admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-27T21:00:20.042074+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-27 21:03:52 +00:00
parent a8f03a2bf0
commit 6a31607bd7
110 changed files with 3890 additions and 592 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
CVE-2018/CVE-2018-110xx/CVE-2018-11087.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-11087",
"sourceIdentifier": "security_alert@emc.com",
"published": "2018-09-14T20:29:00.417",
"lastModified": "2024-11-21T03:42:39.100",
"vulnStatus": "Modified",
"lastModified": "2025-03-27T19:56:20.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,13 +16,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
@ -109,16 +109,16 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:rabbitmq:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:vmware:rabbitmq_java_client:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.0",
"matchCriteriaId": "76B96B99-977B-4EF7-B02B-C3EC596F8B33"
"matchCriteriaId": "CAB8F295-EA89-4565-AE6B-9B8BD193459A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pivotal_software:rabbitmq:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:vmware:rabbitmq_java_client:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.8.1",
"versionEndExcluding": "5.4.0",
"matchCriteriaId": "927F7576-0366-4EA6-B26E-8B4B438C1407"
"matchCriteriaId": "C419AB2D-7C18-4F44-84A4-A4202D83AE44"
}
]
}

32
CVE-2020/CVE-2020-204xx/CVE-2020-20402.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-20402",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T16:15:08.730",
"lastModified": "2024-11-21T05:12:03.337",
"lastModified": "2025-03-27T19:15:41.530",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-287"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-34xx/CVE-2021-3439.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3439",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-02-01T07:15:08.857",
"lastModified": "2024-11-21T06:21:30.860",
"lastModified": "2025-03-27T19:15:42.473",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-38xx/CVE-2021-3808.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3808",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-02-01T07:15:09.147",
"lastModified": "2024-11-21T06:22:29.710",
"lastModified": "2025-03-27T19:15:43.113",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-38xx/CVE-2021-3809.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3809",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-02-01T07:15:09.327",
"lastModified": "2024-11-21T06:22:30.087",
"lastModified": "2025-03-27T19:15:43.480",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

39
CVE-2021/CVE-2021-471xx/CVE-2021-47156.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-47156",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-18T05:15:06.260",
"lastModified": "2024-11-21T06:35:30.860",
"lastModified": "2025-03-27T20:15:16.147",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "El m\u00f3dulo Net::IPAddress::Util anterior a 5.000 para Perl no considera adecuadamente los caracteres cero extra\u00f1os en una cadena de direcci\u00f3n IP, lo que (en algunas situaciones) permite a los atacantes eludir el control de acceso basado en direcciones IP."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1287"
}
]
}
],
"references": [
{
"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/",

39
CVE-2022/CVE-2022-12xx/CVE-2022-1242.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-1242",
"sourceIdentifier": "security@ubuntu.com",
"published": "2024-06-03T19:15:09.143",
"lastModified": "2024-11-21T06:40:19.713",
"lastModified": "2025-03-27T20:15:16.430",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se puede enga\u00f1ar a Apport para que se conecte a sockets arbitrarios como usuario root"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://ubuntu.com/security/notices/USN-5427-1",

34
CVE-2022/CVE-2022-230xx/CVE-2022-23087.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-23087",
"sourceIdentifier": "secteam@freebsd.org",
"published": "2024-02-15T05:15:09.337",
"lastModified": "2024-12-09T23:24:06.143",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-27T20:15:16.600",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-234xx/CVE-2022-23455.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23455",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-02-01T07:15:10.047",
"lastModified": "2024-11-21T06:48:35.510",
"lastModified": "2025-03-27T19:15:43.817",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-275xx/CVE-2022-27538.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27538",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-02-01T07:15:10.537",
"lastModified": "2024-11-21T06:55:54.680",
"lastModified": "2025-03-27T19:15:44.003",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-367"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-304xx/CVE-2022-30421.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30421",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T01:15:11.497",
"lastModified": "2024-11-21T07:02:44.473",
"lastModified": "2025-03-27T19:15:44.737",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-287"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-329xx/CVE-2022-32984.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32984",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T22:15:08.000",
"lastModified": "2024-11-21T07:07:21.393",
"lastModified": "2025-03-27T19:15:44.950",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

14
CVE-2022/CVE-2022-370xx/CVE-2022-37019.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-37019",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2024-06-10T23:15:49.413",
"lastModified": "2024-11-21T07:14:17.740",
"lastModified": "2025-03-27T20:15:16.800",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_10737430-10737454-16/hpsbhf03943",

22
CVE-2022/CVE-2022-43xx/CVE-2022-4395.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4395",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:10.623",
"lastModified": "2024-12-02T19:15:06.587",
"lastModified": "2025-03-27T20:15:17.083",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},

32
CVE-2022/CVE-2022-451xx/CVE-2022-45172.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45172",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T18:15:09.423",
"lastModified": "2024-11-21T07:28:53.677",
"lastModified": "2025-03-27T19:15:45.440",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-863"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-452xx/CVE-2022-45297.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45297",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T22:15:08.140",
"lastModified": "2024-11-21T07:29:01.610",
"lastModified": "2025-03-27T19:15:45.603",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-454xx/CVE-2022-45494.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45494",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T22:15:08.200",
"lastModified": "2024-11-21T07:29:20.453",
"lastModified": "2025-03-27T19:15:45.827",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-455xx/CVE-2022-45598.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45598",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T16:15:09.053",
"lastModified": "2024-11-21T07:29:28.403",
"lastModified": "2025-03-27T19:15:45.993",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

34
CVE-2022/CVE-2022-45xx/CVE-2022-4552.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4552",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:11.017",
"lastModified": "2024-11-21T07:35:28.523",
"lastModified": "2025-03-27T20:15:17.350",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,9 +36,41 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [

22
CVE-2022/CVE-2022-45xx/CVE-2022-4553.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4553",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:11.197",
"lastModified": "2024-11-21T07:35:28.657",
"lastModified": "2025-03-27T20:15:17.530",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},

34
CVE-2022/CVE-2022-46xx/CVE-2022-4667.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4667",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:11.683",
"lastModified": "2024-11-21T07:35:41.983",
"lastModified": "2025-03-27T19:15:46.710",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,9 +36,41 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [

22
CVE-2022/CVE-2022-46xx/CVE-2022-4680.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4680",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:11.830",
"lastModified": "2024-11-21T07:35:43.380",
"lastModified": "2025-03-27T20:15:17.680",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},

34
CVE-2022/CVE-2022-46xx/CVE-2022-4699.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4699",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:11.907",
"lastModified": "2024-11-21T07:35:45.567",
"lastModified": "2025-03-27T20:15:17.840",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,9 +36,41 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [

32
CVE-2022/CVE-2022-470xx/CVE-2022-47035.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47035",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T16:15:09.103",
"lastModified": "2024-11-21T07:31:26.027",
"lastModified": "2025-03-27T19:15:46.220",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-476xx/CVE-2022-47697.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47697",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T18:15:09.510",
"lastModified": "2024-11-21T07:32:21.110",
"lastModified": "2025-03-27T19:15:46.397",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-640"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-476xx/CVE-2022-47698.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47698",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-31T18:15:09.583",
"lastModified": "2024-11-21T07:32:21.257",
"lastModified": "2025-03-27T19:15:46.560",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

34
CVE-2022/CVE-2022-47xx/CVE-2022-4749.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4749",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:11.977",
"lastModified": "2024-11-21T07:35:52.063",
"lastModified": "2025-03-27T20:15:18.010",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,9 +36,41 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [

34
CVE-2022/CVE-2022-47xx/CVE-2022-4765.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4765",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:12.120",
"lastModified": "2024-11-21T07:35:53.820",
"lastModified": "2025-03-27T20:15:18.177",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,9 +36,41 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [

32
CVE-2022/CVE-2022-47xx/CVE-2022-4787.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4787",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:12.333",
"lastModified": "2024-11-21T07:35:56.513",
"lastModified": "2025-03-27T20:15:18.343",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

22
CVE-2022/CVE-2022-47xx/CVE-2022-4792.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4792",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:12.403",
"lastModified": "2024-11-21T07:35:57.080",
"lastModified": "2025-03-27T20:15:18.517",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

22
CVE-2022/CVE-2022-48xx/CVE-2022-4834.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4834",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:12.767",
"lastModified": "2024-11-21T07:36:02.330",
"lastModified": "2025-03-27T20:15:18.677",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

22
CVE-2022/CVE-2022-48xx/CVE-2022-4835.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4835",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:12.837",
"lastModified": "2024-11-21T07:36:02.473",
"lastModified": "2025-03-27T20:15:18.847",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

34
CVE-2022/CVE-2022-48xx/CVE-2022-4837.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4837",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:12.907",
"lastModified": "2024-11-21T07:36:02.690",
"lastModified": "2025-03-27T20:15:19.003",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,9 +36,41 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [

22
CVE-2022/CVE-2022-48xx/CVE-2022-4872.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4872",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:12.980",
"lastModified": "2024-11-21T07:36:06.757",
"lastModified": "2025-03-27T20:15:19.160",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},

22
CVE-2023/CVE-2023-00xx/CVE-2023-0071.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0071",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:13.127",
"lastModified": "2024-11-21T07:36:29.953",
"lastModified": "2025-03-27T20:15:19.327",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

22
CVE-2023/CVE-2023-00xx/CVE-2023-0074.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0074",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:13.197",
"lastModified": "2024-11-21T07:36:30.253",
"lastModified": "2025-03-27T20:15:19.490",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

34
CVE-2023/CVE-2023-00xx/CVE-2023-0097.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0097",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-30T21:15:13.270",
"lastModified": "2024-11-21T07:36:32.857",
"lastModified": "2025-03-27T20:15:19.650",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,9 +36,41 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [

32
CVE-2023/CVE-2023-240xx/CVE-2023-24060.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24060",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-27T04:15:07.997",
"lastModified": "2024-11-21T07:47:21.273",
"lastModified": "2025-03-27T19:15:46.877",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-918"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-244xx/CVE-2023-24495.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24495",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2023-01-26T21:18:19.583",
"lastModified": "2024-11-21T07:47:58.673",
"lastModified": "2025-03-27T20:15:19.880",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-918"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [

39
CVE-2023/CVE-2023-335xx/CVE-2023-33548.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33548",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-06T21:15:48.197",
"lastModified": "2024-11-21T08:05:42.010",
"lastModified": "2025-03-27T19:15:47.060",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Vulnerabilidad de Cross Site Scripting (XSS) en ASUS RT-AC51U con versiones de firmware hasta 3.0.0.4.380.8591 incluida permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s del campo WPA Pre-Shared Key."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/Idaht/ASUS_RT-AC51U_CVE/blob/main/XSS%20-%20WPA%20Pre-Shared%20Key",

39
CVE-2023/CVE-2023-392xx/CVE-2023-39223.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-39223",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-03-18T01:15:48.280",
"lastModified": "2024-11-21T08:14:56.873",
"lastModified": "2025-03-27T20:15:20.060",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Existe una vulnerabilidad de cross-site scripting almacenadas en los CGI incluidos en los productos PMailServer/PMailServer2 de AKI Software. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web de un usuario que haya iniciado sesi\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://akisoftware.com/Vulnerability202301.html",

32
CVE-2023/CVE-2023-452xx/CVE-2023-45207.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-45207",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-13T16:15:08.313",
"lastModified": "2024-11-21T08:26:33.227",
"lastModified": "2025-03-27T20:15:20.233",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

39
CVE-2023/CVE-2023-455xx/CVE-2023-45552.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-45552",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-03T17:15:47.330",
"lastModified": "2024-11-21T08:26:57.280",
"lastModified": "2025-03-27T19:15:47.350",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En VeridiumID anterior a 3.5.0, se descubri\u00f3 una vulnerabilidad de Cross Site Scripting (XSS) almacenado en el portal de administraci\u00f3n que permite a un atacante autenticado hacerse cargo de todas las cuentas enviando entradas maliciosas a trav\u00e9s del portal de autoservicio."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://docs.veridiumid.com/docs/v3.5/security-advisory#id-%28v3.52%29SecurityAdvisory-Acknowledgement",

14
CVE-2023/CVE-2023-460xx/CVE-2023-46060.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-46060",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-17T16:15:07.333",
"lastModified": "2024-11-21T08:27:49.870",
"lastModified": "2025-03-27T20:15:20.477",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://github.com/peris-navince/founded-0-days/blob/main/Tenda/ac500/fromSetVlanInfo/1.md",

24
CVE-2023/CVE-2023-503xx/CVE-2023-50380.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-50380",
"sourceIdentifier": "security@apache.org",
"published": "2024-02-27T17:15:11.300",
"lastModified": "2025-02-13T18:15:50.970",
"lastModified": "2025-03-27T20:15:20.650",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,13 +36,33 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

34
CVE-2023/CVE-2023-523xx/CVE-2023-52373.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52373",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-02-18T04:15:08.007",
"lastModified": "2024-12-06T20:05:03.750",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-27T20:15:20.857",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-281"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-281"
}
]
}
],
"configurations": [

8
CVE-2024/CVE-2024-01xx/CVE-2024-0149.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-0149",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2025-01-28T04:15:09.733",
"lastModified": "2025-01-28T04:15:09.733",
"lastModified": "2025-03-27T20:15:21.053",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,6 +55,10 @@
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5614",
"source": "psirt@nvidia.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/27/7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

38
CVE-2024/CVE-2024-15xx/CVE-2024-1550.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1550",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-02-20T14:15:08.733",
"lastModified": "2024-12-10T15:30:13.977",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-27T20:15:21.197",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-1021"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
]
}
],
"configurations": [
@ -115,6 +145,7 @@
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html",
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
},
@ -157,7 +188,8 @@
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
"Mailing List",
"Vendor Advisory"
]
},
{

34
CVE-2024/CVE-2024-16xx/CVE-2024-1671.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1671",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-02-21T04:15:08.257",
"lastModified": "2024-12-06T14:28:01.590",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-27T20:15:21.390",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-693"
}
]
}
],
"configurations": [

14
CVE-2024/CVE-2024-222xx/CVE-2024-22252.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22252",
"sourceIdentifier": "security@vmware.com",
"published": "2024-03-05T18:15:47.713",
"lastModified": "2025-02-26T16:47:30.710",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-27T20:15:21.593",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

14
CVE-2024/CVE-2024-222xx/CVE-2024-22275.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-22275",
"sourceIdentifier": "security@vmware.com",
"published": "2024-05-21T18:15:09.383",
"lastModified": "2024-11-21T08:55:56.660",
"lastModified": "2025-03-27T20:15:21.773",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308",

22
CVE-2024/CVE-2024-232xx/CVE-2024-23236.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23236",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-05-14T14:58:48.170",
"lastModified": "2024-12-09T19:30:08.453",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-27T20:15:21.923",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -42,19 +42,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.2,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.5,
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
@ -69,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-232xx/CVE-2024-23270.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23270",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-03-08T02:15:49.320",
"lastModified": "2024-11-21T08:57:21.540",
"lastModified": "2025-03-27T20:15:22.150",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

42
CVE-2024/CVE-2024-236xx/CVE-2024-23604.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23604",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-03-18T08:15:06.233",
"lastModified": "2025-03-04T18:28:45.060",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-27T20:15:23.137",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,12 +36,42 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
@ -73,8 +103,8 @@
"url": "http://fitnesse.org/FitNesseDownload",
"source": "vultures@jpcert.or.jp",
"tags": [
"Release Notes",
"Product"
"Product",
"Release Notes"
]
},
{
@ -102,8 +132,8 @@
"url": "http://fitnesse.org/FitNesseDownload",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Product"
"Product",
"Release Notes"
]
},
{

34
CVE-2024/CVE-2024-241xx/CVE-2024-24105.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24105",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-13T21:15:58.870",
"lastModified": "2025-03-10T15:02:25.377",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-27T20:15:23.327",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-241xx/CVE-2024-24146.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24146",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-29T01:44:11.657",
"lastModified": "2024-11-21T08:58:58.690",
"lastModified": "2025-03-27T20:15:23.520",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-401"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [

39
CVE-2024/CVE-2024-242xx/CVE-2024-24272.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24272",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-21T22:15:10.850",
"lastModified": "2024-11-21T08:59:05.650",
"lastModified": "2025-03-27T20:15:23.717",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Un problema en iTop DualSafe Password Manager & Digital Vault anterior a 1.4.24 permite a un atacante local obtener informaci\u00f3n confidencial a trav\u00e9s de credenciales filtradas como texto plano en un archivo de registro al que puede acceder el usuario local sin conocer el secreto maestro."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"references": [
{
"url": "https://research.hisolutions.com/2024/03/cve-2024-24272-dualsafe-password-manager-leaks-credentials/",

14
CVE-2024/CVE-2024-250xx/CVE-2024-25021.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-25021",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-02-22T12:15:46.270",
"lastModified": "2024-11-21T09:00:08.427",
"lastModified": "2025-03-27T19:15:47.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-114"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/281320",

32
CVE-2024/CVE-2024-252xx/CVE-2024-25217.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-25217",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-14T15:15:09.323",
"lastModified": "2024-11-21T09:00:29.037",
"lastModified": "2025-03-27T20:15:23.887",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-252xx/CVE-2024-25249.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25249",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-21T20:15:46.670",
"lastModified": "2025-02-12T16:44:43.817",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-27T20:15:24.083",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

39
CVE-2024/CVE-2024-257xx/CVE-2024-25742.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-25742",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-17T22:15:07.227",
"lastModified": "2024-11-21T09:01:19.287",
"lastModified": "2025-03-27T20:15:24.310",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " En el kernel de Linux anterior a 6.9, un hipervisor que no es de confianza puede inyectar la interrupci\u00f3n virtual 29 (#VC) en cualquier momento y puede activar su controlador. Esto afecta a AMD SEV-SNP y AMD SEV-ES."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.0,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-828"
}
]
}
],
"references": [
{
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.9",

24
CVE-2024/CVE-2024-263xx/CVE-2024-26308.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26308",
"sourceIdentifier": "security@apache.org",
"published": "2024-02-19T09:15:38.277",
"lastModified": "2025-02-13T18:17:19.247",
"lastModified": "2025-03-27T20:15:24.547",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,13 +36,33 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

34
CVE-2024/CVE-2024-264xx/CVE-2024-26475.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26475",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-14T22:15:22.490",
"lastModified": "2025-01-23T19:19:58.217",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-27T20:15:24.743",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-476"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [

153
CVE-2024/CVE-2024-268xx/CVE-2024-26822.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26822",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T10:15:08.977",
"lastModified": "2024-11-21T09:03:08.987",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-27T20:43:09.927",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,140 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: configure el id, uid y cruid correctos para montajes autom\u00e1ticos multiusuario Cuando no se especifican uid, gid y cruid, debemos configurarlos din\u00e1micamente en el contexto del sistema de archivos utilizado para el montaje autom\u00e1tico, de lo contrario terminar\u00e1n reutilizando los valores del montaje principal."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/4508ec17357094e2075f334948393ddedbb75157",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
{
"url": "https://git.kernel.org/stable/c/7590ba9057c6d74c66f3b909a383ec47cd2f27fb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/c2aa2718cda2d56b4a551cb40043e9abc9684626",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/4508ec17357094e2075f334948393ddedbb75157",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/7590ba9057c6d74c66f3b909a383ec47cd2f27fb",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/c2aa2718cda2d56b4a551cb40043e9abc9684626",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.18",
"matchCriteriaId": "BD961E49-FEDA-47CF-BF23-4D2BD942B4E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.6",
"matchCriteriaId": "C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15.124:*:*:*:*:*:*:*",
"matchCriteriaId": "3645B06F-218B-42CB-88DD-48F9EDC76940"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1.54:*:*:*:*:*:*:*",
"matchCriteriaId": "99E7BF45-E0E8-4413-9C8F-D592CF7C9F0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4508ec17357094e2075f334948393ddedbb75157",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7590ba9057c6d74c66f3b909a383ec47cd2f27fb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c2aa2718cda2d56b4a551cb40043e9abc9684626",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4508ec17357094e2075f334948393ddedbb75157",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7590ba9057c6d74c66f3b909a383ec47cd2f27fb",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c2aa2718cda2d56b4a551cb40043e9abc9684626",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

143
CVE-2024/CVE-2024-268xx/CVE-2024-26823.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26823",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T10:15:09.027",
"lastModified": "2024-11-21T09:03:09.103",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-27T20:53:54.630",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,130 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: irqchip/gic-v3-its: restaurar el sondeo de peculiaridades para sistemas basados en ACPI Al refactorizar la forma en que se sondean los ITS, se perdi\u00f3 el manejo de peculiaridades aplicables a plataformas basadas en ACPI. Como resultado, sistemas como HIP07 pierden su funcionalidad GICv4 y es posible que algunos otros incluso no arranquen, a menos que est\u00e9n configurados para arrancar con DT. Mueva la habilitaci\u00f3n de peculiaridades a its_probe_one(), haci\u00e9ndola com\u00fan a todas las implementaciones de firmware."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/4c60c611441f1f1e5de8e00e98ee5a4970778a00",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/8b02da04ad978827e5ccd675acf170198f747a7a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/91a80fff3eeed928b6fba21271f6a9719b22a5d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/4c60c611441f1f1e5de8e00e98ee5a4970778a00",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/8b02da04ad978827e5ccd675acf170198f747a7a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/91a80fff3eeed928b6fba21271f6a9719b22a5d8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.18",
"matchCriteriaId": "8ED485BB-BF8B-4D25-809B-B538663EA8D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.6",
"matchCriteriaId": "C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4c60c611441f1f1e5de8e00e98ee5a4970778a00",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8b02da04ad978827e5ccd675acf170198f747a7a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/91a80fff3eeed928b6fba21271f6a9719b22a5d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4c60c611441f1f1e5de8e00e98ee5a4970778a00",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8b02da04ad978827e5ccd675acf170198f747a7a",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/91a80fff3eeed928b6fba21271f6a9719b22a5d8",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

138
CVE-2024/CVE-2024-268xx/CVE-2024-26824.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26824",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T10:15:09.087",
"lastModified": "2024-11-21T09:03:09.220",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-27T20:56:14.840",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,125 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: crypto: algif_hash - Eliminar SGL falso libre en ruta de error de longitud cero Cuando algif_hash codifica un mensaje de longitud cero y se activa un error, intenta liberar una lista de SG que nunca fue asignado en primer lugar. Solucione este problema al no liberar la lista SG en la ruta de error de longitud cero."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/24c890dd712f6345e382256cae8c97abb0406b70",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/775f3c1882a493168e08fdb8cde0865c8f3a8a29",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/9c82920359b7c1eddaf72069bcfe0ffddf088cd0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/24c890dd712f6345e382256cae8c97abb0406b70",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/775f3c1882a493168e08fdb8cde0865c8f3a8a29",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/9c82920359b7c1eddaf72069bcfe0ffddf088cd0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.5",
"versionEndExcluding": "6.6.18",
"matchCriteriaId": "66A88832-B39F-48D0-BFA1-F660E52CE523"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.6",
"matchCriteriaId": "C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/24c890dd712f6345e382256cae8c97abb0406b70",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/775f3c1882a493168e08fdb8cde0865c8f3a8a29",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9c82920359b7c1eddaf72069bcfe0ffddf088cd0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/24c890dd712f6345e382256cae8c97abb0406b70",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/775f3c1882a493168e08fdb8cde0865c8f3a8a29",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9c82920359b7c1eddaf72069bcfe0ffddf088cd0",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

315
CVE-2024/CVE-2024-268xx/CVE-2024-26825.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26825",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T10:15:09.130",
"lastModified": "2024-11-21T09:03:09.337",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-27T20:56:39.283",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,79 +15,254 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nfc: nci: rx_data_reassembly skb gratuito en la limpieza del dispositivo NCI rx_data_reassembly skb se almacena durante el intercambio de datos NCI para procesar paquetes fragmentados. Se elimina solo cuando se procesa el \u00faltimo fragmento o cuando se recibe un paquete NTF con el c\u00f3digo de operaci\u00f3n NCI_OP_RF_DEACTIVATE_NTF. Sin embargo, el dispositivo NCI puede desasignarse antes de lo que provoca una fuga de skb. Como por dise\u00f1o el skb rx_data_reassembly est\u00e1 vinculado al dispositivo NCI y nada impide que el dispositivo se libere antes de que el skb se procese y limpie de alguna manera, lib\u00e9relo en la limpieza del dispositivo NCI. Encontrado por el Centro de verificaci\u00f3n de Linux (linuxtesting.org) con Syzkaller."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/16d3f507b0fa70453dc54550df093d6e9ac630c1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/2f6d16f0520d6505241629ee2f5c131b547d5f9d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/471c9ede8061357b43a116fa692e70d91941ac23",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/5c0c5ffaed73cbae6c317374dc32ba6cacc60895",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/71349abe3aba7fedcab5b3fcd7aa82371fb5ccbf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7e9a8498658b398bf11b8e388005fa54e40aed81",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a3d90fb5c23f29ba59c04005ae76c5228cef2be9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bfb007aebe6bff451f7f3a4be19f4f286d0d5d9c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/16d3f507b0fa70453dc54550df093d6e9ac630c1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/2f6d16f0520d6505241629ee2f5c131b547d5f9d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/471c9ede8061357b43a116fa692e70d91941ac23",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/5c0c5ffaed73cbae6c317374dc32ba6cacc60895",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/71349abe3aba7fedcab5b3fcd7aa82371fb5ccbf",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/7e9a8498658b398bf11b8e388005fa54e40aed81",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/a3d90fb5c23f29ba59c04005ae76c5228cef2be9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/bfb007aebe6bff451f7f3a4be19f4f286d0d5d9c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-459"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.2",
"versionEndExcluding": "4.19.307",
"matchCriteriaId": "5BAC9C53-B6FE-4F76-989F-0864760C4E09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.269",
"matchCriteriaId": "319545F3-D56C-4751-BEBF-0505478BBAE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.210",
"matchCriteriaId": "F5CB4CA6-A9A0-4AFD-9102-8CF94D708170"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.149",
"matchCriteriaId": "0D0465BB-4053-4E15-9137-6696EBAE90FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.79",
"matchCriteriaId": "656E2F29-1779-4EFC-AA64-8F984E2885B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.18",
"matchCriteriaId": "BD961E49-FEDA-47CF-BF23-4D2BD942B4E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.6",
"matchCriteriaId": "C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/16d3f507b0fa70453dc54550df093d6e9ac630c1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2f6d16f0520d6505241629ee2f5c131b547d5f9d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/471c9ede8061357b43a116fa692e70d91941ac23",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5c0c5ffaed73cbae6c317374dc32ba6cacc60895",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/71349abe3aba7fedcab5b3fcd7aa82371fb5ccbf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7e9a8498658b398bf11b8e388005fa54e40aed81",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a3d90fb5c23f29ba59c04005ae76c5228cef2be9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bfb007aebe6bff451f7f3a4be19f4f286d0d5d9c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/16d3f507b0fa70453dc54550df093d6e9ac630c1",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2f6d16f0520d6505241629ee2f5c131b547d5f9d",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/471c9ede8061357b43a116fa692e70d91941ac23",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5c0c5ffaed73cbae6c317374dc32ba6cacc60895",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/71349abe3aba7fedcab5b3fcd7aa82371fb5ccbf",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7e9a8498658b398bf11b8e388005fa54e40aed81",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a3d90fb5c23f29ba59c04005ae76c5228cef2be9",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bfb007aebe6bff451f7f3a4be19f4f286d0d5d9c",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

191
CVE-2024/CVE-2024-268xx/CVE-2024-26826.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26826",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T10:15:09.183",
"lastModified": "2024-11-21T09:03:09.463",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-27T20:57:04.587",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,162 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mptcp: corrige la reinyecci\u00f3n de datos desde un subflujo obsoleto Cuando MPTCP PM detecta que un subflujo est\u00e1 obsoleto, todo el programador de paquetes debe reinyectar todos los datos no codificados del nivel mptcp. Para evitar adquirir bloqueos innecesarios, primero intenta verificar si hay datos no bloqueados presentes en la cola RTX, pero dicha verificaci\u00f3n actualmente no funciona, ya que utiliza un asistente espec\u00edfico de TCP en un socket MPTCP. Curiosamente, los fuzzers y los comprobadores est\u00e1ticos est\u00e1n contentos, ya que la memoria a la que se accede todav\u00eda pertenece a la estructura mptcp_sock, e incluso desde una perspectiva funcional la recuperaci\u00f3n se complet\u00f3 con \u00e9xito, ya que la prueba de acceso directo siempre fallaba. Un cambio reciente de TCP no relacionado (commit d5fed5addb2b (\"tcp: reorganizar las variables de ruta r\u00e1pida de tcp_sock\")) expuso el problema, ya que la reorganizaci\u00f3n del campo tcp hace que el c\u00f3digo mptcp siempre omita la reinecci\u00f3n. Solucione el problema eliminando la llamada falsa: estamos en un camino lento, la optimizaci\u00f3n inicial demostr\u00f3 una vez m\u00e1s ser mala."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/624902eab7abcb8731b333ec73f206d38d839cd8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/6673d9f1c2cd984390550dbdf7d5ae07b20abbf8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/6f95120f898b40d13fd441225ef511307853c9c2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/b609c783c535493aa3fca22c7e40a120370b1ca5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b6c620dc43ccb4e802894e54b651cf81495e9598",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/624902eab7abcb8731b333ec73f206d38d839cd8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/6673d9f1c2cd984390550dbdf7d5ae07b20abbf8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/6f95120f898b40d13fd441225ef511307853c9c2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/b609c783c535493aa3fca22c7e40a120370b1ca5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/b6c620dc43ccb4e802894e54b651cf81495e9598",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.149",
"matchCriteriaId": "5DAC8D7B-7B93-476C-86C0-E4A247061C4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.79",
"matchCriteriaId": "656E2F29-1779-4EFC-AA64-8F984E2885B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.18",
"matchCriteriaId": "BD961E49-FEDA-47CF-BF23-4D2BD942B4E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.6",
"matchCriteriaId": "C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/624902eab7abcb8731b333ec73f206d38d839cd8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6673d9f1c2cd984390550dbdf7d5ae07b20abbf8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6f95120f898b40d13fd441225ef511307853c9c2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b609c783c535493aa3fca22c7e40a120370b1ca5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b6c620dc43ccb4e802894e54b651cf81495e9598",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/624902eab7abcb8731b333ec73f206d38d839cd8",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6673d9f1c2cd984390550dbdf7d5ae07b20abbf8",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6f95120f898b40d13fd441225ef511307853c9c2",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b609c783c535493aa3fca22c7e40a120370b1ca5",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b6c620dc43ccb4e802894e54b651cf81495e9598",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

34
CVE-2024/CVE-2024-272xx/CVE-2024-27229.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27229",
"sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-03-11T19:15:48.873",
"lastModified": "2025-02-18T13:42:04.037",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-27T19:15:47.743",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-476"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-282xx/CVE-2024-28277.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28277",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T15:14:18.617",
"lastModified": "2025-02-11T21:39:53.903",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-27T20:15:24.940",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-284xx/CVE-2024-28403.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28403",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-15T16:15:08.583",
"lastModified": "2025-03-10T15:23:33.017",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-27T20:15:25.140",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-284xx/CVE-2024-28456.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28456",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-28T23:15:46.340",
"lastModified": "2025-02-27T14:06:39.447",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-27T20:15:25.390",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

63
CVE-2024/CVE-2024-285xx/CVE-2024-28558.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28558",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T19:15:09.957",
"lastModified": "2024-11-21T09:06:31.070",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-27T20:19:53.070",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,22 +51,55 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/xuanluansec/vul/blob/main/vul/sql/sql-3.md",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://github.com/xuanluansec/vul/issues/3#issue-2243633522",
"source": "cve@mitre.org"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://github.com/xuanluansec/vul/blob/main/vul/sql/sql-3.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://github.com/xuanluansec/vul/issues/3#issue-2243633522",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:mayurik:petrol_pump_management:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A334E610-B489-4A7C-B31A-1132B26FFF0B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xuanluansec/vul/blob/main/vul/sql/sql-3.md",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/xuanluansec/vul/issues/3#issue-2243633522",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/xuanluansec/vul/blob/main/vul/sql/sql-3.md",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/xuanluansec/vul/issues/3#issue-2243633522",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

26
CVE-2024/CVE-2024-290xx/CVE-2024-29006.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29006",
"sourceIdentifier": "security@apache.org",
"published": "2024-04-04T08:15:06.810",
"lastModified": "2025-01-24T16:19:05.217",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-27T20:15:25.687",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,13 +36,33 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

14
CVE-2024/CVE-2024-293xx/CVE-2024-29390.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-29390",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-20T21:15:49.583",
"lastModified": "2024-11-21T09:07:59.560",
"lastModified": "2025-03-27T20:15:25.893",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/CyberSentryX/CVE_Hunting/blob/main/CVE-2024-29390/README.md",

40
CVE-2024/CVE-2024-29xx/CVE-2024-2915.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2915",
"sourceIdentifier": "security@devolutions.net",
"published": "2024-03-26T16:15:14.117",
"lastModified": "2024-11-21T09:10:49.697",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-27T19:32:07.640",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2024-0005",
"source": "security@devolutions.net"
},
"nodes": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2024-0005",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.1.8.0",
"matchCriteriaId": "0E78FB63-33B2-499B-9BB1-DE3EE1767E01"
}
]
}
]
}
],
"references": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2024-0005",
"source": "security@devolutions.net",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://devolutions.net/security/advisories/DEVO-2024-0005",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-302xx/CVE-2024-30234.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30234",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-26T13:15:45.927",
"lastModified": "2024-11-21T09:11:30.333",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-27T19:25:19.060",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -51,14 +71,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-1-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
},
"nodes": [
{
"url": "https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-1-broken-access-control-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpxpo:wholesalex:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.2",
"matchCriteriaId": "6ACBA09D-B7A0-4C00-B974-6309347E893C"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-1-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-1-broken-access-control-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

24
CVE-2024/CVE-2024-320xx/CVE-2024-32077.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32077",
"sourceIdentifier": "security@apache.org",
"published": "2024-05-14T16:17:01.970",
"lastModified": "2025-02-13T18:18:02.033",
"lastModified": "2025-03-27T20:15:26.090",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,13 +36,33 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

32
CVE-2024/CVE-2024-328xx/CVE-2024-32894.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32894",
"sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-06-13T21:15:53.923",
"lastModified": "2024-11-21T09:15:57.527",
"lastModified": "2025-03-27T19:15:47.943",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

39
CVE-2024/CVE-2024-349xx/CVE-2024-34952.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-34952",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-20T14:15:09.480",
"lastModified": "2024-11-21T09:19:37.457",
"lastModified": "2025-03-27T20:15:26.297",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " Se descubri\u00f3 que taurusxin ncmdump v1.3.2 conten\u00eda una infracci\u00f3n de segmentaci\u00f3n a trav\u00e9s de la funci\u00f3n NeteaseCrypt::FixMetadata() en /src/ncmcrypt.cpp. Esta vulnerabilidad permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un archivo .ncm manipulado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_FixMetadata/dos_FixMetadata.assets/debug-coredump.png",

39
CVE-2024/CVE-2024-355xx/CVE-2024-35504.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35504",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-30T15:15:48.830",
"lastModified": "2024-11-21T09:20:21.907",
"lastModified": "2025-03-27T20:15:26.493",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de Cross-site Scripting (XSS) en la p\u00e1gina de inicio de sesi\u00f3n de FineSoft v8.0 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro URL:errorname despu\u00e9s de un intento fallido de inicio de sesi\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/dabaizhizhu/123/issues/1",

39
CVE-2024/CVE-2024-360xx/CVE-2024-36070.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36070",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-19T19:15:48.550",
"lastModified": "2024-11-21T09:21:34.190",
"lastModified": "2025-03-27T20:15:26.677",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "tine anterior a 2023.11.8, cuando se utiliza un backend LDAP, permite a atacantes remotos an\u00f3nimos obtener informaci\u00f3n de autenticaci\u00f3n confidencial a trav\u00e9s de setup.php debido a getRegistryData en Setup/Frontend/Json.php. (Tambi\u00e9n hay una actualizaci\u00f3n disponible para la serie 2022.11)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-497"
}
]
}
],
"references": [
{
"url": "https://github.com/tine-groupware/tine/commit/5d556a1225aa358cbf7cfbeae518c9386b46f516",

32
CVE-2024/CVE-2024-367xx/CVE-2024-36735.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36735",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-06T19:15:58.117",
"lastModified": "2025-03-27T16:15:24.307",
"lastModified": "2025-03-27T19:15:48.147",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-704"
}
]
}
],
"configurations": [

14
CVE-2024/CVE-2024-398xx/CVE-2024-39848.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-39848",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-29T22:15:02.263",
"lastModified": "2024-11-21T09:28:26.230",
"lastModified": "2025-03-27T20:15:26.860",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1390"
}
]
}
],
"references": [
{
"url": "https://spaces.at.internet2.edu/display/Grouper/Grouper+bug+-+GRP-5515+-+web+services+LDAP+authentication+security+vulnerability",

34
CVE-2024/CVE-2024-40xx/CVE-2024-4059.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4059",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-05-01T13:15:52.253",
"lastModified": "2024-12-19T18:56:45.140",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-27T20:15:27.037",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

24
CVE-2024/CVE-2024-51xx/CVE-2024-5157.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5157",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-05-22T16:15:10.863",
"lastModified": "2024-12-19T20:09:58.013",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-27T20:15:27.833",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

25
CVE-2024/CVE-2024-550xx/CVE-2024-55070.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-55070",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-27T20:15:27.247",
"lastModified": "2025-03-27T20:15:27.247",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Broken Object Level Authorization vulnerability in the component /households/permissions of hay-kot mealie v2.2.0 allows group managers to edit their own permissions."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/mealie-recipes/mealie/issues/4593",
"source": "cve@mitre.org"
},
{
"url": "https://m10x.de/posts/2025/03/all-your-recipe-are-belong-to-us-part-3/3-broken-access-controls-leading-to-privilege-escalation-and-more-in-mealie/",
"source": "cve@mitre.org"
}
]
}

60
CVE-2024/CVE-2024-550xx/CVE-2024-55072.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-55072",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-27T19:15:48.330",
"lastModified": "2025-03-27T20:15:27.427",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Broken Object Level Authorization vulnerability in the component /api/users/{user-id} of hay-kot mealie v2.2.0 allows users to edit their own profile in order to give themselves more permissions or to change their household."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://github.com/mealie-recipes/mealie/issues/4593",
"source": "cve@mitre.org"
},
{
"url": "https://m10x.de/posts/2025/03/all-your-recipe-are-belong-to-us-part-3/3-broken-access-controls-leading-to-privilege-escalation-and-more-in-mealie/",
"source": "cve@mitre.org"
}
]
}

60
CVE-2024/CVE-2024-550xx/CVE-2024-55073.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-55073",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-27T19:15:48.437",
"lastModified": "2025-03-27T20:15:27.647",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Broken Object Level Authorization vulnerability in the component /api/users/{user-id} of hay-kot mealie v2.2.0 allows users to edit their own profile in order to give themselves more permissions or to change their household."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://github.com/mealie-recipes/mealie/issues/4593",
"source": "cve@mitre.org"
},
{
"url": "https://m10x.de/posts/2025/03/all-your-recipe-are-belong-to-us-part-3/3-broken-access-controls-leading-to-privilege-escalation-and-more-in-mealie/",
"source": "cve@mitre.org"
}
]
}

62
CVE-2024/CVE-2024-56xx/CVE-2024-5687.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5687",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-06-11T13:15:50.260",
"lastModified": "2024-11-21T09:48:09.810",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-27T20:13:57.260",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,22 +51,54 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1889066",
"source": "security@mozilla.org"
},
"nodes": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "security@mozilla.org"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1889066",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "127.0",
"matchCriteriaId": "4CF5E7C8-8673-4B56-AF92-44C08B086E02"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1889066",
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Exploit"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1889066",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Exploit"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

144
CVE-2024/CVE-2024-56xx/CVE-2024-5692.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5692",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-06-11T13:15:50.770",
"lastModified": "2024-11-21T09:48:10.633",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-27T20:07:17.167",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,38 +39,118 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891234",
"source": "security@mozilla.org"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "security@mozilla.org"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891234",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*",
"versionEndExcluding": "115.12",
"matchCriteriaId": "D355C34D-4006-4255-B767-0EC32BDD4409"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "127.0",
"matchCriteriaId": "4CF5E7C8-8673-4B56-AF92-44C08B086E02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.12",
"matchCriteriaId": "96ED58CE-9E3C-4354-AB12-0F26C5906650"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891234",
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Exploit"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891234",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Exploit"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

160
CVE-2024/CVE-2024-56xx/CVE-2024-5693.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5693",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-06-11T13:15:50.850",
"lastModified": "2024-11-21T09:48:10.807",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-27T20:02:24.947",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,54 +51,124 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891319",
"source": "security@mozilla.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*",
"versionEndExcluding": "115.12",
"matchCriteriaId": "D355C34D-4006-4255-B767-0EC32BDD4409"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html",
"source": "security@mozilla.org"
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "127.0",
"matchCriteriaId": "4CF5E7C8-8673-4B56-AF92-44C08B086E02"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "security@mozilla.org"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891319",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.12",
"matchCriteriaId": "96ED58CE-9E3C-4354-AB12-0F26C5906650"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891319",
"source": "security@mozilla.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html",
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html",
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891319",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

177
CVE-2024/CVE-2024-56xx/CVE-2024-5696.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5696",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-06-11T13:15:51.100",
"lastModified": "2024-11-21T09:48:11.303",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-27T19:55:20.653",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -51,54 +51,141 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1896555",
"source": "security@mozilla.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*",
"versionEndExcluding": "115.12",
"matchCriteriaId": "D355C34D-4006-4255-B767-0EC32BDD4409"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html",
"source": "security@mozilla.org"
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "127.0",
"matchCriteriaId": "4CF5E7C8-8673-4B56-AF92-44C08B086E02"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "security@mozilla.org"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1896555",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.12",
"matchCriteriaId": "96ED58CE-9E3C-4354-AB12-0F26C5906650"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1896555",
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html",
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html",
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1896555",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-25/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-26/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-28/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

67
CVE-2025/CVE-2025-01xx/CVE-2025-0185.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0185",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:51.293",
"lastModified": "2025-03-20T15:15:44.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-27T19:18:14.417",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -49,16 +71,53 @@
"value": "CWE-94"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dify:dify:-:*:*:*:*:*:*:*",
"matchCriteriaId": "610C84B3-A71E-482D-80FD-01D1E9E0182C"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/7d9eb9b2-7b86-45ed-89bd-276c1350db7e",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://huntr.com/bounties/7d9eb9b2-7b86-45ed-89bd-276c1350db7e",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

4
CVE-2025/CVE-2025-02xx/CVE-2025-0285.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-0285",
"sourceIdentifier": "cret@cert.org",
"published": "2025-03-03T17:15:13.430",
"lastModified": "2025-03-25T14:15:27.230",
"lastModified": "2025-03-27T19:15:48.520",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Paragon Partition Manager version 7.9.1 contains an arbitrary kernel memory mapping vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to perform privilege escalation exploits."
"value": "Paragon Partition Manager version 17.9.1 contains an arbitrary kernel memory mapping vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to perform privilege escalation exploits."
},
{
"lang": "es",

8
CVE-2025/CVE-2025-02xx/CVE-2025-0286.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-0286",
"sourceIdentifier": "cret@cert.org",
"published": "2025-03-03T17:15:13.537",
"lastModified": "2025-03-04T16:15:36.167",
"lastModified": "2025-03-27T19:15:48.663",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Paragon Partition Manager version 7.9.1 contains an arbitrary kernel memory write vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to execute arbitrary code on the victim machine."
"value": "Paragon Partition Manager version 17.9.1 contains an arbitrary kernel memory write vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to execute arbitrary code on the victim machine."
},
{
"lang": "es",
@ -59,6 +59,10 @@
{
"url": "https://www.kb.cert.org/vuls/id/726882",
"source": "cret@cert.org"
},
{
"url": "https://www.paragon-software.com/support/#patches",
"source": "cret@cert.org"
}
]
}

4
CVE-2025/CVE-2025-02xx/CVE-2025-0287.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-0287",
"sourceIdentifier": "cret@cert.org",
"published": "2025-03-03T17:15:13.710",
"lastModified": "2025-03-05T14:15:36.253",
"lastModified": "2025-03-27T19:15:48.793",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Paragon Partition Manager version 7.9.1 contains a null pointer dereference vulnerability within biontdrv.sys that is caused by a lack of a valid MasterLrp structure in the input buffer, allowing an attacker to execute arbitrary code in the kernel, facilitating privilege escalation."
"value": "Paragon Partition Manager version 17.9.1 contains a null pointer dereference vulnerability within biontdrv.sys that is caused by a lack of a valid MasterLrp structure in the input buffer, allowing an attacker to execute arbitrary code in the kernel, facilitating privilege escalation."
},
{
"lang": "es",

4
CVE-2025/CVE-2025-02xx/CVE-2025-0288.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-0288",
"sourceIdentifier": "cret@cert.org",
"published": "2025-03-03T17:15:13.823",
"lastModified": "2025-03-25T15:15:23.780",
"lastModified": "2025-03-27T19:15:48.933",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Paragon Partition Manager version 7.9.1 contains an arbitrary kernel memory vulnerability facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalation."
"value": "Paragon Partition Manager version 17.9.1 contains an arbitrary kernel memory vulnerability facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalation."
},
{
"lang": "es",

4
CVE-2025/CVE-2025-02xx/CVE-2025-0289.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-0289",
"sourceIdentifier": "cret@cert.org",
"published": "2025-03-03T17:15:13.943",
"lastModified": "2025-03-25T16:15:25.220",
"lastModified": "2025-03-27T20:15:28.127",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Paragon Partition Manager version 17, both community and Business versions, contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service."
"value": "Paragon Partition Manager version 17.9.1, both community and Business versions, contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service."
},
{
"lang": "es",

8
CVE-2025/CVE-2025-28xx/CVE-2025-2857.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-2857",
"sourceIdentifier": "security@mozilla.org",
"published": "2025-03-27T14:15:55.720",
"lastModified": "2025-03-27T16:45:12.210",
"lastModified": "2025-03-27T20:15:28.440",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Following the sandbox escape in CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. Attackers were able to confuse the parent process into leaking handles to unprivileged child processes leading to a sandbox escape. \nThe original vulnerability was being exploited in the wild. \n*This only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 136.0.4, Firefox ESR < 128.8.1, and Firefox ESR < 115.21.1."
"value": "Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. \nThe original vulnerability was being exploited in the wild. \n*This only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 136.0.4, Firefox ESR < 128.8.1, and Firefox ESR < 115.21.1."
}
],
"metrics": {},
@ -21,6 +21,10 @@
"url": "https://issues.chromium.org/issues/405143032",
"source": "security@mozilla.org"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2783",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2025-19/",
"source": "security@mozilla.org"

Some files were not shown because too many files have changed in this diff Show More