admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-18T23:00:20.538864+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-18 23:03:50 +00:00
parent f0478725b0
commit 69c6048eee
46 changed files with 1547 additions and 317 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
CVE-2018/CVE-2018-94xx/CVE-2018-9461.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-9461", "id": "CVE-2018-9461",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2025-01-18T00:15:25.043", "published": "2025-01-18T00:15:25.043",
"lastModified": "2025-02-18T21:15:13.473", "lastModified": "2025-03-18T21:15:22.917",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "En onAttachFragment de ShareIntentActivity.java, existe una forma posible de que una aplicaci\u00f3n lea archivos en la aplicaci\u00f3n de mensajes debido a una condici\u00f3n ejecuci\u00f3n. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n." "value": "En onAttachFragment de ShareIntentActivity.java, existe una forma posible de que una aplicaci\u00f3n lea archivos en la aplicaci\u00f3n de mensajes debido a una condici\u00f3n ejecuci\u00f3n. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://source.android.com/security/bulletin/pixel/2018-08-01", "url": "https://source.android.com/security/bulletin/pixel/2018-08-01",

14
CVE-2022/CVE-2022-238xx/CVE-2022-23815.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-23815", "id": "CVE-2022-23815",
"sourceIdentifier": "psirt@amd.com", "sourceIdentifier": "psirt@amd.com",
"published": "2024-08-13T17:15:18.197", "published": "2024-08-13T17:15:18.197",
"lastModified": "2025-01-03T18:04:08.963", "lastModified": "2025-03-18T21:15:23.087",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -69,6 +69,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-370xx/CVE-2023-37036.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-37036", "id": "CVE-2023-37036",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:10.970", "published": "2025-01-21T23:15:10.970",
"lastModified": "2025-02-18T21:15:18.833", "lastModified": "2025-03-18T21:15:23.263",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-476" "value": "CWE-476"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
} }
], ],
"configurations": [ "configurations": [

14
CVE-2023/CVE-2023-523xx/CVE-2023-52379.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52379", "id": "CVE-2023-52379",
"sourceIdentifier": "psirt@huawei.com", "sourceIdentifier": "psirt@huawei.com",
"published": "2024-02-18T07:15:09.070", "published": "2024-02-18T07:15:09.070",
"lastModified": "2025-03-13T14:50:11.897", "lastModified": "2025-03-18T21:15:23.413",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
} }
], ],
"configurations": [ "configurations": [

60
CVE-2024/CVE-2024-125xx/CVE-2024-12563.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12563",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-18T21:15:23.590",
"lastModified": "2025-03-18T21:15:23.590",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The s2Member Pro plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 250214 via the 'template' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://s2member.com/changelog/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d3326e9d-504f-444f-baf7-03989594f483?source=cve",
"source": "security@wordfence.com"
}
]
}

32
CVE-2024/CVE-2024-220xx/CVE-2024-22074.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-22074", "id": "CVE-2024-22074",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-06-06T21:15:48.180", "published": "2024-06-06T21:15:48.180",
"lastModified": "2024-11-21T08:55:30.200", "lastModified": "2025-03-18T21:15:23.753",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2024/CVE-2024-244xx/CVE-2024-24419.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24419", "id": "CVE-2024-24419",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:11.910", "published": "2025-01-21T23:15:11.910",
"lastModified": "2025-02-18T21:15:20.623", "lastModified": "2025-03-18T21:15:23.910",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-120" "value": "CWE-120"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
} }
], ],
"configurations": [ "configurations": [

39
CVE-2024/CVE-2024-244xx/CVE-2024-24445.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24445", "id": "CVE-2024-24445",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T22:15:11.847", "published": "2025-01-21T22:15:11.847",
"lastModified": "2025-02-18T21:15:21.660", "lastModified": "2025-03-18T21:15:24.047",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "OpenAirInterface CN5G AMF (oai-cn5g-amf) <= 2.0.0 contiene una desreferencia nula en su gesti\u00f3n de mensajes de protocolo NGAP no compatibles, lo que permite que un atacante con acceso adyacente a la red a AMF lleve a cabo una denegaci\u00f3n de servicio. Cuando se recibe una tupla de c\u00f3digo de procedimiento/campo de presencia que no es compatible, OAI indexa en un puntero de funci\u00f3n nulo y posteriormente lo desreferencia." "value": "OpenAirInterface CN5G AMF (oai-cn5g-amf) <= 2.0.0 contiene una desreferencia nula en su gesti\u00f3n de mensajes de protocolo NGAP no compatibles, lo que permite que un atacante con acceso adyacente a la red a AMF lleve a cabo una denegaci\u00f3n de servicio. Cuando se recibe una tupla de c\u00f3digo de procedimiento/campo de presencia que no es compatible, OAI indexa en un puntero de funci\u00f3n nulo y posteriormente lo desreferencia."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [ "references": [
{ {
"url": "http://openairinterface.com", "url": "http://openairinterface.com",

14
CVE-2024/CVE-2024-273xx/CVE-2024-27368.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27368", "id": "CVE-2024-27368",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-09-09T20:15:04.403", "published": "2024-09-09T20:15:04.403",
"lastModified": "2024-09-11T15:25:46.313", "lastModified": "2025-03-18T21:15:24.180",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -69,6 +69,16 @@
"value": "CWE-125" "value": "CWE-125"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-278xx/CVE-2024-27858.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27858", "id": "CVE-2024-27858",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-09-17T00:15:47.797", "published": "2024-09-17T00:15:47.797",
"lastModified": "2024-09-23T19:56:28.840", "lastModified": "2025-03-18T21:15:24.320",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-281" "value": "CWE-281"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-281"
}
]
} }
], ],
"configurations": [ "configurations": [

39
CVE-2024/CVE-2024-279xx/CVE-2024-27981.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27981", "id": "CVE-2024-27981",
"sourceIdentifier": "support@hackerone.com", "sourceIdentifier": "support@hackerone.com",
"published": "2024-04-04T23:15:15.837", "published": "2024-04-04T23:15:15.837",
"lastModified": "2024-11-21T09:05:33.330", "lastModified": "2025-03-18T21:15:24.477",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de inyecci\u00f3n de comandos encontrada en servidores de red UniFi autohospedados (Linux) con la aplicaci\u00f3n de red UniFi (versi\u00f3n 8.0.28 y anteriores) permite a un actor malicioso con credenciales de administrador de la aplicaci\u00f3n de red UniFi escalar privilegios a root en el dispositivo host. Productos afectados: Aplicaci\u00f3n de red UniFi (Versi\u00f3n 8.0.28 y anteriores). Mitigaci\u00f3n: actualice la aplicaci\u00f3n UniFi Network a la versi\u00f3n 8.1.113 o posterior." "value": "Una vulnerabilidad de inyecci\u00f3n de comandos encontrada en servidores de red UniFi autohospedados (Linux) con la aplicaci\u00f3n de red UniFi (versi\u00f3n 8.0.28 y anteriores) permite a un actor malicioso con credenciales de administrador de la aplicaci\u00f3n de red UniFi escalar privilegios a root en el dispositivo host. Productos afectados: Aplicaci\u00f3n de red UniFi (Versi\u00f3n 8.0.28 y anteriores). Mitigaci\u00f3n: actualice la aplicaci\u00f3n UniFi Network a la versi\u00f3n 8.1.113 o posterior."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-038-038/9d13fead-47de-4372-b2c1-745b8d6b0399", "url": "https://community.ui.com/releases/Security-Advisory-Bulletin-038-038/9d13fead-47de-4372-b2c1-745b8d6b0399",

14
CVE-2024/CVE-2024-297xx/CVE-2024-29757.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-29757", "id": "CVE-2024-29757",
"sourceIdentifier": "dsap-vuln-management@google.com", "sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-04-05T20:15:08.867", "published": "2024-04-05T20:15:08.867",
"lastModified": "2024-11-21T09:08:15.743", "lastModified": "2025-03-18T21:15:24.640",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -39,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://source.android.com/security/bulletin/pixel/2024-04-01", "url": "https://source.android.com/security/bulletin/pixel/2024-04-01",

32
CVE-2024/CVE-2024-297xx/CVE-2024-29780.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-29780", "id": "CVE-2024-29780",
"sourceIdentifier": "dsap-vuln-management@google.com", "sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-06-13T21:15:51.950", "published": "2024-06-13T21:15:51.950",
"lastModified": "2024-11-21T09:08:18.770", "lastModified": "2025-03-18T21:15:26.573",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-908" "value": "CWE-908"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
} }
], ],
"configurations": [ "configurations": [

39
CVE-2024/CVE-2024-348xx/CVE-2024-34897.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-34897", "id": "CVE-2024-34897",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-02-03T21:15:12.680", "published": "2025-02-03T21:15:12.680",
"lastModified": "2025-02-18T19:15:15.710", "lastModified": "2025-03-18T21:15:27.097",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que Nedis SmartLife android app v1.4.0 conten\u00eda una vulnerabilidad de divulgaci\u00f3n de clave API." "value": "Se descubri\u00f3 que Nedis SmartLife android app v1.4.0 conten\u00eda una vulnerabilidad de divulgaci\u00f3n de clave API."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [ "references": [
{ {
"url": "http://nedis.com", "url": "http://nedis.com",

32
CVE-2024/CVE-2024-378xx/CVE-2024-37803.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37803", "id": "CVE-2024-37803",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-06-18T17:15:52.237", "published": "2024-06-18T17:15:52.237",
"lastModified": "2024-11-21T09:24:20.260", "lastModified": "2025-03-18T21:15:27.420",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-398xx/CVE-2024-39817.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39817", "id": "CVE-2024-39817",
"sourceIdentifier": "vultures@jpcert.or.jp", "sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-08-06T05:15:41.087", "published": "2024-08-06T05:15:41.087",
"lastModified": "2024-09-11T19:36:18.050", "lastModified": "2025-03-18T21:15:28.040",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
} }
], ],
"configurations": [ "configurations": [

14
CVE-2024/CVE-2024-406xx/CVE-2024-40655.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40655", "id": "CVE-2024-40655",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2024-09-11T00:15:11.243", "published": "2024-09-11T00:15:11.243",
"lastModified": "2024-12-17T19:09:51.027", "lastModified": "2025-03-18T21:15:28.700",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -69,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2024/CVE-2024-407xx/CVE-2024-40796.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40796", "id": "CVE-2024-40796",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:12.540", "published": "2024-07-29T23:15:12.540",
"lastModified": "2024-11-21T09:31:38.950", "lastModified": "2025-03-18T21:15:29.100",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-359"
}
]
} }
], ],
"configurations": [ "configurations": [

22
CVE-2024/CVE-2024-40xx/CVE-2024-4094.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-4094", "id": "CVE-2024-4094",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2024-06-18T06:15:12.360", "published": "2024-06-18T06:15:12.360",
"lastModified": "2024-11-21T09:42:10.950", "lastModified": "2025-03-18T21:15:30.823",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

32
CVE-2024/CVE-2024-416xx/CVE-2024-41600.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-41600", "id": "CVE-2024-41600",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-07-19T18:15:05.727", "published": "2024-07-19T18:15:05.727",
"lastModified": "2024-11-21T09:32:49.507", "lastModified": "2025-03-18T21:15:29.290",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
} }
], ],
"configurations": [ "configurations": [

22
CVE-2024/CVE-2024-416xx/CVE-2024-41623.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-41623", "id": "CVE-2024-41623",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-08-13T14:15:12.203", "published": "2024-08-13T14:15:12.203",
"lastModified": "2024-08-23T15:35:07.653", "lastModified": "2025-03-18T21:15:29.457",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },

32
CVE-2024/CVE-2024-440xx/CVE-2024-44083.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44083", "id": "CVE-2024-44083",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-08-19T04:15:04.760", "published": "2024-08-19T04:15:04.760",
"lastModified": "2025-01-09T20:15:38.220", "lastModified": "2025-03-18T21:15:29.613",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-770" "value": "CWE-770"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-441xx/CVE-2024-44163.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44163", "id": "CVE-2024-44163",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-09-17T00:15:51.107", "published": "2024-09-17T00:15:51.107",
"lastModified": "2024-09-26T13:55:41.473", "lastModified": "2025-03-18T21:15:29.770",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2024/CVE-2024-449xx/CVE-2024-44911.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44911", "id": "CVE-2024-44911",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-09-27T15:15:14.990", "published": "2024-09-27T15:15:14.990",
"lastModified": "2025-01-31T16:15:34.057", "lastModified": "2025-03-18T21:15:29.927",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-125" "value": "CWE-125"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-465xx/CVE-2024-46558.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46558", "id": "CVE-2024-46558",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:17.033", "published": "2024-09-18T15:15:17.033",
"lastModified": "2024-09-24T16:41:49.970", "lastModified": "2025-03-18T21:15:30.077",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-120" "value": "CWE-120"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-465xx/CVE-2024-46566.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46566", "id": "CVE-2024-46566",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:17.367", "published": "2024-09-18T15:15:17.367",
"lastModified": "2024-09-24T16:41:58.953", "lastModified": "2025-03-18T21:15:30.230",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-120" "value": "CWE-120"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-472xx/CVE-2024-47222.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47222", "id": "CVE-2024-47222",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-09-23T20:15:05.493", "published": "2024-09-23T20:15:05.493",
"lastModified": "2024-09-30T14:02:23.007", "lastModified": "2025-03-18T21:15:30.377",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-918" "value": "CWE-918"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
} }
], ],
"configurations": [ "configurations": [

27
CVE-2024/CVE-2024-478xx/CVE-2024-47891.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-47891", "id": "CVE-2024-47891",
"sourceIdentifier": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "sourceIdentifier": "367425dc-4d06-4041-9650-c2dc6aaa27ce",
"published": "2025-01-31T04:15:08.553", "published": "2025-01-31T04:15:08.553",
"lastModified": "2025-02-18T19:15:16.843", "lastModified": "2025-03-18T21:15:30.533",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "El software instalado y ejecutado como un usuario sin privilegios puede realizar llamadas de GPU sistema incorrectas para activar excepciones de kernel use-after-free." "value": "El software instalado y ejecutado como un usuario sin privilegios puede realizar llamadas de GPU sistema incorrectas para activar excepciones de kernel use-after-free."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "source": "367425dc-4d06-4041-9650-c2dc6aaa27ce",

39
CVE-2024/CVE-2024-481xx/CVE-2024-48126.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48126", "id": "CVE-2024-48126",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-15T21:15:13.613", "published": "2025-01-15T21:15:13.613",
"lastModified": "2025-02-18T22:15:11.980", "lastModified": "2025-03-18T21:15:30.690",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": " Se descubri\u00f3 que HI-SCAN 6040i Hitrax HX-03-19-I conten\u00eda credenciales codificadas para acceder al soporte del proveedor y al servicio." "value": " Se descubri\u00f3 que HI-SCAN 6040i Hitrax HX-03-19-I conten\u00eda credenciales codificadas para acceder al soporte del proveedor y al servicio."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://kth.diva-portal.org/smash/get/diva2:1876534/FULLTEXT01.pdf", "url": "https://kth.diva-portal.org/smash/get/diva2:1876534/FULLTEXT01.pdf",

39
CVE-2024/CVE-2024-511xx/CVE-2024-51122.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-51122", "id": "CVE-2024-51122",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-02-12T22:15:39.603", "published": "2025-02-12T22:15:39.603",
"lastModified": "2025-02-18T18:15:25.977", "lastModified": "2025-03-18T21:15:30.977",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "La vulnerabilidad de Cross Site Scripting en Zertificon Z1 SecureMail Z1 CertServer v.3.16.4-2516-debian12 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de los par\u00e1metros ST, L, O, OU, CN." "value": "La vulnerabilidad de Cross Site Scripting en Zertificon Z1 SecureMail Z1 CertServer v.3.16.4-2516-debian12 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de los par\u00e1metros ST, L, O, OU, CN."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/MVRC-ITSEC/CVEs/blob/main/CVE-2024-51122", "url": "https://github.com/MVRC-ITSEC/CVEs/blob/main/CVE-2024-51122",

39
CVE-2024/CVE-2024-545xx/CVE-2024-54530.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-54530", "id": "CVE-2024-54530",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:13.753", "published": "2025-01-27T22:15:13.753",
"lastModified": "2025-02-18T20:15:21.750", "lastModified": "2025-03-18T21:15:31.120",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Undergoing Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "El problema se solucion\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en macOS Sequoia 15.2, watchOS 11.2, visionOS 2.2, iOS 18.2 y iPadOS 18.2. La funci\u00f3n de autocompletar contrase\u00f1as puede completar las contrase\u00f1as despu\u00e9s de una autenticaci\u00f3n fallida." "value": "El problema se solucion\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en macOS Sequoia 15.2, watchOS 11.2, visionOS 2.2, iOS 18.2 y iPadOS 18.2. La funci\u00f3n de autocompletar contrase\u00f1as puede completar las contrase\u00f1as despu\u00e9s de una autenticaci\u00f3n fallida."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/121837", "url": "https://support.apple.com/en-us/121837",

39
CVE-2024/CVE-2024-554xx/CVE-2024-55456.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-55456", "id": "CVE-2024-55456",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-02-03T17:15:21.797", "published": "2025-02-03T17:15:21.797",
"lastModified": "2025-02-18T19:15:19.267", "lastModified": "2025-03-18T21:15:31.267",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que lunasvg v3.0.1 conten\u00eda una violaci\u00f3n de segmentaci\u00f3n a trav\u00e9s del componente gray_find_cell" "value": "Se descubri\u00f3 que lunasvg v3.0.1 conten\u00eda una violaci\u00f3n de segmentaci\u00f3n a trav\u00e9s del componente gray_find_cell"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-653"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/sammycage/lunasvg/issues/199", "url": "https://github.com/sammycage/lunasvg/issues/199",

39
CVE-2024/CVE-2024-570xx/CVE-2024-57076.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-57076", "id": "CVE-2024-57076",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-02-05T22:15:31.910", "published": "2025-02-05T22:15:31.910",
"lastModified": "2025-02-18T19:15:20.793", "lastModified": "2025-03-18T21:15:31.397",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Un prototipo de contaminaci\u00f3n en la funci\u00f3n lib.post de ajax-request v1.2.3 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) mediante el suministro de un payload manipulado." "value": "Un prototipo de contaminaci\u00f3n en la funci\u00f3n lib.post de ajax-request v1.2.3 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) mediante el suministro de un payload manipulado."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://gist.github.com/tariqhawis/c432b93ee7d967c2e65bc1bf39241664", "url": "https://gist.github.com/tariqhawis/c432b93ee7d967c2e65bc1bf39241664",

39
CVE-2024/CVE-2024-570xx/CVE-2024-57079.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-57079", "id": "CVE-2024-57079",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-02-05T22:15:32.193", "published": "2025-02-05T22:15:32.193",
"lastModified": "2025-02-18T19:15:21.027", "lastModified": "2025-03-18T21:15:31.540",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Un prototipo de contaminaci\u00f3n en la funci\u00f3n lib.deepMerge de @zag-js/core v0.50.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) mediante el suministro de un payload manipulado." "value": "Un prototipo de contaminaci\u00f3n en la funci\u00f3n lib.deepMerge de @zag-js/core v0.50.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) mediante el suministro de un payload manipulado."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://gist.github.com/tariqhawis/4778fc57084766b7b7fb6d25d20b7b9b", "url": "https://gist.github.com/tariqhawis/4778fc57084766b7b7fb6d25d20b7b9b",

21
CVE-2024/CVE-2024-571xx/CVE-2024-57151.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-57151",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-18T21:15:31.663",
"lastModified": "2025-03-18T21:15:31.663",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in rainrocka xinhu v.2.6.5 and before allows a remote attacker to execute arbitrary code via the inputAction.php file and the saveAjax function"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/jcxj/jcxj/blob/master/source/_posts/%E4%BF%A1%E5%91%BCoa%E5%AE%A1%E8%AE%A1.md",
"source": "cve@mitre.org"
}
]
}

41
CVE-2024/CVE-2024-573xx/CVE-2024-57348.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57348", "id": "CVE-2024-57348",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-03-13T14:15:34.223", "published": "2025-03-13T14:15:34.223",
"lastModified": "2025-03-13T19:15:49.170", "lastModified": "2025-03-18T21:15:31.757",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,7 +15,42 @@
"value": "La vulnerabilidad de Cross Site Scripting en PecanProject pecan hasta v.1.8.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de el payload manipulado en los par\u00e1metros hostname, sitegroupid, lat, lon y sitename." "value": "La vulnerabilidad de Cross Site Scripting en PecanProject pecan hasta v.1.8.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de el payload manipulado en los par\u00e1metros hostname, sitegroupid, lat, lon y sitename."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/PecanProject/pecan/issues/3400", "url": "https://github.com/PecanProject/pecan/issues/3400",

39
CVE-2024/CVE-2024-576xx/CVE-2024-57673.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-57673", "id": "CVE-2024-57673",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-02-06T20:15:40.347", "published": "2025-02-06T20:15:40.347",
"lastModified": "2025-02-18T19:15:22.723", "lastModified": "2025-03-18T21:15:31.887",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Un problema en Floodlight v1.2 permite que un atacante local provoque una denegaci\u00f3n de servicio a trav\u00e9s del m\u00f3dulo Topology Manager y el m\u00f3dulo Linkdiscovery" "value": "Un problema en Floodlight v1.2 permite que un atacante local provoque una denegaci\u00f3n de servicio a trav\u00e9s del m\u00f3dulo Topology Manager y el m\u00f3dulo Linkdiscovery"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/floodlight/floodlight/issues/872", "url": "https://github.com/floodlight/floodlight/issues/872",

39
CVE-2024/CVE-2024-577xx/CVE-2024-57723.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-57723", "id": "CVE-2024-57723",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-23T01:15:27.270", "published": "2025-01-23T01:15:27.270",
"lastModified": "2025-02-18T20:15:22.937", "lastModified": "2025-03-18T21:15:32.023",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que lunasvg v3.0.0 conten\u00eda una violaci\u00f3n de segmentaci\u00f3n a trav\u00e9s del componente composition_source_over." "value": "Se descubri\u00f3 que lunasvg v3.0.0 conten\u00eda una violaci\u00f3n de segmentaci\u00f3n a trav\u00e9s del componente composition_source_over."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-653"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/keepinggg/poc/blob/main/poc_of_lunasvg_3.1.0", "url": "https://github.com/keepinggg/poc/blob/main/poc_of_lunasvg_3.1.0",

39
CVE-2024/CVE-2024-577xx/CVE-2024-57768.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-57768", "id": "CVE-2024-57768",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-16T18:15:26.003", "published": "2025-01-16T18:15:26.003",
"lastModified": "2025-02-18T21:15:24.723", "lastModified": "2025-03-18T21:15:32.153",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": " Se descubri\u00f3 que JFinalOA anterior a v2025.01.01 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del componente validRoleKey?sysRole.key." "value": " Se descubri\u00f3 que JFinalOA anterior a v2025.01.01 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del componente validRoleKey?sysRole.key."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://gitee.com/r1bbit/JFinalOA/issues/IBHUMT", "url": "https://gitee.com/r1bbit/JFinalOA/issues/IBHUMT",

12
CVE-2024/CVE-2024-66xx/CVE-2024-6610.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6610", "id": "CVE-2024-6610",
"sourceIdentifier": "security@mozilla.org", "sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:12.983", "published": "2024-07-09T15:15:12.983",
"lastModified": "2024-11-21T09:49:59.490", "lastModified": "2025-03-18T21:15:32.297",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -69,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-451"
}
]
} }
], ],
"configurations": [ "configurations": [

22
CVE-2024/CVE-2024-89xx/CVE-2024-8900.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-8900", "id": "CVE-2024-8900",
"sourceIdentifier": "security@mozilla.org", "sourceIdentifier": "security@mozilla.org",
"published": "2024-09-17T19:15:29.163", "published": "2024-09-17T19:15:29.163",
"lastModified": "2024-10-30T15:35:26.207", "lastModified": "2025-03-18T21:15:32.470",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },

39
CVE-2025/CVE-2025-04xx/CVE-2025-0440.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-0440", "id": "CVE-2025-0440",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2025-01-15T11:15:10.187", "published": "2025-01-15T11:15:10.187",
"lastModified": "2025-02-18T22:15:16.993", "lastModified": "2025-03-18T21:15:32.617",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": " Una implementaci\u00f3n inadecuada en Pantalla completa en Google Chrome en Windows anterior a la versi\u00f3n 132.0.6834.83 permiti\u00f3 que un atacante remoto suplantara la interfaz de usuario a trav\u00e9s de una p\u00e1gina HTML manipulada. (Gravedad de seguridad de Chromium: media)" "value": " Una implementaci\u00f3n inadecuada en Pantalla completa en Google Chrome en Windows anterior a la versi\u00f3n 132.0.6834.83 permiti\u00f3 que un atacante remoto suplantara la interfaz de usuario a trav\u00e9s de una p\u00e1gina HTML manipulada. (Gravedad de seguridad de Chromium: media)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html",

16
CVE-2025/CVE-2025-300xx/CVE-2025-30066.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-30066", "id": "CVE-2025-30066",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-03-15T06:15:12.193", "published": "2025-03-15T06:15:12.193",
"lastModified": "2025-03-16T23:15:48.060", "lastModified": "2025-03-18T22:15:11.947",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code.)" "value": "tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code.)"
},
{
"lang": "es",
"value": "Los archivos modificados de tj-actions anteriores a la versi\u00f3n 46 permiten a atacantes remotos descubrir secretos leyendo los registros de acciones. (Las etiquetas v1 a v45.0.7 se vieron afectadas el 14 y el 15 de marzo de 2025 porque fueron modificadas por un actor de amenazas para apuntar a el commit 0e58ed8, que conten\u00eda c\u00f3digo malicioso de updateFeatures)."
} }
], ],
"metrics": { "metrics": {
@ -48,6 +52,10 @@
} }
], ],
"references": [ "references": [
{
"url": "https://blog.gitguardian.com/compromised-tj-actions/",
"source": "cve@mitre.org"
},
{ {
"url": "https://github.com/chains-project/maven-lockfile/pull/1111", "url": "https://github.com/chains-project/maven-lockfile/pull/1111",
"source": "cve@mitre.org" "source": "cve@mitre.org"
@ -119,6 +127,10 @@
{ {
"url": "https://www.wiz.io/blog/github-action-tj-actions-changed-files-supply-chain-attack-cve-2025-30066", "url": "https://www.wiz.io/blog/github-action-tj-actions-changed-files-supply-chain-attack-cve-2025-30066",
"source": "cve@mitre.org" "source": "cve@mitre.org"
},
{
"url": "https://www.cisa.gov/news-events/alerts/2025/03/18/supply-chain-compromise-third-party-github-action-cve-2025-30066",
"source": "af854a3a-2127-422b-91ae-364da2661108"
} }
] ]
} }

25
CVE-2025/CVE-2025-301xx/CVE-2025-30140.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-30140",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-18T21:15:32.880",
"lastModified": "2025-03-18T21:15:32.880",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on G-Net Dashcam BB GONX devices. A Public Domain name is Used for the Internal Domain Name. It uses an unregistered public domain name as an internal domain, creating a security risk. This domain was not owned by GNET originally, allowing an attacker to register it and potentially intercept sensitive device traffic (it has since been registered by the vulnerability discoverer). If the dashcam or related services attempt to resolve this domain over the public Internet instead of locally, it could lead to data exfiltration or man-in-the-middle attacks."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/geo-chen/GNET",
"source": "cve@mitre.org"
},
{
"url": "https://www.gnetsystem.com/eng/product/list?viewMode=view&idx=246&ca_id=0201",
"source": "cve@mitre.org"
}
]
}

77
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2025-03-18T21:00:19.783526+00:00 2025-03-18T23:00:20.538864+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2025-03-18T20:43:40.300000+00:00 2025-03-18T22:15:11.947000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -33,58 +33,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
285637 285640
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `14` Recently added CVEs: `3`
- [CVE-2025-21619](CVE-2025/CVE-2025-216xx/CVE-2025-21619.json) (`2025-03-18T19:15:47.997`) - [CVE-2024-12563](CVE-2024/CVE-2024-125xx/CVE-2024-12563.json) (`2025-03-18T21:15:23.590`)
- [CVE-2025-24799](CVE-2025/CVE-2025-247xx/CVE-2025-24799.json) (`2025-03-18T19:15:48.927`) - [CVE-2024-57151](CVE-2024/CVE-2024-571xx/CVE-2024-57151.json) (`2025-03-18T21:15:31.663`)
- [CVE-2025-24801](CVE-2025/CVE-2025-248xx/CVE-2025-24801.json) (`2025-03-18T19:15:49.110`) - [CVE-2025-30140](CVE-2025/CVE-2025-301xx/CVE-2025-30140.json) (`2025-03-18T21:15:32.880`)
- [CVE-2025-25040](CVE-2025/CVE-2025-250xx/CVE-2025-25040.json) (`2025-03-18T19:15:49.290`)
- [CVE-2025-25042](CVE-2025/CVE-2025-250xx/CVE-2025-25042.json) (`2025-03-18T19:15:49.447`)
- [CVE-2025-27080](CVE-2025/CVE-2025-270xx/CVE-2025-27080.json) (`2025-03-18T19:15:50.680`)
- [CVE-2025-29790](CVE-2025/CVE-2025-297xx/CVE-2025-29790.json) (`2025-03-18T19:15:50.813`)
- [CVE-2025-29907](CVE-2025/CVE-2025-299xx/CVE-2025-29907.json) (`2025-03-18T19:15:51.197`)
- [CVE-2025-29930](CVE-2025/CVE-2025-299xx/CVE-2025-29930.json) (`2025-03-18T19:15:51.340`)
- [CVE-2025-30137](CVE-2025/CVE-2025-301xx/CVE-2025-30137.json) (`2025-03-18T20:15:26.407`)
- [CVE-2025-30138](CVE-2025/CVE-2025-301xx/CVE-2025-30138.json) (`2025-03-18T20:15:26.507`)
- [CVE-2025-30139](CVE-2025/CVE-2025-301xx/CVE-2025-30139.json) (`2025-03-18T20:15:26.597`)
- [CVE-2025-30141](CVE-2025/CVE-2025-301xx/CVE-2025-30141.json) (`2025-03-18T20:15:26.693`)
- [CVE-2025-30142](CVE-2025/CVE-2025-301xx/CVE-2025-30142.json) (`2025-03-18T20:15:26.777`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `149` Recently modified CVEs: `41`
- [CVE-2024-54478](CVE-2024/CVE-2024-544xx/CVE-2024-54478.json) (`2025-03-18T20:15:24.467`) - [CVE-2024-40796](CVE-2024/CVE-2024-407xx/CVE-2024-40796.json) (`2025-03-18T21:15:29.100`)
- [CVE-2024-57019](CVE-2024/CVE-2024-570xx/CVE-2024-57019.json) (`2025-03-18T20:15:24.637`) - [CVE-2024-4094](CVE-2024/CVE-2024-40xx/CVE-2024-4094.json) (`2025-03-18T21:15:30.823`)
- [CVE-2024-57020](CVE-2024/CVE-2024-570xx/CVE-2024-57020.json) (`2025-03-18T19:15:46.330`) - [CVE-2024-41600](CVE-2024/CVE-2024-416xx/CVE-2024-41600.json) (`2025-03-18T21:15:29.290`)
- [CVE-2024-57098](CVE-2024/CVE-2024-570xx/CVE-2024-57098.json) (`2025-03-18T19:15:46.517`) - [CVE-2024-41623](CVE-2024/CVE-2024-416xx/CVE-2024-41623.json) (`2025-03-18T21:15:29.457`)
- [CVE-2024-57433](CVE-2024/CVE-2024-574xx/CVE-2024-57433.json) (`2025-03-18T19:15:46.680`) - [CVE-2024-44083](CVE-2024/CVE-2024-440xx/CVE-2024-44083.json) (`2025-03-18T21:15:29.613`)
- [CVE-2024-57580](CVE-2024/CVE-2024-575xx/CVE-2024-57580.json) (`2025-03-18T19:15:46.850`) - [CVE-2024-44163](CVE-2024/CVE-2024-441xx/CVE-2024-44163.json) (`2025-03-18T21:15:29.770`)
- [CVE-2024-57581](CVE-2024/CVE-2024-575xx/CVE-2024-57581.json) (`2025-03-18T19:15:47.037`) - [CVE-2024-44911](CVE-2024/CVE-2024-449xx/CVE-2024-44911.json) (`2025-03-18T21:15:29.927`)
- [CVE-2024-57655](CVE-2024/CVE-2024-576xx/CVE-2024-57655.json) (`2025-03-18T19:15:47.213`) - [CVE-2024-46558](CVE-2024/CVE-2024-465xx/CVE-2024-46558.json) (`2025-03-18T21:15:30.077`)
- [CVE-2024-57721](CVE-2024/CVE-2024-577xx/CVE-2024-57721.json) (`2025-03-18T20:15:24.810`) - [CVE-2024-46566](CVE-2024/CVE-2024-465xx/CVE-2024-46566.json) (`2025-03-18T21:15:30.230`)
- [CVE-2024-7527](CVE-2024/CVE-2024-75xx/CVE-2024-7527.json) (`2025-03-18T19:15:47.403`) - [CVE-2024-47222](CVE-2024/CVE-2024-472xx/CVE-2024-47222.json) (`2025-03-18T21:15:30.377`)
- [CVE-2024-7713](CVE-2024/CVE-2024-77xx/CVE-2024-7713.json) (`2025-03-18T20:15:24.980`) - [CVE-2024-47891](CVE-2024/CVE-2024-478xx/CVE-2024-47891.json) (`2025-03-18T21:15:30.533`)
- [CVE-2024-9398](CVE-2024/CVE-2024-93xx/CVE-2024-9398.json) (`2025-03-18T20:15:25.150`) - [CVE-2024-48126](CVE-2024/CVE-2024-481xx/CVE-2024-48126.json) (`2025-03-18T21:15:30.690`)
- [CVE-2025-0436](CVE-2025/CVE-2025-04xx/CVE-2025-0436.json) (`2025-03-18T20:15:25.330`) - [CVE-2024-51122](CVE-2024/CVE-2024-511xx/CVE-2024-51122.json) (`2025-03-18T21:15:30.977`)
- [CVE-2025-20633](CVE-2025/CVE-2025-206xx/CVE-2025-20633.json) (`2025-03-18T19:15:47.673`) - [CVE-2024-54530](CVE-2024/CVE-2024-545xx/CVE-2024-54530.json) (`2025-03-18T21:15:31.120`)
- [CVE-2025-21532](CVE-2025/CVE-2025-215xx/CVE-2025-21532.json) (`2025-03-18T20:15:25.563`) - [CVE-2024-55456](CVE-2024/CVE-2024-554xx/CVE-2024-55456.json) (`2025-03-18T21:15:31.267`)
- [CVE-2025-21547](CVE-2025/CVE-2025-215xx/CVE-2025-21547.json) (`2025-03-18T19:15:47.860`) - [CVE-2024-57076](CVE-2024/CVE-2024-570xx/CVE-2024-57076.json) (`2025-03-18T21:15:31.397`)
- [CVE-2025-22918](CVE-2025/CVE-2025-229xx/CVE-2025-22918.json) (`2025-03-18T19:15:48.183`) - [CVE-2024-57079](CVE-2024/CVE-2024-570xx/CVE-2024-57079.json) (`2025-03-18T21:15:31.540`)
- [CVE-2025-24115](CVE-2025/CVE-2025-241xx/CVE-2025-24115.json) (`2025-03-18T19:15:48.330`) - [CVE-2024-57348](CVE-2024/CVE-2024-573xx/CVE-2024-57348.json) (`2025-03-18T21:15:31.757`)
- [CVE-2025-24130](CVE-2025/CVE-2025-241xx/CVE-2025-24130.json) (`2025-03-18T19:15:48.507`) - [CVE-2024-57673](CVE-2024/CVE-2024-576xx/CVE-2024-57673.json) (`2025-03-18T21:15:31.887`)
- [CVE-2025-24146](CVE-2025/CVE-2025-241xx/CVE-2025-24146.json) (`2025-03-18T19:15:48.683`) - [CVE-2024-57723](CVE-2024/CVE-2024-577xx/CVE-2024-57723.json) (`2025-03-18T21:15:32.023`)
- [CVE-2025-24154](CVE-2025/CVE-2025-241xx/CVE-2025-24154.json) (`2025-03-18T20:15:25.680`) - [CVE-2024-57768](CVE-2024/CVE-2024-577xx/CVE-2024-57768.json) (`2025-03-18T21:15:32.153`)
- [CVE-2025-24163](CVE-2025/CVE-2025-241xx/CVE-2025-24163.json) (`2025-03-18T20:15:25.850`) - [CVE-2024-6610](CVE-2024/CVE-2024-66xx/CVE-2024-6610.json) (`2025-03-18T21:15:32.297`)
- [CVE-2025-26410](CVE-2025/CVE-2025-264xx/CVE-2025-26410.json) (`2025-03-18T19:15:50.450`) - [CVE-2024-8900](CVE-2024/CVE-2024-89xx/CVE-2024-8900.json) (`2025-03-18T21:15:32.470`)
- [CVE-2025-28867](CVE-2025/CVE-2025-288xx/CVE-2025-28867.json) (`2025-03-18T20:43:40.300`) - [CVE-2025-0440](CVE-2025/CVE-2025-04xx/CVE-2025-0440.json) (`2025-03-18T21:15:32.617`)
- [CVE-2025-28870](CVE-2025/CVE-2025-288xx/CVE-2025-28870.json) (`2025-03-18T20:29:41.383`) - [CVE-2025-30066](CVE-2025/CVE-2025-300xx/CVE-2025-30066.json) (`2025-03-18T22:15:11.947`)
## Download and Usage ## Download and Usage

411
_state.csv
View File

File diff suppressed because it is too large Load Diff