admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-09T03:00:19.873769+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-09 03:03:50 +00:00
parent c0f327ad6c
commit 6a206bf025
2538 changed files with 59031 additions and 7129 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CVE-2012/CVE-2012-03xx/CVE-2012-0391.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2012-01-08T15:55:01.217",
"lastModified": "2025-02-10T21:15:09.680",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2013/CVE-2013-07xx/CVE-2013-0744.json
View File

@ -12,7 +12,7 @@
},
{
"lang": "es",
"value": "Vulnerabilidad de liberaci\u00f3n despu\u00e9s de uso en la funci\u00f3n TableBackgroundPainter::TableBackgroundData::Destroy en Mozilla Firefox anterior a 18.0, Firefox ESR 10.x anterior a 10.0.12 y 17.x anterior a 17.0.2, Thunderbird anterior a 17.0.2, Thunderbird ESR 10.x anterior a 10.0.12 y 17.x anterior a 17.0.2, y SeaMonkey anterior a 2.15, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria din\u00e1mica) a trav\u00e9s de un documento HTML con una tabla que contiene multitud de columnas y grupos de estas."
"value": "Vulnerabilidad de uso despu\u00e9s de liberar memoria en la funci\u00f3n TableBackgroundPainter::TableBackgroundData::Destroy en Mozilla Firefox anterior a 18.0, Firefox ESR 10.x anterior a 10.0.12 y 17.x anterior a 17.0.2, Thunderbird anterior a 17.0.2, Thunderbird ESR 10.x anterior a 10.0.12 y 17.x anterior a 17.0.2, y SeaMonkey anterior a 2.15, permitir\u00eda a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria din\u00e1mica) a trav\u00e9s de un documento HTML con una tabla que contiene multitud de columnas y grupos de estas."
}
],
"metrics": {

2
CVE-2017/CVE-2017-30xx/CVE-2017-3066.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@adobe.com",
"published": "2017-04-27T14:59:00.233",
"lastModified": "2025-02-25T02:00:02.097",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2018/CVE-2018-118xx/CVE-2018-11816.json
View File

@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",

2
CVE-2018/CVE-2018-199xx/CVE-2018-19943.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2020-10-28T18:15:12.520",
"lastModified": "2024-11-21T03:58:51.453",
"vulnStatus": "Modified",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

2
CVE-2018/CVE-2018-199xx/CVE-2018-19949.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2020-10-28T18:15:12.647",
"lastModified": "2025-02-06T21:15:12.333",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2018/CVE-2018-199xx/CVE-2018-19953.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2020-10-28T18:15:12.740",
"lastModified": "2025-02-06T21:15:12.550",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2018/CVE-2018-23xx/CVE-2018-2380.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cna@sap.com",
"published": "2018-03-01T17:29:00.413",
"lastModified": "2025-01-29T21:15:08.910",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

42
CVE-2018/CVE-2018-86xx/CVE-2018-8639.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "secure@microsoft.com",
"published": "2018-12-12T00:29:01.840",
"lastModified": "2025-03-04T02:00:01.987",
"vulnStatus": "Modified",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,8 @@
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
@ -36,15 +36,13 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
@ -121,33 +119,33 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0"
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
"matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64"
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
"matchCriteriaId": "AEE2E768-0F45-46E1-B6D7-087917109D98"
"criteria": "cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DD582C-1660-4E6E-81A1-537BD1307A99"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
"matchCriteriaId": "83B14968-3985-43C3-ACE5-8307196EFAE3"
"criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC160B20-3EA0-49A0-A857-4E7A1C2D74E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB85C75-4D35-480E-843D-60579EC75FCB"
"criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00345596-E9E0-4096-8DC6-0212F4747A13"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"matchCriteriaId": "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1"
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E332666-2E03-468E-BC30-299816D6E8ED"
},
{
"vulnerable": true,

4
CVE-2019/CVE-2019-18xx/CVE-2019-1815.json
View File

@ -9,6 +9,10 @@
{
"lang": "en",
"value": "A security vulnerability was discovered in the local status page functionality of Cisco Meraki\u2019s MX67 and MX68 security appliance models that may allow unauthenticated individuals to access and download logs containing sensitive, privileged device information. The vulnerability is due to improper access control to the files holding debugging and maintenance information, and is only exploitable when the local status page is enabled on the device. An attacker exploiting this vulnerability may obtain access to wireless pre-shared keys, Site-to-Site VPN key and other sensitive information. Under certain circumstances, this information may allow an attacker to obtain administrative-level access to the device."
},
{
"lang": "es",
"value": "Se descubri\u00f3 una vulnerabilidad de seguridad en la funcionalidad de la p\u00e1gina de estado local de los modelos de dispositivos de seguridad MX67 y MX68 de Cisco Meraki que puede permitir que personas no autenticadas accedan y descarguen registros que contienen informaci\u00f3n confidencial y privilegiada del dispositivo. La vulnerabilidad se debe a un control de acceso inadecuado a los archivos que contienen informaci\u00f3n de depuraci\u00f3n y mantenimiento, y solo se puede explotar cuando la p\u00e1gina de estado local est\u00e1 habilitada en el dispositivo. Un atacante que aproveche esta vulnerabilidad puede obtener acceso a claves precompartidas inal\u00e1mbricas, claves de VPN de sitio a sitio y otra informaci\u00f3n confidencial. En determinadas circunstancias, esta informaci\u00f3n puede permitir que un atacante obtenga acceso de nivel administrativo al dispositivo."
}
],
"metrics": {

2
CVE-2019/CVE-2019-201xx/CVE-2019-20171.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2019-12-31T00:15:13.307",
"lastModified": "2025-03-07T14:24:42.067",
"vulnStatus": "Analyzed",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2019/CVE-2019-202xx/CVE-2019-20208.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2020-01-02T14:16:36.363",
"lastModified": "2025-03-07T14:24:42.067",
"vulnStatus": "Analyzed",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2019/CVE-2019-74xx/CVE-2019-7481.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2019-12-17T23:15:14.923",
"lastModified": "2025-02-06T20:15:33.540",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2019/CVE-2019-74xx/CVE-2019-7483.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2019-12-19T01:15:10.803",
"lastModified": "2025-02-06T20:15:33.757",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2020/CVE-2020-118xx/CVE-2020-11862.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "security@opentext.com",
"published": "2024-03-13T22:15:07.517",
"lastModified": "2024-11-21T04:58:46.520",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2020/CVE-2020-119xx/CVE-2020-11978.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-11978",
"sourceIdentifier": "security@apache.org",
"published": "2020-07-17T00:15:10.337",
"lastModified": "2025-02-06T21:15:14.453",
"vulnStatus": "Modified",
"lastModified": "2025-03-06T19:48:51.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2020/CVE-2020-139xx/CVE-2020-13927.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-13927",
"sourceIdentifier": "security@apache.org",
"published": "2020-11-10T16:15:11.807",
"lastModified": "2024-11-21T05:02:09.853",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-06T19:48:51.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2020/CVE-2020-234xx/CVE-2020-23438.json
View File

@ -9,6 +9,10 @@
{
"lang": "en",
"value": "Wondershare filmora 9.2.11 is affected by Trojan Dll hijacking leading to privilege escalation."
},
{
"lang": "es",
"value": "Wondershare Filmora 9.2.11 se ve afectado por el secuestro de Dll de Trojan, lo que conduce a una escalada de privilegios."
}
],
"metrics": {},

18
CVE-2020/CVE-2020-248xx/CVE-2020-24829.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2021-08-04T21:15:08.077",
"lastModified": "2025-03-05T23:15:13.040",
"vulnStatus": "Modified",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -85,8 +85,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93EEFCFD-7417-40E6-84BF-4EA630F2A8A1"
"criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.5.2",
"versionEndIncluding": "0.8.0",
"matchCriteriaId": "F43ACAFD-35AA-4E48-9EAE-D451DDCEB625"
}
]
}
@ -96,11 +98,17 @@
"references": [
{
"url": "https://github.com/gpac/gpac/blob/v0.5.2/src/media_tools/mpegts.c#L2204",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/gpac/gpac/commit/8c5e847185d74462d674ee7d28fb46c29dae6dd2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/gpac/gpac/issues/1422",

2
CVE-2020/CVE-2020-279xx/CVE-2020-27950.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "product-security@apple.com",
"published": "2020-12-08T21:15:13.967",
"lastModified": "2025-02-28T14:44:48.713",
"vulnStatus": "Undergoing Analysis",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2020/CVE-2020-289xx/CVE-2020-28949.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-28949",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-11-19T19:15:11.937",
"lastModified": "2025-02-07T14:15:47.757",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-07T17:12:53.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

2
CVE-2020/CVE-2020-28xx/CVE-2020-2883.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2020-04-15T14:15:33.513",
"lastModified": "2025-01-08T02:00:01.937",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2020/CVE-2020-31xx/CVE-2020-3122.json
View File

@ -9,6 +9,10 @@
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to obtain sensitive network information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco AsyncOS para Cisco Content Security Management Appliance (SMA) podr\u00eda permitir que un atacante remoto no autenticado obtenga informaci\u00f3n confidencial de la red."
}
],
"metrics": {

2
CVE-2020/CVE-2020-62xx/CVE-2020-6207.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cna@sap.com",
"published": "2020-03-10T21:15:14.793",
"lastModified": "2025-01-29T21:15:10.157",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-16xx/CVE-2021-1675.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-1675",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-06-08T23:15:08.267",
"lastModified": "2024-11-21T05:44:52.153",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-07T17:12:53.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-219xx/CVE-2021-21975.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "security@vmware.com",
"published": "2021-03-31T18:15:14.597",
"lastModified": "2025-01-29T18:15:39.043",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

7
CVE-2021/CVE-2021-238xx/CVE-2021-23820.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "report@snyk.io",
"published": "2021-11-03T18:15:08.287",
"lastModified": "2024-11-21T05:51:54.017",
"vulnStatus": "Modified",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -105,8 +105,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jsonpointer_project:jsonpointer:-:*:*:*:*:node.js:*:*",
"matchCriteriaId": "022D6B15-C334-4816-B768-08157B45EFF1"
"criteria": "cpe:2.3:a:manuelstofer:json-pointer:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "0.6.2",
"matchCriteriaId": "EE5D54EA-6AE7-49E6-A061-3E7B0AB430A2"
}
]
}

4
CVE-2021/CVE-2021-275xx/CVE-2021-27561.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-27561",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-10-15T18:15:07.490",
"lastModified": "2025-02-04T20:15:41.637",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-07T17:12:53.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-287xx/CVE-2021-28799.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2021-05-13T03:15:06.843",
"lastModified": "2024-11-21T06:00:13.537",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

13
CVE-2021/CVE-2021-300xx/CVE-2021-30014.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2021-04-19T20:15:14.363",
"lastModified": "2025-03-05T23:15:13.217",
"vulnStatus": "Modified",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -85,8 +85,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "82DD2D40-0A05-48FD-940D-32B4D8B51AB3"
"criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.9.0",
"versionEndIncluding": "1.0.1",
"matchCriteriaId": "D002A87F-B63B-4BD4-88AE-6CC56716D387"
}
]
}
@ -96,7 +98,10 @@
"references": [
{
"url": "https://github.com/gpac/gpac/blob/v0.9.0-preview/src/media_tools/av_parsers.c#L6731",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/gpac/gpac/commit/51cdb67ff7c5f1242ac58c5aa603ceaf1793b788",

13
CVE-2021/CVE-2021-300xx/CVE-2021-30022.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2021-04-19T20:15:14.647",
"lastModified": "2025-03-05T23:15:13.390",
"vulnStatus": "Modified",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -85,8 +85,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "82DD2D40-0A05-48FD-940D-32B4D8B51AB3"
"criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.5.2",
"versionEndIncluding": "1.0.1",
"matchCriteriaId": "1EA72C5E-2E4C-4A00-B736-3994DA7C73C3"
}
]
}
@ -96,7 +98,10 @@
"references": [
{
"url": "https://github.com/gpac/gpac/blob/v0.5.2/src/media_tools/av_parsers.c#L2344",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/gpac/gpac/commit/51cdb67ff7c5f1242ac58c5aa603ceaf1793b788",

8
CVE-2021/CVE-2021-308xx/CVE-2021-30883.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-30883",
"sourceIdentifier": "product-security@apple.com",
"published": "2021-08-24T19:15:16.403",
"lastModified": "2025-01-29T18:15:42.520",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-06T19:48:51.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -119,9 +119,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.8.1",
"matchCriteriaId": "A9DB9916-6DA1-4A32-86A2-AD8DC5246709"
"matchCriteriaId": "DD8D9814-E083-498D-BAC3-6E8FD1A259B7"
},
{
"vulnerable": true,

4
CVE-2021/CVE-2021-310xx/CVE-2021-31010.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31010",
"sourceIdentifier": "product-security@apple.com",
"published": "2021-08-24T19:15:24.967",
"lastModified": "2025-01-29T18:15:43.220",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-06T19:48:51.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-311xx/CVE-2021-31196.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31196",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-07-14T18:15:09.463",
"lastModified": "2024-11-21T06:05:17.070",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-07T17:12:53.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-311xx/CVE-2021-31199.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31199",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-06-08T23:15:08.360",
"lastModified": "2024-11-21T06:05:17.340",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-07T17:12:53.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-319xx/CVE-2021-31937.json
View File

@ -15,7 +15,7 @@
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",

2
CVE-2021/CVE-2021-319xx/CVE-2021-31982.json
View File

@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",

6
CVE-2021/CVE-2021-345xx/CVE-2021-34523.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-34523",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-07-14T18:15:12.347",
"lastModified": "2024-11-21T06:10:35.977",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-07T17:12:53.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -95,7 +95,7 @@
"description": [
{
"lang": "en",
"value": "CWE-287"
"value": "NVD-CWE-noinfo"
}
]
}

93
CVE-2021/CVE-2021-350xx/CVE-2021-35001.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-35001",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-07T23:15:14.120",
"lastModified": "2024-11-21T06:11:40.547",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-05T18:25:53.837",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,22 +73,81 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bmc:track-it\\!:20.19.01:*:*:*:*:*:*:*",
"matchCriteriaId": "74E8F32E-A350-4EF5-ACD2-CF001101F474"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bmc:track-it\\!:20.19.02:*:*:*:*:*:*:*",
"matchCriteriaId": "9F31ED78-C6B7-4BB4-AB79-F7AE38546BBA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bmc:track-it\\!:20.19.03:*:*:*:*:*:*:*",
"matchCriteriaId": "80B5F6EB-E001-4D1F-8428-99AF9DC3D4B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bmc:track-it\\!:20.20.01:*:*:*:*:*:*:*",
"matchCriteriaId": "8D2C30FF-FF7C-4F8C-ACB8-A3BC3CFE1EAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bmc:track-it\\!:20.20.02:*:*:*:*:*:*:*",
"matchCriteriaId": "9F8B4BD9-9197-49C7-9E1D-EEA831E0CCF5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bmc:track-it\\!:20.20.03:*:*:*:*:*:*:*",
"matchCriteriaId": "DFA184EF-A951-4E16-B11B-EE7A6456D974"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bmc:track-it\\!:20.21.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5A0E5F78-3CA7-4E92-B714-09E2FCC51DB7"
}
]
}
]
}
],
"references": [
{
"url": "https://community.bmc.com/s/article/Security-vulnerabilities-patched-in-Track-It",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-001/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://community.bmc.com/s/article/Security-vulnerabilities-patched-in-Track-It",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-001/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

93
CVE-2021/CVE-2021-350xx/CVE-2021-35002.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-35002",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-07T23:15:14.313",
"lastModified": "2024-11-21T06:11:40.673",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-05T18:25:53.837",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -51,22 +73,81 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bmc:track-it\\!:20.19.01:*:*:*:*:*:*:*",
"matchCriteriaId": "74E8F32E-A350-4EF5-ACD2-CF001101F474"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bmc:track-it\\!:20.19.02:*:*:*:*:*:*:*",
"matchCriteriaId": "9F31ED78-C6B7-4BB4-AB79-F7AE38546BBA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bmc:track-it\\!:20.19.03:*:*:*:*:*:*:*",
"matchCriteriaId": "80B5F6EB-E001-4D1F-8428-99AF9DC3D4B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bmc:track-it\\!:20.20.01:*:*:*:*:*:*:*",
"matchCriteriaId": "8D2C30FF-FF7C-4F8C-ACB8-A3BC3CFE1EAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bmc:track-it\\!:20.20.02:*:*:*:*:*:*:*",
"matchCriteriaId": "9F8B4BD9-9197-49C7-9E1D-EEA831E0CCF5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bmc:track-it\\!:20.20.03:*:*:*:*:*:*:*",
"matchCriteriaId": "DFA184EF-A951-4E16-B11B-EE7A6456D974"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bmc:track-it\\!:20.21.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5A0E5F78-3CA7-4E92-B714-09E2FCC51DB7"
}
]
}
]
}
],
"references": [
{
"url": "https://community.bmc.com/s/article/Security-vulnerabilities-patched-in-Track-It",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-002/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://community.bmc.com/s/article/Security-vulnerabilities-patched-in-Track-It",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-002/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

2
CVE-2021/CVE-2021-355xx/CVE-2021-35587.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2022-01-19T12:15:09.727",
"lastModified": "2024-11-21T06:12:35.493",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-363xx/CVE-2021-36380.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-36380",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-08-13T16:15:07.607",
"lastModified": "2024-11-21T06:13:38.640",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-07T17:12:53.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-369xx/CVE-2021-36942.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-36942",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-08-12T18:15:10.000",
"lastModified": "2024-11-21T06:14:21.103",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-07T17:12:53.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-369xx/CVE-2021-36948.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-36948",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-08-12T18:15:10.190",
"lastModified": "2024-11-21T06:14:21.747",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-07T17:12:53.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-369xx/CVE-2021-36955.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-36955",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-09-15T12:15:13.197",
"lastModified": "2024-11-21T06:14:22.520",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-07T17:12:53.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-379xx/CVE-2021-37973.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-37973",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2021-10-08T22:15:08.287",
"lastModified": "2025-02-03T14:15:32.667",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-06T19:48:51.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-386xx/CVE-2021-38645.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-38645",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-09-15T12:15:14.967",
"lastModified": "2024-11-21T06:17:48.213",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-07T17:12:53.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

30
CVE-2021/CVE-2021-405xx/CVE-2021-40574.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2022-01-13T19:15:08.317",
"lastModified": "2025-03-05T23:15:13.557",
"vulnStatus": "Modified",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -85,8 +85,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "82DD2D40-0A05-48FD-940D-32B4D8B51AB3"
"criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.9.0",
"versionEndIncluding": "1.0.1",
"matchCriteriaId": "D002A87F-B63B-4BD4-88AE-6CC56716D387"
}
]
}
@ -96,11 +98,17 @@
"references": [
{
"url": "https://github.com/gpac/gpac/blob/v0.9.0-preview/src/filters/load_text.c#L232",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/gpac/gpac/blob/v0.9.0-preview/src/filters/load_text.c#L304",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/gpac/gpac/commit/30ac5e5236b790accd1f25347eebf2dc8c6c1bcb",
@ -121,7 +129,11 @@
},
{
"url": "https://www.debian.org/security/2023/dsa-5411",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/gpac/gpac/commit/30ac5e5236b790accd1f25347eebf2dc8c6c1bcb",
@ -142,7 +154,11 @@
},
{
"url": "https://www.debian.org/security/2023/dsa-5411",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

4
CVE-2021/CVE-2021-417xx/CVE-2021-41719.json
View File

@ -9,6 +9,10 @@
{
"lang": "en",
"value": "Maharashtra State Electricity Distribution Company Limited Mahavitran IOS Application 16.1 application till version 16.1 communicates using the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the browser's history, referrers, web logs, and other sources."
},
{
"lang": "es",
"value": "Maharashtra State Electricity Distribution Company Limited Mahavitran IOS Application 16.1 la aplicaci\u00f3n hasta la versi\u00f3n 16.1 se comunica utilizando el m\u00e9todo GET para procesar solicitudes que contienen informaci\u00f3n confidencial como el nombre de la cuenta de usuario y la contrase\u00f1a, que pueden exponer dicha informaci\u00f3n a trav\u00e9s del historial del navegador, referentes, registros web y otras fuentes."
}
],
"metrics": {},

4
CVE-2021/CVE-2021-442xx/CVE-2021-44207.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-44207",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-12-21T18:15:08.143",
"lastModified": "2024-12-24T02:00:01.823",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-07T17:12:53.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-44xx/CVE-2021-4453.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:29.820",
"lastModified": "2025-02-26T06:37:29.820",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

102
CVE-2021/CVE-2021-471xx/CVE-2021-47186.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47186",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-10T19:15:47.430",
"lastModified": "2025-02-21T17:15:10.273",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-03T17:47:59.260",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,115 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: tipc: verifique si hay valores nulos despu\u00e9s de llamar a kmemdup kmemdup puede devolver un puntero nulo, por lo que es necesario verificarlo; de lo contrario, se eliminar\u00e1 la referencia a la clave nula m\u00e1s adelante en tipc_crypto_key_xmit, como se puede ver en el seguimiento. [1]. [1] https://syzkaller.appspot.com/bug?id=bca180abb29567b189efdbdb34cbf7ba851c2a58"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.82",
"matchCriteriaId": "AE501832-500C-4EF1-9489-5C13674F619D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.5",
"matchCriteriaId": "2128A085-4C0C-4C1E-9E9C-0DD868E2170F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "357AA433-37E8-4323-BFB2-3038D6E4B414"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3e6db079751afd527bf3db32314ae938dc571916",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9404c4145542c23019a80ab1bb2ecf73cd057b10",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a7d91625863d4ffed63b993b5e6dc1298b6430c9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3e6db079751afd527bf3db32314ae938dc571916",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9404c4145542c23019a80ab1bb2ecf73cd057b10",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a7d91625863d4ffed63b993b5e6dc1298b6430c9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

89
CVE-2021/CVE-2021-471xx/CVE-2021-47188.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47188",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-10T19:15:47.527",
"lastModified": "2024-11-21T06:35:35.330",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-03T17:47:59.260",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,98 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: ufs: core: Mejorar el manejo de la interrupci\u00f3n de SCSI Se ha observado lo siguiente en una configuraci\u00f3n de prueba: ADVERTENCIA: CPU: 4 PID: 250 en drivers/scsi/ufs/ufshcd.c:2737 ufshcd_queuecommand+0x468/0x65c Rastreo de llamadas: ufshcd_queuecommand+0x468/0x65c scsi_send_eh_cmnd+0x224/0x6a0 scsi_eh_test_devices+0x248/0x418 scsi_eh_ready_devs+0xc34/0xe58 scsi_error_handler+0x204/0x80c kthread+0x150/0x1b4 ret_from_fork+0x10/0x30 Esa advertencia se activa por lo siguiente: declaraci\u00f3n: WARN_ON(lrbp->cmd); Corrija esta advertencia borrando lrbp->cmd del controlador de aborto."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.4",
"versionEndExcluding": "5.15.5",
"matchCriteriaId": "3C95FCA8-3E24-46CE-91BF-CBED93B2065C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "357AA433-37E8-4323-BFB2-3038D6E4B414"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3ff1f6b6ba6f97f50862aa50e79959cc8ddc2566",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/c36baca06efa833adaefba61f45fefdc49b6d070",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/3ff1f6b6ba6f97f50862aa50e79959cc8ddc2566",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/c36baca06efa833adaefba61f45fefdc49b6d070",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Mailing List"
]
}
]
}

89
CVE-2021/CVE-2021-471xx/CVE-2021-47196.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47196",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-10T19:15:47.897",
"lastModified": "2024-11-21T06:35:36.543",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-03T17:47:59.260",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,98 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/core: Establecer el CQ de env\u00edo y recepci\u00f3n antes de reenviar al controlador Preestablecer los punteros CQ de env\u00edo y recepci\u00f3n antes de llamar a los controladores y sobrescribirlos m\u00e1s tarde nuevamente hasta que se vaya a cambiar mlx4 no sobrescribir las propiedades ibqp. Este cambio es necesario para mlx5, porque en caso de falla en la creaci\u00f3n de QP, ir\u00e1 a la ruta de destrucci\u00f3n de QP que depende de punteros CQ adecuados. BUG: KASAN: use-after-free in create_qp.cold+0x164/0x16e [mlx5_ib] Write of size 8 at addr ffff8880064c55c0 by task a.out/246 CPU: 0 PID: 246 Comm: a.out Not tainted 5.15.0+ #291 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 Call Trace: dump_stack_lvl+0x45/0x59 print_address_description.constprop.0+0x1f/0x140 kasan_report.cold+0x83/0xdf create_qp.cold+0x164/0x16e [mlx5_ib] mlx5_ib_create_qp+0x358/0x28a0 [mlx5_ib] create_qp.part.0+0x45b/0x6a0 [ib_core] ib_create_qp_user+0x97/0x150 [ib_core] ib_uverbs_handler_UVERBS_METHOD_QP_CREATE+0x92c/0x1250 [ib_uverbs] ib_uverbs_cmd_verbs+0x1c38/0x3150 [ib_uverbs] ib_uverbs_ioctl+0x169/0x260 [ib_uverbs] __x64_sys_ioctl+0x866/0x14d0 do_syscall_64+0x3d/0x90 entry_SYSCALL_64_after_hwframe+0x44/0xae Allocated by task 246: kasan_save_stack+0x1b/0x40 __kasan_kmalloc+0xa4/0xd0 create_qp.part.0+0x92/0x6a0 [ib_core] ib_create_qp_user+0x97/0x150 [ib_core] ib_uverbs_handler_UVERBS_METHOD_QP_CREATE+0x92c/0x1250 [ib_uverbs] ib_uverbs_cmd_verbs+0x1c38/0x3150 [ib_uverbs] ib_uverbs_ioctl+0x169/0x260 [ib_uverbs] __x64_sys_ioctl+0x866/0x14d0 do_syscall_64+0x3d/0x90 entry_SYSCALL_64_after_hwframe+0x44/0xae Freed by task 246: kasan_save_stack+0x1b/0x40 kasan_set_track+0x1c/0x30 kasan_set_free_info+0x20/0x30 __kasan_slab_free+0x10c/0x150 slab_free_freelist_hook+0xb4/0x1b0 kfree+0xe7/0x2a0 create_qp.part.0+0x52b/0x6a0 [ib_core] ib_create_qp_user+0x97/0x150 [ib_core] ib_uverbs_handler_UVERBS_METHOD_QP_CREATE+0x92c/0x1250 [ib_uverbs] ib_uverbs_cmd_verbs+0x1c38/0x3150 [ib_uverbs] ib_uverbs_ioctl+0x169/0x260 [ib_uverbs] __x64_sys_ioctl+0x866/0x14d0 do_syscall_64+0x3d/0x90 entry_SYSCALL_64_after_hwframe+0x44/0xae "
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.5",
"matchCriteriaId": "3DE5A3A1-0D1D-4E9D-82C3-064537088279"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "357AA433-37E8-4323-BFB2-3038D6E4B414"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/6cd7397d01c4a3e09757840299e4f114f0aa5fa0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/b70e072feffa0ba5c41a99b9524b9878dee7748e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/6cd7397d01c4a3e09757840299e4f114f0aa5fa0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/b70e072feffa0ba5c41a99b9524b9878dee7748e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Mailing List"
]
}
]
}

83
CVE-2021/CVE-2021-472xx/CVE-2021-47205.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47205",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-10T19:15:48.310",
"lastModified": "2024-11-21T06:35:37.577",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-03T17:47:59.260",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,92 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: sunxi-ng: Anular el registro de relojes/reinicios al desvincular Actualmente, desvincular un controlador CCU anula la asignaci\u00f3n de la regi\u00f3n MMIO del dispositivo, mientras que deja sus relojes/reinicios y sus proveedores registrados. Esto puede causar una falla de p\u00e1gina m\u00e1s adelante cuando alguna operaci\u00f3n de reloj intenta realizar MMIO. Solucione esto separando la inicializaci\u00f3n de CCU de la asignaci\u00f3n de memoria y luego usando una devoluci\u00f3n de llamada devres para anular el registro de los relojes y reinicios. Esto tambi\u00e9n corrige una p\u00e9rdida de memoria de `struct ccu_reset` y usa el propietario correcto (el controlador de plataforma espec\u00edfico) para los relojes y reinicios. Los primeros proveedores de reloj OF nunca se anulan del registro y es posible un manejo de errores limitado, por lo que en su mayor\u00eda no se modifican. El informe de errores se hace m\u00e1s consistente moviendo el mensaje dentro de of_sunxi_ccu_probe."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.5",
"matchCriteriaId": "B2845F69-264B-45BD-B7E7-D12B24338382"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/9bec2b9c6134052994115d2d3374e96f2ccb9b9d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/b5dd513daa70ee8f6d281a20bd28485ee9bb7db2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/9bec2b9c6134052994115d2d3374e96f2ccb9b9d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/b5dd513daa70ee8f6d281a20bd28485ee9bb7db2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Mailing List"
]
}
]
}

102
CVE-2021/CVE-2021-472xx/CVE-2021-47219.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47219",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-10T19:15:48.903",
"lastModified": "2024-11-21T06:35:39.137",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-03T17:47:59.260",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,115 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: scsi_debug: Corregir lectura fuera de los l\u00edmites en resp_report_tgtpgs() Se observ\u00f3 el siguiente problema al ejecutar syzkaller: ERROR: KASAN: slab-out-of-bounds en memcpy include/linux/string.h:377 [en l\u00ednea] ERROR: KASAN: slab-out-of-bounds en sg_copy_buffer+0x150/0x1c0 lib/scatterlist.c:831 Lectura de tama\u00f1o 2132 en la direcci\u00f3n ffff8880aea95dc8 por la tarea syz-executor.0/9815 CPU: 0 PID: 9815 Comm: syz-executor.0 No contaminado 4.19.202-00874-gfc0fe04215a9 #2 Nombre del hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 01/04/2014 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:77 [en l\u00ednea] dump_stack+0xe4/0x14a lib/dump_stack.c:118 print_address_description+0x73/0x280 mm/kasan/report.c:253 kasan_report_error mm/kasan/report.c:352 [en l\u00ednea] kasan_report+0x272/0x370 mm/kasan/report.c:410 memcpy+0x1f/0x50 mm/kasan/kasan.c:302 memcpy include/linux/string.h:377 [en l\u00ednea] sg_copy_buffer+0x150/0x1c0 lib/scatterlist.c:831 rellenar_desde_buffer_dev+0x14f/0x340 drivers/scsi/scsi_debug.c:1021 resp_report_tgtpgs+0x5aa/0x770 drivers/scsi/scsi_debug.c:1772 schedule_resp+0x464/0x12f0 drivers/scsi/scsi_debug.c:4429 scsi_debug_queuecommand+0x467/0x1390 drivers/scsi/scsi_debug.c:5835 scsi_dispatch_cmd+0x3fc/0x9b0 drivers/scsi/scsi_lib.c:1896 scsi_request_fn+0x1042/0x1810 drivers/scsi/scsi_lib.c:2034 __blk_run_queue_uncond bloque/blk-core.c:464 [en l\u00ednea] __blk_run_queue+0x1a4/0x380 bloque/blk-core.c:484 blk_execute_rq_nowait+0x1c2/0x2d0 bloque/blk-exec.c:78 sg_common_write.isra.19+0xd74/0x1dc0 drivers/scsi/sg.c:847 sg_write.part.23+0x6e0/0xd00 drivers/scsi/sg.c:716 sg_write+0x64/0xa0 drivers/scsi/sg.c:622 __vfs_write+0xed/0x690 fs/read_write.c:485 kill_bdev:block_device:00000000e138492c vfs_write+0x184/0x4c0 fs/read_write.c:549 ksys_write+0x107/0x240 fs/read_write.c:599 do_syscall_64+0xc2/0x560 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe Obtenemos 'alen' del comando, su tipo es int. Si el espacio de usuario pasa una longitud grande, obtendremos un 'alen' negativo. Cambie n, alen y rlen a u32."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.82",
"matchCriteriaId": "49103CD7-A3F7-441A-AAF4-11B8B707979D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.5",
"matchCriteriaId": "2128A085-4C0C-4C1E-9E9C-0DD868E2170F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/66523553fa62c7878fc5441dc4e82be71934eb77",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/8440377e1a5644779b4c8d013aa2a917f5fc83c3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/f347c26836c270199de1599c3cd466bb7747caa9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/66523553fa62c7878fc5441dc4e82be71934eb77",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/8440377e1a5644779b4c8d013aa2a917f5fc83c3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/f347c26836c270199de1599c3cd466bb7747caa9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Mailing List"
]
}
]
}

115
CVE-2021/CVE-2021-474xx/CVE-2021-47407.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:26.247",
"lastModified": "2024-11-21T06:36:04.980",
"vulnStatus": "Undergoing Analysis",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,130 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: KVM: x86: Manejar el error de inicializaci\u00f3n de SRCU durante el inicio del seguimiento de la p\u00e1gina. Verifique el retorno de init_srcu_struct(), que puede fallar debido a OOM, al inicializar el mecanismo de seguimiento de la p\u00e1gina. La falta de verificaci\u00f3n conduce a un puntero NULL deref encontrado por un syzkaller modificado. [Mueva la llamada hacia el principio de kvm_arch_init_vm. -Paolo]"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.71",
"matchCriteriaId": "7A97507B-D1C6-49E3-9F7E-BFCDE3EA3905"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.14.10",
"matchCriteriaId": "1A437B0D-8305-4C72-B691-D26986A126CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*",
"matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0460DA88-8FE1-46A2-9DDA-1F1ABA552E71"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4664318f73e496cd22c71b10888e75434a123e23",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/deb2949417677649e2413266d7ce8c2ff73952b4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/eb7511bf9182292ef1df1082d23039e856d1ddfb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/4664318f73e496cd22c71b10888e75434a123e23",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/deb2949417677649e2413266d7ce8c2ff73952b4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Mailing List"
]
},
{
"url": "https://git.kernel.org/stable/c/eb7511bf9182292ef1df1082d23039e856d1ddfb",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Mailing List"
]
}
]
}

2
CVE-2021/CVE-2021-476xx/CVE-2021-47631.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:04.400",
"lastModified": "2025-02-26T06:37:04.400",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47632.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:04.943",
"lastModified": "2025-02-26T06:37:04.943",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47633.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:05.060",
"lastModified": "2025-02-26T06:37:05.060",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47634.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:05.173",
"lastModified": "2025-02-27T19:15:40.623",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47635.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:05.280",
"lastModified": "2025-02-26T06:37:05.280",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47636.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:05.377",
"lastModified": "2025-02-26T06:37:05.377",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-476xx/CVE-2021-47637.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:05.477",
"lastModified": "2025-02-26T06:37:05.477",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -12,7 +12,7 @@
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ubifs: Se corrige el bloqueo en el cambio de nombre simult\u00e1neo whiteout y la escritura diferida de inodo Siguientes tareas colgadas: [ 77.028764] task:kworker/u8:4 state:D stack: 0 pid: 132 [ 77.028820] Seguimiento de llamadas: [ 77.029027] schedule+0x8c/0x1b0 [ 77.029067] mutex_lock+0x50/0x60 [ 77.029074] ubifs_write_inode+0x68/0x1f0 [ubifs] [ 77.029117] __writeback_single_inode+0x43c/0x570 [ 77.029128] writeback_sb_inodes+0x259/0x740 [ 77.029148] wb_writeback+0x107/0x4d0 [ 77.029163] wb_workfn+0x162/0x7b0 [ 92.390442] tarea:aa estado:D pila: 0 pid: 1506 [ 92.390448] Seguimiento de llamadas: [ 92.390458] schedule+0x8c/0x1b0 [ 92.390461] wb_wait_for_completion+0x82/0xd0 [ 92.390469] __writeback_inodes_sb_nr+0xb2/0x110 [ 92.390472] writeback_inodes_sb_nr+0x14/0x20 [ 92.390476] ubifs_budget_space+0x705/0xdd0 [ubifs] [ 92.390503] do_rename.cold+0x7f/0x187 [ubifs] [ 92.390549] ubifs_rename+0x8b/0x180 [ubifs] [ 92.390571] vfs_rename+0xdb2/0x1170 [ 92.390580] do_renameat2+0x554/0x770 , son causados por procesos simult\u00e1neos de whiteout de cambio de nombre y de escritura diferida de inodo: rename_whiteout(Subproceso 1) wb_workfn(Subproceso2) ubifs_rename do_rename lock_4_inodes (Mantener mutex ui) ubifs_budget_space make_free_space shrink_liability __writeback_inodes_sb_nr bdi_split_work_to_wbs (Poner en cola nuevo trabajo de wb) wb_do_writeback(trabajo de wb) __writeback_single_inode ubifs_write_inode LOCK(ui_mutex) ? wb_wait_for_completion (Esperar trabajo de wb) <-- \u00a1bloqueo! Reproductor (Programa detallado en [Enlace]): 1. SYS_renameat2(\"/mp/dir/file\", \"/mp/dir/whiteout\", RENAME_WHITEOUT) 2. Consumir todo el espacio antes de que kernel(mdelay) haga el presupuesto para whiteout Arr\u00e9glelo haciendo el presupuesto de espacio de whiteout antes de bloquear los inodos de ubifs. Por cierto, tambi\u00e9n corrige la etiqueta goto incorrecta 'out_release' en la ruta de manejo de errores del presupuesto de whiteout (al menos deber\u00eda recuperar el directorio i_size y desbloquear 4 inodos de ubifs)."
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad:\n\nubifs: Se corrige interbloqueo en concurrencia de un renombrado con whiteout simult\u00e1neo a la escritura del inodo.\n\nTareas colgadas:\n[ 77.028764] task:kworker/u8:4 state:D stack: 0 pid: 132\n[ 77.028820] Call Trace:\n[ 77.029027] schedule+0x8c/0x1b0\n[ 77.029067] mutex_lock+0x50/0x60\n[ 77.029074] ubifs_write_inode+0x68/0x1f0 [ubifs]\n[ 77.029117] __writeback_single_inode+0x43c/0x570\n[ 77.029128] writeback_sb_inodes+0x259/0x740\n[ 77.029148] wb_writeback+0x107/0x4d0\n[ 77.029163] wb_workfn+0x162/0x7b0\n\n[ 92.390442] task:aa state:D stack: 0 pid: 1506\n[ 92.390448] Call Trace:\n[ 92.390458] schedule+0x8c/0x1b0\n[ 92.390461] wb_wait_for_completion+0x82/0xd0\n[ 92.390469] __writeback_inodes_sb_nr+0xb2/0x110\n[ 92.390472] writeback_inodes_sb_nr+0x14/0x20\n[ 92.390476] ubifs_budget_space+0x705/0xdd0 [ubifs]\n[ 92.390503] do_rename.cold+0x7f/0x187 [ubifs]\n[ 92.390549] ubifs_rename+0x8b/0x180 [ubifs]\n[ 92.390571] vfs_rename+0xdb2/0x1170\n[ 92.390580] do_renameat2+0x554/0x770\n\n, ocasionado por procesos simult\u00e1neos de renombrado con whiteout y escritura del inodo:\n\trename_whiteout(Thread 1)\t wb_workfn(Thread2)\nubifs_rename\n do_rename\n lock_4_inodes (Hold ui_mutex)\n ubifs_budget_space\n make_free_space\n shrink_liability\n\t __writeback_inodes_sb_nr\n\t bdi_split_work_to_wbs (Queue new wb work)\n\t\t\t\t\t wb_do_writeback(wb work)\n\t\t\t\t\t\t__writeback_single_inode\n\t\t\t\t\t ubifs_write_inode\n\t\t\t\t\t LOCK(ui_mutex)\n\t\t\t\t\t\t\t ?\n\t wb_wait_for_completion (Wait wb work) <-- \u00a1interbloqueo!\n\nCaso de prueba:\n 1. SYS_renameat2(\"/mp/dir/file\", \"/mp/dir/whiteout\", RENAME_WHITEOUT)\n 2. Consumir todo el espacio antes de que kernel(mdelay) planifique el whiteout\n\nArreglado calculando el espacio de whiteout antes de bloquear los inodos de ubifs.\n\nTambi\u00e9n soluciona etiqueta la etiqueta goto err\u00f3nea 'out_release' en el flujo de errores\nde la planificaci\u00f3n del whiteout (al menos deber\u00eda recuperar el directorio i_size y desbloquear 4 inodos de ubifs).\n"
}
],
"metrics": {},

2
CVE-2021/CVE-2021-476xx/CVE-2021-47638.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:05.580",
"lastModified": "2025-02-26T06:37:05.580",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47639.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:05.677",
"lastModified": "2025-02-27T19:15:40.773",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47640.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:05.780",
"lastModified": "2025-02-26T06:37:05.780",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47641.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:05.883",
"lastModified": "2025-02-26T06:37:05.883",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47642.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:05.993",
"lastModified": "2025-02-26T06:37:05.993",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47643.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:06.097",
"lastModified": "2025-02-26T06:37:06.097",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47644.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:06.197",
"lastModified": "2025-02-26T06:37:06.197",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47645.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:06.293",
"lastModified": "2025-02-26T06:37:06.293",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47646.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:06.390",
"lastModified": "2025-02-27T18:15:22.093",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47647.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:06.490",
"lastModified": "2025-02-26T06:37:06.490",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47648.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:06.597",
"lastModified": "2025-02-26T06:37:06.597",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47649.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:06.687",
"lastModified": "2025-02-26T06:37:06.687",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47650.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:06.780",
"lastModified": "2025-02-26T06:37:06.780",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47651.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:06.880",
"lastModified": "2025-02-26T06:37:06.880",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47652.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:06.973",
"lastModified": "2025-02-26T06:37:06.973",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47653.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:07.080",
"lastModified": "2025-02-27T19:15:40.917",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47654.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:07.170",
"lastModified": "2025-02-26T06:37:07.170",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47655.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:07.267",
"lastModified": "2025-02-26T06:37:07.267",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47656.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:07.360",
"lastModified": "2025-02-27T18:15:23.133",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47657.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:07.467",
"lastModified": "2025-02-26T06:37:07.467",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47658.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:07.557",
"lastModified": "2025-02-26T06:37:07.557",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47659.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:07.640",
"lastModified": "2025-02-26T06:37:07.640",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2021/CVE-2021-476xx/CVE-2021-47660.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:07.733",
"lastModified": "2025-02-26T06:37:07.733",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2022/CVE-2022-214xx/CVE-2022-21445.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2022-04-19T21:15:15.907",
"lastModified": "2025-02-26T17:15:12.863",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2022/CVE-2022-220xx/CVE-2022-22047.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-22047",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:10.343",
"lastModified": "2024-11-21T06:45:59.233",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-07T17:12:53.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2022/CVE-2022-227xx/CVE-2022-22718.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-22718",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-02-09T17:15:10.280",
"lastModified": "2024-11-21T06:47:18.560",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-07T17:12:53.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

2
CVE-2022/CVE-2022-232xx/CVE-2022-23227.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2022-01-14T18:15:10.303",
"lastModified": "2025-01-03T02:00:01.953",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2022/CVE-2022-257xx/CVE-2022-25773.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "security@mautic.org",
"published": "2025-02-26T13:15:32.550",
"lastModified": "2025-02-26T13:15:32.550",
"vulnStatus": "Received",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2022/CVE-2022-262xx/CVE-2022-26258.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2022-03-28T00:15:07.813",
"lastModified": "2025-01-29T17:15:18.150",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2022/CVE-2022-279xx/CVE-2022-27924.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27924",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-04-21T00:15:08.360",
"lastModified": "2025-02-25T02:00:02.097",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-07T17:12:53.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -91,11 +91,11 @@
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-74"
"value": "CWE-77"
}
]
},

127
CVE-2022/CVE-2022-279xx/CVE-2022-27925.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27925",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-04-21T00:15:08.407",
"lastModified": "2025-02-25T02:00:02.097",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-07T17:12:53.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -119,13 +119,128 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:-:*:*:*:*:*:*",
"matchCriteriaId": "1B17C1A7-0F0A-4E7C-8C0C-0BBB0BF66C82"
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:-:*:*:*:*:*:*",
"matchCriteriaId": "9E39A855-C0EB-4448-AE96-177757C40C66"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "685D9652-2934-4C13-8B36-40582C79BFC1"
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "32AFCE22-5ADA-4FF7-A165-5EC12B325DEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "D3577FE6-F1F4-4555-8D27-84D6DE731EA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p10:*:*:*:*:*:*",
"matchCriteriaId": "931BD98E-1A5F-4634-945B-BDD7D2FAA8B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p11:*:*:*:*:*:*",
"matchCriteriaId": "2E7C0A57-A887-4D29-B601-4275313F46B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p12:*:*:*:*:*:*",
"matchCriteriaId": "B7248B91-D136-4DD5-A631-737E4C220A02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p13:*:*:*:*:*:*",
"matchCriteriaId": "494F6FD4-36ED-4E40-8336-7F077FA80FA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p14:*:*:*:*:*:*",
"matchCriteriaId": "9DF8C0CE-A71D-4BB1-83FB-1EA5ED77E0C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p15:*:*:*:*:*:*",
"matchCriteriaId": "E0648498-2EE5-4B68-8360-ED5914285356"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p16:*:*:*:*:*:*",
"matchCriteriaId": "24282FF8-548B-415B-95CA-1EFD404D21D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p17:*:*:*:*:*:*",
"matchCriteriaId": "ACFDF2D9-ED72-4969-AA3B-E8D48CB1922D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p18:*:*:*:*:*:*",
"matchCriteriaId": "2B7D0A8B-7A72-4C1A-85F2-BE336CA47E0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p19:*:*:*:*:*:*",
"matchCriteriaId": "019AFC34-289E-4A01-B08B-A5807F7F909A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "7E7B3976-DA6F-4285-93E6-2328006F7F4D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p20:*:*:*:*:*:*",
"matchCriteriaId": "062E586F-0E02-45A6-93AD-895048FC2D4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p21:*:*:*:*:*:*",
"matchCriteriaId": "3EE37BEE-4BDB-4E62-8DE3-98CF74DFBE01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p22:*:*:*:*:*:*",
"matchCriteriaId": "ADF51BCA-37DD-4642-B201-74A6D1A545FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p23:*:*:*:*:*:*",
"matchCriteriaId": "39611F3D-A898-4C35-8915-3334CDFB78E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "FA310AFA-492D-4A6C-A7F6-740E82CB6E57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "2AF337B5-B296-449B-8848-7636EC7C46C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "52232ACA-C158-48C8-A0DB-7689040CB8FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "3B4D0040-86D0-46C3-8A9A-3DD12138B9ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "D2BB9BC7-078D-4E08-88E4-9432D74CA9BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p8:*:*:*:*:*:*",
"matchCriteriaId": "F04D4B77-D386-4BC8-8169-9846693F6F11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "992370FA-F171-4FB3-9C1C-58AC37038CE4"
}
]
}

2
CVE-2022/CVE-2022-279xx/CVE-2022-27926.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2022-04-21T00:15:08.450",
"lastModified": "2025-02-25T02:00:02.097",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2022/CVE-2022-293xx/CVE-2022-29303.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2022-05-12T16:15:07.600",
"lastModified": "2025-01-29T17:15:19.637",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2022/CVE-2022-303xx/CVE-2022-30333.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2022-05-09T08:15:06.937",
"lastModified": "2025-01-29T17:15:20.117",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2022/CVE-2022-317xx/CVE-2022-31766.json
View File

@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",

2
CVE-2022/CVE-2022-359xx/CVE-2022-35914.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "cve@mitre.org",
"published": "2022-09-19T16:15:11.253",
"lastModified": "2025-01-29T17:15:21.063",
"vulnStatus": "Modified",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

Some files were not shown because too many files have changed in this diff Show More