admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-27T21:00:20.042074+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-27 21:03:52 +00:00
parent a8f03a2bf0
commit 6a31607bd7
110 changed files with 3890 additions and 592 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
CVE-2018/CVE-2018-110xx/CVE-2018-11087.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-11087", "id": "CVE-2018-11087",
"sourceIdentifier": "security_alert@emc.com", "sourceIdentifier": "security_alert@emc.com",
"published": "2018-09-14T20:29:00.417", "published": "2018-09-14T20:29:00.417",
"lastModified": "2024-11-21T03:42:39.100", "lastModified": "2025-03-27T19:56:20.387",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -16,13 +16,13 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV30": [ "cvssMetricV31": [
{ {
"source": "nvd@nist.gov", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.0", "version": "3.1",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.9, "baseScore": 5.9,
"baseSeverity": "MEDIUM", "baseSeverity": "MEDIUM",
"attackVector": "NETWORK", "attackVector": "NETWORK",
@ -109,16 +109,16 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:rabbitmq:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:vmware:rabbitmq_java_client:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.0", "versionEndExcluding": "4.8.0",
"matchCriteriaId": "76B96B99-977B-4EF7-B02B-C3EC596F8B33" "matchCriteriaId": "CAB8F295-EA89-4565-AE6B-9B8BD193459A"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:rabbitmq:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:vmware:rabbitmq_java_client:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.8.1", "versionStartIncluding": "4.8.1",
"versionEndExcluding": "5.4.0", "versionEndExcluding": "5.4.0",
"matchCriteriaId": "927F7576-0366-4EA6-B26E-8B4B438C1407" "matchCriteriaId": "C419AB2D-7C18-4F44-84A4-A4202D83AE44"
} }
] ]
} }

32
CVE-2020/CVE-2020-204xx/CVE-2020-20402.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-20402", "id": "CVE-2020-20402",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T16:15:08.730", "published": "2023-01-31T16:15:08.730",
"lastModified": "2024-11-21T05:12:03.337", "lastModified": "2025-03-27T19:15:41.530",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-287" "value": "CWE-287"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2021/CVE-2021-34xx/CVE-2021-3439.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3439", "id": "CVE-2021-3439",
"sourceIdentifier": "hp-security-alert@hp.com", "sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-02-01T07:15:08.857", "published": "2023-02-01T07:15:08.857",
"lastModified": "2024-11-21T06:21:30.860", "lastModified": "2025-03-27T19:15:42.473",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2021/CVE-2021-38xx/CVE-2021-3808.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3808", "id": "CVE-2021-3808",
"sourceIdentifier": "hp-security-alert@hp.com", "sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-02-01T07:15:09.147", "published": "2023-02-01T07:15:09.147",
"lastModified": "2024-11-21T06:22:29.710", "lastModified": "2025-03-27T19:15:43.113",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2021/CVE-2021-38xx/CVE-2021-3809.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3809", "id": "CVE-2021-3809",
"sourceIdentifier": "hp-security-alert@hp.com", "sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-02-01T07:15:09.327", "published": "2023-02-01T07:15:09.327",
"lastModified": "2024-11-21T06:22:30.087", "lastModified": "2025-03-27T19:15:43.480",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
} }
], ],
"configurations": [ "configurations": [

39
CVE-2021/CVE-2021-471xx/CVE-2021-47156.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-47156", "id": "CVE-2021-47156",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-03-18T05:15:06.260", "published": "2024-03-18T05:15:06.260",
"lastModified": "2024-11-21T06:35:30.860", "lastModified": "2025-03-27T20:15:16.147",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Undergoing Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "El m\u00f3dulo Net::IPAddress::Util anterior a 5.000 para Perl no considera adecuadamente los caracteres cero extra\u00f1os en una cadena de direcci\u00f3n IP, lo que (en algunas situaciones) permite a los atacantes eludir el control de acceso basado en direcciones IP." "value": "El m\u00f3dulo Net::IPAddress::Util anterior a 5.000 para Perl no considera adecuadamente los caracteres cero extra\u00f1os en una cadena de direcci\u00f3n IP, lo que (en algunas situaciones) permite a los atacantes eludir el control de acceso basado en direcciones IP."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1287"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/", "url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/",

39
CVE-2022/CVE-2022-12xx/CVE-2022-1242.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-1242", "id": "CVE-2022-1242",
"sourceIdentifier": "security@ubuntu.com", "sourceIdentifier": "security@ubuntu.com",
"published": "2024-06-03T19:15:09.143", "published": "2024-06-03T19:15:09.143",
"lastModified": "2024-11-21T06:40:19.713", "lastModified": "2025-03-27T20:15:16.430",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Se puede enga\u00f1ar a Apport para que se conecte a sockets arbitrarios como usuario root" "value": "Se puede enga\u00f1ar a Apport para que se conecte a sockets arbitrarios como usuario root"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://ubuntu.com/security/notices/USN-5427-1", "url": "https://ubuntu.com/security/notices/USN-5427-1",

34
CVE-2022/CVE-2022-230xx/CVE-2022-23087.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-23087", "id": "CVE-2022-23087",
"sourceIdentifier": "secteam@freebsd.org", "sourceIdentifier": "secteam@freebsd.org",
"published": "2024-02-15T05:15:09.337", "published": "2024-02-15T05:15:09.337",
"lastModified": "2024-12-09T23:24:06.143", "lastModified": "2025-03-27T20:15:16.600",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.0, "exploitabilityScore": 2.0,
"impactScore": 6.0 "impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-234xx/CVE-2022-23455.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23455", "id": "CVE-2022-23455",
"sourceIdentifier": "hp-security-alert@hp.com", "sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-02-01T07:15:10.047", "published": "2023-02-01T07:15:10.047",
"lastModified": "2024-11-21T06:48:35.510", "lastModified": "2025-03-27T19:15:43.817",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-275xx/CVE-2022-27538.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27538", "id": "CVE-2022-27538",
"sourceIdentifier": "hp-security-alert@hp.com", "sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-02-01T07:15:10.537", "published": "2023-02-01T07:15:10.537",
"lastModified": "2024-11-21T06:55:54.680", "lastModified": "2025-03-27T19:15:44.003",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 1.0, "exploitabilityScore": 1.0,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-367" "value": "CWE-367"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-304xx/CVE-2022-30421.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30421", "id": "CVE-2022-30421",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T01:15:11.497", "published": "2023-01-31T01:15:11.497",
"lastModified": "2024-11-21T07:02:44.473", "lastModified": "2025-03-27T19:15:44.737",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-287" "value": "CWE-287"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-329xx/CVE-2022-32984.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32984", "id": "CVE-2022-32984",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T22:15:08.000", "published": "2023-01-31T22:15:08.000",
"lastModified": "2024-11-21T07:07:21.393", "lastModified": "2025-03-27T19:15:44.950",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
} }
], ],
"configurations": [ "configurations": [

14
CVE-2022/CVE-2022-370xx/CVE-2022-37019.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-37019", "id": "CVE-2022-37019",
"sourceIdentifier": "hp-security-alert@hp.com", "sourceIdentifier": "hp-security-alert@hp.com",
"published": "2024-06-10T23:15:49.413", "published": "2024-06-10T23:15:49.413",
"lastModified": "2024-11-21T07:14:17.740", "lastModified": "2025-03-27T20:15:16.800",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -39,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.hp.com/us-en/document/ish_10737430-10737454-16/hpsbhf03943", "url": "https://support.hp.com/us-en/document/ish_10737430-10737454-16/hpsbhf03943",

22
CVE-2022/CVE-2022-43xx/CVE-2022-4395.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4395", "id": "CVE-2022-4395",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:10.623", "published": "2023-01-30T21:15:10.623",
"lastModified": "2024-12-02T19:15:06.587", "lastModified": "2025-03-27T20:15:17.083",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },

32
CVE-2022/CVE-2022-451xx/CVE-2022-45172.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45172", "id": "CVE-2022-45172",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T18:15:09.423", "published": "2023-01-31T18:15:09.423",
"lastModified": "2024-11-21T07:28:53.677", "lastModified": "2025-03-27T19:15:45.440",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-863" "value": "CWE-863"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-452xx/CVE-2022-45297.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45297", "id": "CVE-2022-45297",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T22:15:08.140", "published": "2023-01-31T22:15:08.140",
"lastModified": "2024-11-21T07:29:01.610", "lastModified": "2025-03-27T19:15:45.603",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-89" "value": "CWE-89"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-454xx/CVE-2022-45494.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45494", "id": "CVE-2022-45494",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T22:15:08.200", "published": "2023-01-31T22:15:08.200",
"lastModified": "2024-11-21T07:29:20.453", "lastModified": "2025-03-27T19:15:45.827",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-455xx/CVE-2022-45598.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45598", "id": "CVE-2022-45598",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T16:15:09.053", "published": "2023-01-31T16:15:09.053",
"lastModified": "2024-11-21T07:29:28.403", "lastModified": "2025-03-27T19:15:45.993",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2022/CVE-2022-45xx/CVE-2022-4552.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4552", "id": "CVE-2022-4552",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:11.017", "published": "2023-01-30T21:15:11.017",
"lastModified": "2024-11-21T07:35:28.523", "lastModified": "2025-03-27T20:15:17.350",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,9 +36,41 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [ "configurations": [
{ {
"nodes": [ "nodes": [

22
CVE-2022/CVE-2022-45xx/CVE-2022-4553.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4553", "id": "CVE-2022-4553",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:11.197", "published": "2023-01-30T21:15:11.197",
"lastModified": "2024-11-21T07:35:28.657", "lastModified": "2025-03-27T20:15:17.530",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
} }
] ]
}, },

34
CVE-2022/CVE-2022-46xx/CVE-2022-4667.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4667", "id": "CVE-2022-4667",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:11.683", "published": "2023-01-30T21:15:11.683",
"lastModified": "2024-11-21T07:35:41.983", "lastModified": "2025-03-27T19:15:46.710",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,9 +36,41 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [ "configurations": [
{ {
"nodes": [ "nodes": [

22
CVE-2022/CVE-2022-46xx/CVE-2022-4680.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4680", "id": "CVE-2022-4680",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:11.830", "published": "2023-01-30T21:15:11.830",
"lastModified": "2024-11-21T07:35:43.380", "lastModified": "2025-03-27T20:15:17.680",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.2, "exploitabilityScore": 1.2,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
} }
] ]
}, },

34
CVE-2022/CVE-2022-46xx/CVE-2022-4699.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4699", "id": "CVE-2022-4699",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:11.907", "published": "2023-01-30T21:15:11.907",
"lastModified": "2024-11-21T07:35:45.567", "lastModified": "2025-03-27T20:15:17.840",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,9 +36,41 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [ "configurations": [
{ {
"nodes": [ "nodes": [

32
CVE-2022/CVE-2022-470xx/CVE-2022-47035.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47035", "id": "CVE-2022-47035",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T16:15:09.103", "published": "2023-01-31T16:15:09.103",
"lastModified": "2024-11-21T07:31:26.027", "lastModified": "2025-03-27T19:15:46.220",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-120" "value": "CWE-120"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-476xx/CVE-2022-47697.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47697", "id": "CVE-2022-47697",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T18:15:09.510", "published": "2023-01-31T18:15:09.510",
"lastModified": "2024-11-21T07:32:21.110", "lastModified": "2025-03-27T19:15:46.397",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-640"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-476xx/CVE-2022-47698.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47698", "id": "CVE-2022-47698",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T18:15:09.583", "published": "2023-01-31T18:15:09.583",
"lastModified": "2024-11-21T07:32:21.257", "lastModified": "2025-03-27T19:15:46.560",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2022/CVE-2022-47xx/CVE-2022-4749.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4749", "id": "CVE-2022-4749",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:11.977", "published": "2023-01-30T21:15:11.977",
"lastModified": "2024-11-21T07:35:52.063", "lastModified": "2025-03-27T20:15:18.010",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,9 +36,41 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [ "configurations": [
{ {
"nodes": [ "nodes": [

34
CVE-2022/CVE-2022-47xx/CVE-2022-4765.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4765", "id": "CVE-2022-4765",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:12.120", "published": "2023-01-30T21:15:12.120",
"lastModified": "2024-11-21T07:35:53.820", "lastModified": "2025-03-27T20:15:18.177",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,9 +36,41 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [ "configurations": [
{ {
"nodes": [ "nodes": [

32
CVE-2022/CVE-2022-47xx/CVE-2022-4787.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4787", "id": "CVE-2022-4787",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:12.333", "published": "2023-01-30T21:15:12.333",
"lastModified": "2024-11-21T07:35:56.513", "lastModified": "2025-03-27T20:15:18.343",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

22
CVE-2022/CVE-2022-47xx/CVE-2022-4792.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4792", "id": "CVE-2022-4792",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:12.403", "published": "2023-01-30T21:15:12.403",
"lastModified": "2024-11-21T07:35:57.080", "lastModified": "2025-03-27T20:15:18.517",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2022/CVE-2022-48xx/CVE-2022-4834.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4834", "id": "CVE-2022-4834",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:12.767", "published": "2023-01-30T21:15:12.767",
"lastModified": "2024-11-21T07:36:02.330", "lastModified": "2025-03-27T20:15:18.677",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2022/CVE-2022-48xx/CVE-2022-4835.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4835", "id": "CVE-2022-4835",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:12.837", "published": "2023-01-30T21:15:12.837",
"lastModified": "2024-11-21T07:36:02.473", "lastModified": "2025-03-27T20:15:18.847",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

34
CVE-2022/CVE-2022-48xx/CVE-2022-4837.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4837", "id": "CVE-2022-4837",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:12.907", "published": "2023-01-30T21:15:12.907",
"lastModified": "2024-11-21T07:36:02.690", "lastModified": "2025-03-27T20:15:19.003",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,9 +36,41 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [ "configurations": [
{ {
"nodes": [ "nodes": [

22
CVE-2022/CVE-2022-48xx/CVE-2022-4872.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4872", "id": "CVE-2022-4872",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:12.980", "published": "2023-01-30T21:15:12.980",
"lastModified": "2024-11-21T07:36:06.757", "lastModified": "2025-03-27T20:15:19.160",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
} }
] ]
}, },

22
CVE-2023/CVE-2023-00xx/CVE-2023-0071.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0071", "id": "CVE-2023-0071",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:13.127", "published": "2023-01-30T21:15:13.127",
"lastModified": "2024-11-21T07:36:29.953", "lastModified": "2025-03-27T20:15:19.327",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2023/CVE-2023-00xx/CVE-2023-0074.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0074", "id": "CVE-2023-0074",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:13.197", "published": "2023-01-30T21:15:13.197",
"lastModified": "2024-11-21T07:36:30.253", "lastModified": "2025-03-27T20:15:19.490",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

34
CVE-2023/CVE-2023-00xx/CVE-2023-0097.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0097", "id": "CVE-2023-0097",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:13.270", "published": "2023-01-30T21:15:13.270",
"lastModified": "2024-11-21T07:36:32.857", "lastModified": "2025-03-27T20:15:19.650",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,9 +36,41 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [ "configurations": [
{ {
"nodes": [ "nodes": [

32
CVE-2023/CVE-2023-240xx/CVE-2023-24060.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24060", "id": "CVE-2023-24060",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-27T04:15:07.997", "published": "2023-01-27T04:15:07.997",
"lastModified": "2024-11-21T07:47:21.273", "lastModified": "2025-03-27T19:15:46.877",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.1, "exploitabilityScore": 3.1,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-918" "value": "CWE-918"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-244xx/CVE-2023-24495.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24495", "id": "CVE-2023-24495",
"sourceIdentifier": "vulnreport@tenable.com", "sourceIdentifier": "vulnreport@tenable.com",
"published": "2023-01-26T21:18:19.583", "published": "2023-01-26T21:18:19.583",
"lastModified": "2024-11-21T07:47:58.673", "lastModified": "2025-03-27T20:15:19.880",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-918" "value": "CWE-918"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
} }
], ],
"configurations": [ "configurations": [

39
CVE-2023/CVE-2023-335xx/CVE-2023-33548.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33548", "id": "CVE-2023-33548",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-06T21:15:48.197", "published": "2024-05-06T21:15:48.197",
"lastModified": "2024-11-21T08:05:42.010", "lastModified": "2025-03-27T19:15:47.060",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Vulnerabilidad de Cross Site Scripting (XSS) en ASUS RT-AC51U con versiones de firmware hasta 3.0.0.4.380.8591 incluida permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s del campo WPA Pre-Shared Key." "value": "Vulnerabilidad de Cross Site Scripting (XSS) en ASUS RT-AC51U con versiones de firmware hasta 3.0.0.4.380.8591 incluida permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s del campo WPA Pre-Shared Key."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/Idaht/ASUS_RT-AC51U_CVE/blob/main/XSS%20-%20WPA%20Pre-Shared%20Key", "url": "https://github.com/Idaht/ASUS_RT-AC51U_CVE/blob/main/XSS%20-%20WPA%20Pre-Shared%20Key",

39
CVE-2023/CVE-2023-392xx/CVE-2023-39223.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-39223", "id": "CVE-2023-39223",
"sourceIdentifier": "vultures@jpcert.or.jp", "sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-03-18T01:15:48.280", "published": "2024-03-18T01:15:48.280",
"lastModified": "2024-11-21T08:14:56.873", "lastModified": "2025-03-27T20:15:20.060",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Existe una vulnerabilidad de cross-site scripting almacenadas en los CGI incluidos en los productos PMailServer/PMailServer2 de AKI Software. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web de un usuario que haya iniciado sesi\u00f3n." "value": "Existe una vulnerabilidad de cross-site scripting almacenadas en los CGI incluidos en los productos PMailServer/PMailServer2 de AKI Software. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web de un usuario que haya iniciado sesi\u00f3n."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://akisoftware.com/Vulnerability202301.html", "url": "https://akisoftware.com/Vulnerability202301.html",

32
CVE-2023/CVE-2023-452xx/CVE-2023-45207.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-45207", "id": "CVE-2023-45207",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-02-13T16:15:08.313", "published": "2024-02-13T16:15:08.313",
"lastModified": "2024-11-21T08:26:33.227", "lastModified": "2025-03-27T20:15:20.233",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

39
CVE-2023/CVE-2023-455xx/CVE-2023-45552.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-45552", "id": "CVE-2023-45552",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-04-03T17:15:47.330", "published": "2024-04-03T17:15:47.330",
"lastModified": "2024-11-21T08:26:57.280", "lastModified": "2025-03-27T19:15:47.350",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "En VeridiumID anterior a 3.5.0, se descubri\u00f3 una vulnerabilidad de Cross Site Scripting (XSS) almacenado en el portal de administraci\u00f3n que permite a un atacante autenticado hacerse cargo de todas las cuentas enviando entradas maliciosas a trav\u00e9s del portal de autoservicio." "value": "En VeridiumID anterior a 3.5.0, se descubri\u00f3 una vulnerabilidad de Cross Site Scripting (XSS) almacenado en el portal de administraci\u00f3n que permite a un atacante autenticado hacerse cargo de todas las cuentas enviando entradas maliciosas a trav\u00e9s del portal de autoservicio."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://docs.veridiumid.com/docs/v3.5/security-advisory#id-%28v3.52%29SecurityAdvisory-Acknowledgement", "url": "https://docs.veridiumid.com/docs/v3.5/security-advisory#id-%28v3.52%29SecurityAdvisory-Acknowledgement",

14
CVE-2023/CVE-2023-460xx/CVE-2023-46060.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-46060", "id": "CVE-2023-46060",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-04-17T16:15:07.333", "published": "2024-04-17T16:15:07.333",
"lastModified": "2024-11-21T08:27:49.870", "lastModified": "2025-03-27T20:15:20.477",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -39,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/peris-navince/founded-0-days/blob/main/Tenda/ac500/fromSetVlanInfo/1.md", "url": "https://github.com/peris-navince/founded-0-days/blob/main/Tenda/ac500/fromSetVlanInfo/1.md",

24
CVE-2023/CVE-2023-503xx/CVE-2023-50380.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-50380", "id": "CVE-2023-50380",
"sourceIdentifier": "security@apache.org", "sourceIdentifier": "security@apache.org",
"published": "2024-02-27T17:15:11.300", "published": "2024-02-27T17:15:11.300",
"lastModified": "2025-02-13T18:15:50.970", "lastModified": "2025-03-27T20:15:20.650",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,13 +36,33 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
} }
] ]
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security@apache.org", "source": "security@apache.org",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",

34
CVE-2023/CVE-2023-523xx/CVE-2023-52373.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52373", "id": "CVE-2023-52373",
"sourceIdentifier": "psirt@huawei.com", "sourceIdentifier": "psirt@huawei.com",
"published": "2024-02-18T04:15:08.007", "published": "2024-02-18T04:15:08.007",
"lastModified": "2024-12-06T20:05:03.750", "lastModified": "2025-03-27T20:15:20.857",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-281" "value": "CWE-281"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-281"
}
]
} }
], ],
"configurations": [ "configurations": [

8
CVE-2024/CVE-2024-01xx/CVE-2024-0149.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-0149", "id": "CVE-2024-0149",
"sourceIdentifier": "psirt@nvidia.com", "sourceIdentifier": "psirt@nvidia.com",
"published": "2025-01-28T04:15:09.733", "published": "2025-01-28T04:15:09.733",
"lastModified": "2025-01-28T04:15:09.733", "lastModified": "2025-03-27T20:15:21.053",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -42,7 +42,7 @@
"weaknesses": [ "weaknesses": [
{ {
"source": "psirt@nvidia.com", "source": "psirt@nvidia.com",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -55,6 +55,10 @@
{ {
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5614", "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5614",
"source": "psirt@nvidia.com" "source": "psirt@nvidia.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/27/7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
} }
] ]
} }

38
CVE-2024/CVE-2024-15xx/CVE-2024-1550.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1550", "id": "CVE-2024-1550",
"sourceIdentifier": "security@mozilla.org", "sourceIdentifier": "security@mozilla.org",
"published": "2024-02-20T14:15:08.733", "published": "2024-02-20T14:15:08.733",
"lastModified": "2024-12-10T15:30:13.977", "lastModified": "2025-03-27T20:15:21.197",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-1021" "value": "CWE-1021"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
]
} }
], ],
"configurations": [ "configurations": [
@ -115,6 +145,7 @@
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html",
"source": "security@mozilla.org", "source": "security@mozilla.org",
"tags": [ "tags": [
"Mailing List",
"Vendor Advisory" "Vendor Advisory"
] ]
}, },
@ -157,7 +188,8 @@
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html",
"source": "af854a3a-2127-422b-91ae-364da2661108", "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [ "tags": [
"Mailing List" "Mailing List",
"Vendor Advisory"
] ]
}, },
{ {

34
CVE-2024/CVE-2024-16xx/CVE-2024-1671.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1671", "id": "CVE-2024-1671",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-02-21T04:15:08.257", "published": "2024-02-21T04:15:08.257",
"lastModified": "2024-12-06T14:28:01.590", "lastModified": "2025-03-27T20:15:21.390",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-693"
}
]
} }
], ],
"configurations": [ "configurations": [

14
CVE-2024/CVE-2024-222xx/CVE-2024-22252.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22252", "id": "CVE-2024-22252",
"sourceIdentifier": "security@vmware.com", "sourceIdentifier": "security@vmware.com",
"published": "2024-03-05T18:15:47.713", "published": "2024-03-05T18:15:47.713",
"lastModified": "2025-02-26T16:47:30.710", "lastModified": "2025-03-27T20:15:21.593",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -69,6 +69,16 @@
"value": "CWE-416" "value": "CWE-416"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
} }
], ],
"configurations": [ "configurations": [

14
CVE-2024/CVE-2024-222xx/CVE-2024-22275.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-22275", "id": "CVE-2024-22275",
"sourceIdentifier": "security@vmware.com", "sourceIdentifier": "security@vmware.com",
"published": "2024-05-21T18:15:09.383", "published": "2024-05-21T18:15:09.383",
"lastModified": "2024-11-21T08:55:56.660", "lastModified": "2025-03-27T20:15:21.773",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -39,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308", "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308",

22
CVE-2024/CVE-2024-232xx/CVE-2024-23236.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23236", "id": "CVE-2024-23236",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-05-14T14:58:48.170", "published": "2024-05-14T14:58:48.170",
"lastModified": "2024-12-09T19:30:08.453", "lastModified": "2025-03-27T20:15:21.923",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -42,19 +42,19 @@
"type": "Secondary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 6.2, "baseScore": 5.5,
"baseSeverity": "MEDIUM", "baseSeverity": "MEDIUM",
"attackVector": "LOCAL", "attackVector": "LOCAL",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
"userInteraction": "NONE", "userInteraction": "REQUIRED",
"scope": "UNCHANGED", "scope": "UNCHANGED",
"confidentialityImpact": "HIGH", "confidentialityImpact": "HIGH",
"integrityImpact": "NONE", "integrityImpact": "NONE",
"availabilityImpact": "NONE" "availabilityImpact": "NONE"
}, },
"exploitabilityScore": 2.5, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
} }
] ]
@ -69,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
} }
], ],
"configurations": [ "configurations": [

12
CVE-2024/CVE-2024-232xx/CVE-2024-23270.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23270", "id": "CVE-2024-23270",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-03-08T02:15:49.320", "published": "2024-03-08T02:15:49.320",
"lastModified": "2024-11-21T08:57:21.540", "lastModified": "2025-03-27T20:15:22.150",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -69,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

42
CVE-2024/CVE-2024-236xx/CVE-2024-23604.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23604", "id": "CVE-2024-23604",
"sourceIdentifier": "vultures@jpcert.or.jp", "sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-03-18T08:15:06.233", "published": "2024-03-18T08:15:06.233",
"lastModified": "2025-03-04T18:28:45.060", "lastModified": "2025-03-27T20:15:23.137",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,12 +36,42 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "nvd@nist.gov", "source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary", "type": "Secondary",
"description": [ "description": [
{ {
@ -73,8 +103,8 @@
"url": "http://fitnesse.org/FitNesseDownload", "url": "http://fitnesse.org/FitNesseDownload",
"source": "vultures@jpcert.or.jp", "source": "vultures@jpcert.or.jp",
"tags": [ "tags": [
"Release Notes", "Product",
"Product" "Release Notes"
] ]
}, },
{ {
@ -102,8 +132,8 @@
"url": "http://fitnesse.org/FitNesseDownload", "url": "http://fitnesse.org/FitNesseDownload",
"source": "af854a3a-2127-422b-91ae-364da2661108", "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [ "tags": [
"Release Notes", "Product",
"Product" "Release Notes"
] ]
}, },
{ {

34
CVE-2024/CVE-2024-241xx/CVE-2024-24105.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24105", "id": "CVE-2024-24105",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-03-13T21:15:58.870", "published": "2024-03-13T21:15:58.870",
"lastModified": "2025-03-10T15:02:25.377", "lastModified": "2025-03-27T20:15:23.327",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-89" "value": "CWE-89"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2024/CVE-2024-241xx/CVE-2024-24146.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24146", "id": "CVE-2024-24146",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-02-29T01:44:11.657", "published": "2024-02-29T01:44:11.657",
"lastModified": "2024-11-21T08:58:58.690", "lastModified": "2025-03-27T20:15:23.520",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-401" "value": "CWE-401"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
} }
], ],
"configurations": [ "configurations": [

39
CVE-2024/CVE-2024-242xx/CVE-2024-24272.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24272", "id": "CVE-2024-24272",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-03-21T22:15:10.850", "published": "2024-03-21T22:15:10.850",
"lastModified": "2024-11-21T08:59:05.650", "lastModified": "2025-03-27T20:15:23.717",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Un problema en iTop DualSafe Password Manager & Digital Vault anterior a 1.4.24 permite a un atacante local obtener informaci\u00f3n confidencial a trav\u00e9s de credenciales filtradas como texto plano en un archivo de registro al que puede acceder el usuario local sin conocer el secreto maestro." "value": "Un problema en iTop DualSafe Password Manager & Digital Vault anterior a 1.4.24 permite a un atacante local obtener informaci\u00f3n confidencial a trav\u00e9s de credenciales filtradas como texto plano en un archivo de registro al que puede acceder el usuario local sin conocer el secreto maestro."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://research.hisolutions.com/2024/03/cve-2024-24272-dualsafe-password-manager-leaks-credentials/", "url": "https://research.hisolutions.com/2024/03/cve-2024-24272-dualsafe-password-manager-leaks-credentials/",

14
CVE-2024/CVE-2024-250xx/CVE-2024-25021.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-25021", "id": "CVE-2024-25021",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-02-22T12:15:46.270", "published": "2024-02-22T12:15:46.270",
"lastModified": "2024-11-21T09:00:08.427", "lastModified": "2025-03-27T19:15:47.593",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -39,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-114"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/281320", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/281320",

32
CVE-2024/CVE-2024-252xx/CVE-2024-25217.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-25217", "id": "CVE-2024-25217",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-02-14T15:15:09.323", "published": "2024-02-14T15:15:09.323",
"lastModified": "2024-11-21T09:00:29.037", "lastModified": "2025-03-27T20:15:23.887",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-89" "value": "CWE-89"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-252xx/CVE-2024-25249.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25249", "id": "CVE-2024-25249",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-02-21T20:15:46.670", "published": "2024-02-21T20:15:46.670",
"lastModified": "2025-02-12T16:44:43.817", "lastModified": "2025-03-27T20:15:24.083",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
} }
], ],
"configurations": [ "configurations": [

39
CVE-2024/CVE-2024-257xx/CVE-2024-25742.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-25742", "id": "CVE-2024-25742",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-17T22:15:07.227", "published": "2024-05-17T22:15:07.227",
"lastModified": "2024-11-21T09:01:19.287", "lastModified": "2025-03-27T20:15:24.310",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": " En el kernel de Linux anterior a 6.9, un hipervisor que no es de confianza puede inyectar la interrupci\u00f3n virtual 29 (#VC) en cualquier momento y puede activar su controlador. Esto afecta a AMD SEV-SNP y AMD SEV-ES." "value": " En el kernel de Linux anterior a 6.9, un hipervisor que no es de confianza puede inyectar la interrupci\u00f3n virtual 29 (#VC) en cualquier momento y puede activar su controlador. Esto afecta a AMD SEV-SNP y AMD SEV-ES."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.0,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-828"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.9", "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.9",

24
CVE-2024/CVE-2024-263xx/CVE-2024-26308.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26308", "id": "CVE-2024-26308",
"sourceIdentifier": "security@apache.org", "sourceIdentifier": "security@apache.org",
"published": "2024-02-19T09:15:38.277", "published": "2024-02-19T09:15:38.277",
"lastModified": "2025-02-13T18:17:19.247", "lastModified": "2025-03-27T20:15:24.547",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,13 +36,33 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security@apache.org", "source": "security@apache.org",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",

34
CVE-2024/CVE-2024-264xx/CVE-2024-26475.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26475", "id": "CVE-2024-26475",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-03-14T22:15:22.490", "published": "2024-03-14T22:15:22.490",
"lastModified": "2025-01-23T19:19:58.217", "lastModified": "2025-03-27T20:15:24.743",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-476" "value": "CWE-476"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
} }
], ],
"configurations": [ "configurations": [

127
CVE-2024/CVE-2024-268xx/CVE-2024-26822.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26822", "id": "CVE-2024-26822",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T10:15:08.977", "published": "2024-04-17T10:15:08.977",
"lastModified": "2024-11-21T09:03:08.987", "lastModified": "2025-03-27T20:43:09.927",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,31 +15,140 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: configure el id, uid y cruid correctos para montajes autom\u00e1ticos multiusuario Cuando no se especifican uid, gid y cruid, debemos configurarlos din\u00e1micamente en el contexto del sistema de archivos utilizado para el montaje autom\u00e1tico, de lo contrario terminar\u00e1n reutilizando los valores del montaje principal." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: configure el id, uid y cruid correctos para montajes autom\u00e1ticos multiusuario Cuando no se especifican uid, gid y cruid, debemos configurarlos din\u00e1micamente en el contexto del sistema de archivos utilizado para el montaje autom\u00e1tico, de lo contrario terminar\u00e1n reutilizando los valores del montaje principal."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.18",
"matchCriteriaId": "BD961E49-FEDA-47CF-BF23-4D2BD942B4E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.6",
"matchCriteriaId": "C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15.124:*:*:*:*:*:*:*",
"matchCriteriaId": "3645B06F-218B-42CB-88DD-48F9EDC76940"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1.54:*:*:*:*:*:*:*",
"matchCriteriaId": "99E7BF45-E0E8-4413-9C8F-D592CF7C9F0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/4508ec17357094e2075f334948393ddedbb75157", "url": "https://git.kernel.org/stable/c/4508ec17357094e2075f334948393ddedbb75157",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/7590ba9057c6d74c66f3b909a383ec47cd2f27fb", "url": "https://git.kernel.org/stable/c/7590ba9057c6d74c66f3b909a383ec47cd2f27fb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/c2aa2718cda2d56b4a551cb40043e9abc9684626", "url": "https://git.kernel.org/stable/c/c2aa2718cda2d56b4a551cb40043e9abc9684626",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/4508ec17357094e2075f334948393ddedbb75157", "url": "https://git.kernel.org/stable/c/4508ec17357094e2075f334948393ddedbb75157",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/7590ba9057c6d74c66f3b909a383ec47cd2f27fb", "url": "https://git.kernel.org/stable/c/7590ba9057c6d74c66f3b909a383ec47cd2f27fb",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/c2aa2718cda2d56b4a551cb40043e9abc9684626", "url": "https://git.kernel.org/stable/c/c2aa2718cda2d56b4a551cb40043e9abc9684626",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
} }
] ]
} }

117
CVE-2024/CVE-2024-268xx/CVE-2024-26823.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26823", "id": "CVE-2024-26823",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T10:15:09.027", "published": "2024-04-17T10:15:09.027",
"lastModified": "2024-11-21T09:03:09.103", "lastModified": "2025-03-27T20:53:54.630",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,31 +15,130 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: irqchip/gic-v3-its: restaurar el sondeo de peculiaridades para sistemas basados en ACPI Al refactorizar la forma en que se sondean los ITS, se perdi\u00f3 el manejo de peculiaridades aplicables a plataformas basadas en ACPI. Como resultado, sistemas como HIP07 pierden su funcionalidad GICv4 y es posible que algunos otros incluso no arranquen, a menos que est\u00e9n configurados para arrancar con DT. Mueva la habilitaci\u00f3n de peculiaridades a its_probe_one(), haci\u00e9ndola com\u00fan a todas las implementaciones de firmware." "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: irqchip/gic-v3-its: restaurar el sondeo de peculiaridades para sistemas basados en ACPI Al refactorizar la forma en que se sondean los ITS, se perdi\u00f3 el manejo de peculiaridades aplicables a plataformas basadas en ACPI. Como resultado, sistemas como HIP07 pierden su funcionalidad GICv4 y es posible que algunos otros incluso no arranquen, a menos que est\u00e9n configurados para arrancar con DT. Mueva la habilitaci\u00f3n de peculiaridades a its_probe_one(), haci\u00e9ndola com\u00fan a todas las implementaciones de firmware."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.18",
"matchCriteriaId": "8ED485BB-BF8B-4D25-809B-B538663EA8D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.6",
"matchCriteriaId": "C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/4c60c611441f1f1e5de8e00e98ee5a4970778a00", "url": "https://git.kernel.org/stable/c/4c60c611441f1f1e5de8e00e98ee5a4970778a00",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/8b02da04ad978827e5ccd675acf170198f747a7a", "url": "https://git.kernel.org/stable/c/8b02da04ad978827e5ccd675acf170198f747a7a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/91a80fff3eeed928b6fba21271f6a9719b22a5d8", "url": "https://git.kernel.org/stable/c/91a80fff3eeed928b6fba21271f6a9719b22a5d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/4c60c611441f1f1e5de8e00e98ee5a4970778a00", "url": "https://git.kernel.org/stable/c/4c60c611441f1f1e5de8e00e98ee5a4970778a00",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/8b02da04ad978827e5ccd675acf170198f747a7a", "url": "https://git.kernel.org/stable/c/8b02da04ad978827e5ccd675acf170198f747a7a",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/91a80fff3eeed928b6fba21271f6a9719b22a5d8", "url": "https://git.kernel.org/stable/c/91a80fff3eeed928b6fba21271f6a9719b22a5d8",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
} }
] ]
} }

112
CVE-2024/CVE-2024-268xx/CVE-2024-26824.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26824", "id": "CVE-2024-26824",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T10:15:09.087", "published": "2024-04-17T10:15:09.087",
"lastModified": "2024-11-21T09:03:09.220", "lastModified": "2025-03-27T20:56:14.840",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,31 +15,125 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: crypto: algif_hash - Eliminar SGL falso libre en ruta de error de longitud cero Cuando algif_hash codifica un mensaje de longitud cero y se activa un error, intenta liberar una lista de SG que nunca fue asignado en primer lugar. Solucione este problema al no liberar la lista SG en la ruta de error de longitud cero." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: crypto: algif_hash - Eliminar SGL falso libre en ruta de error de longitud cero Cuando algif_hash codifica un mensaje de longitud cero y se activa un error, intenta liberar una lista de SG que nunca fue asignado en primer lugar. Solucione este problema al no liberar la lista SG en la ruta de error de longitud cero."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.5",
"versionEndExcluding": "6.6.18",
"matchCriteriaId": "66A88832-B39F-48D0-BFA1-F660E52CE523"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.6",
"matchCriteriaId": "C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/24c890dd712f6345e382256cae8c97abb0406b70", "url": "https://git.kernel.org/stable/c/24c890dd712f6345e382256cae8c97abb0406b70",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/775f3c1882a493168e08fdb8cde0865c8f3a8a29", "url": "https://git.kernel.org/stable/c/775f3c1882a493168e08fdb8cde0865c8f3a8a29",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/9c82920359b7c1eddaf72069bcfe0ffddf088cd0", "url": "https://git.kernel.org/stable/c/9c82920359b7c1eddaf72069bcfe0ffddf088cd0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/24c890dd712f6345e382256cae8c97abb0406b70", "url": "https://git.kernel.org/stable/c/24c890dd712f6345e382256cae8c97abb0406b70",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/775f3c1882a493168e08fdb8cde0865c8f3a8a29", "url": "https://git.kernel.org/stable/c/775f3c1882a493168e08fdb8cde0865c8f3a8a29",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/9c82920359b7c1eddaf72069bcfe0ffddf088cd0", "url": "https://git.kernel.org/stable/c/9c82920359b7c1eddaf72069bcfe0ffddf088cd0",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
} }
] ]
} }

217
CVE-2024/CVE-2024-268xx/CVE-2024-26825.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26825", "id": "CVE-2024-26825",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T10:15:09.130", "published": "2024-04-17T10:15:09.130",
"lastModified": "2024-11-21T09:03:09.337", "lastModified": "2025-03-27T20:56:39.283",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,79 +15,254 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nfc: nci: rx_data_reassembly skb gratuito en la limpieza del dispositivo NCI rx_data_reassembly skb se almacena durante el intercambio de datos NCI para procesar paquetes fragmentados. Se elimina solo cuando se procesa el \u00faltimo fragmento o cuando se recibe un paquete NTF con el c\u00f3digo de operaci\u00f3n NCI_OP_RF_DEACTIVATE_NTF. Sin embargo, el dispositivo NCI puede desasignarse antes de lo que provoca una fuga de skb. Como por dise\u00f1o el skb rx_data_reassembly est\u00e1 vinculado al dispositivo NCI y nada impide que el dispositivo se libere antes de que el skb se procese y limpie de alguna manera, lib\u00e9relo en la limpieza del dispositivo NCI. Encontrado por el Centro de verificaci\u00f3n de Linux (linuxtesting.org) con Syzkaller." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nfc: nci: rx_data_reassembly skb gratuito en la limpieza del dispositivo NCI rx_data_reassembly skb se almacena durante el intercambio de datos NCI para procesar paquetes fragmentados. Se elimina solo cuando se procesa el \u00faltimo fragmento o cuando se recibe un paquete NTF con el c\u00f3digo de operaci\u00f3n NCI_OP_RF_DEACTIVATE_NTF. Sin embargo, el dispositivo NCI puede desasignarse antes de lo que provoca una fuga de skb. Como por dise\u00f1o el skb rx_data_reassembly est\u00e1 vinculado al dispositivo NCI y nada impide que el dispositivo se libere antes de que el skb se procese y limpie de alguna manera, lib\u00e9relo en la limpieza del dispositivo NCI. Encontrado por el Centro de verificaci\u00f3n de Linux (linuxtesting.org) con Syzkaller."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-459"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.2",
"versionEndExcluding": "4.19.307",
"matchCriteriaId": "5BAC9C53-B6FE-4F76-989F-0864760C4E09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.269",
"matchCriteriaId": "319545F3-D56C-4751-BEBF-0505478BBAE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.210",
"matchCriteriaId": "F5CB4CA6-A9A0-4AFD-9102-8CF94D708170"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.149",
"matchCriteriaId": "0D0465BB-4053-4E15-9137-6696EBAE90FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.79",
"matchCriteriaId": "656E2F29-1779-4EFC-AA64-8F984E2885B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.18",
"matchCriteriaId": "BD961E49-FEDA-47CF-BF23-4D2BD942B4E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.6",
"matchCriteriaId": "C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/16d3f507b0fa70453dc54550df093d6e9ac630c1", "url": "https://git.kernel.org/stable/c/16d3f507b0fa70453dc54550df093d6e9ac630c1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/2f6d16f0520d6505241629ee2f5c131b547d5f9d", "url": "https://git.kernel.org/stable/c/2f6d16f0520d6505241629ee2f5c131b547d5f9d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/471c9ede8061357b43a116fa692e70d91941ac23", "url": "https://git.kernel.org/stable/c/471c9ede8061357b43a116fa692e70d91941ac23",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/5c0c5ffaed73cbae6c317374dc32ba6cacc60895", "url": "https://git.kernel.org/stable/c/5c0c5ffaed73cbae6c317374dc32ba6cacc60895",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/71349abe3aba7fedcab5b3fcd7aa82371fb5ccbf", "url": "https://git.kernel.org/stable/c/71349abe3aba7fedcab5b3fcd7aa82371fb5ccbf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/7e9a8498658b398bf11b8e388005fa54e40aed81", "url": "https://git.kernel.org/stable/c/7e9a8498658b398bf11b8e388005fa54e40aed81",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/a3d90fb5c23f29ba59c04005ae76c5228cef2be9", "url": "https://git.kernel.org/stable/c/a3d90fb5c23f29ba59c04005ae76c5228cef2be9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/bfb007aebe6bff451f7f3a4be19f4f286d0d5d9c", "url": "https://git.kernel.org/stable/c/bfb007aebe6bff451f7f3a4be19f4f286d0d5d9c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/16d3f507b0fa70453dc54550df093d6e9ac630c1", "url": "https://git.kernel.org/stable/c/16d3f507b0fa70453dc54550df093d6e9ac630c1",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/2f6d16f0520d6505241629ee2f5c131b547d5f9d", "url": "https://git.kernel.org/stable/c/2f6d16f0520d6505241629ee2f5c131b547d5f9d",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/471c9ede8061357b43a116fa692e70d91941ac23", "url": "https://git.kernel.org/stable/c/471c9ede8061357b43a116fa692e70d91941ac23",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/5c0c5ffaed73cbae6c317374dc32ba6cacc60895", "url": "https://git.kernel.org/stable/c/5c0c5ffaed73cbae6c317374dc32ba6cacc60895",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/71349abe3aba7fedcab5b3fcd7aa82371fb5ccbf", "url": "https://git.kernel.org/stable/c/71349abe3aba7fedcab5b3fcd7aa82371fb5ccbf",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/7e9a8498658b398bf11b8e388005fa54e40aed81", "url": "https://git.kernel.org/stable/c/7e9a8498658b398bf11b8e388005fa54e40aed81",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/a3d90fb5c23f29ba59c04005ae76c5228cef2be9", "url": "https://git.kernel.org/stable/c/a3d90fb5c23f29ba59c04005ae76c5228cef2be9",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/bfb007aebe6bff451f7f3a4be19f4f286d0d5d9c", "url": "https://git.kernel.org/stable/c/bfb007aebe6bff451f7f3a4be19f4f286d0d5d9c",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}, },
{ {
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
} }
] ]
} }

141
CVE-2024/CVE-2024-268xx/CVE-2024-26826.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26826", "id": "CVE-2024-26826",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T10:15:09.183", "published": "2024-04-17T10:15:09.183",
"lastModified": "2024-11-21T09:03:09.463", "lastModified": "2025-03-27T20:57:04.587",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,47 +15,162 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mptcp: corrige la reinyecci\u00f3n de datos desde un subflujo obsoleto Cuando MPTCP PM detecta que un subflujo est\u00e1 obsoleto, todo el programador de paquetes debe reinyectar todos los datos no codificados del nivel mptcp. Para evitar adquirir bloqueos innecesarios, primero intenta verificar si hay datos no bloqueados presentes en la cola RTX, pero dicha verificaci\u00f3n actualmente no funciona, ya que utiliza un asistente espec\u00edfico de TCP en un socket MPTCP. Curiosamente, los fuzzers y los comprobadores est\u00e1ticos est\u00e1n contentos, ya que la memoria a la que se accede todav\u00eda pertenece a la estructura mptcp_sock, e incluso desde una perspectiva funcional la recuperaci\u00f3n se complet\u00f3 con \u00e9xito, ya que la prueba de acceso directo siempre fallaba. Un cambio reciente de TCP no relacionado (commit d5fed5addb2b (\"tcp: reorganizar las variables de ruta r\u00e1pida de tcp_sock\")) expuso el problema, ya que la reorganizaci\u00f3n del campo tcp hace que el c\u00f3digo mptcp siempre omita la reinecci\u00f3n. Solucione el problema eliminando la llamada falsa: estamos en un camino lento, la optimizaci\u00f3n inicial demostr\u00f3 una vez m\u00e1s ser mala." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mptcp: corrige la reinyecci\u00f3n de datos desde un subflujo obsoleto Cuando MPTCP PM detecta que un subflujo est\u00e1 obsoleto, todo el programador de paquetes debe reinyectar todos los datos no codificados del nivel mptcp. Para evitar adquirir bloqueos innecesarios, primero intenta verificar si hay datos no bloqueados presentes en la cola RTX, pero dicha verificaci\u00f3n actualmente no funciona, ya que utiliza un asistente espec\u00edfico de TCP en un socket MPTCP. Curiosamente, los fuzzers y los comprobadores est\u00e1ticos est\u00e1n contentos, ya que la memoria a la que se accede todav\u00eda pertenece a la estructura mptcp_sock, e incluso desde una perspectiva funcional la recuperaci\u00f3n se complet\u00f3 con \u00e9xito, ya que la prueba de acceso directo siempre fallaba. Un cambio reciente de TCP no relacionado (commit d5fed5addb2b (\"tcp: reorganizar las variables de ruta r\u00e1pida de tcp_sock\")) expuso el problema, ya que la reorganizaci\u00f3n del campo tcp hace que el c\u00f3digo mptcp siempre omita la reinecci\u00f3n. Solucione el problema eliminando la llamada falsa: estamos en un camino lento, la optimizaci\u00f3n inicial demostr\u00f3 una vez m\u00e1s ser mala."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.149",
"matchCriteriaId": "5DAC8D7B-7B93-476C-86C0-E4A247061C4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.79",
"matchCriteriaId": "656E2F29-1779-4EFC-AA64-8F984E2885B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.18",
"matchCriteriaId": "BD961E49-FEDA-47CF-BF23-4D2BD942B4E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.6",
"matchCriteriaId": "C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/624902eab7abcb8731b333ec73f206d38d839cd8", "url": "https://git.kernel.org/stable/c/624902eab7abcb8731b333ec73f206d38d839cd8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/6673d9f1c2cd984390550dbdf7d5ae07b20abbf8", "url": "https://git.kernel.org/stable/c/6673d9f1c2cd984390550dbdf7d5ae07b20abbf8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/6f95120f898b40d13fd441225ef511307853c9c2", "url": "https://git.kernel.org/stable/c/6f95120f898b40d13fd441225ef511307853c9c2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/b609c783c535493aa3fca22c7e40a120370b1ca5", "url": "https://git.kernel.org/stable/c/b609c783c535493aa3fca22c7e40a120370b1ca5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/b6c620dc43ccb4e802894e54b651cf81495e9598", "url": "https://git.kernel.org/stable/c/b6c620dc43ccb4e802894e54b651cf81495e9598",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/624902eab7abcb8731b333ec73f206d38d839cd8", "url": "https://git.kernel.org/stable/c/624902eab7abcb8731b333ec73f206d38d839cd8",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/6673d9f1c2cd984390550dbdf7d5ae07b20abbf8", "url": "https://git.kernel.org/stable/c/6673d9f1c2cd984390550dbdf7d5ae07b20abbf8",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/6f95120f898b40d13fd441225ef511307853c9c2", "url": "https://git.kernel.org/stable/c/6f95120f898b40d13fd441225ef511307853c9c2",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/b609c783c535493aa3fca22c7e40a120370b1ca5", "url": "https://git.kernel.org/stable/c/b609c783c535493aa3fca22c7e40a120370b1ca5",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/b6c620dc43ccb4e802894e54b651cf81495e9598", "url": "https://git.kernel.org/stable/c/b6c620dc43ccb4e802894e54b651cf81495e9598",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
} }
] ]
} }

34
CVE-2024/CVE-2024-272xx/CVE-2024-27229.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27229", "id": "CVE-2024-27229",
"sourceIdentifier": "dsap-vuln-management@google.com", "sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-03-11T19:15:48.873", "published": "2024-03-11T19:15:48.873",
"lastModified": "2025-02-18T13:42:04.037", "lastModified": "2025-03-27T19:15:47.743",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-476" "value": "CWE-476"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-282xx/CVE-2024-28277.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28277", "id": "CVE-2024-28277",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T15:14:18.617", "published": "2024-05-14T15:14:18.617",
"lastModified": "2025-02-11T21:39:53.903", "lastModified": "2025-03-27T20:15:24.940",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-284xx/CVE-2024-28403.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28403", "id": "CVE-2024-28403",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-03-15T16:15:08.583", "published": "2024-03-15T16:15:08.583",
"lastModified": "2025-03-10T15:23:33.017", "lastModified": "2025-03-27T20:15:25.140",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-284xx/CVE-2024-28456.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28456", "id": "CVE-2024-28456",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-03-28T23:15:46.340", "published": "2024-03-28T23:15:46.340",
"lastModified": "2025-02-27T14:06:39.447", "lastModified": "2025-03-27T20:15:25.390",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

45
CVE-2024/CVE-2024-285xx/CVE-2024-28558.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28558", "id": "CVE-2024-28558",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T19:15:09.957", "published": "2024-04-15T19:15:09.957",
"lastModified": "2024-11-21T09:06:31.070", "lastModified": "2025-03-27T20:19:53.070",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,22 +51,55 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mayurik:petrol_pump_management:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A334E610-B489-4A7C-B31A-1132B26FFF0B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/xuanluansec/vul/blob/main/vul/sql/sql-3.md", "url": "https://github.com/xuanluansec/vul/blob/main/vul/sql/sql-3.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/xuanluansec/vul/issues/3#issue-2243633522", "url": "https://github.com/xuanluansec/vul/issues/3#issue-2243633522",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/xuanluansec/vul/blob/main/vul/sql/sql-3.md", "url": "https://github.com/xuanluansec/vul/blob/main/vul/sql/sql-3.md",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/xuanluansec/vul/issues/3#issue-2243633522", "url": "https://github.com/xuanluansec/vul/issues/3#issue-2243633522",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

26
CVE-2024/CVE-2024-290xx/CVE-2024-29006.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29006", "id": "CVE-2024-29006",
"sourceIdentifier": "security@apache.org", "sourceIdentifier": "security@apache.org",
"published": "2024-04-04T08:15:06.810", "published": "2024-04-04T08:15:06.810",
"lastModified": "2025-01-24T16:19:05.217", "lastModified": "2025-03-27T20:15:25.687",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,13 +36,33 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security@apache.org", "source": "security@apache.org",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",

14
CVE-2024/CVE-2024-293xx/CVE-2024-29390.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-29390", "id": "CVE-2024-29390",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-06-20T21:15:49.583", "published": "2024-06-20T21:15:49.583",
"lastModified": "2024-11-21T09:07:59.560", "lastModified": "2025-03-27T20:15:25.893",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -39,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/CyberSentryX/CVE_Hunting/blob/main/CVE-2024-29390/README.md", "url": "https://github.com/CyberSentryX/CVE_Hunting/blob/main/CVE-2024-29390/README.md",

32
CVE-2024/CVE-2024-29xx/CVE-2024-2915.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2915", "id": "CVE-2024-2915",
"sourceIdentifier": "security@devolutions.net", "sourceIdentifier": "security@devolutions.net",
"published": "2024-03-26T16:15:14.117", "published": "2024-03-26T16:15:14.117",
"lastModified": "2024-11-21T09:10:49.697", "lastModified": "2025-03-27T19:32:07.640",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,14 +51,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.1.8.0",
"matchCriteriaId": "0E78FB63-33B2-499B-9BB1-DE3EE1767E01"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://devolutions.net/security/advisories/DEVO-2024-0005", "url": "https://devolutions.net/security/advisories/DEVO-2024-0005",
"source": "security@devolutions.net" "source": "security@devolutions.net",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://devolutions.net/security/advisories/DEVO-2024-0005", "url": "https://devolutions.net/security/advisories/DEVO-2024-0005",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-302xx/CVE-2024-30234.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30234", "id": "CVE-2024-30234",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-26T13:15:45.927", "published": "2024-03-26T13:15:45.927",
"lastModified": "2024-11-21T09:11:30.333", "lastModified": "2025-03-27T19:25:19.060",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
} }
] ]
}, },
@ -51,14 +71,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpxpo:wholesalex:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.2",
"matchCriteriaId": "6ACBA09D-B7A0-4C00-B974-6309347E893C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-1-broken-access-control-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-1-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-1-broken-access-control-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-1-broken-access-control-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

24
CVE-2024/CVE-2024-320xx/CVE-2024-32077.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32077", "id": "CVE-2024-32077",
"sourceIdentifier": "security@apache.org", "sourceIdentifier": "security@apache.org",
"published": "2024-05-14T16:17:01.970", "published": "2024-05-14T16:17:01.970",
"lastModified": "2025-02-13T18:18:02.033", "lastModified": "2025-03-27T20:15:26.090",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,13 +36,33 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security@apache.org", "source": "security@apache.org",
"type": "Primary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",

32
CVE-2024/CVE-2024-328xx/CVE-2024-32894.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32894", "id": "CVE-2024-32894",
"sourceIdentifier": "dsap-vuln-management@google.com", "sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-06-13T21:15:53.923", "published": "2024-06-13T21:15:53.923",
"lastModified": "2024-11-21T09:15:57.527", "lastModified": "2025-03-27T19:15:47.943",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-125" "value": "CWE-125"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
} }
], ],
"configurations": [ "configurations": [

39
CVE-2024/CVE-2024-349xx/CVE-2024-34952.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-34952", "id": "CVE-2024-34952",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-20T14:15:09.480", "published": "2024-05-20T14:15:09.480",
"lastModified": "2024-11-21T09:19:37.457", "lastModified": "2025-03-27T20:15:26.297",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": " Se descubri\u00f3 que taurusxin ncmdump v1.3.2 conten\u00eda una infracci\u00f3n de segmentaci\u00f3n a trav\u00e9s de la funci\u00f3n NeteaseCrypt::FixMetadata() en /src/ncmcrypt.cpp. Esta vulnerabilidad permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un archivo .ncm manipulado." "value": " Se descubri\u00f3 que taurusxin ncmdump v1.3.2 conten\u00eda una infracci\u00f3n de segmentaci\u00f3n a trav\u00e9s de la funci\u00f3n NeteaseCrypt::FixMetadata() en /src/ncmcrypt.cpp. Esta vulnerabilidad permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un archivo .ncm manipulado."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_FixMetadata/dos_FixMetadata.assets/debug-coredump.png", "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_FixMetadata/dos_FixMetadata.assets/debug-coredump.png",

39
CVE-2024/CVE-2024-355xx/CVE-2024-35504.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35504", "id": "CVE-2024-35504",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-30T15:15:48.830", "published": "2024-05-30T15:15:48.830",
"lastModified": "2024-11-21T09:20:21.907", "lastModified": "2025-03-27T20:15:26.493",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de Cross-site Scripting (XSS) en la p\u00e1gina de inicio de sesi\u00f3n de FineSoft v8.0 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro URL:errorname despu\u00e9s de un intento fallido de inicio de sesi\u00f3n." "value": "Una vulnerabilidad de Cross-site Scripting (XSS) en la p\u00e1gina de inicio de sesi\u00f3n de FineSoft v8.0 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro URL:errorname despu\u00e9s de un intento fallido de inicio de sesi\u00f3n."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/dabaizhizhu/123/issues/1", "url": "https://github.com/dabaizhizhu/123/issues/1",

39
CVE-2024/CVE-2024-360xx/CVE-2024-36070.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36070", "id": "CVE-2024-36070",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-19T19:15:48.550", "published": "2024-05-19T19:15:48.550",
"lastModified": "2024-11-21T09:21:34.190", "lastModified": "2025-03-27T20:15:26.677",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "tine anterior a 2023.11.8, cuando se utiliza un backend LDAP, permite a atacantes remotos an\u00f3nimos obtener informaci\u00f3n de autenticaci\u00f3n confidencial a trav\u00e9s de setup.php debido a getRegistryData en Setup/Frontend/Json.php. (Tambi\u00e9n hay una actualizaci\u00f3n disponible para la serie 2022.11)." "value": "tine anterior a 2023.11.8, cuando se utiliza un backend LDAP, permite a atacantes remotos an\u00f3nimos obtener informaci\u00f3n de autenticaci\u00f3n confidencial a trav\u00e9s de setup.php debido a getRegistryData en Setup/Frontend/Json.php. (Tambi\u00e9n hay una actualizaci\u00f3n disponible para la serie 2022.11)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-497"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/tine-groupware/tine/commit/5d556a1225aa358cbf7cfbeae518c9386b46f516", "url": "https://github.com/tine-groupware/tine/commit/5d556a1225aa358cbf7cfbeae518c9386b46f516",

32
CVE-2024/CVE-2024-367xx/CVE-2024-36735.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36735", "id": "CVE-2024-36735",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-06-06T19:15:58.117", "published": "2024-06-06T19:15:58.117",
"lastModified": "2025-03-27T16:15:24.307", "lastModified": "2025-03-27T19:15:48.147",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-704"
}
]
} }
], ],
"configurations": [ "configurations": [

14
CVE-2024/CVE-2024-398xx/CVE-2024-39848.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-39848", "id": "CVE-2024-39848",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-06-29T22:15:02.263", "published": "2024-06-29T22:15:02.263",
"lastModified": "2024-11-21T09:28:26.230", "lastModified": "2025-03-27T20:15:26.860",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -39,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1390"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://spaces.at.internet2.edu/display/Grouper/Grouper+bug+-+GRP-5515+-+web+services+LDAP+authentication+security+vulnerability", "url": "https://spaces.at.internet2.edu/display/Grouper/Grouper+bug+-+GRP-5515+-+web+services+LDAP+authentication+security+vulnerability",

34
CVE-2024/CVE-2024-40xx/CVE-2024-4059.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4059", "id": "CVE-2024-4059",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-05-01T13:15:52.253", "published": "2024-05-01T13:15:52.253",
"lastModified": "2024-12-19T18:56:45.140", "lastModified": "2025-03-27T20:15:27.037",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-125" "value": "CWE-125"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
} }
], ],
"configurations": [ "configurations": [

24
CVE-2024/CVE-2024-51xx/CVE-2024-5157.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5157", "id": "CVE-2024-5157",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-05-22T16:15:10.863", "published": "2024-05-22T16:15:10.863",
"lastModified": "2024-12-19T20:09:58.013", "lastModified": "2025-03-27T20:15:27.833",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
} }
] ]
}, },

25
CVE-2024/CVE-2024-550xx/CVE-2024-55070.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-55070",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-27T20:15:27.247",
"lastModified": "2025-03-27T20:15:27.247",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Broken Object Level Authorization vulnerability in the component /households/permissions of hay-kot mealie v2.2.0 allows group managers to edit their own permissions."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/mealie-recipes/mealie/issues/4593",
"source": "cve@mitre.org"
},
{
"url": "https://m10x.de/posts/2025/03/all-your-recipe-are-belong-to-us-part-3/3-broken-access-controls-leading-to-privilege-escalation-and-more-in-mealie/",
"source": "cve@mitre.org"
}
]
}

60
CVE-2024/CVE-2024-550xx/CVE-2024-55072.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-55072",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-27T19:15:48.330",
"lastModified": "2025-03-27T20:15:27.427",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Broken Object Level Authorization vulnerability in the component /api/users/{user-id} of hay-kot mealie v2.2.0 allows users to edit their own profile in order to give themselves more permissions or to change their household."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://github.com/mealie-recipes/mealie/issues/4593",
"source": "cve@mitre.org"
},
{
"url": "https://m10x.de/posts/2025/03/all-your-recipe-are-belong-to-us-part-3/3-broken-access-controls-leading-to-privilege-escalation-and-more-in-mealie/",
"source": "cve@mitre.org"
}
]
}

60
CVE-2024/CVE-2024-550xx/CVE-2024-55073.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-55073",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-27T19:15:48.437",
"lastModified": "2025-03-27T20:15:27.647",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Broken Object Level Authorization vulnerability in the component /api/users/{user-id} of hay-kot mealie v2.2.0 allows users to edit their own profile in order to give themselves more permissions or to change their household."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://github.com/mealie-recipes/mealie/issues/4593",
"source": "cve@mitre.org"
},
{
"url": "https://m10x.de/posts/2025/03/all-your-recipe-are-belong-to-us-part-3/3-broken-access-controls-leading-to-privilege-escalation-and-more-in-mealie/",
"source": "cve@mitre.org"
}
]
}

44
CVE-2024/CVE-2024-56xx/CVE-2024-5687.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5687", "id": "CVE-2024-5687",
"sourceIdentifier": "security@mozilla.org", "sourceIdentifier": "security@mozilla.org",
"published": "2024-06-11T13:15:50.260", "published": "2024-06-11T13:15:50.260",
"lastModified": "2024-11-21T09:48:09.810", "lastModified": "2025-03-27T20:13:57.260",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,22 +51,54 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "127.0",
"matchCriteriaId": "4CF5E7C8-8673-4B56-AF92-44C08B086E02"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1889066", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1889066",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Exploit"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1889066", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1889066",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Exploit"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

100
CVE-2024/CVE-2024-56xx/CVE-2024-5692.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5692", "id": "CVE-2024-5692",
"sourceIdentifier": "security@mozilla.org", "sourceIdentifier": "security@mozilla.org",
"published": "2024-06-11T13:15:50.770", "published": "2024-06-11T13:15:50.770",
"lastModified": "2024-11-21T09:48:10.633", "lastModified": "2025-03-27T20:07:17.167",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -39,38 +39,118 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*",
"versionEndExcluding": "115.12",
"matchCriteriaId": "D355C34D-4006-4255-B767-0EC32BDD4409"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "127.0",
"matchCriteriaId": "4CF5E7C8-8673-4B56-AF92-44C08B086E02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.12",
"matchCriteriaId": "96ED58CE-9E3C-4354-AB12-0F26C5906650"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891234", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891234",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Exploit"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891234", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891234",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Exploit"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

98
CVE-2024/CVE-2024-56xx/CVE-2024-5693.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5693", "id": "CVE-2024-5693",
"sourceIdentifier": "security@mozilla.org", "sourceIdentifier": "security@mozilla.org",
"published": "2024-06-11T13:15:50.850", "published": "2024-06-11T13:15:50.850",
"lastModified": "2024-11-21T09:48:10.807", "lastModified": "2025-03-27T20:02:24.947",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,54 +51,124 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*",
"versionEndExcluding": "115.12",
"matchCriteriaId": "D355C34D-4006-4255-B767-0EC32BDD4409"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "127.0",
"matchCriteriaId": "4CF5E7C8-8673-4B56-AF92-44C08B086E02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.12",
"matchCriteriaId": "96ED58CE-9E3C-4354-AB12-0F26C5906650"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891319", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891319",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Issue Tracking"
]
}, },
{ {
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}, },
{ {
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891319", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891319",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
}, },
{ {
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}, },
{ {
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

115
CVE-2024/CVE-2024-56xx/CVE-2024-5696.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5696", "id": "CVE-2024-5696",
"sourceIdentifier": "security@mozilla.org", "sourceIdentifier": "security@mozilla.org",
"published": "2024-06-11T13:15:51.100", "published": "2024-06-11T13:15:51.100",
"lastModified": "2024-11-21T09:48:11.303", "lastModified": "2025-03-27T19:55:20.653",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Undergoing Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,54 +51,141 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*",
"versionEndExcluding": "115.12",
"matchCriteriaId": "D355C34D-4006-4255-B767-0EC32BDD4409"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "127.0",
"matchCriteriaId": "4CF5E7C8-8673-4B56-AF92-44C08B086E02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.12",
"matchCriteriaId": "96ED58CE-9E3C-4354-AB12-0F26C5906650"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1896555", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1896555",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}, },
{ {
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}, },
{ {
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1896555", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1896555",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}, },
{ {
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}, },
{ {
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/", "url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

67
CVE-2025/CVE-2025-01xx/CVE-2025-0185.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0185", "id": "CVE-2025-0185",
"sourceIdentifier": "security@huntr.dev", "sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:51.293", "published": "2025-03-20T10:15:51.293",
"lastModified": "2025-03-20T15:15:44.933", "lastModified": "2025-03-27T19:18:14.417",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -16,6 +16,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security@huntr.dev", "source": "security@huntr.dev",
@ -49,16 +71,53 @@
"value": "CWE-94" "value": "CWE-94"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dify:dify:-:*:*:*:*:*:*:*",
"matchCriteriaId": "610C84B3-A71E-482D-80FD-01D1E9E0182C"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://huntr.com/bounties/7d9eb9b2-7b86-45ed-89bd-276c1350db7e", "url": "https://huntr.com/bounties/7d9eb9b2-7b86-45ed-89bd-276c1350db7e",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}, },
{ {
"url": "https://huntr.com/bounties/7d9eb9b2-7b86-45ed-89bd-276c1350db7e", "url": "https://huntr.com/bounties/7d9eb9b2-7b86-45ed-89bd-276c1350db7e",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
} }
] ]
} }

4
CVE-2025/CVE-2025-02xx/CVE-2025-0285.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-0285", "id": "CVE-2025-0285",
"sourceIdentifier": "cret@cert.org", "sourceIdentifier": "cret@cert.org",
"published": "2025-03-03T17:15:13.430", "published": "2025-03-03T17:15:13.430",
"lastModified": "2025-03-25T14:15:27.230", "lastModified": "2025-03-27T19:15:48.520",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Paragon Partition Manager version 7.9.1 contains an arbitrary kernel memory mapping vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to perform privilege escalation exploits." "value": "Paragon Partition Manager version 17.9.1 contains an arbitrary kernel memory mapping vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to perform privilege escalation exploits."
}, },
{ {
"lang": "es", "lang": "es",

8
CVE-2025/CVE-2025-02xx/CVE-2025-0286.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-0286", "id": "CVE-2025-0286",
"sourceIdentifier": "cret@cert.org", "sourceIdentifier": "cret@cert.org",
"published": "2025-03-03T17:15:13.537", "published": "2025-03-03T17:15:13.537",
"lastModified": "2025-03-04T16:15:36.167", "lastModified": "2025-03-27T19:15:48.663",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Paragon Partition Manager version 7.9.1 contains an arbitrary kernel memory write vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to execute arbitrary code on the victim machine." "value": "Paragon Partition Manager version 17.9.1 contains an arbitrary kernel memory write vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to execute arbitrary code on the victim machine."
}, },
{ {
"lang": "es", "lang": "es",
@ -59,6 +59,10 @@
{ {
"url": "https://www.kb.cert.org/vuls/id/726882", "url": "https://www.kb.cert.org/vuls/id/726882",
"source": "cret@cert.org" "source": "cret@cert.org"
},
{
"url": "https://www.paragon-software.com/support/#patches",
"source": "cret@cert.org"
} }
] ]
} }

4
CVE-2025/CVE-2025-02xx/CVE-2025-0287.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-0287", "id": "CVE-2025-0287",
"sourceIdentifier": "cret@cert.org", "sourceIdentifier": "cret@cert.org",
"published": "2025-03-03T17:15:13.710", "published": "2025-03-03T17:15:13.710",
"lastModified": "2025-03-05T14:15:36.253", "lastModified": "2025-03-27T19:15:48.793",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Paragon Partition Manager version 7.9.1 contains a null pointer dereference vulnerability within biontdrv.sys that is caused by a lack of a valid MasterLrp structure in the input buffer, allowing an attacker to execute arbitrary code in the kernel, facilitating privilege escalation." "value": "Paragon Partition Manager version 17.9.1 contains a null pointer dereference vulnerability within biontdrv.sys that is caused by a lack of a valid MasterLrp structure in the input buffer, allowing an attacker to execute arbitrary code in the kernel, facilitating privilege escalation."
}, },
{ {
"lang": "es", "lang": "es",

4
CVE-2025/CVE-2025-02xx/CVE-2025-0288.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-0288", "id": "CVE-2025-0288",
"sourceIdentifier": "cret@cert.org", "sourceIdentifier": "cret@cert.org",
"published": "2025-03-03T17:15:13.823", "published": "2025-03-03T17:15:13.823",
"lastModified": "2025-03-25T15:15:23.780", "lastModified": "2025-03-27T19:15:48.933",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Paragon Partition Manager version 7.9.1 contains an arbitrary kernel memory vulnerability facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalation." "value": "Paragon Partition Manager version 17.9.1 contains an arbitrary kernel memory vulnerability facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalation."
}, },
{ {
"lang": "es", "lang": "es",

4
CVE-2025/CVE-2025-02xx/CVE-2025-0289.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-0289", "id": "CVE-2025-0289",
"sourceIdentifier": "cret@cert.org", "sourceIdentifier": "cret@cert.org",
"published": "2025-03-03T17:15:13.943", "published": "2025-03-03T17:15:13.943",
"lastModified": "2025-03-25T16:15:25.220", "lastModified": "2025-03-27T20:15:28.127",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Paragon Partition Manager version 17, both community and Business versions, contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service." "value": "Paragon Partition Manager version 17.9.1, both community and Business versions, contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service."
}, },
{ {
"lang": "es", "lang": "es",

8
CVE-2025/CVE-2025-28xx/CVE-2025-2857.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-2857", "id": "CVE-2025-2857",
"sourceIdentifier": "security@mozilla.org", "sourceIdentifier": "security@mozilla.org",
"published": "2025-03-27T14:15:55.720", "published": "2025-03-27T14:15:55.720",
"lastModified": "2025-03-27T16:45:12.210", "lastModified": "2025-03-27T20:15:28.440",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Following the sandbox escape in CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. Attackers were able to confuse the parent process into leaking handles to unprivileged child processes leading to a sandbox escape. \nThe original vulnerability was being exploited in the wild. \n*This only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 136.0.4, Firefox ESR < 128.8.1, and Firefox ESR < 115.21.1." "value": "Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. \nThe original vulnerability was being exploited in the wild. \n*This only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 136.0.4, Firefox ESR < 128.8.1, and Firefox ESR < 115.21.1."
} }
], ],
"metrics": {}, "metrics": {},
@ -21,6 +21,10 @@
"url": "https://issues.chromium.org/issues/405143032", "url": "https://issues.chromium.org/issues/405143032",
"source": "security@mozilla.org" "source": "security@mozilla.org"
}, },
{
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2783",
"source": "security@mozilla.org"
},
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2025-19/", "url": "https://www.mozilla.org/security/advisories/mfsa2025-19/",
"source": "security@mozilla.org" "source": "security@mozilla.org"

Some files were not shown because too many files have changed in this diff Show More