admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-18T19:00:20.831495+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-18 19:03:51 +00:00
parent ffe3ab541c
commit 6cf3d6d480
78 changed files with 4242 additions and 607 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
CVE-2021/CVE-2021-339xx/CVE-2021-33983.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33983",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T18:15:11.457",
"lastModified": "2024-11-21T06:09:50.847",
"lastModified": "2025-03-18T17:15:37.453",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-341xx/CVE-2021-34164.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-34164",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T18:15:11.513",
"lastModified": "2024-11-21T06:09:57.923",
"lastModified": "2025-03-18T17:15:38.467",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-276"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-341xx/CVE-2021-34182.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-34182",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T18:15:11.567",
"lastModified": "2024-11-21T06:09:59.330",
"lastModified": "2025-03-18T17:15:38.750",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-276"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-352xx/CVE-2021-35261.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-35261",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T18:15:11.620",
"lastModified": "2024-11-21T06:12:09.890",
"lastModified": "2025-03-18T17:15:39.027",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-434"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [

117
CVE-2021/CVE-2021-44xx/CVE-2021-4453.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4453",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:29.820",
"lastModified": "2025-02-26T06:37:29.820",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T18:52:26.330",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,114 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/pm: se corrige una posible p\u00e9rdida de memoria en gpu_metrics_table La memoria est\u00e1 asignada para gpu_metrics_table en renoir_init_smc_tables(), pero no se libera en int smu_v12_0_fini_smc_tables(). \u00a1Lib\u00e9renla!"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/222cebd995cdf11fe0d502749560f65e64990e55",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/257b3bb16634fd936129fe2f57a91594a75b8751",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/aa464957f7e660abd554f2546a588f6533720e21",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10",
"versionEndExcluding": "5.10.88",
"matchCriteriaId": "EB4181F8-6C8B-4641-A13A-D558F76ABA69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.11",
"matchCriteriaId": "11274E95-438A-449A-B100-01B2B0046669"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "357AA433-37E8-4323-BFB2-3038D6E4B414"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A73429BA-C2D9-4D0C-A75F-06A1CA8B3983"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F621B5E3-E99D-49E7-90B9-EC3B77C95383"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc4:*:*:*:*:*:*",
"matchCriteriaId": "F7BFDCAA-1650-49AA-8462-407DD593F94F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc5:*:*:*:*:*:*",
"matchCriteriaId": "6EC9882F-866D-4ACB-8FBC-213D8D8436C8"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/222cebd995cdf11fe0d502749560f65e64990e55",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/257b3bb16634fd936129fe2f57a91594a75b8751",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aa464957f7e660abd554f2546a588f6533720e21",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

267
CVE-2021/CVE-2021-472xx/CVE-2021-47216.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47216",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-10T19:15:48.770",
"lastModified": "2024-11-21T06:35:38.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T17:01:47.293",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,71 +15,214 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: advansys: Fix kernel pointer leak Los punteros se deben imprimir con %p o %px en lugar de convertirse en 'unsigned long' e imprimirse con %lx. Cambie %lx a %p para imprimir el puntero con hash."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/055eced3edf5b675d12189081303f6285ef26511",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/06d7d12efb5c62db9dea15141ae2b322c2719515",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/27490ae6a85a70242d80615ca74d0362a820d6a7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/5612287991debe310c914600599bd59511ababfb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ad19f7046c24f95c674fbea21870479b2b9f5bab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cc248790bfdcf879e3094fa248c85bf92cdf9dae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d4996c6eac4c81b8872043e9391563f67f13e406",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f5a0ba4a9b5e70e7b2f767636d26523f9d1ac59d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/055eced3edf5b675d12189081303f6285ef26511",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/06d7d12efb5c62db9dea15141ae2b322c2719515",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/27490ae6a85a70242d80615ca74d0362a820d6a7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/5612287991debe310c914600599bd59511ababfb",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/ad19f7046c24f95c674fbea21870479b2b9f5bab",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/cc248790bfdcf879e3094fa248c85bf92cdf9dae",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/d4996c6eac4c81b8872043e9391563f67f13e406",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/f5a0ba4a9b5e70e7b2f767636d26523f9d1ac59d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.293",
"matchCriteriaId": "83024F84-4857-4CAF-957E-C14804BAC4AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.5",
"versionEndExcluding": "4.9.291",
"matchCriteriaId": "8B1EE39E-FE30-4B7D-A26F-631135BCBB3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.256",
"matchCriteriaId": "FCEB92FF-21BF-4F75-ACA1-6AE1D51A79FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.218",
"matchCriteriaId": "4F85F433-5DEA-47D3-B07E-3B1AC474D6E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.162",
"matchCriteriaId": "51A152D8-D5CE-47BD-9041-DEE164DCE99D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.82",
"matchCriteriaId": "AE501832-500C-4EF1-9489-5C13674F619D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.5",
"matchCriteriaId": "2128A085-4C0C-4C1E-9E9C-0DD868E2170F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/055eced3edf5b675d12189081303f6285ef26511",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/06d7d12efb5c62db9dea15141ae2b322c2719515",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/27490ae6a85a70242d80615ca74d0362a820d6a7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5612287991debe310c914600599bd59511ababfb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ad19f7046c24f95c674fbea21870479b2b9f5bab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cc248790bfdcf879e3094fa248c85bf92cdf9dae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d4996c6eac4c81b8872043e9391563f67f13e406",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f5a0ba4a9b5e70e7b2f767636d26523f9d1ac59d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/055eced3edf5b675d12189081303f6285ef26511",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/06d7d12efb5c62db9dea15141ae2b322c2719515",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/27490ae6a85a70242d80615ca74d0362a820d6a7",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5612287991debe310c914600599bd59511ababfb",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ad19f7046c24f95c674fbea21870479b2b9f5bab",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cc248790bfdcf879e3094fa248c85bf92cdf9dae",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d4996c6eac4c81b8872043e9391563f67f13e406",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f5a0ba4a9b5e70e7b2f767636d26523f9d1ac59d",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

107
CVE-2021/CVE-2021-476xx/CVE-2021-47654.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47654",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:07.170",
"lastModified": "2025-02-26T06:37:07.170",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T18:49:52.790",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,102 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: samples/landlock: Se corrige la p\u00e9rdida de memoria de path_list El an\u00e1lisis est\u00e1tico de Clang informa este error sandboxer.c:134:8: advertencia: Posible p\u00e9rdida de memoria se\u00f1alada por 'path_list' ret = 0; ^ path_list se asigna en parse_path() pero nunca se libera."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/017196730299ccd6eed24bbfabed8af4ffd81530",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/20fbf100f84b9aeb9c91421abe1927bc152bc32b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/49b0d8bf05809df5f87e5c03e26d74bdfdab4571",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/66b513b7c64a7290c1fbb88e657f7cece992e131",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.33",
"matchCriteriaId": "0B4D5502-DA34-43DA-93D1-158E3047C2C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.19",
"matchCriteriaId": "20C43679-0439-405A-B97F-685BEE50613B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17",
"versionEndExcluding": "5.17.2",
"matchCriteriaId": "210C679C-CF84-44A3-8939-E629C87E54BF"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/017196730299ccd6eed24bbfabed8af4ffd81530",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/20fbf100f84b9aeb9c91421abe1927bc152bc32b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/49b0d8bf05809df5f87e5c03e26d74bdfdab4571",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/66b513b7c64a7290c1fbb88e657f7cece992e131",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

101
CVE-2021/CVE-2021-476xx/CVE-2021-47655.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47655",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:07.267",
"lastModified": "2025-02-26T06:37:07.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T18:50:02.227",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,96 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: venus: vdec: se ha corregido un posible problema de p\u00e9rdida de memoria La implementaci\u00f3n de venus_helper_alloc_dpb_bufs() permite un retorno temprano a una ruta de error al verificar el id de ida_alloc_min(), lo que no liberar\u00eda la asignaci\u00f3n de b\u00fafer anterior. Mueva el kfree() directo de la verificaci\u00f3n de errores de dma_alloc_attrs() a la ruta de error com\u00fan para garantizar que se liberen las asignaciones en todas las rutas de error en esta funci\u00f3n. Addresses-Coverity: 1494120 (\"Fuga de recursos\")"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/55bccafc246b2e64763a155ec454470c07a54a6e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/5cedfe8aaf1875a5305897107b7f298db4260019",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/5f89d05ba93df9c2cdfe493843f93288e55e99eb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/8403fdd775858a7bf04868d43daea0acbe49ddfc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.19",
"matchCriteriaId": "20C43679-0439-405A-B97F-685BEE50613B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17",
"versionEndExcluding": "5.17.2",
"matchCriteriaId": "210C679C-CF84-44A3-8939-E629C87E54BF"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/55bccafc246b2e64763a155ec454470c07a54a6e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5cedfe8aaf1875a5305897107b7f298db4260019",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5f89d05ba93df9c2cdfe493843f93288e55e99eb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8403fdd775858a7bf04868d43daea0acbe49ddfc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

115
CVE-2021/CVE-2021-476xx/CVE-2021-47657.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47657",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:07.467",
"lastModified": "2025-02-26T06:37:07.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T18:50:28.090",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,110 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/virtio: Aseg\u00farese de que objs no sea NULL en virtio_gpu_array_put_free() Si virtio_gpu_object_shmem_init() falla (por ejemplo, debido a la inyecci\u00f3n de fallos, como sucedi\u00f3 en el informe de error de syzbot), se podr\u00eda llamar a virtio_gpu_array_put_free() con objs igual a NULL. Aseg\u00farese de que objs no sea NULL en virtio_gpu_array_put_free() o, de lo contrario, regrese de la funci\u00f3n."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/6b79f96f4a23846516e5e6e4dd37fc06f43a60dd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/abc9ad36df16e27ac1c665085157f1a082d39bac",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/ac92b474eeeed75b8660374ba1d129a121c09da8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/b094fece3810c71ceee6f0921676cb65d4e68c5a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11.20",
"versionEndExcluding": "5.12",
"matchCriteriaId": "CC8679E8-F4E0-4BBF-8682-F0CDCBC99C1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12.3",
"versionEndExcluding": "5.15.32",
"matchCriteriaId": "8A712A85-BED7-44CD-A617-EFD0ABBF4FCC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.18",
"matchCriteriaId": "C86410A0-E312-4F41-93E9-929EAFB31757"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17",
"versionEndExcluding": "5.17.1",
"matchCriteriaId": "3004D9BF-0093-4C9C-8560-F3E91AFAE409"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/6b79f96f4a23846516e5e6e4dd37fc06f43a60dd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/abc9ad36df16e27ac1c665085157f1a082d39bac",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ac92b474eeeed75b8660374ba1d129a121c09da8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b094fece3810c71ceee6f0921676cb65d4e68c5a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

108
CVE-2021/CVE-2021-476xx/CVE-2021-47660.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47660",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:07.733",
"lastModified": "2025-02-26T06:37:07.733",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T18:50:52.930",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,103 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fs/ntfs3: Se han solucionado algunas fugas de memoria en una ruta de manejo de errores de 'log_replay()'. Todas las rutas de manejo de errores conducen a 'out', donde se liberan muchos recursos. H\u00e1galo tambi\u00e9n aqu\u00ed en lugar de un retorno directo, de lo contrario, se producir\u00e1n fugas de 'log', 'ra' y 'log->one_page_buf' (al menos)."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/2c97519ed6b4239594c58ddacf3d0d576cf070cc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/bc4a1d384a04c6dba9312e1421a9f9f7c03339a4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/d8be98ab88250dc12a98efdb703792a537b0eac3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/e589f9b7078e1c0191613cd736f598e81d2390de",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.46",
"matchCriteriaId": "FA8369C7-8B08-4709-9CE6-2131C7668313"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2c97519ed6b4239594c58ddacf3d0d576cf070cc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bc4a1d384a04c6dba9312e1421a9f9f7c03339a4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d8be98ab88250dc12a98efdb703792a537b0eac3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e589f9b7078e1c0191613cd736f598e81d2390de",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

32
CVE-2022/CVE-2022-329xx/CVE-2022-32972.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32972",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T14:15:15.300",
"lastModified": "2024-11-21T07:07:20.487",
"lastModified": "2025-03-18T17:15:39.310",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-427"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [

20
CVE-2022/CVE-2022-355xx/CVE-2022-35583.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-35583",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-08-22T16:15:09.473",
"lastModified": "2024-11-21T07:11:21.050",
"vulnStatus": "Modified",
"lastModified": "2025-03-18T18:42:23.757",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -71,14 +71,16 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/171446/wkhtmltopdf-0.12.6-Server-Side-Request-Forgery.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://cyber-guy.gitbook.io/cyber-guys-blog/blogs/initial-access-via-pdf-file-silently",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
"URL Repurposed"
]
},
{
@ -99,14 +101,16 @@
},
{
"url": "http://packetstormsecurity.com/files/171446/wkhtmltopdf-0.12.6-Server-Side-Request-Forgery.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
},
{
"url": "https://cyber-guy.gitbook.io/cyber-guys-blog/blogs/initial-access-via-pdf-file-silently",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
"URL Repurposed"
]
},
{

32
CVE-2022/CVE-2022-400xx/CVE-2022-40021.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-40021",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T22:15:11.850",
"lastModified": "2024-11-21T07:20:44.147",
"lastModified": "2025-03-18T17:15:39.603",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-77"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-477xx/CVE-2022-47703.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47703",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-16T22:15:11.033",
"lastModified": "2024-11-21T07:32:21.830",
"lastModified": "2025-03-18T18:15:25.850",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-306"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [

137
CVE-2022/CVE-2022-490xx/CVE-2022-49046.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49046",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:00:41.890",
"lastModified": "2025-02-26T07:00:41.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T18:53:16.010",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,134 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i2c: dev: verificar el valor de retorno al llamar a dev_set_name() Si dev_set_name() falla, dev_name() es nulo, verifique el valor de retorno de dev_set_name() para evitar el null-ptr-deref."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/2f345bb14ad4744950499ff222e2899209297afa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/993eb48fa199b5f476df8204e652eff63dd19361",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/c74d77a2d07744147d734138acd6ce9dba715e5d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.225",
"versionEndExcluding": "4.5",
"matchCriteriaId": "F615000A-22D0-462C-9FE0-FD0C0E87F230"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.9.225",
"versionEndExcluding": "4.10",
"matchCriteriaId": "1F06A06D-F043-4FC9-8009-F0FF564F7BE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.14.182",
"versionEndExcluding": "4.15",
"matchCriteriaId": "8ABA63F0-043F-4A44-A038-EB4D78183624"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.19.125",
"versionEndExcluding": "4.20",
"matchCriteriaId": "DE8BC53C-081C-4C0C-8FA5-AFEA4ACDB827"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4.43",
"versionEndExcluding": "5.5",
"matchCriteriaId": "C0BB4958-AAEF-4720-B7E3-1682593B506A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.6.15",
"versionEndExcluding": "5.15.35",
"matchCriteriaId": "5705436C-E633-494B-88B3-ED262B8D5848"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.4",
"matchCriteriaId": "E22C86CB-06CD-4D16-AB2A-F21EE8199262"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6AD94161-84BB-42E6-9882-4FC0C42E9FC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.18:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7AB06DDF-3C2B-416D-B448-E990D8FF67A9"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2f345bb14ad4744950499ff222e2899209297afa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/993eb48fa199b5f476df8204e652eff63dd19361",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c74d77a2d07744147d734138acd6ce9dba715e5d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

136
CVE-2022/CVE-2022-490xx/CVE-2022-49060.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49060",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:00:43.257",
"lastModified": "2025-02-26T07:00:43.257",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T18:15:10.113",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,27 +15,127 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/smc: Se ha corregido la desreferencia de puntero NULL en smc_pnet_find_ib(). Se llamaba a dev_name() con dev.parent como argumento, pero sin comprobarlo antes. Se soluciona comprobando el puntero antes de llamar a dev_name()."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/22025513ced3d599ee8b24169141c95cf2467a4a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/35b91e49bc80ca944a8679c3b139ddaf2f8eea0f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/3a523807f01455fe9a0c1a433f27cd4411ee400f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/a05f5e26cb8bb4d07e0595545fcad1bb406f0085",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d22f4f977236f97e01255a80bca2ea93a8094fc8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1",
"versionEndExcluding": "5.4.190",
"matchCriteriaId": "710BF4DC-05B8-458F-A722-601C62E5727A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.112",
"matchCriteriaId": "0460A5D2-3024-497A-B799-23E025B91972"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.35",
"matchCriteriaId": "05ABCC3F-88A9-47F9-9D40-8665747B2E43"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.4",
"matchCriteriaId": "E22C86CB-06CD-4D16-AB2A-F21EE8199262"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6AD94161-84BB-42E6-9882-4FC0C42E9FC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.18:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7AB06DDF-3C2B-416D-B448-E990D8FF67A9"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/22025513ced3d599ee8b24169141c95cf2467a4a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/35b91e49bc80ca944a8679c3b139ddaf2f8eea0f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3a523807f01455fe9a0c1a433f27cd4411ee400f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a05f5e26cb8bb4d07e0595545fcad1bb406f0085",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d22f4f977236f97e01255a80bca2ea93a8094fc8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

136
CVE-2022/CVE-2022-490xx/CVE-2022-49061.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49061",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:00:43.353",
"lastModified": "2025-02-26T07:00:43.353",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T18:27:09.130",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,27 +15,127 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ethernet: stmmac: corregir la funci\u00f3n altr_tse_pcs al usar un enlace fijo Al usar un enlace fijo, el controlador altr_tse_pcs se bloquea debido a la desreferencia de puntero nulo ya que no se proporciona ning\u00fan phy_device a la funci\u00f3n tse_pcs_fix_mac_speed. Solucione esto agregando una verificaci\u00f3n para phy_dev antes de llamar a la funci\u00f3n tse_pcs_fix_mac_speed(). Tambi\u00e9n limpie un poco la funci\u00f3n tse_pcs_fix_mac_speed. No es necesario verificar splitter_base y sgmii_adapter_base porque el controlador fallar\u00e1 si estas 2 variables no se derivan del \u00e1rbol de dispositivos."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/08d5e3e954537931c8da7428034808d202e98299",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/62a48383ebe2e159fd68425dd3e16d4c6bd6599a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/6c020f05253df04c3480b586fe188a3582740049",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/7e59fdf9547c4f948d1d917ec7ffa5fb5ac53bdb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a6aaa00324240967272b451bfa772547bd576ee6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.8",
"versionEndExcluding": "5.4.190",
"matchCriteriaId": "F4E320DD-6380-49A1-A405-A9F34A6A0EF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.112",
"matchCriteriaId": "0460A5D2-3024-497A-B799-23E025B91972"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.35",
"matchCriteriaId": "05ABCC3F-88A9-47F9-9D40-8665747B2E43"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.4",
"matchCriteriaId": "E22C86CB-06CD-4D16-AB2A-F21EE8199262"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6AD94161-84BB-42E6-9882-4FC0C42E9FC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.18:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7AB06DDF-3C2B-416D-B448-E990D8FF67A9"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/08d5e3e954537931c8da7428034808d202e98299",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/62a48383ebe2e159fd68425dd3e16d4c6bd6599a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6c020f05253df04c3480b586fe188a3582740049",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7e59fdf9547c4f948d1d917ec7ffa5fb5ac53bdb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a6aaa00324240967272b451bfa772547bd576ee6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

86
CVE-2022/CVE-2022-490xx/CVE-2022-49062.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49062",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:00:43.450",
"lastModified": "2025-02-26T07:00:43.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T18:32:22.413",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,85 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: cachefiles: corrige el error KASAN slab-out-of-bounds en cachefiles_set_volume_xattr. Usa la longitud real de los datos de coherencia del volumen al configurar xattr para evitar el siguiente informe KASAN. ERROR: KASAN: slab-out-of-bounds en cachefiles_set_volume_xattr+0xa0/0x350 [cachefiles] Escritura de tama\u00f1o 4 en la direcci\u00f3n ffff888101e02af4 por la tarea kworker/6:0/1347 CPU: 6 PID: 1347 Comm: kworker/6:0 Kdump: cargado No contaminado 5.18.0-rc1-nfs-fscache-netfs+ #13 Nombre del hardware: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-4.fc34 04/01/2014 Cola de trabajo: eventos fscache_create_volume_work [fscache] Seguimiento de llamadas: dump_stack_lvl+0x45/0x5a print_report.cold+0x5e/0x5db ? __lock_text_start+0x8/0x8 ? cachefiles_set_volume_xattr+0xa0/0x350 [cachefiles] kasan_report+0xab/0x120 ? cachefiles_set_volume_xattr+0xa0/0x350 [cachefiles] kasan_check_range+0xf5/0x1d0 memcpy+0x39/0x60 cachefiles_set_volume_xattr+0xa0/0x350 [cachefiles] cachefiles_acquire_volume+0x2be/0x500 [cachefiles] ? __cachefiles_free_volume+0x90/0x90 [cachefiles] fscache_create_volume_work+0x68/0x160 [fscache] process_one_work+0x3b7/0x6a0 worker_thread+0x2c4/0x650 ? process_one_work+0x6a0/0x6a0 kthread+0x16c/0x1a0 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x22/0x30 Asignado por la tarea 1347: kasan_save_stack+0x1e/0x40 __kasan_kmalloc+0x81/0xa0 cachefiles_set_volume_xattr+0x76/0x350 [archivos de cach\u00e9] cachefiles_acquire_volume+0x2be/0x500 [archivos de cach\u00e9] fscache_create_volume_work+0x68/0x160 [fscache] process_one_work+0x3b7/0x6a0 worker_thread+0x2c4/0x650 kthread+0x16c/0x1a0 ret_from_fork+0x22/0x30 La direcci\u00f3n con errores pertenece a el objeto en ffff888101e02af0 que pertenece al cach\u00e9 kmalloc-8 de tama\u00f1o 8 La direcci\u00f3n con errores se encuentra 4 bytes dentro de la regi\u00f3n de 8 bytes [ffff888101e02af0, ffff888101e02af8) La direcci\u00f3n con errores pertenece a la p\u00e1gina f\u00edsica: page:00000000a2292d70 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e02 flags: 0x17ffffc0000200(slab|node=0|zone=2|lastcpupid=0x1fffff) raw: 0017ffffc0000200 0000000000000000 dead000000000001 ffff888100042280 raw: 0000000000000000 0000000080660066 00000001ffffffff 00000000000000000 p\u00e1gina volcada porque: kasan: se detect\u00f3 mal acceso Estado de la memoria alrededor de la direcci\u00f3n con errores: ffff888101e02980: FC 00 FC FC FC FC 00 FC FC FC FC 00 FC FC FC FC ffff888101e02a00: 00 FC FC FC FC 00 FC FC FC FC 00 FC FC FC FC 00 >ffff888101e02a80: FC FC FC FC 00 FC FC fc fc 00 fc fc fc fc 04 fc ^ ffff888101e02b00: fc fc fc 00 fc fc fc fc 00 fc fc fc fc 00 fc fc ffff888101e02b80: fc fc 00 fc fc fc fc 00 fc fc fc fc 00 fc fc fc ====================================================================="
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/09a5df1b88c8f126c8ff9938edf160edd4e92f42",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/7b2f6c306601240635c72caa61f682e74d4591b2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17",
"versionEndExcluding": "5.17.4",
"matchCriteriaId": "62D8CC4C-A7BD-4651-8B8B-B5D5AABB585E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6AD94161-84BB-42E6-9882-4FC0C42E9FC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.18:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7AB06DDF-3C2B-416D-B448-E990D8FF67A9"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/09a5df1b88c8f126c8ff9938edf160edd4e92f42",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7b2f6c306601240635c72caa61f682e74d4591b2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

118
CVE-2022/CVE-2022-490xx/CVE-2022-49065.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49065",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:00:43.723",
"lastModified": "2025-02-26T07:00:43.723",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T18:45:18.623",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,113 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: SUNRPC: Arreglar la clase de seguimiento svc_deferred_event Arreglar un fallo de desreferencia NULL que ocurre cuando se aplaza un svc_rqst mientras el subsistema de seguimiento sunrpc est\u00e1 habilitado. svc_revisit() establece dr->xprt en NULL, por lo que no se puede confiar en \u00e9l en el punto de seguimiento para proporcionar la direcci\u00f3n del control remoto. Desafortunadamente, no podemos revertir el trozo \"svc_deferred_class\" en el commit ece200ddd54b (\"sunrpc: Guardar la direcci\u00f3n de presentaci\u00f3n remota en svc_xprt para eventos de seguimiento\") porque ahora hay una comprobaci\u00f3n espec\u00edfica de especificadores de formato de evento para desreferencias inseguras. La advertencia que emite la comprobaci\u00f3n es: el evento svc_defer_recv tiene una desreferencia insegura del argumento 1 Un especificador de formato \"%pISpc\" con un \"struct sockaddr *\" est\u00e1 marcado por esta comprobaci\u00f3n. En su lugar, adopte el enfoque de fuerza bruta utilizado por el punto de seguimiento svcrdma_qp_error. Convierta el campo dr::addr en una direcci\u00f3n de presentaci\u00f3n en el brazo TP_fast_assign() del evento de seguimiento y almac\u00e9nelo como una cadena. Esta correcci\u00f3n se puede implementar en kernels estables. Mientras tanto, el commit c6ced22997ad (\"seguimiento: Actualizar la comprobaci\u00f3n de impresi\u00f3n fmt para manejar la nueva macro __get_sockaddr()\") ahora est\u00e1 en v5.18, por lo que esta correcci\u00f3n complicada se puede reemplazar con __sockaddr() y similares correctamente durante la ventana de fusi\u00f3n de v5.19."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/4d5004451ab2218eab94a30e1841462c9316ba19",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/726ae7300fcc25fefa46d188cc07eb16dc908f9e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/85ee17ca21cf92989e8c923e3ea4514c291e9d38",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/c2456f470eea3bd06574d988bf6089e7c3f4c5cc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.17",
"versionEndExcluding": "5.10.112",
"matchCriteriaId": "6DEF5532-F330-4A6A-B903-C82DBA088C88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.35",
"matchCriteriaId": "05ABCC3F-88A9-47F9-9D40-8665747B2E43"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.4",
"matchCriteriaId": "E22C86CB-06CD-4D16-AB2A-F21EE8199262"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6AD94161-84BB-42E6-9882-4FC0C42E9FC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.18:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7AB06DDF-3C2B-416D-B448-E990D8FF67A9"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4d5004451ab2218eab94a30e1841462c9316ba19",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/726ae7300fcc25fefa46d188cc07eb16dc908f9e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/85ee17ca21cf92989e8c923e3ea4514c291e9d38",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c2456f470eea3bd06574d988bf6089e7c3f4c5cc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

102
CVE-2022/CVE-2022-490xx/CVE-2022-49070.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49070",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:00:44.217",
"lastModified": "2025-02-26T07:00:44.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T18:47:17.543",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,97 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fbdev: Se corrige la anulaci\u00f3n del registro de los framebuffers sin dispositivo. Los framebuffers OF no tienen un dispositivo subyacente en la jerarqu\u00eda de dispositivos de Linux. Se realiza una llamada de anulaci\u00f3n del registro normal en lugar de desconectar en caliente un dispositivo inexistente. Se corrige una desreferencia NULL. A continuaci\u00f3n se muestra un mensaje de error de ejemplo en ppc64le. ERROR: Desreferencia de puntero NULL del kernel en lectura en 0x00000060 Direcci\u00f3n de instrucci\u00f3n con error: 0xc00000000080dfa4 Oops: Acceso del kernel al \u00e1rea defectuosa, firma: 11 [#1] LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries [...] CPU: 2 PID: 139 Comm: systemd-udevd No contaminado 5.17.0-ae085d7f9365 #1 NIP: c00000000080dfa4 LR: c00000000080df9c CTR: c000000000797430 REGS: c000000004132fe0 TRAP: 0300 No contaminado (5.17.0-ae085d7f9365) MSR: 8000000002009033 CR: 28228282 XER: 20000000 CFAR: c00000000000c80c DAR: 0000000000000060 DSISR: 40000000 IRQMASK: 0 GPR00: c00000000080df9c c000000004133280 c00000000169d200 0000000000000029 GPR04: 00000000fffffff c000000004132f90 c000000004132f88 00000000000000000 GPR08: c0000000015658f8 c0000000015cd200 c0000000014f57d0 0000000048228283 GPR12: 000000000000000 c0000003fffe300 000000002000000 000000000000000 GPR16: 000000000000000 0000000113fc4a40 000000000000005 0000000113fcfb80 GPR20: 000001000f7283b0 0000000000000000 c000000000e4a588 c000000000e4a5b0 GPR24: 0000000000000001 00000000000a000 c008000000db0168 c0000000021f6ec0 GPR28: c0000000016d65a8 c000000004b36460 000000000000000 c0000000016d64b0 PIP [c00000000080dfa4] do_remove_conflicting_framebuffers+0x184/0x1d0 [c000000004133280] [c00000000080df9c] do_remove_conflicting_framebuffers+0x17c/0x1d0 (no confiable) [c000000004133350] [c00000000080e4d0] remove_conflicting_framebuffers+0x60/0x150 [c0000000041333a0] [c00000000080e6f4] remove_conflicting_pci_framebuffers+0x134/0x1b0 [c000000004133450] [c008000000e70438] drm_aperture_remove_conflicting_pci_framebuffers+0x90/0x100 [drm] [c000000004133490] [c008000000da0ce4] bochs_pci_probe+0x6c/0xa64 [bochs] [...] [c000000004133db0] [c00000000002aaa0] system_call_exception+0x170/0x2d0 [c000000004133e10] [c00000000000c3cc] system_call_common+0xec/0x250 El error [1] fue introducido por el commit 27599aacbaef (\"fbdev: Desconexi\u00f3n en caliente dispositivos fb de firmware en caso de eliminaci\u00f3n forzada\"). La mayor\u00eda de los framebuffers de firmware tienen un dispositivo de plataforma subyacente, que se puede desconectar en caliente antes de cargar el controlador de gr\u00e1ficos nativo. Los framebuffers de OF no tienen (todav\u00eda) ese dispositivo. Corrija el c\u00f3digo anulando el registro del framebuffer como antes sin una desconexi\u00f3n en caliente. Probado con 5.17 en emulaci\u00f3n qemu ppc64le."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/0f525289ff0ddeb380813bd81e0f9bdaaa1c9078",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/2388f826cdc9af2651991adc0feb79de9bdf2232",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/de33df481545974ba47c46f05194e769e4307843",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/feed87ff122b1640c221d4dd559442ab2cd50bb1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15.33:*:*:*:*:*:*:*",
"matchCriteriaId": "6131A2B3-2D6E-458C-84F4-DD3DAA7821FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16.19:*:*:*:*:*:*:*",
"matchCriteriaId": "C2874235-06C6-40EC-97B6-C17C6985DE5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B77A5-BC82-489A-BB4D-89562A8B34E4"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0f525289ff0ddeb380813bd81e0f9bdaaa1c9078",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2388f826cdc9af2651991adc0feb79de9bdf2232",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/de33df481545974ba47c46f05194e769e4307843",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/feed87ff122b1640c221d4dd559442ab2cd50bb1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

113
CVE-2022/CVE-2022-490xx/CVE-2022-49071.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49071",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:00:44.323",
"lastModified": "2025-02-26T07:00:44.323",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T18:47:30.713",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,108 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/panel: ili9341: se corrige la gesti\u00f3n del regulador opcional. Si la b\u00fasqueda del regulador opcional falla, restablece el puntero a NULL. Otras funciones como mipi_dbi_poweron_reset_conditional() solo realizan una verificaci\u00f3n del puntero NULL y, de lo contrario, desreferenciar\u00e1n el puntero de error."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/28dc1503a9d36654f9c61adb2915682515a30f71",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/4ea189854b1e625ed5ec80d30147870f984db44c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/d14eb80e27795b7b20060f7b151cdfe39722a813",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/e3d982c111a6c033671dd6084b07f62fbf50f76f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.34",
"matchCriteriaId": "918697A2-B45C-4A04-8049-AFAB4BE2444E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.20",
"matchCriteriaId": "ABBBA66E-0244-4621-966B-9790AF1EEB00"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17",
"versionEndExcluding": "5.17.3",
"matchCriteriaId": "AE420AC7-1E59-4398-B84F-71F4B4337762"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6AD94161-84BB-42E6-9882-4FC0C42E9FC1"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/28dc1503a9d36654f9c61adb2915682515a30f71",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4ea189854b1e625ed5ec80d30147870f984db44c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d14eb80e27795b7b20060f7b151cdfe39722a813",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e3d982c111a6c033671dd6084b07f62fbf50f76f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

42
CVE-2023/CVE-2023-225xx/CVE-2023-22514.json
View File

@ -2,15 +2,47 @@
"id": "CVE-2023-22514",
"sourceIdentifier": "security@atlassian.com",
"published": "2024-01-16T18:15:09.170",
"lastModified": "2024-01-16T18:15:09.170",
"vulnStatus": "Rejected",
"lastModified": "2025-03-18T17:15:39.890",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used."
"value": "This High severity RCE (Remote Code Execution) vulnerability was introduced in version 3.4.14 of Sourcetree for Mac and Sourcetree for Windows. \r\n\t\r\n\tThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.8, and a CVSS Vector of: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H which allows an unauthenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction. \r\n\t\r\n\tAtlassian recommends that Sourcetree for Mac and Sourcetree for Windows customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:\r\n\t\t\r\n\t\tSourcetree for Mac and Sourcetree for Windows 3.4: Upgrade to a release greater than or equal to 3.4.15\r\n\t\t\r\n\t\t\r\n\t\r\n\tSee the release notes (https://www.sourcetreeapp.com/download-archives). You can download the latest version of Sourcetree for Mac and Sourcetree for Windows from the download center (https://www.sourcetreeapp.com/download-archives). \r\n\t\r\n\tThis vulnerability was reported via our Penetration Testing program."
}
],
"metrics": {},
"references": []
"metrics": {
"cvssMetricV30": [
{
"source": "security@atlassian.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1299929380",
"source": "security@atlassian.com"
},
{
"url": "https://jira.atlassian.com/browse/SRCTREE-8076",
"source": "security@atlassian.com"
}
]
}

32
CVE-2023/CVE-2023-232xx/CVE-2023-23279.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-23279",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T19:15:11.757",
"lastModified": "2024-11-21T07:45:56.123",
"lastModified": "2025-03-18T17:15:40.070",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-240xx/CVE-2023-24078.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24078",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T07:15:11.633",
"lastModified": "2024-11-21T07:47:22.507",
"lastModified": "2025-03-18T17:15:40.340",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-94"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-242xx/CVE-2023-24219.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24219",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T07:15:11.817",
"lastModified": "2024-11-21T07:47:35.860",
"lastModified": "2025-03-18T17:15:40.837",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-242xx/CVE-2023-24220.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24220",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T07:15:11.990",
"lastModified": "2024-11-21T07:47:35.990",
"lastModified": "2025-03-18T17:15:41.153",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-242xx/CVE-2023-24221.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24221",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T07:15:12.160",
"lastModified": "2024-11-21T07:47:36.130",
"lastModified": "2025-03-18T17:15:41.430",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-243xx/CVE-2023-24329.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24329",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T15:15:12.243",
"lastModified": "2024-11-21T07:47:40.647",
"lastModified": "2025-03-18T17:15:41.693",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

22
CVE-2023/CVE-2023-263xx/CVE-2023-26314.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26314",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-22T07:15:10.900",
"lastModified": "2024-11-21T07:51:06.433",
"lastModified": "2025-03-18T17:15:42.133",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

39
CVE-2023/CVE-2023-271xx/CVE-2023-27113.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27113",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T22:15:09.823",
"lastModified": "2025-02-18T21:15:15.423",
"lastModified": "2025-03-18T18:15:26.300",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que pearProjectApi v2.8.10 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro organizationCode en project.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/a54552239/pearProjectApi/issues/31",

39
CVE-2023/CVE-2023-343xx/CVE-2023-34398.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-34398",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T22:15:10.603",
"lastModified": "2025-02-18T18:15:14.820",
"lastModified": "2025-03-18T18:15:26.457",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La unidad principal Mercedes-Benz NTG6 contiene funciones para importar o exportar configuraciones de perfil a trav\u00e9s de USB. Algunos valores de esta tabla son archivos serializados seg\u00fan la librer\u00eda Boost. La librer\u00eda Boost contiene una vulnerabilidad/desreferencia de puntero nulo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",

39
CVE-2023/CVE-2023-344xx/CVE-2023-34403.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-34403",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T23:15:09.440",
"lastModified": "2025-02-13T23:15:09.440",
"lastModified": "2025-03-18T17:15:42.447",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La unidad principal NTG6 de Mercedes-Benz tiene pines Ethernet en la placa base para conectar el m\u00f3dulo CSB. Un atacante puede conectarse a estos pines y obtener acceso a la red interna. Se puede adquirir una condici\u00f3n de ejecuci\u00f3n y el atacante puede falsificar \u201cUserData\u201d con la ruta de archivo deseada y acceder a ella a trav\u00e9s de una copia de seguridad en USB."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.5,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",

6
CVE-2023/CVE-2023-408xx/CVE-2023-40830.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-40830",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T20:15:09.967",
"lastModified": "2024-11-21T08:20:11.373",
"lastModified": "2025-03-18T18:15:26.607",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -81,6 +81,10 @@
}
],
"references": [
{
"url": "https://github.com/BugAlice01/CVE/tree/main/CVE-2023-40830",
"source": "cve@mitre.org"
},
{
"url": "https://reference1.example.com/goform/WifiWpsOOB",
"source": "cve@mitre.org",

109
CVE-2023/CVE-2023-491xx/CVE-2023-49109.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49109",
"sourceIdentifier": "security@apache.org",
"published": "2024-02-20T10:15:07.927",
"lastModified": "2024-11-21T08:32:50.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T17:37:00.060",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,38 +51,85 @@
]
}
],
"references": [
"configurations": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/20/4",
"source": "security@apache.org"
},
"nodes": [
{
"url": "https://github.com/apache/dolphinscheduler/pull/14991",
"source": "security@apache.org"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://lists.apache.org/thread/5b6yq2gov0fsy9x5dkvo8ws4rr45vkn8",
"source": "security@apache.org"
},
{
"url": "https://lists.apache.org/thread/6kgsl93vtqlbdk6otttl0d8wmlspk0m5",
"source": "security@apache.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/20/4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://github.com/apache/dolphinscheduler/pull/14991",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.apache.org/thread/5b6yq2gov0fsy9x5dkvo8ws4rr45vkn8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.apache.org/thread/6kgsl93vtqlbdk6otttl0d8wmlspk0m5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:dolphinscheduler:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0.0 ",
"versionEndExcluding": "3.2.1",
"matchCriteriaId": "39833A23-5C26-4210-8BEE-54C3195A4A3C"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/20/4",
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/apache/dolphinscheduler/pull/14991",
"source": "security@apache.org",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://lists.apache.org/thread/5b6yq2gov0fsy9x5dkvo8ws4rr45vkn8",
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.apache.org/thread/6kgsl93vtqlbdk6otttl0d8wmlspk0m5",
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/20/4",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/apache/dolphinscheduler/pull/14991",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://lists.apache.org/thread/5b6yq2gov0fsy9x5dkvo8ws4rr45vkn8",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.apache.org/thread/6kgsl93vtqlbdk6otttl0d8wmlspk0m5",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

86
CVE-2023/CVE-2023-492xx/CVE-2023-49250.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49250",
"sourceIdentifier": "security@apache.org",
"published": "2024-02-20T10:15:08.040",
"lastModified": "2025-02-13T18:15:43.257",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T17:37:50.467",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,30 +51,70 @@
]
}
],
"references": [
"configurations": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/20/1",
"source": "security@apache.org"
},
"nodes": [
{
"url": "https://github.com/apache/dolphinscheduler/pull/15288",
"source": "security@apache.org"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://lists.apache.org/thread/wgs2jvhbmq8xnd6rmg0ymz73nyj7b3qn",
"source": "security@apache.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/20/1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://github.com/apache/dolphinscheduler/pull/15288",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.apache.org/thread/wgs2jvhbmq8xnd6rmg0ymz73nyj7b3qn",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:dolphinscheduler:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1",
"matchCriteriaId": "EA8D19E0-BC4F-4F9C-A389-BB4D41183206"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/20/1",
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/apache/dolphinscheduler/pull/15288",
"source": "security@apache.org",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://lists.apache.org/thread/wgs2jvhbmq8xnd6rmg0ymz73nyj7b3qn",
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/20/1",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/apache/dolphinscheduler/pull/15288",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://lists.apache.org/thread/wgs2jvhbmq8xnd6rmg0ymz73nyj7b3qn",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

109
CVE-2023/CVE-2023-502xx/CVE-2023-50270.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50270",
"sourceIdentifier": "security@apache.org",
"published": "2024-02-20T10:15:08.140",
"lastModified": "2024-11-21T08:36:47.543",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T17:38:29.743",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,38 +61,85 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/apache/dolphinscheduler/pull/15219",
"source": "security@apache.org"
},
"nodes": [
{
"url": "https://lists.apache.org/thread/94prw8hyk60vvw7s6cs3tr708qzqlwl6",
"source": "security@apache.org"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://lists.apache.org/thread/lmnf21obyos920dnvbfpwq29c1sd2r9r",
"source": "security@apache.org"
},
{
"url": "https://www.openwall.com/lists/oss-security/2024/02/20/3",
"source": "security@apache.org"
},
{
"url": "https://github.com/apache/dolphinscheduler/pull/15219",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.apache.org/thread/94prw8hyk60vvw7s6cs3tr708qzqlwl6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.apache.org/thread/lmnf21obyos920dnvbfpwq29c1sd2r9r",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.openwall.com/lists/oss-security/2024/02/20/3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:dolphinscheduler:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.3.8",
"versionEndExcluding": "3.2.1",
"matchCriteriaId": "7870A4CC-1A8D-4E9A-9302-F31B465A8C20"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/apache/dolphinscheduler/pull/15219",
"source": "security@apache.org",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://lists.apache.org/thread/94prw8hyk60vvw7s6cs3tr708qzqlwl6",
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.apache.org/thread/lmnf21obyos920dnvbfpwq29c1sd2r9r",
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.openwall.com/lists/oss-security/2024/02/20/3",
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/apache/dolphinscheduler/pull/15219",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://lists.apache.org/thread/94prw8hyk60vvw7s6cs3tr708qzqlwl6",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.apache.org/thread/lmnf21obyos920dnvbfpwq29c1sd2r9r",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.openwall.com/lists/oss-security/2024/02/20/3",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

86
CVE-2024/CVE-2024-233xx/CVE-2024-23320.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23320",
"sourceIdentifier": "security@apache.org",
"published": "2024-02-23T17:15:08.570",
"lastModified": "2025-02-13T18:17:01.897",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T17:54:12.460",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,48 +49,110 @@
"value": "CWE-20"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:dolphinscheduler:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.1",
"matchCriteriaId": "EA8D19E0-BC4F-4F9C-A389-BB4D41183206"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/23/3",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/apache/dolphinscheduler/pull/15487",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://lists.apache.org/thread/25qhfvlksozzp6j9y8ozznvjdjp3lxqq",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.apache.org/thread/p7rwzdgrztdfps8x1bwx646f1mn0x6cp",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.apache.org/thread/tnf99qoc6tlnwrny4t1zk6mfszgdsokm",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/23/3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/apache/dolphinscheduler/pull/15487",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://lists.apache.org/thread/25qhfvlksozzp6j9y8ozznvjdjp3lxqq",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.apache.org/thread/p7rwzdgrztdfps8x1bwx646f1mn0x6cp",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.apache.org/thread/tnf99qoc6tlnwrny4t1zk6mfszgdsokm",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

41
CVE-2024/CVE-2024-239xx/CVE-2024-23928.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23928",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2025-01-31T00:15:09.030",
"lastModified": "2025-02-18T19:15:14.770",
"lastModified": "2025-03-18T18:15:26.757",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -12,10 +12,45 @@
},
{
"lang": "es",
"value": "Esta vulnerabilidad permite a los atacantes adyacentes a la red comprometer la integridad de la informaci\u00f3n descargada en las instalaciones afectadas de los dispositivos Pioneer DMH-WT7600NEX. No se requiere autenticaci\u00f3n para explotar esta vulnerabilidad. La falla espec\u00edfica existe dentro de la funcionalidad telem\u00e1tica, que opera a trav\u00e9s de HTTPS. El problema es el resultado de la falta de una validaci\u00f3n adecuada del certificado presentado por el servidor. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto de la ra\u00edz."
"value": "Esta vulnerabilidad permite a los atacantes adyacentes a la red comprometer la integridad de la informaci\u00f3n descargada en las instalaciones afectadas de los dispositivos Pioneer DMH-WT7600NEX. No se requiere autenticaci\u00f3n para explotar esta vulnerabilidad. La falla espec\u00edfica existe dentro de la funcionalidad telem\u00e1tica, que opera a trav\u00e9s de HTTPS. El problema es el resultado de la falta de una validaci\u00f3n adecuada del certificado presentado por el servidor. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del root.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1045/",

80
CVE-2024/CVE-2024-263xx/CVE-2024-26310.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26310",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-21T20:15:46.800",
"lastModified": "2024-11-21T09:02:20.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T17:39:03.147",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -51,22 +71,52 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://archerirm.com",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/716134",
"source": "cve@mitre.org"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://archerirm.com",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/716134",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:archerirm:archer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.0.2",
"matchCriteriaId": "5C05628B-2F55-4434-97A2-02B2074ECFBB"
}
]
}
]
}
],
"references": [
{
"url": "https://archerirm.com",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/716134",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://archerirm.com",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/716134",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-263xx/CVE-2024-26311.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26311",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-21T20:15:46.967",
"lastModified": "2024-11-21T09:02:20.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T17:53:45.870",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -71,22 +71,52 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://archerirm.com",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/716134",
"source": "cve@mitre.org"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://archerirm.com",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/716134",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:archerirm:archer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.0.2.1",
"matchCriteriaId": "BF726E00-538F-49C5-ABCC-B45674F16FB1"
}
]
}
]
}
],
"references": [
{
"url": "https://archerirm.com",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/716134",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://archerirm.com",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/716134",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-263xx/CVE-2024-26312.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26312",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-06T16:15:13.180",
"lastModified": "2024-11-21T09:02:21.183",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T17:27:43.123",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,22 +51,52 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://archerirm.com",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "cve@mitre.org"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://archerirm.com",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:archerirm:archer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.03",
"matchCriteriaId": "FB9541F4-9921-4907-ABCF-EFB8B0674BCF"
}
]
}
]
}
],
"references": [
{
"url": "https://archerirm.com",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://archerirm.com",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

87
CVE-2024/CVE-2024-263xx/CVE-2024-26313.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26313",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-08T02:15:50.830",
"lastModified": "2024-11-21T09:02:21.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T17:27:14.377",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.1,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,22 +71,59 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://archerirm.com",
"source": "cve@mitre.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:archerirm:archer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.0.3.1",
"matchCriteriaId": "18BBEFF3-9089-47D1-BF5A-4B924711DD3F"
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/717102",
"source": "cve@mitre.org"
},
{
"url": "https://archerirm.com",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/717102",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:archerirm:archer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.14.0",
"versionEndExcluding": "6.14.0.2.2",
"matchCriteriaId": "593273EA-DC85-4AD4-8426-E20A8CF54309"
}
]
}
]
}
],
"references": [
{
"url": "https://archerirm.com",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/717102",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://archerirm.com",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/717102",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

273
CVE-2024/CVE-2024-268xx/CVE-2024-26812.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26812",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-05T09:15:09.283",
"lastModified": "2024-11-21T09:03:07.927",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T17:04:12.737",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,75 +15,216 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: vfio/pci: crear un controlador INTx persistente Existe una vulnerabilidad donde se puede desconfigurar el eventfd para la se\u00f1alizaci\u00f3n INTx, lo que anula el registro del controlador IRQ pero a\u00fan permite que los eventfds se se\u00f1alen con un contexto NULL a trav\u00e9s de el SET_IRQS ioctl o mediante unmask irqfd si la interrupci\u00f3n del dispositivo est\u00e1 pendiente. Idealmente, esto podr\u00eda solucionarse con alg\u00fan bloqueo adicional; el igate mutex serializa los accesos al espacio ioctl y de configuraci\u00f3n, y el controlador de interrupciones no est\u00e1 registrado en relaci\u00f3n con el disparador, pero la ruta irqfd se ejecuta de forma asincr\u00f3nica con respecto a ellos. El mutex igate no se puede adquirir desde el contexto at\u00f3mico de la funci\u00f3n de activaci\u00f3n eventfd. Deshabilitar el irqfd en relaci\u00f3n con el registro de eventfd es potencialmente incompatible con el espacio de usuario existente. Como resultado, la soluci\u00f3n implementada aqu\u00ed mueve la configuraci\u00f3n del controlador de interrupciones INTx para rastrear la vida \u00fatil del objeto de contexto INTx y la configuraci\u00f3n irq_type, en lugar del registro de un evento desencadenante particular. Se agrega sincronizaci\u00f3n entre la ruta ioctl y el contenedor eventfd_signal() de modo que el disparador eventfd se pueda actualizar din\u00e1micamente en relaci\u00f3n con las interrupciones en curso o las devoluciones de llamada irqfd."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/0e09cf81959d9f12b75ad5c6dd53d237432ed034",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/18c198c96a815c962adc2b9b77909eec0be7df4d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/27d40bf72dd9a6600b76ad05859176ea9a1b4897",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/4c089cefe30924fbe20dd1ee92774ea1f5eca834",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4cb0d7532126d23145329826c38054b4e9a05e7c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/69276a555c740acfbff13fb5769ee9c92e1c828e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7d29d4c72c1e196cce6969c98072a272d1a703b3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b18fa894d615c8527e15d96b76c7448800e13899",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0e09cf81959d9f12b75ad5c6dd53d237432ed034",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/18c198c96a815c962adc2b9b77909eec0be7df4d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/27d40bf72dd9a6600b76ad05859176ea9a1b4897",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/4c089cefe30924fbe20dd1ee92774ea1f5eca834",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/4cb0d7532126d23145329826c38054b4e9a05e7c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/69276a555c740acfbff13fb5769ee9c92e1c828e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/7d29d4c72c1e196cce6969c98072a272d1a703b3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/b18fa894d615c8527e15d96b76c7448800e13899",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.6",
"versionEndExcluding": "6.1.84",
"matchCriteriaId": "ADFF9FF1-413F-4606-9C95-7A20215ACD86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.24",
"matchCriteriaId": "8018C1D0-0A5F-48D0-BC72-A2B33FDDA693"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.12",
"matchCriteriaId": "6BE9771A-BAFD-4624-95F9-58D536540C53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.8.3",
"matchCriteriaId": "4C59BBC3-6495-4A77-9C82-55EC7CDF5E02"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0e09cf81959d9f12b75ad5c6dd53d237432ed034",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/18c198c96a815c962adc2b9b77909eec0be7df4d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/27d40bf72dd9a6600b76ad05859176ea9a1b4897",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4c089cefe30924fbe20dd1ee92774ea1f5eca834",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4cb0d7532126d23145329826c38054b4e9a05e7c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/69276a555c740acfbff13fb5769ee9c92e1c828e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7d29d4c72c1e196cce6969c98072a272d1a703b3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b18fa894d615c8527e15d96b76c7448800e13899",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0e09cf81959d9f12b75ad5c6dd53d237432ed034",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/18c198c96a815c962adc2b9b77909eec0be7df4d",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/27d40bf72dd9a6600b76ad05859176ea9a1b4897",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4c089cefe30924fbe20dd1ee92774ea1f5eca834",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4cb0d7532126d23145329826c38054b4e9a05e7c",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/69276a555c740acfbff13fb5769ee9c92e1c828e",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7d29d4c72c1e196cce6969c98072a272d1a703b3",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b18fa894d615c8527e15d96b76c7448800e13899",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

79
CVE-2024/CVE-2024-340xx/CVE-2024-34089.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34089",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-06T16:15:13.240",
"lastModified": "2024-11-21T09:18:04.370",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T17:30:05.407",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,92 @@
},
"exploitabilityScore": 2.1,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:archerirm:archer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.0.3",
"matchCriteriaId": "E4643898-6CFC-4F96-8564-BE6A46E7B75F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:archerirm:archer:2024.03:*:*:*:*:*:*:*",
"matchCriteriaId": "14B1EA5F-1E5D-4A30-88E5-4460188A7D19"
}
]
}
]
}
],
"references": [
{
"url": "https://archerirm.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://archerirm.com",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

85
CVE-2024/CVE-2024-340xx/CVE-2024-34090.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34090",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-06T16:15:13.423",
"lastModified": "2024-11-21T09:18:04.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T17:30:14.290",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.1,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,22 +71,57 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://archerirm.com",
"source": "cve@mitre.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:archerirm:archer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.0.3",
"matchCriteriaId": "E4643898-6CFC-4F96-8564-BE6A46E7B75F"
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "cve@mitre.org"
},
{
"url": "https://archerirm.com",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:archerirm:archer:2024.03:*:*:*:*:*:*:*",
"matchCriteriaId": "14B1EA5F-1E5D-4A30-88E5-4460188A7D19"
}
]
}
]
}
],
"references": [
{
"url": "https://archerirm.com",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://archerirm.com",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-364xx/CVE-2024-36426.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36426",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-27T22:15:08.507",
"lastModified": "2025-01-14T17:15:16.953",
"lastModified": "2025-03-18T18:15:26.930",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En TARGIT Decision Suite 23.2.15007.0 anterior al oto\u00f1o de 2023, el token de sesi\u00f3n es parte de la URL y puede enviarse en una sesi\u00f3n HTTP de texto sin cifrar."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
}
],
"references": [
{
"url": "https://community.targit.com/hc/en-us/articles/12618082416028-Change-Log-On-prem",

34
CVE-2024/CVE-2024-412xx/CVE-2024-41256.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41256",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-31T21:15:18.117",
"lastModified": "2024-08-15T14:27:18.487",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T18:15:27.097",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-295"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-441xx/CVE-2024-44128.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44128",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-09-17T00:15:50.040",
"lastModified": "2024-09-25T13:29:42.343",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T18:15:27.323",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-841"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-441xx/CVE-2024-44129.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44129",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-09-17T00:15:50.090",
"lastModified": "2024-09-25T13:28:21.447",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T18:15:27.523",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-462xx/CVE-2024-46259.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46259",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-01T14:15:05.753",
"lastModified": "2024-10-04T16:40:29.857",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T17:15:42.877",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-465xx/CVE-2024-46559.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46559",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:17.097",
"lastModified": "2024-09-24T16:41:51.380",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T17:15:43.193",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

4
CVE-2024/CVE-2024-487xx/CVE-2024-48761.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-48761",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-29T22:15:29.430",
"lastModified": "2025-02-03T19:15:12.210",
"lastModified": "2025-03-18T17:15:43.510",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The specific component in Celk Saude 3.1.252.1 that processes user input and returns error messages to the client is vulnerable due to improper validation or sanitization of the \"erro\" parameter. This parameter appears as a response when incorrect credentials are entered during login. The lack of proper validation or sanitization makes the component susceptible to injection attacks, potentially allowing attackers to manipulate the input and exploit the system."
"value": "Reflected XSS vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary JavaScript code via the \"erro\" parameter."
},
{
"lang": "es",

27
CVE-2024/CVE-2024-545xx/CVE-2024-54539.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-54539",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:14.037",
"lastModified": "2025-02-18T20:15:21.923",
"lastModified": "2025-03-18T18:15:27.703",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Este problema se solucion\u00f3 mediante con una mejor gesti\u00f3n del estado. Este problema se solucion\u00f3 en macOS Sonoma 14.7.2, macOS Sequoia 15.2 y macOS Ventura 13.7.2. Es posible que una aplicaci\u00f3n pueda capturar eventos del teclado desde la pantalla de bloqueo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://support.apple.com/en-us/121839",

56
CVE-2024/CVE-2024-563xx/CVE-2024-56346.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56346",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-03-18T17:15:44.173",
"lastModified": "2025-03-18T17:15:44.173",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM AIX 7.2 and 7.3 nimesis NIM master service could allow a remote attacker to execute arbitrary commands due to improper process controls."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-114"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7186621",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-563xx/CVE-2024-56347.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56347",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-03-18T17:15:44.470",
"lastModified": "2025-03-18T17:15:44.470",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM AIX 7.2 and 7.3 nimsh service SSL/TLS protection mechanisms could allow a remote attacker to execute arbitrary commands due to improper process controls."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-114"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7186621",
"source": "psirt@us.ibm.com"
}
]
}

34
CVE-2024/CVE-2024-570xx/CVE-2024-57035.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57035",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-17T21:15:10.100",
"lastModified": "2025-02-28T19:18:21.203",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T18:15:27.960",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,12 +36,42 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{

39
CVE-2024/CVE-2024-574xx/CVE-2024-57480.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-57480",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-14T22:15:28.510",
"lastModified": "2025-02-18T22:15:15.033",
"lastModified": "2025-03-18T18:15:28.130",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "H3C N12 V100R005 contiene una vulnerabilidad de desbordamiento de b\u00fafer debido a la falta de verificaci\u00f3n de longitud en la funci\u00f3n de configuraci\u00f3n de AP. Los atacantes que aprovechen esta vulnerabilidad con \u00e9xito pueden provocar que el dispositivo de destino remoto se bloquee o ejecute comandos arbitrarios enviando una solicitud POST a /bin/webs."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "http://h3c.com",

14
CVE-2024/CVE-2024-89xx/CVE-2024-8927.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8927",
"sourceIdentifier": "security@php.net",
"published": "2024-10-08T04:15:10.867",
"lastModified": "2024-10-16T18:28:34.573",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T17:15:44.707",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1220"
}
]
}
],
"configurations": [

14
CVE-2025/CVE-2025-05xx/CVE-2025-0526.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-0526",
"sourceIdentifier": "security@octopus.com",
"published": "2025-02-11T11:15:15.923",
"lastModified": "2025-02-25T19:15:14.467",
"lastModified": "2025-03-18T18:15:28.290",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -61,6 +61,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://advisories.octopus.com/post/2024/sa2025-03/",

39
CVE-2025/CVE-2025-06xx/CVE-2025-0665.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-0665",
"sourceIdentifier": "2499f714-1537-4658-8207-48ae4bb9eae9",
"published": "2025-02-05T10:15:22.857",
"lastModified": "2025-03-07T01:15:12.293",
"lastModified": "2025-03-18T18:15:28.427",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "libcurl cerrar\u00eda incorrectamente el mismo descriptor de archivo eventfd dos veces al finalizar un canal de conexi\u00f3n despu\u00e9s de haber completado una resoluci\u00f3n de nombre enhebrado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1341"
}
]
}
],
"references": [
{
"url": "https://curl.se/docs/CVE-2025-0665.html",

29
CVE-2025/CVE-2025-16xx/CVE-2025-1635.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-1635",
"sourceIdentifier": "security@devolutions.net",
"published": "2025-03-13T13:15:46.820",
"lastModified": "2025-03-13T13:15:46.820",
"vulnStatus": "Received",
"lastModified": "2025-03-18T17:15:45.017",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "La exposici\u00f3n de informaci\u00f3n confidencial en la funci\u00f3n de exportaci\u00f3n de origen de datos del concentrador en Devolutions Remote Desktop Manager 2024.3.29 y versiones anteriores en Windows permite que un usuario que exporta un origen de datos del concentrador incluya su sesi\u00f3n autenticada en la exportaci\u00f3n debido a una l\u00f3gica empresarial defectuosa."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@devolutions.net",

29
CVE-2025/CVE-2025-16xx/CVE-2025-1636.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-1636",
"sourceIdentifier": "security@devolutions.net",
"published": "2025-03-13T13:15:46.970",
"lastModified": "2025-03-13T18:15:46.140",
"vulnStatus": "Received",
"lastModified": "2025-03-18T17:15:45.263",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "La exposici\u00f3n de informaci\u00f3n confidencial en el componente de historial de contrase\u00f1as de mis credenciales personales en Devolutions Remote Desktop Manager 2024.3.29 y versiones anteriores en Windows permite que un usuario autenticado filtre inadvertidamente Mis credenciales personales en una b\u00f3veda compartida a trav\u00e9s de la funci\u00f3n de borrar historial debido a una l\u00f3gica comercial defectuosa."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@devolutions.net",

39
CVE-2025/CVE-2025-228xx/CVE-2025-22870.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-22870",
"sourceIdentifier": "security@golang.org",
"published": "2025-03-12T19:15:38.310",
"lastModified": "2025-03-12T19:15:38.310",
"lastModified": "2025-03-18T17:15:45.467",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La coincidencia de hosts con patrones de proxy puede tratar incorrectamente un ID de zona IPv6 como un componente de nombre de host. Por ejemplo, si la variable de entorno NO_PROXY se establece en \"*.example.com\", una solicitud a \"[::1%25.example.com]:80` coincidir\u00e1 incorrectamente y no se procesar\u00e1 mediante proxy."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-115"
}
]
}
],
"references": [
{
"url": "https://go.dev/cl/654697",

29
CVE-2025/CVE-2025-22xx/CVE-2025-2277.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2277",
"sourceIdentifier": "security@devolutions.net",
"published": "2025-03-13T13:15:58.320",
"lastModified": "2025-03-13T13:15:58.320",
"vulnStatus": "Received",
"lastModified": "2025-03-18T17:15:47.460",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "La exposici\u00f3n de la contrase\u00f1a en el componente de autenticaci\u00f3n SSH basado en web en Devolutions Server 2024.3.13 y versiones anteriores permite que un usuario filtre inadvertidamente su contrase\u00f1a SSH debido a la falta de enmascaramiento de contrase\u00f1a."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@devolutions.net",

29
CVE-2025/CVE-2025-22xx/CVE-2025-2278.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2278",
"sourceIdentifier": "security@devolutions.net",
"published": "2025-03-13T13:15:58.430",
"lastModified": "2025-03-13T13:15:58.430",
"vulnStatus": "Received",
"lastModified": "2025-03-18T17:15:47.670",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "El control de acceso inadecuado en las solicitudes de acceso temporal y en los endpoints de solicitudes de pago en Devolutions Server 2024.3.13 y versiones anteriores permite que un usuario autenticado acceda a informaci\u00f3n sobre estas solicitudes a trav\u00e9s de un ID de solicitud conocido."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@devolutions.net",

29
CVE-2025/CVE-2025-22xx/CVE-2025-2280.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2280",
"sourceIdentifier": "security@devolutions.net",
"published": "2025-03-13T13:15:58.533",
"lastModified": "2025-03-13T13:15:58.533",
"vulnStatus": "Received",
"lastModified": "2025-03-18T17:15:47.873",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "El control de acceso inadecuado en la funci\u00f3n de restricci\u00f3n de extensi\u00f3n web en Devolutions Server 2024.3.13 y versiones anteriores permite que un usuario autenticado omita la funci\u00f3n de restricci\u00f3n de extensi\u00f3n del navegador."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security@devolutions.net",

24
CVE-2025/CVE-2025-230xx/CVE-2025-23006.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-23006",
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2025-01-23T12:15:28.523",
"lastModified": "2025-03-14T20:35:50.950",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T18:15:28.613",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},

447
CVE-2025/CVE-2025-248xx/CVE-2025-24813.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-24813",
"sourceIdentifier": "security@apache.org",
"published": "2025-03-10T17:15:35.067",
"lastModified": "2025-03-18T16:15:26.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T17:19:03.810",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -53,20 +73,437 @@
"value": "CWE-502"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
},
{
"lang": "en",
"value": "CWE-706"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0.1",
"versionEndExcluding": "9.0.99",
"matchCriteriaId": "DAA3CD29-4D05-4F58-BE63-0A100C010AF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.1.1",
"versionEndExcluding": "10.1.35",
"matchCriteriaId": "108D9F43-5A29-475E-9EE2-66CE8899B318"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.1",
"versionEndExcluding": "11.0.3",
"matchCriteriaId": "B7E3D41F-F7C8-4BAB-A80B-287FACB0F7E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*",
"matchCriteriaId": "9D0689FE-4BC0-4F53-8C79-34B21F9B86C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*",
"matchCriteriaId": "89B129B2-FB6F-4EF9-BF12-E589A87996CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*",
"matchCriteriaId": "8B6787B6-54A8-475E-BA1C-AB99334B2535"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*",
"matchCriteriaId": "EABB6FBC-7486-44D5-A6AD-FFF1D3F677E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*",
"matchCriteriaId": "E10C03BC-EE6B-45B2-83AE-9E8DFB58D7DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*",
"matchCriteriaId": "8A6DA0BE-908C-4DA8-A191-A0113235E99A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*",
"matchCriteriaId": "39029C72-28B4-46A4-BFF5-EC822CFB2A4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*",
"matchCriteriaId": "1A2E05A3-014F-4C4D-81E5-88E725FBD6AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*",
"matchCriteriaId": "166C533C-0833-41D5-99B6-17A4FAB3CAF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*",
"matchCriteriaId": "D3768C60-21FA-4B92-B98C-C3A2602D1BC4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*",
"matchCriteriaId": "DDD510FA-A2E4-4BAF-A0DE-F4E5777E9325"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*",
"matchCriteriaId": "9F542E12-6BA8-4504-A494-DA83E7E19BD5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*",
"matchCriteriaId": "C2409CC7-6A85-4A66-A457-0D62B9895DC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone21:*:*:*:*:*:*",
"matchCriteriaId": "B392A7E5-4455-4B1C-8FAC-AE6DDC70689E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone22:*:*:*:*:*:*",
"matchCriteriaId": "EF411DDA-2601-449A-9046-D250419A0E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone23:*:*:*:*:*:*",
"matchCriteriaId": "D7D8F2F4-AFE2-47EA-A3FD-79B54324DE02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone24:*:*:*:*:*:*",
"matchCriteriaId": "1B4FBF97-DE16-4E5E-BE19-471E01818D40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone25:*:*:*:*:*:*",
"matchCriteriaId": "3B266B1E-24B5-47EE-A421-E0E3CC0C7471"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone26:*:*:*:*:*:*",
"matchCriteriaId": "29614C3A-6FB3-41C7-B56E-9CC3F45B04F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone27:*:*:*:*:*:*",
"matchCriteriaId": "C6AB156C-8FF6-4727-AF75-590D0DCB3F9D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*",
"matchCriteriaId": "C0C5F004-F7D8-45DB-B173-351C50B0EC16"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*",
"matchCriteriaId": "D1902D2E-1896-4D3D-9E1C-3A675255072C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*",
"matchCriteriaId": "49AAF4DF-F61D-47A8-8788-A21E317A145D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*",
"matchCriteriaId": "454211D0-60A2-4661-AECA-4C0121413FEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*",
"matchCriteriaId": "0686F977-889F-4960-8E0B-7784B73A7F2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*",
"matchCriteriaId": "558703AE-DB5E-4DFF-B497-C36694DD7B24"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*",
"matchCriteriaId": "ED6273F2-1165-47A4-8DD7-9E9B2472941B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone1:*:*:*:*:*:*",
"matchCriteriaId": "6D402B5D-5901-43EB-8E6A-ECBD512CE367"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone10:*:*:*:*:*:*",
"matchCriteriaId": "33C71AE1-B38E-4783-BAC2-3CDA7B4D9EBA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone11:*:*:*:*:*:*",
"matchCriteriaId": "F6BD4180-D3E8-42AB-96B1-3869ECF47F6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone12:*:*:*:*:*:*",
"matchCriteriaId": "64668CCF-DBC9-442D-9E0F-FD40E1D0DDB7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone13:*:*:*:*:*:*",
"matchCriteriaId": "FC64BB57-4912-481E-AE8D-C8FCD36142BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone14:*:*:*:*:*:*",
"matchCriteriaId": "49B43BFD-6B6C-4E6D-A9D8-308709DDFB44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone15:*:*:*:*:*:*",
"matchCriteriaId": "919C16BD-79A7-4597-8D23-2CBDED2EF615"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone16:*:*:*:*:*:*",
"matchCriteriaId": "81B27C03-D626-42EC-AE4E-1E66624908E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone17:*:*:*:*:*:*",
"matchCriteriaId": "BD81405D-81A5-4683-A355-B39C912DAD2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone18:*:*:*:*:*:*",
"matchCriteriaId": "2DCE3576-86BC-4BB8-A5FB-1274744DFD7F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone19:*:*:*:*:*:*",
"matchCriteriaId": "5571F54A-2EAC-41B6-BDA9-7D33CFE97F70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone2:*:*:*:*:*:*",
"matchCriteriaId": "9846609D-51FC-4CDD-97B3-8C6E07108F14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone20:*:*:*:*:*:*",
"matchCriteriaId": "ED30E850-C475-4133-BDE3-74CB3768D787"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone3:*:*:*:*:*:*",
"matchCriteriaId": "2E321FB4-0B0C-497A-BB75-909D888C93CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone4:*:*:*:*:*:*",
"matchCriteriaId": "3B0CAE57-AF7A-40E6-9519-F5C9F422C1BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone5:*:*:*:*:*:*",
"matchCriteriaId": "7CB9D150-EED6-4AE9-BCBE-48932E50035E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone6:*:*:*:*:*:*",
"matchCriteriaId": "D334103F-F64E-4869-BCC8-670A5AFCC76C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone7:*:*:*:*:*:*",
"matchCriteriaId": "941FCF7B-FFB6-4967-95C7-BB3D32C73DAF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone8:*:*:*:*:*:*",
"matchCriteriaId": "CE1A9030-B397-4BA6-8E13-DA1503872DDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone9:*:*:*:*:*:*",
"matchCriteriaId": "6284B74A-1051-40A7-9D74-380FEEEC3F88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*",
"matchCriteriaId": "D1AA7FF6-E8E7-4BF6-983E-0A99B0183008"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*",
"matchCriteriaId": "57088BDD-A136-45EF-A8A1-2EBF79CEC2CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*",
"matchCriteriaId": "B32D1D7A-A04F-444E-8F45-BB9A9E4B0199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone12:*:*:*:*:*:*",
"matchCriteriaId": "0092FB35-3B00-484F-A24D-7828396A4FF6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone13:*:*:*:*:*:*",
"matchCriteriaId": "CB557E88-FA9D-4B69-AA6F-EAEE7F9B01AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone14:*:*:*:*:*:*",
"matchCriteriaId": "72D3C6F1-84FA-4F82-96C1-9A8DA1C1F30F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone15:*:*:*:*:*:*",
"matchCriteriaId": "3521C81B-37D9-48FC-9540-D0D333B9A4A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone16:*:*:*:*:*:*",
"matchCriteriaId": "02A84634-A8F2-4BA9-B9F3-BEF36AEC5480"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone17:*:*:*:*:*:*",
"matchCriteriaId": "ECBBC1F1-C86B-40AF-B740-A99F6B27682A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone18:*:*:*:*:*:*",
"matchCriteriaId": "9D2206B2-F3FF-43F2-B3E2-3CAAC64C691D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone19:*:*:*:*:*:*",
"matchCriteriaId": "0495A538-4102-40D0-A35C-0179CFD52A9D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*",
"matchCriteriaId": "2AAD52CE-94F5-4F98-A027-9A7E68818CB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone20:*:*:*:*:*:*",
"matchCriteriaId": "77BA6600-0890-4BA1-B447-EC1746BAB4FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone21:*:*:*:*:*:*",
"matchCriteriaId": "7914D26B-CBD6-4846-9BD3-403708D69319"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone22:*:*:*:*:*:*",
"matchCriteriaId": "123C6285-03BE-49FC-B821-8BDB25D02863"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone23:*:*:*:*:*:*",
"matchCriteriaId": "8A28C2E2-B7BC-46CE-94E4-AE3EF172AA47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone24:*:*:*:*:*:*",
"matchCriteriaId": "069B0D8E-8223-4C4E-A834-C6235D6C3450"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone25:*:*:*:*:*:*",
"matchCriteriaId": "E6282085-5716-4874-B0B0-180ECDEE128F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*",
"matchCriteriaId": "F1F981F5-035A-4EDD-8A9F-481EE8BC7FF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*",
"matchCriteriaId": "03A171AF-2EC8-4422-912C-547CDB58CAAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*",
"matchCriteriaId": "538E68C4-0BA4-495F-AEF8-4EF6EE7963CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*",
"matchCriteriaId": "49350A6E-5E1D-45B2-A874-3B8601B3ADCC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*",
"matchCriteriaId": "5F50942F-DF54-46C0-8371-9A476DD3EEA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*",
"matchCriteriaId": "D12C2C95-B79F-4AA4-8CE3-99A3EE7991AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*",
"matchCriteriaId": "98792138-DD56-42DF-9612-3BDC65EEC117"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/j5fkjv2k477os90nczf2v9l61fb0kkgq",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/10/5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/absholi7ly/POC-CVE-2025-24813/blob/main/README.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

60
CVE-2025/CVE-2025-24xx/CVE-2025-2487.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-2487",
"sourceIdentifier": "secalert@redhat.com",
"published": "2025-03-18T17:15:48.883",
"lastModified": "2025-03-18T17:15:48.883",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it could lead to a Denial of Service (DoS) or system crash."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2025-2487",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2353071",
"source": "secalert@redhat.com"
}
]
}

14
CVE-2025/CVE-2025-251xx/CVE-2025-25192.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-25192",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-02-25T18:15:27.583",
"lastModified": "2025-02-28T14:47:26.247",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T17:15:45.720",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -93,6 +93,14 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2025-25192-detection-glpi-vulnerability",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2025-25192-mitigation-glpi-vulnerability",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

33
CVE-2025/CVE-2025-252xx/CVE-2025-25225.json
View File

@ -2,16 +2,43 @@
"id": "CVE-2025-25225",
"sourceIdentifier": "security@joomla.org",
"published": "2025-03-15T18:15:13.380",
"lastModified": "2025-03-15T18:15:13.380",
"vulnStatus": "Received",
"lastModified": "2025-03-18T17:15:45.920",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation vulnerability in the Hikashop component versions 1.0.0-5.1.3 for Joomla allows authenticated attackers (administrator) to escalate their privileges to Super Admin Permissions."
},
{
"lang": "es",
"value": "Una vulnerabilidad de escalada de privilegios en el componente Hikashop versiones 1.0.0-5.1.3 para Joomla permite a atacantes autenticados (administradores) escalar sus privilegios a permisos de Superadministrador."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.6,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@joomla.org",

25
CVE-2025/CVE-2025-255xx/CVE-2025-25595.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-25595",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-18T17:15:46.203",
"lastModified": "2025-03-18T17:15:46.203",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A lack of rate limiting in the login page of Safe App version a3.0.9 allows attackers to bypass authentication via a brute force attack."
}
],
"metrics": {},
"references": [
{
"url": "https://pastebin.com/t8FthPaF",
"source": "cve@mitre.org"
},
{
"url": "https://play.google.com/store/apps/details?id=com.iitb.cse.arkenstone.safe_v2",
"source": "cve@mitre.org"
}
]
}

6
CVE-2025/CVE-2025-256xx/CVE-2025-25625.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-25625",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-13T15:15:53.650",
"lastModified": "2025-03-13T15:15:53.650",
"vulnStatus": "Received",
"lastModified": "2025-03-18T17:15:46.357",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FS Inc S3150 8T2F Switch s3150-8t2f-switch-fsos-220d_118101 has a stored cross-site scripting (XSS) vulnerability in the web management interface."
"value": "A stored cross-site scripting vulnerability exists in FS model S3150-8T2F switches running firmware s3150-8t2f-switch-fsos-220d_118101 and web firmware v2.2.2, which allows an authenticated web interface user to bypass input filtering on user names, and stores un-sanitized HTML and Javascript on the device. Pages which then present the user name without encoding special characters will then cause the injected code to be parsed by the browsers of other users accessing the web interface."
},
{
"lang": "es",

21
CVE-2025/CVE-2025-261xx/CVE-2025-26137.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-26137",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-18T17:15:46.503",
"lastModified": "2025-03-18T17:15:46.503",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Systemic Risk Value <=2.8.0 is vulnerable to Local File Inclusion via /GetFile.aspx?ReportUrl=. An unauthenticated attacker can exploit this issue to read arbitrary system files by supplying a crafted file path, potentially exposing sensitive information."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Arakiba/CVEs/tree/main/CVE-2025-26137",
"source": "cve@mitre.org"
}
]
}

21
CVE-2025/CVE-2025-261xx/CVE-2025-26138.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-26138",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-18T17:15:46.670",
"lastModified": "2025-03-18T17:15:46.670",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Systemic Risk Value <=2.8.0 is vulnerable to improper access control in /RiskValue/GroupingEntities/Controls/GetFile.aspx?ID=. Uploaded files are accessible via a predictable numerical ID parameter, allowing unauthorized users to increment or decrement the ID to access and download files they do not have permission to view."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Arakiba/CVEs/tree/main/CVE-2025-26138",
"source": "cve@mitre.org"
}
]
}

38
CVE-2025/CVE-2025-290xx/CVE-2025-29029.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-29029",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-14T14:15:17.977",
"lastModified": "2025-03-17T19:51:47.933",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T18:15:28.817",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
@ -86,8 +116,8 @@
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"Issue Tracking"
"Issue Tracking",
"Third Party Advisory"
]
}
]

91
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-03-18T17:00:20.156090+00:00
2025-03-18T19:00:20.831495+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-03-18T16:53:41.060000+00:00
2025-03-18T18:53:16.010000+00:00
```
### Last Data Feed Release
@ -33,69 +33,50 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
285617
285623
```
### CVEs added in the last Commit
Recently added CVEs: `25`
Recently added CVEs: `6`
- [CVE-2024-44313](CVE-2024/CVE-2024-443xx/CVE-2024-44313.json) (`2025-03-18T15:15:53.720`)
- [CVE-2024-44314](CVE-2024/CVE-2024-443xx/CVE-2024-44314.json) (`2025-03-18T15:15:53.847`)
- [CVE-2024-49822](CVE-2024/CVE-2024-498xx/CVE-2024-49822.json) (`2025-03-18T15:15:56.283`)
- [CVE-2024-57169](CVE-2024/CVE-2024-571xx/CVE-2024-57169.json) (`2025-03-18T16:15:25.013`)
- [CVE-2024-57170](CVE-2024/CVE-2024-571xx/CVE-2024-57170.json) (`2025-03-18T16:15:25.180`)
- [CVE-2025-2491](CVE-2025/CVE-2025-24xx/CVE-2025-2491.json) (`2025-03-18T15:16:01.707`)
- [CVE-2025-25580](CVE-2025/CVE-2025-255xx/CVE-2025-25580.json) (`2025-03-18T15:16:00.123`)
- [CVE-2025-25582](CVE-2025/CVE-2025-255xx/CVE-2025-25582.json) (`2025-03-18T16:15:26.900`)
- [CVE-2025-25585](CVE-2025/CVE-2025-255xx/CVE-2025-25585.json) (`2025-03-18T15:16:00.253`)
- [CVE-2025-25586](CVE-2025/CVE-2025-255xx/CVE-2025-25586.json) (`2025-03-18T16:15:27.047`)
- [CVE-2025-25589](CVE-2025/CVE-2025-255xx/CVE-2025-25589.json) (`2025-03-18T16:15:27.200`)
- [CVE-2025-25590](CVE-2025/CVE-2025-255xx/CVE-2025-25590.json) (`2025-03-18T15:16:00.373`)
- [CVE-2025-27688](CVE-2025/CVE-2025-276xx/CVE-2025-27688.json) (`2025-03-18T16:15:27.980`)
- [CVE-2025-30107](CVE-2025/CVE-2025-301xx/CVE-2025-30107.json) (`2025-03-18T15:16:01.930`)
- [CVE-2025-30109](CVE-2025/CVE-2025-301xx/CVE-2025-30109.json) (`2025-03-18T15:16:02.063`)
- [CVE-2025-30110](CVE-2025/CVE-2025-301xx/CVE-2025-30110.json) (`2025-03-18T15:16:02.197`)
- [CVE-2025-30111](CVE-2025/CVE-2025-301xx/CVE-2025-30111.json) (`2025-03-18T15:16:02.323`)
- [CVE-2025-30113](CVE-2025/CVE-2025-301xx/CVE-2025-30113.json) (`2025-03-18T15:16:02.453`)
- [CVE-2025-30114](CVE-2025/CVE-2025-301xx/CVE-2025-30114.json) (`2025-03-18T15:16:02.583`)
- [CVE-2025-30115](CVE-2025/CVE-2025-301xx/CVE-2025-30115.json) (`2025-03-18T15:16:02.720`)
- [CVE-2025-30116](CVE-2025/CVE-2025-301xx/CVE-2025-30116.json) (`2025-03-18T15:16:02.850`)
- [CVE-2025-30117](CVE-2025/CVE-2025-301xx/CVE-2025-30117.json) (`2025-03-18T15:16:02.990`)
- [CVE-2025-30122](CVE-2025/CVE-2025-301xx/CVE-2025-30122.json) (`2025-03-18T15:16:03.143`)
- [CVE-2025-30123](CVE-2025/CVE-2025-301xx/CVE-2025-30123.json) (`2025-03-18T15:16:03.293`)
- [CVE-2025-30132](CVE-2025/CVE-2025-301xx/CVE-2025-30132.json) (`2025-03-18T15:16:03.437`)
- [CVE-2024-56346](CVE-2024/CVE-2024-563xx/CVE-2024-56346.json) (`2025-03-18T17:15:44.173`)
- [CVE-2024-56347](CVE-2024/CVE-2024-563xx/CVE-2024-56347.json) (`2025-03-18T17:15:44.470`)
- [CVE-2025-2487](CVE-2025/CVE-2025-24xx/CVE-2025-2487.json) (`2025-03-18T17:15:48.883`)
- [CVE-2025-25595](CVE-2025/CVE-2025-255xx/CVE-2025-25595.json) (`2025-03-18T17:15:46.203`)
- [CVE-2025-26137](CVE-2025/CVE-2025-261xx/CVE-2025-26137.json) (`2025-03-18T17:15:46.503`)
- [CVE-2025-26138](CVE-2025/CVE-2025-261xx/CVE-2025-26138.json) (`2025-03-18T17:15:46.670`)
### CVEs modified in the last Commit
Recently modified CVEs: `162`
Recently modified CVEs: `70`
- [CVE-2024-56889](CVE-2024/CVE-2024-568xx/CVE-2024-56889.json) (`2025-03-18T15:15:58.090`)
- [CVE-2024-57014](CVE-2024/CVE-2024-570xx/CVE-2024-57014.json) (`2025-03-18T15:15:58.283`)
- [CVE-2024-57360](CVE-2024/CVE-2024-573xx/CVE-2024-57360.json) (`2025-03-18T16:15:25.340`)
- [CVE-2024-57479](CVE-2024/CVE-2024-574xx/CVE-2024-57479.json) (`2025-03-18T15:15:58.493`)
- [CVE-2024-57602](CVE-2024/CVE-2024-576xx/CVE-2024-57602.json) (`2025-03-18T16:15:25.597`)
- [CVE-2024-57669](CVE-2024/CVE-2024-576xx/CVE-2024-57669.json) (`2025-03-18T16:15:25.960`)
- [CVE-2024-6156](CVE-2024/CVE-2024-61xx/CVE-2024-6156.json) (`2025-03-18T16:15:26.213`)
- [CVE-2024-9397](CVE-2024/CVE-2024-93xx/CVE-2024-9397.json) (`2025-03-18T16:15:26.400`)
- [CVE-2025-0441](CVE-2025/CVE-2025-04xx/CVE-2025-0441.json) (`2025-03-18T15:15:58.760`)
- [CVE-2025-2200](CVE-2025/CVE-2025-22xx/CVE-2025-2200.json) (`2025-03-18T16:15:28.347`)
- [CVE-2025-2390](CVE-2025/CVE-2025-23xx/CVE-2025-2390.json) (`2025-03-18T15:16:00.950`)
- [CVE-2025-2393](CVE-2025/CVE-2025-23xx/CVE-2025-2393.json) (`2025-03-18T15:16:01.100`)
- [CVE-2025-2397](CVE-2025/CVE-2025-23xx/CVE-2025-2397.json) (`2025-03-18T15:16:01.257`)
- [CVE-2025-2398](CVE-2025/CVE-2025-23xx/CVE-2025-2398.json) (`2025-03-18T15:16:01.407`)
- [CVE-2025-24092](CVE-2025/CVE-2025-240xx/CVE-2025-24092.json) (`2025-03-18T15:15:58.933`)
- [CVE-2025-24103](CVE-2025/CVE-2025-241xx/CVE-2025-24103.json) (`2025-03-18T15:15:59.120`)
- [CVE-2025-24123](CVE-2025/CVE-2025-241xx/CVE-2025-24123.json) (`2025-03-18T15:15:59.307`)
- [CVE-2025-24162](CVE-2025/CVE-2025-241xx/CVE-2025-24162.json) (`2025-03-18T15:15:59.527`)
- [CVE-2025-24399](CVE-2025/CVE-2025-243xx/CVE-2025-24399.json) (`2025-03-18T15:15:59.850`)
- [CVE-2025-24813](CVE-2025/CVE-2025-248xx/CVE-2025-24813.json) (`2025-03-18T16:15:26.677`)
- [CVE-2025-25746](CVE-2025/CVE-2025-257xx/CVE-2025-25746.json) (`2025-03-18T16:15:27.343`)
- [CVE-2025-25897](CVE-2025/CVE-2025-258xx/CVE-2025-25897.json) (`2025-03-18T16:15:27.567`)
- [CVE-2025-25914](CVE-2025/CVE-2025-259xx/CVE-2025-25914.json) (`2025-03-18T16:15:27.773`)
- [CVE-2025-29429](CVE-2025/CVE-2025-294xx/CVE-2025-29429.json) (`2025-03-18T16:15:28.153`)
- [CVE-2025-29781](CVE-2025/CVE-2025-297xx/CVE-2025-29781.json) (`2025-03-18T15:16:00.747`)
- [CVE-2024-36426](CVE-2024/CVE-2024-364xx/CVE-2024-36426.json) (`2025-03-18T18:15:26.930`)
- [CVE-2024-41256](CVE-2024/CVE-2024-412xx/CVE-2024-41256.json) (`2025-03-18T18:15:27.097`)
- [CVE-2024-44128](CVE-2024/CVE-2024-441xx/CVE-2024-44128.json) (`2025-03-18T18:15:27.323`)
- [CVE-2024-44129](CVE-2024/CVE-2024-441xx/CVE-2024-44129.json) (`2025-03-18T18:15:27.523`)
- [CVE-2024-46259](CVE-2024/CVE-2024-462xx/CVE-2024-46259.json) (`2025-03-18T17:15:42.877`)
- [CVE-2024-46559](CVE-2024/CVE-2024-465xx/CVE-2024-46559.json) (`2025-03-18T17:15:43.193`)
- [CVE-2024-48761](CVE-2024/CVE-2024-487xx/CVE-2024-48761.json) (`2025-03-18T17:15:43.510`)
- [CVE-2024-54539](CVE-2024/CVE-2024-545xx/CVE-2024-54539.json) (`2025-03-18T18:15:27.703`)
- [CVE-2024-57035](CVE-2024/CVE-2024-570xx/CVE-2024-57035.json) (`2025-03-18T18:15:27.960`)
- [CVE-2024-57480](CVE-2024/CVE-2024-574xx/CVE-2024-57480.json) (`2025-03-18T18:15:28.130`)
- [CVE-2024-8927](CVE-2024/CVE-2024-89xx/CVE-2024-8927.json) (`2025-03-18T17:15:44.707`)
- [CVE-2025-0526](CVE-2025/CVE-2025-05xx/CVE-2025-0526.json) (`2025-03-18T18:15:28.290`)
- [CVE-2025-0665](CVE-2025/CVE-2025-06xx/CVE-2025-0665.json) (`2025-03-18T18:15:28.427`)
- [CVE-2025-1635](CVE-2025/CVE-2025-16xx/CVE-2025-1635.json) (`2025-03-18T17:15:45.017`)
- [CVE-2025-1636](CVE-2025/CVE-2025-16xx/CVE-2025-1636.json) (`2025-03-18T17:15:45.263`)
- [CVE-2025-2277](CVE-2025/CVE-2025-22xx/CVE-2025-2277.json) (`2025-03-18T17:15:47.460`)
- [CVE-2025-2278](CVE-2025/CVE-2025-22xx/CVE-2025-2278.json) (`2025-03-18T17:15:47.670`)
- [CVE-2025-2280](CVE-2025/CVE-2025-22xx/CVE-2025-2280.json) (`2025-03-18T17:15:47.873`)
- [CVE-2025-22870](CVE-2025/CVE-2025-228xx/CVE-2025-22870.json) (`2025-03-18T17:15:45.467`)
- [CVE-2025-23006](CVE-2025/CVE-2025-230xx/CVE-2025-23006.json) (`2025-03-18T18:15:28.613`)
- [CVE-2025-24813](CVE-2025/CVE-2025-248xx/CVE-2025-24813.json) (`2025-03-18T17:19:03.810`)
- [CVE-2025-25192](CVE-2025/CVE-2025-251xx/CVE-2025-25192.json) (`2025-03-18T17:15:45.720`)
- [CVE-2025-25225](CVE-2025/CVE-2025-252xx/CVE-2025-25225.json) (`2025-03-18T17:15:45.920`)
- [CVE-2025-25625](CVE-2025/CVE-2025-256xx/CVE-2025-25625.json) (`2025-03-18T17:15:46.357`)
- [CVE-2025-29029](CVE-2025/CVE-2025-290xx/CVE-2025-29029.json) (`2025-03-18T18:15:28.817`)
## Download and Usage

518
_state.csv
View File

File diff suppressed because it is too large Load Diff