00e9n establecer\u00e1 sun.io.useCanonCaches como falso de forma predeterminada cuando sea posible." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-564xx/CVE-2024-56431.json b/CVE-2024/CVE-2024-564xx/CVE-2024-56431.json index 55335b4e5be..668af459da3 100644 --- a/CVE-2024/CVE-2024-564xx/CVE-2024-56431.json +++ b/CVE-2024/CVE-2024-564xx/CVE-2024-56431.json @@ -2,7 +2,7 @@ "id": "CVE-2024-56431", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-25T17:15:05.510", - "lastModified": "2024-12-25T17:15:05.510", + "lastModified": "2024-12-31T19:15:47.847", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,30 @@ "value": "oc_huff_tree_unpack en huffdec.c en libtheora en Theora hasta 1.0 7180717 tiene un desplazamiento negativo a la izquierda no v\u00e1lido." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, "references": [ { "url": "https://github.com/UnionTech-Software/libtheora-CVE-2024-56431-PoC", diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56521.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56521.json index 0ef181f2162..07417e1938a 100644 --- a/CVE-2024/CVE-2024-565xx/CVE-2024-56521.json +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56521.json @@ -2,7 +2,7 @@ "id": "CVE-2024-56521", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-27T05:15:07.977", - "lastModified": "2024-12-27T05:15:07.977", + "lastModified": "2024-12-31T19:15:48.020", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,30 @@ "value": "Se descubri\u00f3 un problema en TCPDF antes de la versi\u00f3n 6.8.0. Si se utiliza libcurl, CURLOPT_SSL_VERIFYHOST y CURLOPT_SSL_VERIFYPEER se configuran de forma no segura." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "cve@mitre.org", diff --git a/CVE-2024/CVE-2024-567xx/CVE-2024-56737.json b/CVE-2024/CVE-2024-567xx/CVE-2024-56737.json index 63f2ff8bfa3..287b2e0acc0 100644 --- a/CVE-2024/CVE-2024-567xx/CVE-2024-56737.json +++ b/CVE-2024/CVE-2024-567xx/CVE-2024-56737.json @@ -2,16 +2,43 @@ "id": "CVE-2024-56737", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-29T07:15:06.000", - "lastModified": "2024-12-29T07:15:06.000", - "vulnStatus": "Received", + "lastModified": "2024-12-31T19:15:48.200", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem." + }, + { + "lang": "es", + "value": "GNU GRUB (tambi\u00e9n conocido como GRUB2) hasta la versi\u00f3n 2.12 tiene un desbordamiento de b\u00fafer basado en mont\u00f3n en fs/hfs.c a trav\u00e9s de datos sblock creados en un sistema de archivos HFS." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "cve@mitre.org", diff --git a/CVE-2024/CVE-2024-567xx/CVE-2024-56738.json b/CVE-2024/CVE-2024-567xx/CVE-2024-56738.json index 8efc602de1c..ea03e0f0046 100644 --- a/CVE-2024/CVE-2024-567xx/CVE-2024-56738.json +++ b/CVE-2024/CVE-2024-567xx/CVE-2024-56738.json @@ -2,16 +2,43 @@ "id": "CVE-2024-56738", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-29T07:15:06.183", - "lastModified": "2024-12-29T07:15:06.183", - "vulnStatus": "Received", + "lastModified": "2024-12-31T19:15:48.367", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks." + }, + { + "lang": "es", + "value": "GNU GRUB (tambi\u00e9n conocido como GRUB2) hasta la versi\u00f3n 2.12 no utiliza un algoritmo de tiempo constante para grub_crypto_memcmp y, por lo tanto, permite ataques de canal lateral." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, "weaknesses": [ { "source": "cve@mitre.org", diff --git a/README.md b/README.md index 4fc7c8b1af7..f21d4d2fff3 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-31T19:00:20.419727+00:00 +2024-12-31T21:00:21.222153+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-31T18:53:18+00:00 +2024-12-31T20:19:13.377000+00:00 ``` ### Last Data Feed Release @@ -33,43 +33,48 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -275293 +275297 ``` ### CVEs added in the last Commit -Recently added CVEs: `7` +Recently added CVEs: `4` -- [CVE-2024-13074](CVE-2024/CVE-2024-130xx/CVE-2024-13074.json) (`2024-12-31T17:15:08.280`) -- [CVE-2024-13075](CVE-2024/CVE-2024-130xx/CVE-2024-13075.json) (`2024-12-31T18:15:26.570`) -- [CVE-2024-13076](CVE-2024/CVE-2024-130xx/CVE-2024-13076.json) (`2024-12-31T18:15:27.293`) -- [CVE-2024-55631](CVE-2024/CVE-2024-556xx/CVE-2024-55631.json) (`2024-12-31T17:15:08.870`) -- [CVE-2024-55632](CVE-2024/CVE-2024-556xx/CVE-2024-55632.json) (`2024-12-31T17:15:09.007`) -- [CVE-2024-55917](CVE-2024/CVE-2024-559xx/CVE-2024-55917.json) (`2024-12-31T17:15:09.140`) -- [CVE-2024-55955](CVE-2024/CVE-2024-559xx/CVE-2024-55955.json) (`2024-12-31T17:15:09.270`) +- [CVE-2024-13077](CVE-2024/CVE-2024-130xx/CVE-2024-13077.json) (`2024-12-31T19:15:07.880`) +- [CVE-2024-13078](CVE-2024/CVE-2024-130xx/CVE-2024-13078.json) (`2024-12-31T19:15:08.067`) +- [CVE-2024-13079](CVE-2024/CVE-2024-130xx/CVE-2024-13079.json) (`2024-12-31T20:15:27.937`) +- [CVE-2024-13080](CVE-2024/CVE-2024-130xx/CVE-2024-13080.json) (`2024-12-31T20:15:28.157`) ### CVEs modified in the last Commit -Recently modified CVEs: `17` +Recently modified CVEs: `44` -- [CVE-2021-39090](CVE-2021/CVE-2021-390xx/CVE-2021-39090.json) (`2024-12-31T17:21:48.893`) -- [CVE-2021-47415](CVE-2021/CVE-2021-474xx/CVE-2021-47415.json) (`2024-12-31T18:51:37.767`) -- [CVE-2021-47416](CVE-2021/CVE-2021-474xx/CVE-2021-47416.json) (`2024-12-31T18:53:18.000`) -- [CVE-2023-35147](CVE-2023/CVE-2023-351xx/CVE-2023-35147.json) (`2024-12-31T18:15:24.223`) -- [CVE-2023-35148](CVE-2023/CVE-2023-351xx/CVE-2023-35148.json) (`2024-12-31T18:15:24.980`) -- [CVE-2023-47874](CVE-2023/CVE-2023-478xx/CVE-2023-47874.json) (`2024-12-31T17:29:07.187`) -- [CVE-2024-0403](CVE-2024/CVE-2024-04xx/CVE-2024-0403.json) (`2024-12-31T17:35:53.340`) -- [CVE-2024-13001](CVE-2024/CVE-2024-130xx/CVE-2024-13001.json) (`2024-12-31T18:15:25.487`) -- [CVE-2024-13002](CVE-2024/CVE-2024-130xx/CVE-2024-13002.json) (`2024-12-31T17:15:07.460`) -- [CVE-2024-13003](CVE-2024/CVE-2024-130xx/CVE-2024-13003.json) (`2024-12-31T17:15:07.870`) -- [CVE-2024-1349](CVE-2024/CVE-2024-13xx/CVE-2024-1349.json) (`2024-12-31T17:15:36.763`) -- [CVE-2024-1425](CVE-2024/CVE-2024-14xx/CVE-2024-1425.json) (`2024-12-31T17:16:58.103`) -- [CVE-2024-2071](CVE-2024/CVE-2024-20xx/CVE-2024-2071.json) (`2024-12-31T17:42:36.123`) -- [CVE-2024-35887](CVE-2024/CVE-2024-358xx/CVE-2024-35887.json) (`2024-12-31T18:48:10.650`) -- [CVE-2024-35889](CVE-2024/CVE-2024-358xx/CVE-2024-35889.json) (`2024-12-31T18:50:40.020`) -- [CVE-2024-35925](CVE-2024/CVE-2024-359xx/CVE-2024-35925.json) (`2024-12-31T18:51:18.303`) -- [CVE-2024-53907](CVE-2024/CVE-2024-539xx/CVE-2024-53907.json) (`2024-12-31T18:15:38.657`) +- [CVE-2024-20661](CVE-2024/CVE-2024-206xx/CVE-2024-20661.json) (`2024-12-31T19:15:09.523`) +- [CVE-2024-36694](CVE-2024/CVE-2024-366xx/CVE-2024-36694.json) (`2024-12-31T20:16:06.013`) +- [CVE-2024-37649](CVE-2024/CVE-2024-376xx/CVE-2024-37649.json) (`2024-12-31T20:16:06.253`) +- [CVE-2024-39025](CVE-2024/CVE-2024-390xx/CVE-2024-39025.json) (`2024-12-31T19:15:46.260`) +- [CVE-2024-43441](CVE-2024/CVE-2024-434xx/CVE-2024-43441.json) (`2024-12-31T19:15:46.423`) +- [CVE-2024-45338](CVE-2024/CVE-2024-453xx/CVE-2024-45338.json) (`2024-12-31T20:16:06.603`) +- [CVE-2024-45818](CVE-2024/CVE-2024-458xx/CVE-2024-45818.json) (`2024-12-31T19:15:46.603`) +- [CVE-2024-45819](CVE-2024/CVE-2024-458xx/CVE-2024-45819.json) (`2024-12-31T19:15:46.797`) +- [CVE-2024-50713](CVE-2024/CVE-2024-507xx/CVE-2024-50713.json) (`2024-12-31T19:15:46.967`) +- [CVE-2024-53580](CVE-2024/CVE-2024-535xx/CVE-2024-53580.json) (`2024-12-31T20:16:06.953`) +- [CVE-2024-54453](CVE-2024/CVE-2024-544xx/CVE-2024-54453.json) (`2024-12-31T19:15:47.147`) +- [CVE-2024-54454](CVE-2024/CVE-2024-544xx/CVE-2024-54454.json) (`2024-12-31T19:15:47.310`) +- [CVE-2024-54663](CVE-2024/CVE-2024-546xx/CVE-2024-54663.json) (`2024-12-31T19:15:47.500`) +- [CVE-2024-54982](CVE-2024/CVE-2024-549xx/CVE-2024-54982.json) (`2024-12-31T20:16:07.193`) +- [CVE-2024-54983](CVE-2024/CVE-2024-549xx/CVE-2024-54983.json) (`2024-12-31T20:16:07.363`) +- [CVE-2024-54984](CVE-2024/CVE-2024-549xx/CVE-2024-54984.json) (`2024-12-31T20:16:07.547`) +- [CVE-2024-55461](CVE-2024/CVE-2024-554xx/CVE-2024-55461.json) (`2024-12-31T20:16:07.727`) +- [CVE-2024-56115](CVE-2024/CVE-2024-561xx/CVE-2024-56115.json) (`2024-12-31T20:16:07.903`) +- [CVE-2024-56116](CVE-2024/CVE-2024-561xx/CVE-2024-56116.json) (`2024-12-31T20:16:08.107`) +- [CVE-2024-56319](CVE-2024/CVE-2024-563xx/CVE-2024-56319.json) (`2024-12-31T20:16:08.380`) +- [CVE-2024-56337](CVE-2024/CVE-2024-563xx/CVE-2024-56337.json) (`2024-12-31T19:15:47.673`) +- [CVE-2024-56431](CVE-2024/CVE-2024-564xx/CVE-2024-56431.json) (`2024-12-31T19:15:47.847`) +- [CVE-2024-56521](CVE-2024/CVE-2024-565xx/CVE-2024-56521.json) (`2024-12-31T19:15:48.020`) +- [CVE-2024-56737](CVE-2024/CVE-2024-567xx/CVE-2024-56737.json) (`2024-12-31T19:15:48.200`) +- [CVE-2024-56738](CVE-2024/CVE-2024-567xx/CVE-2024-56738.json) (`2024-12-31T19:15:48.367`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 871f3b197ac..ab123f1cc39 100644 --- a/_state.csv +++ b/_state.csv @@ -121429,7 +121429,7 @@ CVE-2018-25103,0,0,898e59dad77386a317e4ff1bf68be33ab8be6db6918e382c5845df0e79bdc CVE-2018-25104,0,0,07c0f7f8deacc6ae3510edd97c87fb0b6a5d5de0a9d91e721e0835794336db5c,2024-10-18T12:52:33.507000 CVE-2018-25105,0,0,d16cf144daafb93b508b5b5e5d66a4d924219330c977526c844488af5bef18a9,2024-10-30T18:23:57.830000 CVE-2018-25106,0,0,35ad370f4c1c497d53dd214ed57078e196a3735bc3f2d88e16b64e910fc18b4d,2024-12-23T23:15:05.720000 -CVE-2018-25107,0,0,74fe43821f03126162d488ec00a65204173cbcceaa7aefb00faa3ca65d85a033,2024-12-29T07:15:05.287000 +CVE-2018-25107,0,1,e74e5f133ec4c9e42aba268447c5e4b8ad803c3cf4918fd4d980370e8a36049c,2024-12-31T19:15:07.077000 CVE-2018-2515,0,0,5409b099d6b1ad12de2273669dad1cdf61ce6e1c2e305b93396a548635b48aa4,2023-11-07T02:57:57.887000 CVE-2018-2560,0,0,64c0ce8dd86b8cd41f028fc0faeb4c2703b3a3d6c99b5cfb7e065de6e8a10aab,2024-11-21T04:03:56.060000 CVE-2018-2561,0,0,03752647d2e63906688e002ddaaa7e85aba13094709fdf81fa6e8215efd59a07,2024-11-21T04:03:56.197000 @@ -181413,7 +181413,7 @@ CVE-2021-39087,0,0,27e8ad88b0959658cbbb8e8420fbb0e94fdf807641488c150cb00b3578578 CVE-2021-39088,0,0,7cd1d83eca90619c7fe5115fb2f33de305ee5a171855a9952df680a53c84172e,2024-11-21T06:18:34.713000 CVE-2021-39089,0,0,b1436135a966cc408f87575f75784b4b4d52d794cc798094824dcbe2e2020e9d,2024-11-21T06:18:34.897000 CVE-2021-3909,0,0,b4f50d1cb476081a1c0dffa568f50c10f64a9bf3c14faad246432c8e32952b78,2024-11-21T06:22:45.307000 -CVE-2021-39090,0,1,e9f8b0efd90a96650ea30c81e1396b48f3bb700bf121777c4c3e3da6f2204cbc,2024-12-31T17:21:48.893000 +CVE-2021-39090,0,0,e9f8b0efd90a96650ea30c81e1396b48f3bb700bf121777c4c3e3da6f2204cbc,2024-12-31T17:21:48.893000 CVE-2021-3910,0,0,56f9cb342124a7277de00f28eb2081c159eb514a0dc55bcfe3834d615408af48,2024-11-21T06:22:45.443000 CVE-2021-39109,0,0,82e2255c0ca83c3b344acda187db4c9361e3b7e4912eb610720c4bacb67deb32,2024-11-21T06:18:35.203000 CVE-2021-3911,0,0,9af5863bd74aafa5c499177e47e899ca00dab8e86368c8e779187969c412d69a,2024-11-21T06:22:45.577000 @@ -187602,10 +187602,10 @@ CVE-2021-47411,0,0,d0414849cfb396e83266669cd4701dbb6a1022ea5a51c35023bb94eb4cfc8 CVE-2021-47412,0,0,af5c4c1fde936342c029e1565c710bac695bfb5efd8710ea589f197b466eba8a,2024-11-21T06:36:05.480000 CVE-2021-47413,0,0,269d04830df035e17e52fb59428cdae6c99bbe3c5236fc44bbeb5952e9d53939,2024-12-30T20:00:33.497000 CVE-2021-47414,0,0,a83b6ed138679e0a43562ce58d15e7d1f7e5382db9d90a7386573fd9d8fa4042,2024-11-21T06:36:05.703000 -CVE-2021-47415,0,1,8de0f983558918b457e68f423e69956d3f931f2fec09c7ffbcdf46078d9be9bb,2024-12-31T18:51:37.767000 -CVE-2021-47416,0,1,a6fb7fe04ef95a2ddace719af0d49ddf563986bf49b656c3270044ca203c3594,2024-12-31T18:53:18 -CVE-2021-47417,0,0,ef21ffbd1d0dcc69c944405c3efcd8ac7dd51ac01c5d60bc09bf913df733ed89,2024-11-21T06:36:06.070000 -CVE-2021-47418,0,0,6899899fab7502122cb0d0c6605217d6cf7dea34523bfc84e2e3729ce30f6da9,2024-11-21T06:36:06.193000 +CVE-2021-47415,0,0,8de0f983558918b457e68f423e69956d3f931f2fec09c7ffbcdf46078d9be9bb,2024-12-31T18:51:37.767000 +CVE-2021-47416,0,0,a6fb7fe04ef95a2ddace719af0d49ddf563986bf49b656c3270044ca203c3594,2024-12-31T18:53:18 +CVE-2021-47417,0,1,144c4d43bd46d47098ee7f8caa61f22573930ce597a40105521bdc78e062ffff,2024-12-31T20:10:18.403000 +CVE-2021-47418,0,1,74b6d9568d70eaa9efdb0af61128f486c467ed5036072b8885975e5a0b3aeed9,2024-12-31T20:03:20.077000 CVE-2021-47419,0,0,b982e6e4a9c1837e4bd26bb12e302c41eb5725451cbe81290498c856c22cca0d,2024-11-21T06:36:06.323000 CVE-2021-47420,0,0,00afc3432a4f0c3aee8977e415c889a3d8886055a9490eac336ef9b40a80b4d4,2024-12-30T19:37:04.973000 CVE-2021-47421,0,0,0a40ba093314e9e6469359d21a45f9f0d40d5425308999e0d98a4f7123360a17,2024-11-21T06:36:06.613000 @@ -187613,8 +187613,8 @@ CVE-2021-47422,0,0,dc3123e6db84d59806cae4c311d5662de81263eadfad4838d331b275a8dfe CVE-2021-47423,0,0,12196f2af306d0a79235a9a7ad0c2f133ac495899947bc147939c1ec99649cea,2024-12-30T19:36:10.670000 CVE-2021-47424,0,0,4189ff43dc60d9554241d2c4440ad32e804985d54f34f55be1f82bcc2cd87d99,2024-11-21T06:36:06.987000 CVE-2021-47425,0,0,e2b5aa50172001766bba9e788a9bbaed4a647c805f4b3c14b325213525f5549f,2024-11-21T06:36:07.100000 -CVE-2021-47426,0,0,2989407fa517372e9bf01c80af57d6ddef49052db8615ac698619e5b677bfbb2,2024-11-21T06:36:07.227000 -CVE-2021-47427,0,0,4a2d60399380e6f4f6f01510f34003c71b6ce8edea8ebb2eb6f2162e2ee3b88d,2024-11-21T06:36:07.337000 +CVE-2021-47426,0,1,0066c1548ee3ede172f04269bda1654f2b832a53e8bfdf4ec19376679cded900,2024-12-31T20:03:39.283000 +CVE-2021-47427,0,1,9221bf1365bb7f9c84b4540c3a963d2b4ed2642f8c3f25c9e931e3e3d5c70ed9,2024-12-31T20:04:00.207000 CVE-2021-47428,0,0,f0812db04bb224fd59f1995a6a53419fa712d49595541e9e99713d66a71ac3ef,2024-11-21T06:36:07.437000 CVE-2021-47429,0,0,92f189a93479cf7c21284d6c6f1ac92135cf5f9d63603c46b3f4d84141a6018c,2024-11-21T06:36:07.550000 CVE-2021-47430,0,0,db1b39de9ef90e4e0a805197f54270c3cd47ec0b970b774ab1c6a2bede3a1414,2024-11-21T06:36:07.653000 @@ -212666,11 +212666,11 @@ CVE-2022-48703,0,0,491e5c1beaea1e9f327f45a2e23267af3034415f31d723eee0c88c8d2251b CVE-2022-48704,0,0,47746aeb57bcf7a965c1ca8f69f62ccdd67c83a463e82f583542de3bf10ea0fa,2024-11-21T07:33:49.487000 CVE-2022-48705,0,0,4d7355aade7f8a715c9b190e7e3da5273a5fffb6306134ecaf22441341989089,2024-11-21T07:33:49.613000 CVE-2022-48706,0,0,df7bc27c243d7169c8a510eac3a18557e28cf37099f71d6e212ae9f8543aaf2c,2024-11-21T07:33:49.720000 -CVE-2022-48707,0,0,2e8aa0214a6cab75fb7debda4a22570a7054ff1d9643dd79f5ec8747e3035746,2024-11-21T07:33:49.840000 -CVE-2022-48708,0,0,24945780331d8691c47715cd6690c9b33e7d4c6d7425c989e26dee5ba58f64ec,2024-11-21T07:33:49.950000 -CVE-2022-48709,0,0,0fd2dcc91eb18531747fb297a92333699fb4ef9de62834576a99f49c30a66f20,2024-11-21T07:33:50.073000 +CVE-2022-48707,0,1,aa770b0ce54de83b43971d3c660e13cc207be6b45f7f0afff899aa92f4597fa1,2024-12-31T20:05:02.337000 +CVE-2022-48708,0,1,f17cd2af4caaf5b9b119c710a47a893c0650875bbca34de98aa5b09dd7083609,2024-12-31T20:05:23.510000 +CVE-2022-48709,0,1,fc54d95445a4ac92c349f5152e9a224017618922c3246da6fbf8060ce61e55b5,2024-12-31T20:08:49.373000 CVE-2022-4871,0,0,b4542de3a65a84fc0ce86a93f7063328ad7022dde7588e4ee622183535e244ed,2024-11-21T07:36:06.627000 -CVE-2022-48710,0,0,f1522ca4a660049540b263bd4c7ebaba224314f1f78b7b3ca4c81650b46f49d2,2024-11-21T07:33:50.177000 +CVE-2022-48710,0,1,607cba958b6ece69d9a987fd1144f795d78538ca34f6c97f0a5aee81844d4ab4,2024-12-31T20:09:11.503000 CVE-2022-48711,0,0,f495c73eb7ad6fb07c6337c1d1ec1d50b0ccd37455f643daafa3b3e20d2a6cd3,2024-11-21T07:33:50.293000 CVE-2022-48712,0,0,7c29c6566abd8461c3001bbae02f41cf3b9fc81f81b6b736a51dab7e4947b5bd,2024-11-21T07:33:50.483000 CVE-2022-48713,0,0,dba52de96f36212e00e3f48911b9901b8a56b45e7b0246c938f59444b875b53e,2024-11-21T07:33:50.593000 @@ -214373,7 +214373,7 @@ CVE-2023-1325,0,0,0959d70918885d472cdc91efc9bd6dc4dd3a4b413a8c9a9ff5d155b9a97a34 CVE-2023-1326,0,0,e664d40e1b3535debd60c2ea7ad030684484488a464e3231a5c07b56759bb56e,2024-11-21T07:38:55.740000 CVE-2023-1327,0,0,8888004c214b15dcf53152f63b0da4d4942d8792b6258df09b6421cd30b67dfb,2024-11-21T07:38:55.873000 CVE-2023-1328,0,0,6257f4ab3cba69262261c728a4d409d137b249b6455eadfa7867e07928cd0322,2024-11-21T07:38:55.987000 -CVE-2023-1329,0,0,0bd985b8d513a0e55d6c38dcbaeba53124e0e808169ec90b1cfc07da6cc59d40,2024-11-21T07:38:56.117000 +CVE-2023-1329,0,1,b2e4f3215159542e7296a14fbcf5e79cb24a4fa75367f2e3939929920f0d53cb,2024-12-31T20:15:24.907000 CVE-2023-1330,0,0,fb998c6d385739d0cc045d945db5b6cca250d4f0081b84310e4edeed4d48c72a,2024-11-21T07:38:58.333000 CVE-2023-1331,0,0,78e03712a92eb85e714acdd23c3b5a8b1f4966844b1e53dd85ecedb5cbd7f90e,2024-11-21T07:38:58.457000 CVE-2023-1333,0,0,d4bafa576022a40fef05d50099c0360fe7172c3408ea7356a3dd933190cf0139,2024-11-21T07:38:58.590000 @@ -227236,8 +227236,8 @@ CVE-2023-35143,0,0,dda16ff49b2440dd2627f468a180a53e1a44f69accd2ba612c7f7e98d1eba CVE-2023-35144,0,0,70684259543a5a96520b1e98a2aa1c6b66695d2568bf9396df62c138eca1a346,2024-11-21T08:08:01.563000 CVE-2023-35145,0,0,1a86cee39ac4e4407c4314d5b2e1552e4baaf436309a563e839ead9ccfcdab67,2024-11-21T08:08:01.683000 CVE-2023-35146,0,0,44a63ad040fd2edfccf8b6f97433b38f373080f85f689126729db827ad535a71,2024-11-21T08:08:01.803000 -CVE-2023-35147,0,1,0f0067ef18cb675b8de8ec8a8086e31a112f5bc67532096b8d54325bd1e11ea3,2024-12-31T18:15:24.223000 -CVE-2023-35148,0,1,5dcf688df2d044626a61dcae0391cdc564529d0345a4908bc6ef8b839a788bb8,2024-12-31T18:15:24.980000 +CVE-2023-35147,0,0,0f0067ef18cb675b8de8ec8a8086e31a112f5bc67532096b8d54325bd1e11ea3,2024-12-31T18:15:24.223000 +CVE-2023-35148,0,0,5dcf688df2d044626a61dcae0391cdc564529d0345a4908bc6ef8b839a788bb8,2024-12-31T18:15:24.980000 CVE-2023-35149,0,0,55df5d32cebf1e44be6bb756e411e1e6672b4e82fde779c5a3dcde946aa755db,2024-12-30T16:15:11.097000 CVE-2023-3515,0,0,35dd4df8483f4213f98d9836b0fc238555087f3031c5695b66fd64b78ece979b,2024-11-21T08:17:26.130000 CVE-2023-35150,0,0,65b755d7ced4323ca0a24d92979a2dbd96132af8a1df7aaf083274d3763cc197,2024-11-21T08:08:02.300000 @@ -236643,7 +236643,7 @@ CVE-2023-47870,0,0,90674fc91b00935ca55935ec9e84b5dee66e5d5688f9bbe6b4de4aadd6227 CVE-2023-47871,0,0,cfdfec4a2737d45b346eac498c6969c85dd01b0c9f8e21357df31b1205cc6225,2024-12-09T13:15:32.767000 CVE-2023-47872,0,0,a6f12169ef04d4b51dfcd627c18e60f534b596ef65ec72eced96dd248e771f87,2024-11-21T08:30:56.573000 CVE-2023-47873,0,0,5dd5961a1e29615f7c85b89f6ca1d6467e0d9aa45488b1665947ab1206c9e06c,2024-11-21T08:30:56.700000 -CVE-2023-47874,0,1,d065eb7cc9ec7659d54380b0c5236e6587ca2a63c6ce7d1ac0079d77ae3d1875,2024-12-31T17:29:07.187000 +CVE-2023-47874,0,0,d065eb7cc9ec7659d54380b0c5236e6587ca2a63c6ce7d1ac0079d77ae3d1875,2024-12-31T17:29:07.187000 CVE-2023-47875,0,0,dfa066e7628f4ad6f4d51d4f7df32367a25258bc741871f3618113c0e9ee150c,2024-11-21T08:30:56.943000 CVE-2023-47876,0,0,6289baa82f79bb3e0548172170021c28f918791e25a4b59fff372b2a1421f295,2024-11-21T08:30:57.063000 CVE-2023-47877,0,0,28d0f86cb84c40f17691aae3c9e59f0461c4ae1ea9d2eb19edd88fae1e61d0df,2024-11-21T08:30:57.190000 @@ -240126,10 +240126,10 @@ CVE-2023-52699,0,0,7ae259a98c648d116baaac9a0a2fb48438466ea1ef5c4ff6f25c6dad558d8 CVE-2023-5270,0,0,028b3369e4393aaac4eae433175a5edbad7b5425254bbb3b4903c56b3f73ee7f,2024-12-23T15:18:44.853000 CVE-2023-52700,0,0,941df9df38105cf470545869077a5e89f909e73a5596a4472b2ed873ccfca7ff,2024-11-21T08:40:23.517000 CVE-2023-52701,0,0,7f81e122a350018a2ab348c350be394ecfcd330fc6f122c5986cf26edb66103f,2024-11-21T08:40:23.707000 -CVE-2023-52702,0,0,945993ec36ebf6a65e7658472c3379788614119f6c380a5626d2e1e8fb332500,2024-11-21T08:40:23.813000 +CVE-2023-52702,0,1,e352542e2f33f59635080ec736de2daae6f0b44a8c547092845036d9b289d3cf,2024-12-31T20:19:13.377000 CVE-2023-52703,0,0,a72f2ca6374e392e0f3c586e801c28cbf2820a6c5a0bbca31b865747d3727b63,2024-11-21T08:40:23.927000 CVE-2023-52704,0,0,1a103ac89950daf822764372babb9622b69a2879e767d3e6771b5e2b4ee03c4f,2024-11-21T08:40:24.123000 -CVE-2023-52705,0,0,d21e0119d09be61edea8f6609114b173d8159aacdca3b0764a382f977918d3f7,2024-11-21T08:40:24.293000 +CVE-2023-52705,0,1,3a3155ff294a5da5984c47633da5a4e00dcef3914159692618eee0d5c945896e,2024-12-31T20:18:52.900000 CVE-2023-52706,0,0,75eb4d9dfd0afe13e45532dadf920a055430b069b0be0985c3a80a930b4cb130,2024-11-21T08:40:24.417000 CVE-2023-52707,0,0,fa6be8689907b9a39312adc766a87a6fcfee64ab434fd87173acba26c46820ec,2024-11-21T08:40:24.527000 CVE-2023-52708,0,0,4ded131c21af9c6d2b9824779ab316cf949bcef1fe9fdde6f090a0312068852f,2024-11-21T08:40:24.640000 @@ -240269,7 +240269,7 @@ CVE-2023-5283,0,0,e63004b41585a16b9a6c21475924ec0a16ebe54df90e53c63d83b809fa5a2b CVE-2023-52830,0,0,8b6b414d6333e9d7c2c9fd5d18284e3ab1fdb4ba091b070cc2fe57c2c7664a0d,2024-05-22T12:15:09.470000 CVE-2023-52831,0,0,6eb503db12e7e4175e6ab2caad10d01fc4f2bd17f0bbae95e8d677603fb80a8a,2024-11-21T08:40:40.737000 CVE-2023-52832,0,0,3355fd7517fcc0fb0be8f8c7eda2e7d7df724527dee888b5e0dfbc128edc6538,2024-11-21T08:40:40.847000 -CVE-2023-52833,0,0,03595ee5638b6581cd3e82a9d8c86072628ba486c63f377604b4b90ea3186898,2024-11-21T08:40:41.060000 +CVE-2023-52833,0,1,21b9bd7960b86c1546252296ce79bac8573c0f83025c733cf766cdd87b53add4,2024-12-31T20:09:52.303000 CVE-2023-52834,0,0,357384de2150d0f128119ebf1b9184108ea284380581dec47410b6c84c5b816d,2024-11-21T08:40:41.177000 CVE-2023-52835,0,0,92e925d26e8a8591f18c391d6b9e1fe976cfd4d2acb7eddee898a90c55617182,2024-11-21T08:40:41.303000 CVE-2023-52836,0,0,0029a7925fc4649b50f35d0287ad054956e4521d586b9264ca6672a2f0d0315f,2024-11-21T08:40:41.427000 @@ -240277,15 +240277,15 @@ CVE-2023-52837,0,0,671b7c56498e1dbf74e44899178dcad7113a532b5e3c837ac5a122b389bd7 CVE-2023-52838,0,0,2a30ea6a98a25a2046526ce09dee3a499431b5008083a9cb56493fdc6f612057,2024-12-04T18:15:11.320000 CVE-2023-52839,0,0,bdd0ddf614f8cfc7a940c1ec3b2fd0c6dd5d1f5c610510abfee4f7d061425829,2024-11-21T08:40:41.790000 CVE-2023-5284,0,0,b5377b6162240ff7da4674e4281f932496907fcd390a93c8dc95cb21a74832e0,2024-11-21T08:41:27 -CVE-2023-52840,0,0,24d9dc033002eee9fee84b7162b66dc0cb1b2c5158658c7984678e61fba8a8d7,2024-11-21T08:40:41.890000 -CVE-2023-52841,0,0,e2c3703aec3c1bf29380c98cd5ad7172d7bd2c77262d598997c57e2aabaca2ee,2024-11-21T08:40:42.013000 -CVE-2023-52842,0,0,dda9e400d1f6252bb2c2d0b8335f17d60705030ffb1cff8d2016ebefb79c9869,2024-11-21T08:40:42.140000 +CVE-2023-52840,0,1,20c2d7357504736e8c28e2d40c238921d8255098483ed9552e90db29c704e824,2024-12-31T19:48:59.990000 +CVE-2023-52841,0,1,419a90f370f4deb7a1a4522eabe74e686f4c6ab42c2d249301c0ca386247bb84,2024-12-31T19:49:20.297000 +CVE-2023-52842,0,1,2727c3482d77bb4110830e8a486ba21ddc004d27f53514693aa01123c88608c4,2024-12-31T19:50:07.140000 CVE-2023-52843,0,0,d4f8bad35cfc21198f623b7db2be9e3dbf34745d3917a93a4d4c5fbf835e4923,2024-11-21T08:40:42.263000 CVE-2023-52844,0,0,4be95961140cbe40e6ea21580e0ea5f2152dbb2ed1ebadd5e1b5c607a986e0d7,2024-11-21T08:40:42.390000 CVE-2023-52845,0,0,bcb26e737dc4f3baf2d24ecd49e9efae880cfdcf8864ebe288815eafff3e8d26,2024-11-21T08:40:42.577000 -CVE-2023-52846,0,0,01c42a6b8e7be25d575b319f42737d3ecdca641a56e94f022df4a7164eb6f02c,2024-11-21T08:40:42.700000 +CVE-2023-52846,0,1,80f2f7dbfdae0a1a37b9f3fe596676b4039695e57bc05e9b354f71e673c3943b,2024-12-31T20:00:30.687000 CVE-2023-52847,0,0,6304dbc304f676ebb867c7a55ce40656720c1406d9bed9bac29a8b368f29bd19,2024-11-21T08:40:42.820000 -CVE-2023-52848,0,0,b83baba516532b1010d7c66d73abfe92a1b9c878ad414616a7feb31a5f084310,2024-11-21T08:40:42.947000 +CVE-2023-52848,0,1,459d324dbed98e7d46524ff0a5f74b9fe3a0775dc447bf711ba4b82011689cb1,2024-12-31T20:02:14.890000 CVE-2023-52849,0,0,f6ddd31d6e2b7b97c260676cfb8b85b07561190bd66bad001b32fe754a29cfca,2024-12-30T20:09:41.537000 CVE-2023-5285,0,0,8e1cd37b97e33f0f0685b14f4312036f59f160d705ec149a6ef0ac0f38fce8bc,2024-11-21T08:41:27.130000 CVE-2023-52850,0,0,b48747e9fef3d05f3a3f87733c20b6b6c87bf8863b4830cf8b2416b04cab3e39,2024-12-30T20:09:31.393000 @@ -242530,7 +242530,7 @@ CVE-2024-0399,0,0,e0c9666eb6b54e1bc351ebe2355d45c4620fba6932d788e054453f5337a155 CVE-2024-0400,0,0,d53ab5ef2a2202e9503db19d78333617c67c35adacd04c47616906e17a6a08d8,2024-11-21T08:46:30.080000 CVE-2024-0401,0,0,0823df990368b4b050577e6bc5b48e2ef1b07328db0e6b9bddf77162cab73776,2024-11-21T08:46:30.213000 CVE-2024-0402,0,0,c949b5bd8222e6e23b4e7ba309ff59582bbc865f49ff9c531f74ebc2c33ecdb5,2024-11-21T08:46:30.360000 -CVE-2024-0403,0,1,87f13e0d5b3ae2b2aaa1e22c5a7355c77cf012dc9fe3c296e3e1adaee67abcea,2024-12-31T17:35:53.340000 +CVE-2024-0403,0,0,87f13e0d5b3ae2b2aaa1e22c5a7355c77cf012dc9fe3c296e3e1adaee67abcea,2024-12-31T17:35:53.340000 CVE-2024-0404,0,0,e68675852fdad4a719b11b1ba5421da84ab893dbe21118b0c4ff6ad8acdc2b36,2024-11-21T08:46:30.660000 CVE-2024-0405,0,0,e66adb1ef6baed40b92ad2708a2a7f7801896af39f78da834867100b8b40a4a0,2024-11-21T08:46:30.777000 CVE-2024-0406,0,0,32138307a225ce5a983374924bf05097f2fb12720ed12df127395b83cccf520f,2024-11-21T08:46:30.900000 @@ -244704,7 +244704,7 @@ CVE-2024-11969,0,0,d3869ee85a393e22b7277fc4652d49a22be68a3946e5e05de40353058e929 CVE-2024-1197,0,0,45d3912b5b96c16c2c7bf2d968f246e6b35b4c5b3c4e5fbb80afbcf2d9b1f072,2024-11-21T08:50:01.030000 CVE-2024-11970,0,0,1a849bf68450bf6823e4c6c28effecbfa7f1d9d228ab32bedb6122aff4f177bb,2024-12-02T14:48:39.960000 CVE-2024-11971,0,0,3a422b96c75e64944718f4261ea83fbe383ac9a8c822f0cea915713588b2fd46,2024-12-03T20:04:46.493000 -CVE-2024-11972,0,0,ca1d118aabc65877ede4b984d02f8f3ff9d1fed979dcea36dcbf976158cbc2ce,2024-12-31T06:15:23.777000 +CVE-2024-11972,0,1,424587fa039b828712cb1884c1163244d01256a0bdacac0a3ceb996cedd795f8,2024-12-31T19:15:07.720000 CVE-2024-11973,0,0,09d34ca9011760fd34330c9c7e372ea8a465e3a408c53b2a4fa8f77978915f63,2024-12-10T10:15:06.123000 CVE-2024-11975,0,0,84cad561d2ec5c4dedd114d83278d4ca351957794503794e490beae7d9c6d982,2024-12-21T07:15:08.657000 CVE-2024-11977,0,0,af26de0ab40c66a5abd33edf8cb265762cba41d602bcbe3508dca43ee46ada56,2024-12-21T06:15:21.830000 @@ -245254,9 +245254,9 @@ CVE-2024-12998,0,0,eef23b70aa8365e2a841b6d551504892346dc69bac5cd92a662f6e9a2e81c CVE-2024-12999,0,0,4f91a7b34568dd8761909c9dd484d2d848a2986b921b8fe59182bb2bcd5fd1e6,2024-12-29T02:15:17.057000 CVE-2024-1300,0,0,1449d51d635587092ee7e467b53bae80464f92cc07a6bda2595172832d29c1e4,2024-11-25T03:15:10.053000 CVE-2024-13000,0,0,ba6321bc2a9fc6078fc868df7010f5a2c8da0158ccdbfe518bbd87147a0c4258,2024-12-29T03:15:05.407000 -CVE-2024-13001,0,1,c7a24e09bf623a7a99fd747399324077f6fdd26cd6e36b668379ef6681d7498b,2024-12-31T18:15:25.487000 -CVE-2024-13002,0,1,e017bd3ed8dad38c9facec87e6cf9c6a863990332eb75e6739cfc2bd94c2a67c,2024-12-31T17:15:07.460000 -CVE-2024-13003,0,1,bc9f11f8864ab2ea6fb5a3ed13ac21d7b573045ac242b34b5bd56bd2239e600b,2024-12-31T17:15:07.870000 +CVE-2024-13001,0,0,c7a24e09bf623a7a99fd747399324077f6fdd26cd6e36b668379ef6681d7498b,2024-12-31T18:15:25.487000 +CVE-2024-13002,0,0,e017bd3ed8dad38c9facec87e6cf9c6a863990332eb75e6739cfc2bd94c2a67c,2024-12-31T17:15:07.460000 +CVE-2024-13003,0,0,bc9f11f8864ab2ea6fb5a3ed13ac21d7b573045ac242b34b5bd56bd2239e600b,2024-12-31T17:15:07.870000 CVE-2024-13004,0,0,34f98fb39218b32464ee43ddbfdf00f9813682437257720830c2d4afaa952288,2024-12-29T07:15:05.643000 CVE-2024-13005,0,0,e5e2385e8ce60b58efeb40b0d581422277441d17970e70c05027460637962444,2024-12-29T08:15:05.143000 CVE-2024-13006,0,0,b47c7490c834b5f47712cdc6db1c8e8e7ea249aa0e12f85b99916c911e2c3be4,2024-12-29T08:15:06.840000 @@ -245312,10 +245312,14 @@ CVE-2024-13069,0,0,59f5977c5ed98428bf813528205c28472dbe30bb8d317db36e1c6f0f99974 CVE-2024-1307,0,0,791d403fd6ce043b636953425f5891ef42986249387c4cd3003ec2c058fbc715,2024-11-21T08:50:17.233000 CVE-2024-13070,0,0,1cf6b1571384c6cecb57fe9aaf4aa9da6835f5a35960878853e71f5290759cba,2024-12-31T15:15:07.853000 CVE-2024-13072,0,0,72b084e261b2ef9878198bf1cc32f04fdebebb613fd4a06e3be4b4d0925fd51d,2024-12-31T15:15:08.083000 -CVE-2024-13074,1,1,be9d96ea009faf92c6baa623b8aa064f3efa5a66d4dd4b0e6b6c1f57d9909fb8,2024-12-31T18:15:25.917000 -CVE-2024-13075,1,1,f6a3befb1a37a443dfdf5d7cabf2b4ff467e6c1bfb48e6b0f4a34061e5591a0b,2024-12-31T18:15:26.570000 -CVE-2024-13076,1,1,c81bd92f45df8a29b22454e3158372510e9c7defbd1b61c9dd04ea4236036c35,2024-12-31T18:15:27.293000 +CVE-2024-13074,0,0,be9d96ea009faf92c6baa623b8aa064f3efa5a66d4dd4b0e6b6c1f57d9909fb8,2024-12-31T18:15:25.917000 +CVE-2024-13075,0,0,f6a3befb1a37a443dfdf5d7cabf2b4ff467e6c1bfb48e6b0f4a34061e5591a0b,2024-12-31T18:15:26.570000 +CVE-2024-13076,0,0,c81bd92f45df8a29b22454e3158372510e9c7defbd1b61c9dd04ea4236036c35,2024-12-31T18:15:27.293000 +CVE-2024-13077,1,1,6fec2a9adaa69118aaac40377034c9d667b16b6a45f5caabe9ad1a0ad32a1bec,2024-12-31T19:15:07.880000 +CVE-2024-13078,1,1,9e028faec5365401f0cf9572afcae1b9e304d87dc89cd7ae1fcfa6308a238251,2024-12-31T19:15:08.067000 +CVE-2024-13079,1,1,acf30d8920277f2af488bd54bc3752ac651419dda31c1f7b38d1ebf5d869b523,2024-12-31T20:15:27.937000 CVE-2024-1308,0,0,b2bb733c7402260f9ace902e9d676967e691f690d52b513a8afbdef713b7d4c5,2024-11-21T08:50:17.413000 +CVE-2024-13080,1,1,0509f1f522b9304178178b5ff53d51a2e0295a82c91bc35e1cf9e87ffe20c47a,2024-12-31T20:15:28.157000 CVE-2024-1309,0,0,46059633232401d149997e4f4dfdb966bb51f1c7d1649dc6d177fd25783e7c4a,2024-11-22T20:03:02.910000 CVE-2024-1310,0,0,8eacc1832dc63ed57a42c33584abbb481a62a43a07e6f25f2b4df813accea989,2024-11-21T08:50:17.717000 CVE-2024-1311,0,0,01ebf083283fbdbf324aa4188b2056da81574dace6d1d37e23fa5b3fb1764821,2024-11-21T08:50:17.897000 @@ -245355,7 +245359,7 @@ CVE-2024-1345,0,0,0c76ed0a957ae2e29015c6df7057e5c17f3081f7b68ed33d0e7f09f33dcdc4 CVE-2024-1346,0,0,303f14c2019e4c9714a03c35023cb78da79f82df77a269203b1411390b024a24,2024-11-21T08:50:22.793000 CVE-2024-1347,0,0,b12a4cbf8e4f285872bf9a248874204d9208208e515ae74de2299237bb6626ad,2024-12-11T19:24:26.643000 CVE-2024-1348,0,0,1859f4ea1d00e7386fbff1ae86e38e3076d8135556fc20b2256d2f026d728722,2024-11-21T08:50:23.040000 -CVE-2024-1349,0,1,8b85fafe827f099aa626e71779ca220a8bf1ec034e9ea4e44b28a687cd219e20,2024-12-31T17:15:36.763000 +CVE-2024-1349,0,0,8b85fafe827f099aa626e71779ca220a8bf1ec034e9ea4e44b28a687cd219e20,2024-12-31T17:15:36.763000 CVE-2024-1350,0,0,ce11ba75737d3c0dc14aea45038ee6ef39f1db647d13879ee3f248d09a81697f,2024-11-21T08:50:23.313000 CVE-2024-1351,0,0,0ee767ddd9bd942759d1902d3186de90141de07710cd1c9cc0aaf86395d89b28,2024-11-21T08:50:23.450000 CVE-2024-1352,0,0,85cabdc392d08eea6a3af07faeea17433d56015caabb9ac17b4ff2bf52f31c91,2024-11-21T08:50:23.583000 @@ -245431,7 +245435,7 @@ CVE-2024-1421,0,0,0e761ebddf75c548cf7dd6af07abf9548a53b36a5b8589a388f6af75094a73 CVE-2024-1422,0,0,ab5bad0265cff8536624333ca6252f25bb476e49ab862e636acff1070e0c3444,2024-11-21T08:50:33.127000 CVE-2024-1423,0,0,cf9424b269ea30f1f1f93fb8aca6f7020e19a4ef0b7ad3a1dcf8f2e9317f1810,2024-02-27T15:15:07.460000 CVE-2024-1424,0,0,3a0dddd030d6706d7ea56e2d0d2580f7738e1c15b83c7969d9f91a85b7900a41,2024-11-21T08:50:33.260000 -CVE-2024-1425,0,1,5f21d9d2efc76ee4284336e12fe4e6efc369aee3b9a89ab878da35914f23bb10,2024-12-31T17:16:58.103000 +CVE-2024-1425,0,0,5f21d9d2efc76ee4284336e12fe4e6efc369aee3b9a89ab878da35914f23bb10,2024-12-31T17:16:58.103000 CVE-2024-1426,0,0,23b1a7306f53e67c5a563c9eb21d3cdb5365fa187ec8c954a68012e8a35c2dc8,2024-11-21T08:50:33.500000 CVE-2024-1427,0,0,045d36306302d266d38f2f3182a2a05490c1c0ad4388299e4f45dc3722894b2a,2024-11-21T08:50:33.653000 CVE-2024-1428,0,0,3cd64d4a3fa95db0c0830882d4e3074eb351510266e9e0c2b39fd04a5a4216fe,2024-11-21T08:50:33.803000 @@ -246450,7 +246454,7 @@ CVE-2024-20658,0,0,35ab55669bab7dd44e2b34f9f432fd62282f4252b5c9478b5dcfd8c7ab659 CVE-2024-20659,0,0,b19df5a22462437cdfeff7e62454671fe0b01022792e07337421cb0c631b63b9,2024-10-10T12:56:30.817000 CVE-2024-2066,0,0,037c499f3e012a9997068e72fc08d1a93e6383033f9bd4e4f09138fe51a30e00,2024-12-17T20:22:01.370000 CVE-2024-20660,0,0,0e6147d98823afb608faff02543e46d24413695ef479c2a06065c8dcbb6e9f78,2024-11-21T08:52:51.727000 -CVE-2024-20661,0,0,9994ea0f11f4ba124834406db53367ce807e56c25e19b13a7c566104c2d8ed3c,2024-11-21T08:52:51.913000 +CVE-2024-20661,0,1,30e543c400437abc7f96e3109a6c30132015ba4b260c75c12935ac357f961878,2024-12-31T19:15:09.523000 CVE-2024-20662,0,0,207e17d8a35a68c27a685de3e57410ab4eb1ee1d508d64eda31f4acaea318c2b,2024-11-21T08:52:52.070000 CVE-2024-20663,0,0,5993f9b9106f8ad4c2043295f80787274e8ca3131b51878011334de50be9b170,2024-11-21T08:52:52.223000 CVE-2024-20664,0,0,9ddef8fa5b9b4de3038f903b18811de952da0cd4b49b417a49e5c3b9f9f01922,2024-11-21T08:52:52.380000 @@ -246495,7 +246499,7 @@ CVE-2024-2070,0,0,973bab77934f89fe09d0fbc0680908961bf9367c926895b64fd662be409dd8 CVE-2024-20700,0,0,43924b390aac81a50c420ce1bbf6e9926186569cffcc76ed3751aa0e65d2eca0,2024-11-21T08:52:57.907000 CVE-2024-20701,0,0,fbf09da53863d41a1163f0b2f772b0407deff04eb3cd49483e137989ab71886d,2024-11-21T08:52:58.047000 CVE-2024-20709,0,0,8003d6923eeadabf8d154ec6bc60d083be31a81796cf119f5e298e094f31a556,2024-11-21T08:52:58.200000 -CVE-2024-2071,0,1,d2e81b6daa072281f02d71a1f4e91f1d783d897884617c065d19f0e2785413e1,2024-12-31T17:42:36.123000 +CVE-2024-2071,0,0,d2e81b6daa072281f02d71a1f4e91f1d783d897884617c065d19f0e2785413e1,2024-12-31T17:42:36.123000 CVE-2024-20710,0,0,630125cac97e21a974b58660b2efbd06c7fba308901057847968ac6dffc093b8,2024-11-21T08:52:58.347000 CVE-2024-20711,0,0,02bf0467c5cc4a5a559a1c296691813669992f69d4a7d69bbcdf0e99cc19ba3f,2024-11-21T08:52:58.473000 CVE-2024-20712,0,0,67acf508f9a49575031f0ba2a5b562a6cc4bcf63b0932008151cc4bc441c23f1,2024-11-21T08:52:58.597000 @@ -257953,9 +257957,9 @@ CVE-2024-35883,0,0,db4740dafc8c36960af07e7ca8018c4b49270e55e1220f98addd44eaf75b8 CVE-2024-35884,0,0,64236ae9f1f6f6d7559964b4f8856712ac0636f40624bb99449f1adf1f5aae28,2024-11-21T09:21:07.377000 CVE-2024-35885,0,0,5110fe794cf802cea059dbea13c96f04583edc7fc49e6ad2c3915af9534760db,2024-11-21T09:21:07.577000 CVE-2024-35886,0,0,d014f4e1d413232e97df138b468d29fd39a1f27a091442a8720317832bc226fe,2024-11-21T09:21:07.707000 -CVE-2024-35887,0,1,2588ad7f4abf8ac7b335cb252e298a55d87aa774395642ba3f9cd5d0ef5bebfb,2024-12-31T18:48:10.650000 +CVE-2024-35887,0,0,2588ad7f4abf8ac7b335cb252e298a55d87aa774395642ba3f9cd5d0ef5bebfb,2024-12-31T18:48:10.650000 CVE-2024-35888,0,0,6bf0ec8c17367dc341ce782cd402aac605c61aacc6e47d6a8eda07b899880bc7,2024-11-21T09:21:07.963000 -CVE-2024-35889,0,1,1e5b83e3cc331b6111bbc0db753e28d7239ac5799fcb6b5e184452a70eb75093,2024-12-31T18:50:40.020000 +CVE-2024-35889,0,0,1e5b83e3cc331b6111bbc0db753e28d7239ac5799fcb6b5e184452a70eb75093,2024-12-31T18:50:40.020000 CVE-2024-35890,0,0,b48c0adaf3ad6503b6bc1a56362fe63c2fde4acbc88f69296d9596a816c20388,2024-11-21T09:21:08.290000 CVE-2024-35891,0,0,885f68d54afe493b940360469ba789a1bf06796f950be8c3e2597b6e4d1c8051,2024-12-30T17:07:18.617000 CVE-2024-35892,0,0,69a045f4582c781dfa4942d8e2e4da93d09d9d5ba8e90e9166c3822ae028e3d9,2024-11-21T09:21:08.533000 @@ -257994,7 +257998,7 @@ CVE-2024-35921,0,0,4526cc1ba7186dbcecaca88016f42ddd8138d3cd50124e674014b54b22fb7 CVE-2024-35922,0,0,0c88e554ffaa341ceefcaf9be80ad5df621b046da9f94425d0c621a8e53f1e17,2024-12-30T19:27:42.720000 CVE-2024-35923,0,0,e200bbefa4260a7322c5705e6c101e370170f714b6cca2259ba31c94a243aae4,2024-05-25T14:15:53.013000 CVE-2024-35924,0,0,51a8e81a5087f6b00f86aef3df30b13903521527bd7c24804424b3f4f88b017b,2024-11-21T09:21:12.833000 -CVE-2024-35925,0,1,c69da8bf3be050c34947dfbb2cbe6b517f550618f4e390b45d64a13e545dc166,2024-12-31T18:51:18.303000 +CVE-2024-35925,0,0,c69da8bf3be050c34947dfbb2cbe6b517f550618f4e390b45d64a13e545dc166,2024-12-31T18:51:18.303000 CVE-2024-35926,0,0,c1b13d208fac57fe78f6933a263aa2f330043107ad1ad5de4da551ecec504628,2024-11-21T09:21:13.097000 CVE-2024-35927,0,0,278ce2f015c27adcc7ff8c3c6be22b3e8c5bb291856afb164b072d0d8d61b636,2024-11-21T09:21:13.223000 CVE-2024-35928,0,0,1c31dc8c665b8952880067e761bee324da2eee6fa320ed892680e88b3dd7b63e,2024-12-19T12:15:06.590000 @@ -258602,7 +258606,7 @@ CVE-2024-36683,0,0,be595454ef8171db03a002d73c28446849c4fd224f6bc90a988dfe37de330 CVE-2024-36684,0,0,8fab043b3364ae1eeedff575a1f0cbfbc03fa998f9cc28dd8bada425bf4a8acf,2024-11-21T09:22:32.807000 CVE-2024-3669,0,0,02585285b55d3b22720f479645776af5de87f56059e5af08132b9e0c023c8175,2024-11-21T09:30:08.690000 CVE-2024-36691,0,0,3dfc8ca2b0f56703968ad393c59292478596f8672b0393464c33aed3c63780aa,2024-11-21T09:22:33.040000 -CVE-2024-36694,0,0,7c3beafdee60bf3d601dc61cdbeec7c0eb727d43bc271ca95618fd026f1b054e,2024-12-18T20:15:22.637000 +CVE-2024-36694,0,1,32b5889c20538dc95b0b0b8bd72972330082f9805ce2d213b21a37ab60723311,2024-12-31T20:16:06.013000 CVE-2024-36699,0,0,f519eb157e638490c5e16aa33d3cf222cb0f0828212475d05c477400a1f8b777,2024-06-14T15:15:50.967000 CVE-2024-3670,0,0,011df7aa7dd67fee8fa9e90a9f41b6f2c6e7db6b1976b1ea32e3493be7d0fa3a,2024-11-21T09:30:08.863000 CVE-2024-36702,0,0,11a423e8b76e0ae816b52eb2a97a90ec57ed54a684cfbef050a165eeffd8c59a,2024-11-21T09:22:33.263000 @@ -259351,7 +259355,7 @@ CVE-2024-37642,0,0,fe3461e5fb2788de711bfd9b6bb47fd5e17a67ddb0ff15346912de18f8c42 CVE-2024-37643,0,0,1d855f4bf0f785e71cea62cbc0f369511f6ea0dce9a50a9f322baa5658c69f7b,2024-11-21T09:24:10.850000 CVE-2024-37644,0,0,04b02f37a9b83c09d899849116b647177377d8a76e70c7d8db488f726c3bd5e7,2024-11-21T09:24:11.063000 CVE-2024-37645,0,0,e4c63e220f43de5878e40a5e77259bd215d94fa70db73f63ff4753c220b74c30,2024-11-21T09:24:11.293000 -CVE-2024-37649,0,0,91d5497ec8382761cc86d75099e52753a672697f889cb53a38871056e826bfff,2024-12-18T23:15:07.440000 +CVE-2024-37649,0,1,162c02fd634f3857ac43a4b48233920dfa2eaee3a75657af8d68aaa5ded5f644,2024-12-31T20:16:06.253000 CVE-2024-3765,0,0,c54b78e5adfc3aa0aeee5a0c713f8fc0d1f32174018a6d7be47506e453bfd25c,2024-11-21T09:30:21.087000 CVE-2024-37654,0,0,907897ff6c2382fc56ee5ba07de58991906e2dbb80ef72616776edb5dc93d406,2024-11-21T19:15:08.990000 CVE-2024-3766,0,0,5b1f97d45b8d13ab711b52176ff6a759c727cc812c4dd212fe3769d5cd7bfb0f,2024-11-21T09:30:21.280000 @@ -260471,7 +260475,7 @@ CVE-2024-39020,0,0,0a4dbbb892d72755dd2470a8286490ff480e41457370eb69932806f8d508f CVE-2024-39021,0,0,11243a89cd810fa9f40502d7a6088dd9863c3f7fc91630ad32ec0f69b555cc35,2024-11-21T09:27:09.013000 CVE-2024-39022,0,0,cb16d1ad13e2952d225baf2cda88f3ff5a016f7c149d54433dae120ec9dc1c12,2024-11-21T09:27:09.260000 CVE-2024-39023,0,0,039108ecc27c1c4a0e76e0ebc3532177c569c3855e36d6bb92a8cfcf57e2b28d,2024-11-21T09:27:09.487000 -CVE-2024-39025,0,0,51b1f84dfe29bde1a5c25dc380b82b09410b484a7d59b7fe29d6d59041408eb9,2024-12-27T20:15:23.187000 +CVE-2024-39025,0,1,33dbeb8502b67b9ad343051b8ad016669a09277c4c096b1b3abccb81c6e91220,2024-12-31T19:15:46.260000 CVE-2024-39027,0,0,9c0579dae898d595139f332264c60946a6305463079e5e828b96e35983d71d37,2024-11-21T09:27:09.693000 CVE-2024-39028,0,0,655f86c8b3e4e1291e9d2943922a75fa2fc9393ff19cad0b2a5dbdcb29dc16b3,2024-11-21T09:27:09.863000 CVE-2024-3903,0,0,3abc3093808cbf33494e777ab78a2a1f0d0a381b5e414e8aae50b0d04cda30b0,2024-11-21T09:30:39.727000 @@ -263475,7 +263479,7 @@ CVE-2024-43438,0,0,73d1b28c6f38899287538d919cdc80ec31dafefe92f6661fe9a36214164d9 CVE-2024-43439,0,0,40ba494cdfdd48b88a4840d8431101c7f1fdc9c475043690f5f31b7b91efbc66,2024-11-12T15:35:10.043000 CVE-2024-4344,0,0,f2fc8cf2dc3e9a916d8c0e02c7965d497c7aae8ae1650868477b4aff5dcf5623,2024-11-21T09:42:40.023000 CVE-2024-43440,0,0,0d10351622646300ab78c6feb395f887255f528f4060e11d93edde30e1c5afaa,2024-11-08T19:01:03.880000 -CVE-2024-43441,0,0,516d682756c1683daec5f6369c3ad1ae6e4a4c38ba628b40793e77bab38736bc,2024-12-24T18:15:22.960000 +CVE-2024-43441,0,1,b2a2fcced7ec802d9c2c415b3561a149a7f16b1a99243a010f30d3e8a4193e16,2024-12-31T19:15:46.423000 CVE-2024-43442,0,0,7cf6887173b63e3e2077127f17ebb1f8864349b85ded2485a70c9170e31ad69f,2024-08-26T16:35:12.860000 CVE-2024-43443,0,0,01387b83c9d3faae4be2489d643851ab28bd718e216da87fe7730786e406c157,2024-08-26T12:47:20.187000 CVE-2024-43444,0,0,01fa601f2d9572951dd3491c52e1bfaeb60836d6e72e0f6dc396e203847ee36c,2024-08-26T12:47:20.187000 @@ -264855,7 +264859,7 @@ CVE-2024-45330,0,0,e9c0a42cafd75c39cc2fb6322b0e3eb6100b15258e5462b4bef0ad15a3b44 CVE-2024-45334,0,0,c1a95be34d5696913864dee9719b7ad805fe7ff8dee6bbd29645a138cdd2805b,2024-10-25T14:41:43.473000 CVE-2024-45335,0,0,df1b52d83b5212b89c08532eb4b3f1fce61dd8609884645d9cc9fbfcae22125a,2024-10-25T14:37:39.387000 CVE-2024-45337,0,0,0204a585b71dc2eafeae0a7aa43ff297085c36ff7e1720071b48d72e387539af,2024-12-12T21:15:08.500000 -CVE-2024-45338,0,0,6bcd995e106f62cf0d3e56bb5149f628e9198ccc35da61c1852ceeacb378221f,2024-12-18T21:15:08.173000 +CVE-2024-45338,0,1,4b2d696f8670e697ae1161a5584acef0120067536ac2182d79f6e6c35006631f,2024-12-31T20:16:06.603000 CVE-2024-4534,0,0,05ec1ad9bbf04373d4c888e50c4da6ee25a8849a5c55f74fc5c0d8923189992d,2024-11-21T09:43:03.287000 CVE-2024-45346,0,0,42bcf491a94494c9433ce7696078ac7ab2eca46d8c28dcac4158f4b2b20fa4a5,2024-08-29T03:15:05.247000 CVE-2024-45348,0,0,1e1db77a5a16312aa537fb47b5ac485ad4a9ec1edf7b08e9d1addf2cc98471e9,2024-11-25T17:14:11.713000 @@ -265156,8 +265160,8 @@ CVE-2024-45813,0,0,619ea264c0f4bf8105d5e60e8f340f4fd92c635a69072623ce613a02ad440 CVE-2024-45815,0,0,c90f4ea2d8d874b28d9c98b77b7f4224aef95bd910a7a8e17372f74226fe05c1,2024-09-23T18:31:37.277000 CVE-2024-45816,0,0,3b2db7eacb164fb9608249c78f97bf532fd821e2ac5209a34e58d8579d4ad3b1,2024-09-23T18:41:15.603000 CVE-2024-45817,0,0,04338584e0c7a05d71a1be8997c9492e340dee2b5e7a9715004e750a41578782,2024-11-21T09:38:08.627000 -CVE-2024-45818,0,0,99248a8366cffcbaee31ac7cea50029e8b175ba3c90f255f606f33b28fb425ee,2024-12-19T12:15:16.540000 -CVE-2024-45819,0,0,a223ed81d113d935018cbec6b83936fbee202c1c1a674e9e018c2e095571e174,2024-12-19T12:15:16.673000 +CVE-2024-45818,0,1,5cedc682ef3f5d9445ff8b080f0381ba193ffd5453fd7d81f8a4faf06c5fa624,2024-12-31T19:15:46.603000 +CVE-2024-45819,0,1,353a2de2c0eb71c70aa8fbb379f318bdfabc7180522e3350c949c90462cc13ca,2024-12-31T19:15:46.797000 CVE-2024-4582,0,0,b605981ff01420a78a98fb5233b1dc8843a1625834328d15dc7b493f5dcff0b7,2024-11-21T09:43:09.183000 CVE-2024-45823,0,0,cab38241202cd1b5f39ccc999566a0902486b77430bd0addb42cdbbc8510fbe3,2024-10-02T14:49:59.157000 CVE-2024-45824,0,0,052af77f2938c71d885f8780c684340b3e8def2ae196f2e001be1da99675d7b0,2024-09-12T18:14:03.913000 @@ -268499,7 +268503,7 @@ CVE-2024-50701,0,0,8a425dcfc4eae8298f28fabf6b33fe72be02546da5f5ac786e872bfaa5711 CVE-2024-50702,0,0,2571d2b76c3720865aadb0aca0493774cd9be2477d44e0732f58f6a3463bf26b,2024-12-30T16:15:11.550000 CVE-2024-50703,0,0,3ca543686c5a223cd6a966e24a4095e2a8fb771b46dd2bf6c556fada9156fae6,2024-12-30T16:15:11.713000 CVE-2024-5071,0,0,6dfa056d4abe7e6b37a7311009a7ee0087dcbc392285cd9b9ee51e94d1bed9a4,2024-11-21T09:46:54.120000 -CVE-2024-50713,0,0,ef6222df7fefcdb4ff0c05dd5195e429baad1ae292e8f58093855db0cd9cdceb,2024-12-27T21:15:07.837000 +CVE-2024-50713,0,1,0aa4de590634689fc06ab979763234a81b3e22004da47f2c72171e7a681edd71,2024-12-31T19:15:46.967000 CVE-2024-50714,0,0,16a84fabc05c17c54dc3f6c81da670e09dd8653b1c5c6f9870ff04492fd544cd,2024-12-28T18:15:08.193000 CVE-2024-50715,0,0,53941174b01f8b93ff7e1466aef626406d1063bf76001ebeacdb4e496d37a8ad,2024-12-28T18:15:09.790000 CVE-2024-50716,0,0,c2e59cab5fe74659c53b87c4579a98b488d814173561ccf55ec91942f6dea217,2024-12-28T18:15:09.997000 @@ -270193,7 +270197,7 @@ CVE-2024-53564,0,0,bf61935418f5f92f32cd62964e032ec47360caecda9e24bdf2d4ee2ea5631 CVE-2024-53566,0,0,fc369a1b56664965996271c6928e1c8e2a064ca2d4eb527d8b2effd8b48ca032,2024-12-02T18:15:11.500000 CVE-2024-5357,0,0,9057606a4938c9bbcd6685626eec47e410331b31cc1665fb8c9e75b9a990e3a5,2024-11-21T09:47:29.400000 CVE-2024-5358,0,0,ba9d3d6f584bd09e4f2a4dbb07d0235a0771fbffd077ecd2b7b801a3c6466c2b,2024-11-21T09:47:29.543000 -CVE-2024-53580,0,0,4974a8efcc09b4450fc7437135e860a6fb28756d579de96d571d9d9c01680d9c,2024-12-18T23:15:17.010000 +CVE-2024-53580,0,1,017091ad6343956d021513aaff57df30e0f57917f14c0dad11fd7549b9689d6e,2024-12-31T20:16:06.953000 CVE-2024-53589,0,0,728322b8c5b51205676d46003289ad227ccda2e910c9140fa8921fafd791e832,2024-12-11T17:15:20.233000 CVE-2024-5359,0,0,a1926c7cffc0ddd7cf732ce221c5b773e4f3ba3b6110f8717338c32417e29d1e,2024-11-21T09:47:29.680000 CVE-2024-53597,0,0,438026e14ae09726543276b1bb70c22feed1a3a736c09b864ce876954f4f80b7,2024-11-27T21:15:08.170000 @@ -270392,7 +270396,7 @@ CVE-2024-53899,0,0,ca94e39391001349829a2f872ca5d1d0c6ef0f2f07a2a901a4f8c2f87ada2 CVE-2024-5390,0,0,08f90cbe103247574c9186c9db8e0df1698f7568324022ee05c2f66185b8fb3e,2024-11-21T09:47:33.563000 CVE-2024-53900,0,0,95225d3c54f7fca3986f37c564d6889f43b0205533d3aaa1e6f91f0f170093c6,2024-12-04T04:15:04.573000 CVE-2024-53901,0,0,52cbcc170c451b305e90c5f0e2a88558d86a9bc5446c93579e76a9aa43a0081d,2024-11-26T19:52:01.653000 -CVE-2024-53907,0,1,52e57914d95f80fd8fe25e97068b0be5f136c279e3b9eb0b2bed33f7c19b3523,2024-12-31T18:15:38.657000 +CVE-2024-53907,0,0,52e57914d95f80fd8fe25e97068b0be5f136c279e3b9eb0b2bed33f7c19b3523,2024-12-31T18:15:38.657000 CVE-2024-53908,0,0,22c1318050bd40fa1560a34e0523a191b2319ab921ed06bac78859622d41e79c,2024-12-06T17:15:12.350000 CVE-2024-53909,0,0,f496b480d61110aca5ba4afaa8506ac48e157eddeacabdc9f46723c429d54992,2024-11-29T20:54:47.700000 CVE-2024-5391,0,0,bae46fa75487193c0361903ed16fa6867602896053152e2ff8328af4212268e7,2024-11-21T09:47:33.710000 @@ -270824,8 +270828,8 @@ CVE-2024-5445,0,0,868cf662746874f2c335da1d583d2882ec8b61a1e57de341d372842bb0244e CVE-2024-54450,0,0,aabb18820136b7c039cd7c034c7f73bb4fbf564b47289185c90837686625b797,2024-12-28T19:15:07.103000 CVE-2024-54451,0,0,eb5dc636c5bdd52381b7fa77adc3a2623336dbdd2148286dff7294e8af2d17f3,2024-12-28T19:15:07.340000 CVE-2024-54452,0,0,580ca4477632f0f9b88f16b8293e24b9d00dfbf3c0e7ff0a9b0468914ad431d2,2024-12-28T19:15:07.570000 -CVE-2024-54453,0,0,d216e34a64ef0897ce396a51727a5ca9fa0c011665a0ca7db56572a75cd24a04,2024-12-27T20:15:23.670000 -CVE-2024-54454,0,0,938882d1e7b8eb8a8f3b674f566de0348bbbb1cbc6fc905254e9fb631b38d349,2024-12-27T20:15:23.777000 +CVE-2024-54453,0,1,4b38818ec57830d6d15331deb8fc6306f0e91d48c89fb133c6569d5b7d3ea04e,2024-12-31T19:15:47.147000 +CVE-2024-54454,0,1,d67e1bf29a3aaa483b825ac163d62022e2785b5de9b64863f3bc27235cd67fc7,2024-12-31T19:15:47.310000 CVE-2024-54457,0,0,da0353a7ec7d859fd477580e7c54e31a24aeea86ab2c2ac2e00b7a1eda59c2cf,2024-12-18T07:15:08.377000 CVE-2024-54465,0,0,3f87a539a20fcac13fcbeaaced058bbe0bd71776e4b4a361d00304853bb61a99,2024-12-16T18:15:11.023000 CVE-2024-54466,0,0,cde2c633b064403c3330cf4e329fab2afdda24c70189b50f9e401743db80aa51,2024-12-18T17:59:28.667000 @@ -270884,7 +270888,7 @@ CVE-2024-5465,0,0,d854caa252ac359088449fa3628f1e50a198f1dced6d951af90835f2928473 CVE-2024-5466,0,0,bd8eca91ebf8acc552049523b9652cf94021fa13aaf76627ede5f76950f6758d,2024-12-19T20:21:12.243000 CVE-2024-54661,0,0,ea173308d01492e6ad07a3ec27afc15cbcb8638753fa723cdd20d4babce89e4a,2024-12-04T15:15:17.580000 CVE-2024-54662,0,0,40063869c5984ddcfcaf82116b2fa9ee6b8ef71c24c68deda4080eb1ea805f5c,2024-12-18T16:15:14.220000 -CVE-2024-54663,0,0,42596b6a479c01294b6da717d8f61e880af954f4428a9643334c91a7ad8102d6,2024-12-19T23:15:07.023000 +CVE-2024-54663,0,1,f5353753ee157eb79c3a456bcb90fa176ea7107dfe149747714f2e06d4f48033,2024-12-31T19:15:47.500000 CVE-2024-54664,0,0,d20f70ea69f653338f16a7f1cc2d57f70600da4ca2ed7cb633c4eef98563304e,2024-12-04T15:15:18.093000 CVE-2024-5467,0,0,2029498ebdad4a454f5caa2d83ff2ed9d9f9d3c1e65d4417cbe9e14c059a84f9,2024-08-27T14:35:48.977000 CVE-2024-54674,0,0,545e92efc26fab029b2ecd902e6764f6f53f740b5b32d49c4c8440f2592a5a00,2024-12-05T19:15:08.947000 @@ -270954,9 +270958,9 @@ CVE-2024-5495,0,0,5042268a950e30bd3019e8943c12e21fd198069753506c20c0160553a125c7 CVE-2024-5496,0,0,9136fd74dd5c910c46896c769e58528b87587fcd9bbfc0ee678598fdc16fe0a5,2024-12-26T16:43:17.607000 CVE-2024-5497,0,0,3a56eddb971efbd0b60114afefb35325ddcc2425bb5133ac9d5e88b22eba20b7,2024-12-26T16:43:33.383000 CVE-2024-5498,0,0,9ecbba4511623233a33c3c81181005b0976c38a133da4d6811e96531fd97f158,2024-12-26T16:43:44.433000 -CVE-2024-54982,0,0,98ee9f3f91df089d024e15754ebf4366a70c5700156670449d83f72f5fe34ac6,2024-12-19T22:15:06.197000 -CVE-2024-54983,0,0,86cc810d11debb3364c7a6acad6cd4877dbc68d9bbd3414f8438884279f0c28d,2024-12-19T22:15:06.387000 -CVE-2024-54984,0,0,643efde4d7a4eeceb9b67047cbee5352297889eb20bd98e35c254afbb89ed902,2024-12-19T22:15:06.563000 +CVE-2024-54982,0,1,cfd88a096d00b833d6272b1bd199993ae32049d7bc6efe9c3a455db48be861e0,2024-12-31T20:16:07.193000 +CVE-2024-54983,0,1,149f3772b456c1ff99a44fd44b0ae178f010b2926690711624e998da7ad367e4,2024-12-31T20:16:07.363000 +CVE-2024-54984,0,1,aeab52988334c72603822503139e9742b6f94e69c8f917b38a6d618652de5af7,2024-12-31T20:16:07.547000 CVE-2024-5499,0,0,bbe4dd69894f0f98fba609f59dfd6e7af7f9cec1f980c4939ff30b774a53a4b5,2024-12-26T16:07:06.693000 CVE-2024-5500,0,0,280f34db2c8783872a68d6daa217e3e1e4614074bb8e8b0a741315b28d98613a,2024-11-21T09:47:49.373000 CVE-2024-5501,0,0,c16d3f86bb6f5e02795073b49cb84dc8c7e7a5718a6fed025ea914c4721b4cad,2024-11-21T09:47:49.573000 @@ -271025,7 +271029,7 @@ CVE-2024-5545,0,0,b3cc69efdd158ef8f80171ade54c093cb4f6f75ed2a82ff6b2260af3cf25e4 CVE-2024-55451,0,0,4eb1042aa51ba5a2799fe7ce59f7c5e8943825e1ba0ec7639498dab2444e41a0,2024-12-17T17:15:09.687000 CVE-2024-55452,0,0,681d222c3a1792768b7aa7a338d01a7a3eab54a804f9924046fdaec1682302e7,2024-12-17T15:15:16.287000 CVE-2024-5546,0,0,71926433cfbcfec44b5e59c226d53a3ac8f9e554d9dd85d86edfe3dad7bedc17,2024-09-19T14:39:09.437000 -CVE-2024-55461,0,0,e3dde301cc2d384072f06a938ff955bc86777bee1f4b25b9dd1774b864a3d349,2024-12-18T23:15:17.350000 +CVE-2024-55461,0,1,8a5762fd3b90cc63ffd9ce1bb9331b80ec6ee2b8f4f1ecbac3350d77382b6dcf,2024-12-31T20:16:07.727000 CVE-2024-5547,0,0,c70f2b15fdfae1a20148a4f5dddd13a94d9e6eb1c9039906b5e94118b8ba53d4,2024-11-21T09:47:54.260000 CVE-2024-55470,0,0,dcfc79f3be29f89e1f2e700b61e3b076a29307f3f819bb5e3e6622ca15c02991,2024-12-20T18:15:30.370000 CVE-2024-55471,0,0,53c8545095dcd233b02e5b5368ccdda8e9894ef3eef3c8dd7b456e3a987cf26a,2024-12-20T18:15:30.730000 @@ -271076,8 +271080,8 @@ CVE-2024-55601,0,0,3b6016987278f61ded580e0e03402a0550929e4ad53cc1af6a73ada12213c CVE-2024-55602,0,0,396d72563ab4a374ac0c8980e8cee78cbdbdadbfbf983b79309109b631e68a0b,2024-12-10T18:15:43.500000 CVE-2024-55603,0,0,4a06b9a652178b29a5724b7f94acd1a3f69ff4ebeee7b75073970ce4b7b59f31,2024-12-19T00:15:06.713000 CVE-2024-5561,0,0,4022800ab031c19c97b7a8f23f8f937de2c70091af69e68157c4f9d46ea4b02c,2024-10-07T17:45:29.950000 -CVE-2024-55631,1,1,95879a012c01b67c62a7d7ebaf1b385a0a8f4d74566c1d7001e0d5428eb415a9,2024-12-31T17:15:08.870000 -CVE-2024-55632,1,1,36a1d0fbd9305fea48e979c681a382bee2c8c5e00c88ac91bdfca854ca839d2d,2024-12-31T17:15:09.007000 +CVE-2024-55631,0,0,95879a012c01b67c62a7d7ebaf1b385a0a8f4d74566c1d7001e0d5428eb415a9,2024-12-31T17:15:08.870000 +CVE-2024-55632,0,0,36a1d0fbd9305fea48e979c681a382bee2c8c5e00c88ac91bdfca854ca839d2d,2024-12-31T17:15:09.007000 CVE-2024-55633,0,0,c4adbf002e3ac0157724f2b4e7760aa632e73f70f1dac02e75e7bdb334ba90e7,2024-12-12T18:15:27.733000 CVE-2024-55634,0,0,daf076478546658d85b949599812ed8a4838ad415ad3f0107863e0715848bc3c,2024-12-11T17:15:21.243000 CVE-2024-55635,0,0,392082c131c01336e2210c07f5a3e2fcbd7cb3b3f9054eec0bafd4ca472aaecc,2024-12-10T22:15:28.190000 @@ -271132,7 +271136,7 @@ CVE-2024-55889,0,0,4fe80ccef310d79116a068c6ac228ca3c43ec868733cbb7b1340936879db8 CVE-2024-5589,0,0,f5444edd52a970169072d34e3475e47df466a0f4e4d6a1a900b9eeb8173a84e0,2024-11-21T09:47:58.880000 CVE-2024-55890,0,0,ed415926f81e15a00d962b0a92626356ed0642a3e51df83526b3e0e3894d9e2b,2024-12-13T18:15:22.373000 CVE-2024-5590,0,0,61c18480efc672e6d99b43c679013d2693f79c71f53844282e3c898145206740,2024-11-21T09:47:59.020000 -CVE-2024-55917,1,1,1f325af2a96e8ad41709dbd189d0ddfc8263df5691046d9ed51f18d85360c21b,2024-12-31T17:15:09.140000 +CVE-2024-55917,0,0,1f325af2a96e8ad41709dbd189d0ddfc8263df5691046d9ed51f18d85360c21b,2024-12-31T17:15:09.140000 CVE-2024-55918,0,0,bbfbb68501d5d412b5390769769529160437a59c66144983bc4b57777cd87c8a,2024-12-17T20:15:23.140000 CVE-2024-55946,0,0,ee860e9442a82675ef2a6aea6f75151a8e2b4e394989e5ab5272bb86ce0df26e,2024-12-13T21:15:13.603000 CVE-2024-55947,0,0,694ecef04fd68cc6252e9a6f0180b35d880ee528dac800d937aa08150e860bb0,2024-12-24T16:15:25.463000 @@ -271142,7 +271146,7 @@ CVE-2024-55950,0,0,9aa978816f7ff95eec99a92b9e38d77135d357c5e47c2f5e40a11cd20e220 CVE-2024-55951,0,0,a51355b6ae0f3b8ff81aa1c7eb7d8610a8ed0d99cdcd6fefacc2c260861ccc4a,2024-12-16T20:15:13.823000 CVE-2024-55952,0,0,40f06e6cb54766cf7357654cb464e4bb21c58158c39af1ac076f236e96ec903d,2024-12-18T19:15:11.933000 CVE-2024-55953,0,0,b8838dbbbaba7da3aab89f4fad26ee3c0ffb57f557fd7e9c1a84146519feab13,2024-12-18T19:15:12.067000 -CVE-2024-55955,1,1,c85785757c2445f92dfe0137b4c27b05f09d0628edb2ca84f307158d74fec191,2024-12-31T17:15:09.270000 +CVE-2024-55955,0,0,c85785757c2445f92dfe0137b4c27b05f09d0628edb2ca84f307158d74fec191,2024-12-31T17:15:09.270000 CVE-2024-55956,0,0,8a3a8fd441b4aa1d48f534ccf7c90847b13a0644de401a73337d5c665ef64cb7,2024-12-20T15:21:39.287000 CVE-2024-5596,0,0,eb53dbc41b5b12ac359e7b7f77cdb6558119327982ea8ec36e1ee0087b4d4e06,2024-11-21T09:47:59.330000 CVE-2024-55969,0,0,1d80cecd30844cd68ce96a6b7ee5ef5d3b9107e1b08adee083a129c50a18336c,2024-12-16T17:15:12.337000 @@ -271241,8 +271245,8 @@ CVE-2024-56087,0,0,05dc1ed5074a537273e80994b3567c3e6a1b61e2cf65010e706da64508e15 CVE-2024-5609,0,0,4c03a855f07c8ea18d8e7a70e1e2d3467f32254daea5abf62f130fb919fa93d1,2024-06-06T19:16:09.920000 CVE-2024-5611,0,0,52c51c7a288f3c0ab122ffc809ef2624c3045fff37cac024f8608d70739aac41,2024-11-21T09:48:00.920000 CVE-2024-56112,0,0,9c37554a9e3e8121be632deb2b2e9ed13eeb0233b63a1c1f431c838fba55a392,2024-12-16T16:15:10.313000 -CVE-2024-56115,0,0,df2f818b364a8a1d4de02551ca38d280da50cb90147366a03a28f3f48b4e5d17,2024-12-18T23:15:17.687000 -CVE-2024-56116,0,0,c9a3a0a18d715399a78458e6ab72e7f6a69032a475d77d6c5d2fa10d5a27cc0c,2024-12-18T23:15:17.857000 +CVE-2024-56115,0,1,ccfdd8ee6f18e71a09e80e77c239dd784626f96d64ab8285164962abb0ea0b53,2024-12-31T20:16:07.903000 +CVE-2024-56116,0,1,5e9e1abf1b4a263f6e9c895ad87cdc1730c02159e6e176fd37997ee62e12a317,2024-12-31T20:16:08.107000 CVE-2024-5612,0,0,fa9f2c267dc0651754a7af098fdc2eb62147cefb9c269a544f85a4928011ea0a,2024-11-21T09:48:01.037000 CVE-2024-56128,0,0,e2cb76efd64d63d4c386db8a1315b19e05cdb3bf57b90430767a6b815ae92cb5,2024-12-18T17:15:15.003000 CVE-2024-5613,0,0,7adefd0ffa78c5730a0bdb9525773949feed9eb79c6b9e6014b5dbc5d6f802b4,2024-11-21T09:48:01.160000 @@ -271316,7 +271320,7 @@ CVE-2024-56313,0,0,77b550409f008b252773269f5c3c808c73df4beef9ebd650c5ec3a7771cae CVE-2024-56314,0,0,6df7fe51a54001b033f35cf71e56a8c8648fba9702436f5b14cd4bfc37c84ea1,2024-12-24T03:15:08.083000 CVE-2024-56317,0,0,6d87ed355839e56850e9a45f7c43123352e878c3a786369bae996366dc30ac76,2024-12-18T23:15:18.023000 CVE-2024-56318,0,0,7a09902be02b76dee8965d1b4c5dc4107184aacb93ea0aa09ae8b7b2284e2913,2024-12-19T00:15:06.897000 -CVE-2024-56319,0,0,ae088c8f4453339638528d0d0bcecc76155247e1760c7c4c0faf14866bf22ea0,2024-12-18T23:15:18.373000 +CVE-2024-56319,0,1,28ca3f0845265026262f805138452dcd32240d1eb92a7bdb1a246f385a35fe7a,2024-12-31T20:16:08.380000 CVE-2024-5632,0,0,79535ded485ce0fc041702b30ef936da2f13ebaec98ccb0306c2826a8b572585,2024-11-21T09:48:03.353000 CVE-2024-56326,0,0,3ccfa47d9bea58f3625dc78a40f8b39f6e3cc587e1d87fa9c9f0a5fa86f60f49,2024-12-27T18:15:38.947000 CVE-2024-56327,0,0,fc2f9db0e9292714542fc861ea9d5ceb7274916f39c244431a521117db26612f,2024-12-20T18:15:31.083000 @@ -271327,7 +271331,7 @@ CVE-2024-56331,0,0,56bb9f9373efee702b7689a46e1daacea45f4bf1b3344e95d6a09a02cb299 CVE-2024-56333,0,0,fe45e753af8e2751ee1e363cda61187450051dec4bd66c266f1a6acfb0239817,2024-12-20T20:15:24.520000 CVE-2024-56334,0,0,dd145a89bec8d5c627af1aa8e241a3a3cc8f1f4441c2e387ed54258794c2f5a4,2024-12-24T17:15:09.760000 CVE-2024-56335,0,0,68042c7d7012ee80feaa30ed25472b1a3afe996d5346e3cfc0fb43c7dcee7c7c,2024-12-20T21:15:10.277000 -CVE-2024-56337,0,0,085a348bb05d4946e8e1e2f4d11acaed944544a2f48db9f87c7a427027b23d6e,2024-12-20T16:15:24.260000 +CVE-2024-56337,0,1,b3cadb8432e4f2288c1e8cc5ca248ae45f82b5396ae9a1777aafe7cfe81a1919,2024-12-31T19:15:47.673000 CVE-2024-5634,0,0,fe363b0a66fb6b5b9d2d7dec7e16e67a66de21f18ca94ef9da54634c5755ab66,2024-11-21T09:48:03.610000 CVE-2024-56348,0,0,ddeed395caafb1c9a48d3bcb125cc674df0d08f17ff7ee8b385d8142c170879b,2024-12-20T15:15:05.507000 CVE-2024-56349,0,0,2f0d695f84ad749bce0b6bcf27abb9d8e6f8c68365de1347c35b25add4fdb5da,2024-12-20T15:15:08.300000 @@ -271356,7 +271360,7 @@ CVE-2024-5640,0,0,01c62801966d56f9308a985efd017779bd36dfe950ad675d920936fb65a56c CVE-2024-5641,0,0,2dd93bc7f72d9dace7fe09cc2f2eb2c7de91223a0269467571863f0c170a0712,2024-11-21T09:48:04.573000 CVE-2024-5642,0,0,272b3c46f017079f5e7a4c3a57dae457f6d7a543b129faf9804cec24715f8735,2024-11-21T09:48:04.713000 CVE-2024-56430,0,0,0262ea105dbec15a8d2974aa338fd319cfb88d949549b9f7b495f5427178dfce,2024-12-26T20:15:23.447000 -CVE-2024-56431,0,0,f9f11842f1c143dbc86988c0b0c6fd309cae4b0848e05cc57523a470d1533b91,2024-12-25T17:15:05.510000 +CVE-2024-56431,0,1,5aa653764fe24dfd87678f336b5b1cc07c0f854ae90d756ecc10c6203bee6e8b,2024-12-31T19:15:47.847000 CVE-2024-56433,0,0,41933bdf4cf50f4b61b9a39102f868e297a293e10ec834a2eac62b7879bed51f,2024-12-26T09:15:07.267000 CVE-2024-5644,0,0,160a368b3a7f8d4e53712fad16fb1094662061822d6ba961b4f309a68658057a,2024-11-21T09:48:04.900000 CVE-2024-5645,0,0,d8c292e5143e4cdbc6691cac923174cc5efea85d55c86c52beb1b8ee7a249593,2024-11-21T09:48:05.083000 @@ -271375,7 +271379,7 @@ CVE-2024-56517,0,0,65c6507911433d4cc6f529fa655b3eded381be11e52e2d7cbe5b07f95e44e CVE-2024-56519,0,0,ba6a49ecaaf54f8458a0d69c5d70c7a58a8b2dfa4fff4d4173a1ded6a5dca02f,2024-12-27T05:15:07.677000 CVE-2024-5652,0,0,1dda3b28a95a3027cca32754d8e2a9cb8bd181dca86e7b0a455abcf575817afc,2024-11-21T09:48:05.750000 CVE-2024-56520,0,0,d5cf08096a86ee5091a69d63f922a02ae7d505f736e95f2dafa31155ab9b2521,2024-12-27T05:15:07.837000 -CVE-2024-56521,0,0,6c08543a38146e5fc1fde79ac98f99bec226bbcb111f67da05a8800cf78ac8d9,2024-12-27T05:15:07.977000 +CVE-2024-56521,0,1,5d4a5d0ca5e3c3bf7d88ebb212d4979e0d67251982c8b0fd19fb2eec1058ca1b,2024-12-31T19:15:48.020000 CVE-2024-56522,0,0,c0719b044dbc0fcdc0d4eaed012a8c95725e84ecda329fba60f601478e6101fc,2024-12-30T16:15:11.920000 CVE-2024-56527,0,0,bc553a98c63c830a826f605f9380ce4cabbc6f74db77f93c30b7ece0efc5737f,2024-12-28T19:15:07.800000 CVE-2024-5653,0,0,6a43b27cee3d2293652e8e6e2ccb4fc0236822263be85c5365c247a4f0b2a7b5,2024-11-21T09:48:05.873000 @@ -271601,8 +271605,8 @@ CVE-2024-56730,0,0,8c0489a2be6826ac090f4c7143c5a1ce20538326cb249c1bf4efa4ce53c34 CVE-2024-56732,0,0,287b71ca5ec03d5825a19e7eb68f3eaf02e994b222dd83ad368ff3860bd04893,2024-12-28T17:15:08.190000 CVE-2024-56733,0,0,bb7ab60192d128c5924c9681713573d2d6ee23c38f0427411ab8458f0d80d941,2024-12-30T17:15:09.990000 CVE-2024-56734,0,0,2497b230c6d0aecf91aef170893b52e8572cbc936227f00c99e840956d0d53ab,2024-12-30T17:15:10.133000 -CVE-2024-56737,0,0,c5b53d74a7d8becee9d7686cadbd97c81361cafe48dbaf7f17677fffdb74d569,2024-12-29T07:15:06 -CVE-2024-56738,0,0,dbe898f2fe3f1be88a29cc27198d8199547b6c9a324db196d7c00718a50e331e,2024-12-29T07:15:06.183000 +CVE-2024-56737,0,1,c3aaf99c36c23af464a66c062701c19603d594053e6f3cc8853149bf45f4a8bd,2024-12-31T19:15:48.200000 +CVE-2024-56738,0,1,2c6e7a0135dc52aa66f71228f9c31faaeccb71b3032abf4849b70327f1510fa7,2024-12-31T19:15:48.367000 CVE-2024-56739,0,0,76854638c5197df86d13e9907fc31b51cb0725dcb6db0a6b52c0c727fdee40a6,2024-12-29T12:15:07.240000 CVE-2024-5674,0,0,7c06c249e0424ac37040b124ed7da9cd19cf8f5ce54c37fa3d48f3eda72c297e,2024-11-21T09:48:08.183000 CVE-2024-56740,0,0,1a7162edf18e26da0a7c0ea89e0ba508f37cddcd76403174dc7e31eeeca10af3,2024-12-29T12:15:07.360000