admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-03-04T23:00:29.036078+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-03-04 23:00:32 +00:00
parent 8d89132b8d
commit 59738c23ca
29 changed files with 2091 additions and 181 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2013/CVE-2013-20xx/CVE-2013-2094.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2013-2094", "id": "CVE-2013-2094",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2013-05-14T20:55:01.527", "published": "2013-05-14T20:55:01.527",
"lastModified": "2024-02-15T18:55:06.433", "lastModified": "2024-03-04T22:58:17.433",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"cisaExploitAdd": "2022-09-15", "cisaExploitAdd": "2022-09-15",
"cisaActionDue": "2022-10-06", "cisaActionDue": "2022-10-06",
@ -67,8 +67,8 @@
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartExcluding": "3.0.75", "versionEndExcluding": "3.0.75",
"matchCriteriaId": "A27B5A59-06DB-4280-94E4-850B5866ABC3" "matchCriteriaId": "4A84D169-58BB-49ED-A9F4-776E182C22D8"
}, },
{ {
"vulnerable": true, "vulnerable": true,

15
CVE-2017/CVE-2017-66xx/CVE-2017-6627.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-6627", "id": "CVE-2017-6627",
"sourceIdentifier": "ykramarz@cisco.com", "sourceIdentifier": "ykramarz@cisco.com",
"published": "2017-09-07T21:29:00.660", "published": "2017-09-07T21:29:00.660",
"lastModified": "2019-10-09T23:28:52.077", "lastModified": "2024-03-04T22:59:28.410",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"cisaExploitAdd": "2022-03-03", "cisaExploitAdd": "2022-03-03",
"cisaActionDue": "2022-03-24", "cisaActionDue": "2022-03-24",
"cisaRequiredAction": "Apply updates per vendor instructions.", "cisaRequiredAction": "Apply updates per vendor instructions.",
@ -19,13 +19,13 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV30": [ "cvssMetricV31": [
{ {
"source": "nvd@nist.gov", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.0", "version": "3.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
@ -271,11 +271,6 @@
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m7:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m7:*:*:*:*:*:*:*",
"matchCriteriaId": "FB998A1F-BAEA-4B8F-BE49-1C282ED3952E" "matchCriteriaId": "FB998A1F-BAEA-4B8F-BE49-1C282ED3952E"
}, },
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73E7874-A063-4AE5-9F0A-53D590B7B99B"
},
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*",

13
CVE-2017/CVE-2017-66xx/CVE-2017-6663.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-6663", "id": "CVE-2017-6663",
"sourceIdentifier": "ykramarz@cisco.com", "sourceIdentifier": "ykramarz@cisco.com",
"published": "2017-08-07T06:29:00.230", "published": "2017-08-07T06:29:00.230",
"lastModified": "2019-10-03T00:03:26.223", "lastModified": "2024-03-04T22:59:19.157",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"cisaExploitAdd": "2022-03-03", "cisaExploitAdd": "2022-03-03",
"cisaActionDue": "2022-03-24", "cisaActionDue": "2022-03-24",
@ -19,13 +19,13 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV30": [ "cvssMetricV31": [
{ {
"source": "nvd@nist.gov", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.0", "version": "3.1",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK", "attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
@ -671,11 +671,6 @@
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m:*:*:*:*:*:*:*",
"matchCriteriaId": "9C8A00BF-4522-467B-A96E-5C33623DCA2D" "matchCriteriaId": "9C8A00BF-4522-467B-A96E-5C33623DCA2D"
}, },
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73E7874-A063-4AE5-9F0A-53D590B7B99B"
},
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.0e:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:cisco:ios_xe:3.7.0e:*:*:*:*:*:*:*",

13
CVE-2017/CVE-2017-66xx/CVE-2017-6665.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-6665", "id": "CVE-2017-6665",
"sourceIdentifier": "ykramarz@cisco.com", "sourceIdentifier": "ykramarz@cisco.com",
"published": "2017-08-07T06:29:00.293", "published": "2017-08-07T06:29:00.293",
"lastModified": "2019-10-03T00:03:26.223", "lastModified": "2024-03-04T22:59:22.970",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -15,13 +15,13 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV30": [ "cvssMetricV31": [
{ {
"source": "nvd@nist.gov", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.0", "version": "3.1",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK", "attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
@ -667,11 +667,6 @@
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m:*:*:*:*:*:*:*",
"matchCriteriaId": "9C8A00BF-4522-467B-A96E-5C33623DCA2D" "matchCriteriaId": "9C8A00BF-4522-467B-A96E-5C33623DCA2D"
}, },
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73E7874-A063-4AE5-9F0A-53D590B7B99B"
},
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.0e:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:cisco:ios_xe:3.7.0e:*:*:*:*:*:*:*",

6
CVE-2018/CVE-2018-201xx/CVE-2018-20169.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-20169", "id": "CVE-2018-20169",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2018-12-17T07:29:00.653", "published": "2018-12-17T07:29:00.653",
"lastModified": "2024-02-15T15:56:15.670", "lastModified": "2024-03-04T22:59:10.290",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -85,8 +85,8 @@
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartExcluding": "3.16.63", "versionEndExcluding": "3.16.63",
"matchCriteriaId": "130870FD-48F8-416B-8243-1635BCAF703E" "matchCriteriaId": "CB33BC17-64C0-4C32-8A1A-4A32ADA3049E"
}, },
{ {
"vulnerable": true, "vulnerable": true,

7
CVE-2019/CVE-2019-17xx/CVE-2019-1738.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-1738", "id": "CVE-2019-1738",
"sourceIdentifier": "ykramarz@cisco.com", "sourceIdentifier": "ykramarz@cisco.com",
"published": "2019-03-28T00:29:00.310", "published": "2019-03-28T00:29:00.310",
"lastModified": "2023-03-24T17:47:16.920", "lastModified": "2024-03-04T22:59:31.617",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -659,11 +659,6 @@
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(7\\)sn:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:cisco:ios:15.6\\(7\\)sn:*:*:*:*:*:*:*",
"matchCriteriaId": "F805324A-1593-4B48-B597-CF870D35944B" "matchCriteriaId": "F805324A-1593-4B48-B597-CF870D35944B"
}, },
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73E7874-A063-4AE5-9F0A-53D590B7B99B"
},
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.0ja:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:cisco:ios_xe:3.2.0ja:*:*:*:*:*:*:*",

7
CVE-2019/CVE-2019-17xx/CVE-2019-1739.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-1739", "id": "CVE-2019-1739",
"sourceIdentifier": "ykramarz@cisco.com", "sourceIdentifier": "ykramarz@cisco.com",
"published": "2019-03-28T00:29:00.340", "published": "2019-03-28T00:29:00.340",
"lastModified": "2023-03-24T17:47:09.713", "lastModified": "2024-03-04T22:59:36.037",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -659,11 +659,6 @@
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(7\\)sn:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:cisco:ios:15.6\\(7\\)sn:*:*:*:*:*:*:*",
"matchCriteriaId": "F805324A-1593-4B48-B597-CF870D35944B" "matchCriteriaId": "F805324A-1593-4B48-B597-CF870D35944B"
}, },
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73E7874-A063-4AE5-9F0A-53D590B7B99B"
},
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.2.0ja:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:cisco:ios_xe:3.2.0ja:*:*:*:*:*:*:*",

19
CVE-2019/CVE-2019-17xx/CVE-2019-1752.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-1752", "id": "CVE-2019-1752",
"sourceIdentifier": "ykramarz@cisco.com", "sourceIdentifier": "ykramarz@cisco.com",
"published": "2019-03-28T00:29:00.810", "published": "2019-03-28T00:29:00.810",
"lastModified": "2019-10-09T23:47:58.173", "lastModified": "2024-03-04T22:59:48.230",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -15,13 +15,13 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV30": [ "cvssMetricV31": [
{ {
"source": "nvd@nist.gov", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.0", "version": "3.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
@ -35,7 +35,9 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
}, }
],
"cvssMetricV30": [
{ {
"source": "ykramarz@cisco.com", "source": "ykramarz@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -1077,11 +1079,6 @@
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m0a:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m0a:*:*:*:*:*:*:*",
"matchCriteriaId": "D8DFE673-9A5E-4369-A7BB-3DE7F8E503C4" "matchCriteriaId": "D8DFE673-9A5E-4369-A7BB-3DE7F8E503C4"
}, },
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73E7874-A063-4AE5-9F0A-53D590B7B99B"
},
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.0s:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:cisco:ios_xe:3.8.0s:*:*:*:*:*:*:*",

15
CVE-2019/CVE-2019-17xx/CVE-2019-1757.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-1757", "id": "CVE-2019-1757",
"sourceIdentifier": "ykramarz@cisco.com", "sourceIdentifier": "ykramarz@cisco.com",
"published": "2019-03-28T01:29:00.423", "published": "2019-03-28T01:29:00.423",
"lastModified": "2019-10-09T23:47:59.393", "lastModified": "2024-03-04T22:59:52.460",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -15,13 +15,13 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV30": [ "cvssMetricV31": [
{ {
"source": "nvd@nist.gov", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.0", "version": "3.1",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "HIGH", "attackComplexity": "HIGH",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
@ -747,11 +747,6 @@
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m2:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DB7943-5CE1-44F6-B093-5EA65BF71A59" "matchCriteriaId": "A1DB7943-5CE1-44F6-B093-5EA65BF71A59"
}, },
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73E7874-A063-4AE5-9F0A-53D590B7B99B"
},
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.4e:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.4e:*:*:*:*:*:*:*",

13
CVE-2021/CVE-2021-36xx/CVE-2021-3621.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-3621", "id": "CVE-2021-3621",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2021-12-23T21:15:08.920", "published": "2021-12-23T21:15:08.920",
"lastModified": "2023-05-29T17:15:09.747", "lastModified": "2024-03-04T22:58:08.510",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -94,8 +94,8 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:sssd:sssd:2.6.0:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:fedoraproject:sssd:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "588B844D-B6FA-443E-ABCC-E824E57E413F" "matchCriteriaId": "ABE9C314-FAD9-476A-899B-59ECA2F999F0"
} }
] ]
} }
@ -194,7 +194,10 @@
}, },
{ {
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html", "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://sssd.io/release-notes/sssd-2.6.0.html", "url": "https://sssd.io/release-notes/sssd-2.6.0.html",

20
CVE-2022/CVE-2022-37xx/CVE-2022-3734.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-3734", "id": "CVE-2022-3734",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2022-10-28T08:15:14.640", "published": "2022-10-28T08:15:14.640",
"lastModified": "2023-11-07T03:51:45.143", "lastModified": "2024-03-04T22:55:48.850",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -37,7 +37,7 @@
"impactScore": 5.9 "impactScore": 5.9
}, },
{ {
"source": "1af790b2-7ee1-4545-860a-a788eba489b5", "source": "cna@vuldb.com",
"type": "Secondary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
@ -60,7 +60,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "1af790b2-7ee1-4545-860a-a788eba489b5", "source": "cna@vuldb.com",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -72,6 +72,7 @@
], ],
"configurations": [ "configurations": [
{ {
"operator": "AND",
"nodes": [ "nodes": [
{ {
"operator": "OR", "operator": "OR",
@ -83,6 +84,17 @@
"matchCriteriaId": "5EBE5E1C-C881-4A76-9E36-4FB7C48427E6" "matchCriteriaId": "5EBE5E1C-C881-4A76-9E36-4FB7C48427E6"
} }
] ]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
} }
] ]
} }

7
CVE-2022/CVE-2022-485xx/CVE-2022-48554.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48554", "id": "CVE-2022-48554",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:31.757", "published": "2023-08-22T19:16:31.757",
"lastModified": "2023-12-27T22:04:16.397", "lastModified": "2024-03-04T22:57:50.017",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -55,9 +55,8 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:file_project:file:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:file_project:file:5.41:*:*:*:*:*:*:*",
"versionEndExcluding": "5.43", "matchCriteriaId": "F684BBD1-49E6-475A-8D47-4A07436B1081"
"matchCriteriaId": "7059BC3A-2E20-4427-A86C-54DB8AE3B792"
} }
] ]
} }

55
CVE-2023/CVE-2023-418xx/CVE-2023-41827.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-41827",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2024-03-04T22:15:46.330",
"lastModified": "2024-03-04T22:15:46.330",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An improper export vulnerability was reported in the Motorola OTA update application, that could allow a malicious, local application to inject an HTML-based message on screen UI."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@lenovo.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "psirt@lenovo.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-926"
}
]
}
],
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178273",
"source": "psirt@lenovo.com"
}
]
}

55
CVE-2023/CVE-2023-418xx/CVE-2023-41829.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-41829",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2024-03-04T22:15:46.547",
"lastModified": "2024-03-04T22:15:46.547",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An improper export vulnerability was reported in the Motorola Carrier Services application that could allow a malicious, local application to read files without authorization."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@lenovo.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@lenovo.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-926"
}
]
}
],
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178272",
"source": "psirt@lenovo.com"
}
]
}

6
CVE-2023/CVE-2023-492xx/CVE-2023-49290.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49290", "id": "CVE-2023-49290",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-05T00:15:09.190", "published": "2023-12-05T00:15:09.190",
"lastModified": "2023-12-08T17:25:26.917", "lastModified": "2024-03-04T22:59:00.657",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -80,8 +80,8 @@
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:lestrrat-go:jwx:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:lestrrat-go:jwx:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.2.27", "versionEndExcluding": "1.2.27",
"matchCriteriaId": "1E36615F-24CB-4999-B852-484E597CE4F4" "matchCriteriaId": "D883F8E3-02A2-4BC4-ADB3-F420624DD720"
}, },
{ {
"vulnerable": true, "vulnerable": true,

146
CVE-2023/CVE-2023-521xx/CVE-2023-52160.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52160", "id": "CVE-2023-52160",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-02-22T17:15:08.263", "published": "2024-02-22T17:15:08.263",
"lastModified": "2024-02-27T16:15:45.583", "lastModified": "2024-03-04T22:47:18.233",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,23 +14,141 @@
"value": "La implementaci\u00f3n de PEAP en wpa_supplicant hasta la versi\u00f3n 2.10 permite omitir la autenticaci\u00f3n. Para un ataque exitoso, se debe configurar wpa_supplicant para no verificar el certificado TLS de la red durante la autenticaci\u00f3n de la Fase 1, y luego se puede abusar de una vulnerabilidad eap_peap_decrypt para omitir la autenticaci\u00f3n de la Fase 2. El vector de ataque env\u00eda un paquete de \u00e9xito EAP-TLV en lugar de iniciar la Fase 2. Esto permite a un adversario hacerse pasar por redes Wi-Fi empresariales." "value": "La implementaci\u00f3n de PEAP en wpa_supplicant hasta la versi\u00f3n 2.10 permite omitir la autenticaci\u00f3n. Para un ataque exitoso, se debe configurar wpa_supplicant para no verificar el certificado TLS de la red durante la autenticaci\u00f3n de la Fase 1, y luego se puede abusar de una vulnerabilidad eap_peap_decrypt para omitir la autenticaci\u00f3n de la Fase 2. El vector de ataque env\u00eda un paquete de \u00e9xito EAP-TLV en lugar de iniciar la Fase 2. Esto permite a un adversario hacerse pasar por redes Wi-Fi empresariales."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00013.html", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
}, },
{ "exploitabilityScore": 2.8,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N46C4DTVUWK336OYDA4LGALSC5VVPTCC/", "impactScore": 3.6
"source": "cve@mitre.org" }
]
}, },
"weaknesses": [
{ {
"url": "https://w1.fi/cgit/hostap/commit/?id=8e6485a1bcb0baffdea9e55255a81270b768439c", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
}, "description": [
{ {
"url": "https://www.top10vpn.com/research/wifi-vulnerabilities/", "lang": "en",
"source": "cve@mitre.org" "value": "CWE-287"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.10",
"matchCriteriaId": "334B562B-B7A1-480C-ADF0-B92A14385AD1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5ACCACAF-7BD6-4C0A-8E6A-67E13D5E341D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00013.html",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N46C4DTVUWK336OYDA4LGALSC5VVPTCC/",
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://w1.fi/cgit/hostap/commit/?id=8e6485a1bcb0baffdea9e55255a81270b768439c",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://www.top10vpn.com/research/wifi-vulnerabilities/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

88
CVE-2023/CVE-2023-521xx/CVE-2023-52161.json
View File

@ -2,27 +2,93 @@
"id": "CVE-2023-52161", "id": "CVE-2023-52161",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-02-22T17:15:08.327", "published": "2024-02-22T17:15:08.327",
"lastModified": "2024-02-22T19:07:27.197", "lastModified": "2024-03-04T22:50:03.490",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key." "value": "The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key."
},
{
"lang": "es",
"value": "La funcionalidad de punto de acceso en eapol_auth_key_handle en eapol.c en iNet wireless daemon (IWD) anterior a 2.14 permite a los atacantes obtener acceso no autorizado a una red Wi-Fi protegida. Un atacante puede completar el protocolo de enlace EAPOL omitiendo Msg2/4 y en su lugar enviando Msg4/4 con una tecla de ceros."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=6415420f1c92012f64063c131480ffcef58e60ca", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}, },
{ "exploitabilityScore": 3.9,
"url": "https://iwd.wiki.kernel.org/", "impactScore": 3.6
"source": "cve@mitre.org" }
]
}, },
"weaknesses": [
{ {
"url": "https://www.top10vpn.com/research/wifi-vulnerabilities/", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:inet_wireless_daemon:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.14",
"matchCriteriaId": "EAF31F3C-5DFD-4687-9952-A8EBF77A2BE3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=6415420f1c92012f64063c131480ffcef58e60ca",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://iwd.wiki.kernel.org/",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.top10vpn.com/research/wifi-vulnerabilities/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2023/CVE-2023-70xx/CVE-2023-7028.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-7028", "id": "CVE-2023-7028",
"sourceIdentifier": "cve@gitlab.com", "sourceIdentifier": "cve@gitlab.com",
"published": "2024-01-12T14:15:49.420", "published": "2024-01-12T14:15:49.420",
"lastModified": "2024-01-18T21:15:51.483", "lastModified": "2024-03-04T22:54:45.797",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -87,20 +87,6 @@
"operator": "OR", "operator": "OR",
"negate": false, "negate": false,
"cpeMatch": [ "cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "12.2.0",
"versionEndExcluding": "16.5.6",
"matchCriteriaId": "64C111BB-CD2F-42AE-AD4E-2DED5FF34907"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "12.2.0",
"versionEndExcluding": "16.5.6",
"matchCriteriaId": "C1FCE458-EACF-476C-B0F5-D31373E4457D"
},
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
@ -157,6 +143,20 @@
"versionEndExcluding": "16.4.5", "versionEndExcluding": "16.4.5",
"matchCriteriaId": "4B4C9455-DBA2-480B-8C59-898BC9DB8795" "matchCriteriaId": "4B4C9455-DBA2-480B-8C59-898BC9DB8795"
}, },
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.5.0",
"versionEndExcluding": "16.5.6",
"matchCriteriaId": "A1A5DDAD-5B04-4643-8ACD-15D7C6CD76C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.5.0",
"versionEndExcluding": "16.5.6",
"matchCriteriaId": "24A21A70-46F1-4B28-BECB-4266AABBBD57"
},
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
@ -173,23 +173,17 @@
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.7.0:*:*:*:community:*:*:*", "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"matchCriteriaId": "150F88EA-DA27-4042-9778-932904C2FD41" "versionStartIncluding": "16.7.0",
"versionEndExcluding": "16.7.2",
"matchCriteriaId": "E66EC8A8-E889-450A-86B4-7D930788FF58"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.7.0:*:*:*:enterprise:*:*:*", "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "29C6355F-1CD3-4E4A-AACA-19B497A631D6" "versionStartIncluding": "16.7.0",
}, "versionEndExcluding": "16.7.2",
{ "matchCriteriaId": "DDBB44E5-7ED3-4C9B-9241-2E6DB79A3E27"
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.7.1:*:*:*:community:*:*:*",
"matchCriteriaId": "D385A20C-BC93-4BB9-A47D-50C89D4DFA95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.7.1:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "77D86BC4-D4DD-4848-B0FD-0C16A3D2DF89"
} }
] ]
} }

27
CVE-2024/CVE-2024-05xx/CVE-2024-0565.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0565", "id": "CVE-2024-0565",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-15T20:15:43.630", "published": "2024-01-15T20:15:43.630",
"lastModified": "2024-02-23T16:15:46.843", "lastModified": "2024-03-04T22:58:47.570",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -90,8 +90,9 @@
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1.36",
"versionEndExcluding": "6.7", "versionEndExcluding": "6.7",
"matchCriteriaId": "668F5607-E136-4E8E-86F2-316E9DC41ADC" "matchCriteriaId": "AFE668C1-15AF-4C7B-8071-8E46711B501B"
}, },
{ {
"vulnerable": true, "vulnerable": true,
@ -121,6 +122,21 @@
] ]
} }
] ]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "CBCC384C-5DF0-41AB-B17B-6E9B6CAE8065"
}
]
}
]
} }
], ],
"references": [ "references": [
@ -142,7 +158,10 @@
}, },
{ {
"url": "https://security.netapp.com/advisory/ntap-20240223-0002/", "url": "https://security.netapp.com/advisory/ntap-20240223-0002/",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.spinics.net/lists/stable-commits/msg328851.html", "url": "https://www.spinics.net/lists/stable-commits/msg328851.html",

14
CVE-2024/CVE-2024-09xx/CVE-2024-0971.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-0971", "id": "CVE-2024-0971",
"sourceIdentifier": "vulnreport@tenable.com", "sourceIdentifier": "vulnreport@tenable.com",
"published": "2024-02-07T00:15:55.683", "published": "2024-02-07T00:15:55.683",
"lastModified": "2024-02-14T18:17:13.660", "lastModified": "2024-03-04T22:58:00.967",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -21,20 +21,20 @@
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "LOW", "privilegesRequired": "LOW",
"userInteraction": "NONE", "userInteraction": "NONE",
"scope": "UNCHANGED", "scope": "UNCHANGED",
"confidentialityImpact": "HIGH", "confidentialityImpact": "NONE",
"integrityImpact": "HIGH", "integrityImpact": "HIGH",
"availabilityImpact": "HIGH", "availabilityImpact": "NONE",
"baseScore": 8.8, "baseScore": 6.5,
"baseSeverity": "HIGH" "baseSeverity": "MEDIUM"
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 5.9 "impactScore": 3.6
}, },
{ {
"source": "vulnreport@tenable.com", "source": "vulnreport@tenable.com",

20
CVE-2024/CVE-2024-13xx/CVE-2024-1316.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-1316",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-04T21:15:07.007",
"lastModified": "2024-03-04T21:15:07.007",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the existence of certain events they shouldn't have access to. (e.g. draft, private, pending review, pw-protected, and trashed events)."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/d80dfe2f-207d-4cdf-8c71-27936c6318e5/",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2024/CVE-2024-13xx/CVE-2024-1319.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-1319",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-04T21:15:07.083",
"lastModified": "2024-03-04T21:15:07.083",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the attendees list on any post type regardless of status. (e.g. draft, private, pending review, password-protected, and trashed posts)."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/5904dc7e-1058-4c40-bca3-66ba57b1414b/",
"source": "contact@wpscan.com"
}
]
}

24
CVE-2024/CVE-2024-19xx/CVE-2024-1936.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-1936",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-03-04T22:15:46.733",
"lastModified": "2024-03-04T22:15:46.733",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a third party. While this update fixes the bug and avoids future message contamination, it does not automatically repair existing contaminations. Users are advised to use the repair folder functionality, which is available from the context menu of email folders, which will erase incorrect subject assignments. This vulnerability affects Thunderbird < 115.8.1."
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1860977",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-11/",
"source": "security@mozilla.org"
}
]
}

1084
CVE-2024/CVE-2024-202xx/CVE-2024-20267.json
View File

File diff suppressed because it is too large Load Diff

299
CVE-2024/CVE-2024-203xx/CVE-2024-20321.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-20321", "id": "CVE-2024-20321",
"sourceIdentifier": "ykramarz@cisco.com", "sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-02-29T01:43:59.410", "published": "2024-02-29T01:43:59.410",
"lastModified": "2024-02-29T13:49:29.390", "lastModified": "2024-03-04T22:45:23.647",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability exists because eBGP traffic is mapped to a shared hardware rate-limiter queue. An attacker could exploit this vulnerability by sending large amounts of network traffic with certain characteristics through an affected device. A successful exploit could allow the attacker to cause eBGP neighbor sessions to be dropped, leading to a DoS condition in the network." "value": "A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability exists because eBGP traffic is mapped to a shared hardware rate-limiter queue. An attacker could exploit this vulnerability by sending large amounts of network traffic with certain characteristics through an affected device. A successful exploit could allow the attacker to cause eBGP neighbor sessions to be dropped, leading to a DoS condition in the network."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n del protocolo de puerta de enlace de frontera externa (eBGP) del software Cisco NX-OS podr\u00eda permitir que un atacante remoto no autenticado cause una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad existe porque el tr\u00e1fico eBGP est\u00e1 asignado a una cola limitadora de velocidad de hardware compartida. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando grandes cantidades de tr\u00e1fico de red con determinadas caracter\u00edsticas a trav\u00e9s de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante provocar la ca\u00edda de las sesiones vecinas de eBGP, lo que provocar\u00eda una condici\u00f3n DoS en la red."
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
},
{ {
"source": "ykramarz@cisco.com", "source": "ykramarz@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
},
{ {
"source": "ykramarz@cisco.com", "source": "ykramarz@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +80,265 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ebgp-dos-L3QCwVJ", "nodes": [
"source": "ykramarz@cisco.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "21F43A5A-52A2-4094-8D36-39450B8F0E0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "674D15C8-3946-4C2F-9B62-BC6E5BC67673"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "990FA11F-5158-4717-B716-C5D6D2D23D1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D5DD2941-AD1E-4C13-8DAA-C5524B96AAB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "45A37F82-44B3-426C-A344-9054599BB426"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "907A3DEC-27F8-4D0A-9EE4-4681B6D9BADB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "53378B5F-4A5B-425D-B8BE-455FAF924551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A8F6C744-6501-4FAD-AF4F-12D3EA8F5BE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "076216C6-C115-4C7C-A9E3-46A3986DA2AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A819AE96-3933-4AD2-AF30-36E199393E01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DD96C7AE-EECC-43F4-9132-1E7F8047C701"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1D43B9D6-0991-4370-9369-C0A1EDBF6627"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6EB58108-78E4-4208-A549-C86B37422828"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2v\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46427F06-FAB1-4AB8-A6BF-3EE10608B4D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5FB6ADC7-97AC-4DD8-8F1B-448A63D8BE97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6E2484E7-24ED-4238-8ED3-FFFB7C479F18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9A589031-946F-4016-AFC9-92FB033420D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "20FF2A5A-CB80-4F58-856D-724AACB0864C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9FF50BFC-2DB3-4954-BC59-8B3D27D418E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F97A62E0-8A96-43A3-8FB1-FDC1B8A08049"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2A2F42DB-B22B-4880-BA73-D0E0295190DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "85A8B2D7-BCF2-4B2E-8208-7D2FDF717C65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C8A71DEB-93CD-4827-9F9E-3A0DFFAD145A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(7a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E1A56DB8-CDDD-4AB8-8694-B6CC967B7F62"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2B448FDB-C2F5-454F-A275-E985C3FCDBCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1AEE47A7-B23A-4C9A-A25C-0983D94FB569"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "350F10D8-221B-4A47-8BF6-CCC421878243"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C0B4E497-95AE-45FC-8F89-A7959CA9AF4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7385A37A-FC89-44E6-8BD9-C35B2F22714F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D7B192CE-F0B4-415F-9A33-B639A7B56ED4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2A1D6DFF-D8CC-4912-BFE6-8454AB95AD7C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.1\\(2t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B6C6D9CC-211B-4CAA-B2AB-16DE5A34E21E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F2DB904E-9FAF-4A23-82E9-367BDBFC57D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(1q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A5736375-4050-40A5-A504-688B182C9A75"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "54AB751B-77DE-4513-B961-378458F74164"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "63AB92C1-D2F7-4025-88B6-EFA1D3C07F8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(3t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "305A6637-16EA-4A66-A044-19BE643D6CA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(3v\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8AB69D4C-6993-42E6-A4E4-99CE309CD55A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69C445A7-B836-493D-8056-86D4F31847EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C3018A70-3236-4885-8EB1-708442F74981"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6FE29E31-332A-4B5B-ADAC-4C14FB589593"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F69EF43C-0F06-40B8-94AE-870E182E26CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8CE0E36D-08A6-48D5-A364-AC066F30F3CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "093B5CCD-AE92-47C4-81E9-E03825BD6CF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.3\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1DBDBBC8-12BA-42F9-BF22-B29C3FDF8A31"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.3\\(99w\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0B3B9B0F-6D25-408B-9D20-87C66F786D61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.3\\(99x\\):*:*:*:*:*:*:*",
"matchCriteriaId": "59AB22C9-34C9-4919-BA80-DFF3E186620F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:10.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BE3869F2-3991-4F60-8618-7F491EBFF807"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ebgp-dos-L3QCwVJ",
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

88
CVE-2024/CVE-2024-21xx/CVE-2024-2168.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-2168",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-03-04T21:15:07.137",
"lastModified": "2024-03-04T21:15:07.137",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/operations/expense_category.php of the component HTTP POST Request Handler. The manipulation of the argument status leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-255678 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.255678",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.255678",
"source": "cna@vuldb.com"
},
{
"url": "https://www.yuque.com/mailemonyeyongjuan/nekc0f/uoobn101h48xv6ih",
"source": "cna@vuldb.com"
}
]
}

63
CVE-2024/CVE-2024-250xx/CVE-2024-25063.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25063", "id": "CVE-2024-25063",
"sourceIdentifier": "hsrc@hikvision.com", "sourceIdentifier": "hsrc@hikvision.com",
"published": "2024-03-02T03:15:06.007", "published": "2024-03-02T03:15:06.007",
"lastModified": "2024-03-04T13:58:23.447", "lastModified": "2024-03-04T22:45:02.117",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "hsrc@hikvision.com", "source": "hsrc@hikvision.com",
"type": "Secondary", "type": "Secondary",
@ -34,10 +54,43 @@
} }
] ]
}, },
"references": [ "weaknesses": [
{ {
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-professional/", "source": "nvd@nist.gov",
"source": "hsrc@hikvision.com" "type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hikvision:hikcentral_professional:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.5.1",
"matchCriteriaId": "57231A29-D8FE-4442-A16D-2DAF3F440604"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-professional/",
"source": "hsrc@hikvision.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

64
CVE-2024/CVE-2024-250xx/CVE-2024-25064.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25064", "id": "CVE-2024-25064",
"sourceIdentifier": "hsrc@hikvision.com", "sourceIdentifier": "hsrc@hikvision.com",
"published": "2024-03-02T03:15:06.177", "published": "2024-03-02T03:15:06.177",
"lastModified": "2024-03-04T13:58:23.447", "lastModified": "2024-03-04T22:43:15.337",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{ {
"source": "hsrc@hikvision.com", "source": "hsrc@hikvision.com",
"type": "Secondary", "type": "Secondary",
@ -34,10 +54,44 @@
} }
] ]
}, },
"references": [ "weaknesses": [
{ {
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-professional/", "source": "nvd@nist.gov",
"source": "hsrc@hikvision.com" "type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hikvision:hikcentral_professional:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.5.1",
"matchCriteriaId": "6DE09B15-3DC8-4024-8643-EE6BF10A441E"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-professional/",
"source": "hsrc@hikvision.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

66
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2024-03-04T21:00:25.955254+00:00 2024-03-04T23:00:29.036078+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2024-03-04T21:00:15.267000+00:00 2024-03-04T22:59:52.460000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,47 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
240492 240498
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `9` Recently added CVEs: `6`
* [CVE-2021-47104](CVE-2021/CVE-2021-471xx/CVE-2021-47104.json) (`2024-03-04T19:15:18.643`) * [CVE-2023-41827](CVE-2023/CVE-2023-418xx/CVE-2023-41827.json) (`2024-03-04T22:15:46.330`)
* [CVE-2021-47105](CVE-2021/CVE-2021-471xx/CVE-2021-47105.json) (`2024-03-04T19:15:18.707`) * [CVE-2023-41829](CVE-2023/CVE-2023-418xx/CVE-2023-41829.json) (`2024-03-04T22:15:46.547`)
* [CVE-2021-47106](CVE-2021/CVE-2021-471xx/CVE-2021-47106.json) (`2024-03-04T19:15:18.750`) * [CVE-2024-1316](CVE-2024/CVE-2024-13xx/CVE-2024-1316.json) (`2024-03-04T21:15:07.007`)
* [CVE-2021-47107](CVE-2021/CVE-2021-471xx/CVE-2021-47107.json) (`2024-03-04T19:15:18.793`) * [CVE-2024-1319](CVE-2024/CVE-2024-13xx/CVE-2024-1319.json) (`2024-03-04T21:15:07.083`)
* [CVE-2021-47108](CVE-2021/CVE-2021-471xx/CVE-2021-47108.json) (`2024-03-04T19:15:18.837`) * [CVE-2024-2168](CVE-2024/CVE-2024-21xx/CVE-2024-2168.json) (`2024-03-04T21:15:07.137`)
* [CVE-2023-32331](CVE-2023/CVE-2023-323xx/CVE-2023-32331.json) (`2024-03-04T19:15:18.893`) * [CVE-2024-1936](CVE-2024/CVE-2024-19xx/CVE-2024-1936.json) (`2024-03-04T22:15:46.733`)
* [CVE-2023-6068](CVE-2023/CVE-2023-60xx/CVE-2023-6068.json) (`2024-03-04T20:15:50.267`)
* [CVE-2024-27889](CVE-2024/CVE-2024-278xx/CVE-2024-27889.json) (`2024-03-04T20:15:50.503`)
* [CVE-2024-2048](CVE-2024/CVE-2024-20xx/CVE-2024-2048.json) (`2024-03-04T20:15:50.690`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `19` Recently modified CVEs: `22`
* [CVE-2023-4895](CVE-2023/CVE-2023-48xx/CVE-2023-4895.json) (`2024-03-04T20:15:42.960`) * [CVE-2013-2094](CVE-2013/CVE-2013-20xx/CVE-2013-2094.json) (`2024-03-04T22:58:17.433`)
* [CVE-2023-6477](CVE-2023/CVE-2023-64xx/CVE-2023-6477.json) (`2024-03-04T20:25:04.490`) * [CVE-2017-6663](CVE-2017/CVE-2017-66xx/CVE-2017-6663.json) (`2024-03-04T22:59:19.157`)
* [CVE-2023-6736](CVE-2023/CVE-2023-67xx/CVE-2023-6736.json) (`2024-03-04T20:33:21.807`) * [CVE-2017-6665](CVE-2017/CVE-2017-66xx/CVE-2017-6665.json) (`2024-03-04T22:59:22.970`)
* [CVE-2023-6840](CVE-2023/CVE-2023-68xx/CVE-2023-6840.json) (`2024-03-04T20:52:05.890`) * [CVE-2017-6627](CVE-2017/CVE-2017-66xx/CVE-2017-6627.json) (`2024-03-04T22:59:28.410`)
* [CVE-2023-6564](CVE-2023/CVE-2023-65xx/CVE-2023-6564.json) (`2024-03-04T20:56:09.493`) * [CVE-2018-20169](CVE-2018/CVE-2018-201xx/CVE-2018-20169.json) (`2024-03-04T22:59:10.290`)
* [CVE-2023-3509](CVE-2023/CVE-2023-35xx/CVE-2023-3509.json) (`2024-03-04T20:59:58.357`) * [CVE-2019-1738](CVE-2019/CVE-2019-17xx/CVE-2019-1738.json) (`2024-03-04T22:59:31.617`)
* [CVE-2024-1820](CVE-2024/CVE-2024-18xx/CVE-2024-1820.json) (`2024-03-04T19:15:19.107`) * [CVE-2019-1739](CVE-2019/CVE-2019-17xx/CVE-2019-1739.json) (`2024-03-04T22:59:36.037`)
* [CVE-2024-1821](CVE-2024/CVE-2024-18xx/CVE-2024-1821.json) (`2024-03-04T19:15:19.237`) * [CVE-2019-1752](CVE-2019/CVE-2019-17xx/CVE-2019-1752.json) (`2024-03-04T22:59:48.230`)
* [CVE-2024-1826](CVE-2024/CVE-2024-18xx/CVE-2024-1826.json) (`2024-03-04T19:15:19.323`) * [CVE-2019-1757](CVE-2019/CVE-2019-17xx/CVE-2019-1757.json) (`2024-03-04T22:59:52.460`)
* [CVE-2024-1827](CVE-2024/CVE-2024-18xx/CVE-2024-1827.json) (`2024-03-04T19:15:19.403`) * [CVE-2021-3621](CVE-2021/CVE-2021-36xx/CVE-2021-3621.json) (`2024-03-04T22:58:08.510`)
* [CVE-2024-1828](CVE-2024/CVE-2024-18xx/CVE-2024-1828.json) (`2024-03-04T19:15:19.483`) * [CVE-2022-3734](CVE-2022/CVE-2022-37xx/CVE-2022-3734.json) (`2024-03-04T22:55:48.850`)
* [CVE-2024-1829](CVE-2024/CVE-2024-18xx/CVE-2024-1829.json) (`2024-03-04T19:15:19.557`) * [CVE-2022-48554](CVE-2022/CVE-2022-485xx/CVE-2022-48554.json) (`2024-03-04T22:57:50.017`)
* [CVE-2024-1830](CVE-2024/CVE-2024-18xx/CVE-2024-1830.json) (`2024-03-04T19:15:19.630`) * [CVE-2023-52160](CVE-2023/CVE-2023-521xx/CVE-2023-52160.json) (`2024-03-04T22:47:18.233`)
* [CVE-2024-1451](CVE-2024/CVE-2024-14xx/CVE-2024-1451.json) (`2024-03-04T20:12:59.223`) * [CVE-2023-52161](CVE-2023/CVE-2023-521xx/CVE-2023-52161.json) (`2024-03-04T22:50:03.490`)
* [CVE-2024-1525](CVE-2024/CVE-2024-15xx/CVE-2024-1525.json) (`2024-03-04T20:14:59.457`) * [CVE-2023-7028](CVE-2023/CVE-2023-70xx/CVE-2023-7028.json) (`2024-03-04T22:54:45.797`)
* [CVE-2024-0410](CVE-2024/CVE-2024-04xx/CVE-2024-0410.json) (`2024-03-04T20:25:41.347`) * [CVE-2023-49290](CVE-2023/CVE-2023-492xx/CVE-2023-49290.json) (`2024-03-04T22:59:00.657`)
* [CVE-2024-0861](CVE-2024/CVE-2024-08xx/CVE-2024-0861.json) (`2024-03-04T20:26:41.663`) * [CVE-2024-25064](CVE-2024/CVE-2024-250xx/CVE-2024-25064.json) (`2024-03-04T22:43:15.337`)
* [CVE-2024-1250](CVE-2024/CVE-2024-12xx/CVE-2024-1250.json) (`2024-03-04T20:57:39.907`) * [CVE-2024-25063](CVE-2024/CVE-2024-250xx/CVE-2024-25063.json) (`2024-03-04T22:45:02.117`)
* [CVE-2024-1066](CVE-2024/CVE-2024-10xx/CVE-2024-1066.json) (`2024-03-04T21:00:15.267`) * [CVE-2024-20321](CVE-2024/CVE-2024-203xx/CVE-2024-20321.json) (`2024-03-04T22:45:23.647`)
* [CVE-2024-20267](CVE-2024/CVE-2024-202xx/CVE-2024-20267.json) (`2024-03-04T22:45:43.893`)
* [CVE-2024-0971](CVE-2024/CVE-2024-09xx/CVE-2024-0971.json) (`2024-03-04T22:58:00.967`)
* [CVE-2024-0565](CVE-2024/CVE-2024-05xx/CVE-2024-0565.json) (`2024-03-04T22:58:47.570`)
## Download and Usage ## Download and Usage