admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-06-30T10:00:13.715915+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-06-30 10:04:40 +00:00
parent 8ad66173b7
commit 5e76b671ae
634 changed files with 41836 additions and 1429 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
CVE-2014/CVE-2014-04xx/CVE-2014-0468.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2014-0468",
"sourceIdentifier": "security@debian.org",
"published": "2025-06-26T21:15:27.527",
"lastModified": "2025-06-26T21:15:27.527",
"lastModified": "2025-06-27T15:15:22.890",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in fusionforge in the shipped Apache configuration, where the web server may execute scripts that \nthe users would have uploaded in their raw SCM repositories (SVN, Git, \nBzr...). This issue affects fusionforge: before 5.3+20140506."
},
{
"lang": "es",
"value": "Vulnerabilidad en fusionforge en la configuraci\u00f3n de Apache de f\u00e1brica, donde el servidor web podr\u00eda ejecutar scripts que los usuarios habr\u00edan subido a sus repositorios SCM sin procesar (SVN, Git, Bzr, etc.). Este problema afecta a fusionforge: versiones anteriores a 5.3+20140506."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://lists.fusionforge.org/pipermail/fusionforge-general/2014-March/002645.html",

43
CVE-2014/CVE-2014-62xx/CVE-2014-6274.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2014-6274",
"sourceIdentifier": "security@debian.org",
"published": "2025-06-26T21:15:27.647",
"lastModified": "2025-06-26T21:15:27.647",
"lastModified": "2025-06-27T19:15:29.037",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "git-annex had a bug in the S3 and Glacier remotes where if embedcreds=yes\nwas set, and the remote used encryption=pubkey or encryption=hybrid,\nthe embedded AWS credentials were stored in the git repository\nin (effectively) plaintext, not encrypted as they were supposed to be. This issue affects git-annex: from 3.20121126 before 5.20140919."
},
{
"lang": "es",
"value": "Git-annex ten\u00eda un error en los servidores remotos S3 y Glacier: si se configuraba embedcreds=yes y el servidor remoto usaba encrypted=pubkey o encrypted=hybrid, las credenciales de AWS integradas se almacenaban en el repositorio Git en texto plano (en la pr\u00e1ctica), no cifradas como deb\u00edan. Este problema afecta a Git-annex desde la versi\u00f3n 3.20121126 hasta la versi\u00f3n 5.20140919."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-311"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git-annex.branchable.com/upgrades/insecure_embedded_creds/",

43
CVE-2014/CVE-2014-72xx/CVE-2014-7210.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2014-7210",
"sourceIdentifier": "security@debian.org",
"published": "2025-06-26T21:15:27.757",
"lastModified": "2025-06-26T21:15:27.757",
"lastModified": "2025-06-27T19:15:30.443",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "pdns specific as packaged in Debian in version before 3.3.1-1 creates a too privileged MySQL user. It was discovered that the maintainer scripts of pdns-backend-mysql grant too wide database permissions for the pdns user. Other backends\nare not affected."
},
{
"lang": "es",
"value": "El paquete espec\u00edfico de pdns, tal como se incluye en Debian en versiones anteriores a la 3.3.1-1, crea un usuario MySQL con demasiados privilegios. Se descubri\u00f3 que los scripts de mantenimiento de pdns-backend-mysql otorgan permisos de base de datos demasiado amplios al usuario pdns. Los dem\u00e1s backends no se ven afectados."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2016/05/msg00046.html",

43
CVE-2015/CVE-2015-08xx/CVE-2015-0842.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2015-0842",
"sourceIdentifier": "security@debian.org",
"published": "2025-06-26T22:15:24.503",
"lastModified": "2025-06-26T22:15:24.503",
"lastModified": "2025-06-27T19:15:30.677",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "yubiserver before 0.6 is prone to SQL injection issues, potentially leading to an authentication bypass."
},
{
"lang": "es",
"value": "yubiserver anterior a 0.6 es propenso a problemas de inyecci\u00f3n de SQL, lo que puede llevar a una omisi\u00f3n de autenticaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://www.include.gr/debian/yubiserver/#changelog",

45
CVE-2015/CVE-2015-08xx/CVE-2015-0843.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2015-0843",
"sourceIdentifier": "security@debian.org",
"published": "2025-06-26T22:15:24.613",
"lastModified": "2025-06-26T22:15:24.613",
"lastModified": "2025-06-27T19:15:30.873",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "yubiserver before 0.6 is to buffer overflows due to misuse of sprintf."
"value": "yubiserver before 0.6 is prone to buffer overflows due to misuse of sprintf."
},
{
"lang": "es",
"value": "yubiserver anterior a 0.6 es propenso a desbordamientos de b\u00fafer debido al mal uso de sprintf."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://www.include.gr/debian/yubiserver/#changelog",

72
CVE-2015/CVE-2015-201xx/CVE-2015-20112.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2015-20112",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-29T21:15:22.210",
"lastModified": "2025-06-29T21:15:22.210",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "RLPx 5 has two CTR streams based on the same key, IV, and nonce. This can facilitate decryption on a private network."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N",
"baseScore": 3.4,
"baseSeverity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-325"
}
]
}
],
"references": [
{
"url": "https://github.com/LaurentMT/go-ethereum/commit/e8cba7283b57280b1bcf5761478f852398365901",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/ethereum/devp2p/blob/master/rlpx.md#known-issues-in-the-current-version",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/ethereum/devp2p/issues/32",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/ethereum/go-ethereum/issues/1315",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/hyperledger/besu/issues/7926",
"source": "cve@mitre.org"
}
]
}

22
CVE-2018/CVE-2018-106xx/CVE-2018-10631.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2018-10631",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2018-07-13T19:29:00.213",
"lastModified": "2025-05-22T18:15:22.580",
"lastModified": "2025-06-27T17:15:30.353",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer and 8870 N'Vision removable application card does not encrypt PII and PHI while at rest."
"value": "The 8840 Clinician Programmer executes the application program from the 8870 Application Card. An attacker with physical access to an 8870 Application Card and sufficient technical capability can modify the contents of this card, including the binary executables. If modified to bypass protection mechanisms, this malicious code will be run when the card is inserted into an 8840 Clinician Programmer."
},
{
"lang": "es",
@ -22,20 +22,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.6,
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
"exploitabilityScore": 0.4,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
@ -113,7 +113,7 @@
"description": [
{
"lang": "en",
"value": "CWE-311"
"value": "CWE-693"
}
]
},

14
CVE-2018/CVE-2018-209xx/CVE-2018-20977.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-20977",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-08-21T19:15:12.950",
"lastModified": "2024-11-21T04:02:36.600",
"vulnStatus": "Modified",
"lastModified": "2025-06-27T16:28:06.207",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,13 +16,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
@ -85,9 +85,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:brainstormforce:schema:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:brainstormforce:schema:*:*:*:*:-:wordpress:*:*",
"versionEndExcluding": "1.5.0",
"matchCriteriaId": "7325B485-65C2-489C-B9CB-96E8280FA5F4"
"matchCriteriaId": "3C70E603-B63F-4428-B651-C8CC8D4087BF"
}
]
}

38
CVE-2018/CVE-2018-88xx/CVE-2018-8849.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2018-8849",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2018-05-18T13:29:00.427",
"lastModified": "2024-11-21T04:14:26.837",
"lastModified": "2025-06-27T17:15:32.103",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and 8870 N'Vision removable Application Card, all versions does not encrypt PII and PHI while at rest."
"value": "Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programme and 8870 N'Vision removable Application Card do not encrypt PII and PHI while at rest."
},
{
"lang": "es",
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
@ -159,12 +181,12 @@
]
},
{
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01",
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-18-137-01",
"source": "ics-cert@hq.dhs.gov"
},
{
"url": "https://www.medtronic.com/security",
"source": "ics-cert@hq.dhs.gov"
},
{
"url": "http://www.medtronic.com/content/dam/medtronic-com/us-en/corporate/documents/Medtronic-NVision-8840_Security-Bulletin_FINAL.pdf",

6
CVE-2021/CVE-2021-231xx/CVE-2021-23159.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-23159",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-08-25T20:15:08.923",
"lastModified": "2024-11-21T05:51:18.177",
"lastModified": "2025-06-27T18:51:27.923",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -70,8 +70,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sox_project:sox:14.4.2-7:*:*:*:*:*:*:*",
"matchCriteriaId": "D568262D-27C8-459D-8901-95F057CCB7F5"
"criteria": "cpe:2.3:a:sound_exchange_project:sound_exchange:14.4.2-7:*:*:*:*:*:*:*",
"matchCriteriaId": "5F508BA4-3586-4735-82CB-F5C1B81EB83B"
}
]
}

6
CVE-2021/CVE-2021-231xx/CVE-2021-23172.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-23172",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-08-25T20:15:08.977",
"lastModified": "2024-11-21T05:51:19.270",
"lastModified": "2025-06-27T18:51:27.923",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -70,8 +70,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sox_project:sox:14.4.2-7:*:*:*:*:*:*:*",
"matchCriteriaId": "D568262D-27C8-459D-8901-95F057CCB7F5"
"criteria": "cpe:2.3:a:sound_exchange_project:sound_exchange:14.4.2-7:*:*:*:*:*:*:*",
"matchCriteriaId": "5F508BA4-3586-4735-82CB-F5C1B81EB83B"
}
]
}

6
CVE-2021/CVE-2021-232xx/CVE-2021-23210.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-23210",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-08-25T20:15:09.027",
"lastModified": "2024-11-21T05:51:22.910",
"lastModified": "2025-06-27T18:51:27.923",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -70,8 +70,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sox_project:sox:14.4.2-7:*:*:*:*:*:*:*",
"matchCriteriaId": "D568262D-27C8-459D-8901-95F057CCB7F5"
"criteria": "cpe:2.3:a:sound_exchange_project:sound_exchange:14.4.2-7:*:*:*:*:*:*:*",
"matchCriteriaId": "5F508BA4-3586-4735-82CB-F5C1B81EB83B"
}
]
}

26
CVE-2021/CVE-2021-277xx/CVE-2021-27704.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-27704",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-12T23:15:03.993",
"lastModified": "2024-11-26T18:15:17.960",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-27T18:46:39.343",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:appspace:appspace:6.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6AD7EBEE-1FA6-4C7D-ACE7-B3D7D62373EB"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Mrnmap/mrnmap-cve/blob/main/CVE-2021-27704",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

6
CVE-2021/CVE-2021-338xx/CVE-2021-33844.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33844",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-08-25T20:15:09.087",
"lastModified": "2024-11-21T06:09:40.883",
"lastModified": "2025-06-27T18:51:27.923",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -70,8 +70,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sox_project:sox:14.4.2-7:*:*:*:*:*:*:*",
"matchCriteriaId": "D568262D-27C8-459D-8901-95F057CCB7F5"
"criteria": "cpe:2.3:a:sound_exchange_project:sound_exchange:14.4.2-7:*:*:*:*:*:*:*",
"matchCriteriaId": "5F508BA4-3586-4735-82CB-F5C1B81EB83B"
}
]
}

6
CVE-2021/CVE-2021-36xx/CVE-2021-3643.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3643",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-05-02T19:15:08.290",
"lastModified": "2024-11-21T06:22:03.630",
"lastModified": "2025-06-27T18:51:27.923",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -95,8 +95,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sox_project:sox:14.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "99268ADD-BECC-4183-8415-8B9DAACF63B5"
"criteria": "cpe:2.3:a:sound_exchange_project:sound_exchange:14.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11191C3F-FC60-414B-973F-EA5F548AEE2E"
}
]
}

7
CVE-2022/CVE-2022-30xx/CVE-2022-3077.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-3077",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-09-09T15:15:14.950",
"lastModified": "2024-11-21T07:18:46.540",
"vulnStatus": "Modified",
"lastModified": "2025-06-27T17:40:17.870",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -71,8 +71,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.19",
"matchCriteriaId": "E74E9AF8-BDF5-4917-A9CA-0AAD8E13149B"
"matchCriteriaId": "DD9A39A6-6336-4B60-807F-3538AD8D4498"
}
]
}

6
CVE-2022/CVE-2022-316xx/CVE-2022-31650.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-31650",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-05-25T23:15:07.787",
"lastModified": "2024-11-21T07:05:02.840",
"lastModified": "2025-06-27T18:51:27.923",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -85,8 +85,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sox_project:sox:14.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0DA8B6-2889-4511-A869-D113C8610D41"
"criteria": "cpe:2.3:a:sound_exchange_project:sound_exchange:14.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C99FA8E2-5333-47D1-AC0D-5C3FF7DF8D75"
}
]
}

6
CVE-2022/CVE-2022-316xx/CVE-2022-31651.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-31651",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-05-25T23:15:07.833",
"lastModified": "2024-11-21T07:05:03.040",
"lastModified": "2025-06-27T18:51:27.923",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -85,8 +85,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sox_project:sox:14.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0DA8B6-2889-4511-A869-D113C8610D41"
"criteria": "cpe:2.3:a:sound_exchange_project:sound_exchange:14.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C99FA8E2-5333-47D1-AC0D-5C3FF7DF8D75"
}
]
}

12
CVE-2022/CVE-2022-362xx/CVE-2022-36263.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-36263",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-08-19T15:15:08.463",
"lastModified": "2024-11-21T07:12:40.903",
"lastModified": "2025-06-27T14:15:30.240",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -49,6 +49,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [

6
CVE-2022/CVE-2022-488xx/CVE-2022-48828.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48828",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-16T12:15:06.477",
"lastModified": "2024-11-21T07:34:09.883",
"lastModified": "2025-06-27T11:15:22.540",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -25,6 +25,10 @@
"url": "https://git.kernel.org/stable/c/8e0ecaf7a7e57b30284d6b3289cc436100fadc48",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d2211e6e34d0755f35e2f8c22d81999fa81cfc71",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/da22ca1ad548429d7822011c54cfe210718e0aa7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"

6
CVE-2022/CVE-2022-488xx/CVE-2022-48829.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48829",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-16T12:15:06.550",
"lastModified": "2024-11-21T07:34:09.993",
"lastModified": "2025-06-27T11:15:23.453",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -21,6 +21,10 @@
"url": "https://git.kernel.org/stable/c/37f2d2cd8eadddbbd9c7bda327a9393399b2f89b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/72c14aed6838b5d90b4dd926b6a339b34bb02e08",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a231ae6bb50e7c0a9e9efd7b0d10687f1d71b3a3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"

6
CVE-2023/CVE-2023-09xx/CVE-2023-0917.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0917",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-02-19T09:15:11.197",
"lastModified": "2024-11-21T07:38:05.767",
"lastModified": "2025-06-27T19:05:16.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -101,8 +101,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_customer_relationship_management_system_project:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "007FF3DB-5904-4BE6-BD0A-90D93F4CFCAF"
"criteria": "cpe:2.3:a:oretnom23:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1110BA8-AEB2-410C-983F-6EFEBECC8C81"
}
]
}

14
CVE-2023/CVE-2023-205xx/CVE-2023-20594.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2023-20594",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-09-20T18:15:12.187",
"lastModified": "2024-11-21T07:41:11.453",
"lastModified": "2025-06-27T22:15:23.257",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nImproper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
"value": "Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access."
},
{
"lang": "es",
@ -40,6 +40,16 @@
]
},
"weaknesses": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-824"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",

14
CVE-2023/CVE-2023-205xx/CVE-2023-20597.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2023-20597",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-09-20T18:15:12.257",
"lastModified": "2024-11-21T07:41:11.923",
"lastModified": "2025-06-27T22:15:25.093",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\n\n\nImproper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
"value": "Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access."
},
{
"lang": "es",
@ -40,6 +40,16 @@
]
},
"weaknesses": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-824"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",

6
CVE-2023/CVE-2023-243xx/CVE-2023-24364.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24364",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-27T16:15:13.087",
"lastModified": "2025-03-10T18:15:26.323",
"lastModified": "2025-06-27T19:05:16.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -86,8 +86,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_customer_relationship_management_system_project:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "007FF3DB-5904-4BE6-BD0A-90D93F4CFCAF"
"criteria": "cpe:2.3:a:oretnom23:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1110BA8-AEB2-410C-983F-6EFEBECC8C81"
}
]
}

6
CVE-2023/CVE-2023-246xx/CVE-2023-24651.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24651",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-27T16:15:13.150",
"lastModified": "2025-03-10T18:15:26.633",
"lastModified": "2025-06-27T19:05:16.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -86,8 +86,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_customer_relationship_management_system_project:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "007FF3DB-5904-4BE6-BD0A-90D93F4CFCAF"
"criteria": "cpe:2.3:a:oretnom23:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1110BA8-AEB2-410C-983F-6EFEBECC8C81"
}
]
}

6
CVE-2023/CVE-2023-246xx/CVE-2023-24652.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24652",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-27T16:15:13.210",
"lastModified": "2025-03-10T18:15:26.870",
"lastModified": "2025-06-27T19:05:16.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -86,8 +86,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_customer_relationship_management_system_project:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "007FF3DB-5904-4BE6-BD0A-90D93F4CFCAF"
"criteria": "cpe:2.3:a:oretnom23:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1110BA8-AEB2-410C-983F-6EFEBECC8C81"
}
]
}

6
CVE-2023/CVE-2023-246xx/CVE-2023-24653.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24653",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-27T16:15:13.273",
"lastModified": "2025-03-10T18:15:27.067",
"lastModified": "2025-06-27T19:05:16.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -86,8 +86,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_customer_relationship_management_system_project:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "007FF3DB-5904-4BE6-BD0A-90D93F4CFCAF"
"criteria": "cpe:2.3:a:oretnom23:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1110BA8-AEB2-410C-983F-6EFEBECC8C81"
}
]
}

6
CVE-2023/CVE-2023-246xx/CVE-2023-24654.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24654",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-27T16:15:13.330",
"lastModified": "2025-03-10T18:15:27.313",
"lastModified": "2025-06-27T19:05:16.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -86,8 +86,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_customer_relationship_management_system_project:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "007FF3DB-5904-4BE6-BD0A-90D93F4CFCAF"
"criteria": "cpe:2.3:a:oretnom23:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1110BA8-AEB2-410C-983F-6EFEBECC8C81"
}
]
}

6
CVE-2023/CVE-2023-246xx/CVE-2023-24655.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24655",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-23T01:15:12.123",
"lastModified": "2024-11-21T07:48:17.093",
"lastModified": "2025-06-27T19:05:16.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -56,8 +56,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_customer_relationship_management_system_project:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "007FF3DB-5904-4BE6-BD0A-90D93F4CFCAF"
"criteria": "cpe:2.3:a:oretnom23:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1110BA8-AEB2-410C-983F-6EFEBECC8C81"
}
]
}

6
CVE-2023/CVE-2023-246xx/CVE-2023-24656.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24656",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-27T16:15:13.390",
"lastModified": "2025-03-10T18:15:27.530",
"lastModified": "2025-06-27T19:05:16.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -86,8 +86,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_customer_relationship_management_system_project:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "007FF3DB-5904-4BE6-BD0A-90D93F4CFCAF"
"criteria": "cpe:2.3:a:oretnom23:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1110BA8-AEB2-410C-983F-6EFEBECC8C81"
}
]
}

6
CVE-2023/CVE-2023-247xx/CVE-2023-24728.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24728",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-15T14:15:11.623",
"lastModified": "2024-11-21T07:48:20.197",
"lastModified": "2025-06-27T19:05:16.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -56,8 +56,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_customer_relationship_management_system_project:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "007FF3DB-5904-4BE6-BD0A-90D93F4CFCAF"
"criteria": "cpe:2.3:a:oretnom23:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1110BA8-AEB2-410C-983F-6EFEBECC8C81"
}
]
}

6
CVE-2023/CVE-2023-247xx/CVE-2023-24729.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24729",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-15T14:15:11.673",
"lastModified": "2024-11-21T07:48:20.353",
"lastModified": "2025-06-27T19:05:16.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -56,8 +56,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_customer_relationship_management_system_project:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "007FF3DB-5904-4BE6-BD0A-90D93F4CFCAF"
"criteria": "cpe:2.3:a:oretnom23:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1110BA8-AEB2-410C-983F-6EFEBECC8C81"
}
]
}

6
CVE-2023/CVE-2023-247xx/CVE-2023-24730.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24730",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-15T14:15:11.727",
"lastModified": "2024-11-21T07:48:20.500",
"lastModified": "2025-06-27T19:05:16.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -56,8 +56,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_customer_relationship_management_system_project:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "007FF3DB-5904-4BE6-BD0A-90D93F4CFCAF"
"criteria": "cpe:2.3:a:oretnom23:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1110BA8-AEB2-410C-983F-6EFEBECC8C81"
}
]
}

6
CVE-2023/CVE-2023-247xx/CVE-2023-24731.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24731",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-15T14:15:11.783",
"lastModified": "2024-11-21T07:48:20.640",
"lastModified": "2025-06-27T19:05:16.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -56,8 +56,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_customer_relationship_management_system_project:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "007FF3DB-5904-4BE6-BD0A-90D93F4CFCAF"
"criteria": "cpe:2.3:a:oretnom23:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1110BA8-AEB2-410C-983F-6EFEBECC8C81"
}
]
}

6
CVE-2023/CVE-2023-247xx/CVE-2023-24732.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24732",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-15T14:15:11.833",
"lastModified": "2024-11-21T07:48:20.780",
"lastModified": "2025-06-27T19:05:16.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -56,8 +56,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_customer_relationship_management_system_project:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "007FF3DB-5904-4BE6-BD0A-90D93F4CFCAF"
"criteria": "cpe:2.3:a:oretnom23:simple_customer_relationship_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1110BA8-AEB2-410C-983F-6EFEBECC8C81"
}
]
}

8
CVE-2023/CVE-2023-250xx/CVE-2023-25058.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25058",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-26T15:15:11.393",
"lastModified": "2024-11-21T07:49:01.580",
"vulnStatus": "Modified",
"lastModified": "2025-06-27T16:27:57.687",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -76,9 +76,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:brainstormforce:schema:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:brainstormforce:schema:*:*:*:*:-:wordpress:*:*",
"versionEndExcluding": "1.6.6",
"matchCriteriaId": "B9129741-E978-4693-86C7-6EA6E5FDF9D2"
"matchCriteriaId": "23CC0FB5-1874-41B9-8058-C2B75EA2A45D"
}
]
}

60
CVE-2023/CVE-2023-259xx/CVE-2023-25998.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2023-25998",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-06-27T12:15:26.157",
"lastModified": "2025-06-27T12:15:26.157",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Samex - Clean, Minimal Shop WooCommerce WordPress Theme allows PHP Local File Inclusion. This issue affects Samex - Clean, Minimal Shop WooCommerce WordPress Theme: from n/a through 2.6."
},
{
"lang": "es",
"value": "Vulnerabilidad de control incorrecto del nombre de archivo para la instrucci\u00f3n Include/Require en programas PHP ('Inclusi\u00f3n remota de archivos en PHP') en snstheme Samex - Clean, Minimal Shop WooCommerce WordPress Theme permite la inclusi\u00f3n local de archivos en PHP. Este problema afecta a Samex - Clean, Minimal Shop WooCommerce WordPress Theme: desde n/d hasta la versi\u00f3n 2.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/samex/vulnerability/wordpress-samex-clean-minimal-shop-woocommerce-wordpress-theme-2-6-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

6
CVE-2023/CVE-2023-265xx/CVE-2023-26590.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26590",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-10T18:15:10.707",
"lastModified": "2024-11-21T07:51:48.917",
"lastModified": "2025-06-27T18:51:27.923",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -86,8 +86,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sox_project:sox:14.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "14A53C19-2DA3-49D1-8114-3DB90ACE3263"
"criteria": "cpe:2.3:a:sound_exchange_project:sound_exchange:14.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B9CCB6-B58A-46C2-A819-D579A224211B"
}
]
}

64
CVE-2023/CVE-2023-289xx/CVE-2023-28902.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2023-28902",
"sourceIdentifier": "cve@asrg.io",
"published": "2025-06-28T16:15:21.160",
"lastModified": "2025-06-28T16:15:21.160",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An integer underflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause denial-of-service of the infotainment system.\nThe vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-191"
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/",
"source": "cve@asrg.io"
},
{
"url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf",
"source": "cve@asrg.io"
},
{
"url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2",
"source": "cve@asrg.io"
}
]
}

64
CVE-2023/CVE-2023-289xx/CVE-2023-28903.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2023-28903",
"sourceIdentifier": "cve@asrg.io",
"published": "2025-06-28T16:15:22.087",
"lastModified": "2025-06-28T16:15:22.087",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An integer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause a denial-of-service of the infotainment system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/",
"source": "cve@asrg.io"
},
{
"url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf",
"source": "cve@asrg.io"
},
{
"url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2",
"source": "cve@asrg.io"
}
]
}

64
CVE-2023/CVE-2023-289xx/CVE-2023-28904.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2023-28904",
"sourceIdentifier": "cve@asrg.io",
"published": "2025-06-28T16:15:22.250",
"lastModified": "2025-06-28T16:15:22.250",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A logic flaw leading to a RAM buffer overflow in the bootloader component of the MIB3 infotainment unit allows an attacker with physical access to the MIB3 ECU to bypass firmware signature verification and run arbitrary code in the infotainment system at boot process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.9,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/",
"source": "cve@asrg.io"
},
{
"url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf",
"source": "cve@asrg.io"
},
{
"url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2",
"source": "cve@asrg.io"
}
]
}

64
CVE-2023/CVE-2023-289xx/CVE-2023-28905.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2023-28905",
"sourceIdentifier": "cve@asrg.io",
"published": "2025-06-28T16:15:22.410",
"lastModified": "2025-06-28T16:15:22.410",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker to execute arbitrary code on it.\nThe vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/",
"source": "cve@asrg.io"
},
{
"url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf",
"source": "cve@asrg.io"
},
{
"url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2",
"source": "cve@asrg.io"
}
]
}

64
CVE-2023/CVE-2023-289xx/CVE-2023-28906.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2023-28906",
"sourceIdentifier": "cve@asrg.io",
"published": "2025-06-28T16:15:22.573",
"lastModified": "2025-06-28T16:15:22.573",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A command injection in the networking service of the MIB3 infotainment allows an attacker already presenting in the system to escalate privileges and obtain administrative access to the system.\nThe vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/",
"source": "cve@asrg.io"
},
{
"url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf",
"source": "cve@asrg.io"
},
{
"url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2",
"source": "cve@asrg.io"
}
]
}

64
CVE-2023/CVE-2023-289xx/CVE-2023-28907.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2023-28907",
"sourceIdentifier": "cve@asrg.io",
"published": "2025-06-28T16:15:22.740",
"lastModified": "2025-06-28T16:15:22.740",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is no memory isolation between CPU cores of the MIB3 infotainment. This fact allows an attacker with access to the main operating system to compromise the CPU core responsible for CAN message processing.\nThe vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/",
"source": "cve@asrg.io"
},
{
"url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf",
"source": "cve@asrg.io"
},
{
"url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2",
"source": "cve@asrg.io"
}
]
}

64
CVE-2023/CVE-2023-289xx/CVE-2023-28908.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2023-28908",
"sourceIdentifier": "cve@asrg.io",
"published": "2025-06-28T16:15:22.910",
"lastModified": "2025-06-28T16:15:22.910",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving non-fragmented HCI packets on a channel.\nThe vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/",
"source": "cve@asrg.io"
},
{
"url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf",
"source": "cve@asrg.io"
},
{
"url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2",
"source": "cve@asrg.io"
}
]
}

64
CVE-2023/CVE-2023-289xx/CVE-2023-28909.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2023-28909",
"sourceIdentifier": "cve@asrg.io",
"published": "2025-06-28T16:15:23.080",
"lastModified": "2025-06-28T16:15:23.080",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A specific flaw exists within the Bluetooth stack of the MIB3 unit. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving fragmented HCI packets on a channel. An attacker can leverage this vulnerability to bypass the MTU check on a channel with enabled fragmentation. Consequently, this can lead to a buffer overflow in upper layer profiles, which can be used to obtain remote code execution.\nThe vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/",
"source": "cve@asrg.io"
},
{
"url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf",
"source": "cve@asrg.io"
},
{
"url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2",
"source": "cve@asrg.io"
}
]
}

64
CVE-2023/CVE-2023-289xx/CVE-2023-28910.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2023-28910",
"sourceIdentifier": "cve@asrg.io",
"published": "2025-06-28T16:15:23.253",
"lastModified": "2025-06-28T16:15:23.253",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A specific flaw exists within the Bluetooth stack of the MIB3 infotainment system. The issue results from the disabled abortion flag eventually leading to bypassing assertion functions.\nThe vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/",
"source": "cve@asrg.io"
},
{
"url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf",
"source": "cve@asrg.io"
},
{
"url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2",
"source": "cve@asrg.io"
}
]
}

64
CVE-2023/CVE-2023-289xx/CVE-2023-28911.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2023-28911",
"sourceIdentifier": "cve@asrg.io",
"published": "2025-06-28T16:15:23.423",
"lastModified": "2025-06-28T16:15:23.423",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results from the lack of proper validation of user-supplied data, which can result in an arbitrary channel disconnection. An attacker can leverage this vulnerability to cause a denial-of-service attack for every connected client of the infotainment device.\nThe vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/",
"source": "cve@asrg.io"
},
{
"url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf",
"source": "cve@asrg.io"
},
{
"url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2",
"source": "cve@asrg.io"
}
]
}

64
CVE-2023/CVE-2023-289xx/CVE-2023-28912.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2023-28912",
"sourceIdentifier": "cve@asrg.io",
"published": "2025-06-28T16:15:23.583",
"lastModified": "2025-06-28T16:15:23.583",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The MIB3 unit stores the synchronized phone contact book in clear-text, allowing an attacker with either code execution privilege on the system or physical access to the system to obtain vehicle owner's contact data.\nThe vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/",
"source": "cve@asrg.io"
},
{
"url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf",
"source": "cve@asrg.io"
},
{
"url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2",
"source": "cve@asrg.io"
}
]
}

64
CVE-2023/CVE-2023-291xx/CVE-2023-29113.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2023-29113",
"sourceIdentifier": "cve@asrg.io",
"published": "2025-06-28T16:15:23.750",
"lastModified": "2025-06-28T16:15:23.750",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The MIB3 infotainment unit used in Skoda and Volkswagen vehicles does not incorporate any privilege separation for the proprietary inter-process communication mechanism, leaving attackers with presence in the system an ability to undermine access control restrictions implemented at the operating system level.\nThe vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.0,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/",
"source": "cve@asrg.io"
},
{
"url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf",
"source": "cve@asrg.io"
},
{
"url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2",
"source": "cve@asrg.io"
}
]
}

6
CVE-2023/CVE-2023-326xx/CVE-2023-32627.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32627",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-10T18:15:10.767",
"lastModified": "2024-11-21T08:03:43.923",
"lastModified": "2025-06-27T18:51:27.923",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -86,8 +86,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sox_project:sox:14.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "14A53C19-2DA3-49D1-8114-3DB90ACE3263"
"criteria": "cpe:2.3:a:sound_exchange_project:sound_exchange:14.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B9CCB6-B58A-46C2-A819-D579A224211B"
}
]
}

6
CVE-2023/CVE-2023-343xx/CVE-2023-34318.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-34318",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-10T18:15:10.833",
"lastModified": "2024-11-21T08:07:00.080",
"lastModified": "2025-06-27T18:51:27.923",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -86,8 +86,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sox_project:sox:14.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "14A53C19-2DA3-49D1-8114-3DB90ACE3263"
"criteria": "cpe:2.3:a:sound_exchange_project:sound_exchange:14.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B9CCB6-B58A-46C2-A819-D579A224211B"
}
]
}

27
CVE-2023/CVE-2023-343xx/CVE-2023-34397.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34397",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T22:15:10.470",
"lastModified": "2025-03-24T17:15:15.300",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T16:13:01.813",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mercedes-benz:headunit_ntg6_mercedes-benz_user_experience:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2021",
"matchCriteriaId": "675DA3B4-565F-4910-9BAC-331924584725"
}
]
}
]
}
],
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

27
CVE-2023/CVE-2023-343xx/CVE-2023-34398.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34398",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T22:15:10.603",
"lastModified": "2025-03-18T18:15:26.457",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T16:12:59.223",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mercedes-benz:headunit_ntg6_mercedes-benz_user_experience:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2021",
"matchCriteriaId": "675DA3B4-565F-4910-9BAC-331924584725"
}
]
}
]
}
],
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

27
CVE-2023/CVE-2023-343xx/CVE-2023-34399.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34399",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T22:15:10.730",
"lastModified": "2025-03-24T17:15:15.497",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T16:12:56.393",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mercedes-benz:headunit_ntg6_mercedes-benz_user_experience:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2021",
"matchCriteriaId": "675DA3B4-565F-4910-9BAC-331924584725"
}
]
}
]
}
],
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

27
CVE-2023/CVE-2023-344xx/CVE-2023-34400.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34400",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T22:15:10.847",
"lastModified": "2025-03-18T20:15:19.913",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T16:12:53.050",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mercedes-benz:headunit_ntg6_mercedes-benz_user_experience:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2021",
"matchCriteriaId": "675DA3B4-565F-4910-9BAC-331924584725"
}
]
}
]
}
],
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

27
CVE-2023/CVE-2023-344xx/CVE-2023-34401.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34401",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T23:15:08.867",
"lastModified": "2025-03-18T16:15:19.893",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T16:12:44.720",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mercedes-benz:headunit_ntg6_mercedes-benz_user_experience:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2021",
"matchCriteriaId": "675DA3B4-565F-4910-9BAC-331924584725"
}
]
}
]
}
],
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

27
CVE-2023/CVE-2023-344xx/CVE-2023-34402.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34402",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T23:15:09.337",
"lastModified": "2025-03-14T18:15:26.363",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T16:12:42.030",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mercedes-benz:headunit_ntg6_mercedes-benz_user_experience:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2021",
"matchCriteriaId": "675DA3B4-565F-4910-9BAC-331924584725"
}
]
}
]
}
],
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

27
CVE-2023/CVE-2023-344xx/CVE-2023-34403.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34403",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T23:15:09.440",
"lastModified": "2025-03-18T17:15:42.447",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T16:12:39.147",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mercedes-benz:headunit_ntg6_mercedes-benz_user_experience:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2021",
"matchCriteriaId": "675DA3B4-565F-4910-9BAC-331924584725"
}
]
}
]
}
],
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

26
CVE-2023/CVE-2023-344xx/CVE-2023-34404.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34404",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T23:15:09.553",
"lastModified": "2025-03-17T19:15:20.573",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T16:12:36.397",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mercedes-benz:headunit_ntg6_mercedes-benz_user_experience:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "42670EBA-2A3A-4AFD-AFA9-8D16EB0DAAC0"
}
]
}
]
}
],
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

27
CVE-2023/CVE-2023-344xx/CVE-2023-34406.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34406",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T23:15:09.633",
"lastModified": "2025-03-17T19:15:20.787",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T16:12:33.503",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mercedes-benz:headunit_ntg6_mercedes-benz_user_experience:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2021",
"matchCriteriaId": "675DA3B4-565F-4910-9BAC-331924584725"
}
]
}
]
}
],
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-366xx/CVE-2023-36682.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36682",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-30T14:15:09.583",
"lastModified": "2024-11-21T08:10:21.083",
"vulnStatus": "Modified",
"lastModified": "2025-06-27T15:56:42.170",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,9 +80,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:brainstormforce:schema_pro:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:brainstormforce:schema:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "2.7.8",
"matchCriteriaId": "D8D591C1-AA44-4E58-A105-3478E97FA43D"
"matchCriteriaId": "7723F131-C8E2-4B58-AE01-3452E0B16EF9"
}
]
}

60
CVE-2023/CVE-2023-380xx/CVE-2023-38007.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2023-38007",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-06-27T15:15:24.623",
"lastModified": "2025-06-27T15:15:24.623",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Cloud Pak System 2.3.5.0, 2.3.3.7, 2.3.3.7 iFix1 on Power and 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.4.0, 2.3.4.1 on Intel operating systems is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site."
},
{
"lang": "es",
"value": "IBM Cloud Pak System 2.3.5.0, 2.3.3.7, 2.3.3.7 iFix1 en Power y 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.4.0, 2.3.4.1 en sistemas operativos Intel es vulnerable a la inyecci\u00f3n de HTML. Un atacante remoto podr\u00eda inyectar c\u00f3digo HTML malicioso que, al visualizarse, se ejecutar\u00eda en el navegador web de la v\u00edctima dentro del contexto de seguridad del sitio web que lo aloja."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-80"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7237162",
"source": "psirt@us.ibm.com"
}
]
}

27
CVE-2023/CVE-2023-406xx/CVE-2023-40670.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40670",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-12-13T15:15:22.127",
"lastModified": "2024-12-13T15:15:22.127",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T18:08:45.467",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:reviewx:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.6.18",
"matchCriteriaId": "EF009016-B39B-4281-B31D-DA781C1B5C52"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/reviewx/vulnerability/wordpress-reviewx-plugin-1-6-17-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2024/CVE-2024-102xx/CVE-2024-10215.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-10215",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-09T20:15:34.410",
"lastModified": "2025-06-05T14:50:10.413",
"lastModified": "2025-06-27T17:37:52.610",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -60,9 +60,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:iqonicdesign:wpbookit:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:iqonic:wpbookit:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "1.6.6",
"matchCriteriaId": "0869C504-573F-45C9-96FE-49D60D9E7BED"
"matchCriteriaId": "A2775321-E917-4190-AAF5-99D489B1E54D"
}
]
}

65
CVE-2024/CVE-2024-107xx/CVE-2024-10718.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10718",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:18.650",
"lastModified": "2025-03-20T10:15:18.650",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T15:29:49.470",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -49,16 +71,51 @@
"value": "CWE-614"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpipam:phpipam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.7.0",
"matchCriteriaId": "896B6AA4-8068-41F4-ACD4-92893E5BB0AD"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/phpipam/phpipam/commit/ddf70ef6801442eb8b0be5eea829e470e653c70e",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/725bce8f-328f-4fbc-acf5-46ea920cd3c1",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

27
CVE-2024/CVE-2024-109xx/CVE-2024-10971.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10971",
"sourceIdentifier": "security@devolutions.net",
"published": "2024-11-12T16:15:19.930",
"lastModified": "2024-11-21T08:49:10.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-27T18:47:48.057",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.3.7.0",
"matchCriteriaId": "4C28C033-192A-442A-858D-FCB64949E8F2"
}
]
}
]
}
],
"references": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2024-0015/",
"source": "security@devolutions.net"
"source": "security@devolutions.net",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2024/CVE-2024-116xx/CVE-2024-11628.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-11628",
"sourceIdentifier": "security@progress.com",
"published": "2025-02-12T17:15:22.067",
"lastModified": "2025-02-21T12:08:11.927",
"lastModified": "2025-06-27T19:18:38.750",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -80,10 +80,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:telerik:kendo_ui_for_vue:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:progress:kendo_ui_for_vue:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.4.0",
"versionEndExcluding": "6.1.0",
"matchCriteriaId": "1F3119A5-2160-46C0-804B-56269A1D204D"
"matchCriteriaId": "CE56334D-DFF3-4969-87F3-276E91DF5A70"
}
]
}

60
CVE-2024/CVE-2024-117xx/CVE-2024-11739.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-11739",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2025-06-27T16:15:23.703",
"lastModified": "2025-06-27T16:15:23.703",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Case Informatics Case ERP allows SQL Injection.This issue affects Case ERP: before V2.0.1."
},
{
"lang": "es",
"value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL ('Inyecci\u00f3n SQL') en Case Informatics Case ERP permite la inyecci\u00f3n SQL. Este problema afecta a Case ERP: antes de V2.0.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-25-0139",
"source": "iletisim@usom.gov.tr"
}
]
}

8
CVE-2024/CVE-2024-121xx/CVE-2024-12136.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-12136",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2025-03-19T09:15:12.710",
"lastModified": "2025-05-12T16:56:35.197",
"vulnStatus": "Analyzed",
"lastModified": "2025-06-27T12:15:27.970",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Critical Step in Authentication vulnerability in Elfatek Elektronics ANKA JPD-00028 allows Authentication Bypass.This issue affects ANKA JPD-00028: through 19.03.2025.\n\nNOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available."
"value": "Missing Critical Step in Authentication vulnerability in Elfatek Elektronics ANKA JPD-00028 allows Authentication Bypass.This issue affects ANKA JPD-00028: before V.01.01."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2024/CVE-2024-121xx/CVE-2024-12137.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-12137",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2025-03-19T09:15:14.090",
"lastModified": "2025-03-19T09:15:14.090",
"lastModified": "2025-06-27T12:15:28.977",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass by Capture-replay vulnerability in Elfatek Elektronics ANKA JPD-00028 allows Session Hijacking.This issue affects ANKA JPD-00028: through 19.03.2025.\n\n\nNOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available."
"value": "Authentication Bypass by Capture-replay vulnerability in Elfatek Elektronics ANKA JPD-00028 allows Session Hijacking.This issue affects ANKA JPD-00028: before V.01.01."
},
{
"lang": "es",
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

60
CVE-2024/CVE-2024-121xx/CVE-2024-12143.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12143",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2025-06-27T17:15:32.400",
"lastModified": "2025-06-27T17:15:32.400",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mobilteg Mobile Informatics Mikro Hand Terminal - MikroDB allows SQL Injection.This issue affects .\u00a0NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available."
},
{
"lang": "es",
"value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL ('Inyecci\u00f3n SQL') en Mobilteg Mobile Informatics Mikro Hand Terminal - MikroDB permite la inyecci\u00f3n SQL. Este problema afecta a . NOTA: El proveedor no inform\u00f3 sobre la finalizaci\u00f3n del proceso de correcci\u00f3n dentro del plazo especificado. El CVE se actualizar\u00e1 cuando haya nueva informaci\u00f3n disponible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-25-0142",
"source": "iletisim@usom.gov.tr"
}
]
}

60
CVE-2024/CVE-2024-121xx/CVE-2024-12150.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12150",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2025-06-27T17:15:32.610",
"lastModified": "2025-06-27T17:15:32.610",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eron Software Wowwo CRM allows Blind SQL Injection.This issue affects .\u00a0NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available."
},
{
"lang": "es",
"value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL ('Inyecci\u00f3n SQL') en Eron Software Wowwo CRM permite la inyecci\u00f3n SQL ciega. Este problema afecta . NOTA: El proveedor no inform\u00f3 sobre la finalizaci\u00f3n del proceso de correcci\u00f3n dentro del plazo especificado. El CVE se actualizar\u00e1 cuando haya nueva informaci\u00f3n disponible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-25-0141",
"source": "iletisim@usom.gov.tr"
}
]
}

60
CVE-2024/CVE-2024-123xx/CVE-2024-12364.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12364",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2025-06-27T17:15:32.813",
"lastModified": "2025-06-27T17:15:32.813",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mavi Ye\u015fil Software Guest Tracking Software allows SQL Injection.This issue affects .\u00a0\u00a0NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available."
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL ('Inyecci\u00f3n SQL') en Mavi Ye?il Software Guest Tracking Software permite la inyecci\u00f3n SQL. Este problema afecta a . NOTA: El proveedor no inform\u00f3 sobre la finalizaci\u00f3n del proceso de correcci\u00f3n dentro del plazo especificado. El CVE se actualizar\u00e1 cuando haya nueva informaci\u00f3n disponible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-25-0140",
"source": "iletisim@usom.gov.tr"
}
]
}

6
CVE-2024/CVE-2024-126xx/CVE-2024-12629.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-12629",
"sourceIdentifier": "security@progress.com",
"published": "2025-02-12T16:15:39.810",
"lastModified": "2025-02-20T20:40:12.200",
"lastModified": "2025-06-27T17:24:34.500",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -80,10 +80,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:telerik:kendoreact:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:progress:kendoreact:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.5.0",
"versionEndExcluding": "9.4.0",
"matchCriteriaId": "E7E699ED-8526-4D26-B579-CFC0DCDDC588"
"matchCriteriaId": "E6F6DD27-124D-46F1-BBD8-D46ED9007020"
}
]
}

64
CVE-2024/CVE-2024-128xx/CVE-2024-12827.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-12827",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-06-27T09:15:24.300",
"lastModified": "2025-06-27T09:15:24.300",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DWT - Directory & Listing WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.3.6. This is due to the plugin not properly checking for an empty token value prior to resetting a user's password through the dwt_listing_reset_password() function. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account."
},
{
"lang": "es",
"value": "El tema DWT - Directory & Listing WordPress Theme para WordPress es vulnerable a la escalada de privilegios mediante el robo de cuentas en todas las versiones hasta la 3.3.6 incluida. Esto se debe a que el complemento no comprueba correctamente si el valor del token est\u00e1 vac\u00edo antes de restablecer la contrase\u00f1a de un usuario mediante la funci\u00f3n dwt_listing_reset_password(). Esto permite que atacantes no autenticados cambien las contrase\u00f1as de usuarios arbitrarios, incluyendo las de administradores, y aprovechen esta situaci\u00f3n para acceder a sus cuentas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-620"
}
]
}
],
"references": [
{
"url": "https://themeforest.net/item/dwt-listing-directory-listing-wordpress-theme/21976132",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/51fc7d47-2a0f-4713-9859-120321aa32dc?source=cve",
"source": "security@wordfence.com"
}
]
}

52
CVE-2024/CVE-2024-13xx/CVE-2024-1316.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1316",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-04T21:15:07.007",
"lastModified": "2024-11-21T08:50:19.090",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-27T14:13:27.050",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,14 +39,58 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liquidweb:event_tickets:*:*:*:*:free:wordpress:*:*",
"versionEndExcluding": "5.8.1",
"matchCriteriaId": "38606711-F38F-4EDD-933A-6E56180236EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liquidweb:event_tickets:*:*:*:*:plus:wordpress:*:*",
"versionEndExcluding": "5.9.1",
"matchCriteriaId": "4DF28AAA-1A23-4675-9FC1-01B6E1CAC2C7"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/d80dfe2f-207d-4cdf-8c71-27936c6318e5/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://wpscan.com/vulnerability/d80dfe2f-207d-4cdf-8c71-27936c6318e5/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

46
CVE-2024/CVE-2024-15xx/CVE-2024-1564.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1564",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-03-25T05:15:50.557",
"lastModified": "2024-11-21T08:50:50.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-27T15:31:56.910",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,14 +39,52 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:brainstormforce:schema:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "2.7.16",
"matchCriteriaId": "DAA6F9FA-7B6D-4DAC-A824-5AD91AA086FC"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/ecb1e36f-9c6e-4754-8878-03c97194644d/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://wpscan.com/vulnerability/ecb1e36f-9c6e-4754-8878-03c97194644d/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

82
CVE-2024/CVE-2024-222xx/CVE-2024-22269.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22269",
"sourceIdentifier": "security@vmware.com",
"published": "2024-05-14T16:16:10.117",
"lastModified": "2024-11-21T08:55:55.890",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T13:34:58.657",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.5,
"impactScore": 4.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.5,
"impactScore": 4.0
}
]
},
@ -51,14 +71,68 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "AND",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0.0",
"versionEndExcluding": "17.5.2",
"matchCriteriaId": "EA567E5A-412F-4ED3-9434-E0290CDF753F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.0",
"versionEndExcluding": "13.5.2",
"matchCriteriaId": "373FFB23-C9E8-495D-BD27-6DC875887440"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
}
],
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24280",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24280",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

82
CVE-2024/CVE-2024-222xx/CVE-2024-22270.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22270",
"sourceIdentifier": "security@vmware.com",
"published": "2024-05-14T16:16:12.613",
"lastModified": "2024-11-21T08:55:56.013",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T13:36:04.077",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.5,
"impactScore": 4.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.5,
"impactScore": 4.0
}
]
},
@ -51,14 +71,68 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "AND",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0.0",
"versionEndExcluding": "17.5.2",
"matchCriteriaId": "EA567E5A-412F-4ED3-9434-E0290CDF753F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.0",
"versionEndExcluding": "13.5.2",
"matchCriteriaId": "373FFB23-C9E8-495D-BD27-6DC875887440"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
}
],
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24280",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24280",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

243
CVE-2024/CVE-2024-222xx/CVE-2024-22274.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22274",
"sourceIdentifier": "security@vmware.com",
"published": "2024-05-21T18:15:09.190",
"lastModified": "2024-11-21T08:55:56.530",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T13:37:52.240",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,249 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndExcluding": "5.1.1",
"matchCriteriaId": "FA6C5CFA-E78F-46EA-B8E0-8AE2A29C9586"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "8D30A78E-16D0-4A2E-A2F8-F6073698243E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "188E103E-9568-4CE0-A984-141B2A9E82D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:*",
"matchCriteriaId": "B266439F-E911-4C95-9D27-88DF96DDCCD5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "6508A908-EF14-4A72-AC75-5DA6F8B98A0E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:*",
"matchCriteriaId": "3BAD2012-5C82-4EA9-A780-9BF1DA5A18AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:*",
"matchCriteriaId": "58597F18-0B23-4D21-9ABA-D9773958F10E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3d:*:*:*:*:*:*",
"matchCriteriaId": "ADF46C54-313B-4742-A074-EEA0A6554680"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3e:*:*:*:*:*:*",
"matchCriteriaId": "9587F800-57BC-44B6-870E-95691684FC46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3f:*:*:*:*:*:*",
"matchCriteriaId": "AD148A75-5076-416D-AFD6-0F281DA0A82B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3g:*:*:*:*:*:*",
"matchCriteriaId": "956CEA8C-F8C4-41BD-85B4-44FE3A772E50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3h:*:*:*:*:*:*",
"matchCriteriaId": "008AEA0F-116B-4AF8-B3A7-3041CCE25235"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3i:*:*:*:*:*:*",
"matchCriteriaId": "EE486B2F-AED4-4FCE-A674-DFC25844FEFF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3j:*:*:*:*:*:*",
"matchCriteriaId": "4F73AA9E-51E9-4FA0-813D-AD05FDC3EF94"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3k:*:*:*:*:*:*",
"matchCriteriaId": "455DD46E-A071-476D-8914-767485E45F35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3l:*:*:*:*:*:*",
"matchCriteriaId": "3A422D04-48DF-4A16-94F8-D5702CC2782D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3m:*:*:*:*:*:*",
"matchCriteriaId": "806E9219-CDF4-4E62-978E-334E96A94BA6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3n:*:*:*:*:*:*",
"matchCriteriaId": "34D8B182-4E71-4655-8DD8-743A3EF6DC8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3o:*:*:*:*:*:*",
"matchCriteriaId": "8D8F6CC7-6B6D-4079-9E2C-A85C4616FF92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3p:*:*:*:*:*:*",
"matchCriteriaId": "A814F0AB-4AEB-4139-976F-425A4A9EC67B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CC974CA1-88D3-42E4-BF1F-28870F8171B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "EFE63984-F69B-4593-9AEC-D179D6D98B08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "34D1F3B3-8E3F-4E4D-8EE6-2F593663B5CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "16F3D992-9F48-4604-9AAF-DC2D1CE98BE2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "C745A7E6-4760-48CD-B7C4-1C2C20217F21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "A5522514-8ED9-45DB-9036-33FE40D77E7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1b:*:*:*:*:*:*",
"matchCriteriaId": "8C27C660-E917-4944-8B4C-41D9622B76D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "56CFB469-B3E6-4503-A47C-D18206D4D19A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "67024A43-9E13-4F4E-B711-731792DA3840"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1e:*:*:*:*:*:*",
"matchCriteriaId": "1188E9D6-53AD-40D0-8146-3728D071008D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "604F559F-1775-4F29-996E-9079B99345B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "61DC9400-5AEE-49AC-9925-0A96E32BD8C0"
}
]
}
]
}
],
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

243
CVE-2024/CVE-2024-222xx/CVE-2024-22275.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22275",
"sourceIdentifier": "security@vmware.com",
"published": "2024-05-21T18:15:09.383",
"lastModified": "2025-03-27T20:15:21.773",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T13:38:06.967",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,249 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndExcluding": "5.1.1",
"matchCriteriaId": "FA6C5CFA-E78F-46EA-B8E0-8AE2A29C9586"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "8D30A78E-16D0-4A2E-A2F8-F6073698243E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "188E103E-9568-4CE0-A984-141B2A9E82D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:*",
"matchCriteriaId": "B266439F-E911-4C95-9D27-88DF96DDCCD5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "6508A908-EF14-4A72-AC75-5DA6F8B98A0E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:*",
"matchCriteriaId": "3BAD2012-5C82-4EA9-A780-9BF1DA5A18AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:*",
"matchCriteriaId": "58597F18-0B23-4D21-9ABA-D9773958F10E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3d:*:*:*:*:*:*",
"matchCriteriaId": "ADF46C54-313B-4742-A074-EEA0A6554680"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3e:*:*:*:*:*:*",
"matchCriteriaId": "9587F800-57BC-44B6-870E-95691684FC46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3f:*:*:*:*:*:*",
"matchCriteriaId": "AD148A75-5076-416D-AFD6-0F281DA0A82B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3g:*:*:*:*:*:*",
"matchCriteriaId": "956CEA8C-F8C4-41BD-85B4-44FE3A772E50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3h:*:*:*:*:*:*",
"matchCriteriaId": "008AEA0F-116B-4AF8-B3A7-3041CCE25235"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3i:*:*:*:*:*:*",
"matchCriteriaId": "EE486B2F-AED4-4FCE-A674-DFC25844FEFF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3j:*:*:*:*:*:*",
"matchCriteriaId": "4F73AA9E-51E9-4FA0-813D-AD05FDC3EF94"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3k:*:*:*:*:*:*",
"matchCriteriaId": "455DD46E-A071-476D-8914-767485E45F35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3l:*:*:*:*:*:*",
"matchCriteriaId": "3A422D04-48DF-4A16-94F8-D5702CC2782D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3m:*:*:*:*:*:*",
"matchCriteriaId": "806E9219-CDF4-4E62-978E-334E96A94BA6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3n:*:*:*:*:*:*",
"matchCriteriaId": "34D8B182-4E71-4655-8DD8-743A3EF6DC8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3o:*:*:*:*:*:*",
"matchCriteriaId": "8D8F6CC7-6B6D-4079-9E2C-A85C4616FF92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3p:*:*:*:*:*:*",
"matchCriteriaId": "A814F0AB-4AEB-4139-976F-425A4A9EC67B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CC974CA1-88D3-42E4-BF1F-28870F8171B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "EFE63984-F69B-4593-9AEC-D179D6D98B08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "34D1F3B3-8E3F-4E4D-8EE6-2F593663B5CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "16F3D992-9F48-4604-9AAF-DC2D1CE98BE2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "C745A7E6-4760-48CD-B7C4-1C2C20217F21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "A5522514-8ED9-45DB-9036-33FE40D77E7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1b:*:*:*:*:*:*",
"matchCriteriaId": "8C27C660-E917-4944-8B4C-41D9622B76D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "56CFB469-B3E6-4503-A47C-D18206D4D19A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "67024A43-9E13-4F4E-B711-731792DA3840"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1e:*:*:*:*:*:*",
"matchCriteriaId": "1188E9D6-53AD-40D0-8146-3728D071008D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "604F559F-1775-4F29-996E-9079B99345B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "61DC9400-5AEE-49AC-9925-0A96E32BD8C0"
}
]
}
]
}
],
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-227xx/CVE-2024-22724.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22724",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-21T04:15:09.327",
"lastModified": "2024-11-21T08:56:35.627",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T15:21:43.277",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,22 +51,57 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oscommerce:oscommerce:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D289144B-230C-46DA-B11D-9A1D3A1DFCE9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/osCommerce/osCommerce-V4/issues/62",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://medium.com/%40cupc4k3/oscommerce-v4-rce-unveiling-the-file-upload-bypass-threat-f1ac0097880c",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/osCommerce/osCommerce-V4/issues/62",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://medium.com/%40cupc4k3/oscommerce-v4-rce-unveiling-the-file-upload-bypass-threat-f1ac0097880c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

44
CVE-2024/CVE-2024-22xx/CVE-2024-2241.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2241",
"sourceIdentifier": "security@devolutions.net",
"published": "2024-03-07T13:15:07.533",
"lastModified": "2024-11-21T09:09:19.940",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-27T14:18:30.700",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,14 +39,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:devolutions:workspace:*:*:*:*:-:*:*:*",
"versionEndExcluding": "2024.1.1.0",
"matchCriteriaId": "96F7DDAD-CAB1-4F23-A204-8883747935D9"
}
]
}
]
}
],
"references": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2024-0003",
"source": "security@devolutions.net"
"source": "security@devolutions.net",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://devolutions.net/security/advisories/DEVO-2024-0003",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2024/CVE-2024-239xx/CVE-2024-23944.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23944",
"sourceIdentifier": "security@apache.org",
"published": "2024-03-15T11:15:08.927",
"lastModified": "2025-02-13T18:17:05.470",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-27T15:13:01.597",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,24 +49,81 @@
"value": "CWE-200"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:zookeeper:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.6.0",
"versionEndIncluding": "3.7.2",
"matchCriteriaId": "8C9296E5-2E56-4FC3-9E6B-0A10250B4968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:zookeeper:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.8.0",
"versionEndExcluding": "3.8.4",
"matchCriteriaId": "67E0AF01-D875-4EF5-A015-66E3AA933CE7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:zookeeper:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.9.0",
"versionEndExcluding": "3.9.2",
"matchCriteriaId": "501AC2EB-2C3E-4388-B8AA-403535133FAC"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/14/2",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread/96s5nqssj03rznz9hv58txdb2k1lr79k",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/14/2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread/96s5nqssj03rznz9hv58txdb2k1lr79k",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

31
CVE-2024/CVE-2024-244xx/CVE-2024-24401.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24401",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-26T17:15:10.393",
"lastModified": "2024-11-21T08:59:14.860",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-27T13:23:42.450",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nagios:nagios_xi:2024:r1.0.1:*:*:*:*:*:*",
"matchCriteriaId": "C1FE1A0B-78D1-4626-A4CD-21B843DA596E"
}
]
}
]
}
],
"references": [
{
"url": "https://www.nagios.com/changelog/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.nagios.com/changelog/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
}
]
}

54
CVE-2024/CVE-2024-248xx/CVE-2024-24818.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24818",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-21T02:52:12.073",
"lastModified": "2024-11-21T08:59:46.770",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-27T14:35:32.800",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,24 +49,66 @@
"value": "CWE-610"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:espocrm:espocrm:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.1.2",
"matchCriteriaId": "4B720403-FE53-4C66-BA6A-BC535A68FA6B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/espocrm/espocrm/commit/3babdfa3399e328fb1bd83a1b4ed03d509f4c8e7",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/espocrm/espocrm/security/advisories/GHSA-8gv6-8r33-fm7j",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://github.com/espocrm/espocrm/commit/3babdfa3399e328fb1bd83a1b4ed03d509f4c8e7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/espocrm/espocrm/security/advisories/GHSA-8gv6-8r33-fm7j",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-249xx/CVE-2024-24915.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-24915",
"sourceIdentifier": "cve@checkpoint.com",
"published": "2025-06-29T12:15:22.803",
"lastModified": "2025-06-29T12:15:22.803",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@checkpoint.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve@checkpoint.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-316"
}
]
}
],
"references": [
{
"url": "https://support.checkpoint.com/results/sk/sk183545",
"source": "cve@checkpoint.com"
}
]
}

8
CVE-2024/CVE-2024-272xx/CVE-2024-27297.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27297",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-11T22:15:55.277",
"lastModified": "2025-02-26T18:44:04.867",
"vulnStatus": "Analyzed",
"lastModified": "2025-06-27T13:15:23.240",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -156,6 +156,10 @@
"Vendor Advisory"
]
},
{
"url": "https://guix.gnu.org/en/blog/2025/privilege-escalation-vulnerabilities-2025/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://hackmd.io/03UGerewRcy3db44JQoWvw",
"source": "af854a3a-2127-422b-91ae-364da2661108",

55
CVE-2024/CVE-2024-274xx/CVE-2024-27439.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27439",
"sourceIdentifier": "security@apache.org",
"published": "2024-03-19T11:15:06.537",
"lastModified": "2025-02-13T18:17:32.507",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-27T14:43:53.587",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -55,22 +55,65 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:wicket:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0",
"versionEndExcluding": "9.17.0",
"matchCriteriaId": "26BA1B22-867F-4638-B682-97D916E23EF6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:wicket:10.0.0:milestone1:*:*:*:*:*:*",
"matchCriteriaId": "9365B852-58AE-46B0-8EA5-41AB42E3BC40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:wicket:10.0.0:milestone2:*:*:*:*:*:*",
"matchCriteriaId": "AFEF17BD-48F1-4CAF-A195-45EE63001E12"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/19/2",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread/o825rvjjtmz3qv21ps5k7m2w9193g1lo",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/19/2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread/o825rvjjtmz3qv21ps5k7m2w9193g1lo",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-274xx/CVE-2024-27497.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27497",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-01T15:15:08.580",
"lastModified": "2024-11-21T09:04:40.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-27T14:10:21.000",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,49 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linksys:e2000_firmware:1.0.06:*:*:*:*:*:*:*",
"matchCriteriaId": "FE947E51-AD41-462E-B0B6-69A21F7D670A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:linksys:e2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8052B407-172A-4A6B-983C-074F0FD1F8DB"
}
]
}
]
}
],
"references": [
{
"url": "https://warp-desk-89d.notion.site/Linksys-E-2000-efcd532d8dcf4710a4af13fca131a5b8",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://warp-desk-89d.notion.site/Linksys-E-2000-efcd532d8dcf4710a4af13fca131a5b8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
}
]
}

58
CVE-2024/CVE-2024-281xx/CVE-2024-28130.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28130",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-04-23T15:15:49.390",
"lastModified": "2024-11-21T09:05:52.640",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T14:32:16.977",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,22 +51,68 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:offis:dcmtk:3.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A80B78-3210-466A-B051-3516CBDD6B84"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1957",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1957",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-286xx/CVE-2024-28640.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28640",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-16T06:15:14.613",
"lastModified": "2024-11-21T09:06:42.733",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-27T14:26:44.797",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,76 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:x5000r_firmware:9.1.0u.6118_b20201102:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCC3B52-0985-4F61-BBCC-16A271E15CD4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:x5000r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC45BFB0-0CF0-4F9E-B19D-D274B17F1591"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:a7000r_firmware:9.1.0u.6115_b20201022:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BB152D-5E33-4158-BFFD-68AED6A174E2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:a7000r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "603DA206-05D4-48FD-A506-F3BD8B4383B2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ZIKH26/CVE-information/blob/master/TOTOLINK/Vulnerability%20Information_2.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/ZIKH26/CVE-information/blob/master/TOTOLINK/Vulnerability%20Information_2.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
}
]
}

86
CVE-2024/CVE-2024-287xx/CVE-2024-28752.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28752",
"sourceIdentifier": "security@apache.org",
"published": "2024-03-15T11:15:09.220",
"lastModified": "2025-02-13T18:17:48.857",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-27T15:06:40.040",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,30 +61,100 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.8",
"matchCriteriaId": "6A08750E-6464-4EC2-A3D5-9846EEAA6EC4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.6.0",
"versionEndExcluding": "3.6.3",
"matchCriteriaId": "3AFDD11C-B774-4252-83A6-5892D89477E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.0.4",
"matchCriteriaId": "92A087F8-A4A4-4028-9785-3D9D6B22C68F"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:ontap_tools:10:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "5333B745-F7A3-46CB-8437-8668DB08CD6F"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/14/3",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240517-0001/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/14/3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240517-0001/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2024/CVE-2024-288xx/CVE-2024-28836.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28836",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-03T03:15:10.350",
"lastModified": "2024-11-21T09:07:02.010",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T17:46:46.613",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,65 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.5.0",
"versionEndExcluding": "3.6.0",
"matchCriteriaId": "E6F3DA60-78C6-4563-8944-8BF3BE5934C0"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.0",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2024/CVE-2024-301xx/CVE-2024-30166.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30166",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-03T03:15:10.510",
"lastModified": "2024-11-21T09:11:21.147",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T17:46:25.570",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,22 +51,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3.0",
"versionEndExcluding": "3.6.0",
"matchCriteriaId": "4E4A5737-C789-47B2-8D9F-7A92639FDEC1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.0",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

34
CVE-2024/CVE-2024-31xx/CVE-2024-3135.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3135",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-04-01T19:15:46.257",
"lastModified": "2024-11-21T09:28:58.417",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T15:58:15.920",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mudler:localai:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.17.0",
"matchCriteriaId": "F0DD3929-60FF-42EA-8255-D0057E2DF8BF"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/7afdc4d3-4b68-45ea-96d0-cf9ed3712ae8",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://huntr.com/bounties/7afdc4d3-4b68-45ea-96d0-cf9ed3712ae8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

67
CVE-2024/CVE-2024-31xx/CVE-2024-3151.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3151",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-02T17:15:46.803",
"lastModified": "2024-11-21T09:29:00.680",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T18:29:55.070",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -76,38 +76,85 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bdtask:m-store:-:*:*:*:*:*:*:*",
"matchCriteriaId": "136C59BD-A0E8-4455-ACF2-D0E56060D18B"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1oTqULJy357Z4dk85vPR_yMFXRNhwZywX/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.258924",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.258924",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.303898",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://drive.google.com/file/d/1oTqULJy357Z4dk85vPR_yMFXRNhwZywX/view?usp=sharing",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.258924",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.258924",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.303898",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

112
CVE-2024/CVE-2024-31xx/CVE-2024-3164.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3164",
"sourceIdentifier": "security@dotcms.com",
"published": "2024-04-01T22:15:22.507",
"lastModified": "2024-11-21T09:29:02.850",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-27T14:06:30.103",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,32 +49,128 @@
"value": "CWE-284"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dotcms:dotcms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "22.02",
"versionEndExcluding": "22.03.15",
"matchCriteriaId": "B8156D65-B011-4B9A-BF2E-F7F3CCFA8BD7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dotcms:dotcms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "23.01",
"versionEndExcluding": "23.01.15",
"matchCriteriaId": "4513A2EB-037F-4037-B4F7-44B8AECB407A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dotcms:dotcms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "23.02",
"versionEndIncluding": "23.09.7",
"matchCriteriaId": "E85B4224-34E8-47CD-8F08-8B129868AF1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dotcms:dotcms:23.10.24:1:*:*:lts:*:*:*",
"matchCriteriaId": "33DBCA2A-D4E2-4AE6-B6E0-FD0A277266F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dotcms:dotcms:23.10.24:2:*:*:lts:*:*:*",
"matchCriteriaId": "342C11DD-7760-42AE-8670-4461ECB51E4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dotcms:dotcms:23.10.24:3:*:*:lts:*:*:*",
"matchCriteriaId": "90B73A81-7202-4B0B-822B-4F2EE4480663"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dotcms:dotcms:23.10.24:4:*:*:lts:*:*:*",
"matchCriteriaId": "0BFA7220-B846-451B-A7B2-C3DC87767575"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dotcms:dotcms:23.10.24:5:*:*:lts:*:*:*",
"matchCriteriaId": "258813CA-66A7-4DCA-883D-884FB88430DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dotcms:dotcms:23.10.24:6:*:*:lts:*:*:*",
"matchCriteriaId": "E69C8B72-A38C-4D97-83BB-DCE392D3ABD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dotcms:dotcms:23.10.24:7:*:*:lts:*:*:*",
"matchCriteriaId": "B5309F19-2D65-4E87-87FD-2A0294008FF5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/dotCMS/core/issues/27909",
"source": "security@dotcms.com"
"source": "security@dotcms.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/dotCMS/core/pull/27912",
"source": "security@dotcms.com"
"source": "security@dotcms.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://www.dotcms.com/security/SI-69",
"source": "security@dotcms.com"
"source": "security@dotcms.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/dotCMS/core/issues/27909",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/dotCMS/core/pull/27912",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://www.dotcms.com/security/SI-69",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
}
]
}

Some files were not shown because too many files have changed in this diff Show More